目录
- 实验条件
- 网络拓朴
- 路由器配置
- 开始排错, 要求R11可以访问R17的telnet
- 检查R12和R11的e0/0口,有发现
- 检查R17和R12的S4/0口, 有发现
- ping R17环回口地址,发现不通
- telnet R17环回口IP
实验条件
网络拓朴
路由器配置
R11 4组以太网接口
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R11
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$ixiY$3Lw0yIdKtcQnWVtqnj8vq/
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
redundancy
!
interface Loopback0no shutdownip address 145.11.11.11 255.255.255.255
!
interface Ethernet0/0no shutdownip address 145.67.89.1 255.255.255.252
!
interface Ethernet0/1no shutdownno ip addressshutdown
!
interface Ethernet0/2no shutdownno ip addressshutdown
!
interface Ethernet0/3no shutdownno ip addressshutdown
!
interface Ethernet1/0no shutdownip address 145.67.89.5 255.255.255.252ip authentication mode eigrp 145 md5
!
interface Ethernet1/1no shutdownno ip addressshutdown
!
interface Ethernet1/2no shutdownno ip addressshutdown
!
interface Ethernet1/3no shutdownno ip addressshutdown
!
interface Ethernet2/0no shutdownip address 145.67.89.9 255.255.255.252
!
interface Ethernet2/1no shutdownno ip addressshutdown
!
interface Ethernet2/2no shutdownno ip addressshutdown
!
interface Ethernet2/3no shutdownno ip addressshutdown
!
interface Ethernet3/0no shutdownip address 145.67.89.13 255.255.255.252
!
interface Ethernet3/1no shutdownno ip addressshutdown
!
interface Ethernet3/2no shutdownno ip addressshutdown
!
interface Ethernet3/3no shutdownno ip addressshutdown
!
!
router eigrp 145metric weights 0 1 1 1 1 1network 145.11.11.11 0.0.0.0network 145.67.89.1 0.0.0.0network 145.67.89.5 0.0.0.0
!
router bgp 14567bgp router-id 145.11.11.11bgp log-neighbor-changesnetwork 145.67.89.8 mask 255.255.255.252network 145.67.89.12 mask 255.255.255.252neighbor IBGP peer-groupneighbor IBGP remote-as 14567neighbor IBGP update-source Loopback0neighbor IBGP route-reflector-clientneighbor IBGP next-hop-selfneighbor 145.12.12.12 peer-group IBGPneighbor 145.13.13.13 peer-group IBGPneighbor 145.14.14.14 peer-group IBGPneighbor 145.67.89.10 remote-as 65200neighbor 145.67.89.10 default-originateneighbor 145.67.89.14 remote-as 65200
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
control-plane
!
banner motd Default Password: cisco
!
line con 0logging synchronous
line aux 0
line vty 0 4logintransport input none
!
!
end
R12 3组以太网接口、4组串口
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R12
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$tM4m$6cO5WZCiuX8zfSzuSkiFd.
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
username UberMarket_spoke_R17 password 0 ccie
!
redundancy
!
bba-group pppoe CCIEvirtual-template 1
!
!
interface Loopback0ip address 145.12.12.12 255.255.255.255
!
interface Ethernet0/0ip address 145.67.89.2 255.255.255.252
!
interface Ethernet0/1no ip addressshutdown
!
interface Ethernet0/2no ip addressshutdown
!
interface Ethernet0/3no ip addressshutdown
!
interface Ethernet1/0ip address 145.67.89.17 255.255.255.252
!
interface Ethernet1/1no ip addressshutdown
!
interface Ethernet1/2no ip addressshutdown
!
interface Ethernet1/3no ip addressshutdown
!
interface Ethernet2/0ip address 123.45.67.44 255.255.255.248
!
interface Ethernet2/1no ip addressshutdown
!
interface Ethernet2/2no ip addressshutdown
!
interface Ethernet2/3no ip addressshutdown
!
interface Serial3/0no ip addressshutdownserial restart-delay 0
!
interface Serial3/1no ip addressshutdownserial restart-delay 0
!
interface Serial3/2no ip addressshutdownserial restart-delay 0
!
interface Serial3/3no ip addressshutdownserial restart-delay 0
!
interface Serial4/0ip address 145.67.89.21 255.255.255.252encapsulation ppppeer default ip address pool SPOKE1ppp authentication chapserial restart-delay 0
!
interface Serial4/1no ip addressshutdownserial restart-delay 0
!
interface Serial4/2no ip addressshutdownserial restart-delay 0
!
interface Serial4/3no ip addressshutdownserial restart-delay 0
!
interface Serial5/0no ip addressshutdownserial restart-delay 0
!
interface Serial5/1no ip addressshutdownserial restart-delay 0
!
interface Serial5/2no ip addressshutdownserial restart-delay 0
!
interface Serial5/3no ip addressshutdownserial restart-delay 0
!
interface Serial6/0no ip addressshutdown serial restart-delay 0
!
interface Serial6/1no ip addressshutdownserial restart-delay 0
!
interface Serial6/2no ip addressshutdownserial restart-delay 0
!
interface Serial6/3no ip addressshutdownserial restart-delay 0
!
!
router eigrp 145metric weights 0 1 1 1 1 1network 145.12.12.12 0.0.0.0network 145.67.89.2 0.0.0.0network 145.67.89.17 0.0.0.0network 145.67.89.21 0.0.0.0offset-list 1 in 1000 Ethernet1/0 passive-interface Ethernet2/0passive-interface Serial4/0
!
router bgp 14567bgp router-id 145.12.12.12bgp log-neighbor-changesnetwork 123.45.67.20 mask 255.255.255.252network 123.45.67.40 mask 255.255.255.248neighbor 123.45.67.45 remote-as 12345neighbor 123.45.67.45 shutdownneighbor 123.45.67.46 remote-as 12345neighbor 145.11.11.11 remote-as 14567neighbor 145.11.11.11 update-source Loopback0neighbor 145.11.11.11 next-hop-self
!
ip local pool SPOKE1 145.67.89.222
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
access-list 1 permit any
!
control-plane
!
banner motd ^CDefault Password: cisco^C
!
line con 0logging synchronous
line aux 0
line vty 0 4logintransport input none
!
!
end
R17 1组以太网接口、4组串口
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R17
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$jViT$36ykqM85QJigY7ABWmwxe.
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
redundancy
!
crypto isakmp policy 10encr 3desauthentication pre-sharegroup 14
crypto isakmp key CCIE address 0.0.0.0
!
!
crypto ipsec transform-set CCIEXFORM esp-aes mode transport
!
crypto ipsec profile DMVPNPROFILEset transform-set CCIEXFORM
!
crypto ipsec profile DMVPNPROFILE1
!
interface Loopback0no shutdownip address 145.17.17.17 255.255.255.255
!
interface Tunnel0no shutdownip address 215.0.0.17 255.255.255.0no ip redirectsip nhrp authentication USER789ip nhrp map multicast 145.67.89.10ip nhrp map 215.0.0.1 145.67.89.10ip nhrp network-id 5789ip nhrp nhs 215.0.0.1tunnel source Serial4/0tunnel mode gre multipointtunnel key 5789tunnel protection ipsec profile DMVPNPROFILE1
!
interface Ethernet0/0no shutdownip address 145.67.89.57 255.255.255.252shutdownduplex auto
!
interface Ethernet0/1no shutdownno ip addressshutdownduplex auto
!
interface Ethernet0/2no shutdownno ip addressshutdownduplex auto
!
interface Ethernet0/3no shutdownno ip addressshutdownduplex auto
!
interface Serial1/0no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial1/1no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial1/2no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial1/3no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial2/0no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial2/1no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial2/2no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial2/3no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial3/0no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial3/1no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial3/2no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial3/3no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial4/0no shutdownip address negotiatedencapsulation pppshutdownppp chap hostname UberMarket_spoke_R17ppp chap password 0 CCIEppp ipcp route defaultserial restart-delay 0
!
interface Serial4/1no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial4/2no shutdownno ip addressshutdownserial restart-delay 0
!
interface Serial4/3no shutdownno ip addressshutdownserial restart-delay 0
!
!
router eigrp 200network 145.17.17.17 0.0.0.0network 145.67.89.57 0.0.0.0network 215.0.0.17 0.0.0.0eigrp stub connected summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ipv6 ioam timestamp
!
!
!
control-plane
!
!
!
!
!
!
!
banner motd CDefault Password: cisco
!
line con 0logging synchronous
line aux 0
line vty 0 4password ciscologintransport input ssh
!
!
end
开始排错, 要求R11可以访问R17的telnet
根据拓扑检查三台路由器的对应接口状态
检查R12和R11的e0/0口,有发现
**R12**e0/0口处于shutdown状态。开启
R12#show ip int br
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 145.67.89.2 YES NVRAM administratively down down
Ethernet0/1 unassigned YES NVRAM administratively down down
Ethernet0/2 unassigned YES NVRAM administratively down down
Ethernet0/3 unassigned YES NVRAM administratively down down
Ethernet1/0 145.67.89.17 YES NVRAM administratively down down
Ethernet1/1 unassigned YES NVRAM administratively down down
Ethernet1/2 unassigned YES NVRAM administratively down down
--more--
R12#config t
Enter configuration commands, one per line. End with CNTL/Z.
R12(config)#int e0/0
R12(config-if)#no shutdown
R12(config-if)#
%LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
%DUAL-5-NBRCHANGE: EIGRP-IPv4 145: Neighbor 145.67.89.1 (Ethernet0/0) is up: new adjacency
R12(config-if)#
R12(config-if)#do ping 145.67.89.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.67.89.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R12(config-if)#
开启后ping R11是通的,OK
检查R17和R12的S4/0口, 有发现
R17 s4/0口处于shutdown状态。开启
R17(config-if)#do show ip int s4/0
Serial4/0 is up, line protocol is upInternet address will be negotiated using IPCPBroadcast address is 255.255.255.255MTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledOutgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is enabledIP CEF switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, CEF
R12 s4/0口处于shutdown状态。开启
R12#show int s4/0
Serial4/0 is up, line protocol is down Hardware is M4TInternet address is 145.67.89.21/30MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255Encapsulation PPP, LCP Closed, crc 16, loopback not setKeepalive set (10 sec)Restart-Delay is 0 secsLast input 00:00:01, output 00:00:01, output hang neverLast clearing of "show interface" counters 01:27:21Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0Queueing strategy: fifoOutput queue: 0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec420 packets input, 9030 bytes, 0 no bufferReceived 0 broadcasts (0 IP multicasts)0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort533 packets output, 10442 bytes, 0 underruns0 output errors, 0 collisions, 106 interface resets0 unknown protocol drops0 output buffer failures, 0 output buffers swapped out--More--
结果发现R12的S4/0口,line protocol is down, 二层协议没有起来。
R12这边的 LCP是close状态, R17却是正常的,开启R12调试
R12#debug ppp negotiation
PPP protocol negotiation debugging is on
R12#
PPP: Alloc Context [C4A2B53C]
ppp93 PPP: Phase is ESTABLISHING
Se4/0 PPP: Using default call direction
Se4/0 PPP: Treating connection as a dedicated line
Se4/0 PPP: Session handle[6300005D] Session id[93]
Se4/0 LCP: Event[OPEN] State[Initial to Starting]
Se4/0 LCP: O CONFREQ [Starting] id 1 len 15
Se4/0 LCP: AuthProto CHAP (0x0305C22305)
Se4/0 LCP: MagicNumber 0xBC1BB661 (0x0506BC1BB661)
Se4/0 LCP: Event[UP] State[Starting to REQsent]
Se4/0 LCP: I CONFREQ [REQsent] id 1 len 10
Se4/0 LCP: MagicNumber 0xBC1BB888 (0x0506BC1BB888)
Se4/0 LCP: O CONFACK [REQsent] id 1 len 10
Se4/0 LCP: MagicNumber 0xBC1BB888 (0x0506BC1BB888)
Se4/0 LCP: Event[Receive ConfReq+] State[REQsent to ACKsent]
Se4/0 LCP: I CONFACK [ACKsent] id 1 len 15
Se4/0 LCP: AuthProto CHAP (0x0305C22305)
Se4/0 LCP: MagicNumber 0xBC1BB661 (0x0506BC1BB661)
Se4/0 LCP: Event[Receive ConfAck] State[ACKsent to Open]
Se4/0 PPP: Phase is AUTHENTICATING, by this end
Se4/0 CHAP: O CHALLENGE id 1 len 24 from "R12"
Se4/0 LCP: State is Open
Se4/0 CHAP: I RESPONSE id 1 len 41 from "UberMarket_spoke_R17"
Se4/0 PPP: Phase is FORWARDING, Attempting Forward
Se4/0 PPP: Phase is AUTHENTICATING, Unauthenticated User
Se4/0 CHAP: O FAILURE id 1 len 25 msg is "Authentication failed"
Se4/0 PPP DISC: User failed CHAP authentication
PPP: NET STOP send to AAA.
Se4/0 LCP: O TERMREQ [Open] id 2 len 4
Se4/0 LCP: Event[CLOSE] State[Open to Closing]
Se4/0 PPP: Phase is TERMINATING
Se4/0 LCP: I TERMACK [Closing] id 2 len 4
Se4/0 LCP: Event[Receive TermAck] State[Closing to Closed]
Se4/0 LCP: Event[DOWN] State[Closed to Initial]
Se4/0 PPP: Phase is DOWN
// 下面是重试
PPP: Alloc Context [C4A2B53C]
ppp94 PPP: Phase is ESTABLISHING
Se4/0 PPP: Using default call direction
报告认证失败。检查两边的认证的配置
R12 PPP相关配置
R12#show run interface s4/0
Building configuration...Current configuration : 173 bytes
!
interface Serial4/0ip address 145.67.89.21 255.255.255.252encapsulation ppppeer default ip address pool SPOKE1ppp authentication chapserial restart-delay 0
endR12#
R12#show run | section username
username UberMarket_spoke_R17 password 0 ccie
R12#
R17 PPP相关配置
R17(config)#do show run interface s4/0
Building configuration...Current configuration : 183 bytes
!
interface Serial4/0ip address negotiatedencapsulation pppppp chap hostname UberMarket_spoke_R17ppp chap password 0 CCIEppp ipcp route defaultserial restart-delay 0
end
发现密码不正确
R17(config)# interface Serial4/0
R17(config-if)# no ppp chap password 0 CCIE
R17(config-if)# ppp chap password ccie
R17(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
R17(config-if)#do show ip int br
Interface IP-Address OK? Method Status Protocol
......
Serial3/3 unassigned YES NVRAM administratively down down
Serial4/0 145.67.89.222 YES IPCP up up
Serial4/1 unassigned YES NVRAM administratively down down
Serial4/2 unassigned YES NVRAM administratively down down
Serial4/3 unassigned YES NVRAM administratively down down
Loopback0 145.17.17.17 YES NVRAM up up
Tunnel0 215.0.0.17 YES NVRAM up up
提示接口起来了,不过发现获取到的ip地址和R12对端配置的地址不是相同的网段,查询R12的配置发现是地址池不对。修改
R12#show run | s poolpeer default ip address pool SPOKE1
ip local pool SPOKE1 145.67.89.222
R12#
R12#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R12(config)#no ip local pool SPOKE1 145.67.89.222
R12(config)#ip local pool SPOKE1 145.67.89.22
R12(config)#查询R17.这下地址OK了
R17(config)# interface s4/0
R17(config-if)# shutdown
R17(config-if)# no sh
%LINK-3-UPDOWN: Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
R17(config-if)#do show interface s4/0
Serial4/0 is up, line protocol is up Hardware is M4TInternet address is 145.67.89.22/32MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255Encapsulation PPP, LCP OpenOpen: IPCP, CDPCP, crc 16, loopback not set
ping R17环回口地址,发现不通
检查R12 ping R17直连口,已经通了,所物理网络没有问题
R12(config)#do ping 145.67.89.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.67.89.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/9/10 ms
R12(config)#
检查R11路由表,并没有去往R17接口的路由
R11#sho ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2ia - IS-IS inter area, * - candidate default, U - per-user static routeo - ODR, P - periodic downloaded static route, H - NHRP, l - LISPa - application route+ - replicated route, % - next hop override, p - overrides from PfRGateway of last resort is not set145.11.0.0/32 is subnetted, 1 subnets
C 145.11.11.11 is directly connected, Loopback0145.12.0.0/32 is subnetted, 1 subnets
D 145.12.12.12 [90/1603] via 145.67.89.2, 00:25:20, Ethernet0/0145.67.0.0/16 is variably subnetted, 10 subnets, 2 masks
C 145.67.89.0/30 is directly connected, Ethernet0/0
L 145.67.89.1/32 is directly connected, Ethernet0/0
C 145.67.89.4/30 is directly connected, Ethernet1/0
L 145.67.89.5/32 is directly connected, Ethernet1/0
C 145.67.89.8/30 is directly connected, Ethernet2/0
L 145.67.89.9/32 is directly connected, Ethernet2/0
C 145.67.89.12/30 is directly connected, Ethernet3/0
L 145.67.89.13/32 is directly connected, Ethernet3/0
D 145.67.89.20/30 [90/8601] via 145.67.89.2, 00:03:37, Ethernet0/0
D 145.67.89.22/32 [90/8601] via 145.67.89.2, 00:03:37, Ethernet0/0
R11#
检查三台路由的动态路由协议。三台机都有EIGRP协议,
R11#show run | s router
router eigrp 145metric weights 0 1 1 1 1 1network 145.11.11.11 0.0.0.0network 145.67.89.1 0.0.0.0network 145.67.89.5 0.0.0.0
router bgp 14567bgp router-id 145.11.11.11bgp log-neighbor-changesnetwork 145.67.89.8 mask 255.255.255.252network 145.67.89.12 mask 255.255.255.252neighbor IBGP peer-groupneighbor IBGP remote-as 14567neighbor IBGP update-source Loopback0neighbor IBGP route-reflector-clientneighbor IBGP next-hop-selfneighbor 145.12.12.12 peer-group IBGPneighbor 145.13.13.13 peer-group IBGPneighbor 145.14.14.14 peer-group IBGPneighbor 145.67.89.10 remote-as 65200neighbor 145.67.89.10 default-originateneighbor 145.67.89.14 remote-as 65200R12#show run | s router
router eigrp 145metric weights 0 1 1 1 1 1network 145.12.12.12 0.0.0.0network 145.67.89.2 0.0.0.0network 145.67.89.17 0.0.0.0network 145.67.89.21 0.0.0.0offset-list 1 in 1000 Ethernet1/0 passive-interface Ethernet2/0passive-interface Serial4/0
router bgp 14567bgp router-id 145.12.12.12bgp log-neighbor-changesnetwork 123.45.67.20 mask 255.255.255.252network 123.45.67.40 mask 255.255.255.248neighbor 123.45.67.45 remote-as 12345neighbor 123.45.67.45 shutdownneighbor 123.45.67.46 remote-as 12345neighbor 145.11.11.11 remote-as 14567neighbor 145.11.11.11 update-source Loopback0neighbor 145.11.11.11 next-hop-selfR17#show run | s router
router eigrp 200network 145.17.17.17 0.0.0.0network 145.67.89.57 0.0.0.0network 215.0.0.17 0.0.0.0eigrp stub connected summary
发现R17的eigrp AS号与R11和R12不一样, 而且还配置了K值 。那就no掉重新配置
R17(config)#no router eigrp 200
R17(config)#router eigrp 145
R17(config-router)#network 0.0.0.0
R17(config-router)#metric weights 0 1 1 1 1 1
R17(config-router)#
结果发现,网络并没有起来。再次检查三台路由的EIGRP配置,这时发现R12上EIGRP配置了passive-interface。只接收不发出路由更新。
R12#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R12(config)#router eigrp 145
R12(config-router)#no passive-interface Ethernet2/0
R12(config-router)#no passive-interface Serial4/0
%DUAL-5-NBRCHANGE: EIGRP-IPv4 145: Neighbor 145.67.89.22 (Serial4/0) is up: new adjacency
R12(config-router)#do show ip eigrp neighbor
EIGRP-IPv4 Neighbors for AS(145)
H Address Interface Hold Uptime SRTT RTO Q Seq(sec) (ms) Cnt Num
1 145.67.89.22 Se4/0 10 00:00:45 22 132 0 3
0 145.67.89.1 Et0/0 11 00:33:41 656 3936 0 7
R12(config-router)#
和R11,R17两个邻居都起来了,再次检查R11路由表
R11#show ip route
......145.12.0.0/32 is subnetted, 1 subnets
D 145.12.12.12 [90/1603] via 145.67.89.2, 00:34:47, Ethernet0/0145.17.0.0/32 is subnetted, 1 subnets
D 145.17.17.17 [90/9101] via 145.67.89.2, 00:01:59, Ethernet0/0145.67.0.0/16 is variably subnetted, 10 subnets, 2 masks
D 145.67.89.20/30 [90/8601] via 145.67.89.2, 00:13:04, Ethernet0/0
D 145.67.89.22/32 [90/8601] via 145.67.89.2, 00:13:04, Ethernet0/0
D 215.0.0.0/24 [90/107492] via 145.67.89.2, 00:01:59, Ethernet0/0
R11#
R11#ping 145.17.17.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.17.17.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/9/10 ms
R11#
路由有了。ping也通了。再次telnet
telnet R17环回口IP
网络通,但是telnet失败
R11#telnet 145.17.17.17
Trying 145.17.17.17 ...
% Connection refused by remote hostR11#
这种情况通常是对端没有配置telnet,查询R17 配置
R17(config-router)#do show run | s line
line con 0logging synchronous
line aux 0
line vty 0 4password ciscologintransport input ssh
R17(config-router)#
修改transport从ssh到telnet
R17(config)#line vty 0 4
R17(config-line)#transport input telnet
R17(config-line)#do show run | s line
line con 0logging synchronous
line aux 0
line vty 0 4password ciscologintransport input telnet
R17(config-line)#
在R11上再次telnet
R11#telnet 145.17.17.17
Trying 145.17.17.17 ...
% Connection refused by remote hostR11#telnet 145.17.17.17
Trying 145.17.17.17 ... Open
CDefault Password: ciscoUser Access VerificationPassword: cisco
R17>en
Password: cisco
R17#
登陆成功!目标达到。
