📌
JANOG50 NETCON 問題1-2解説
問題文
ルーティングを勉強中のAさんは図でvIOS3のルーターを買い替え、設定をし直しました。
すると、今までは通っていたVPC1とVPC2同士のpingが通らなくなってしまいました。
Aさん:「サブネットマスクはしっかり設定してるし、ポートも全部空いていることを確認しているのに…」
VPC1とVPC2同士のpingが通るようにして、Aさんを助けてあげてください。
解決条件: VPC1にて「ping 192.168.11.101 」を実行し、疎通できること。
トポロジー図
VM上のNW構成図
コンフィグ概要
Config_vIOS1
Config_vIOS1
!
version 15.9
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
no shutdown
ip address 192.168.0.254 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no shutdown
ip address 192.168.10.254 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 192.168.11.0 255.255.255.0 192.168.0.253
!
ipv6 ioam timestamp
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end
Config_vIOS2
Config_vIOS2
!
version 15.9
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
no shutdown
ip address 192.168.0.253 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no shutdown
ip address 192.168.1.253 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 192.168.10.0 255.255.255.0 192.168.0.254
ip route 192.168.11.0 255.255.255.0 192.168.1.252
!
ipv6 ioam timestamp
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end
Config_vIOS3
Config_vIOS3
!
! Last configuration change at 13:25:41 UTC Thu Jun 30 2022
!
version 15.9
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
no shutdown
ip address 192.168.1.252 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no shutdown
ip address 192.168.10.252 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no shutdown
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 192.168.10.0 255.255.255.0 192.168.1.253
!
ipv6 ioam timestamp
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end
Config_VPC1
ip 192.168.10.100 192.168.10.254 24
Config_VPC2
ip 192.168.11.101 192.168.11.252 24
制限事項/注意事項
VPCからquitで出るとVM側で電源を落としてしまい、採点ができなくなるので注意。
telnet経由でログインしているため、"Ctrl + ]"からtelnetのコンソールに入り、"q"でtelnet接続を切れます。
もし落としてしまった場合はNETCON委員が対応します。
問題解説
まず、機器の接続状況をpingコマンドで確認します。
VPC1からVPC2までの遠い順番でpingを送っていくと、vIOS3のgi0/0までは疎通できることが分かります。
vIOS3のインターフェース情報をshowコマンドを使用して確認します
show ip interface brief
vIOS3#show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.1.252 YES NVRAM up up
GigabitEthernet0/1 192.168.10.252 YES manual up up
GigabitEthernet0/2 unassigned YES NVRAM administratively down down
GigabitEthernet0/3 unassigned YES NVRAM administratively down down
vIOS3#
結果から、vIOS3のGi0/1のセグメントが192.168.10.0/24 になっていることが分かります。
どうやら此処が疎通できない原因のようです
VPC2に設定されているデフォルトゲートウェイは「192.168.11.252」であるため、以下のようにip addressを設定し直します。
回答例
vIOS3#conf t
vIOS(config)#int gi 0/1
vIOS(config-if)#no ip address 192.168.10.252 255.255.255.0
vIOS(config-if)#ip address 192.168.11.252 255.255.255.0
vIOS(config-if)#end
最後に VPC1からVPC2に対して、pingが正常に通ることを確認します。
確認コマンド
VPCS> ping 192.168.11.101
84 bytes from 192.168.10.100 icmp_seq=1 ttl=61 time=21.158 ms
84 bytes from 192.168.10.100 icmp_seq=2 ttl=61 time=5.468 ms
84 bytes from 192.168.10.100 icmp_seq=3 ttl=61 time=6.640 ms
84 bytes from 192.168.10.100 icmp_seq=4 ttl=61 time=9.269 ms
84 bytes from 192.168.10.100 icmp_seq=5 ttl=61 time=6.702 ms
VPCS>
問題なくVPC1からVPC2に対してpingが通っているため、問題解決となります。
Discussion