实验拓扑
实验要求
- 根据实验拓扑的IP地址分配,为所有设备配置对应的IP地址和环回地址。
- 全网运行RIPv2,将R1、R2、R3和R4的物理端口、Loopback地址和10.1.00网段进行宣告。并在rip协议下配置路由自动汇总,观察R1/R2是否能够收到10.0.0.0的详细路由,为什么?
- 所有路由器关闭自动汇总功能,观察R1/R2是否能够收到10.0.0.0的明细路由,在R2的接口上将该路由进行手动汇总,使R1只能收到10.1.0.0/22的汇总路由。
- 去R1上观察关于10.1.0.0/22的路由metric值是多少,配置将该路由的metric修改为6。
- 在R4上观察去23.1.1.0.网段有几个下一跳,配置R4与R2之间网段不发送RIP更新,使R4去23.1.1.0网段只有一个下一跳。
- 在R1上将1.0.0.0的network去掉,R2、R3和R4这个时候没有路由到达1.0.0.0。配置R1通告一条默认路由给R2、R3和R4。
- 恢复R2与R4之间发送RIP更新,在R2上观察去34.1.1.0网段有几个下一跳,改变RIP的默认最大可用路径,使之只有一个下一跳。
实验分析
- 略。
- R1和R2上没有到10.0.0.0的详细路由,因为自动汇总,匹配的是自然掩码,10.0.0.0匹配的掩码是8.
- 关闭自动汇总后,R1和R2上有10.0.0.0的明细路由,因为开启的是RIPv2,支持VLMS。接口上手动汇总的命令是
rip summary-address 10.1.0.0 255.255.252.0
- 由于RIP是根据跳数计算度量值,所以metric的值为2,修改metric的命令为
rip metricin 2000 5
ACL策略为:rule permit source 10.1.0.0 0.0.255.255
rule deny
(答案不唯一) - 由于R4既与R3相连又与R2相连,且没有修改cost值,因此有个下一跳。配置不发送RIP更新的命令为:
silent-interface GigabitEthernet 0/0/2
(配置完,需要等待180秒左右,路由才会老化,才会有效果) - 在R1上引入直连路由,命令为:
import-route direct
- 有2条到达34.1.1.0的下一条,改变RIP默认的最大可用路径的命令为:
maximum load-balancing 1
实验配置
[V200R003C00]
#sysname R1
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#set cpu-usage threshold 80 restore 75
#
acl number 2000 rule 5 permit source 10.1.0.0 0.0.255.255 rule 10 deny
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 12.1.1.1 255.255.255.0 rip metricin 2000 4
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 1.1.1.1 255.255.255.255
#
rip 1version 2network 12.0.0.0import-route direct
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[V200R003C00]
#sysname R2
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 12.1.1.2 255.255.255.0 rip summary-address 10.1.0.0 255.255.252.0
#
interface GigabitEthernet0/0/1ip address 23.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/2ip address 24.1.1.2 255.255.255.0
#
interface NULL0
#
interface LoopBack2ip address 2.2.2.2 255.255.255.255
#
rip 1version 2network 12.0.0.0network 2.0.0.0network 23.0.0.0network 24.0.0.0maximum load-balancing 1
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[V200R003C00]
#sysname R3
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 34.1.1.3 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 23.1.1.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack3ip address 3.3.3.3 255.255.255.255
#
interface LoopBack10ip address 10.1.1.3 255.255.255.0
#
rip 1version 2network 3.0.0.0network 34.0.0.0network 23.0.0.0network 10.0.0.0
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[V200R003C00]
#sysname R4
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 34.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2ip address 24.1.1.1 255.255.255.0
#
interface NULL0
#
interface LoopBack4ip address 4.4.4.4 255.255.255.255
#
interface LoopBack10ip address 10.1.3.4 255.255.255.0
#
rip 1version 2network 4.0.0.0network 24.0.0.0network 34.0.0.0network 10.0.0.0
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
参考资料
RIP实验_billbill