Time
2 hours 8 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:01
Hello and welcome back to Sybers Infrastructure Services today we're gonna be sitting up The G R E tunnels will be restricted for this course today. Trent, Darrell. And this gliding it started
00:13
today we're so bougie. Every time between the two different lands we have in our lab the 10.1 dot to slash 24 then the 1 17 16 1.0 slash 24. Those two networks, one with the windows, 10 bucks at one with your boon, two bucks.
00:28
So first things first, let's go ahead and just kind of verify connectivity again. So I'm gonna bring out the a boon to box said the barrel to a ping.
00:38
So here were pinging the Windows 10 box. So we're gonna go in there.
00:42
We'll do a tracer out roll first.
00:45
So here is this.
00:47
That is our gateway.
00:50
Here we see the router to around three. Address Here. Here is the router. One address, and then finally, we have the Windows 10 box.
01:02
So we have basic connectivity. So what I'm gonna do, I have router three here, pulled up on a council.
01:10
We're gonna go ahead and remove the static routes because As you see here, there's a static route going to the 1 10 to network these two different land networks we have set up.
01:19
So we're gonna go ahead and remove those T. You should run clue I p routes.
01:29
So go ahead and remove these.
01:38
Right.
01:40
So now if we go back in you here, we should have no connectivity between the two. Because it's what it's doing. Its in that gateway and
01:48
is trying to send it over the router three and Router three doesn't know what to do with it.
01:53
So we have complete packet loss, right?
01:57
No, we're gonna dio gets out of the way. We're gonna go ahead and set up these jerry tunnels, so then we should build a route.
02:04
So the way that this is going to set up is this I p address that we're gonna set up on this tunnel is gonna just be a tunnel interface for its own I p address between the two different things and doing two different routers. And because we're only using to I p addresses again, we're gonna use a slash 30 on it.
02:20
We have to adjust the MTU size and then the maximum of segment size down a little bit because we had that g r E header so that we had to The general accepted rule is to do 1400 here,
02:31
and these are coming right off the Cisco site for setting up jerry tunnels.
02:37
Eso you taking it right from them so you can't go wrong.
02:40
Eternal source is gonna be the kind of Internet connected side if you wo of the router one on the Internet connected side of the router to
02:52
Theoretically, if you were actually sent this up, these would be like a public an added I p address. Right.
02:58
Um, this would be the actual i p address off whatever. Something I should be raw audible on the internet.
03:06
And then we will basically say to get to this our land go through tunnel one.
03:10
So let's go ahead, and
03:13
we're gonna ssh into each router and set this up. So let's go ahead and do rotor one first. So that's the Windows 10 box.
03:22
I want to bring up buddy.
03:23
So to 16 1 that's one
03:29
ist Trent
03:34
enable.
03:36
And, uh,
03:38
all right, so it was gonna configure terminal. Let's go. I p address
03:44
Oh, sir, I need to go to Interface Tunnel one.
03:49
And here, really? I p address to And these are
03:53
these days you don't quite anything. Currently, Indy is You're just free I ps that are being used so they
04:00
you can set them up. However you wish.
04:03
2 53 That's on a slash 24 slash 30. So
04:09
do we fight you too?
04:13
Enter i p m to you.
04:16
1400
04:18
i p TCP adjust Maxim Cygnus size 13. 60
04:25
Duty tunnel source
04:29
here. We can set it to cereal equivalent, or we can just add in the i p address. So if you're serially does change, I'll say for some reason, uh, you can still have adapted network. What? The tunnels do the same. You could just said that serial interface, right?
04:44
But today, we're gonna set to the I P address for visibility to 54
04:50
and we'll do the tunnel destination
04:55
10 to 55 to 54.
05:00
And let's go ahead and accept. That's
05:05
we'll throw in a static routes. I want to make sure I removed the previous one here.
05:11
Teoh, do show, run, include
05:15
I wrote. So here. I'm gonna remove this one here,
05:21
huh?
05:25
So that way it says what? We cannot get that network anymore. We no longer have a route.
05:30
For example, you can check the routing table. Shoichiro, we no longer have a 10 12 in there.
05:38
So let's go ahead and could figure it to go through that tunnel.
05:41
T I P Route 10 120
05:45
on the slash 24. We wanted to go through a tunnel
05:48
one. Right. That was what we chose.
05:54
Did you do it on a one?
05:58
And so let's go out and do the same thing on the moon to box.
06:02
Verify that we are up here since bring that up
06:06
of us and ssh! Uh, myself. Friend
06:14
Trent adds 1 to 1 way. Want these? Safer?
06:18
We believe it's a S 1 28 c.
06:23
That is Yes. I believe that's a safer we used before.
06:33
Well named, uh, to go. I just maximizes real fast.
06:39
Clear?
06:42
No.
06:44
All right. So let's go ahead and
06:46
get removed. The static rural fast grounds
06:51
to the once into
06:56
it must have spend previous configuration of metal. Sure. Why? That stairs be honest,
07:06
right? And what's zero?
07:11
So you should have no routes over to that 1 70 16 network.
07:15
So let's go ahead and build a tunnel. Now you're faced on a one
07:20
I p address some to 16 to 55 last ones to 53 sold to 54
07:28
uh, slash 30
07:32
and we'll set them into U 1400
07:36
i p TCP just
07:41
clean 60.
07:44
Okay, tunnel source. Here's where we have used the public facing I P. Address toe
07:50
2 55 12 to 54.
07:58
Believe next to 33. No, no
08:03
destination 10 to 35 Wanda to 53 4
08:09
and still end. So just to verify on my shirt and put in the right one there, show Reef
08:18
You could see that our CEO interface is that source address there.
08:26
So let's go ahead and build a static routes
08:28
the routes.
08:31
This is to 16 1 that zero slash 24.
08:37
We wanted to go through a tunnel one and, well, let's try and see what we get here
08:45
was painted the gateway first here and we success
08:48
on 50 success.
08:52
The cool part about this is now
08:56
the so runner three still has no visibility into that network, right So we do a show I p row. We're still not going to see that 10 12 or the 172 so way trying to ping from here.
09:09
Uh, one.
09:11
We're not going to get it right, because it doesn't know where to send it.
09:15
We built that tunnels where those two lands could not talk to each other
09:20
so we could test it from the windows 10 boxes. Well, I'll bring that one over
09:26
my remove putty.
09:31
Let's go ahead and enter a few times. Ping 10 1 suit out 50
09:37
And we're getting replies.
09:41
So again, I bring up, we're on route or three.
09:45
We'll bring up
09:48
Oh, it's just the routing table, but unable to box We still have that one up show I p out.
09:54
We'll see
09:56
saying to go through the 0.1 to get what I wanted statically signing ultra tunnel one.
10:03
So
10:03
we now actually have her out there
10:07
now you could send us up with the SPF as well toe where it could get like if you're other land has other routes as well. You could set up to SPF, but just for simplicity, a lab sake we're using static rowdy.
10:20
All right, so today, what is a common NTU size for a tunnel interface? Give you a few seconds.
10:30
All right. Hopefully you got 1400 now. Standard size friend to you. You'll see it's 1513. 60 is the maximum segment. Sides will generally set.
10:41
All right. Today we set up a jerry tunnel between two different lands. Hopefully, you all enjoy the video. Learned something.
10:48
Appreciate your Washington. And I will see you next time. Thank you.

Up Next

Infrastructure Services

This Intermediate networking course will look at some of the more advanced tasks required to maintain a network. We will cover network tunneling, upgrading Cisco IOS to fix patches so we can avoid exploits, and other network troubleshooting tasks.

Instructed By

Instructor Profile Image
Trenton Darrow
Network Engineer at NCI Information Systems, Inc
Instructor