Analog ip unnumbered on Linux systems or save IP addresses
Not so long ago, I ran into the problem of an ip analog unnumbered on Linux, which is easily implemented on Cisco hardware.
When using this type of routing, it is not necessary to divide the network of globally routable ip addresses into small ones with a mask / 30 or / 31. For example, it is enough to assign a class C network (/ 24) to the loopback interface, and to client interfaces to indicate that all processing of IP packets will be performed with the address assigned to the loopback interface. Thus, you get a rational use of IP addresses.
Consider now the above in practice.
It is necessary to create 3 VLANs, for servicing three subscribers and provide each with a public IP address from the 195.131.195.0/24 network.
What would we do if we didn't use ip unnumbered? We would divide our network into smaller ones, for example, into networks with a dimension of / 30, that is, a subnet mask of 255.255.255.252. And so, three clients, three networks:
Network number one: 195.131.195.0/30
Where: 195.131.195.0 is the network identifier, 195.131.195.1 is the IP that acts as a gateway for the client, 195.131.195.2 is the client IP address and 195.131.195.3 is the broadcast. By the same analogy, we split the remaining two grids and get:
Network number two: 195.131.195.4/30
Network number three: 195.131.195.8/30
Now we create a config on the cisco router:
Config for Cisco ready. Let's create a similar scheme only on the Debian router, for this we edit the file / etc / network / interfaces
Let's prepare the switch to which our virtual clients will be connected:
1 port on the commutator will be in switchport access vlan 200 mode
Port 2 - switchport access vlan 201
Port 3 - switchport access vlan 202
')
Everything is working.
To do this, we make the following changes to the cisco router. Hang our public network on loopback 200, as follows:
Now fix client interfaces
And the final stage. We need to pull only one IP out of our large network and provide it to the client. We do this with the help of ip route:
Now for clients, the settings for Internet output are required: IP: 195.131.195.X, MASK: 255.255.255.0, and the default gateway is 195.131.195.1.
Feel the difference? =)
And what to do with our Debian router? It's simple. Let's change our config as follows. And that's what.
Let's create lo1 and hang our public network on it.
Now we fix the client VLANs in the following way:
And use ip route:
That's all.
When using this type of routing, it is not necessary to divide the network of globally routable ip addresses into small ones with a mask / 30 or / 31. For example, it is enough to assign a class C network (/ 24) to the loopback interface, and to client interfaces to indicate that all processing of IP packets will be performed with the address assigned to the loopback interface. Thus, you get a rational use of IP addresses.
Consider now the above in practice.
Input data
- Public network of class C IP addresses - 195.131.195.0/24 (subnet mask 255.255.255.0)
- Cisco router 2811 series, with two Fast Ethernet interfaces.
- Managed switch L2, cisco catalyst 2950
- Router based on Debian 2.6.18
- On the Debian router, the vconfig package is installed, which is responsible for creating the VLAN. The interface on which the VLAN will be created is eth1
Formulation of the problem
It is necessary to create 3 VLANs, for servicing three subscribers and provide each with a public IP address from the 195.131.195.0/24 network.
Part one. What would you do without ip unnumbered?
What would we do if we didn't use ip unnumbered? We would divide our network into smaller ones, for example, into networks with a dimension of / 30, that is, a subnet mask of 255.255.255.252. And so, three clients, three networks:
Network number one: 195.131.195.0/30
Where: 195.131.195.0 is the network identifier, 195.131.195.1 is the IP that acts as a gateway for the client, 195.131.195.2 is the client IP address and 195.131.195.3 is the broadcast. By the same analogy, we split the remaining two grids and get:
Network number two: 195.131.195.4/30
Network number three: 195.131.195.8/30
Now we create a config on the cisco router:
interface FastEthernet0/1.200
description Client-1 //
encapsulation dot1Q 200 // dot1Q VID VLAN
ip address 195.131.195.1 255.255.255.252 // IP
!
interface FastEthernet0/1.201
description Client-2 //
encapsulation dot1Q 201
ip address 195.131.195.5 255.255.255.252 // IP
!
interface FastEthernet0/1.202
description Client-3 //
encapsulation dot1Q 202 // dot1Q VID VLAN
ip address 195.131.195.9 255.255.255.252 // IP
!
Config for Cisco ready. Let's create a similar scheme only on the Debian router, for this we edit the file / etc / network / interfaces
## Client 1
auto vlan200
iface vlan200 inet static
address 195.131.195.1
netmask 255.255.255.252
vlan_raw_device eth1
## Client 2
auto vlan201
iface vlan201 inet static
address 195.131.195.5
netmask 255.255.255.252
vlan_raw_device eth1
## Client 3
auto vlan202
iface vlan202 inet static
address 195.131.195.9
netmask 255.255.255.252
vlan_raw_device eth1
Let's prepare the switch to which our virtual clients will be connected:
1 port on the commutator will be in switchport access vlan 200 mode
Port 2 - switchport access vlan 201
Port 3 - switchport access vlan 202
')
Everything is working.
Part two. We translate our scheme to ip unnumbered.
To do this, we make the following changes to the cisco router. Hang our public network on loopback 200, as follows:
interface Loopback200
ip address 195.131.195.1 255.255.255.0
no ip redirects
Now fix client interfaces
interface FastEthernet0/1.200
description Client-1
encapsulation dot1Q 200
ip unnumbered Loopback200 // loopback 200,
ip virtual-reassembly //
!
interface FastEthernet0/1.201
description Client-2
encapsulation dot1Q 201
ip unnumbered Loopback200 // loopback 200,
ip virtual-reassembly //
!
interface FastEthernet0/1.202
description Client-3
encapsulation dot1Q 202
ip unnumbered Loopback200 // loopback 200,
ip virtual-reassembly //
And the final stage. We need to pull only one IP out of our large network and provide it to the client. We do this with the help of ip route:
ip route 195.131.195.2 255.255.255.255 FastEthernet0/1.200 // 1
ip route 195.131.195.3 255.255.255.255 FastEthernet0/1.201 // 2
ip route 195.131.195.4 255.255.255.255 FastEthernet0/1.202 // 3
Now for clients, the settings for Internet output are required: IP: 195.131.195.X, MASK: 255.255.255.0, and the default gateway is 195.131.195.1.
Feel the difference? =)
And what to do with our Debian router? It's simple. Let's change our config as follows. And that's what.
Let's create lo1 and hang our public network on it.
auto lo1
allow-hotplug lo1
iface lo1 inet static
address 195.131.195.1
netmask 255.255.255.0
network 195.131.195.0
Now we fix the client VLANs in the following way:
## Client 1
auto vlan200
iface vlan200 inet static
address 0.0.0.0
netmask 0.0.0.0
vlan_raw_device eth1
## Client 2
auto vlan201
iface vlan201 inet static
address 0.0.0.0
netmask 0.0.0.0
vlan_raw_device eth1
## Client 2
auto vlan202
iface vlan202 inet static
address 0.0.0.0
netmask 0.0.0.0
vlan_raw_device eth1
And use ip route:
ip ro add 195.131.195.2 dev vlan200 src 195.131.195.1 // 1
ip ro add 195.131.195.3 dev vlan200 src 195.131.195.1 // 2
ip ro add 195.131.195.4 dev vlan200 src 195.131.195.1 // 3
That's all.
Source: https://habr.com/ru/post/71689/
All Articles