RIP-综合实验.doc_咨信网zixin.com.cn

资源描述

1、R1,R2,R3,R4运行RIPV2 2、R1以广播的形式发送路由给12.1.1.0网段 3、R5运行RIPV1 4、R1，R2，R4所在的12.1.1.0网段进行MD5认证 5、R1要求看到所有明细路由 6、R3要看到一条20.1.0.0/16汇总路由 7、R1，R3之间尽量少的更新 8、R3，R5之间不能有广播和组播更新 9、R4上不能看到20.1.1.0 20.1.2.0 20.1.3.0的路由 10、R2上看到5.5.5.0的路由为10跳 11、R5向RIP通告一条黙认路由 ------------------------------------------------------------------------------------- R2(config)#interface loopback 1 R2(config-if)#ip address 20.1.1.2 255.255.255.0 R2(config)#interface loopback 2 R2(config-if)#ip address 20.1.2.2 255.255.255.0 R2(config)#interface Loopback3 R2(config-if)#ip address 20.1.3.2 255.255.255.0 R2(config)#int f0/0 R2(config-if)#ip add 12.1.1.2 255.255.255.0 R2(config-if)#no shutdown R2(config-if)#duplex full ---------------------------------------------------- R4(config)#interface loopback 1 R4(config-if)#ip add 4.4.4.4 255.255.255.0 R4(config)#int f0/0 R4(config-if)#ip add 12.1.1.4 255.255.255.0 R4(config-if)#no shutdown R4(config-if)#duplex full ---------------------------------------------------- R1(config)#int f0/0 R1(config-if)#ip add 12.1.1.1 255.255.255.0 R1(config-if)#no shutdown R2(config-if)#duplex full R1(config-if)#interface s1/1 R1(config-if)#ip add 13.1.1.1 255.255.255.0 R1(config-if)#no shutdown ---------------------------------------------------- R3(config)#int s1/1 R3(config-if)#ip add 13.1.1.3 255.255.255.0 R3(config-if)#no shut R3(config-if)#int s1/0 R3(config-if)#ip add 35.1.1.3 255.255.255.0 R3(config-if)#no shutdown ---------------------------------------------------- R5(config)#interface loopback 1 R5(config-if)#ip add 5.5.5.5 255.255.255.0 R5(config)#int s1/0 R5(config-if)#ip add 35.1.1.5 255.255.255.0 R5(config-if)#no shutdown 按以上配置好后，使用ping 命令确保网络连通性正常。 ------------------------------------------------------------------------------------- 1、R1、R2、R3、R4运行RIPV2 ------------------------------------------------------------------------------------- R2(config)#router rip #启用RIP协议 R2(config-router)#version 2 #启用RIPv2版本 R2(config-router)#network 20.0.0.0 #宣告主类网段 R2(config-router)#network 12.0.0.0 R2(config-router)#no auto-summary #不发自动汇总路由 ---------------------------------------------------- R4(config)#router rip R4(config-router)#version 2 R4(config-router)#no auto-summary R4(config-router)#network 4.0.0.0 R4(config-router)#network 12.0.0.0 ---------------------------------------------------- R1(config)#router rip R1(config-router)#version 2 R1(config-router)#no auto-summary R1(config-router)#network 12.0.0.0 R1(config-router)#network 13.0.0.0 ---------------------------------------------------- R3(config)#router rip R3(config-router)#version 2 R3(config-router)#no auto-summary R3(config-router)#network 13.0.0.0 R3(config-router)#network 35.0.0.0 ------------------------------------------------------------------------------------- 2、R1以广播的形式发送路由给12.1.1.0网段 ------------------------------------------------------------------------------------- R1(config)#int f0/0 R1(config-if)#ip rip v2-broadcast #接口下以广播的形式发送版本2的更新 R1(config-if)#do debug ip rip #启用debug调试路由更新,可看到R1在F0/0口上使用广播更新 ...... *Sep 6 20:36:08.895: RIP: sending v2 update to 255.255.255.255 via FastEthernet0/0 (12.1.1.1) *Sep 6 20:36:08.895: RIP: build update entries *Sep 6 20:36:08.895: 13.1.1.0/24 via 0.0.0.0, metric 1, tag 0 *Sep 6 20:36:08.895: 35.1.1.0/24 via 0.0.0.0, metric 2, tag 0 ------------------------------------------------------------------------------------- 3、R5运行RIPV1 ------------------------------------------------------------------------------------- R5(config)#router rip R5(config-router)#ver R5(config-router)#version 1 R5(config-router)#network 5.0.0.0 R5(config-router)#network 35.0.0.0 此时在R5上查看路由只有直连接路由；其它路由器上没有R5的路由。原因是R5上运行的是v1版本(V1只收发运行V1路由),其它路由器上运行的是V2(V2只收发运行V2路由) 解决的方法是：在接口下控制发送接收的更新版本路由。可见后面明细路由时的配置。 ------------------------------------------------------------------------------------- 4、R1，R2，R4所在的12.1.1.0网段进行MD5认证 ------------------------------------------------------------------------------------- R1(config)#key chain cisco #定义钥匙链名称，只有本地意义，路由器之间的key chain可以不同 R1(config-keychain)#key 1 #指定Key-ID值 R1(config-keychain-key)#key-string tgh #指定Key密码，路由器之间的Key-string要保持一致 R1(config-keychain-key)#exit R1(config-keychain)#exit R1(config)#int f0/0 R1(config-if)#ip rip authentication mode md5 #在接口下启用Md5认证方式(默认为明文) R1(config-if)#ip rip authentication key-chain cisco #接口下调用钥匙链 ---------------------------------------------------- R2(config)#key chain cisco R2(config-keychain)#key 1 R2(config-keychain-key)#key-string tgh #Key-string要保持一致 R2(config-keychain-key)#exit R2(config-keychain)#exit R2(config)#int f0/0 R2(config-if)#ip rip authentication mode md5 R2(config-if)#ip rip authentication key-chain cisco ---------------------------------------------------- R4(config)#key chain cisco R4(config-keychain)#key 1 R4(config-keychain-key)#key-string tgh #Key-string要保持一致 R4(config-keychain-key)#exit R4(config-keychain)#exit R4(config)#int f0/0 R4(config-if)#ip rip authentication mode md5 R4(config-if)#ip rip authentication key-chain cisco 明文认证的匹配原则是：发送方发送最小的Key_ID的密钥(key-string)，并且不带Key_ ID；接收方会和所有的key chain中的密钥(key-string)匹配，如果匹配成功，才能过认证。 MD5认证的匹配原则是：发送方发送最小的key_ID的密钥(key-string)并携带Key_ID号码；接收方会先去匹配具有相同的Key_ID的密钥,如果密钥相同，则只匹配一次，就可决定认证是否成功；如果没有相同的Key_ID,只向下查找一次Key_ID(只检查该Key_ID号中的密钥)，匹配，认证成功；不匹配，认证失败。注：RIP中每一个路由更新报文最大可包含25条路由,做了明文认证后只能包含24条，做了MD5认证后只能包含23条。 ------------------------------------------------------------------------------------- 5、R1要求看到所有明细路由 ------------------------------------------------------------------------------------- R5(config)#router rip R5(config-router)#no auto-summary #关闭汇总 R5(config)#int s1/0 R5(config-if)#ip rip send version 2 #接口模式下发送V2更新，此时其它路由器学到R5上的所有条目 R5(config-if)#ip rip receive version 2 #接口模式下接收V2更新，此时R5学到其它路由器上的所有路由 ------------------------------------------------------------------------------------- 6、R3要看到一条20.1.0.0/16汇总路由 ------------------------------------------------------------------------------------- R3#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 35.0.0.0/24 is subnetted, 1 subnets C 35.1.1.0 is directly connected, Serial1/0 4.0.0.0/24 is subnetted, 1 subnets R 4.4.4.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1 20.0.0.0/24 is subnetted, 3 subnets R 20.1.1.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1 #此时20段路由并没有汇总 R 20.1.3.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1 R 20.1.2.0 [120/2] via 13.1.1.1, 00:00:12, Serial1/1 5.0.0.0/24 is subnetted, 1 subnets R 5.5.5.0 [120/1] via 35.1.1.5, 00:00:15, Serial1/0 12.0.0.0/24 is subnetted, 1 subnets R 12.1.1.0 [120/1] via 13.1.1.1, 00:00:12, Serial1/1 13.0.0.0/24 is subnetted, 1 subnets C 13.1.1.0 is directly connected, Serial1/1 ---------------------------------------------------- R1(config)#int s1/1 R1(config-if)#ip summary-address rip 20.1.0.0 255.255.0.0 #通过在R1的S1/1接口上手动汇总路由，如此可减少路由条目，并可节省内存开销 ---------------------------------------------------- R3#clear ip route * R3#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 35.0.0.0/24 is subnetted, 1 subnets C 35.1.1.0 is directly connected, Serial1/0 4.0.0.0/24 is subnetted, 1 subnets R 4.4.4.0 [120/2] via 13.1.1.1, 00:00:01, Serial1/1 20.0.0.0/16 is subnetted, 1 subnets #此时到的是一条20.1.0.0/16汇总路由 R 20.1.0.0 [120/2] via 13.1.1.1, 00:00:01, Serial1/1 12.0.0.0/24 is subnetted, 1 subnets R 12.1.1.0 [120/1] via 13.1.1.1, 00:00:01, Serial1/1 13.0.0.0/24 is subnetted, 1 subnets C 13.1.1.0 is directly connected, Serial1/1 ------------------------------------------------------------------------------------- 7、R1，R3之间尽量少的更新 ------------------------------------------------------------------------------------- R3(config)#int s1/1 #触发更新是只在拓扑发生变化的情况下才发送路由更新信息，平时不会周期性发送路由更新 R3(config-if)#ip rip triggered #接口下开启触发更新,只适用在串行链路，且两边要同时开启，否则无效。有变化才更新，适合于低带宽链路 ---------------------------------------------------- R1(config)#int s1/1 R1(config-if)#ip rip triggered ------------------------------------------------------------------------------------- 8、R3，R5之间不能有广播和组播更新 ------------------------------------------------------------------------------------- R3(config)#router rip R3(config-router)#neighbor 35.1.1.5 R3(config-router)#passive-interface s1/0 #指定RIP以单播的形式发送更新给指定的邻居，passive只关闭广播和组播不能关闭单播 ---------------------------------------------------- R5(config)#router rip R5(config-router)#neighbor 35.1.1.3 R5(config-router)#passive-interface s1/0 ------------------------------------------------------------------------------------- 9、R4上不能看到20.1.1.0 20.1.2.0 20.1.3.0的路由 ------------------------------------------------------------------------------------- R4(config)#do show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 35.0.0.0/24 is subnetted, 1 subnets R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:01, FastEthernet0/0 4.0.0.0/24 is subnetted, 1 subnets C 4.4.4.0 is directly connected, Loopback1 20.0.0.0/24 is subnetted, 3 subnets R 20.1.1.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0 R 20.1.3.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0 R 20.1.2.0 [120/1] via 12.1.1.2, 00:00:02, FastEthernet0/0 5.0.0.0/24 is subnetted, 1 subnets R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:01, FastEthernet0/0 12.0.0.0/24 is subnetted, 1 subnets C 12.1.1.0 is directly connected, FastEthernet0/0 13.0.0.0/24 is subnetted, 1 subnets R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:07, FastEthernet0/0 ---------------------------------------------------- R4(config)#rouer rip R4(config-router)#distance 255 20.1.1.2 255.255.255.0 #通过将管理距离值设为255，从而使R4上不再有20.1.0.0段的路由 R4(config-router)#distance 255 20.1.2.2 255.255.255.0 R4(config-router)#distance 255 20.1.3.2 255.255.255.0 R4(config-router)#do clear ip route * R4(config-router)#do show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 35.0.0.0/24 is subnetted, 1 subnets R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:06, FastEthernet0/0 4.0.0.0/24 is subnetted, 1 subnets C 4.4.4.0 is directly connected, Loopback1 5.0.0.0/24 is subnetted, 1 subnets R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:06, FastEthernet0/0 12.0.0.0/24 is subnetted, 1 subnets C 12.1.1.0 is directly connected, FastEthernet0/0 13.0.0.0/24 is subnetted, 1 subnets R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:06, FastEthernet0/0 #也可通过偏移列表实现。 ------------------------------------------------------------------------------------- 10、R2上看到5.5.5.0的路由为10跳 ------------------------------------------------------------------------------------- R2(config-router)#do show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 35.0.0.0/24 is subnetted, 1 subnets R 35.1.1.0 [120/2] via 12.1.1.1, 00:00:23, FastEthernet0/0 4.0.0.0/24 is subnetted, 1 subnets R 4.4.4.0 [120/1] via 12.1.1.4, 00:00:06, FastEthernet0/0 20.0.0.0/24 is subnetted, 3 subnets C 20.1.1.0 is directly connected, Loopback1 C 20.1.3.0 is directly connected, Loopback3 C 20.1.2.0 is directly connected, Loopback2 5.0.0.0/24 is subnetted, 1 subnets R 5.5.5.0 [120/3] via 12.1.1.1, 00:00:23, FastEthernet0/0 #默认为3跳 12.0.0.0/24 is subnetted, 1 subnets C 12.1.1.0 is directly connected, FastEthernet0/0 13.0.0.0/24 is subnetted, 1 subnets R 13.1.1.0 [120/1] via 12.1.1.1, 00:00:19, FastEthernet0/0 ---------------------------------------------------- R2(config)#access-list 1 permit 5.5.5.0 0.0.0.255 #使用偏移更表 R2(config)#router rip R2(config-router)#offset-list 1 in 7 #由于默认为3跳，此处再偏移7跳即可 ---------------------------------------------------- R2(config-router)#do clear ip route * R2(config-router)#do show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static

展开阅读全文