# **Настройка сетевых адаптеров в eve-ng** ## **Статическая маршрутизация** # 1. настройка микротика - настройка интерфейсов ```mikrotik= ip address add address=10.0.0.12/24 interface ether1 ``` - посмотреть интерфейсы ```mikrotik= ip route print ``` - добавление маршрута ```mikrotik= ip route add gateway=10.0.0.17 dst-address=10.0.1.0/24 ``` - отключение DHCP ```mikrotik= / #для выхода ip dhcp-client remove 0 ``` ```mikrotik= ip route add dst-address=0.0.0.0/0 gateway 10.0.0.17 ``` в микротике удаляем 0.0.0.0 и 10.0.1.0, а затем просто добавляем 192.168.0.0/16 add dst-address=192.168.0.0/16 gateway 10.0.0.17 # 2. настройка debian машинки ```bash= ip a #для просмотра интерфейсов nano /etc/network/interfaces ``` ```bash= ### прописываем интерфейсы *auto ens3 iface ens3 inet static address 10.0.1.17/24 auto ens4 iface ens4 inet static address 10.0.0.17/24* ### ``` ```bash= systemctl restart networking ``` - включениие маршрутизации ```bash= nano /etc/sysctl.conf ``` раскомментируем строчку ```bash= net.ipv4.ip_forvard=1 ``` просмотр конфигурации ```bash= cat /proc/sys/net/ipv4/ip_forvard ``` включение конфигурации ```bash= sysctl -p ``` ```bash= ip route 192.168.0.0/16 via 10.0.1.4 ip route del 192.168.0.0/16 ``` # 3. настройка cisco ### настройка роутера ```cisco= en conf t hostname C-R-4 int e0/1 ip add 10.0.1.4 255.255.255.0 no sh int e/2 ip add 10.0.3.4 255.255.255.0 no sh int e0/0 ip add 10.0.2.4 255.255.255.0 no sh ``` ```cisco= conf t int e0/2.10 encapsulation dot1q 10 ip add 192.168.10.254 255.255.255.0 ``` - добавление маршрута ```cisco= conf t ip route 10.0.0.0 255.255.255.0 10.0.1.17 ``` - просмотр маршрутов ```cisco= show ip route ``` ### настройка switch - настройка trunk ```cisco= en conf t int e0/0 switchport trunk encapsulation dot1q switchport mode trunk ``` - настройка VLAN ```cisco= int e0/3 switchport mode access switchport access vlan 10 int e0/2 switchport mode access switchport access vlan 20 int e0/1 switchport mode access switchport access vlan 30 ``` - настройка виртуального компьютера ``` ip 192.168.10.20/24 192.168.10.254 ``` ## **Динамическая маршрутизация** # **OSPF** - **настраиваем интерфейсы на устройствах** M-R-7 ``` system identity set name=M-R-7 ip address add interface=ether1 address 13.0.2.7/24 add interface=ether2 address 12.0.2.7/24 add interface=ether3 address 13.0.2.7/24 add interface=ether4 address 13.0.2.7/24 add interface=ether5 address 13.0.2.7/24 add interface=ether6 address 13.0.2.7/24 ip dhcp-client remove 0 ``` M-R-8 ``` system identity set name=M-R-8 ip add add interface=ether1 address=11.0.6.8/24 add interface=ether2 address=11.0.3.8/24 add interface=ether3 address=11.0.2.8/24 ip dhcp-client remove 0 ``` M-R-10 ``` system identity set name=M-R-10 ip add add interface=ether1 address=11.0.4.10/24 add interface=ether2 address=11.0.1.10/24 ip dhcp-client remove 0 ``` C-R-3 ``` en conf t int e0/1 ip add 11.0.1.3 255.255.255.0 int e0/2 ip add 11.0.2.3 255.255.255.0 int e0/0 ip add 11.0.5.3 255.255.255.0 ``` C-R-5 ``` en conf t int e0/1 ip add 11.0.4.5 255.255.255.0 int e0/0 ip add 11.0.3.5 255.255.255.0 ``` - **настраиваем OSPF** M-R-7 ``` /routing ospf export #для просмотра конфигурации instance set numbers=0 redistribute-connected=as-type-1 .. network add area=backbone network=11.0.5.0/24 add area=backbone network=11.0.6.0/24 ``` M-R-8 ``` /routing ospf export #для просмотра конфигурации instance set numbers=0 redistribute-connected=as-type-1 .. network add area=backbone network=11.0.6.0/24 add area=backbone network=11.0.2.0/24 add area=backbone network=11.0.3.0/24 ``` C-R-3 ``` conf t router ospf 1 network 11.0.5.0 255.255.255.0 area 0 network 11.0.2.0 255.255.255.0 area 0 network 11.0.1.0 255.255.255.0 area 0 redistribite connected ``` ``` sh run ``` M-R-10 ``` /routing ospf export #для просмотра конфигурации instance set numbers=0 redistribute-connected=as-type-1 .. network add area=backbone network=11.0.1.0/24 add area=backbone network=11.0.4.0/24 ``` C-R-5 ``` conf t router ospf 1 network 11.0.4.0 255.255.255.0 area 0 network 11.0.3.0 255.255.255.0 area 0 redistribite connected ``` - **настраиваем iBGP** C-R-2 ``` conf t int e0/0 ip add 12.0.5.2 255.255.255.0 int e0/1 ip add 12.0.1.2 255.255.255.0 int e0/2 ip add 12.0.2.2 255.255.255.0 ``` M-R-9 ``` system identity set name=M-R-9 ip add add interface=ether1 address=12.0.6.8/24 add interface=ether2 address=12.0.3.8/24 add interface=ether3 address=12.0.2.8/24 ip dhcp-client remove 0 ``` C-R-6 ``` conf t int e0/0 ip add 12.0.1.2 255.255.255.0 int e0/1 ip add 12.0.4.2 255.255.255.0 ``` M-R-11 ``` system identity set name=M-R-11 ip add add interface=ether1 address=12.0.3.8/24 add interface=ether2 address=12.0.4.8/24 ip dhcp-client remove 0 ``` - - - - - - - C-R-2 ``` conf t router bgp 100 neighbor 12.0.5.7 remote-as 100 neighbor 12.0.2.9 remote-as 100 neighbor 12.0.1.6 remote-as 100 redistribute connected ``` C-R-6 ``` conf t router bgp 100 neighbor 12.0.1.2 remote-as 100 neighbor 12.0.4.11 remote-as 100 redistribute connected ``` M-R-11 ``` /routing bgp export #для просмотра конфигурации instance set numbers=0 as=100 redistribute-connected=yes .. peer add remote-as=100 remote-address=12.0.4.6 add remote-as=100 remote-address=12.0.3.9 ``` M-R-9 ``` /routing bgp export #для просмотра конфигурации instance set numbers=0 as=100 redistribute-connected=yes .. peer add remote-as=100 remote-address=12.0.2.2 add remote-as=100 remote-address=12.0.3.11 add remote-as=100 remote-address=12.0.6.7 ``` M-R-7 ``` /routing bgp export #для просмотра конфигурации instance set numbers=0 as=100 redistribute-connected=yes .. peer add remote-as=100 remote-address=12.0.5.2 add remote-as=100 remote-address=12.0.6.9 ``` атака fake-router ``` en conf t int e0/0 ip add 11.0.4.250 255.255.255.0 no sh int e0/1 ip add 8.8.8.9 255.255.255.0 no sh ``` kali ip = 8.8.8.8 255.255.255.0 8.8.8.9 fake router ``` roiter ospf 1 network 11.0.4.0 255.255.255.0 area 0 redistribute connected ```