1) IPv4 Routing
WORK-R
conf t
router ospf 7
network 203.230.10.0 0.0.0.3 a 0
network 1.1.1.0 0.0.0.255 a 0
area 0 authentication message-digest
default-information originate always
exit
int gig0/0/1
ip ospf message-digest-key 1 md5 korea2021##
EX-R
conf t
router ospf 7
network 203.230.10.0 0.0.0.3 a 0
network 107.58.65.0 0.0.0.3 a 0
network 140.30.2.0 0.0.0.3 a 0
area 0 authentication message-digest
exit
int gig1
ip ospf message-digest-key 1 md5 korea2021##
int gig2
ip ospf message-digest-key 1 md5 korea2021##
int gig3
ip ospf message-digest-key 1 md5 korea2021##
EX-FW
conf t
router ospf 7
network 140.30.2.0 255.255.255.252 a 0
network 110.240.50.0 255.255.255.0 a 0
area 0 authentication message-digest
exit
int gig0/0
ospf message-digest-key 1 md5 korea2021##
int gig0/8
ospf message-digest-key 1 md5 korea2021##
CENT-R
conf t
ip route 172.16.0.0 255.255.255.0 10.1.0.1
router ospf 7
network 107.58.65.0 0.0.0.3 a 0
network 1.1.2.0 0.0.0.255 a 0
area 0 authentication message-digest
exit
int gig0/0/1
ip ospf message-digest-key 1 md5 korea2021##
CENT-FW
conf t
route OUTSIDE 0.0.0.0 0.0.0.0 10.1.0.2
2) 6RD Tunnel
WORK-R
conf t
interface tunnel 0
tunnel mode ipv6ip 6rd
tunnel source loopback 0
tunnel 6rd prefix 2001:10::/32
tunnel 6rd ipv4 prefix-len 16
ipv6 enable
ipv6 address 2001:10:101::1/64
exit
ipv6 route 2001:10::/32 tunnel 0
CENT-R
conf t
interface tunnel 0
tunnel mode ipv6ip 6rd
tunnel source loopback 0
tunnel 6rd prefix 2001:10::/32
tunnel 6rd ipv4 prefix-len 16
ipv6 enable
ipv6 address 2001:10:202::1/64
exit
ipv6 route 2001:10::/32 tunnel 0
3) IPv6 Routing
CENT-FW
conf t
ipv6 route OUTSIDE ::/0 2001:10:202:1::FFFF
CENT-R
conf t
ipv6 route 2001:10:202:2::/64 2001:10:202:1::1
4) 주소 변환
WORK-R
conf t
int gig0/0/0.10
nat64 enable
int gig0/0/1
nat64 enable
int tun0
nat64 enable
ipv6 access-list NAT
permit ipv6 any any
nat64 prefix stateful 4001::/96
nat64 v4 pool NAT 9.9.9.50 9.9.9.60
nat64 v6v4 list NAT pool NAT overload
nat64 v4v6 static 110.240.50.1 4001::1
CENT-R
conf t
int gig0/0/0
ip nat inside
int gig0/0/1
ip nat outside
ip access-list extended NAT
deny ip host 172.16.0.1 host 203.230.10.1
permit ip 172.16.0.0 0.0.0.255 any
permit ip 10.1.0.0 0.0.0.3 any
exit
ip nat inside source list NAT interface gig0/0/1 overload
1) NTP
ISP
#apt –y install ntp
#vim /etc/ntp.conf
#systemctl restart ntp
EX-FW
conf t
access-list OUT-TO-IN extended permit udp 203.230.10.0 255.255.255.252 host 110.240.50.1 eq 123
access-list OUT-TO-IN extended permit udp 107.58.65.0 255.255.255.252 host 110.240.50.1 eq 123
access-list OUT-TO-IN extended permit udp 140.30.2.0 255.255.255.252 host 110.240.50.1 eq 123
access-group OUT-TO-IN in interface OUTSIDE
EX-R, WORK-R, CENT-R
conf t
ntp server 110.240.50.1
'물리서버' 카테고리의 다른 글
[21전국] 3과제 Certificate Authority (0) | 2021.11.10 |
---|---|
[21전국] 3과제 DNS 설정 (0) | 2021.11.10 |
[21전국] 3과제 기본 세팅 Basic Configuration (0) | 2021.11.10 |
[인프라 기초] 패리티(Parity) (0) | 2021.10.25 |
소프트웨어 RAID와 하드웨어 RAID (0) | 2021.10.25 |