Describes how the vro function enables fast intercommunication between hosts.

It is useful to know some of the router functions that we do not commonly use. Here we mainly analyze how the router functions enable fast intercommunication between hosts. In our daily work, people often cannot access each other because the assigned IP address is not in the same CIDR block, which makes data exchange between employees inconvenient.

Although the layer-3 switching routing technology VLAN can be used for data exchange, it is necessary to replace some existing network devices. Then, using existing network devices and a large number of practices and explorations, we have found a solution to this problem, that is, using IP Forwarding and Route router functions to achieve data exchange between different network segments. The network is divided into three network segments: 128.128.10.0, 10.232.193.0, and 10.232.194.0. In addition, the Unit is connected to the ddnleased line, and the Intranet Ethernet port address belongs to the 10.232.193.0 network segment, mutual access is not allowed, which makes it difficult for other network segments to access the Internet.

Adding a protocol is too troublesome.

If a workstation in the 10.232.193.0 CIDR Block wants to access the IP address of the database server in the 128.128.10.0 CIDR Block 128.128.10.1), it cannot be accessed directly through the TCP/IP protocol because it is not a CIDR block. Considering that the number of workstations that need to access the database server is small, we adopt the following method: assign a 128.128.128.10.0 IP address to the workstation that needs to access the database's 10.232.193.0 network segment, that is, add a TCP/IP protocol to each machine so that the machine has two IP addresses, so that it can simultaneously access the 10.232.193.0 and 128.128.10.0 network segments. The disadvantage of this method is that it occupies IP Address Resources, and each machine must be configured properly, which is troublesome. Configuring Route is much easier.

Simpler solution

We use an NT-ServerIP address 10.232.193.15) as an IP forwarder to provide a simple router function in the network, after configuration, multiple network segments can access each other and different network segments can access the Internet through the firewall. The configuration steps are as follows:

1. Set the gateway of the host on the 10.232.193.0 network segment to the internal address of the 10.232.193.5 firewall ).
2. Add a function from the firewall to the router on the firewall, that is, to access the 194 network segment, it can be forwarded by 10.232.193.15.
3. Specify the gateway as 10.232.193.5 on the IP forwarder, and establish two-way connection between the two gateway machines. In addition, add an IP address so that the machine is in both the 193 and 194 network segments.
4. Set the gateway of the host on the 10.232.194.0 CIDR block to 10.232.194.254. To access the IP address outside the CIDR block of 10.232.194.254, forward the IP address through 10.232.194.254.