Alcanzando 30 saltos con solo dos
routers
Fecha: 5 y 6 de mayo del 2020 (durante la cuarentena)
Escenario
En este laboratorio vamos a lograr tener 30 saltos (en realidad 31) entre las PCs A y B y con sólo dos routers en el camino.
La idea de esta tarea es, por un lado entender la lógica de enrutamiento mas allá de lo que se aprende en CCNA, y por otro
la abstracción de imaginarse el recorrido de un paquete e interpretar de cual será el próximo salto y su retorno.
Cuando estudiamos CCNA aprendemos a configurar rutas o usar protocolos que utilizan rutas para alcanzar una red o IP
basados sólo en la dirección de destino.
Para lograr este objetivo utilizaremos PBR (Policy Based Routing) o enrutamiento basado en políticas, que basicamente el
próximo salto se utiliza si se cumplen determinadas condiciones, y esta función “se saltea” la consulta de rutas de la tabla
de enrutamiento, por lo tanto, por un lado es mas flexible porque podemos elegir que “determinado origen salga por el
salto X y el resto salga por el salto Y”.
Por otro lado, no utiliza la caché de rutas y le quita performance en grandes volúmenes de tráfico.
En este caso, en el router A el próximo salto es 10.0.1.1 que es el router B, y este tiene la red 192.168.2.0/24 conectada,
por lo que con dos saltos tendríamos la conectividad resuelta. La idea es “esquivar” esa consulta de la tabla para alcanzar
la LAN B, volvernos al router A para tener que volver al router B, etc... hasta llegar a los 30 saltos típicos del tracert.
Para que sirve todo esto ? para pasar el tiempo aprendiendo y practicando enrutamiento. Vamos y vemos...
1.- Configuración inicial:
Para configurar toda esta montaña rusa debemos crear:
1.1.- Subinterfaces ya que no tenemos 30 placas en un router:
interface FastEthernet0/0.X
encapsulation dot1Q X native
ip address 10.0.X.Y 255.255.255.252
1.2.- Crear una policy para cada subinterface:
Las subinterfaces son las que “miran” hacia el host origen, o sea las interfaces pares en el router A y las interfaces
impares en el router B.
Las que estan “de espaldas” al origen (interfaces impares en el router A y pares en el router B) sólo envían tráfico
y por lo tanto no necesitan políticas PBR.
access-list 101 permit ip 192.168.1.0 0.0.0.255
192.168.2.0 0.0.0.255 (tráfico A-B)
route-map PBR-X permit 10
match ip address 101
set ip
next-hop 10.0.X.Y (donde X es 1 a 29, e Y es .1 para
router A y .2 para router B)
1.3.- Aplicar la policy a cada subinterface:
interface FastEthernet0/0.X
ip policy route-map PBR-X
1.4.- Resolver el tráfico de retorno:
En este caso el tráfico de retorno son los ICMP de tiempo expirado en tránsito, donde el router “mata” el paquete por tener
TTL=1 y avisa al origen de que lo mató (tiempo expirado en tránsito).
1.4.1.- Crear una ruta para poder enviar las respuestas del tracert al
host A:
En router B debemos crear rutas para que sepa como enviar el tráfico que el mismo genera, ya que las policy configuradas
matchean tráfico que les llegan por una interface.
Que les lleguen significa que el no lo genera, por lo tanto no usan el next-hop y deben resolver como llegar al destino.
ip route 192.168.1.0 255.255.255.0 10.0.1.2
1.4.2.- Se puede implementar también con route-map y una política
local:
Esto permite que un route-map matchee contra tráfico generado por el mismo, esta es otra variante a la ruta anterior.
ip local policy route-map SELF (el nombre es simbólico)
!
access-list
110 permit ip host 10.0.1.1 192.168.1.0 0.0.0.255 (donde definimos una
ACL para la IP de cada subinterface
access-list 111 permit ip host 10.0.3.1 192.168.1.0 0.0.0.255 que generará el ICMP de tiempo expirado en tránsito)
access-list 112 permit ip host 10.0.5.1 192.168.1.0
0.0.0.255
access-list 113 permit ip host 10.0.7.1
192.168.1.0 0.0.0.255
access-list 114 permit ip host 10.0.9.1
192.168.1.0 0.0.0.255
access-list 115 permit ip host 10.0.11.1
192.168.1.0 0.0.0.255
access-list 116 permit ip host 10.0.13.1
192.168.1.0 0.0.0.255
access-list 117 permit ip host 10.0.15.1
192.168.1.0 0.0.0.255
access-list 118 permit ip host 10.0.17.1
192.168.1.0 0.0.0.255
access-list 119 permit ip host 10.0.19.1
192.168.1.0 0.0.0.255
access-list 120 permit ip host 10.0.21.1
192.168.1.0 0.0.0.255
access-list 121 permit ip host 10.0.23.1
192.168.1.0 0.0.0.255
access-list 122 permit ip host 10.0.25.1
192.168.1.0 0.0.0.255
access-list 123 permit ip host 10.0.27.1
192.168.1.0 0.0.0.255
access-list 124 permit ip host 10.0.29.1
192.168.1.0 0.0.0.255
!
route-map SELF permit 10 (definimos una sentencia por cada IP de subinterface y cada salto dentro del segmento)
match ip address 110
set ip next-hop 10.0.1.2
!
route-map SELF permit 20 (segundo segmento hacia router A, salto 4 en general)
match ip address 111
set ip next-hop 10.0.3.2
!
--- resumido, los permit van de 10 en 10 ---
!
route-map SELF permit 150 (último segmento hacia router A, salto 30 en general)
match ip address 124
set ip next-hop 10.0.29.2
2.- Verificación:
C:\>tracert -h 31 192.168.2.10
Traza a 192.168.2.10 sobre caminos de 31 saltos como máximo.
1 1 ms 1 ms
1 ms
192.168.1.1 (router A)
2 3 ms
2 ms 2 ms 10.0.1.1 (router B)
3 2 ms
2 ms 2 ms 10.0.2.2 (router A)
4 4 ms
4 ms 4 ms 10.0.3.1 (router B)
5 2 ms
2 ms 2 ms 10.0.4.2 (router A)
6 4 ms
4 ms 3 ms 10.0.5.1 (router B)
7 2 ms 2 ms 2 ms 10.0.6.2 ...etc...
8 4 ms 4 ms 4 ms 10.0.7.1
9 3 ms 3
ms 3 ms 10.0.8.2
10 5 ms
4 ms 4 ms 10.0.9.1
11 3 ms
3 ms 2 ms 10.0.10.2
12 4 ms
3 ms 3 ms 10.0.11.1
13 3 ms
3 ms 3 ms 10.0.12.2
14 5 ms
4 ms 4 ms 10.0.13.1
15 18 ms
3 ms 3 ms 10.0.14.2
16 4 ms
4 ms 4 ms 10.0.15.1
17 4 ms
3 ms 3 ms 10.0.16.2
18 3 ms
3 ms 4 ms 10.0.17.1
19 4 ms
4 ms 3 ms 10.0.18.2
20 4 ms
4 ms 4 ms 10.0.19.1
21 4 ms
4 ms 4 ms 10.0.20.2
22 5 ms
4 ms 4 ms 10.0.21.1
23 4 ms
4 ms 4 ms 10.0.22.2
24 4 ms
4 ms 4 ms 10.0.23.1
25 4 ms
5 ms 5 ms 10.0.24.2
26 5 ms
5 ms 5 ms 10.0.25.1
27 5 ms
5 ms 4 ms 10.0.26.2
28 5 ms
5 ms 5 ms 10.0.27.1
29 5 ms
5 ms 5 ms 10.0.28.2 (router A)
30 5 ms
5 ms 5 ms 10.0.29.1 (router B)
31
5 ms 4 ms 5 ms
192.168.2.10 (PC destino)
Traza completa. (ver el gráfico de la traza)
C:\>
Este es el comportamiento del tracert con cada router que “mata el paquete”, vemos que los valores TTL varían
dependiendo del router, si el router B genera el ICMP, este sale con TTL=255 y se descuenta 1 en router A.
Si el router A genera el ICMP, este sale con TTL=255 y va directamente a la interface de salida del segmento del
host A (por lo tanto el aviso no vuelve por el mismo camino donde llegó el paquete).
En el caso del host destino, el ICMP sale con 255, se descuenta 1 en router B y 1 en router A, queda en TTL=253.
3.- Verificación de tablas de enrutamiento:
3.1.- En router A:
Router_A#sh ip route (no hay
rutas a la red 192.168.2.0/24)
Codes: C - connected, S - static, R - RIP, M -
mobile, B - BGP
D
- EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1
- OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1
- OSPF external type 1, E2 - OSPF external type 2
i
- IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o
- ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/30 is subnetted, 30 subnets
C
10.0.10.0 is directly connected, FastEthernet0/0.10
C
10.0.11.0 is directly connected, FastEthernet0/0.11
C
10.0.8.0 is directly connected, FastEthernet0/0.8
C
10.0.9.0 is directly connected, FastEthernet0/0.9
C
10.0.14.0 is directly connected, FastEthernet0/0.14
C 10.0.15.0 is directly connected,
FastEthernet0/0.15
C
10.0.12.0 is directly connected, FastEthernet0/0.12
C
10.0.13.0 is directly connected, FastEthernet0/0.13
C
10.0.2.0 is directly connected, FastEthernet0/0.2
C
10.0.3.0 is directly connected, FastEthernet0/0.3
C
10.0.1.0 is directly connected, FastEthernet0/0.1
C
10.0.6.0 is directly connected, FastEthernet0/0.6
C
10.0.7.0 is directly connected, FastEthernet0/0.7
C
10.0.4.0 is directly connected, FastEthernet0/0.4
C
10.0.5.0 is directly connected, FastEthernet0/0.5
C
10.0.26.0 is directly connected, FastEthernet0/0.26
C
10.0.27.0 is directly connected, FastEthernet0/0.27
C
10.0.24.0 is directly connected, FastEthernet0/0.24
C 10.0.25.0 is directly connected,
FastEthernet0/0.25
C
10.0.30.0 is directly connected, FastEthernet0/0.30
C
10.0.28.0 is directly connected, FastEthernet0/0.28
C
10.0.29.0 is directly connected, FastEthernet0/0.29
C
10.0.18.0 is directly connected, FastEthernet0/0.18
C
10.0.19.0 is directly connected, FastEthernet0/0.19
C
10.0.16.0 is directly connected, FastEthernet0/0.16
C
10.0.17.0 is directly connected, FastEthernet0/0.17
C
10.0.22.0 is directly connected, FastEthernet0/0.22
C
10.0.23.0 is directly connected, FastEthernet0/0.23
C
10.0.20.0 is directly connected, FastEthernet0/0.20
C
10.0.21.0 is directly connected, FastEthernet0/0.21
C
192.168.1.0/24 is directly connected, Ethernet0/0
Router_A#
3.2.-
En router B:
Router_B#sh ip route (hay una sola ruta a la red 192.168.1.0/24)
Codes: C - connected, S - static, R - RIP, M -
mobile, B - BGP
D
- EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1
- OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1
- OSPF external type 1, E2 - OSPF external type 2
i
- IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o
- ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/30 is subnetted, 30 subnets
C
10.0.10.0 is directly connected, FastEthernet0/0.10
C
10.0.11.0 is directly connected, FastEthernet0/0.11
C
10.0.8.0 is directly connected, FastEthernet0/0.8
C
10.0.9.0 is directly connected, FastEthernet0/0.9
C
10.0.14.0 is directly connected, FastEthernet0/0.14
C
10.0.15.0 is directly connected, FastEthernet0/0.15
C 10.0.12.0 is directly connected,
FastEthernet0/0.12
C
10.0.13.0 is directly connected, FastEthernet0/0.13
C
10.0.2.0 is directly connected, FastEthernet0/0.2
C
10.0.3.0 is directly connected, FastEthernet0/0.3
C
10.0.1.0 is directly connected, FastEthernet0/0.1
C
10.0.6.0 is directly connected, FastEthernet0/0.6
C
10.0.7.0 is directly connected, FastEthernet0/0.7
C
10.0.4.0 is directly connected, FastEthernet0/0.4
C 10.0.5.0
is directly connected, FastEthernet0/0.5
C
10.0.26.0 is directly connected, FastEthernet0/0.26
C
10.0.27.0 is directly connected, FastEthernet0/0.27
C
10.0.24.0 is directly connected, FastEthernet0/0.24
C
10.0.25.0 is directly connected, FastEthernet0/0.25
C
10.0.30.0 is directly connected, FastEthernet0/0.30
C
10.0.28.0 is directly connected, FastEthernet0/0.28
C
10.0.29.0 is directly connected, FastEthernet0/0.29
C
10.0.18.0 is directly connected, FastEthernet0/0.18
C
10.0.19.0 is directly connected, FastEthernet0/0.19
C
10.0.16.0 is directly connected, FastEthernet0/0.16
C
10.0.17.0 is directly connected, FastEthernet0/0.17
C
10.0.22.0 is directly connected, FastEthernet0/0.22
C
10.0.23.0 is directly connected, FastEthernet0/0.23
C
10.0.20.0 is directly connected, FastEthernet0/0.20
C
10.0.21.0 is directly connected, FastEthernet0/0.21
S 192.168.1.0/24 [1/0] via
10.0.1.2 (ruta de tráfico de
retorno)
C 192.168.2.0 is directly connected,
FastEthernet0/1
Router_B#
4.- Verificación de PBR:
4.1.- En router A:
Router_A#sh
route-map
route-map LAN-A, permit, sequence 10 (primer salto hacia router B)
Match
clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.1.1
Policy
routing matches: 217 packets, 21896 bytes
route-map PBR-2,
permit, sequence 10 (segundo salto hacia router B, salto
3 en general)
Match
clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.3.1
Policy routing matches: 193 packets, 20472 bytes (los paquetes varían según las pruebas realizadas)
---resumido---
route-map PBR-28,
permit, sequence 10 (último salto hacia router B)
Match
clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.29.1
Policy
routing matches: 23 packets, 2148 bytes
Router_A#
4.2.- En router B:
Router_B#sh
route-map
route-map PBR-1, permit, sequence 10 (primer salto desde router A, salto 2 en general)
Match clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.2.2
Policy
routing matches: 208 packets, 21020 bytes
route-map PBR-3, permit, sequence 10 (segundo salto desde router A, salto 4 en general)
Match clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.4.2
Policy
routing matches: 182 packets, 19404 bytes
---resumido---
route-map PBR-27, permit, sequence 10 (último salto desde router A, salto 28 en general)
Match clauses:
ip address (access-lists): 101
Set
clauses:
ip next-hop 10.0.28.2
Policy
routing matches: 137 packets, 14688 bytes
Este route-map es relativo si existe una ruta hacia la red 192.168.1.0/24 no es necesario, en caso de
optar por la variante de políticas locales y route-map SELF es necesario.
route-map LAN-B, permit, sequence 10 (primer salto hacia router A)
Match
clauses:
ip address (access-lists): 102
Set
clauses:
ip next-hop 10.0.29.2
Policy routing
matches: 29 packets, 2808 bytes
Router_B#
No existe el route-map PBR-29 ya que al recibir el paquete por esta interface directamente se reenvía
a la interface Fa0/1 donde se encuentra el host 192.168.2.10.
5.1.- Configuración de los equipos:
5.1.- Router A:
Router_A#sh runn (sólo lo mas relevante)
Building configuration...
Current configuration :
6618 bytes
!
version 12.3
!
hostname Router_A
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
ip policy route-map LAN-A
!
interface FastEthernet0/0
no ip address
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.0.1.2 255.255.255.252
!
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 10.0.2.2 255.255.255.252
ip policy route-map PBR-2
!
interface FastEthernet0/0.3
encapsulation dot1Q 3
ip address 10.0.3.2 255.255.255.252
!
interface FastEthernet0/0.4
encapsulation dot1Q 4
ip address 10.0.4.2 255.255.255.252
ip policy route-map PBR-4
!
interface FastEthernet0/0.5
encapsulation dot1Q 5
ip address 10.0.5.2 255.255.255.252
!
interface FastEthernet0/0.6
encapsulation dot1Q 6
ip address 10.0.6.2 255.255.255.252
ip policy route-map PBR-6
!
interface FastEthernet0/0.7
encapsulation dot1Q 7
ip address 10.0.7.2 255.255.255.252
!
interface FastEthernet0/0.8
encapsulation dot1Q 8
ip address 10.0.8.2 255.255.255.252
ip policy route-map PBR-8
!
interface FastEthernet0/0.9
encapsulation dot1Q 9
ip address 10.0.9.2 255.255.255.252
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.0.10.2 255.255.255.252
ip policy route-map PBR-10
!
interface FastEthernet0/0.11
encapsulation dot1Q 11
ip address 10.0.11.2 255.255.255.252
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.0.12.2 255.255.255.252
ip policy route-map PBR-12
!
interface FastEthernet0/0.13
encapsulation dot1Q 13
ip address 10.0.13.2 255.255.255.252
!
interface FastEthernet0/0.14
encapsulation dot1Q 14
ip address 10.0.14.2 255.255.255.252
ip policy route-map PBR-14
!
interface FastEthernet0/0.15
encapsulation dot1Q 15
ip address 10.0.15.2 255.255.255.252
!
interface FastEthernet0/0.16
encapsulation dot1Q 16
ip address 10.0.16.2 255.255.255.252
ip policy route-map PBR-16
!
interface FastEthernet0/0.17
encapsulation dot1Q 17
ip address 10.0.17.2 255.255.255.252
!
interface FastEthernet0/0.18
encapsulation dot1Q 18
ip address 10.0.18.2 255.255.255.252
ip policy route-map PBR-18
!
interface FastEthernet0/0.19
encapsulation dot1Q 19
ip address 10.0.19.2 255.255.255.252
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.0.20.2 255.255.255.252
ip policy route-map PBR-20
!
interface FastEthernet0/0.21
encapsulation dot1Q 21
ip address 10.0.21.2 255.255.255.252
!
interface FastEthernet0/0.22
encapsulation dot1Q 22
ip address 10.0.22.2 255.255.255.252
ip policy route-map PBR-22
!
interface FastEthernet0/0.23
encapsulation dot1Q 23
ip address 10.0.23.2 255.255.255.252
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip address 10.0.24.2 255.255.255.252
ip policy route-map PBR-24
!
interface FastEthernet0/0.25
encapsulation dot1Q 25
ip address 10.0.25.2 255.255.255.252
!
interface FastEthernet0/0.26
encapsulation dot1Q 26
ip address 10.0.26.2 255.255.255.252
ip policy route-map PBR-26
!
interface FastEthernet0/0.27
encapsulation dot1Q 27
ip address 10.0.27.2 255.255.255.252
!
interface FastEthernet0/0.28
encapsulation dot1Q 28
ip address 10.0.28.2 255.255.255.252
ip policy route-map PBR-28
!
interface FastEthernet0/0.29
encapsulation dot1Q 29
ip address 10.0.29.2 255.255.255.252
!
ip classless
!
access-list 101 permit ip 192.168.1.0 0.0.0.255
192.168.2.0 0.0.0.255
!
route-map LAN-A permit 10
match ip address 101
set ip next-hop 10.0.1.1
!
route-map PBR-8 permit 10
match ip address 101
set ip next-hop 10.0.9.1
!
route-map PBR-4 permit 10
match ip address 101
set ip next-hop 10.0.5.1
!
route-map PBR-6 permit 10
match ip address 101
set ip next-hop 10.0.7.1
!
route-map PBR-2 permit 10
match ip address 101
set ip next-hop 10.0.3.1
!
route-map PBR-18 permit 10
match ip address 101
set ip next-hop 10.0.19.1
!
route-map PBR-28 permit 10
match ip address 101
set ip next-hop 10.0.29.1
!
route-map PBR-14 permit 10
match ip address 101
set ip next-hop 10.0.15.1
!
route-map PBR-26 permit 10
match ip address 101
set ip next-hop 10.0.27.1
!
route-map PBR-16 permit 10
match ip address 101
set ip next-hop 10.0.17.1
!
route-map PBR-24 permit 10
match ip address 101
set ip next-hop 10.0.25.1
!
route-map PBR-10 permit 10
match ip address 101
set ip next-hop 10.0.11.1
!
route-map PBR-22 permit 10
match ip address 101
set ip next-hop 10.0.23.1
!
route-map PBR-12 permit 10
match ip address 101
set ip next-hop 10.0.13.1
!
route-map PBR-20 permit 10
match ip address 101
set ip next-hop 10.0.21.1
!
!
end
Router_A#
5.2.- Router B:
Router_B# sh runn (sólo lo mas relevante)
Building configuration...
Current configuration :
7312 bytes
!
version 12.4
!
hostname Router_B
!
interface FastEthernet0/0
no ip address
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.0.1.1 255.255.255.252
ip policy route-map PBR-1
!
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 10.0.2.1 255.255.255.252
!
interface FastEthernet0/0.3
encapsulation dot1Q 3
ip address 10.0.3.1 255.255.255.252
ip policy route-map PBR-3
!
interface FastEthernet0/0.4
encapsulation dot1Q 4
ip address 10.0.4.1 255.255.255.252
!
interface FastEthernet0/0.5
encapsulation dot1Q 5
ip address 10.0.5.1 255.255.255.252
ip policy route-map PBR-5
!
interface FastEthernet0/0.6
encapsulation dot1Q 6
ip address 10.0.6.1 255.255.255.252
!
interface FastEthernet0/0.7
encapsulation dot1Q 7
ip address 10.0.7.1 255.255.255.252
ip policy route-map PBR-7
!
interface FastEthernet0/0.8
encapsulation dot1Q 8
ip address 10.0.8.1 255.255.255.252
!
interface FastEthernet0/0.9
encapsulation dot1Q 9
ip address 10.0.9.1 255.255.255.252
ip policy route-map PBR-9
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.0.10.1 255.255.255.252
!
interface FastEthernet0/0.11
encapsulation dot1Q 11
ip address 10.0.11.1 255.255.255.252
ip policy route-map PBR-11
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.0.12.1 255.255.255.252
!
interface FastEthernet0/0.13
encapsulation dot1Q 13
ip address 10.0.13.1 255.255.255.252
ip policy route-map PBR-13
!
interface FastEthernet0/0.14
encapsulation dot1Q 14
ip address 10.0.14.1 255.255.255.252
!
interface FastEthernet0/0.15
encapsulation dot1Q 15
ip address 10.0.15.1 255.255.255.252
ip policy route-map PBR-15
!
interface FastEthernet0/0.16
encapsulation dot1Q 16
ip address 10.0.16.1 255.255.255.252
!
interface FastEthernet0/0.17
encapsulation dot1Q 17
ip address 10.0.17.1 255.255.255.252
ip policy route-map PBR-17
!
interface FastEthernet0/0.18
encapsulation dot1Q 18
ip address 10.0.18.1 255.255.255.252
!
interface FastEthernet0/0.19
encapsulation dot1Q 19
ip address 10.0.19.1 255.255.255.252
ip policy route-map PBR-19
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.0.20.1 255.255.255.252
!
interface FastEthernet0/0.21
encapsulation dot1Q 21
ip address 10.0.21.1 255.255.255.252
ip policy route-map PBR-21
!
interface FastEthernet0/0.22
encapsulation dot1Q 22
ip address 10.0.22.1 255.255.255.252
!
interface FastEthernet0/0.23
encapsulation dot1Q 23
ip address 10.0.23.1 255.255.255.252
ip policy route-map PBR-23
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip address 10.0.24.1 255.255.255.252
!
interface FastEthernet0/0.25
encapsulation dot1Q 25
ip address 10.0.25.1 255.255.255.252
ip policy route-map PBR-25
!
interface FastEthernet0/0.26
encapsulation dot1Q 26
ip address 10.0.26.1 255.255.255.252
!
interface FastEthernet0/0.27
encapsulation dot1Q 27
ip address 10.0.27.1 255.255.255.252
ip policy route-map PBR-27
!
interface FastEthernet0/0.28
encapsulation dot1Q 28
ip address 10.0.28.1 255.255.255.252
!
interface FastEthernet0/0.29
encapsulation dot1Q 29
ip address 10.0.29.1 255.255.255.252
!
interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0
ip policy route-map LAN-B
!
ip route 192.168.1.0 255.255.255.0 10.0.1.2
!
access-list 101 permit ip 192.168.1.0 0.0.0.255
192.168.2.0 0.0.0.255
!
access-list 102 permit ip 192.168.2.0 0.0.0.255
192.168.1.0 0.0.0.255
!
route-map LAN-B permit 10
match ip address 102
set ip next-hop 10.0.29.2
!
route-map PBR-9 permit 10 (el orden de los PBR no los entiendo, los configuré y pegué en orden ascendente)
match ip address 101
set ip next-hop 10.0.10.2
!
route-map PBR-5 permit 10
match ip address 101
set ip next-hop 10.0.6.2
!
route-map PBR-7 permit 10
match ip address 101
set ip next-hop 10.0.8.2
!
route-map PBR-1 permit 10
match ip address 101
set ip next-hop 10.0.2.2
!
route-map PBR-3 permit 10
match ip address 101
set ip next-hop 10.0.4.2
!
route-map PBR-19 permit 10
match ip address 101
set ip next-hop 10.0.20.2
!
route-map PBR-27 permit 10
match ip address 101
set ip next-hop 10.0.28.2
!
route-map PBR-15 permit 10
match ip address 101
set ip next-hop 10.0.16.2
!
route-map PBR-25 permit 10
match ip address 101
set ip next-hop 10.0.26.2
!
route-map PBR-17 permit 10
match ip address 101
set ip next-hop 10.0.18.2
!
route-map PBR-23 permit 10
match ip address 101
set ip next-hop 10.0.24.2
!
route-map PBR-11 permit 10
match ip address 101
set ip next-hop 10.0.12.2
!
route-map PBR-21 permit 10
match ip address 101
set ip next-hop 10.0.22.2
!
route-map PBR-13 permit 10
match ip address 101
set ip next-hop 10.0.14.2
!
!
end
Router_B#
(2020) A
packet in Disneyland
Rosario, Argentina