4台路由,连接方式以及IP分配(这样的网络规划的在现实中出现得少,但是在实验中需要特别小心):
一、能让R1ping通R3的环回测试接口并且配置的路由数目最少:
(分别在R1和R3上配置默认路由,在R2上为环回测试网络配置静态路由,共4条)
二、在R1、R2、R3上配置动态路由RIPV2,并手动汇总,使R2学到的子网最小:
(关闭自动汇总,在R1和R3的出口上进行手动汇总,并让汇总的子网最小)
具体配置:
在R1的S1/0和E0/0口上进行手动汇总:ip summary-address rip 10.0.8.0 255.255.248.0
此处我将10.0.10.0、10.0.11.0和10.0.12.0三个网络汇总成10.0.8.0/21的网络。
在R3的S1/0和E0/0口上进行手动汇总:ip summary-address rip 10.0.0.0 255.255.252.0
此处我将10.0.1.0、10.0.2.0和10.0.3.0三个网络汇总成10.0.0.0/22的网络。
分别查看R1和R3的路由
*********R1************************
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
C 10.0.10.0/24 is directly connected, Loopback0
C 10.0.11.0/24 is directly connected, Loopback1
R 10.0.0.8/30 [120/1] via 10.0.0.13, 00:00:14, Ethernet0/0
C 10.0.12.0/24 is directly connected, Loopback2
C 10.0.0.12/30 is directly connected, Ethernet0/0
C 10.0.0.0/30 is directly connected, Serial1/0
R 10.0.0.0/22 [120/2] via 10.0.0.13, 00:00:14, Ethernet0/0
[120/2] via 10.0.0.2, 00:00:16, Serial1/0
R 10.0.0.4/30 [120/1] via 10.0.0.2, 00:00:16, Serial1/0
*********R3************************
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
R 10.0.8.0/21 [120/2] via 10.0.0.10, 00:00:03, Ethernet0/0
[120/2] via 10.0.0.5, 00:00:05, Serial1/0
C 10.0.0.8/30 is directly connected, Ethernet0/0
R 10.0.0.12/30 [120/1] via 10.0.0.10, 00:00:03, Ethernet0/0
C 10.0.2.0/24 is directly connected, Loopback1
C 10.0.3.0/24 is directly connected, Loopback2
R 10.0.0.0/30 [120/1] via 10.0.0.5, 00:00:05, Serial1/0
C 10.0.1.0/24 is directly connected, Loopback0
C 10.0.0.4/30 is directly connected, Serial1/0
看起来有些乱,但是结合图还是容易理解的。
三、启用被动接口,并观察被动接口的作用:
(在R1上启用被动接口,并在其上用命令debug ip rip 观察包的发送和接受情况,也在R2上观察包的发送和接受情况)
在router模式下使用命令:passive-interface interface interface配置被动接口,之后可以打开:debug ip rip,能观察到被动接口只接收数据但不发送数据
注:只有将接口设成被动的,再指定邻居才发单播
四、在串行链路上,启用RIPV2的触发更新,并进行测试和观察:
(在R1和R2之间的接口上都启用触发更新,并且用命令debug ip rip观察当R1路由表改变的时候R2上产生的消息)
在接口模式下使用命令:ip rip triggered interface interface 配置接口,之后可以打开:debug ip rip,此时可以看到配置为触发更新的接口上没有数据传送。
在R2上加入一个本地环回接口(或地址),亦称回送地址(loopback address) ,这将引起R2的路由表发生变化,此时将触发R2把路由表发送给R1。
在没有设置触发更新时可以看到:
R1#
*Mar 1 00:13:52.031: RIP: received v2 update from 10.0.0.2 on Serial1/0
*Mar 1 00:13:52.031: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:13:52.035: 10.0.0.4/30 via 0.0.0.0 in 1 hops
R1#
*Mar 1 00:14:01.935: RIP: sending v2 update to 224.0.0.9 via Serial1/0 (10.0.0.1)
*Mar 1 00:14:01.935: RIP: build update entries
*Mar 1 00:14:01.935: 10.0.0.8/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:14:01.939: 10.0.0.12/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:14:01.939: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
只在R1上启用触发更新接口(只有当双方都启用触发更新时才起作用):
R1(config-if)#
*Mar 1 00:22:14.343: RIP: sending triggered request on Serial1/0 to 224.0.0.9
*Mar 1 00:22:14.703: RIP: sending v2 update to 224.0.0.9 via Ethernet0/0 (10.0.0.14)
*Mar 1 00:22:14.703: RIP: build update entries
*Mar 1 00:22:14.703: 10.0.0.0/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:22:14.703: 10.0.0.4/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:22:14.703: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
R1(config-if)#
*Mar 1 00:22:16.271: RIP: received v2 update from 10.0.0.2 on Serial1/0
*Mar 1 00:22:16.271: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:22:16.275: 10.0.0.4/30 via 0.0.0.0 in 1 hops
R1(config-if)#
*Mar 1 00:22:17.675: RIP: received v2 update from 10.0.0.13 on Ethernet0/0
*Mar 1 00:22:17.675: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:22:17.679: 10.0.0.8/30 via 0.0.0.0 in 1 hops
R1(config-if)#
*Mar 1 00:22:19.343: RIP: sending triggered request on Serial1/0 to 224.0.0.9
R1(config-if)#
*Mar 1 00:22:24.343: RIP: sending triggered request on Serial1/0 to 224.0.0.9
R1(config-if)#
*Mar 1 00:22:29.343: RIP: sending triggered request on Serial1/0 to 224.0.0.9
R1(config-if)#
*Mar 1 00:22:40.311: RIP: sending v2 update to 224.0.0.9 via Serial1/0 (10.0.0.1)
*Mar 1 00:22:40.311: RIP: build update entries
*Mar 1 00:22:40.311: 10.0.0.8/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:22:40.311: 10.0.0.12/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:22:40.311: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
R1(config-if)#
在R2上也启用触发更新后:
R1#debug ip rip
RIP protocol debugging is on
R1#
*Mar 1 00:24:58.547: RIP: sending v2 update to 224.0.0.9 via Ethernet0/0 (10.0.0.14)
*Mar 1 00:24:58.547: RIP: build update entries
*Mar 1 00:24:58.547: 10.0.0.0/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:24:58.551: 10.0.0.4/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:24:58.551: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
R1#
*Mar 1 00:25:05.363: RIP: received v2 update from 10.0.0.13 on Ethernet0/0
*Mar 1 00:25:05.363: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:25:05.367: 10.0.0.8/30 via 0.0.0.0 in 1 hops
R1#
*Mar 1 00:25:26.399: RIP: sending v2 update to 224.0.0.9 via Ethernet0/0 (10.0.0.14)
*Mar 1 00:25:26.399: RIP: build update entries
*Mar 1 00:25:26.399: 10.0.0.0/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:25:26.403: 10.0.0.4/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:25:26.403: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
R1#
*Mar 1 00:25:31.615: RIP: received v2 update from 10.0.0.13 on Ethernet0/0
*Mar 1 00:25:31.615: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:25:31.619: 10.0.0.8/30 via 0.0.0.0 in 1 hops
R1#undebug all
在此将看不到S1/0口上有信息传递
在R2上添加一个换回测试口loopback 0(10.0.20.0/24)(此时R2的路由表发生了变化)
此时将在R1上看到:
R1#
*Mar 1 00:28:51.379: RIP: received v2 triggered request from 10.0.0.2 on Serial1/0
*Mar 1 00:28:51.379: RIP: send v2 triggered flush update to 10.0.0.2 on Serial1/0
*Mar 1 00:28:51.383: RIP: build update entries
*Mar 1 00:28:51.383: route 3: 10.0.8.0/21 metric 1, tag 0
*Mar 1 00:28:51.383: route 6: 10.0.0.12/30 metric 1, tag 0
*Mar 1 00:28:51.387: route 16: 10.0.0.8/30 metric 2, tag 0
*Mar 1 00:28:51.387: RIP: Update contains 3 routes, start 3, end 20
*Mar 1 00:28:51.387: RIP: start retransmit timer of 10.0.0.2
*Mar 1 00:28:51.487: RIP: received v2 triggered ack from 10.0.0.2 on Serial1/0
flush seq# 1
R1#
*Mar 1 00:28:53.271: RIP: received v2 triggered update from 10.0.0.2 on Serial1/0
*Mar 1 00:28:53.271: RIP: sending v2 ack to 10.0.0.2 via Serial1/0 (10.0.0.1),
seq# 2
*Mar 1 00:28:53.275: 10.0.20.0/24 via 0.0.0.0 in 1 hops
R1#
*Mar 1 00:28:55.279: RIP: sending v2 flash update to 224.0.0.9 via Ethernet0/0 (10.0.0.14)
*Mar 1 00:28:55.279: RIP: build flash update entries
*Mar 1 00:28:55.279: 10.0.20.0/24 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:28:55.283: RIP: send v2 triggered update to 10.0.0.2 on Serial1/0
*Mar 1 00:28:55.283: RIP: build update entries
R1#
*Mar 1 00:29:12.103: RIP: sending v2 update to 224.0.0.9 via Ethernet0/0 (10.0.0.14)
*Mar 1 00:29:12.103: RIP: build update entries
*Mar 1 00:29:12.103: 10.0.0.0/30 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:29:12.107: 10.0.0.4/30 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:29:12.107: 10.0.8.0/21 via 0.0.0.0, metric 1, tag 0
*Mar 1 00:29:12.107: 10.0.20.0/24 via 0.0.0.0, metric 2, tag 0
*Mar 1 00:29:12.907: RIP: received v2 update from 10.0.0.13 on Ethernet0/0
*Mar 1 00:29:12.911: 10.0.0.0/22 via 0.0.0.0 in 2 hops
*Mar 1 00:29:12.911: 10.0.0.8/30 via 0.0.0.0 in 1 hops
R1#undebug all
到此触发更新实验完成。
五、实现全网互通,并且启用负载均衡:
由于RIPV2是基于跳数的,那么在此实验中R1到R2可以实现负载均衡,而且从路由信息里也可以看出:
*********R1************************
R 10.0.0.0/22 [120/2] via 10.0.0.13, 00:00:05, Ethernet0/0
[120/2] via 10.0.0.2, 00:00:15, Serial1/0
*********R3************************
R 10.0.8.0/21 [120/2] via 10.0.0.10, 00:00:03, Ethernet0/0
[120/2] via 10.0.0.5, 00:00:25, Serial1/0
具体的配置是:
Step1:
*********R1************************
R1(config)#no ip cef
R1(config)#int s1/0
R1(config-if)#no ip route-cache
R1(config-if)#int e0/0
R1(config-if)#no ip route-cache
*********R3************************
R3(config)#no ip cef
R3(config)#int s1/0
R3(config-if)#no ip route-cache
R3(config-if)#int e0/0
R3(config-if)#no ip route-cache
Step2:
那么在R1和R3上开启:R1#debug ip icmp、R3#debug ip icmp
Step3:
通过show ip route destination-ip 可以查看发往目的IP的信息
R1# show ip route 10.0.1.1
Routing entry for 10.0.0.0/22
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from 10.0.0.13 on Ethernet0/0, 00:00:16 ago
Routing Descriptor Blocks:
10.0.0.13, from 10.0.0.13, 00:00:16 ago, via Ethernet0/0
Route metric is 2, traffic share count is 1
* 10.0.0.2, from 10.0.0.2, 00:00:21 ago, via Serial1/0
Route metric is 2, traffic share count is 1
从加粗的部分可以看出发往每条路的数据包是每个交替进行的,那么普通的ping命令发送5个包就能看出效果了(注:如果需要发送多个包才能看出效果,可以用命令ping destination-ip repeat packet-counts)
Step4:
R1#ping 10.0.1.1
看到的分别是:
R1#
*Mar 1 01:39:19.795: ICMP: echo reply rcvd, src 10.0.1.1, dst 10.0.0.1
*Mar 1 01:39:19.863: ICMP: echo reply rcvd, src 10.0.1.1, dst 10.0.0.14
*Mar 1 01:39:19.891: ICMP: echo reply rcvd, src 10.0.1.1, dst 10.0.0.1
*Mar 1 01:39:19.931: ICMP: echo reply rcvd, src 10.0.1.1, dst 10.0.0.14
*Mar 1 01:39:19.955: ICMP: echo reply rcvd, src 10.0.1.1, dst 10.0.0.1
R1#
R3(config-if)#
*Mar 1 01:38:28.575: ICMP: echo reply sent, src 10.0.1.1, dst 10.0.0.1
*Mar 1 01:38:28.627: ICMP: echo reply sent, src 10.0.1.1, dst 10.0.0.14
*Mar 1 01:38:28.663: ICMP: echo reply sent, src 10.0.1.1, dst 10.0.0.1
*Mar 1 01:38:28.723: ICMP: echo reply sent, src 10.0.1.1, dst 10.0.0.14
*Mar 1 01:38:28.731: ICMP: echo reply sent, src 10.0.1.1, dst 10.0.0.1
R3(config-if)#
到此负载均衡的实验已经完成。
六、启用两台路由器之间的认证:
配置命令:
Router模式下:
key chain name ***name为钥匙的名称
key number ***number为钥匙的序号
key-string password ***password为要认证的密码,相互认证的路由器上必须相同
接口模式下:
ip rip authentication key chain name
ip rip authentication mode text/md5…
注:
l 认证不匹配不会接收更新,更新是会发送的,接收时忽视
l 认证是协议本身的,没起协议直连也是通的。没有理由因为协议认证不起来就不通,认证不起来只是说协议本身无法建立邻居,当然,对RIP来说只是无法相互传递路由条目。
l 在配置了邻居路由认证功能后,在路由器在两个邻居路由器之间交换时,认证就会发生。RIP认证可以确保路由仅从信任源接收到可靠的路由信息。
更多关于RIP认证可以参考网上内容:http://book.51cto.com/art/201010/230440.htm
实验中的问题与学习到的内容:
由于失误,在配置IP的时候使得两个相连接口的地址一样了,于是出现这样的提示信息。
(注:此实验做了多次,这是其中一次的截图)
在实验过程中看到这样一个信息,最后一句表明在组播中不会接收自己发出的信息。