华为gre隧道全部跑静态路由

最终实现：

1、pc1能用nat上网ping能pc3

2、pc1能通过gre访问pc2

3、全部用静态路由做，没有用ospf，如果要用ospf，那么两边除了路由器上跑ospf，核心交换机也得用ospf

r2配置：

acl number 3000

rule 5 deny gre //把要gre的数据先拿掉不做nat

rule 10 permit ip

interface GigabitEthernet0/0/0

ip address 100.0.0.2 255.255.255.0

nat outbound 3000 //上外网nat

interface GigabitEthernet0/0/1

ip address 10.0.0.1 255.255.255.0

interface GigabitEthernet0/0/2

interface Tunnel0/0/0

ip address 100.100.0.1 255.255.255.0

tunnel-protocol gre

keepalive

source 100.0.0.2

destination 200.0.0.2

gre key 6666

gre checksum

ip route-static 0.0.0.0 0.0.0.0 100.0.0.1 //外网默认路由

ip route-static 172.16.0.0 255.255.255.0 Tunnel0/0/0 100.100.0.2 //不指定下一跳不通

ip route-static 192.168.0.0 255.255.255.0 10.0.0.2 //内网回程路由

R3配置：

interface GigabitEthernet0/0/0

ip address 200.0.0.2 255.255.255.0

interface GigabitEthernet0/0/1

ip address 3.3.3.1 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

interface Tunnel0/0/0

ip address 100.100.0.2 255.255.255.0

tunnel-protocol gre

keepalive

source 200.0.0.2

destination 100.0.0.2

gre key 6666

gre checksum

ip route-static 0.0.0.0 0.0.0.0 200.0.0.1

ip route-static 172.16.0.0 255.255.255.0 3.3.3.3

ip route-static 192.168.0.0 255.255.255.0 Tunnel0/0/0 100.100.0.1