cisco microtik ospf

Обсуждение оборудования и его настройки
Ответить
svetogor82
Сообщения: 154
Зарегистрирован: 17 апр 2014, 10:44

1 не получается настроить маршрутизацию по ospf между cisco и microtik
2 бы прочтены маны
3 /export compact
 

Код: Выделить всё

# may/28/2014 09:20:44 by RouterOS 6.12
# software id = H1P8-D3NV
#
/interface ethernet
set [ find default-name=ether8 ] name=lan_port8
set [ find default-name=ether1 ] name=wan_port1_kdms
set [ find default-name=ether2 ] name=wan_port2_avk
/interface gre
add local-address=94.131.x.x name=avk_to_dm remote-address=91.216.x.x
add local-address=94.131.x.x name=avk_to_msk remote-address=83.167.x.x
add local-address=109.206.x.x mtu=1450 name=kdms_to_dm remote-address=91.216.x.x
add local-address=109.206.x.x name=msk_kdms remote-address=83.167.x.x
/ip neighbor discovery
set lan_port8 discover=no
set wan_port1_kdms discover=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 disabled=yes enc-algorithms=3des
add auth-algorithms=md5 enc-algorithms=3des,aes-128-cbc lifetime=8m20s name=AES-128
/port
set 0 name=serial0
set 1 name=serial1
/queue simple
add max-limit=10M/10M name=queue1 target=10.0.8.75/32,10.0.8.76/32,10.0.8.77/32
/routing ospf area
add area-id=0.0.0.10 disabled=yes name=area10_ospf
/routing ospf instance
set [ find default=yes ] router-id=10.0.94.1
add address=10.0.8.2/24 interface=lan_port8 network=10.0.8.0
add address=109.206.132.219/24 interface=wan_port1_kdms network=109.206.132.0
add address=10.0.91.2/30 interface=kdms_to_dm network=10.0.91.0
add address=10.0.9.2/24 interface=lan_port8 network=10.0.9.0
add address=10.0.94.1/30 interface=msk_kdms network=10.0.94.0
add address=94.131.1.5/29 interface=wan_port2_avk network=94.131.1.0
add address=10.0.97.2/30 interface=avk_to_dm network=10.0.97.0
add address=10.0.98.2/30 interface=avk_to_msk network=10.0.98.0
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall filter
add chain=output comment=out protocol=udp
add chain=output protocol=tcp
add chain=input comment="Allow IPSec-esp" protocol=ipsec-esp
add chain=input comment="Allow IPSec-ah" protocol=ipsec-ah
add chain=input comment="Allow IKE" dst-port=500 protocol=udp
add chain=input comment=icp_input protocol=icmp
add chain=input comment=www dst-port=80 protocol=tcp
add chain=input comment="access to winbox" dst-port=8291 in-interface=wan_port1_kdms protocol=tcp
add chain=input dst-port=8291 in-interface=wan_port2_avk protocol=tcp
add chain=input dst-port=8291 in-interface=lan_port8 protocol=tcp
add chain=input connection-state=new dst-port=8291,65522 protocol=tcp
add chain=input comment=icp_input protocol=icmp
add chain=input comment=ssh dst-port=22 protocol=tcp
add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=3h chain=input connection-state=new dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=22 protocol=tcp
add chain=input dst-port=443 protocol=tcp
add chain=input comment=dns dst-port=53 protocol=udp
add chain=input dst-port=53 in-interface=all-ethernet protocol=tcp
add chain=input comment=pptp disabled=yes dst-port=1723 protocol=tcp
add action=drop chain=input comment="drop telnet brute forcers" dst-port=23 protocol=tcp src-address-list=ftp_blacklist
add chain=output content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=1h chain=output content="530 Login incorrect" protocol=tcp
add chain=input comment=gre protocol=gre
add chain=input comment=sip dst-port=5060-5070 protocol=udp
add chain=input dst-port=5060-5070 protocol=tcp
add chain=input dst-port=17000-30000 protocol=udp
add chain=input dst-port=17000-30000 protocol=tcp
add chain=input comment=ntp dst-port=161 protocol=tcp src-port=""
add action=drop chain=input comment=drop_all in-interface=wan_port1_kdms protocol=tcp
add action=drop chain=input in-interface=wan_port1_kdms protocol=udp
add action=drop chain=input in-interface=wan_port2_avk protocol=tcp
add action=drop chain=input in-interface=wan_port2_avk protocol=udp
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
/ip route
add distance=1 gateway=109.206.x.x routing-mark=kdms
add distance=1 gateway=94.131.x.x routing-mark=avk
add check-gateway=ping distance=1 gateway=109.206.x.x,94.131.x.x
add distance=1 dst-address=10.0.4.0/24 gateway=10.0.94.2
add distance=1 dst-address=172.16.0.0/16 gateway=10.0.96.1
add distance=1 dst-address=172.16.0.0/16 gateway=10.0.91.1
add distance=1 dst-address=192.168.0.0/24 gateway=10.0.94.2
add distance=1 dst-address=192.168.0.0/24 gateway=10.0.98.1
/ip upnp
set allow-disable-external-interface=no
/lcd interface
set sfp-sfpplus1 interface=sfp-sfpplus1
set sfp-sfpplus2 interface=sfp-sfpplus2
set wan_port1_kdms interface=wan_port1_kdms
set wan_port2_avk interface=wan_port2_avk

4 с документаций ознакомился но ответа не нашел
вот часть конфига cisco

Код: Выделить всё

interface Tunnel24
 ip address 10.0.94.2 255.255.255.252
 ip ospf cost 1000
 ip ospf 100 area 0
 tunnel source 83.167.x.x
 tunnel destination 109.206.x.x
!
interface Tunnel25
 ip address 10.0.98.1 255.255.255.252
 ip ospf cost 2000
 ip ospf 100 area 0
 tunnel source 83.167.x.x
 tunnel destination 94.131.x.x
!
router ospf 100
 router-id 192.168.0.253
 network 10.0.4.0 0.0.0.255 area 0
 network 192.168.0.0 0.0.0.255 area 0

смотрю на cisco show ip ospf neighbor

Код: Выделить всё

Neighbor ID     Pri   State           Dead Time   Address         Interface
10.0.94.1         0   FULL/  -        00:00:38    10.0.94.1       Tunnel24
10.0.94.1         0   FULL/  -        00:00:31    10.0.98.2       Tunnel25

но если смотреть на cisco show ip route ospf то маршрутов нету


Ответить