全部博文(1015)
分类:
2008-08-01 15:13:27
关于你的问题,我仿真了实验台,R1 模拟一台主机,R2 也就是你所配置的路由器,R3则是外网,仿真你案例里的ISP, R3和R2的串口和以太口 ,模拟你从电信拉的两根光纤,拓扑如下:
应你的需求,我们让R2的S1/0 工作在白天, 每天 到12点的时候,E0/0自动接替S1/0的工作,我的实验得到了验证,配置如下:
R1,仿真PC就不说了,敲个地址,指个网关就OK
R3,起loopback 0 :
R2的配置:
interface Ethernet0/0
ip address 203.1.1.2 255.255.255.0
ip nat outside
!
interface Serial1/0
ip address
ip nat outside
clock rate 64000
!
interface Serial2/0
ip address
ip nat inside
ip policy route-map test
!
ip nat pool reeper1
ip nat pool reeper2 203.1.1.2 203.1.1.2 netmask 255.255.255.0
ip nat inside source list 101 pool reeper1 overload
ip nat inside source list 102 pool reeper2 overload
ip classless
ip route
ip route
!
!
access-list 101 permit ip any any time-range day
access-list 102 permit ip any any time-range night
!
route-map test permit 10
match ip address 101
set ip next-ho
!
route-map test permit 20
match ip address 102
set ip next-hop 203.1.1.3
!
time-range day
periodic daily 8:00 to 23:59
!
time-range night
periodic daily 0:00 to 8:00
!
End
测试:我们在R1上ping
R2#debug ip nat
IP NAT debugging is on
R2#sh cloc
09:16:04.007 CST Thu Nov 16 2006
R2#
Nov 16 01:16:11.515: NAT: s=
Nov 16 01:16:11.535: NAT*: s=
Nov 16 01:16:11.555: NAT: s=
Nov 16 01:16:11.575: NAT*: s=
可见R2把R1发过来的包转换到了 串口网段。
那么我们改一下时间,继续测试:
R2#sh cloc
09:19:31.967 CST Thu Nov 16 2006
R2#cloc set 7:50:00 16 Nov 2006
R2#sh cloc
07:51:20.291 CST Thu Nov 16 2006
R2#
Nov 15 23:51:24.847: NAT: s=
Nov 15 23:51:24.855: NAT*: s=
Nov 15 23:51:24.879: NAT: s=
Nov 15 23:51:24.879: NAT*: s=
发现已经转换到了 以太口。
我们等几分钟,看到8:00的时候是否自动切换线路:
07:59:53.379 CST Thu Nov 16 2006
R2#
Nov 15 23:59:54.867: NAT: s=
Nov 15 23:59:54.867: NAT*: s=
Nov 15 23:59:54.887: NAT: s=
Nov 15 23:59:54.887: NAT*: s=
R2#sh cloc
08:00:18.879 CST Thu Nov 16 2006
R2#
Nov 16 00:00:19.959: NAT: expiring 203.1.1.2 (
R2#
Nov 16 00:00:20.579: NAT: s=
Nov 16 00:00:20.599: NAT*: s=
Nov 16 00:00:20.619: NAT: s=
Nov 16 00:00:20.639: NAT*: s=
OK,自动切换了,但是迟了10几秒钟,你可以把 Day 和night 时间交错1分钟试试。
好了,打完手工!
已经调试过,根据时间进行线路切换,供参考。
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r2
!
boot-start-marker
boot-end-marker
!
!
clock timezone CST 8
no aaa new-model
ip subnet-zero
no ip domain lookup
!
ip audit po max-events 100
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface Serial1/0
ip address 218.90.165.65 255.255.255.248
ip nat outside
serial restart-delay 0
no fair-queue
!
interface Serial2/0
ip address 222.191.242.113 255.255.255.248
ip nat outside
serial restart-delay 0
!
ip nat pool isp1 218.90.165.65 218.90.165.69 netmask 255.255.255.248
ip nat pool isp2 222.191.242.113 222.191.242.117 netmask 255.255.255.248
ip nat inside source route-map to-isa1 pool isp1 overload
ip nat inside source route-map to-isa2 pool isp2 overload
ip classless
no ip http server
no ip http secure-server
!
!
access-list 101 permit ip 192.168.1.0
access-list 102 permit ip 192.168.1.0 0.0.0.255 any time-range night
!
route-map to-isa1 permit 10
match ip address 101
!
route-map to-isa2 permit 10
match ip address 102
!
time-range day
periodic daily 0:00 to 12:00
!
time-range night
periodic daily 12:00 to 23:59
!
end
我也作了这个实验仿真,也出现结果了 用得是你的那些IP和GATEWAG 也可以满足你的要求的 这个实验注意如下几点 拓扑和reeper的一样就是地址不一样
interface Ethernet0/0
ip address 222.191.242.113 255.255.255.248
ip nat outside
!
interface Serial1/0
ip address 218.90.165.65 255.255.255.248
ip nat outside
serial restart-delay 0
clock rate 64000
!
interface Serial2/0
ip address 192.168.1.2 255.255.255.0
ip nat inside
serial restart-delay 0
!
ip nat pool A 218.90.165.65 218.90.165.67 netmask 255.255.255.248
ip nat pool B 222.191.242.113 222.191.242.115 netmask 255.255.255.248
ip nat inside source route-map 1 pool A overload
ip nat inside source route-map 2 pool B overload
ip classless
ip route
ip route 0.0.0.0 0.0.0.0 222.191.242.118
no ip http server
no ip http secure-server
!
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any time-range day
access-list 102 permit ip 192.168.1.0 0.0.0.255 any time-range night
!
route-map 1 permit 10
match ip address 101
set ip next-hop 218.90.165.70
!
route-map 2 permit 10
match ip address 102
set ip next-hop 222.191.242.118
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
time-range day
periodic daily 8:00 to 23:59
!
time-range night
periodic daily 0:00 to 8:00
!
end
这个问题应该注意的地方就是路由的策略和访问控制列表的对应 访问控制列表和时间的对应关系 把握好这2点 这个问题应该就很容易的解决了