实验过程中严禁使用静态路由。
一.基本配置:(3)
3、 R2 起用 LOOPBACK 1:2.2.0.2/24; LOOPBACK 2:2.2.1.2/24;
LOOPBACK 3:2.2.2.2/24; LOOPBACK 4:2.2.3.2/24
4、 R1 起用 LOOPBACK 1:1.1.1.4/24; LOOPBACK 2:1.1.2.4/24;
LOOPBACK 3:1.1.3.4/24; LOOPBACK 4:1.1.4.4/24
LOOPBACK 5:1.1.5.4/24
二、 链路配置: (5)
1、 R3—R2 的链路使用 PPP封装,CHAP 认证。
2、 R4—R3 的链路使用 PPP封装,PAP认证。
3、 都为单向认证,R3 为认证的 SERVER 端。CHAP 认证的密码为”CISCO”,PAP
认证的密码为”HP”。
三、 OSPF(12)
1、 R2 公告 lo1:2.2.0.2/24----lo4:2.2.3.2/24到 AREA1,在 R3 上要收到汇总路由。
2、 AREA 0 使用 MD5 的区域认证。密码为“cisco”, key使用“10”
3、 AREA 1 路由要最简化。
4、 将 RIP 重分布到 OSPF 中,只允许 12.1.1.0/24 进入 OSPF 区域。并标注为
TAG10.
5、 使用 X.X.X.X 作为 OSPF 路由器的 ROUTER-ID. X 为路由器的下标。
6、 R4 和 R3 的回环接口都公告到 OSPF 的 AREA0.
四、 RIP(R2 的 LOOPBACK 0 不能公告在 RIP 中,否则扣 10 分)
1、 R1 运行 RIP V2,R2 运行 RIP V1。
2、 R2 和 R1 之间使用单播更新。
3、 R2 只接受来自 R1 的 lo0的路由和 1.1.X.0/24,其中 X 为单数。 例如: 1.1.3.0/24
五、 EIGRP
1、 R4 上做双向重分布。
2、 R5 上从 R4上学到的路由条目要是负载均衡的。
六、 NAT
1、 地址池 12.1.1.10/24—12.1.1.15/24
2、 所有 23,34.Y.0.0/16 网段设备要可以 PING 通 R1 的 S1/1 接口
配置要点
中间有些地址做了些许变化,但不影响需求的实现。
R1:ip access-list standard A
permit 1.1.1.0 0.0.0.255
permit 1.1.2.0 0.0.0.255
permit 1.1.3.0 0.0.0.255
permit 1.1.4.0 0.0.0.255
router rip
version 2
passive-interface Serial1/1
network 0.0.0.0
neighbor 12.1.1.2
distribute-list A out Serial1/1
no auto-summary
R2:access-list 10 permit 23.1.1.0 0.0.0.255
access-list 10 permit 34.1.1.0 0.0.0.255
ip nat pool A 12.1.1.10 12.1.1.15 prefix-length 24
ip nat inside source list 10 pool A overload
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
ip nat outside
ip rip send version 2
ip rip receive version 2
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
ip nat inside
encapsulation ppp
serial restart-delay 0
ppp pap sent-username R3 password 0 cisco
router ospf 110
log-adjacency-changes
area 1 nssa
redistribute connected subnets
network 2.0.0.0 0.0.0.255 area 1
network 23.1.1.0 0.0.0.255 area 1
router rip
version 2
passive-interface Serial1/0
network 12.0.0.0
neighbor 12.1.1.1
R3:router ospf 110
log-adjacency-changes
area 0 authentication message-digest
area 1 nssa no-summary
network 3.3.3.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
network 34.1.1.0 0.0.0.255 area 0
username R3 password 0 cisco
username R4 password 0 hp
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
encapsulation ppp
serial restart-delay 0
ppp authentication pap
interface Serial1/1
ip address 34.1.1.3 255.255.255.0
encapsulation ppp
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
serial restart-delay 0
ppp authentication chap
R4:router eigrp 90
redistribute ospf 110 metric 1544 20000 255 1 1500
network 45.1.1.0 0.0.0.255
network 54.1.1.0 0.0.0.255
metric weights 0 1 0 0 0 0
no auto-summary
router ospf 110
log-adjacency-changes
area 0 authentication message-digest
redistribute eigrp 90 subnets
network 4.4.4.0 0.0.0.255 area 0
network 34.1.1.0 0.0.0.255 area 0
interface FastEthernet0/0
bandwidth 1544
ip address 54.1.1.4 255.255.255.0
interface Serial1/0
ip address 34.1.1.4 255.255.255.0
encapsulation ppp
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
serial restart-delay 0
ppp chap hostname R4
ppp chap password 0 hp
R5:router eigrp 90
network 0.0.0.0
metric weights 0 1 0 0 0 0
no auto-summary
interface FastEthernet0/0
bandwidth 1544
ip address 54.1.1.5 255.255.255.0
测试:
为节省空间,路由表中的注释行已删除。
查看R5路由表:
R5#show ip route
34.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D EX 34.1.1.3/32 [170/1657856] via 45.1.1.4, 00:13:42, Serial1/0
[170/1657856] via 54.1.1.4, 00:13:42, FastEthernet0/0
D EX 34.1.1.0/24 [170/1657856] via 45.1.1.4, 00:13:42, Serial1/0
[170/1657856] via 54.1.1.4, 00:13:42, FastEthernet0/0
2.0.0.0/24 is subnetted, 4 subnets
D EX 2.2.1.0 [170/1657856] via 45.1.1.4, 00:13:27, Serial1/0
[170/1657856] via 54.1.1.4, 00:13:27, FastEthernet0/0
D EX 2.2.2.0 [170/1657856] via 45.1.1.4, 00:13:27, Serial1/0
[170/1657856] via 54.1.1.4, 00:13:27, FastEthernet0/0
D EX 2.2.3.0 [170/1657856] via 45.1.1.4, 00:13:27, Serial1/0
[170/1657856] via 54.1.1.4, 00:13:27, FastEthernet0/0
D EX 2.2.4.0 [170/1657856] via 45.1.1.4, 00:13:27, Serial1/0
--More--
可以看到实现了负载均衡,由于上边修改了K值和带宽。
查看R1路由表:
R1#show ip route
1.0.0.0/24 is subnetted, 6 subnets
C 1.1.1.0 is directly connected, Loopback10
C 1.1.2.0 is directly connected, Loopback1
C 1.1.3.0 is directly connected, Loopback2
C 1.1.4.0 is directly connected, Loopback3
C 1.1.11.0 is directly connected, Loopback11
C 1.1.22.0 is directly connected, Loopback12
11.0.0.0/24 is subnetted, 1 subnets
C 11.11.11.0 is directly connected, Loopback0
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, Serial1/1
在R3上用23.1.1.3接口ping12.1.1.1并查看R2的NAT转换表:
R3#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/37/80 ms
R2#show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 12.1.1.11 23.1.1.2 --- ---
icmp 12.1.1.12:8 23.1.1.3:8 12.1.1.1:8 12.1.1.1:8
最后查看一下R2的路由表:
R2#show ip route
1.0.0.0/24 is subnetted, 4 subnets
R 1.1.1.0 [120/1] via 12.1.1.1, 00:00:24, Serial1/0
R 1.1.2.0 [120/1] via 12.1.1.1, 00:00:24, Serial1/0
R 1.1.3.0 [120/1] via 12.1.1.1, 00:00:24, Serial1/0
R 1.1.4.0 [120/1] via 12.1.1.1, 00:00:24, Serial1/0
2.0.0.0/24 is subnetted, 4 subnets
C 2.2.1.0 is directly connected, Loopback1
C 2.2.2.0 is directly connected, Loopback10
C 2.2.3.0 is directly connected, Loopback2
C 2.2.4.0 is directly connected, Loopback3
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.3/32 is directly connected, Serial1/1
C 23.1.1.0/24 is directly connected, Serial1/1
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, Serial1/0
O*IA 0.0.0.0/0 [110/65] via 23.1.1.3, 00:07:42, Serial1/1