- Cisco 2821- BGP - маршрутизация,
 AD, 12:30 , 23-Апр-08 (1)>[оверквотинг удален]
> no auto-summary
>
>
>ip route 0.0.0.0 0.0.0.0 87.226.XX.Y1
>
>
>Не ходят пакеты с Gi0/1 дальше Gi0/0 в чем может быть проблема
>?
>( по bgp все маршруты получаю, сам интерфейс Gi0/0 из сети Gi0/1
>ip address 195.28.XX.YY 255.255.255.192 вижу ) ip route 195.28.XX.YY 255.255.254.0 null 0
- Cisco 2821- BGP - маршрутизация, V1talya, 16:06 , 23-Апр-08 (2)
>[оверквотинг удален]
>>
>>ip route 0.0.0.0 0.0.0.0 87.226.XX.Y1
>>
>>
>>Не ходят пакеты с Gi0/1 дальше Gi0/0 в чем может быть проблема
>>?
>>( по bgp все маршруты получаю, сам интерфейс Gi0/0 из сети Gi0/1
>>ip address 195.28.XX.YY 255.255.255.192 вижу )
>
>ip route 195.28.XX.YY 255.255.254.0 null 0 #ip route 195.28.XX.YY 255.255.224.0 Null0
%Inconsistent address and mask Current configuration : 4017 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 0000
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization exec default local
aaa authorization network default group radius
aaa accounting network default start-stop group radius
!
aaa session-id common
clock timezone Yakutsk 9
clock summer-time Yakutsk recurring last Sun Mar 2:00 last Sun Oct 3:00
no ip source-route
no ip gratuitous-arps
!
ip cef
!
no ip bootp server
ip domain name .........
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh source-interface GigabitEthernet0/1
ip ssh version 2
no ip rcmd domain-lookup
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
voice-card 0
no dspfarm
!
username vitalya password 7 000
!
interface Loopback1
no ip address
!
interface GigabitEthernet0/0
description Connect to ISP
ip address 87.226.XX.YY2 255.255.255.252
ip access-group in_Gi0/0 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
description Connect to Server
ip address 195.28.XX.1 255.255.255.192
ip access-group in_Gi0/1 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1.2
description PPPoE & PPTP clients
encapsulation dot1Q 2
ip address 192.168.0.2 255.255.224.0
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
no cdp enable
!
interface Virtual-Template1
ip unnumbered Loopback1
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ppp authentication chap ms-chap ms-chap-v2
!
router bgp 00000
no synchronization
bgp log-neighbor-changes
network 195.28.XX.0 mask 255.255.254.0
neighbor 87.226.XX.1 remote-as 12389
neighbor 87.226.XX.1 ebgp-multihop 10
neighbor 87.226.XX.YY1 remote-as 12389
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 87.226.XX.YY1
ip route 87.226.XX.1 255.255.255.255 87.226.XX.YY1 ip route 195.28.XX.64 255.255.255.192 195.28.XX.2
ip route 195.28.XX.128 255.255.255.192 195.28.XX.2
ip route 195.28.XX.192 255.255.255.192 195.28.XX.2
ip route 195.28.XY.0 255.255.255.0 195.28.XX.2
!
!
no ip http server
no ip http secure-server
!
ip access-list extended in_Gi0/0
remark "Deny connect to SSH & PPTP"
deny tcp any host 87.226.XX.YY2 eq 22
deny tcp any host 87.226.XX.YY2 eq 1723
remark "Deny&Permit connect to BGP"
permit tcp host 87.226.XX.YY1 host 87.226.XX.YY2 eq bgp
permit tcp host 87.226.XX.1 host 87.226.XX.YY2 eq bgp
deny tcp any host 87.226.XX.YY2 eq bgp log
permit ip any any
ip access-list extended in_Gi0/1
deny tcp any host 195.28.XX.1 eq 1723
deny tcp any host 195.28.XX.1 eq bgp
permit tcp host 195.28.XX.2 host 195.28.XX.1 eq 22
deny tcp any host 195.28.XX.1 eq 22
deny icmp any any fragments
permit ip any any
!
ip radius source-interface GigabitEthernet0/1
access-list 8 permit 195.28.XX.2
access-list 8 deny any
snmp-server community 0000 RW 8
no cdp run
!
radius-server attribute 31 mac format ietf
radius-server configure-nas
radius-server host 195.28.XX.2 auth-port 1812 acct-port 1813
radius-server timeout 30
radius-server key 7 0000
radius-server vsa send accounting
radius-server vsa send authentication
!
control-plane
!
line con 0
line aux 0
line vty 0 4
transport input ssh
!
scheduler allocate 20000 1000
ntp clock-period 17179945
ntp peer 83.222.4.154
!
end
- Cisco 2821- BGP - маршрутизация, V1talya, 09:01 , 24-Апр-08 (4)
>[оверквотинг удален]
>>
>>ip route 0.0.0.0 0.0.0.0 87.226.XX.Y1
>>
>>
>>Не ходят пакеты с Gi0/1 дальше Gi0/0 в чем может быть проблема
>>?
>>( по bgp все маршруты получаю, сам интерфейс Gi0/0 из сети Gi0/1
>>ip address 195.28.XX.YY 255.255.255.192 вижу )
>
>ip route 195.28.XX.YY 255.255.254.0 null 0 Спасибо все заработало
|
Версия для распечатки
Cisco 2821- BGP - маршрутизация, 
