一、RIP协议的处理是通过UDP 520端口来操作的。所有的RIP消息都被封装在UDP用户数据报协议中,源和目的的端口字段的值被设置为520。RIP定义了两种消息类型:请求消息(request messages)和响应消息(response messages)。请求消息用来向邻居路由器发送一个更新(update),响应消息用来传送路由更新。RIP的度量是基于“跳”数(hop count)的,1跳表示是与发出通告的路由器直连网络,16跳表示不可达的网络。
RIP从每个启用RIP协议的接口广播出带有请求消息的数据包,接着,RIP程序进入一个循环状态,不断地侦听来自其他路由器的RIP请求或响应消息,而接收请求的邻居路由器则回送包含它们的路由表的响应消息。
二、RIP协议的特点
1)RIP属于内部网关协议(IGP),是Distance-Vector协议。
2)RIP是基于UDP的,源目的端口号为520。
3)周期性以广(组)播向邻居发送更新。
4)做完整更新,将整个路由表的信息传递给邻居。
5)Metric(度量值)只跟跳数有关。
6)只支持等价的负载均衡
三、RIP属于DV协议,如下可解决DV环路问题
1)最大跳数(Defining a Maximum) 16跳;指定最大跳数来防止路由回环。
2)水平分割(Split Horizon) 从一个接口收到的路由不再从此接口发出。
3)毒性逆转(Route Poisoning) 将不可达路由直接设成Infinity(16跳)。
4)保持失效定时器(Holddown Timers) 所有邻居都将此路由“冻结”。
如在“冻结”期内该路由恢复,继续采纳该路由
如在“冻结”期收到更好的路由,将采纳更好的路由
如在“冻结”期收到更差的路由,不采纳该路由
5)触发更新(Triggered Updates) 避免周期性更新占用带宽,只有当拓扑变化时才发送更新。
四、RIP协议的三个版本
1)RIPv1
以广播地址255.255.255.255发送更新;路由在跨越主类网络边界(一个路由器上有多个主类网段才是主类网络边界)时,会自动汇总成主类网络;不支持VLSM,更新时不携带掩码信息。
在CISCO路由器上,运行RIP后,默认即不是V1版也不是V2版,而是一种特殊状态,发送的是V1版本,接收V1、V2两个版本。
2)RIPv2
以组播地址224.0.0.9发送更新; 默认情况下路由在跨越主类网络边界时,还是会自动汇总,但是也可以关闭自动汇总,进行手动汇总;RIPv2支持VLSM,更新发送时携带掩码信息;正常情况下,RIPv2是发送组播更新,但可通过在接口下配置强制让RIP使用广播更新;RIPv2支持明文以及MD5认证。
3)RIPv3是为IPv6设计的。
注:通过在接口下设置可实现RIPv1和RIPv2版的兼容性;如设定接口只发送出V1版的更新;或设定接口只接收V2版的更新;或设定接口同时发送V1和V2版的更新。
在RIP协议中,如果一个接口被设定为被动接口,这个接口将不能向外发送路由更新,不过还可以接收对端发送过来的路由更新。
五、RIP计时器(RIP Timer)
1)Update(30S) 随机变量是更新周期的15%,即4.5S(25.5S-30S)
2)Invalid(180S) 180S后置为Possible Down,之后立即启动hold Down计时器。
3)Hold Down(180S) 实际只用到60S。
4)Flush(240S) 240S还没收到路由更新,才将此路由删除。
六、理论这么多了,上个拓扑图,实现以下需求
1、R1,R2,R3,R4运行RIPV2
2、R1以广播的形式发送路由给12.1.1.0网段
3、R5运行RIPV1
4、R1,R2,R4所在的12.1.1.0网段进行MD5认证
5、R1要求看到所有明细路由
6、R3要看到一条20.1.0.0/16汇总路由
7、R1,R3之间尽量少的更新
8、R3,R5之间不能有广播和组播更新
9、R4上不能看到20.1.1.0 20.1.2.0 20.1.3.0的路由
10、R2上看到5.5.5.0的路由为10跳
11、R5向RIP通告一条黙认路由
-------------------------------------------------------------------------------------
R2(config)#interface loopback 1
R2(config-if)#ip address 20.1.1.2 255.255.255.0
R2(config)#interface loopback 2
R2(config-if)#ip address 20.1.2.2 255.255.255.0
R2(config)#interface Loopback3
R2(config-if)#ip address 20.1.3.2 255.255.255.0
R2(config)#int f0/0
R2(config-if)#ip add 12.1.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#duplex full
----------------------------------------------------
R4(config)#interface loopback 1
R4(config-if)#ip add 4.4.4.4 255.255.255.0
R4(config)#int f0/0
R4(config-if)#ip add 12.1.1.4 255.255.255.0
R4(config-if)#no shutdown
R4(config-if)#duplex full
----------------------------------------------------
R1(config)#int f0/0
R1(config-if)#ip add 12.1.1.1 255.255.255.0
R1(config-if)#no shutdown
R2(config-if)#duplex full
R1(config-if)#interface s1/1
R1(config-if)#ip add 13.1.1.1 255.255.255.0
R1(config-if)#no shutdown
----------------------------------------------------
R3(config)#int s1/1
R3(config-if)#ip add 13.1.1.3 255.255.255.0
R3(config-if)#no shut
R3(config-if)#int s1/0
R3(config-if)#ip add 35.1.1.3 255.255.255.0
R3(config-if)#no shutdown
----------------------------------------------------
R5(config)#interface loopback 1
R5(config-if)#ip add 5.5.5.5 255.255.255.0
R5(config)#int s1/0
R5(config-if)#ip add 35.1.1.5 255.255.255.0
R5(config-if)#no shutdown
按以上配置好后,使用ping 命令确保网络连通性正常。
-------------------------------------------------------------------------------------
1、R1、R2、R3、R4运行RIPV2
-------------------------------------------------------------------------------------
R2(config)#router rip #启用RIP协议
R2(config-router)#version 2 #启用RIPv2版本
R2(config-router)#network 20.0.0.0 #宣告主类网段
R2(config-router)#network 12.0.0.0
R2(config-router)#no auto-summary #不发自动汇总路由
----------------------------------------------------
R4(config)#router rip
R4(config-router)#version 2
R4(config-router)#no auto-summary
R4(config-router)#network 4.0.0.0
R4(config-router)#network 12.0.0.0
----------------------------------------------------
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 12.0.0.0
R1(config-router)#network 13.0.0.0
----------------------------------------------------
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#no auto-summary
R3(config-router)#network 13.0.0.0
R3(config-router)#network 35.0.0.0
-------------------------------------------------------------------------------------
2、R1以广播的形式发送路由给12.1.1.0网段
-------------------------------------------------------------------------------------
R1(config)#int f0/0
R1(config-if)#ip rip v2-broadcast #接口下以广播的形式发送版本2的更新
R1(config-if)#do debug ip rip #启用debug调试路由更新,可看到R1在F0/0口上使用广播更新
......
*Sep 6 20:36:08.895: RIP: sending v2 update to 255.255.255.255 via FastEthernet0/0 (12.1.1.1)
*Sep 6 20:36:08.895: RIP: build update entries
*Sep 6 20:36:08.895: 13.1.1.0/24 via 0.0.0.0, metric 1, tag 0
*Sep 6 20:36:08.895: 35.1.1.0/24 via 0.0.0.0, metric 2, tag 0
-------------------------------------------------------------------------------------
3、R5运行RIPV1
-------------------------------------------------------------------------------------
R5(config)#router rip
R5(config-router)#ver
R5(config-router)#version 1
R5(config-router)#network 5.0.0.0
R5(config-router)#network 35.0.0.0
此时在R5上查看路由只有直连接路由;其它路由器上没有R5的路由。原因是R5上运行的是v1版本(V1只收发运行V1路由),其它路由器上运行的是V2(V2只收发运行V2路由)
解决的方法是:在接口下控制发送接收的更新版本路由。可见后面明细路由时的配置。
-------------------------------------------------------------------------------------
4、R1,R2,R4所在的12.1.1.0网段进行MD5认证
-------------------------------------------------------------------------------------
R1(config)#key chain cisco #定义钥匙链名称,只有本地意义,路由器之间的key chain可以不同
R1(config-keychain)#key 1 #指定Key-ID值
R1(config-keychain-key)#key-string tgh #指定Key密码,路由器之间的Key-string要保持一致
R1(config-keychain-key)#exit
R1(config-keychain)#exit
R1(config)#int f0/0
R1(config-if)#ip rip authentication mode md5 #在接口下启用Md5认证方式(默认为明文)
R1(config-if)#ip rip authentication key-chain cisco #接口下调用钥匙链
----------------------------------------------------
R2(config)#key chain cisco
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string tgh #Key-string要保持一致
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#int f0/0
R2(config-if)#ip rip authentication mode md5
R2(config-if)#ip rip authentication key-chain cisco
----------------------------------------------------
R4(config)#key chain cisco
R4(config-keychain)#key 1
R4(config-keychain-key)#key-string tgh #Key-string要保持一致
R4(config-keychain-key)#exit
R4(config-keychain)#exit
R4(config)#int f0/0
R4(config-if)#ip rip authentication mode md5
R4(config-if)#ip rip authentication key-chain cisco
明文认证的匹配原则是:发送方发送最小的Key_ID的密钥(key-string),并且不带Key_ ID;接收方会和所有的key chain中的密钥(key-string)匹配,如果匹配成功,才能过认证。
MD5认证的匹配原则是:发送方发送最小的key_ID的密钥(key-string)并携带Key_ID号码;接收方会先去匹配具有相同的Key_ID的密钥,如果密钥相同,则只匹配一次,就可决定认证是否成功;如果没有相同的Key_ID,只向下查找一次Key_ID(只检查该Key_ID号中的密钥),匹配,认证成功;不匹配,认证失败。
注:RIP中每一个路由更新报文最大可包含25条路由,做了明文认证后只能包含24条,做了MD5认证后只能包含23条。
-------------------------------------------------------------------------------------
5、R1要求看到所有明细路由
-------------------------------------------------------------------------------------
R5(config)#router rip
R5(config-router)#no auto-summary #关闭汇总
R5(config)#int s1/0
R5(config-if)#ip rip send version 2 #接口模式下发送V2更新,此时其它路由器学到R5上的所有条目
R5(config-if)#ip rip receive version 2 #接口模式下接收V2更新,此时R5学到其它路由器上的所有路由
-------------------------------------------------------------------------------------
6、R3要看到一条20.1.0.0/16汇总路由
-------------------------------------------------------------------------------------
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
C 35.1.1.0 is directly connected, Serial1/0
4.0.0.0/24 is subnetted, 1 subnets
R 4.4.4.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1
20.0.0.0/24 is subnetted, 3 subnets
R 20.1.1.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1 #此时20段路由并没有汇总
R 20.1.3.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1
R 20.1.2.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 35.1.1.5, 00:00:15, Serial1/0
12.0.0.0/24 is subnetted, 1 subnets
R 12.1.1.0 [120/1] via 13.1.1.1, 00:00:12, Serial1/1
13.0.0.0/24 is subnetted, 1 subnets
C 13.1.1.0 is directly connected, Serial1/1
----------------------------------------------------
R1(config)#int s1/1
R1(config-if)#ip summary-address rip 20.1.0.0 255.255.0.0 #通过在R1的S1/1接口上手动汇总路由,如此可减少路由条目,并可节省内存开销
----------------------------------------------------
R3#clear ip route *
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
C 35.1.1.0 is directly connected, Serial1/0
4.0.0.0/24 is subnetted, 1 subnets
R 4.4.4.0 [120/2] via 13.1.1.1, 00:00:01, Serial1/1
20.0.0.0/16 is subnetted, 1 subnets #此时到的是一条20.1.0.0/16汇总路由
R 20.1.0.0 [120/2] via 13.1.1.1, 00:00:01, Serial1/1
12.0.0.0/24 is subnetted, 1 subnets
R 12.1.1.0 [120/1] via 13.1.1.1, 00:00:01, Serial1/1
13.0.0.0/24 is subnetted, 1 subnets
C 13.1.1.0 is directly connected, Serial1/1
-------------------------------------------------------------------------------------
7、R1,R3之间尽量少的更新
-------------------------------------------------------------------------------------
R3(config)#int s1/1 #触发更新是只在拓扑发生变化的情况下才发送路由更新信息,平时不会周期性发送路由更新
R3(config-if)#ip rip triggered #接口下开启触发更新,只适用在串行链路,且两边要同时开启,否则无效。有变化才更新,适合于低带宽链路
----------------------------------------------------
R1(config)#int s1/1
R1(config-if)#ip rip triggered
-------------------------------------------------------------------------------------
8、R3,R5之间不能有广播和组播更新
-------------------------------------------------------------------------------------
R3(config)#router rip
R3(config-router)#neighbor 35.1.1.5
R3(config-router)#passive-interface s1/0 #指定RIP以单播的形式发送更新给指定的邻居,passive只关闭广播和组播不能关闭单播
----------------------------------------------------
R5(config)#router rip
R5(config-router)#neighbor 35.1.1.3
R5(config-router)#passive-interface s1/0
-------------------------------------------------------------------------------------
9、R4上不能看到20.1.1.0 20.1.2.0 20.1.3.0的路由
-------------------------------------------------------------------------------------
R4(config)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:01, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback1
20.0.0.0/24 is subnetted, 3 subnets
R 20.1.1.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0
R 20.1.3.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0
R 20.1.2.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:01, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:07, FastEthernet0/0
----------------------------------------------------
R4(config)#rouer rip
R4(config-router)#distance 255 20.1.1.2 255.255.255.0 #通过将管理距离值设为255,从而使R4上不再有20.1.0.0段的路由
R4(config-router)#distance 255 20.1.2.2 255.255.255.0
R4(config-router)#distance 255 20.1.3.2 255.255.255.0
R4(config-router)#do clear ip route *
R4(config-router)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:06, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback1
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:06, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:06, FastEthernet0/0
#也可通过偏移列表实现。
-------------------------------------------------------------------------------------
10、R2上看到5.5.5.0的路由为10跳
-------------------------------------------------------------------------------------
R2(config-router)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:23, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
R 4.4.4.0 [120/1] via 12.1.1.4, 00:00:06, FastEthernet0/0
20.0.0.0/24 is subnetted, 3 subnets
C 20.1.1.0 is directly connected, Loopback1
C 20.1.3.0 is directly connected, Loopback3
C 20.1.2.0 is directly connected, Loopback2
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:23, FastEthernet0/0 #默认为3跳
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:19, FastEthernet0/0
----------------------------------------------------
R2(config)#access-list 1 permit 5.5.5.0 0.0.0.255 #使用偏移更表
R2(config)#router rip
R2(config-router)#offset-list 1 in 7 #由于默认为3跳,此处再偏移7跳即可
----------------------------------------------------
R2(config-router)#do clear ip route *
R2(config-router)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
35.0.0.0/24 is subnetted, 1 subnets
R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:04, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
R 4.4.4.0 [120/1] via 12.1.1.4, 00:00:04, FastEthernet0/0
20.0.0.0/24 is subnetted, 3 subnets
C 20.1.1.0 is directly connected, Loopback1
C 20.1.3.0 is directly connected, Loopback3
C 20.1.2.0 is directly connected, Loopback2
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/10] via 12.1.1.1, 00:00:04, FastEthernet0/0 #变为10跳
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:00, FastEthernet0/0
-------------------------------------------------------------------------------------
11、R5向RIP通告一条黙认路由
-------------------------------------------------------------------------------------
R5(config)#router rip
R5(config-router)#default-information originate #利用路由协议自动下发默认路由给所有路由器
R3(config-router)#do clear ip route *
R3(config-router)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 35.1.1.5 to network 0.0.0.0
35.0.0.0/24 is subnetted, 1 subnets
C 35.1.1.0 is directly connected, Serial1/0
4.0.0.0/24 is subnetted, 1 subnets
R 4.4.4.0 [120/2] via 13.1.1.1, 00:00:53, Serial1/1
20.0.0.0/16 is subnetted, 1 subnets
R 20.1.0.0 [120/2] via 13.1.1.1, 00:00:53, Serial1/1
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 35.1.1.5, 00:00:01, Serial1/0
12.0.0.0/24 is subnetted, 1 subnets
R 12.1.1.0 [120/1] via 13.1.1.1, 00:00:54, Serial1/1
13.0.0.0/24 is subnetted, 1 subnets
C 13.1.1.0 is directly connected, Serial1/1
R* 0.0.0.0/0 [120/1] via 35.1.1.5, 00:00:01, Serial1/0 #R1、R2、R3、R4上均有带R*的路由
#让RIP区域生成默认路由的方法有多种,上面只举一例。