RIP全集个人总结V1[1].0.doc

目录： 1.RIP基础部分 1）有类路由协议、无类路由协议 2）RIP的信息类型 3）在网络边界的自动汇总 2.RIP Timers RIP的几个时间 3.解决RIP中路由回环问题的机制 4.RIP的基本配置 5.RIP的版本控制:默认情况运行v1 6.V1与V2的区别 7.运行RIP版本1的接口的收发原则 8.关于水平分割（Split horizon） 9.RIP的自动／手工汇总 10.RIP的单播更新:(Unicast-Update)/被动接口 11.RIP的触发更新 12.RIP authentication/RIP 认证 13.Offset-list／偏置列表,实现RIP路由的控制 14.RIP传递默认路由的5种方法 1.RIP基础部分 1）Classful Routing/有类路由协议 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ IGRP /RIP V1 1.在发送路由更新信息时,不携带子网掩码,无法描述路由条目的路由长度 2.在主类的网络边界上,自动发生路由汇总 汇总到主类网络的默认的路由长度(自动汇总是无法关闭的) (不支持VLSM,只能汇总为A/B/C类). 3.由于上述原因,有类路由协议会产生"不连续子网"的路由通达性问题. 2）Classless Routing/无类路由协议 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ RIP V2 的automatic summary 1.不会对收到的明细路由进行汇总 2.对自己直连的路由进行汇总后,再通告出去. 3.把收到的明细路由放进路由表中,但会对明细路由进行汇总后再通告出去! EIGRP的automatic summary 1.不会对收到的明细路由进行汇总, 2.对自己直连的路由进行汇总后,再通告出去 3.把收到的明细路由放进路由表中,并且把收到的明细路由通告出去! RIPv2/EIGRP/OSPF/IS-IS/BGPv4 1.在发送路由更新信息时,已经携带子网掩码. 2.支持VLSM,路由的手工/自动汇总,(可以关闭自动汇总) 3.在部分先进的路由协议中,支持CIDR(超网) 备注： ip classless(在IOS为12.0以后的版本中，默认启动无类路由。) 3）RIP的信息类型 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ RIP通过UDP520号端口操作，RIP信息是被封装在UDP的segment中的。 通常情况下，RIP有两种信息类型： 1、request(请求更新包)：用于向相邻路由器发送一个更新的请求信息 2、update（更新回应包）：用于回应request信息 4）在网络边界的自动汇总 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DV协议默认会执行自动汇总,(RIP/IGRP/EIGRP) LS协议默认不执行自动汇总.(OSPF/ISIS) 2.RIP Timers RIP的几个时间 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 实验拓扑（以下实验操作均使用本拓扑）： R1(s1/1)--192.168.12.0/24--(s1/1)R2(s1/3)--192.168.23.0/24--(S1/3)R3 | | | Lo1 Lo2 Lo3 Update timer（更新时间）: 1.RIP在启动后，每隔30S（default）从所有RIP Interface 上向外发送update 2.这个update 包含了路由器中除了被split horizon（水平分割）抑制的完整的路由表， 3.update周期发送的时间间隔默认为(update timer)25.5秒到30秒之间（一个随机值）[异步更新]； RIP_JITTER是Cisco IOS中专有的一个随机变量，它缩短到一般更新时间的15%（即4.5s）。因此，在CISCO中的实际更新时间是上25.5~30秒之间 4.RIP V1，update的目标地址为255.255.255.255；RIP V2的为224.0.0.9 实验说明： 基本配置： r1: interface Loopback0 ip address 1.1.1.1 255.255.255.0 interface Serial1/1 ip address 192.168.12.1 255.255.255.0 router rip network 1.0.0.0 network 192.168.12.0 r2: interface Serial1/1 ip address 192.168.12.2 255.255.255.0 interface Serial1/3 ip address 192.168.23.2 255.255.255.0 router rip network 192.168.12.0 network 192.168.23.0 r3: interface Serial1/3 ip address 192.168.23.3 255.255.255.0 router rip network 192.168.23.0 路由器R1：默认版本1的update情况 *Mar 1 00:21:18.655: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 00:21:18.655: RIP: build update entries - suppressing null update *Mar 1 00:21:25.363: RIP: received v1 update from 192.168.12.2 on Serial1/1 *Mar 1 00:21:25.367: 192.168.23.0 in 1 hops r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 R 192.168.23.0/24 [120/1] via 192.168.12.2, 00:00:26, Serial1/1 *Mar 1 00:21:52.107: RIP: received v1 update from 192.168.12.2 on Serial1/1 *Mar 1 00:21:52.111: 192.168.23.0 in 1 hopssh ip route 配置为版本2，关闭auto-summary后R2的update情况 *Mar 1 00:06:36.999: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (192.168.12.2) *Mar 1 00:06:36.999: RIP: build update entries *Mar 1 00:06:37.003: 192.168.23.0/24 via 0.0.0.0, metric 1, tag 0 *Mar 1 00:06:37.003: RIP: sending v2 update to 224.0.0.9 via Serial1/3 (192.168.23.2) *Mar 1 00:06:37.007: RIP: build update entries *Mar 1 00:06:37.007: 192.168.12.0/24 via 0.0.0.0, metric 1, tag 0 *Mar 1 00:07:05.411: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (192.168.12.2) *Mar 1 00:07:05.411: RIP: build update entries *Mar 1 00:07:05.415: 192.168.23.0/24 via 0.0.0.0, metric 1, tag 0 *Mar 1 00:07:05.415: RIP: sending v2 update to 224.0.0.9 via Serial1/3 (192.168.23.2) *Mar 1 00:07:05.419: RIP: build update entries *Mar 1 00:07:05.419: 192.168.12.0/24 via 0.0.0.0, metric 1, tag 0 Invalid timer（无效时间）： 1.当有条目加入到路由表中时，该条目的invalid timer就会初始化为180S； 2.如果路由器在invalid timer内没有收到该条目的更新信息，那么它在超过180S后将会被标记为不可达，即16跳； 3. 它的典型周期范围是3～6个update周期，无效时间在IOS中缺省是180秒 Holddown timer（保持时间） 1.180S，如果新收到的路由条目比原有的条目的metric值更大，那么原有的条目会进入一个长为180s的holddown状态； 2. 在抑制计时器的时间内该条目标记为possible down，直到计时器超时，路由器才可以接受有关此路由的更新信息 原理： 该计时器的原理是引用一个怀疑量，不管是真的还是假的路由消息，路由器先认为是假消息来避免路由环路。如果在抑制计时器超时后还接受到该消息，那么这时路由器就认为该消息时真的。RIP中认为假的消息总是真不了，不长久 Flush timer（刷新时间）: 240S。但RFC1058中规定的是300S。如果超出240S，那么路由被标记为不可达，并从路由表中移除 实验说明： r1#sh ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 9 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 1, receive any version Interface Send Recv Triggered RIP Key-chain Serial1/1 1 1 2 Loopback0 1 1 2 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 1.0.0.0 192.168.12.0 Routing Information Sources: Gateway Distance Last Update 192.168.12.2 120 00:00:28 Distance: (default is 120) 通过开启debug观察路由表的变化情况： r1#debug ip routing r1#debug ip rip 在R1上，做访问列表，不接收来自R2的rip数据包： r1(config)#access-list 111 deny udp any any eq rip r1(config)#access-list 111 permit ip any any r1(config-if)#ip access-group 111 in r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 1.0.0.0/24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Loopback0 R 2.0.0.0/8 [120/1] via 192.168.12.2, 00:03:13, Serial1/1 R 3.0.0.0/8 [120/2] via 192.168.12.2, 00:03:13, Serial1/1 R 192.168.23.0/24 [120/1] via 192.168.12.2, 00:03:13, Serial1/1 180S后来自R2路由条目，被宣告无效，hop=16跳 （即invail计时器走完） *Mar 1 00:30:40.183: RT: delete route to 2.0.0.0 via 192.168.12.2, rip metric [120/1] *Mar 1 00:30:40.183: RT: no routes to 2.0.0.0, entering holddown *Mar 1 00:30:40.183: RT: delete route to 3.0.0.0 via 192.168.12.2, rip metric [120/2] *Mar 1 00:30:40.183: RT: no routes to 3.0.0.0, entering holddown *Mar 1 00:30:40.183: RT: delete route to 192.168.23.0 via 192.168.12.2, rip metric [120/1] *Mar 1 00:30:40.183: RT: no routes to 192.168.23.0, entering holddown *Mar 1 00:30:40.183: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 00:30:40.183: RIP: build update entries *Mar 1 00:30:40.183: network 1.0.0.0 metric 1 *Mar 1 00:30:40.183: network 2.0.0.0 metric 16 *Mar 1 00:30:40.183: network 3.0.0.0 metric 16 *Mar 1 00:30:40.183: network 192.168.23.0 metric 16 *Mar 1 00:30:40.183: RIP: sending v1 update to 255.255.255.255 via Loopback0 (1.1.1.1) *Mar 1 00:30:40.183: RIP: build update entries *Mar 1 00:30:40.183: network 2.0.0.0 metric 16 *Mar 1 00:30:40.183: network 3.0.0.0 metric 16 *Mar 1 00:30:40.183: network 192.168.12.0 metric 1 *Mar 1 00:30:40.183: network 192.168.23.0 metric 16 *Mar 1 00:30:42.183: RIP: sending v1 flash update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 00:30:42.183: RIP: build flash update entries *Mar 1 00:30:42.187: network 2.0.0.0 metric 16 *Mar 1 00:30:42.187: network 3.0.0.0 metric 16 *Mar 1 00:30:42.187: network 192.168.23.0 metric 16 *Mar 1 00:30:42.191: RIP: sending v1 flash update to 255.255.255.255 via Loopback0 (1.1.1.1) *Mar 1 00:30:42.191: RIP: build flash update entries *Mar 1 00:30:42.195: network 2.0.0.0 metric 16 *Mar 1 00:30:42.195: network 3.0.0.0 metric 16 *Mar 1 00:30:42.199: network 192.168.23.0 metric 16 Holddown计时器开始，进入possible down状态 r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 1.0.0.0/24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Loopback0 R 2.0.0.0/8 is possibly down, routing via 192.168.12.2, Serial1/1 R 3.0.0.0/8 is possibly down, routing via 192.168.12.2, Serial1/1 R 192.168.23.0/24 is possibly down, routing via 192.168.12.2, Serial1/1 R2的debug输出信息，如下: *Mar 1 00:30:02.051: RIP: received v1 update from 192.168.12.1 on Serial1/1 *Mar 1 00:30:02.055: 1.0.0.0 in 1 hops *Mar 1 00:30:18.687: RIP: received v1 update from 192.168.23.3 on Serial1/3 *Mar 1 00:30:18.691: 3.0.0.0 in 1 hops *Mar 1 00:30:23.527: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.12.2) *Mar 1 00:30:23.531: RIP: build update entries *Mar 1 00:30:23.531: network 2.0.0.0 metric 1 *Mar 1 00:30:23.531: network 3.0.0.0 metric 2 *Mar 1 00:30:23.535: network 192.168.23.0 metric 1 *Mar 1 00:30:23.535: RIP: sending v1 update to 255.255.255.255 via Serial1/3 (192.168.23.2) *Mar 1 00:30:23.539: RIP: build update entries *Mar 1 00:30:23.539: network 1.0.0.0 metric 2 *Mar 1 00:30:23.539: network 2.0.0.0 metric 1 *Mar 1 00:30:23.539: network 192.168.12.0 metric 1 *Mar 1 00:30:23.539: RIP: sending v1 update to 255.255.255.255 via Loopback0 (2.2.2.2) *Mar 1 00:30:23.539: RIP: build update entries *Mar 1 00:30:23.539: network 1.0.0.0 metric 2 *Mar 1 00:30:23.539: network 3.0.0.0 metric 2 *Mar 1 00:30:23.539: network 192.168.12.0 metric 1 *Mar 1 00:30:23.539: network 192.168.23.0 metric 1 *Mar 1 00:30:27.727: RIP: received v1 update from 192.168.12.1 on Serial1/1 *Mar 1 00:30:27.731: 1.0.0.0 in 1 hops *Mar 1 00:30:27.731: 2.0.0.0 in 16 hops (inaccessible) *Mar 1 00:30:27.731: 3.0.0.0 in 16 hops (inaccessible) *Mar 1 00:30:27.735: 192.168.23.0 in 16 hops (inaccessible) *Mar 1 00:30:29.791: RIP: received v1 update from 192.168.12.1 on Serial1/1 *Mar 1 00:30:29.795: 2.0.0.0 in 16 hops (inaccessible) *Mar 1 00:30:29.795: 3.0.0.0 in 16 hops (inaccessible) *Mar 1 00:30:29.799: 192.168.23.0 in 16 hops (inaccessible) *Mar 1 00:30:46.851: RIP: received v1 update from 192.168.23.3 on Serial1/3 *Mar 1 00:30:46.855: 3.0.0.0 in 1 hops R1中的Flush计时器到期后，删除不可达的路由： 【00:30:40.183------00:31:36.611；共计56.5左右，Invalid timer后flush计时器到期】 *Mar 1 00:31:36.611: RT: delete network route to 2.0.0.0 *Mar 1 00:31:36.611: RT: NET-RED 2.0.0.0/8 *Mar 1 00:31:36.615: RT: NET-RED queued, Queue size 1 *Mar 1 00:31:36.615: RT: delete network route to 3.0.0.0 *Mar 1 00:31:36.619: RT: NET-RED 3.0.0.0/8 *Mar 1 00:31:36.619: RT: NET-RED queued, Queue size 2 *Mar 1 00:31:36.623: RT: delete network route to 192.168.23.0 *Mar 1 00:31:36.623: RT: NET-RED 192.168.23.0/24 *Mar 1 00:31:36.623: RT: NET-RED queued, Queue size 3 *Mar 1 00:31:36.627: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 00:31:36.627: RIP: build update entries *Mar 1 00:31:36.631: network 1.0.0.0 metric 1 *Mar 1 00:31:36.631: RIP: sending v1 update to 255.255.255.255 via Loopback0 (1.1.1.1) *Mar 1 00:31:36.635: RIP: build update entries *Mar 1 00:31:36.635: network 192.168.12.0 metric 1 r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 1.0.0.0/24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Loopback0 Sleep Timer:（触发更新计时器） 1. 单位毫秒! , 其他计时器单位都是秒； 2. RIP使用带毒性逆转(poison reverse)的水平分割(split horizon)和触发更新。触发更新只要在有路由的度量值发生改变时就会产生，而且触发更新不会引起接收路由器重置它们的更新计时器；因为如果这么做，网络拓扑的改变会造成触发更新“风暴”； 3. 还需使用另一个计时器，当一个触发更新传播时，这个计时器被随机的设置为1-5s之间的数值；在这个计时器超时前不能发送并发的触发更新。 注意： 1.在rip的database里面invalid timer时间180秒到了,就进入holddown 180秒，Invalid timer 和 Flush timer 同时开启的； 备注： 1. 在 holddown timer 开始的时候就开始对外发路由毒化的路由，即hop=16，收到这个路由的设备毒性反转,再发送hop=16 回来(打破水平分割原则) ；holddown 的存在理由就是为了使得全网的毒化路由接收一致,防止路由环路 2.计时器总结 参考文档 【修改四个计时器的值，重新观察收不到路由更新后的过程】 使用默认的时间，调试过程时间较长，修改timer计时器时间，使得调试结果跟明显 r1(config)#router rip r1(config-router)#timers basic ? <0-4294967295> Interval between updates r1(config-router)#timers basic 5 ? <1-4294967295> Invalid r1(config-router)#timers basic 5 10 ? <0-4294967295> Holddown r1(config-router)#timers basic 5 10 15 ? <1-4294967295> Flush r1(config-router)#timers basic 5 10 15 20 r1#sh ip protocols Routing Protocol is "rip" Sending updates every 5 seconds, next due in 3 seconds Invalid after 10 seconds, hold down 15, flushed after 20 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip …… …… … r1(config)#int s1/1 r1(config-if)#ip access r1(config-if)#ip access-group 111 in 无效计时器10s过后，进入holddown计时器； r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 1.0.0.0/24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Loopback0 R 2.0.0.0/8 [120/1] via 192.168.12.2, 00:00:10, Serial1/1 R 3.0.0.0/8 [120/2] via 192.168.12.2, 00:00:10, Serial1/1 R 192.168.23.0/24 [120/1] via 192.168.12.2, 00:00:10, Serial1/1 r1# *Mar 1 03:02:13.255: RT: delete route to 2.0.0.0 via 192.168.12.2, rip metric [120/1] *Mar 1 03:02:13.255: RT: no routes to 2.0.0.0, entering holddown *Mar 1 03:02:13.259: RT: delete route to 3.0.0.0 via 192.168.12.2, rip metric [120/2] *Mar 1 03:02:13.263: RT: no routes to 3.0.0.0, entering holddown *Mar 1 03:02:13.263: RT: delete route to 192.168.23.0 via 192.168.12.2, rip metric [120/1] *Mar 1 03:02:13.267: RT: no routes to 192.168.23.0, entering holddown *Mar 1 03:02:13.271: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 03:02:13.271: RIP: build update entries *Mar 1 03:02:13.271: network 1.0.0.0 metric 1 *Mar 1 03:02:13.275: network 2.0.0.0 metric 16 *Mar 1 03:02:13.275: network 3.0.0.0 metric 16 *Mar 1 03:02:13.279: network 192.168.23.0 metric 16 *Mar 1 03:02:13.279: RIP: sending v1 update to 255.255.255.255 via Loopback0 (1.1.1.1) *Mar 1 03:02:13.283: RIP: build update entries *Mar 1 03:02:13.283: network 2.0.0.0 metric 16 *Mar 1 03:02:13.283: network 3.0.0.0 metric 16 *Mar 1 03:02:13.287: network 192.168.12.0 metric 1 *Mar 1 03:02:13.287: network 192.168.23.0 metric 16 同时路由表中显示从R2收的到的路由条目possibly down r1#sh ip route C 192.168.12.0/24 is directly connected, Serial1/1 1.0.0.0/24 is subnetted, 1 subnets C 1.1.1.0 is directly connected, Loopback0 R 2.0.0.0/8 is possibly down, routing via 192.168.12.2, Serial1/1 R 3.0.0.0/8 is possibly down, routing via 192.168.12.2, Serial1/1 R 192.168.23.0/24 is possibly down, routing via 192.168.12.2, Serial1/1 r1将从R2收到的路由条目进行毒化后，传播到其邻居R2 *Mar 1 03:02:15.259: RIP: sending v1 flash update to 255.255.255.255 via Serial1/1 (192.168.12.1) *Mar 1 03:02:15.259: RIP: build flash update entries *Mar 1 03:02:15.263: network 2.0.0.0 metric 16 *Mar 1 03:02:15.263: network 3.0.0.0 metric 16 *Mar 1 03:02:15.263: network 192.168.23.0 metric 16 *Mar 1 03:02:15.263: RIP: sending v1 flash update to 255.255.255.255 via Loopback0 (1.1.1.1) *Mar