3.7 RIPv1中的主机路由现象
提要描述
由于RIP v1不支持发送子网掩码,所以只能依靠自己接口的掩码和接受到的路由条目进行”与”运算,来得出路由条目安装到路由表中。产生RIPv1主机路由现象其实很多时候是人为做成的,例如:IP地址的规划不当、网络结构不完善、网络合并或者迁移等。一般在RIPv1接收更新时出现主机路由现象就以下两种情况:
1:如果在同一主网的子网通告,采用接收接口的掩码更新安装进路由表,如果收到子网通告主机位不为零,则以/32主机路由方式安装进路由表,并通告给下一跳路由器。
2:如果在不同主网的子网通告,如果在路由表里已经存在对应子网,则忽略该更新。如果在路由表里不存在,则以主类网络号安装进路由表,或者以/32主机路由的方式安装进路由表(当接收接口为unnumbered link 时)。
实验目标:调试分析主机路由的现象,验证上面的两种情况
↓调试配置及监测步骤↓
(实验1)正常配置的情况
R1的配置
R2的配置
!
hostname R1
!
interface Serial1/1
ip address 192.168.1.33 255.255.255.240
no shut
!
router rip
network 192.168.1.0
!
!
hostname R2
!
interface Serial1/0
ip address 192.168.1.34 255.255.255.240
no shut
!
interface Serial1/1
ip address 192.168.1.17 255.255.255.240
no shut
!
router rip
network 192.168.1.0
!
R3的配置
!
hostname R3
!
interface Serial1/0
ip address 192.168.1.18 255.255.255.240
no shut
!
router rip
network 192.168.1.0
!
接口互通后,在各台路由协议中启用RIP查看R1的路由表
R1#show ip route
192.168.1.0/28 is subnetted, 2 subnets
C 192.168.1.32 is directly connected, Serial1/1
R 192.168.1.16 [120/1] via 192.168.1.34, 00:00:09, Serial1/1
此时正常显示192.168.1.16/28网段的路由信息,没有问题。
(实验2) 出现主机路由的情况
R1的配置
R2的配置
!
hostname R1
!
interface Serial1/1
ip address 192.168.1.33255.255.255.224
no shut
!
router rip
network 192.168.1.0
!
!
hostname R2
!
interface Serial1/0
ip address 192.168.1.34 255.255.255.240
no shut
!
interface Serial1/1
ip address 192.168.1.17 255.255.255.240
no shut
!
router rip
network 192.168.1.0
!
R3的配置
!
hostname R3
!
interface Serial1/0
ip address 192.168.1.18 255.255.255.240
no shut
!
router rip
network 192.168.1.0
!
配置内容和同实验1差不多,只是R1的S1/1接口的地址改为/27的掩码
查看R1的路由表
R1#show ip route
192.168.1.0/24 is variably subnetted, 3 subnets, 3 masks
C 192.168.1.32/27 is directly connected, Serial1/1
R 192.168.1.16/32 [120/1] via 192.168.1.34, 00:00:21, Serial1/1
R1#debug ip rip
*Mar 22 21:08:39.995: RIP: received v1 update from 192.168.1.34 on Serial1/1
*Mar 22 21:08:39.999: 192.168.1.16 in 1 hops
可以发现与正常配置的情况相比,192.168.1.16/28网段的路由信息变为了一条192.168.1.16/32的主机路由,
首先总结一下:为什么R1会学到主机路由?当R1 收到R2发送过来的路由更新时,是192.168.1.16;由于RIPv1的更新报文中没有子网掩码,所以只能依靠自己接口的掩码和接受到的路由条目进行”与”运算,在主网络号一致的情况下,对比其主机位,结果不为零,这个地址不是/27位掩码的子网,所以会被认为是主机路由。
主机位进行“与”运算
转换成二进制
收的网络
192.168.1.16
16
10000
接口掩码
255.255.255.224
224
111
00000
(实验3) 出现主机路由的情况
R1的配置
R2的配置
!
interface Serial1/1
ip address 10.1.1.1 255.128.0.0
no shut
!
router rip
network 10.0.0.0
!
!
interface Serial1/0
ip address 10.1.1.2 255.128.0.0
no shut
!
interface Serial1/1
ip address 10.128.0.1 255.192.0.0
no shut
!
router rip
network 10.0.0.0
!
R3的配置
!
interface Loopback0
ip address 10.224.0.1255.224.0.0
!
interface Serial1/0
ip address 10.128.0.2255.224.0.0
no shut
!
router rip
network 10.0.0.0
!
完成配置后查看个路由表:
R1#show ip route
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/9 is directly connected, Serial1/1
R 10.224.0.0/32 [120/2] via 10.1.1.2, 00:00:26, Serial1/1
R2#show ip route
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
C 10.0.0.0/9 is directly connected, Serial1/0
C 10.128.0.0/10 is directly connected, Serial1/1
R 10.224.0.0/32 [120/1] via 10.128.0.2, 00:00:16, Serial1/1
R3#show ip route
10.0.0.0/11 is subnetted, 2 subnets
C 10.128.0.0 is directly connected, Serial1/0
C 10.224.0.0 is directly connected, Loopback0
从路由表可以看到的R1、R2路由表中依然有主机路由,但是可以发现一个新的现象:因为R2的掩码不一致,导致了R2不能正确的发布路由,看R2上debug命令的输出:
R2#debug ip rip
*Mar 22 22:12:20.199: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (10.128.0.1) #----发往R3的方向
*Mar 22 22:12:20.199: RIP: build update entries - suppressing null update
*Mar 22 22:12:20.931: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (10.1.1.2) #----发往R1的方向
*Mar 22 22:12:20.931: RIP: build update entries
*Mar 22 22:12:20.935: subnet 10.224.0.0 metric 2
R2#
*Mar 22 22:12:27.779: RIP: received v1 update from 10.128.0.2 on Serial1/1
*Mar 22 22:12:27.783: 10.224.0.0 in 1 hops
可以看到R2没有向R1通告10.128.0.0网段,也没有向R3通告10.0.0.0网段,因为R2接口都处于一个主类网络,就没有网络边界的概念,而且掩码不一致。
如果将R2的S1/1改为9.128.0.1/10,并且通告9.0.0.0网段,可以看到如下结果:
R2(config)#int s1/1
R2(config-if)#ip address 9.128.0.1 255.192.0.0
R2(config)#router rip
R2(config-router)#network 9.0.0.0
R2#debug ip rip
*Mar 22 22:23:23.203: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (10.1.1.2) #----发往R1的方向
*Mar 22 22:23:23.203: RIP: build update entries
*Mar 22 22:23:23.207: network 9.0.0.0 metric 1
R2#
*Mar 22 22:23:34.047: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (9.128.0.1) #----发往R3的方向
*Mar 22 22:23:34.047: RIP: build update entries
*Mar 22 22:23:34.051: network 10.0.0.0 metric 1
可以看到R2正常发送了路由更新,所以总结以下:在RIP中
(1) 如果接口的IP地址是在相同的主类网络子网中,子网掩码不一致,会导致路由信息发布失败。
(2) 如果接口的IP地址是在不同的主类网络子网中,子网掩码不一致,路由通告正常,且正常汇总。
(实验4)出现主机路由的情况
R1的配置
R2的配置
!
hostname R1
!
interface FastEthernet0/0
ip address 10.10.10.1 255.255.255.0
no shut
!
interface Serial1/1
ip unnumbered FastEthernet0/0
no shut
!
router rip
network 10.0.0.0
!
!
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
ip address 10.10.20.1 255.255.255.0
no shut
!
interface Serial1/0
ip unnumbered Loopback0
no shut
!
router rip
network 2.0.0.0
network 10.0.0.0
!
完成配置之后看看各个路由器的路由表:
R1#show ip route
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R 2.2.2.0/32 [120/1] via 2.2.2.2, 00:00:19, Serial1/1
R 2.0.0.0/8 [120/1] via 2.2.2.2, 00:00:19, Serial1/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
R2#show ip route
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R 10.10.10.0/32 [120/1] via 10.10.10.1, 00:00:13, Serial1/0
C 10.10.20.0/24 is directly connected, FastEthernet0/0
当接收接口为unnumbered link 时, 学到的路由条目以/32主机路由的方式安装进路由表。
看看R1、R2的debug信息:
R1#debug ip rip
R1#
*Mar 22 22:47:29.255: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (10.10.10.1)
*Mar 22 22:47:29.255: RIP: build update entries
*Mar 22 22:47:29.259: network 10.0.0.0 metric 1
*Mar 22 22:47:29.259: subnet 10.10.10.0 metric 1
R1#
*Mar 22 22:47:35.335: RIP: ignored v1 update from bad source 10.10.20.1 on FastEthernet0/0 #忽略错误的更新源
R1#
*Mar 22 22:47:52.179: RIP: received v1 update from 2.2.2.2 on Serial1/1
*Mar 22 22:47:52.183: 2.0.0.0 in 1 hops
*Mar 22 22:47:52.183: 2.2.2.0 in 1 hops
*Mar 22 22:47:52.183: 10.0.0.0 in 1 hops
R2#debug ip rip
*Mar 22 22:47:56.095: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (2.2.2.2)
*Mar 22 22:47:56.095: RIP: build update entries
*Mar 22 22:47:56.099: network 2.0.0.0 metric 1
*Mar 22 22:47:56.099: subnet 2.2.2.0 metric 1
*Mar 22 22:47:56.099: network 10.0.0.0 metric 1
*Mar 22 22:47:56.631: RIP: ignored v1 update from bad source 10.10.10.1 on FastEthernet0/0
R2#
*Mar 22 22:48:00.703: RIP: received v1 update from 10.10.10.1 on Serial1/0
*Mar 22 22:48:00.707: 10.0.0.0 in 1 hops
*Mar 22 22:48:00.707: 10.10.10.0 in 1 hops
R2#
从R1、R2的debug信息可以看到,当使用无编号IP地址的时候,RIP会对数据来源的合法性进行检查,要么不用要么2边都用,其实无编号IP地址不是没有地址,只是用其它地址来代替或者说是借用(可以节省地址,有时不会因为用到2个地址而浪费一个网段),但是借用的也必须在同一网段。
同时可以看到R1、R2都忽略错误的更新源,这是因为R1、R2的Fa0/0的接口地址不在同一个子网,所以大家都不会从错误的源接受RIPv1的更新了。
当然,如果想在不同子网,也能够接收路由的话,我们可以使用命令no validate-update-source,就可以使Fa0/0口接收路由了:
R1(config)#router rip
R1(config-router)#no validate-update-source
R2(config)#router rip
R2(config-router)#no validate-update-source
R1#debug ip rip
*Mar 22 23:10:44.387: RIP: received v1 update from 10.10.20.1 on FastEthernet0/0
*Mar 22 23:10:44.391: 2.0.0.0 in 1 hops
R2# debug ip rip
*Mar 22 23:11:33.015: RIP: received v1 update from 10.10.10.1 on FastEthernet0/0
*Mar 22 23:11:33.019: 2.0.0.0 in 2 hops
*Mar 22 23:11:33.019: 10.0.0.0 in 2 hops
对比前面的debug信息,可以看到现在接受路由信息,不再忽略了。