Sharkii

提要描述

IGRP(Interior Gateway Routing Protocol) 内部网关路由协议是八十年代中期由Cisco公司开发的路由协议， Cisco创建IGRP的主要目的是为AS内的路由提供一种健壮的协议。
八十年代中期，最流行的AS内的路由协议是RIP。虽然RIP对于在小到中型的同类网中非常有用，但随着网络的发展，其限制越来越显著，特别是RIP很小的跳数限制(16)制约了网络的规模，且其单一的metric（跳数）在复杂的环境中很不灵活。 Cisco路由器的普及和IGRP的健壮性使许多拥有大型网络的组织用IGRP代替RIP。
　　Cisco最初的IGRP实现工作在IP网络上，但是IGRP是设计以运行于任何网络环境中的， Cisco很快就把它移植以运行于OSI的CLNP(Connectionless Network Protocol)网络。在九十年代初Cisco开发了增强型IGRP（EIGRP）以提高IGRP的工作效率，现在Cisco只有在较低的IOS版本才支持IGRP。本文讨论IGRP的基本配置和实现。
实验目标：IGRP的基本配置、定时器设置、被动接口、单播更新、非等价负载均衡。

↓调试配置及监测步骤↓

4.1.1 IGRP基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no shut
!
router igrp 100
network 1.0.0.0
network 12.0.0.0
!

!
hostname R2
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no shut
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no shut
!
router igrp 100
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no shut
!
router igrp 100
network 3.0.0.0
network 23.0.0.0
!

配置IGRP的时候，它的自治系统号（Autonomous system number）必须一致，否则路由器之间不会交换路由信息。

下面看看各个路由器的路由表：

R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
I    3.0.0.0/8 [100/10976] via 12.1.1.2, 00:00:56, Serial1/1
I    23.0.0.0/8 [100/10476] via 12.1.1.2, 00:00:56, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R2#show ip route
I    1.0.0.0/8 [100/8976] via 12.1.1.1, 00:00:36, Serial1/0
I    3.0.0.0/8 [100/8976] via 23.1.1.3, 00:00:32, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

R3#show ip route
I    1.0.0.0/8 [100/10976] via 23.1.1.2, 00:01:03, Serial1/0
     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
I    12.0.0.0/8 [100/10476] via 23.1.1.2, 00:01:03, Serial1/0
由结果可以看到，各个路由器都已经学到前面带I的IGRP的路由条目。

下面以R1为例，用debug ip igrp transactions命令来监测路由信息的更新情况：

R1#debug ip igrp transactions
00:19:52: IGRP: received update from 12.1.1.2 on Serial1/1
00:19:52:       network 3.0.0.0, metric 10976 (neighbor 8976)
00:19:52:       network 23.0.0.0, metric 10476 (neighbor 8476)
R1#
00:20:31: IGRP: sending update to 255.255.255.255 via Serial1/1 (12.1.1.1)
00:20:31:       network 1.0.0.0, metric=501
00:20:31: IGRP: sending update to 255.255.255.255 via Loopback0 (1.1.1.1)
00:20:31:       network 3.0.0.0, metric=10976
00:20:31:       network 23.0.0.0, metric=10476
00:20:31:       network 12.0.0.0, metric=8476
从输出信息可以开到R1由S1/1接口学到的路由条目，不会再由S1/1接口发送出去，这证明IGRP的水平分割在起作用，IGRP水平分割的作用与RIP中的一样，路由器学习到路由信息，不会向发来信息的接口返回同样的信息。

下面在R1的S1/1接口关闭水平分割功能看看：

R1(config)#int s1/1
R1(config-if)#no ip split-horizon

R1#debug ip igrp transactions
00:28:06: IGRP: received update from 12.1.1.2 on Serial1/1
00:28:06:       network 3.0.0.0, metric 10976 (neighbor 8976)
00:28:06:       network 23.0.0.0, metric 10476 (neighbor 8476)
R1#
00:28:56: IGRP: sending update to 255.255.255.255 via Serial1/1 (12.1.1.1)
00:28:56:       subnet 12.1.1.0, metric=8476
00:28:56:      network 1.0.0.0, metric=501
00:28:56:       network 3.0.0.0, metric=10976
00:28:56:       network 23.0.0.0, metric=10476
由结果可以看到，关闭水平分割之后，从同一个接口学到的路由又这个接口发送出去。

下面验证一下IGRP自治系统号不一致的情况，在R1上删除IGRP原来的进程，并添加一个新的自治系统号为10的进程。

R1(config)#no router igrp 100
R1(config)#router igrp 10
R1(config-router)#network 1.0.0.0
R1(config-router)#network 12.0.0.0

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
由R1的路由表可以看到由于自治系统号的不一致导致路由器不会交换路由信息。

4.1.2 IGRP的定时器设置
默认情况下IGRP的定时器情况：

R2#show ip protocols
Routing Protocol is "igrp 100"
Sending updates every 90 seconds, next due in 28 seconds
Invalid after 270 seconds, hold down 280, flushed after 630
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hopcount 100
IGRP maximum metric variance 1
Redistributing: igrp 100
Maximum path: 4
Routing for Networks:
    12.0.0.0
    23.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.1             100      00:06:48
    23.1.1.3             100      00:00:45
Distance: (default is 100)

由于默认定时器时间太长，我们可以在IGRP路由进程下通过命令timers basic X X X X 来修改相应的时间值。

先在R1上删除IGRP进程，恢复自治系统号为100的进程。

R1(config)#no router igrp 10
R1(config)#router igrp 100
R1(config-router)#network 1.0.0.0
R1(config-router)#network 12.0.0.0

现在各路由器上修改定时器的时间:
R1(config)#router igrp 100
R1(config-router)#timers basic 10 20 30 40
R1#clear ip route *

R2(config)#router igrp 100
R2(config-router)#timers basic 10 20 30 40
R1#clear ip route *

R3(config)#router igrp 100
R3(config-router)#timers basic 10 20 30 40
R1#clear ip route *

R1#show ip protocols
Routing Protocol is "igrp 100"
Sending updates every 10 seconds, next due in 6 seconds
Invalid after 20 seconds, hold down 30, flushed after 40
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hopcount 100
IGRP maximum metric variance 1
Redistributing: igrp 100
Maximum path: 4
Routing for Networks:
    1.0.0.0
    12.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.2             100      00:00:01
Distance: (default is 100)
通过以R1为例在show ip protocols下可以看到各定时器已经修改成功，当然我们还可以通过debug ip igrp transactions和多次重复show ip route 来监测查看定时器的情况（也可以shutdown接口测试接收不到路由信息的情况）。

4.1.3 IGRP的被动接口情况

在R2上禁止S1/1接口发送IGRP路由更新：
R2(config)#router igrp 100
R2(config-router)#passive-interface s1/1

R2#debug ip igrp transactions
01:12:38: IGRP: sending update to 255.255.255.255 via Serial1/0 (12.1.1.2)
01:12:38:       network 3.0.0.0, metric=8976
01:12:38:       network 23.0.0.0, metric=8476
R2#
01:12:39: IGRP: received update from 12.1.1.1 on Serial1/0 #---接收来自R1
01:12:39:      network 1.0.0.0, metric 8976 (neighbor 501)
R2#
01:12:41: IGRP: received update from 23.1.1.3 on Serial1/1 #---接收来自R3
01:12:41:       network 3.0.0.0, metric 8976 (neighbor 501)
R2#
01:12:48: IGRP: sending update to 255.255.255.255 via Serial1/0 (12.1.1.2)
01:12:48:      network 3.0.0.0, metric=8976
01:12:48:       network 23.0.0.0, metric=8476
从debug信息可以开到，来自R1、R3的路由信息R2都接收了，而且R2把接收到来自R3的路由信息由接口S1/0发送给R1，但却不把接收到来自R1的路由信息由S1/1发送给R3，这就是S1/1做了被动起到的作用（只收不发）

再看看R1、R3的路由表：

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
I    3.0.0.0/8 [100/10976] via 12.1.1.2, 00:00:02, Serial1/1
I    23.0.0.0/8 [100/10476] via 12.1.1.2, 00:00:02, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R3#show ip route
     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
由两个路由表可以看到，R1学到了R2发来的全部路由，但R3没有学到。

4.1.4 IGRP的单播更新

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
no shut
!
router igrp 10
network 1.0.0.0
network 10.0.0.0
!

!
hostname R2
!
interface FastEthernet0/0
ip address 10.1.1.2 255.255.255.0
no shut
!
router igrp 10
network 10.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
ip address 10.1.1.3 255.255.255.0
no shut
!
router igrp 10
network 3.0.0.0
network 10.0.0.0
!

看看R2的接收IGRP路由器信息的情况：

R2#show ip route
I    1.0.0.0/8 [100/610] via 10.1.1.1, 00:00:06, FastEthernet0/0
I    3.0.0.0/8 [100/610] via 10.1.1.3, 00:00:06, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0

R2#debug ip igrp transactions
00:13:47: IGRP: received update from 10.1.1.3 on FastEthernet0/0
00:13:47:       network 3.0.0.0, metric 610 (neighbor 501)
00:13:51: IGRP: received update from 10.1.1.1 on FastEthernet0/0
00:13:51:       network 1.0.0.0, metric 610 (neighbor 501)
R2从Fa0/0接口接收到，分别来自R1、R3的路由信息。

下面在R1、R3上配置单播更新看看：

R1(config)#router igrp 10
R1(config-router)#neighbor 10.1.1.3 #----指定R3为单播邻居

R3(config)#router igrp 10
R3(config-router)#neighbor 10.1.1.1 #----知道R1为单播邻居

R1#debug ip igrp events
00:19:11: IGRP: sending update to 255.255.255.255 via FastEthernet0/0 (10.1.1.1) #---虽然做了单播，但仍然向F0/0发送广播更新
00:19:11: IGRP: Update contains 0 interior, 1 system, and 0 exterior routes.
00:19:11: IGRP: Total routes in update: 1
00:19:11: IGRP: sending update to 255.255.255.255 via Loopback0 (1.1.1.1) #----向Loopback0接口发送广播更新
00:19:11: IGRP: Update contains 0 interior, 2 system, and 0 exterior routes.
00:19:11: IGRP: Total routes in update: 2
00:19:11: IGRP: sending update to 10.1.1.3 via FastEthernet0/0 (10.1.1.1) #----向R3发送单播更新
00:19:11: IGRP: Update contains 1 interior, 1 system, and 0 exterior routes.
00:19:11: IGRP: Total routes in update: 2
00:19:12: IGRP: received update from 10.1.1.3 on FastEthernet0/0 #----收到来自R3的单播更新
00:19:12: IGRP: Update contains 0 interior, 1 system, and 0 exterior routes.
00:19:12: IGRP: Total routes in update: 1
通过debug信息我们可以看到R1与R3之间已经建立了单播更新。

我都知道在RIP当中单播可以穿透被动接口发送消息出去，那现在我们看看在IGRP的情况又会如何！？

把R1的Fa0/0被动掉：
R1(config)#router igrp 10
R1(config-router)#passive-interface fa0/0

看看R2和R3的路由表

R2#show ip route
I    1.0.0.0/8 [100/610] via 10.1.1.1, 00:02:54, FastEthernet0/0
I    3.0.0.0/8 [100/610] via 10.1.1.3, 00:00:37, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0

R2#show ip route
I    1.0.0.0/8 is possibly down, routing via 10.1.1.1, FastEthernet0/0
I    3.0.0.0/8 [100/610] via 10.1.1.3, 00:00:34, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0

R3#show ip route
I    1.0.0.0/8 [100/610] via 10.1.1.1, 00:00:44, FastEthernet0/0
     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
从R2的路由表可以看到，学到来自R1的路由条目老化时间已经超过了90S，这证明R2已经再没有收到相关的路由更新了，而R3依然正常接收更新。这是因为我们在R1的Fa0/0接口上做了被动，这时R1的Fa0/0对路由信息是（只收不发），但又因为R1和R3之间做了指定了单播邻居。做了单播更新，R1照常向R3发送更新，所以R3正常地接收来自R1的路由更新。这也说明了单播更新在IGRP中也可以穿透被动接口。
在debug信息也可以证明这点：
R1#debug ip igrp transactions
00:35:20: IGRP: received update from 10.1.1.3 on FastEthernet0/0
00:35:20:       network 3.0.0.0, metric 610 (neighbor 501)
00:35:20: IGRP: received update from 10.1.1.3 on FastEthernet0/0
00:35:20:       subnet 10.1.1.0, metric 120 (neighbor 110)
00:35:20:       network 3.0.0.0, metric 610 (neighbor 501)
R1#
00:35:32: IGRP: sending update to 255.255.255.255 via Loopback0 (1.1.1.1)
00:35:32:       network 3.0.0.0, metric=610
00:35:32:       network 10.0.0.0, metric=110
00:35:32: IGRP: sending update to 10.1.1.3 via FastEthernet0/0 (10.1.1.1)
00:35:32:       subnet 10.1.1.0, metric=110
00:35:32:       network 1.0.0.0, metric=501
在Debug信息中，可以看到R1再也不向Fa0/0发送广播更新了，只向Lo0接口发送广播更新和向R3发送单播更新。

4.1.5 IGRP的非等价负载均衡

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
no shut
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no shut
!
router igrp 10
network 1.0.0.0
network 10.0.0.0
network 12.0.0.0
!

!
hostname R2
!
interface FastEthernet0/0
ip address 10.1.1.2 255.255.255.0
no shut
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no shut
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no shut
!
router igrp 10
network 10.0.0.0
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no shut
!
router igrp 10
network 3.0.0.0
network 23.0.0.0
!

完成配置之后看看各个路由器的路由表情况：

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
I    3.0.0.0/8 [100/8986] via 10.1.1.2, 00:01:01, FastEthernet0/0
I    23.0.0.0/8 [100/8486] via 10.1.1.2, 00:01:01, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R2#show ip route
I    1.0.0.0/8 [100/610] via 10.1.1.1, 00:00:12, FastEthernet0/0
I    3.0.0.0/8 [100/8976] via 23.1.1.3, 00:00:18, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

R3#show ip route
I    1.0.0.0/8 [100/8986] via 23.1.1.2, 00:00:51, Serial1/0
     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
I    10.0.0.0/8 [100/8486] via 23.1.1.2, 00:00:51, Serial1/0
I    12.0.0.0/8 [100/10476] via 23.1.1.2, 00:00:51, Serial1/0
结果显示各路由器都学到了相应的路由信息，而且R1、R2的相互学到的路由条目是通过Fa0/0接口接收的。

针对以上情况，下面我们看看IGRP的度量计算公式情况：
度量标准=[K1*带宽+(K2*带宽)/(256-负载)+K3*延迟]*[K5/(可靠性+K4)]
默认的常数值是K1=K3=1，K2=K4=K5=0。
因此，IGRP的度量标准计算简化为：度量标准=带宽+延迟。（其中带宽BW为最小带宽，延迟DLY为所经路由器接口的延迟总和）

R1#show ip protocols
IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

现在我们以R1接收R3的loopback路由为例，看看度量值的计算情况：

R1#show int fa0/0
FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is cc00.0f14.0000 (bia cc00.0f14.0000)
Internet address is 10.1.1.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255

R2#show int s1/1
Serial1/1 is up, line protocol is up
Hardware is M4T
Internet address is 23.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255

R3#show int loopback 0
Loopback0 is up, line protocol is up
Hardware is Loopback
Internet address is 3.3.3.3/24
MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
从上面我们对R3的loopback路由所经过的接口跟踪查询，可以发现最小带宽BW=1544 Kbit，延迟DLY总和=100+20000+5000=25100 ，Metric(度量值)=10^7/1544+25100/10=8986.683937823834196891191709844约等于8986 ，与R1路由表学到的3.0.0.0的路由条目度量值一致。

通过下面的方式查看也可以证明：
R1#show ip route 3.0.0.0
Routing entry for 3.0.0.0/8
Known via "igrp 10", distance 100, metric 8986
Redistributing via igrp 10
Advertised by igrp 10 (self originated)
Last update from 10.1.1.2 on FastEthernet0/0, 00:00:28 ago
Routing Descriptor Blocks:
* 10.1.1.2, from 10.1.1.2, 00:00:28 ago, via FastEthernet0/0
      Route metric is 8986, traffic share count is 1
      Total delay is 25100 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1

在R1上打开debug信息细心观察：
R1#debug ip igrp transactions
R1#
01:00:27: IGRP: received update from 10.1.1.2 on FastEthernet0/0
01:00:27:       network 3.0.0.0, metric 8986 (neighbor 8976)
#--- neighbor 8976是指邻居（R2）到达这个网络的Metric 为8976
01:00:27:       network 23.0.0.0, metric 8486 (neighbor 8476)
01:00:27:       network 12.0.0.0, metric 8486 (neighbor 8476)
01:00:27: IGRP: received update from 12.1.1.2 on Serial1/1
01:00:27:       network 1.0.0.0, metric 8986 (neighbor 610)
01:00:27:       network 3.0.0.0, metric 10976 (neighbor 8976)
01:00:28:       network 23.0.0.0, metric 10476 (neighbor 8476)
01:00:28:       network 10.0.0.0, metric 8486 (neighbor 110)
细心观察debug信息可以看到，3.0.0.0这条路由信息是分别从FastEthernet0/0和Serial1/1学到，但因为Metric越少越优先，所以R1的路由表安装的是来自FastEthernet0/0的路由条目。

我们这里的实验连接图R1与R2之间是存在两条链路的，如果要实现双链路负载均衡，可以做下面的相关调整。

R1(config)#router igrp 10
R1(config-router)#variance ?
<1-128> Metric variance multiplier

R1(config-router)#variance 2
上面的设置是调整Variance参数=2，代表度量值Metric在允许的变化范围内（这里为最小度量值的2倍以内），路由器将在2条链路上进行负载均衡。

现在看看R1的路由表：
R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
I    3.0.0.0/8 [100/8986] via 10.1.1.2, 00:00:09, FastEthernet0/0
               [100/10976] via 12.1.1.2, 00:00:09, Serial1/1
I    23.0.0.0/8 [100/8486] via 10.1.1.2, 00:00:09, FastEthernet0/0
                [100/10476] via 12.1.1.2, 00:00:09, Serial1/1
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
可以看到3.0.0.0路由条目已经具备了2个下一跳，分别由Fa0/0与S1/1学到这条路由。

再通过下面的工具测试一下负载均衡：

R1#traceroute 3.3.3.3
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 10.1.1.2 52 msec
12.1.1.2 72 msec
    10.1.1.2 72 msec
2 23.1.1.3 144 msec * 216 msec
走两条路径

R1#show ip route 3.3.3.3
Routing entry for 3.0.0.0/8
Known via "igrp 10", distance 100, metric 8986
Redistributing via igrp 10
Advertised by igrp 10 (self originated)
Last update from 12.1.1.2 on Serial1/1, 00:00:02 ago
Routing Descriptor Blocks:
* 10.1.1.2, from 10.1.1.2, 00:00:02 ago, via FastEthernet0/0
      Route metric is 8986, traffic share count is 60
      Total delay is 25100 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
    12.1.1.2, from 12.1.1.2, 00:00:02 ago, via Serial1/1
      Route metric is 10976, traffic share count is 49
      Total delay is 45000 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
由于Metric的不同，traffic share count也不同，以上的接口是轮着交替发送报文的，一个发完交给下一个接口。

注意！IGRP已经是淘汰再淘汰的产物，Cisco自己现时较新版本的IOS也不再支持，所以纯粹当作实验一下研究看看效果而已。[/img]..

类别：IGP|阅读(271)|回复(6)|赞(0)阅读全文>>

原创

3.8 RIPv2的认证机制

2008-03-23 20:24:20

3.8 RIPv2的认证机制

实验连接图

提要描述

Cisco 实现RIPv2的消息认证包括两种选择—简单的明文认知和MD5认证。
配置RIPv2认证的步骤如下：
1：定义一个带名的钥匙链
2：定义在钥匙链的钥匙
3：在接口上启动认证并指定使用的钥匙链
4：指定这个接口使用明文认证还是MD5认证
5：还有其它的可选配置钥匙管理
实验目标: 通过实验调试出两种认证的各种情况

RIPv1基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
!
interface Loopback2
ip address 1.1.2.1 255.255.255.0
!
interface Loopback3
ip address 1.1.3.1 255.255.255.0
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no shut
!
router rip
version 2
network 1.0.0.0
network 12.0.0.0
no auto-summary
!

!
hostname R2
!
interface Loopback1
ip address 2.2.1.1 255.255.255.0
!
interface Loopback2
ip address 2.2.2.1 255.255.255.0
!
interface Loopback3
ip address 2.2.3.1 255.255.255.0
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no shut
!
router rip
version 2
network 2.0.0.0
network 12.0.0.0
no auto-summary
!

↓调试配置及监测步骤↓

完成以上基本配置常规情况下的路由表：

R1#show ip route
     1.0.0.0/24 is subnetted, 3 subnets
C       1.1.1.0 is directly connected, Loopback1
C       1.1.2.0 is directly connected, Loopback2
C       1.1.3.0 is directly connected, Loopback3
     2.0.0.0/24 is subnetted, 3 subnets
R       2.2.1.0 [120/1] via 12.1.1.2, 00:00:05, Serial1/1
R       2.2.2.0 [120/1] via 12.1.1.2, 00:00:05, Serial1/1
R       2.2.3.0 [120/1] via 12.1.1.2, 00:00:05, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R2#show ip route
     1.0.0.0/24 is subnetted, 3 subnets
R       1.1.1.0 [120/1] via 12.1.1.1, 00:00:11, Serial1/0
R       1.1.2.0 [120/1] via 12.1.1.1, 00:00:11, Serial1/0
R       1.1.3.0 [120/1] via 12.1.1.1, 00:00:11, Serial1/0
     2.0.0.0/24 is subnetted, 3 subnets
C       2.2.1.0 is directly connected, Loopback1
C       2.2.2.0 is directly connected, Loopback2
C       2.2.3.0 is directly connected, Loopback3
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

（一）明文认证

在R1上的配置：
R1(config)#key chain sharkii #----配置钥匙链
R1(config-keychain)#key 1    #----配置一把钥匙
R1(config-keychain-key)#key-string sharkii labing #----配置钥匙的密码
R1(config)#int s1/1
R1(config-if)#ip rip authentication key sharkii #---在接口上启动认证并调用钥匙链
R1(config-if)#ip rip authentication mode text   #----------配置认证模式为明文，默认认证模式就是明文，所以也可以不用指定

在R2上同样配置：
R2(config)#key chain sharkii
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string sharkii labing
R2(config)#int s1/0
R2(config-if)#ip rip authentication key sharkii
R2(config-if)#ip rip authentication mode text

R1#show ip protocols
    Interface             Send Recv Triggered RIP Key-chain
Serial1/1             2     2                   sharkii

R2#show ip protocols
    Interface             Send Recv Triggered RIP Key-chain
   Serial1/0             2     2                   sharkii
以上两行表明R1的S1/1和R2的S1/0接口都启用了认证
R1#debug ip rip
*Mar 23 04:12:03.799: RIP: received packet with text authentication sharkii labing #---收到密码为sharkii labing的明文认证数据包
*Mar 23 04:12:03.803: RIP: received v2 update from 12.1.1.2 on Serial1/1
*Mar 23 04:12:03.803:      2.2.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 04:12:03.807:      2.2.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 04:12:03.807:      2.2.3.0/24 via 0.0.0.0 in 1 hops
R2#debug ip rip
*Mar 23 04:11:59.035: RIP: received packet with text authentication sharkii labing
*Mar 23 04:11:59.035: RIP: received v2 update from 12.1.1.1 on Serial1/0
*Mar 23 04:11:59.035:      1.1.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 04:11:59.039:      1.1.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 04:11:59.039:      1.1.3.0/24 via 0.0.0.0 in 1 hops
在接收的更新中带有“text authentication”的字样，再次证明接口S1/1 和S1/0都启用了明文认证。

看看用软件在R1的S1/1接口抓包情况：

如图所示！当使用简单的密码认证是，密码是以明文方式传输的，因此很容易通过嗅探更新数据包就可以读出密码。

（二）MD5认证

关于MD5 认证，(在明文配置的基础上)只需要在接口下声明认证模式为MD5 即可:
在R1、R2上的配置:
R1(config)#int s1/1
R1(config-if)#ip rip authentication mode md5

R2(config)#int s1/0
R2(config-if)#ip rip authentication mode md5

看看R1、R2的debug信息：
R1#debug ip rip
*Mar 23 05:11:38.383: RIP: received packet with MD5 authentication
*Mar 23 05:11:38.387: RIP: received v2 update from 12.1.1.2 on Serial1/1
*Mar 23 05:11:38.387:      2.2.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 05:11:38.391:      2.2.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 05:11:38.391:      2.2.3.0/24 via 0.0.0.0 in 1 hops
R2#debug ip rip
*Mar 23 05:11:36.483: RIP: received packet with MD5 authentication
*Mar 23 05:11:36.487: RIP: received v2 update from 12.1.1.1 on Serial1/0
*Mar 23 05:11:36.487:      1.1.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 05:11:36.491:      1.1.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 05:11:36.491:      1.1.3.0/24 via 0.0.0.0 in 1 hops
在接收的更新中带有“MD5 authentication”的字样，已经看不到了被加密的密码。

再次看看用软件在R1的S1/1接口抓包情况：

如图所示！来自同样的更新，但使用是MD5认证，密码是以MD5加密传输的，因此看到的密码已经不是明文而是一大串经过128位hash的字符，这样就算通过嗅探包含更新的数据包也非常之难读出密码。因此明智的选择是用安全性能好得多的MD5认证。

总结：
钥匙链name只有本地有意义，两个路由器的key chain name可以不同，但宣告给对方的key-string必须相同，成功配置认证最明智的方法是：不要手动一条条配置，而是是写好脚本粘贴上路由器。

1: 明文认证的匹配原则是：
(1). 发送方发送最小Key ID的密钥(key-string)
(2). 不携带Key ID号码
(3). 接收方会和所有Key Chain 中的密钥(key-string)匹配，如果匹配成功，则通过认证。

【例如】
路由器R1 有一个Key ID,key1=sharkii01；
路由器R2 有两个Key ID,key1=sharkii02,key2=sharkii01
R1上的配置：
!
key chain sharkii01
key 1
key-string sharkii01
!
interface Serial1/1
ip rip authentication key-chain sharkii01
!
R2上的配置：
!
key chain sharkii02
key 1
key-string sharkii02
key 2
key-string sharkii01
!
interface Serial1/0
ip rip authentication key-chain sharkii02
!
R1#debug ip rip
*Mar 23 08:08:59.375: RIP: received packet with text authentication sharkii02
*Mar 23 08:08:59.379: RIP: ignored v2 packet from 12.1.1.2 (invalid authentication) #----接收来自R2的密钥(sharkii02)时认证失败。

R2#debug ip rip
*Mar 23 08:13:09.883: RIP: received packet with text authentication sharkii01
*Mar 23 08:13:09.887: RIP: received v2 update from 12.1.1.1 on Serial1/0
*Mar 23 08:13:09.887:      1.1.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 08:13:09.887:      1.1.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 08:13:09.891:      1.1.3.0/24 via 0.0.0.0 in 1 hops
根据上面的原则，R1 认证失败，R2 认证成功可以学到来自R1的全部路由，所以在RIP v2认证中，会有可能出现单边路由的现象。



2: MD5 认证的匹配原则是：
（1）. 发送方发送最小Key ID的密钥(key-string)
（2）. 携带Key ID号码
（3）. 接收方首先会查找是否有相同的Key ID，如果有，只匹配一次，就可决定认证是否成功。如果没有该Key ID，只向下查找下一个key ID（只检查该KEY ID号中的密钥），匹配，认证成功；不匹配，认证失败。

【例如】
路由器R1 有三个Key ID,key1=sharkii02，key3=sharkii,key4=sharkii ；
路由器R2 有一个Key ID,key2=sharkii02
根据上面的原则，R1 认证失败，R2 认证成功。

R1上的配置：
!
key chain sharkii01
key 1
key-string sharkii02
key 3
key-string sharkii01
key 4
key-string sharkii02
!
interface Serial1/1
ip rip authentication mode md5
ip rip authentication key-chain sharkii01
！
R2上的配置：
!
key chain sharkii02
key 2
key-string sharkii02
!
interface Serial1/0
ip rip authentication mode md5
ip rip authentication key-chain sharkii02
！
R1#debug ip rip
*Mar 23 08:30:41.655: RIP: received packet with MD5 authentication
*Mar 23 08:30:41.659: RIP: ignored v2 packet from 12.1.1.2 (invalid authentication) #----认证失败

R2#debug ip rip
*Mar 23 08:31:16.815: RIP: received packet with MD5 authentication
*Mar 23 08:31:16.819: RIP: received v2 update from 12.1.1.1 on Serial1/0
*Mar 23 08:31:16.819:      1.1.1.0/24 via 0.0.0.0 in 1 hops
*Mar 23 08:31:16.823:      1.1.2.0/24 via 0.0.0.0 in 1 hops
*Mar 23 08:31:16.823:      1.1.3.0/24 via 0.0.0.0 in 1 hops
根据上面的MD5认证匹配的原则，R1 认证失败，R2 认证成功可以学到来自R1的全部路由。

[/img]..

类别：IGP|阅读(424)|回复(4)|赞(1)阅读全文>>

原创

3.7 RIPv1中的主机路由现象

2008-03-22 23:27:00

3.7 RIPv1中的主机路由现象

提要描述

由于RIP v1不支持发送子网掩码，所以只能依靠自己接口的掩码和接受到的路由条目进行”与”运算，来得出路由条目安装到路由表中。产生..

类别：IGP|阅读(699)|回复(2)|赞(0)阅读全文>>

原创

3.6 RIP的防环机制

2008-03-09 21:10:54

RIP的防环机制

实验连接图

提要描述

1-记数无穷大（maximum hop count）：定义最大跳数（最大为15跳），当跳数为16跳时,目标为不可达。

2-水平分割（split horizon）：从一个接口学习到的路由不会再广播回该接口。cisco可以对每个接口关闭水平分割功能。这个特点在( N B M A )非广播多路访问hub-and-spoke 环境下十分有用。

3-毒性逆转（poison reverse）：从一个接口学习的路由会发送回该接口，但是已经被毒化，跳数设置为16跳，不可达。

4-触发更新（trigger update）：一旦检测到路由崩溃，立即广播路由刷新报文，而不等到下一刷新周期。

5-抑制计时器（holddown timer）：防止路由表频繁翻动，增加了网络的稳定性。
实验目标: 通过实验调试出各个现象

基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 13.1.1.1 255.255.255.0
no shut
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no shut
!
router rip
network 1.0.0.0
network 12.0.0.0
network 13.0.0.0
!

!
hostname R2
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no shut
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no shut
!
router rip
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no shut
!
interface Serial1/1
ip address 13.1.1.3 255.255.255.0
no shut
!
router rip
network 13.0.0.0
network 23.0.0.0
!

↓调试配置及监测步骤↓

注意!!：请在完成每个分解实验的时候，重启路由器重新配置表格的基本配置，再进行调试。

(一) 记数无穷大，16跳情况

产生16跳的工作过程：
1: R1丢失了looback接口的网络（下面简称网络A）后，产生一个即时更新送往R2和R3。这个更新信息要告诉R2和R3，R1不再有到达网络A的路径。然而这个更新信息传输到R3被推迟了（ C P U忙、链路拥塞等），但到达了R2。R2从路由表中去掉到网络A的路径。

2: R3仍未收到R1的即时更新信息，并发出它的常规路由选择更新信息，通告网络A以2跳的距离可达。R2收到这个更新信息，认为出现了一条新路径到网络A。

3: R2告诉R1它能以3跳的距离到达网络A。

4: R1告诉R3它能以4跳的距离到达网络A。

5: 这个循环将进行到跳数为无穷，在R I P中定义为1 6。一旦一个路由器达到无穷，它将声明这条路径不可用并从路由表中删除此路径。由于记数到无穷大问题，路由选择信息将从一个路由器传到另一个路由器，每次段数加一。路由选择环路问题将无限制地进行下去，除非达到某个限制。这个限制就是R I P的最大跳数。当路径的跳数超过1 5，这条路径就从路由表中删除。

操作步骤：

第一步：各个路由器完成基本配置，R2的路由表如下：
R2#sh ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:01, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 23.1.1.3, 00:00:23, Serial1/1
                [120/1] via 12.1.1.1, 00:00:01, Serial1/0
网络1.0.0.0是学自R1的

第二步：被动R1的s1/1接口，令R2学到网络A是来自R3，而不是R1，
大约4分钟后，R2的路由表如下：
R1(config)#router rip
R1(config-router)#passive-interface s1/1
R2#show ip route
R    1.0.0.0/8 [120/2] via 23.1.1.3, 00:00:06, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 23.1.1.3, 00:00:22, Serial1/1
现在R2学到1.0.0.0的网络是来自R3了

第三步：把R1的s1/0的接口也被动掉，且断开lookback0接口。且打开个各个路由器的debug ip rip

R1(config)#router rip
R1(config-router)#passive-interface s1/0

R1(config)#int loopback 0
R1(config-if)#shutdown

第四步：直到R1收来1.0.0.0的网络是来自R2后，再取消R1被动s1/0接口。

R1#sh ip route
R    1.0.0.0/8 [120/3] via 12.1.1.2, 00:00:01, Serial1/1
R    23.0.0.0/8 [120/1] via 13.1.1.3, 00:00:19, Serial1/0
                [120/1] via 12.1.1.2, 00:00:01, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/0
R1现在的路由表学到的1.0.0.0网络是来自R2的

R1(config)#router rip
R1(config-router)#no passive-interface s1/0

第五步：通过上面的一系列设置，1.0.0.0这个网络已经在拓扑上出现R1—R3—R2—R1这样的路由环。下面我们看看debug信息：

R3#debug ip rip
*Mar 9 00:49:27.839: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3) #----发送到R2
*Mar 9 00:49:27.839: RIP: build update entries
*Mar 9 00:49:27.843: network 1.0.0.0 metric 2
*Mar 9 00:49:27.843:   network 13.0.0.0 metric 1
R3#
*Mar 9 00:49:39.335: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:49:39.339:      1.0.0.0 in 4 hops #----接收来自R1为4跳
*Mar 9 00:49:39.339:      12.0.0.0 in 1 hops
*Mar 9 00:49:41.343: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:49:41.343: RIP: build flash update entries
*Mar 9 00:49:41.347:   network 1.0.0.0 metric 5
R3#
*Mar 9 00:49:45.463: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:49:45.463:      1.0.0.0 in 7 hops
*Mar 9 00:49:47.463: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:49:47.463: RIP: build flash update entries
*Mar 9 00:49:47.463:   network 1.0.0.0 metric 8
R3#
*Mar 9 00:49:51.347: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:49:51.347:      1.0.0.0 in 10 hops
*Mar 9 00:49:53.355: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:49:53.355: RIP: build flash update entries
*Mar 9 00:49:53.359:   network 1.0.0.0 metric 11
*Mar 9 00:49:53.507: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:49:53.507: RIP: build update entries
*Mar 9 00:49:53.511:   network 1.0.0.0 metric 11
*Mar 9 00:49:53.511:   network 13.0.0.0 metric 1
R3#
*Mar 9 00:49:57.387: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:49:57.391:     1.0.0.0 in 13 hops
R3#
*Mar 9 00:49:59.395: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:49:59.395: RIP: build flash update entries
*Mar 9 00:49:59.399:   network 1.0.0.0 metric 14
R3#
*Mar 9 00:50:03.583: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:50:03.587:      1.0.0.0 in 16 hops (inaccessible) #--跳数去到16，已经无限大，不可达了。于是R3马上向所有接口发送16跳不可达信息。↓↓
R3#
*Mar 9 00:50:05.587: RIP: sending v1 flash update to 255.255.255.255 via Serial1/1 (13.1.1.3)
*Mar 9 00:50:05.587: RIP: build flash update entries
*Mar 9 00:50:05.591:   network 1.0.0.0 metric 16
*Mar 9 00:50:05.591: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 00:50:05.595: RIP: build flash update entries
*Mar 9 00:50:05.595:   network 1.0.0.0 metric 16
R3#     --------------------同时R3也收到其他路由器发来不可达的信息------------
*Mar 9 00:50:07.603: RIP: received v1 update from 23.1.1.2 on Serial1/0
*Mar 9 00:50:07.607:      1.0.0.0 in 16 hops (inaccessible)
*Mar 9 00:50:07.863: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 9 00:50:07.867:      1.0.0.0 in 16 hops (inaccessible)
*Mar 9 00:50:07.867:      12.0.0.0 in 1 hops

(二) 水平分割

水平分割规则是：从一个接口学习到的路由不会再广播回该接口。

下面我们看看在串行链路中水平分割的情况。为了方便测试我们先断开R1的s1/0接口

R1(config)#int s1/0
R1(config-if)#shutdown

看看R2、R3的路由表
R2#sh ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:17, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
可以看到R2学到了来自R1的1.0.0.0/8路由条目

R3#sh ip route
R    1.0.0.0/8 [120/2] via 23.1.1.2, 00:00:14, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:14, Serial1/0
可以看到R3通过R2学到了1.0.0.0/8路由条目

现在通过debug ip rip看看R2的接收和发送情况。

R2#debug ip rip
RIP protocol debugging is on
*Mar 9 14:30:51.939: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 14:30:51.943:      1.0.0.0 in 1 hops #---接收到来自R1为1跳的路由
R2#
*Mar 9 14:30:53.695: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)   #----发送到R1的更新
*Mar 9 14:30:53.695: RIP: build update entries
*Mar 9 14:30:53.699:   network 23.0.0.0 metric 1
R2#
*Mar 9 14:31:03.315: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (23.1.1.2)   #----发送到R3的更新
*Mar 9 14:31:03.315: RIP: build update entries
*Mar 9 14:31:03.319: network 1.0.0.0 metric 2
*Mar 9 14:31:03.319:   network 12.0.0.0 metric 1
从debug信息可以看到，R2从s1/0接收来自R1的1.0.0.0/8路由条目，再从s1/0发送更新时，只有23.0.0.0的网络，并没有包括了1.0.0.0的网络，但从s1/1发送到R3的更新时，却包括了1.0.0.0的网络，这就是说水平分割已经起作用了。

现在我们来看看关闭水平分割的情况

R1(config)#int s1/1
R1(config-if)#no ip split-horizon

R2(config)#int s1/0
R2(config-if)#no ip split-horizon

R2# debug ip rip

*Mar 9 14:46:03.123: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 14:46:03.127:      1.0.0.0 in 1 hops
*Mar 9 14:46:03.127:      12.1.1.0 in 1 hops
*Mar 9 14:46:03.127:      23.0.0.0 in 2 hops
*Mar 9 14:46:03.651: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 14:46:03.651: RIP: build update entries
*Mar 9 14:46:03.655:   network 1.0.0.0 metric 2
*Mar 9 14:46:03.655:   subnet 12.1.1.0 metric 1
*Mar 9 14:46:03.655:   network 23.0.0.0 metric 1
从debug信息可以看到，关闭水平分割之后，R2从S1/0接收来自R1的1.0.0.0网络，又从S1/0发送回给R1。

现在我们来玩个小游戏，就是利用在R1、R2都关闭了水平分割，只用两个路由器就能产生一跳一跳地增加到16跳的效果，实验前都要打开R1、R2的debug ip rip来监测

1:先被动掉R1的s1/1接口
R1(config)#router rip
R1(config-router)#passive-interface s1/1

2:关闭loopback0接口
R1(config)#int loopback 0
R1(config-if)#shutdown
*Mar 9 15:13:25.567: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down

3:取消R1的S1/1接口的被动
R1(config-if)#
R1(config-router)#no passive-interface s1/1

4:以R2为例看看它的debug ip rip信息

R2#debug ip rip
*Mar 9 15:13:54.551: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:13:54.551: RIP: build update entries
*Mar 9 15:13:54.555: network 1.0.0.0 metric 2
*Mar 9 15:13:54.555:   subnet 12.1.1.0 metric 1
*Mar 9 15:13:54.555:   network 23.0.0.0 metric 1
R2#
*Mar 9 15:14:10.347: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:10.351:     1.0.0.0 in 3 hops
*Mar 9 15:14:10.351:      12.1.1.0 in 1 hops
*Mar 9 15:14:10.355:      23.0.0.0 in 2 hops
R2#
*Mar 9 15:14:12.351: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:12.351: RIP: build flash update entries
*Mar 9 15:14:12.355:   network 1.0.0.0 metric 4
R2#
*Mar 9 15:14:14.371: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:14.375:      1.0.0.0 in 5 hops
R2#
*Mar 9 15:14:16.375: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:16.375: RIP: build flash update entries
*Mar 9 15:14:16.379:   network 1.0.0.0 metric 6
R2#
*Mar 9 15:14:18.495: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:18.499:      1.0.0.0 in 7 hops
R2#
*Mar 9 15:14:20.499: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:20.499: RIP: build flash update entries
*Mar 9 15:14:20.503:   network 1.0.0.0 metric 8
R2#
*Mar 9 15:14:22.623: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:22.627:     1.0.0.0 in 9 hops
*Mar 9 15:14:22.763: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:22.763: RIP: build update entries
*Mar 9 15:14:22.767:   network 1.0.0.0 metric 10
*Mar 9 15:14:22.767:   subnet 12.1.1.0 metric 1
*Mar 9 15:14:22.767:   network 23.0.0.0 metric 1
R2#
*Mar 9 15:14:24.895: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:24.899:      1.0.0.0 in 11 hops
R2#
*Mar 9 15:14:26.899: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:26.899: RIP: build flash update entries
*Mar 9 15:14:26.903: network 1.0.0.0 metric 12
R2#
*Mar 9 15:14:28.967: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:28.971:      1.0.0.0 in 13 hops
R2#
*Mar 9 15:14:30.971: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:30.971: RIP: build flash update entries
*Mar 9 15:14:30.975:   network 1.0.0.0 metric 14
R2#
*Mar 9 15:14:33.023: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:33.027:     1.0.0.0 in 15 hops
R2#
*Mar 9 15:14:35.027: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:35.027: RIP: build flash update entries
*Mar 9 15:14:35.027: network 1.0.0.0 metric 16
R2#
*Mar 9 15:14:37.083: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 15:14:37.087:      1.0.0.0 in 16 hops (inaccessible)
R2#
*Mar 9 15:14:39.087: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 15:14:39.087: RIP: build flash update entries
*Mar 9 15:14:39.091:   network 1.0.0.0 metric 16
上面就是两路由器间关闭水平分割，产生16跳的效果了，为了直观中间我删除了部分debug信息。

其实原理很简单：
我们把R1的S1/1出口passive 了，R1 就不能把lo 0被shutdown掉的信息以flash update 的形式发给R2，同时我们也把R1和R2的两接口的水平分割关了。
这时不知道情况的R2就发送更新对R1说：“你到lo 0是２跳”。而现在R1本身已经没有了与自身直连的lo 0的０跳信息，所以它别无选择的接受R2发来的２跳。
当我们取消R1的S1/1被动功能，R1再对R2说：“你到lo 0是３跳”。虽然比原来的差，且是从同一个接口收到的，但R2它也别无选择。
就这样它们之间就相互“欺骗”，如此循环直到出现１６跳。

(三) 毒性逆转
毒性逆转的规则是：从一个接口学习的路由会发送回该接口，但是已经被毒化，跳数设置为16跳，不可达。

实验步骤：

1：为了方便测试我们断开R1与R3链接的S1/0接口
R1(config)#int s1/0
R1(config-if)#shutdown

2：各个路由器全部路由都学到了，在各个路由器打开debug ip rip观察

3: 断开R1的loopback0接口
R1(config)#int loopback 0
R1(config-if)#shutdown

R1#debug ip rip
*Mar 9 17:18:08.811: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Mar 9 17:18:08.815:     1.0.0.0 in 16 hops (inaccessible)
*Mar 9 17:18:08.815:      23.0.0.0 in 1 hops
R1#
*Mar 9 17:18:12.807: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 9 17:18:12.807: RIP: build update entries
*Mar 9 17:18:12.811:   network 1.0.0.0 metric 16
从接口S1/1收到，又出接口S1/1发出去，但已经标记为16跳不可达

R2#debug ip rip
*Mar 9 17:17:46.727: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 9 17:17:46.731:      1.0.0.0 in 16 hops (inaccessible)
R2#
*Mar 9 17:17:48.731: RIP: sending v1 flash update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 9 17:17:48.731: RIP: build flash update entries
*Mar 9 17:17:48.735:   network 1.0.0.0 metric 16

*Mar 9 17:17:48.735: RIP: sending v1 flash update to 255.255.255.255 via Serial1/1 (23.1.1.2)
*Mar 9 17:17:48.739: RIP: build flash update entries
*Mar 9 17:17:48.739:   network 1.0.0.0 metric 16
R2#
*Mar 9 17:17:50.799: RIP: received v1 update from 23.1.1.3 on Serial1/1
*Mar 9 17:17:50.803:      1.0.0.0 in 16 hops (inaccessible)
从信息也已经看到从同一个接口收到，也在同一个接口发出，但也是已经毒化

R3#debug ip rip
*Mar 9 17:18:07.551: RIP: received v1 update from 23.1.1.2 on Serial1/0
*Mar 9 17:18:07.555:     1.0.0.0 in 16 hops (inaccessible)
*Mar 9 17:18:07.555:      12.0.0.0 in 1 hops
R3#
*Mar 9 17:18:20.955: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 9 17:18:20.955: RIP: build update entries
*Mar 9 17:18:20.955:   network 1.0.0.0 metric 16
R3的情况也是一样，从相同的接口接收和发送。

注意!!:以上的效果是不用关闭水平分割的，否则不能说明毒性逆转

(四) 触发更新
触发更新的规则是：一旦检测到路由崩溃，立即广播路由刷新报文，而不等到下一刷新周期

下面我们就以R1、R2为例子做实验

1：完成基本配置，都学全路由后，我们在R1 打开debug ip rip和debug ip rip trigger

2: 先在R1的S1/1启动触发更新（ip rip triggered）

R1(config)#int s1/1
R1(config-if)#ip rip triggered

3：查看debug信息
R1#debug ip rip
RIP protocol debugging is on
R1#debug ip rip trigger
RIP trigger debugging is on

*Mar 9 18:26:55.963: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第一次请求
*Mar 9 18:26:55.963: RIP: Start poll timer from 12.1.1.1 on Serial1/1
*Mar 9 18:26:59.707: RIP-TIMER: sending timer on Serial1/1 expired
*Mar 9 18:26:59.999: RIP-TIMER: age timer expired
*Mar 9 18:27:00.247: RIP-TIMER: sending timer on Loopback0 expired
*Mar 9 18:27:00.963: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired #----第一次超时
*Mar 9 18:27:00.963: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第二次请求
*Mar 9 18:27:00.967: RIP: Start poll timer from source 12.1.1.1 on Serial1/1
R1#
*Mar 9 18:27:05.967: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired #----第二次超时
*Mar 9 18:27:05.967: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第三次请求
*Mar 9 18:27:05.967: RIP: Start poll timer from source 12.1.1.1 on Serial1/1
R1#
*Mar 9 18:27:09.999: RIP-TIMER: age timer expired
*Mar 9 18:27:10.967: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired #----第三次超时
*Mar 9 18:27:10.967: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第四次请求
*Mar 9 18:27:10.971: RIP: Start poll timer from source 12.1.1.1 on Serial1/1
R1#
*Mar 9 18:27:15.971: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired #----第四次超时
*Mar 9 18:27:15.971: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第五次请求
*Mar 9 18:27:15.975: RIP: Start poll timer from source 12.1.1.1 on Serial1/1
R1#
*Mar 9 18:27:19.999: RIP-TIMER: age timer expired
*Mar 9 18:27:20.975: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired #----第五次超时
*Mar 9 18:27:20.975: RIP: sending triggered request on Serial1/1 to 255.255.255.255 #----第六次请求
*Mar 9 18:27:20.979: RIP: Start poll timer from source 12.1.1.1 on Serial1/1
R1#
*Mar 9 18:27:25.979: RIP-TIMER: polling timer on Serial1/1(12.1.1.1) expired
*Mar 9 18:27:25.979: RIP: Poll 6 times on Serial1/1 thru 12.1.1.1 without any ack   #----经过6次触发请求后还没有收到确认消息
R1#
*Mar 9 18:27:29.463: RIP-TIMER: sending timer on Serial1/1 expired
*Mar 9 18:27:29.463: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1) #---请求无效后，发送一个普通的广播更新
*Mar 9 18:27:29.467: RIP: build update entries
*Mar 9 18:27:29.467:   network 1.0.0.0 metric 1
*Mar 9 18:27:29.467:   network 13.0.0.0 metric 1
*Mar 9 18:27:29.999: RIP-TIMER: age timer expired
R1#
*Mar 9 18:27:32.895: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Mar 9 18:27:32.899:     23.0.0.0 in 1 hops #----还可以收到R2来的信息，是因为R2始终在广播着他自己的RIP更新

从R1的debug调试信息中，显示的就是R1启动了触发更新试图与链路的另一端的R2建立触发更新关系。R1以5s为每个周期发送轮询（Poll）并等待确认，但发送了6个触发请求后还没有收到确认消息，那么整个轮询过程就认为超时，触发更新建立不成功，路由器R1等待下一个普通的更新时间，并广播一个普通RIP的更新。而在整个过程R2始终在广播着他自己的RIP更新。

4: 我们现在在R2也打开debug ip rip和debug ip rip，并且把R2的S1/1接口也启动触发更新（ip rip triggered）。

R2#debug ip rip
RIP protocol debugging is on
R2#debug ip rip trigger
RIP trigger debugging is on
R2(config)#int s1/0
R2(config-if)#ip rip triggered
*Mar 9 19:43:45.231: RIP: sending triggered request on Serial1/0 to 255.255.255.255 #----R2发送触发更新请求
*Mar 9 19:43:45.231: RIP: Start poll timer from 12.1.1.2 on Serial1/0
*Mar 9 19:43:45.347: RIP: received v1 triggered update from 12.1.1.1 on Serial1/0 #----由S1/0收到来自R1的触发更新
*Mar 9 19:43:45.351: RIP: sending v1 ack to 12.1.1.1 via Serial1/0 (12.1.1.2), #----R2通过S1/0接口向R1发送确认信息
     flush, seq# 0
*Mar 9 19:43:45.355: RIP: Stop trigger rip poll timer for 12.1.1.2 on Serial1/0 #----停止向R1发送触发更新的轮询
*Mar 9 19:43:45.355: RIP: Trigger rip running on network 12.0.0.0 thru Serial1/0 #----透过S1/0接口在网络12.0.0.0上运行着RIP的触发更新
*Mar 9 19:43:45.359: RIP: 12.1.1.1 change state from DOWN to INIT
*Mar 9 19:43:45.359: RIP: send v1 triggered flush update to 12.1.1.1 on Serial1/0 with no route
*Mar 9 19:43:45.363: RIP: assigned sequence number 0 on Serial1/0
*Mar 9 19:43:45.363: RIP: start retransmit timer of 12.1.1.1
*Mar 9 19:43:45.363:      1.0.0.0 in 1 hops
*Mar 9 19:43:45.367:      13.0.0.0 in 1 hops
*Mar 9 19:43:45.443: RIP: received v1 triggered ack from 12.1.1.1 on Serial1/0
R2#
*Mar 9 19:43:45.447: RIP: 12.1.1.1 change state from INIT to LOADING
*Mar 9 19:43:45.447: RIP: send v1 triggered update to 12.1.1.1 on Serial1/0
*Mar 9 19:43:45.447: RIP: assigned sequence number 1 on Serial1/0
*Mar 9 19:43:45.451: RIP: build update entries
*Mar 9 19:43:45.451:   route 8: network 23.0.0.0 metric 1
*Mar 9 19:43:45.455: RIP: Update contains 1 routes, start 8, end 8
*Mar 9 19:43:45.455: RIP: start retransmit timer of 12.1.1.1
*Mar 9 19:43:45.463: RIP: received v1 triggered ack from 12.1.1.1 on Serial1/0
     seq# 1
*Mar 9 19:43:45.463: RIP: 12.1.1.1 change state from LOADING to FULL
*Mar 9 19:43:46.539: RIP-TIMER: age timer expired #----计数器超时
R2#
*Mar 9 19:43:53.259: RIP-TIMER: sending timer on Serial1/1 expired
*Mar 9 19:43:53.259: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (23.1.1.2)
*Mar 9 19:43:53.263: RIP: build update entries
*Mar 9 19:43:53.263:   network 1.0.0.0 metric 2
*Mar 9 19:43:53.263:   network 12.0.0.0 metric 1
R2#
*Mar 9 19:43:55.491: RIP: received v1 update from 23.1.1.3 on Serial1/1
*Mar 9 19:43:55.495:      1.0.0.0 in 2 hops
*Mar 9 19:43:55.495:      13.0.0.0 in 1 hops
R2#
*Mar 9 19:43:56.539: RIP-TIMER: age timer expired
R2#
*Mar 9 19:44:06.539: RIP-TIMER: age timer expired
*Mar 9 19:44:07.383: RIP-TIMER: sending timer on Serial1/0 expired
从上面的debug信息，可以看到，由请求到轮询到确认是很短的时间的。再就是触发状态从DOWN状态开始，经过INT和LOADING状态，最后到为FULL状态。而后的就是进行路由信息的交换和更新确认了。而在输出信息的后面也出现了RIP更新计时器超时，做实验时候花多些时间，细心观察debug信息，R2会一直没有向R1发送新的更新和从R1那里接收新的更新。这就是RIP启用触发更新会关闭计时器的效果。

下面再看看R1和R2的路由表和RIP 数据库

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:10:05, Serial1/1
                [120/1] via 13.1.1.3, 00:00:03, Serial1/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/0

R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:10:40, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 12.1.1.1, 00:39:40, Serial1/0
                [120/1] via 23.1.1.3, 00:00:14, Serial1/1

R1#show ip rip database
1.0.0.0/8    auto-summary
1.1.1.0/24    directly connected, Loopback0
12.0.0.0/8    auto-summary
12.1.1.0/24    directly connected, Serial1/1
13.0.0.0/8    auto-summary
13.1.1.0/24    directly connected, Serial1/0
23.0.0.0/8    auto-summary
23.0.0.0/8
    [1] via 13.1.1.3, 00:00:06, Serial1/0
   [1] via 12.1.1.2, 00:10:22 (permanent), Serial1/1
   * Triggered Routes:
     - [1] via 12.1.1.2, Serial1/1

R2#show ip rip database
1.0.0.0/8    auto-summary
1.0.0.0/8
    [1] via 12.1.1.1, 00:11:14 (permanent), Serial1/0
   * Triggered Routes:
     - [1] via 12.1.1.1, Serial1/0
12.0.0.0/8    auto-summary
12.1.1.0/24    directly connected, Serial1/0
13.0.0.0/8    auto-summary
13.0.0.0/8
    [1] via 23.1.1.3, 00:00:02, Serial1/1
    [1] via 12.1.1.1, 00:11:14 (permanent), Serial1/0
   * Triggered Routes:
     - [1] via 12.1.1.1, Serial1/0
23.0.0.0/8    auto-summary
23.1.1.0/24    directly connected, Serial1/1
从上面的信息我们已经看到，路由表阴影部分的路由条目时间已经变得很大了，这是因为启动了触发更新学到的条目是永久（permanent）的，在R1、R2的RIP数据库也已经证明了。

(五) 抑制计时器

请看以前的实验(RIP的定时器情况)：[url]http://sharkii.blog.51cto.com/325987/64146[/url][/img]..

类别：IGP|阅读(1310)|回复(1)|赞(0)阅读全文>>

原创

3.5 RIP的负载均衡、度量控制和同源与否

2008-03-08 06:51:32

RIP的负载均衡、度量控制和同源与否

实验连接图

提要描述

RIP的度量是基于跳数（hops　count）的，每经过一台路由器，路径的跳数加一。如此一来，跳数越多，路径就越长，RIP算法会优先选择跳数少的路径。在RIP中，路由器到与它直接相连网络的跳数为0，通过一个路由器可达的网络的跳数为1，其余依此类推。为限制收敛时间，RIP规定cost取值0~15之间的整数，大于或等于16的跳数被定义为无穷大，即目的网络或主机不可达。
1:当出现有多条到达一个目标网络跳数相同时，会出现什么情况呢？
2:我们可不可以控制它的度量达到我们想要的效果呢？
3:接收到路由更新来自同源，或者非同源时，情况又会如何呢？
下面我们就这些问题来看看

实验目标: 调试分析RIP基于跳数的负载均衡，通过offset-list来控制RIP度量，监测同源与非同源路由的情况。

基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 13.1.1.1 255.255.255.0
no shut
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no shut
!
router rip
network 1.0.0.0
network 12.0.0.0
network 13.0.0.0
!

!
hostname R2
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no shut
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no shut
!
router rip
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no shut
!
interface Serial1/1
ip address 13.1.1.3 255.255.255.0
no shut
!
router rip
network 13.0.0.0
network 23.0.0.0
!

↓调试配置及监测步骤↓

（一）负载均衡

完成各个路由器的基本配置，我们来看看R1、R2、R3的路由表

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:20, Serial1/1
                [120/1] via 13.1.1.3, 00:00:10, Serial1/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/0

R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:19, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 12.1.1.1, 00:00:19, Serial1/0
                [120/1] via 23.1.1.3, 00:00:25, Serial1/1

R3#show ip route
R    1.0.0.0/8 [120/1] via 13.1.1.1, 00:00:23, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:09, Serial1/0
                 [120/1] via 13.1.1.1, 00:00:23, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/1
通过上面的路由表信息，我们可以看到，每个路由器学到箭头指着网络，分别来自两个下一跳地址，而且度量值都为1，出现这种现象是因为RIP基于跳数的负载均衡产生的。

下面我们以R1为例看看验证它的方法：

R1#show ip route 23.0.0.0
Routing entry for 23.0.0.0/8
Known via "rip", distance 120, metric 1
Redistributing via rip
Last update from 13.1.1.3 on Serial1/0, 00:00:17 ago
Routing Descriptor Blocks:
    12.1.1.2, from 12.1.1.2, 00:00:27 ago, via Serial1/1
      Route metric is 1, traffic share count is 1
* 13.1.1.3, from 13.1.1.3, 00:00:17 ago, via Serial1/0
      Route metric is 1, traffic share count is 1
对目标路由的跟踪可以看到它是负载均衡的

R1#debug ip rip

*Mar 8 02:33:28.227: RIP: received v1 update from 13.1.1.3 on Serial1/0
*Mar 8 02:33:28.231:     23.0.0.0 in 1 hops
R1#----------------------省略部分信息------------------------
*Mar 8 02:33:48.275: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Mar 8 02:33:48.279:      23.0.0.0 in 1 hops

由debug信息也可以看到接收23.0.0.0网络分别来自两个下一跳地址。

当然我也可以用traceroute和(扩展ping 的record选项来跟踪返回的路径)。

R1#traceroute 23.1.1.3
Type escape sequence to abort.
Tracing the route to 23.1.1.3
1 12.1.1.2 108 msec
    13.1.1.3 112 msec
    12.1.1.2 44 msec
R1#traceroute 23.1.1.3
Type escape sequence to abort.
Tracing the route to 23.1.1.3
1 13.1.1.3 76 msec
    12.1.1.2 88 msec *
R1#traceroute 23.1.1.3
Type escape sequence to abort.
Tracing the route to 23.1.1.3
1 12.1.1.2 124 msec
    13.1.1.3 132 msec
    12.1.1.2 16 msec
通过多次重复traceroute测试的结果，我们可以看到阴影部分的第一跳地址是轮流在交换着，之所以这样，正是负载均衡的作用允许路由器有多条路径到达同一目标网络产生的。

下面看看用扩展ping 的record选项来跟踪返回的路径

R1#ping
Protocol [ip]:
Target IP address: 23.1.1.3 #-------目标地址
Repeat count [5]: 2 #---由于默认ping 5个包会输出太多信息，所以改为ping 2个包
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y    #-------选择Yes使用扩展ping
Source address or interface: 1.1.1.1 #-----使用1.1.1.1为源地址
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: r #----使用记录跟踪功能
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
Packet has IP options: Total option bytes= 39, padded length=40
Record route: <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)

Reply to request 0 (60 ms). Received packet has options
Total option bytes= 40, padded length=40
Record route:
   (13.1.1.1)
   (23.1.1.3)
   (13.1.1.3)
   (1.1.1.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
End of list

Reply to request 1 (120 ms). Received packet has options
Total option bytes= 40, padded length=40
Record route:
   (12.1.1.1)
   (23.1.1.2)
   (23.1.1.3)
   (13.1.1.3)
   (1.1.1.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
End of list
Success rate is 100 percent (2/2), round-trip min/avg/max = 60/90/120 ms
通过上面ping的信息可以看到跟踪记录的信息是不同的，分别选择两条路径走的。这也证实了是负责均衡，如果不是负载均衡而是选择最优一条路径的话，跟踪记录的信息是相同的。

(二) 度量控制

现在我们继续以R1为例看看度量控制的情况

1：R1到达目标网络23.0.0.0是负载均衡，现在就要让它不负载均衡，要令R1优先选择走R1（s1/1）为出口经由R2达到目标网络。

2：要达到这样的要求我们就可以通过命令offset-list来改变路由的度量值。

3：利用offest-list指定一个数值（0-16）来加大路由器的度量值。使路由器R1（s1/0）到R3（s1/1）的链路达到目标网络由原来的跳数是1跳增加到3跳。
4:
R1(config)#access-list 1 permit 23.0.0.0
R1(config)#router rip
R1(config-router)#offset-list 1 in 2 s1/0
首先是定义访问列表确定了要匹配的23.0.0.0的路由，而offset-list会“先检查从s1/0接口接收进来的RIP通告，如果存在和访问列表1指定的地址匹配的路由条目（23.0.0.0），那么就把该条路由的度量值加大2跳。”

5：通过上面的配置，我们来看看R1的相关信息

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:13, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/0
从路由表看23.0.0.0的路由条目，现在只剩下了由R2学到的路由了。

R1#debug ip rip
RIP protocol debugging is on
R1#
*Mar 8 03:37:43.403: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (13.1.1.1)
*Mar 8 03:37:43.403: RIP: build update entries
*Mar 8 03:37:43.407:   network 1.0.0.0 metric 1
*Mar 8 03:37:43.407:   network 12.0.0.0 metric 1
*Mar 8 03:37:43.407:   network 23.0.0.0 metric 2
R1#
*Mar 8 03:37:45.983: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Mar 8 03:37:45.987:      23.0.0.0 in 1 hops
*Mar 8 03:37:46.759: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 8 03:37:46.759: RIP: build update entries
*Mar 8 03:37:46.763:   network 1.0.0.0 metric 1
*Mar 8 03:37:46.763:   network 13.0.0.0 metric 1
R1#
*Mar 8 03:37:55.995: RIP: received v1 update from 13.1.1.3 on Serial1/0
*Mar 8 03:37:55.999:     23.0.0.0 in 3 hops
从debug信息已经可以看到，目标网络23.0.0.0，由接口s1/1接收来自R2为1跳，而由接口s1/0接收来自R3为3跳。

R1#show ip route 23.0.0.0
Routing entry for 23.0.0.0/8
Known via "rip", distance 120, metric 1
Redistributing via rip
Last update from 12.1.1.2 on Serial1/1, 00:00:04 ago
Routing Descriptor Blocks:
* 12.1.1.2, from 12.1.1.2, 00:00:04 ago, via Serial1/1
      Route metric is 1, traffic share count is 1

R1#traceroute 23.1.1.3
Type escape sequence to abort.
Tracing the route to 23.1.1.3
1 12.1.1.2 92 msec 56 msec 48 msec
2 23.1.1.3 44 msec * 76 msec

R1#traceroute 23.1.1.3
Type escape sequence to abort.
Tracing the route to 23.1.1.3
1 12.1.1.2 112 msec 64 msec 16 msec
2 23.1.1.3 24 msec * 68 msec
从上面的结果可以看到，R1优先选择经由R2的路径到达目标网络，接受跳数较少的23.0.0.0路由条目。
以上实现的就是offset-list的作用了，当然offset-list还有其它的一些功能，例如：我们除了可以控制入站接收的度量值之外，还可以控制出站宣告的路由更新度量。

（三）同源与否

1: 我们先来验证同源的情况，这里只利用R1和R2两台路由，所以先把R1的s1/0断开方便我们测试。
R1(config)#int s1/0
R1(config-if)#shutdown

2: 我们以R1的loopback 0接口，1.0.0.0网络作为源，通过在R1的s1/1接口，控制出站宣告的路由更新的度量值，来观察R2的接收情况。

现在看看正常情况下R2的路由表：
R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:24, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

现在增加R1的s1/1出口的度量值：
R1(config)#access-list 2 permit 1.0.0.0
R1(config)#router rip
R1(config-router)#offset-list 2 out 3 s1/1

增加了度量值后，再看看R2的路由表：
R2#show ip route
R    1.0.0.0/8 [120/4] via 12.1.1.1, 00:00:20, Serial1/0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
和没有增加度量值时的路由表对比，发现R2现在的路由表已经安装了度量值较大的1.0.0.0路由条目。

再看看R1、R2的debug信息：
R1#debug ip rip
*Mar 8 05:19:20.799: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 8 05:19:20.799: RIP: build update entries
*Mar 8 05:19:20.803: network 1.0.0.0 metric 4

R2#debug ip rip
*Mar 8 05:20:42.967: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 8 05:20:42.971:     1.0.0.0 in 4 hops
R2#
*Mar 8 05:20:52.359: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 8 05:20:52.359: RIP: build update entries
*Mar 8 05:20:52.359:   network 23.0.0.0 metric 1
R2#
*Mar 8 05:20:55.187: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (23.1.1.2) #-----发送给R3
*Mar 8 05:20:55.187: RIP: build update entries
*Mar 8 05:20:55.191:   network 1.0.0.0 metric 5
*Mar 8 05:20:55.191:   network 12.0.0.0 metric 1
由debug信息可以看到，R2接受更高度量值的。所以来自同源的路由总是会接收更新的，不管度量增大还是小，这时我们也观察到R2在接收到度量值发生变化的路由时，立即发送flash update 给R3。这说明一点，当度量变化时发送的是flash update（瞬间更新），而不是triggered update(触发更新)。

4：现在我们来验证一下不同源的情况，先看看R3的路由表，再在R1、R2、R3打开debug ip rip，然后开启R1的S1/0端口，使R1恢复与R3的连通。

（1）
R3#show ip route
R    1.0.0.0/8 [120/5] via 23.1.1.2, 00:00:24, Serial1/0 #-----来自R2
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:24, Serial1/0
可以看路由表中学到的1.0.0.0路由条目是来自R2

（2）
R1#debug ip rip
R2#debug ip rip
R3#debug ip rip

（3）
R1(config)#int s1/0
R1(config-if)#no shutdown

(4)
现在看看R2、R3路由表和debug信息
R2#show ip route
R    1.0.0.0/8 [120/2] via 23.1.1.3, 00:00:11, Serial1/1 #----来自R3
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 12.1.1.1, 00:00:23, Serial1/0
                [120/1] via 23.1.1.3, 00:00:11, Serial1/1

R3#show ip route
R    1.0.0.0/8 [120/1] via 13.1.1.1, 00:00:10, Serial1/1 #---来自R1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:20, Serial1/0
                [120/1] via 13.1.1.1, 00:00:10, Serial1/1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.1.1.0 is directly connected, Serial1/1
现在R2的1.0.0.0路由条目是来自R3的为2跳，而R3的1.0.0.0路由条目是来自R1的为1跳。再看看看debug信息

R2#debug ip rip
*Mar 8 05:45:50.131: RIP: received v1 update from 23.1.1.3 on Serial1/1 #----来自R3
*Mar 8 05:45:50.135:      1.0.0.0 in 2 hops
*Mar 8 05:45:50.139:      13.0.0.0 in 1 hops
R2#
*Mar 8 05:46:11.387: RIP: received v1 update from 12.1.1.1 on Serial1/0 #----来自R2
*Mar 8 05:46:11.391:      1.0.0.0 in 4 hops
*Mar 8 05:46:11.391:      13.0.0.0 in 1 hops

R3#debug ip rip
*Mar 8 05:48:49.479: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 8 05:48:49.483:      1.0.0.0 in 1 hops
*Mar 8 05:48:49.483:      12.0.0.0 in 1 hops
*Mar 8 05:48:49.483:      23.0.0.0 in 2 hops
R3#
*Mar 8 05:49:08.627: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3) #---发送去R2
*Mar 8 05:49:08.627: RIP: build update entries
*Mar 8 05:49:08.631:   network 1.0.0.0 metric 2 #----网络1.0.0.0发给R2度量值为2
*Mar 8 05:49:08.631:   network 13.0.0.0 metric 1
由路由表和debug信息可以看到R2选择1.0.0.0的路由条目是度量值更少的，这说明接收了从不同源的路由更新时会选择度量值更小的路由。

在R1与R3相连的接口（S1/0）增加2跳看看：
R1(config)#router rip
R1(config-router)#offset-list 2 out 2 s1/0

R3#debug ip rip
*Mar 8 06:15:49.706: RIP: received v1 update from 13.1.1.1 on Serial1/1
*Mar 8 06:15:49.710:      1.0.0.0 in 3 hops
*Mar 8 06:15:49.710:      12.0.0.0 in 1 hops
*Mar 8 06:15:49.710:      23.0.0.0 in 2 hops
R3#
*Mar 8 06:16:01.530: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 8 06:16:01.530: RIP: build update entries
*Mar 8 06:16:01.534:   network 1.0.0.0 metric 4
*Mar 8 06:16:01.534:   network 13.0.0.0 metric 1

R2#show ip route
R    1.0.0.0/8 [120/4] via 23.1.1.3, 00:00:12, Serial1/1 #---来自R3
                   [120/4] via 12.1.1.1, 00:00:13, Serial1/0 #---来自R1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R    13.0.0.0/8 [120/1] via 12.1.1.1, 00:00:13, Serial1/0
                [120/1] via 23.1.1.3, 00:00:12, Serial1/1
呵呵！～～结果是负载均衡。[/img]..

类别：IGP|阅读(1268)|回复(1)|赞(0)阅读全文>>

原创

3.4 RIP的汇总和不连续网络

2008-03-06 22:28:10

3.4 RIP的汇总和不连续网络

实验连接图

提要描述

在RIPv2中存在的是自动汇总，虽然可以简化了路由表的条目，但是如果出现了不连续网络这样的情况，就会丢失路由信息。所以在用RIPv2的时候直接可以毫不犹豫的关闭掉。而在RIP v1中存在的叫做边界路由的问题。   边界就是在有类的网络中才会出现的一种汇总的现象，介乎于两个主类。而不连续网络就是同一个主网络或子网被另一网络隔断。
实验目标：调试出自动汇总、手动汇总、边界汇总、不连续子网的现象，以及解决这些现象的办法。

基本配置

R1的配置

R2的配置

!
hostname R1
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!
Router rip
Version 2
Network 12.1.1.0
!

!
hostname R2
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 192.168.1.2 255.255.255.0
no sh
!
Router rip
Version 2
Network 12.1.1.0
Network 192.168.1.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Loopback1
ip address 10.1.2.1 255.255.255.0
!
interface Loopback2
ip address 10.1.3.1 255.255.255.0
!
interface Loopback3
ip address 10.1.4.1 255.255.255.0
!
interface Serial1/0
ip address 192.168.1.3 255.255.255.0
no sh
clock rate 64000
!

router rip
version 2
network 10.1.1.0
network 10.1.2.0
network 10.1.3.0
network 10.1.4.0
network 192.168.1.0!

↓调试配置及监测步骤↓

首先R1、R2、R3都已经运行了RIPv2
查看R1、R2、R3的路由表

R1#show ip route
R    10.0.0.0/8 [120/2] via 12.1.1.2, 00:00:23, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
R    192.168.1.0/24 [120/1] via 12.1.1.2, 00:00:23, Serial1/1

R2#show ip route
R    10.0.0.0/8 [120/1] via 192.168.1.3, 00:00:22, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
C    192.168.1.0/24 is directly connected, Serial1/1

R3#show ip route
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.3.0 is directly connected, Loopback2
C       10.1.2.0 is directly connected, Loopback1
C       10.1.1.0 is directly connected, Loopback0
C       10.1.4.0 is directly connected, Loopback3
R    12.0.0.0/8 [120/1] via 192.168.1.2, 00:00:08, Serial1/0
C    192.168.1.0/24 is directly connected, Serial1/0
由以上三个路由表可以看到，学到的路由全部都是自动汇总的。

下面我们关闭自动汇总看看：

R1(config)#router rip
R1(config-router)#no auto-summary

R2(config)#router rip
R2(config-router)#no auto-summary

R3(config)#router rip
R3(config-router)#no auto-summary

现在再看看各个路由表的情况：

R1#show ip route
     10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
R       10.1.3.0/24 [120/2] via 12.1.1.2, 00:00:21, Serial1/1
R       10.1.2.0/24 [120/2] via 12.1.1.2, 00:00:21, Serial1/1
R       10.1.1.0/24 [120/2] via 12.1.1.2, 00:00:21, Serial1/1
R       10.0.0.0/8 [120/2] via 12.1.1.2, 00:00:21, Serial1/1
R       10.1.4.0/24 [120/2] via 12.1.1.2, 00:00:21, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
R    192.168.1.0/24 [120/1] via 12.1.1.2, 00:00:21, Serial1/1

R2#show ip route
     10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
R       10.1.3.0/24 [120/1] via 192.168.1.3, 00:00:17, Serial1/1
R       10.1.2.0/24 [120/1] via 192.168.1.3, 00:00:17, Serial1/1
R       10.1.1.0/24 [120/1] via 192.168.1.3, 00:00:17, Serial1/1
R       10.0.0.0/8 [120/1] via 192.168.1.3, 00:02:08, Serial1/1
R       10.1.4.0/24 [120/1] via 192.168.1.3, 00:00:17, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
C    192.168.1.0/24 is directly connected, Serial1/1

R3#show ip route
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.3.0 is directly connected, Loopback2
C       10.1.2.0 is directly connected, Loopback1
C       10.1.1.0 is directly connected, Loopback0
C       10.1.4.0 is directly connected, Loopback3
     12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       12.1.1.0/24 [120/1] via 192.168.1.2, 00:00:14, Serial1/0
R       12.0.0.0/8 [120/1] via 192.168.1.2, 00:02:04, Serial1/0
C    192.168.1.0/24 is directly connected, Serial1/0
对比前面没有关闭自动汇总，现在的路由表学到的全部是明细路由。等一些时间后再查看路由表，上面阴影的路由条目就会消失。

当然我们也可以手动精确汇总，例如：把R3的10.1.1.1汇总成10.1.0.0/16
R3(config)#int s1/0
R3(config-if)#ip summary-address rip 10.1.0.0 255.255.0.0

R2#show ip route
     10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
R       10.1.3.0/24 [120/1] via 192.168.1.3, 00:00:16, Serial1/1
R       10.1.2.0/24 [120/1] via 192.168.1.3, 00:00:16, Serial1/1
R       10.1.1.0/16 [120/1] via 192.168.1.3, 00:00:16, Serial1/1
R       10.1.1.0/24 [120/1] via 192.168.1.3, 00:00:16, Serial1/1
R       10.1.4.0/24 [120/1] via 192.168.1.3, 00:00:16, Serial1/1
可以看到R2多出了一条10.1.1.0/16的路由，这就是手动汇总的精确路由

下面我们看看各路由器运行RIPv1的边界汇总和不连续子网问题

R1的配置

R2的配置

!
hostname R1
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!
Router rip
Network 12.1.1.0
!

!
hostname R2
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 192.168.1.2 255.255.255.0
no sh
!
Router rip
Network 12.1.1.0
Network 192.168.1.0
!

R3的配置

!
hostname R3
!
interface Serial1/0
ip address 192.168.1.3 255.255.255.0
no sh
clock rate 64000

!
router rip
network 192.168.1.0!

1：如果路由2边的主类网络号不相同的情况下，路由就会把一边的路由信息汇总转发出去。
2：如果路由2边的主类网络号相同的情况下，路由会不做汇总直接转发出去。

现在看看在边界路由R2上debug的情况
R2#debug ip rip
R2#
*Mar 6 21:19:14.887: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (192.168.1.2)
*Mar 6 21:19:14.887: RIP: build update entries
*Mar 6 21:19:14.891:   network 12.0.0.0 metric 1

再看看R3的路由表：
R3# show ip route
R    12.0.0.0/8 [120/1] via 192.168.1.2, 00:00:26, Serial1/0
C    192.168.1.0/24 is directly connected, Serial1/0

由R2的debug信息和R3的路由表可以看到，R2在向R3发送路由信息时候，并没有把我们配置宣告的12.1.1.0/24网络通告给R3，而是通告主类网络12.0.0.0/8，与上面RIPv2没有关闭自动汇总发送的情况一样。这就是RIP发送路由更新跨越网络边界时，它会按照（A、B、C类）的掩码进行汇总，即边界汇总。

现在我们看看R3上配置一个loopback4接口，地址为12.1.2.1/24，使它与12.1.1.0/24形成一个不连续网络的情况。且打开debug观察。

R3(config)#interface loopback 4
R3(config-if)#ip address 12.1.2.1 255.255.255.0

R3#debug ip rip
R3#
*Mar 6 21:40:51.267: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (192.168.1.3)
*Mar 6 21:40:51.267: RIP: build update entries - suppressing null update
R3#
*Mar 6 21:41:00.051: RIP: received v1 update from 192.168.1.2 on Serial1/0
*Mar 6 21:41:00.055:      12.0.0.0 in 1 hops

R3#show ip route
     12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       12.0.0.0/8 [120/1] via 192.168.1.2, 00:00:49, Serial1/0
C       12.1.2.0/24 is directly connected, Loopback4
C    192.168.1.0/24 is directly connected, Serial1/0

由debug信息可以看到R3仍然一直收到来自R1的更新，但当我们查看R3路由表时，更新的时间已经为49S，12.0.0.0/8这条路由已经没有再周期更新了，过一些时间就出现possibly down。

R3#show ip route
     12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       12.0.0.0/8 is possibly down,routing via 192.168.1.2, Serial1/0
C       12.1.2.0/24 is directly connected, Loopback4
C    192.168.1.0/24 is directly connected, Serial1/0
大概4分钟之后，在R3的路由表就看不到R1通告过来的路由条目。
R3#show ip route
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.2.0 is directly connected, Loopback4
C    192.168.1.0/24 is directly connected, Serial1/0

出现上述的原因是R3的looback 4接口是直连接口，接受来自相同12.0.0.0的更新时，它会丢弃。只选择来自直连接口的路由。

遇到这样的问题，我们可以通过设置辅助地址（第二地址）来解决，辅助地址要与不连续网络位于同一个主网络内，并且使用相同的子网掩码。下面我们在R2和R3上设置。

R2(config)#int s1/1
R2(config-if)#ip address 12.1.3.1 255.255.255.0 secondary

R3(config)#int s1/0
R3(config-if)#ip address 12.1.3.2 255.255.255.0 secondary

再次观察R3的debug信息和路由表

R3#debug ip rip
*Mar 6 22:13:47.587: RIP: received v1 update from 192.168.1.2 on Serial1/0
*Mar 6 22:13:47.587:      12.0.0.0 in 1 hops
*Mar 6 22:13:47.587: RIP: received v1 update from 12.1.3.1 on Serial1/0
*Mar 6 22:13:47.591:      12.1.1.0 in 1 hops

R3#show ip route
     12.0.0.0/24 is subnetted, 4 subnets
R       12.1.1.0 [120/1] via 12.1.3.1, 00:00:10, Serial1/0
R       12.0.0.0 [120/1] via 192.168.1.2, 00:00:10, Serial1/0
C       12.1.3.0 is directly connected, Serial1/0
C       12.1.2.0 is directly connected, Loopback4
C    192.168.1.0/24 is directly connected, Serial1/0

可以看到现在的R3已经有了12.1.1.0/24的路由条目，当然R1也学到了12.1.3.0/24的路由条目

R1#show ip route
     12.0.0.0/24 is subnetted, 2 subnets
C       12.1.1.0 is directly connected, Serial1/1
R       12.1.3.0 [120/1] via 12.1.1.2, 00:00:12, Serial1/1
R    192.168.1.0/24 [120/1] via 12.1.1.2, 00:00:12, Serial1/1

测试一下R1和R3的互通性
R1#ping 192.168.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/86/156 ms

R3#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/98/132 ms

留心观察会发现辅助地址不但解决了不连续网络的问题，而且也解决了边界汇总的问题。所以很多时候不连续网络和边界汇总是同时出现的。[/img]..

类别：IGP|阅读(1562)|回复(4)|赞(1)阅读全文>>

原创

3.3 RIP的被动、单播、过滤

2008-03-04 20:41:48

3.3 RIP的被动、单播、过滤

实验连接图

提要描述

在一些的应用中，路由不想把更新信息传出去，或者只想把路由信息传递给特定的路由设备，那么这样的要求就引发出RIP的被动接口、单播更新和路由过滤的应用。首先RIP v1是以广播的形式（255.255.255.255）来把自己的路由更新信息发出去，而RIP v2是以组播（224.0.0.9）的方式发自己的更新信息出去。广播和组播能不能穿透被动接口而把更新发出去？单播又是怎么工作的？路由过滤又是如何呢？实验目标: 在R2上分别做被动、单播和在R3上做过滤的调试看看各个现象和结合应用的情况。

RIPv1基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/1
no shut
ip address 12.1.1.1 255.255.255.0
clock rate 64000
!
router rip
network 0.0.0.0
!

!
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
no shut
ip address 12.1.1.2 255.255.255.0
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
!
router rip
network 0.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
no shut
ip address 23.1.1.3 255.255.255.0
clock rate 64000
!
router rip
network 0.0.0.0
!

↓调试配置及监测步骤↓

首先：我们这里各个路由器都运行RIPv1，现在把R2 的S1/0的接口被动掉，看看会有什么情况发生？！

R2(config)#router rip
R2(config-router)#passive-interface s1/0

R1的情况：
R1#sh ip route
1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:28, Serial1/1
R    3.0.0.0/8 [120/2] via 12.1.1.2, 00:00:28, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:28, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

再看：
R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:36, Serial1/1
R    3.0.0.0/8 [120/2] via 12.1.1.2, 00:00:36, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:36, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
这个时候更新计时器没有回0 ，说明在R1上已经收不到上面阴影部分的路由信息了。进入了无效更新阶段，过了180S后的时候，就会出现下面的possibly down现象。

R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
R    3.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
R    23.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

过了60S的时间后，再看R1的路由表，已经没有了从R2学到的路由信息：

R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R2的情况：
R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:12, Serial1/0
     2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback0
R    3.0.0.0/8 [120/1] via 23.1.1.3, 00:00:00, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R2的路由表是一直没有变化的，这就是被动接口的功能-----只收不发，被禁止的路由器接口他是不会发送路由更新给邻居的，但他自己仍然可以从邻居那里接收路由更新。

看看R1、R2在运行RIPv1 的debug信息
R1#   debug ip rip
RIP protocol debugging is on
R1#
*Mar 4 19:41:04.087: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 4 19:41:04.087: RIP: build update entries
*Mar 4 19:41:04.087:   network 1.0.0.0 metric 1
R1没有收到任何路由信息

R2#debug ip rip
RIP protocol debugging is on
R2#
*Mar 4 19:40:07.655: RIP: received v1 update from 12.1.1.1 on Serial1/0
*Mar 4 19:40:07.659:      1.0.0.0 in 1 hops
R2#
*Mar 4 19:40:22.071: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (23.1.1.2)
*Mar 4 19:40:22.071: RIP: build update entries
*Mar 4 19:40:22.075:   network 1.0.0.0 metric 2
*Mar 4 19:40:22.075:   network 2.0.0.0 metric 1
*Mar 4 19:40:22.075:   network 12.0.0.0 metric 1
R2#
*Mar 4 19:40:31.591: RIP: received v1 update from 23.1.1.3 on Serial1/1
*Mar 4 19:40:31.595:      3.0.0.0 in 1 hops
R2收到了所以的路由信息
从上面R1和R2的信息来看，运行RIPv1时候采用广播（255.255.255.255）的方式发送更新不能穿透被动接口，那现在我们换成RIPv2看看：
R1(config)#router rip
R1(config-router)#version 2

R2(config)#router rip
R2(config-router)#version 2

R1#debug ip rip
*Mar 4 19:51:41.419: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (12.1.1.1)
*Mar 4 19:51:41.419: RIP: build update entries
*Mar 4 19:51:41.423:   1.0.0.0/8 via 0.0.0.0, metric 1, tag 0
R2#debug ip rip
*Mar 4 19:51:41.991: RIP: received v2 update from 12.1.1.1 on Serial1/0
*Mar 4 19:51:41.995:      1.0.0.0/8 via 0.0.0.0 in 1 hops
R2#
*Mar 4 19:51:40.971: RIP: sending v2 update to 224.0.0.9 via Loopback0 (2.2.2.2)
*Mar 4 19:51:40.971: RIP: build update entries
*Mar 4 19:51:40.975:   1.0.0.0/8 via 0.0.0.0, metric 2, tag 0
*Mar 4 19:51:40.975:   3.0.0.0/8 via 0.0.0.0, metric 2, tag 0
*Mar 4 19:51:40.979:   12.0.0.0/8 via 0.0.0.0, metric 1, tag 0
*Mar 4 19:51:40.979:   23.0.0.0/8 via 0.0.0.0, metric 1, tag 0
*Mar 4 19:51:40.983: RIP: ignored v2 packet from 2.2.2.2 (sourced from one of our addresses)
转换到RIPv2后，同样R1也没有收到任何路由信息，这证实了以组播（224.0.0.9）方式发送更新也不能够穿透被动接口。

那么单播能不能把更新信息传递出来呢？我们在R1和R2上面配置单播看看。

R1(config)#router rip
R1(config-router)#neighbor 12.1.1.2

R2(config)#router rip
R2(config-router)#neighbor 12.1.1.1

R2#debug ip rip
RIP protocol debugging is on
R2#
*Mar 4 20:03:59.527: RIP: sending v1 update to 12.1.1.1 via Serial1/0 (12.1.1.2)
*Mar 4 20:03:59.527: RIP: build update entries
*Mar 4 20:03:59.531:   network 2.0.0.0 metric 1
*Mar 4 20:03:59.531:   network 3.0.0.0 metric 2
*Mar 4 20:03:59.531:   network 23.0.0.0 metric 1

R1#debug ip rip
*Mar 4 20:04:52.939: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Mar 4 20:04:52.943:      2.0.0.0 in 1 hops
*Mar 4 20:04:52.943:      3.0.0.0 in 2 hops
*Mar 4 20:04:52.943:      23.0.0.0 in 1 hops

R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:00, Serial1/1
R    3.0.0.0/8 [120/2] via 12.1.1.2, 00:00:00, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:00, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

通过在R1和R2指定了单播之后，R2以单播指定的方式向R1发送数据报文，而R1也在指定的ip地址接收数据报文，查看R1的路由表，已经学到了全部路由信息。这证实单播能够穿透被动接口。

结论：在运行RIP的情况下做接口被动是可以隔绝RIP的广播和组播数据报文，但是不会隔绝单播的数据报文，单播是可以穿透被动接口发送数据报文的。被动和单播很多时候是在一起使用，被动的应用主要在小网络客户和ISP连接的时候，ISP在他的边界路由器上面使用的技术。

除了用被动禁止发送路由信息外，我们还可以利用分发列表来实现在RIP中过滤路由：

我们现在在R3上实现这个功能：
R3(config)#router rip
R3(config-router)#no network 0.0.0.0 #先删除默认路由，再宣告明细路由
R3(config-router)#network 23.0.0.0
R3(config-router)#network 3.3.3.3

R3#show ip protocols
Routing for Networks:
   3.0.0.0
    23.0.0.0
这里有两个网络被宣告出去，现在要拒绝宣告3.0.0.0这个网络，不让它通过R3的s1/0宣告出去：

R3(config)#access-list 10 deny 3.0.0.0
R3(config)#access-list 10 permit any
R3(config)#router rip
R3(config-router)#distribute-list 10 out s1/0

配置后等一些时间，再看看R2、R1的路由表情况：
R2#sh ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:10, Serial1/0
     2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback0
R    3.0.0.0/8 is possibly down, routing via 23.1.1.3, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

这时候R2已经出现在possibly down了，R2会通知R1，R3的3.0.0.0这个网络不可达，这时候R1会马上删除3.0.0.0这个网络
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:05, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:05, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R1已经没有了3.0.0.0这个网络了，再过60秒左右R2也会删除3.0.0.0这个网络。

R2#sh ip route
Gateway of last resort is not set
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:17, Serial1/0
     2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

[/img]..

类别：IGP|阅读(647)|回复(2)|赞(0)阅读全文>>

原创

3.2 RIP定时器情况

2008-03-04 17:12:32

3.2RIP定时器情况

实验连接图

提要描述

RIP 定时器
更新定时器：30秒（用于设置定期路由更新的时间间隔）
无效定时器：180秒（路由器在认定一个路由成为无效路由之前所需要等待的时间）
保持定时器：180秒（用于设置路由信息被抑制的时间）
刷新定时器：240秒（用于设置某个路由成为无效路由并将它从路由表中删除的时间）
实验目标：通过实验调试RIP，观察定时器的情况，理解定时器的原理。

基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/1
no shut
ip address 12.1.1.1 255.255.255.0
clock rate 64000
!
router rip
network 0.0.0.0
!

!
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
no shut
ip address 12.1.1.2 255.255.255.0
!
interface Serial1/1
no shut
ip address 23.1.1.2 255.255.255.0
!
router rip
network 0.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
no shut
ip address 23.1.1.3 255.255.255.0
clock rate 64000
!
router rip
network 0.0.0.0
!

↓调试配置及监测步骤↓
查看各路由器路由表的情况：
R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:00, Serial1/1
R    3.0.0.0/8 [120/2] via 12.1.1.2, 00:00:00, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:00, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:26, Serial1/0
     2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback0
R    3.0.0.0/8 [120/1] via 23.1.1.3, 00:00:10, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R3#show ip route
R    1.0.0.0/8 [120/2] via 23.1.1.2, 00:00:20, Serial1/0
R    2.0.0.0/8 [120/1] via 23.1.1.2, 00:00:20, Serial1/0
     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:20, Serial1/0
通过路由表已经看到各个路由器都学到了路由信息，只要通过重复show ip route 就可以查看到路由器条目阴影部分的时间在30s内变化。

看看在R1上show ip protocols输出的信息，留意定时器部分：
R1#show ip protocols
Routing Protocol is "rip"
  Sending updates every 30 seconds, next due in 24 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 1, receive any version
    Interface             Send Recv Triggered RIP Key-chain
    Serial1/1             1     1 2
    Loopback0             1     1 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
    0.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.2             120      00:00:26
Distance: (default is 120)

下面通过debug观察路由表的变化情况：
1：R1#debug ip routing
R1#debug ip rip
2：在R1上，做个访问列表，不接收来自R2的rip数据包
R1(config)#access-list 110 deny udp any any eq rip
R1(config)#access-list 110 permit ip any any
R1(config-if)#ip access-group 110 in
3：再看看R1这是的debug信息：
R1#
*Mar 4 16:21:46.123: RT: delete route to 2.0.0.0 via 12.1.1.2, rip metric [120/1]
*Mar 4 16:21:46.123: RT: no routes to 2.0.0.0, entering holddown
*Mar 4 16:21:46.127: RT: delete route to 3.0.0.0 via 12.1.1.2, rip metric [120/2]
*Mar 4 16:21:46.131: RT: no routes to 3.0.0.0, entering holddown
*Mar 4 16:21:46.131: RT: delete route to 23.0.0.0 via 12.1.1.2, rip metric [120/1]
*Mar 4 16:21:46.135: RT: no routes to 23.0.0.0, entering holddown
R1#
*Mar 4 16:21:48.127: RIP: sending v1 flash update to 255.255.255.255 via Loopback0 (1.1.1.1)
*Mar 4 16:21:48.127: RIP: build flash update entries
*Mar 4 16:21:48.131:   network 2.0.0.0 metric 16
*Mar 4 16:21:48.131:   network 3.0.0.0 metric 16
*Mar 4 16:21:48.131:   network 23.0.0.0 metric 16
会在180之后，来自R2路由条目，被宣告无效（即invail计时器走完）。

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
R    3.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
R    23.0.0.0/8 is possibly down, routing via 12.1.1.2, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
查看R1路由表已经出现了possibly down，在保持时间计时器段。

R1#
*Mar 4 16:22:46.135: RT: delete network route to 2.0.0.0
*Mar 4 16:22:46.135: RT: NET-RED 2.0.0.0/8
*Mar 4 16:22:46.139: RT: delete network route to 3.0.0.0
*Mar 4 16:22:46.139: RT: NET-RED 3.0.0.0/8
*Mar 4 16:22:46.143: RT: delete network route to 23.0.0.0
*Mar 4 16:22:46.143: RT: NET-RED 23.0.0.0/8
通过上面时间的对比，在宣布无效之后的大概60s内，学自R2的路由条目在路由表里面被删除，即刷新计时器如图所示为180+60=240s。这个计时器是刚开始就启动的，一直到保持计时器进行到６０s时(即刷新计时器和无效计时器同时触发)，它将路由表刷新．在将它（无效路由）从表中删除前，路由器会通告它的邻居这个路由即将消亡。

上面的是使用默认的时间，调试过程时间较长，我们可以通过修改timer来使调试的结果更加明显。

R1(config)#int s1/1
R1(config-if)#no ip access-group 110 in
R1(config-router)#timer basic ?
<0-4294967295> Interval between updates
R1(config-router)#timer basic 5 ?
<1-4294967295> Invalid
R1(config-router)#timer basic 5 10 ?
<0-4294967295> Holddown
R1(config-router)#timer basic 5 10 15 ?
<1-4294967295> Flush
R1(config-router)#timer basic 5 10 15 20

R2(config)#router rip
R2(config-router)#timer basic 5 10 15 20

R3(config)#router rip
R3(config-router)#timer basic 5 10 15 20

观察留意show ip protocols 各个时间值已经改变了

R1#show ip protocols
Routing Protocol is "rip"
Sending updates every 5 seconds, next due in 2 seconds
Invalid after 10 seconds, hold down 15, flushed after 20
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 1, receive any version
    Interface             Send Recv Triggered RIP Key-chain
    Serial1/1             1     1 2
    Loopback0             1     1 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
    0.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.2             120      00:00:01
Distance: (default is 120)
现在再次恢复访问列表，使R1不接收来自R2的RIP路由，且在R1上打开debug 观察：

R1(config)#int s1/1
R1(config-if)#ip access-group 110 in

R1#debug ip rip
RIP protocol debugging is on

R1#
*Mar 4 17:02:26.795: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 4 17:02:26.795: RIP: build update entries
*Mar 4 17:02:26.799:   network 1.0.0.0 metric 1
*Mar 4 17:02:26.799:   network 2.0.0.0 metric 16
*Mar 4 17:02:26.799:   network 3.0.0.0 metric 16
*Mar 4 17:02:26.803:   network 23.0.0.0 metric 16
*Mar 4 17:02:28.151: RIP: sending v1 flash update to 255.255.255.255 via Serial1/1 (12.1.1.1)
-------------------------------省略部分信息-------------------------------------
R1#
*Mar 4 17:02:33.067: RIP: sending v1 update to 255.255.255.255 via Loopback0 (1.1.1.1)
*Mar 4 17:02:33.067: RIP: build update entries
*Mar 4 17:02:33.071:   network 2.0.0.0 metric 16
*Mar 4 17:02:33.071:   network 3.0.0.0 metric 16
*Mar 4 17:02:33.071:   network 12.0.0.0 metric 1
*Mar 4 17:02:33.071:   network 23.0.0.0 metric 16
R1#
*Mar 4 17:02:36.687: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Mar 4 17:02:36.687: RIP: build update entries
*Mar 4 17:02:36.691:   network 1.0.0.0 metric 1
从以上debug结果观察到，第一次通告不可达（metric 16）的时间为02：26 到来自R2的路由消失时间为02：36 的间隔为10s（即是Invalid计时器和Flush计时器差为10s）,与我们设置的时间一致。

总结：在距离矢量路由协议里面，路由器会将它学习的整张路由表信息更新发出去，Ｒip使用４种计时器来管理它的性能：
1：周期更新计时器　周期更新计时器用于设置定期路由更新的时间间隔（一般为３０s），在这个间隔里路由器发送一个自己路由表的完整拷贝到所有相邻的路由器。
2：无效计时器　用于决定一个时间长度，即路由器在认定一个路由成为无效路由之前所需要等待的时间（１８０s，实际情况往往略大于１８０s）．如果路由器在更新计时器期间没有得到关于某个指定路由的任何更新消息，它将认为这个路由失效，这时就会进入到无效计时器阶段．当这一情况发生时，这个路由器将会给它所有的邻居发送一个更新消息以通知它们这个路由已经无效。

3：保持计时器　用于设置路由信息被抑制的时间数量．当上述无效计时器计时完毕后，就会进入到保持计数器阶段．也可理解为，当指示某个路由为不可达的更新数据包被接受到时，路由器将会进入保持失效状态．这个状态将会一直持续到一个带有更好度量的更新数据包被接受到或者这个保持计时器到期．默认时，它的取值是１８０s．在进入到这个阶段的前６０s，会显示一个如下的路由信息possibly down，这时路由器并没有直接删除这条路由信息，但记住，若此时该路由恢复正常通讯，路由表信息也不会更新，在接下来的１２０s会起到一个保持网络稳定的作用。

4：刷新计时器　用于设置某个路由成为无效路由并将它从路由表中删除的时间间隔（２４０s）．这个计时器是刚开始就启动的，一直到保持计时器进行到６０s时，它将路由表刷新．在将它（无效路由）从表中删除前，路由器会通告它的邻居这个路由即将消亡。
5:我们也可以用time basic 来改变计时器的时间间隔。
timers basic update invalid holddown flush[/img]..

类别：IGP|阅读(1809)|回复(4)|赞(3)阅读全文>>

原创

3.1 RIP版本1&2配置

2008-03-04 01:03:12

3.1 RIP版本1&2配置

实验连接图

提要描述

RIP(Routing information Protocol)是应用较早、使用较普遍的内部网关协议(Interior Gateway Protocol,简称IGP)，适用于小型同类网络，是典型的距离向量(distance-vector)协议。文档见RFC1058、RFC1723。RIP通过广播UDP报文来交换路由信息，每30秒发送一次路由信息更新。RIP提供跳跃计数(hop count)作为尺度来衡量路由距离，跳跃计数是一个包到达目标所必须经过的路由器的数目。如果到相同目标有二个不等速或不同带宽的路由器，但跳跃计数相同，则RIP认为两个路由是等距离的。RIP最多支持的跳数为15，即在源和目的网间所要经过的最多路由器的数目为15，跳数16表示不可达。
实验目标: 查看RIP运行基本情况

RIPv1基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
clock rate 64000
!
router rip
network 12.0.0.0
!

!
hostname R2
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
!
router rip
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
clock rate 64000
!
router rip
network 23.0.0.0
!

↓调试配置及监测步骤↓

下面分别看看R1、R2、R3的路由表

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:19, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:17, Serial1/0

查看RIP的运行情况
R1#show ip protocols
Routing Protocol is "rip"
  Sending updates every 30 seconds, next due in 25 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 1, receive any version
    Interface             Send Recv Triggered RIP Key-chain
    Serial1/1            1     1 2  #RIPv1发送版本1，介绍版本1、2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
    12.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.2             120      00:00:12
Distance: (default is 120) #……………rip默认管理距离120

R1#ping 23.1.1.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/80/136 ms

用Debug可以打开RIP的排错功能

R1#debug ip rip ?
database RIP database events
events    RIP protocol events
trigger   RIP trigger extension

R1#debug ip rip
RIP protocol debugging is on
R1#
*Feb 17 18:22:56.755: RIP: received v1 update from 12.1.1.2 on Serial1/1
*Feb 17 18:22:56.759:      23.0.0.0 in 1 hops
*Feb 17 18:23:06.247: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (12.1.1.1)
*Feb 17 18:23:06.247: RIP: build update entries - suppressing null update
R1#un all
All possible debugging has been turned off

RIPv2

RIPv2提要描述

RIPv1可以侦听版本1和版本2的数据包，但只发送版本1的更新，如果要Router发送版本2的更新，必须使用版本2命令：Version 2
实验目标: 查看RIPv2运行基本情况

RIPv2基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
clock rate 64000
!
router rip
version 2
network 12.0.0.0
!

!
hostname R2
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
!
router rip
version 2
network 12.0.0.0
network 23.0.0.0
!

R3的配置

!
hostname R3
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
clock rate 64000
!
router rip
version 2
network 23.0.0.0
!

↓调试配置及监测步骤↓
下面看看R1的情况，R2、R3类似省略
R1#show ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 2 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 2, receive version 2
    Interface             Send Recv Triggered RIP Key-chain
    Serial1/1             2     2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
    12.0.0.0
Routing Information Sources:
    Gateway         Distance      Last Update
    12.1.1.2             120      00:00:13
Distance: (default is 120)

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:00, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1

R1#debug ip rip
RIP protocol debugging is on
R1#
*Mar 3 23:22:26.671: RIP: received v2 update from 12.1.1.2 on Serial1/1
*Mar 3 23:22:26.675:      23.0.0.0/8 via 0.0.0.0 in 1 hops
R1#
*Mar 3 23:22:45.099: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (12.1.1.1)
*Mar 3 23:22:45.099: RIP: build update entries - suppressing null update

RIP版本1、版本2、默认互操作

提要描述

R1配置为版本2，R2为默认、R3为版本1
实验目标: 查看三种配置的情况

基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
clock rate 64000
!
router rip
version 2
network 0.0.0.0
!

!
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
!
router rip
network 0.0.0.0
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
clock rate 64000
!

router rip
version 1
network 0.0.0.0
!

↓调试配置及监测步骤↓
首先我们来看看R1、R2、R3的路由表情况
R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
R1没有学习到路由

R2#show ip route
R    1.0.0.0/8 [120/1] via 12.1.1.1, 00:00:13, Serial1/0
     2.0.0.0/24 is subnetted, 1 subnets
C       2.2.2.0 is directly connected, Loopback0
R    3.0.0.0/8 [120/1] via 23.1.1.3, 00:00:13, Serial1/1
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R2学习到了R1、R3的路由

R3#show ip route
R    1.0.0.0/8 [120/2] via 23.1.1.2, 00:00:20, Serial1/0
R    2.0.0.0/8 [120/1] via 23.1.1.2, 00:00:20, Serial1/0
     3.0.0.0/24 is subnetted, 1 subnets
C      3.3.3.0 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
R    12.0.0.0/8 [120/1] via 23.1.1.2, 00:00:20, Serial1/0
R3学到了R1、R2的路由

出现上面路由表的结果原因在于：
1：R1#show ip protocols
Default version control: send version 2, receive version 2
R1运行的是版本2，只会发送版本2和接受版本2
2：R2#show ip protocols
Default version control: send version 1, receive any version
  R2是默认的版本，它可以发送版本1和接受到任何版本
所以R2能够接受到来自R1和R3的路由
3: R3#show ip protocols
Default version control: send version 1, receive version 1
R3运行指定是版本1，只会发生和接受版本1
所以R3只能够收到版本1的路由。
4：细心留意会发现，R3只会接受版本1，为什么会学到R1的路由？？这是因为R2学到了R1的路由后，发送给R3，所以R3也学到了R1的路由。

下面使用Debug看看各个路由器的信息：
R1#debug ip rip events
RIP event debugging is on
R1#
*Mar 4 00:11:52.275: RIP: ignored v1 packet from 12.1.1.2 (illegal version) #可以看到R1忽略了R2发过来版本1的数据
R1#
*Mar 4 00:12:02.851: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (12.1.1.1)
*Mar 4 00:12:02.851: RIP: Update contains 1 routes
*Mar 4 00:12:02.855: RIP: Update queued
*Mar 4 00:12:02.855: RIP: Update sent via Serial1/1
*Mar 4 00:12:03.047: RIP: sending v2 update to 224.0.0.9 via Loopback0 (1.1.1.1)
*Mar 4 00:12:03.047: RIP: Update contains 1 routes
*Mar 4 00:12:03.051: RIP: Update queued
*Mar 4 00:12:03.051: RIP: Update sent via Loopback0
*Mar 4 00:12:03.055: RIP: ignored v2 packet from 1.1.1.1 (sourced from one of our addresses) #源来自同一个路由器也忽略

R2#debug ip rip events
RIP event debugging is on
R2#
*Mar 4 00:12:07.783: RIP: received v2 update from 12.1.1.1 on Serial1/0 #收到来自R1的更新
*Mar 4 00:12:07.787: RIP: Update contains 1 routes
*Mar 4 00:12:07.903: RIP: received v1 update from 23.1.1.3 on Serial1/1 #收到来自R3的更新
*Mar 4 00:12:07.907: RIP: Update contains 1 routes
R2#
*Mar 4 00:12:21.715: RIP: sending v1 update to 255.255.255.255 via Loopback0 (2.2.2.2)
*Mar 4 00:12:21.719: RIP: Update contains 4 routes
*Mar 4 00:12:21.719: RIP: Update queued
*Mar 4 00:12:21.719: RIP: Update sent via Loopback0
R2#
*Mar 4 00:12:24.571: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (12.1.1.2)
*Mar 4 00:12:24.575: RIP: Update contains 3 routes
*Mar 4 00:12:24.575: RIP: Update queued
*Mar 4 00:12:24.575: RIP: Update sent via Serial1/0
R2#
*Mar 4 00:12:32.515: RIP: sending v1 update to 255.255.255.255 via Serial1/1 (23.1.1.2)
*Mar 4 00:12:32.519: RIP: Update contains 3 routes
*Mar 4 00:12:32.519: RIP: Update queued
*Mar 4 00:12:32.519: RIP: Update sent via Serial1/1

R3#debug ip rip events
RIP event debugging is on
R3#
*Mar 4 00:12:32.375: RIP: received v1 update from 23.1.1.2 on Serial1/0 #收到来自R2的更新
*Mar 4 00:12:32.379: RIP: Update contains 3 routes
R3#
*Mar 4 00:12:34.819: RIP: sending v1 update to 255.255.255.255 via Serial1/0 (23.1.1.3)
*Mar 4 00:12:34.823: RIP: Update contains 1 routes
*Mar 4 00:12:34.823: RIP: Update queued
*Mar 4 00:12:34.823: RIP: Update sent via Serial1/0
R3#
*Mar 4 00:12:53.891: RIP: sending v1 update to 255.255.255.255 via Loopback0 (3.3.3.3)
*Mar 4 00:12:53.895: RIP: Update contains 4 routes
*Mar 4 00:12:53.895: RIP: Update queued
*Mar 4 00:12:53.895: RIP: Update sent via Loopback0

上面的debug信息中R1使用的是组播更新（224.0.0.9）版本2的特性，R2、R3使用广播更新（255.255.255.255）

使用ping看看互通性：
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1学不到任何路由，所以ping不通是正常。

R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/50/96 ms
R2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/55/132 ms
R2学到了全部路由，所以可以ping 通R1、R3

R3#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R3#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/45/80 ms
这里发生了一个有趣的现象，R3学到了全部路由，ping R2通，但却ping不通R1????
这是因为R3学到R1的路由信息是从R2学到的，R3有到达R1的路由信息，但R1却不知道如何到达R3，数据包有去无回。
当然我们可以通过在接口下指定接受和发送的情况：
R1(config)#int s1/1
R1(config-if)#ip rip ?
receive         advertisement reception
send            advertisement transmission
R1(config-if)#ip rip receive version ?
1 RIP version 1
2 RIP version 2
<cr>
R1(config-if)#ip rip receive version 1
看看R1指定了接受版本1之后的路由表和互通性情况：
R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
R    2.0.0.0/8 [120/1] via 12.1.1.2, 00:00:23, Serial1/1
R    3.0.0.0/8 [120/2] via 12.1.1.2, 00:00:23, Serial1/1
R    23.0.0.0/8 [120/1] via 12.1.1.2, 00:00:23, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/51/80 ms
R1#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/70/112 ms
R3#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/54/84

从结果可以看到，通过在接口下指定了接收情况，R1学到了全部路由，且R1和R3可以互通。[/img]..

类别：IGP|阅读(492)|回复(4)|赞(0)阅读全文>>

原创

2.4默认路由

2008-03-03 22:31:33

2.4默认路由

实验连接图

提要描述

所谓的默认路由，是指路由器在路由表中如果找不到到达目的网络的具体路由时，最后会采用的路由。默认路由通常会在末节网络（STUB network，即只有一个出口的网络）中使用。很多时候，人们将默认路由叫做"0/0"路由，因为这些路由的IP地址是0.0.0.0，而子网掩码也是0.0.0.0。
实验目标： "不管是什么IP地址，也不管子网掩码是什么，都从我这里发就OK"。

基本配置

R1的配置

R2的配置

!
hostname R1
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!

!
hostname R2
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no sh
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no sh
clock rate 64000
!

↓调试配置及监测步骤↓
首先使用命令：Ip route 0.0.0.0 0.0.0.0{下一跳地址 | 出站接口 } 分别在R1、R3上配置默认路由
R1(config)#ip route 0.0.0.0 0.0.0.0 s1/1
R3(config)#ip route 0.0.0.0 0.0.0.0 23.1.1.2
看看上面蓝色：用出站接口和下一跳地址的区别:
R1#show ip route
12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
S*   0.0.0.0/0 is directly connected, Serial1/1

R3#show ip route
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
     10.0.0.0/24 is subnetted, 4 subnets
C       10.1.3.0 is directly connected, Loopback2
C       10.1.2.0 is directly connected, Loopback1
C       10.1.1.0 is directly connected, Loopback0
C       10.1.4.0 is directly connected, Loopback3
S*   0.0.0.0/0 [1/0] via 23.1.1.2
从上面的路由表来看R1、R3都已经添加了默认路由，下面用ping测试一下连通性：
R1#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/84/160 ms

R3#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/82/120 ms

R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
结果显示R1和R3和ping都可以通，但ping R3的loopback接口不通，是因为没有路由可到达。在R2添加默认路由看看
R2(config)#ip route 0.0.0.0 0.0.0.0 23.1.1.3

R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/88/160 ms
提示：默认路由在实在环境中很常见，特别在中小企业的网络环境，默认路由会大大简化路由器的配置，减轻管理员的工作负担,提高网络性能。例如：和运营商之间的连接线路，客户端不用理会运营商用什么路由协议，直接用默认路由就可以了。[/img]..

类别：IGP|阅读(386)|回复(3)|赞(0)阅读全文>>

原创

2.1基本静态路由

2008-03-02 09:57:08

2.1基本静态路由

实验连接图

提要描述

在网络传输中，当终端封装完数据，到了路由器上面来说，路由器会去查找IP层封装的目的IP地址，通过目的IP地址进行转发，在这个过程中就要有路由的概念，路由器会去查找目的IP转发用到的路由条目。如果没有目的条目就直接仍掉，如果有目的路由就查找到对应的接口，从对应的接口转发出去。
实验目标：路由全通

基本配置

R1的配置

R2的配置

!
hostname R1
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!

!
hostname R2
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no sh

R3的配置

!
hostname R3
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no sh
clock rate 64000
!

↓调试配置及监测步骤↓

首先在R1上使用ping命令检测直连链路是否畅通
R1#ping 12.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.2, timeout is 2 seconds:
!!!!!   (ping通，收到了ICMP包回复)
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/57/92 ms

再次使用ping命令检测能否将数据包从R1发送到达R3
R1#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
..... （ping不通）
Success rate is 0 percent (0/5)
ping命令失败！使用debug ip packet命令来监测
R1#debug ip packet
IP packet debugging is on
R1#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
*Jan 6 13:42:15.271: IP: s=12.1.1.1 (local), d=23.1.1.3, len 100, unroutable.
*Jan 6 13:42:17.271: IP: s=12.1.1.1 (local), d=23.1.1.3, len 100, unroutable.
*Jan 6 13:42:19.271: IP: s=12.1.1.1 (local), d=23.1.1.3, len 100, unroutable.
*Jan 6 13:42:21.271: IP: s=12.1.1.1 (local), d=23.1.1.3, len 100, unroutable.
*Jan 6 13:42:23.271: IP: s=12.1.1.1 (local), d=23.1.1.3, len 100, unroutable.
Success rate is 0 percent (0/5)
根据debug信息可以看到ping不通是因为无法路由（unroutable），使用show ip route来查看路由表
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
由结果看到路由表中没有23.1.1.0/24的路由条目，所以需要手动添加静态路由。
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 23.1.1.0 255.255.255.0 serial 1/1
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
S       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
可以看到此时R1发生了变化，多了一条静态路由。
现在再ping R3监测一下
R1#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
*Jan 6 13:54:32.035: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending.
*Jan 6 13:54:34.031: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending.
*Jan 6 13:54:36.031: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending.
*Jan 6 13:54:38.031: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending.
*Jan 6 13:54:40.031: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending.
Success rate is 0 percent (0/5)
现在显示的是数据已经发送出去（sending），但是依然不通，考虑一下ping是一个双向的过程，于是去R2上面看一下。
R2#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/53/96 ms
R2#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/41/72 ms
R2上可以ping R1和R3，说明R2没有问题。
再到R3上面来看一下路由表。
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
发现路由器R3没有去往12.1.1.0/24网络的路由信息，此时debug看R3 ping R1的过程也可以证明了这个推断。
R3#debug ip packet
IP packet debugging is on
R3#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
*Jan 6 14:12:10.579: IP: s=23.1.1.3 (local), d=12.1.1.1, len 100, unroutable.
*Jan 6 14:12:12.579: IP: s=23.1.1.3 (local), d=12.1.1.1, len 100, unroutable.
*Jan 6 14:12:14.579: IP: s=23.1.1.3 (local), d=12.1.1.1, len 100, unroutable.
*Jan 6 14:12:16.579: IP: s=23.1.1.3 (local), d=12.1.1.1, len 100, unroutable.
*Jan 6 14:12:18.579: IP: s=23.1.1.3 (local), d=12.1.1.1, len 100, unroutable.
Success rate is 0 percent (0/5)
在R3上添加去何12.1.1.0/24/网络的静态路由
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip route 12.1.1.0 255.255.255.0 23.1.1.2
返回特权模式，查看路由表的变化
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/0
     12.0.0.0/24 is subnetted, 1 subnets
S       12.1.1.0 [1/0] via 23.1.1.2
R3的路由表已经创建一条去往12.1.1.0/24网络的路由，在R3上ping R1测试一下
R3#ping 12.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.1.1, timeout is 2 seconds:
!!!!!（可以ping通）
现在回到R1上再ping　Ｒ3测试一下
R1#ping 23.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.1.1.3, timeout is 2 seconds:
!!!!! (也可以ping通了)
Debug信息也可以看到发出去的包有了回复
R1#debug ip packet
*Jan 6 14:20:50.511: IP: tableid=0, s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), routed via RIB
*Jan 6 14:20:50.515: IP: s=12.1.1.1 (local), d=23.1.1.3 (Serial1/1), len 100, sending
*Jan 6 14:20:50.615: IP: tableid=0, s=23.1.1.3 (Serial1/1), d=12.1.1.1 (Serial1/1), routed via RIB
*Jan 6 14:20:50.615: IP: s=23.1.1.3 (Serial1/1), d=12.1.1.1 (Serial1/1), len 100, rcvd 3
…………………(省略部分debug信息)………………………………..[/img]..

类别：IGP|阅读(403)|回复(1)|赞(0)阅读全文>>

原创

2.2静态汇总路由

2008-03-02 09:54:28

2.2静态汇总路由

实验连接图

提要描述

在一种情况中，如果在子网段信息可以进行汇总的时候，我们就可以对该网段进行汇总路由，汇总路由可以减小路由条目，使路由表更加简明，如果不进行汇总就得逐个添加。
实验目标：在R3上面连接4个网段信息分别是10.1.1.1/24、10.1.2.1/24、10.1.3.1/24、10.1.4.1/24，我们希望只添加一条汇总路由就可以满足以上的需求。

基本配置

R1的配置

R2的配置

!
hostname R1
interface Serial1/1
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!
ip route 23.1.1.0 255.255.255.0 Serial1/1
!

!
hostname R2
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 23.1.1.2 255.255.255.0
no sh
!

R3的配置

!
hostname R3
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Loopback1
ip address 10.1.2.1 255.255.255.0
!
interface Loopback2
ip address 10.1.3.1 255.255.255.0
!
interface Loopback3
ip address 10.1.4.1 255.255.255.0
!
interface Serial1/0
ip address 23.1.1.3 255.255.255.0
no sh
clock rate 64000
!
ip route 12.1.1.0 255.255.255.0 23.1.1.2
!

↓调试配置及监测步骤↓

在R1上要求可以与10.1.1.0、10.1.2.0、10.1.3.0、10.1.4.0这四个子网通信，尽量减少路由条目，那么需要使用静态汇总路由。

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 10.1.0.0 255.255.0.0 12.1.1.2
检查R1路由表情况
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     23.0.0.0/24 is subnetted, 1 subnets
S       23.1.1.0 is directly connected, Serial1/1
     10.0.0.0/16 is subnetted, 1 subnets
S       10.1.0.0 [1/0] via 12.1.1.2
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/1
汇总路由建立成功，使用ping命令测试
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
U.U.U { ICMP不可到达目的主机（包可以通过路由传输到目的的子网相连接的路由，但是主机没有响应）}
Success rate is 0 percent (0/5)
Ping 失败，使用debug来查看
R1#debug ip packet
IP packet debugging is on
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
U
*Jan 6 15:30:18.271: IP: tableid=0, s=12.1.1.1 (local), d=10.1.1.1 (Serial1/1), routed via RIB
*Jan 6 15:30:18.275: IP: s=12.1.1.1 (local), d=10.1.1.1 (Serial1/1), len 100, sending
*Jan 6 15:30:18.387: IP: tableid=0, s=12.1.1.2 (Serial1/1), d=12.1.1.1 (Serial1/1), routed via RIB
*Jan 6 15:30:18.387: IP: s=12.1.1.2 (Serial1/1), d=12.1.1.1 (Serial1/1), len 56, rcvd 3
…………………………省略部分debug信息……………………….
通过debug信息可以看出去往10.1.1.1的数据包已经发出去，并且可以收到回应，但收到回应的源地址并不是要到的目的地10.1.1.1，而是R2的地址12.1.1.2！

去R2上看看路由表：
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
发现没有去往10.1.0.0的路由，手动添加上去
R2(config)#ip route 10.1.0.0 255.255.0.0 23.1.1.3
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
C       23.1.1.0 is directly connected, Serial1/1
     10.0.0.0/16 is subnetted, 1 subnets
S       10.1.0.0 [1/0] via 23.1.1.3
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
R2已经建立了10.1.1.0.0/16的静态汇总路由
回到R1上，使用ping 10.1.1.1
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!
*Jan 6 15:40:07.851: IP: tableid=0, s=12.1.1.1 (local), d=10.1.1.1 (Serial1/1), routed via RIB
*Jan 6 15:40:07.855: IP: s=12.1.1.1 (local), d=10.1.1.1 (Serial1/1), len 100, sending
*Jan 6 15:40:07.943: IP: tableid=0, s=10.1.1.1 (Serial1/1), d=12.1.1.1 (Serial1/1), routed via RIB
*Jan 6 15:40:07.943: IP: s=10.1.1.1 (Serial1/1), d=12.1.1.1 (Serial1/1), len 100, rcvd 3
…………………………省略部分debug信息……………………….
可以看到现在的ping成功了，并且受到来自10.1.1.1的回包。
继续验证是否ping通10.1.2.1、10.1.3.1、10.1.4.1
R1#ping 10.1.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/104/156 ms

R1#ping 10.1.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/80/96 ms

R1#ping 10.1.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/79/104 ms
验证全部可以ping，如果不是静态汇总路由，将需要建立4条静态路由，现在只需要一条汇总路由就完成需求，这就是汇总的好处（减少路由条目）[/img]..

类别：IGP|阅读(425)|回复(1)|赞(0)阅读全文>>

原创

2.3浮动静态路由

2008-02-26 01:25:17

2.3浮动静态路由

实验连接图

提要描述

   浮动静态路由与其他的静态路由不同，在路由表中其他静态路由总是优先于浮动静态路由，仅在首选静态路由失败的时候，浮动静态路由才会出现在路由表中。因此缺省情况下，对于到相同的目标网络，其他静态路由总是优先于浮动静态路由。
实验目标：主链路（一般静态路由）Down，备份链路（浮动静态路由）生效，主链路恢复正常，备份链路失效（在预备状态）。

基本配置

R1的配置

R2的配置

!
hostname R1
!
interface Loopback0
ip address 4.4.4.4 255.255.255.0
!
interface Serial1/0
ip address 12.1.1.1 255.255.255.0
no sh
clock rate 64000
!
interface Serial1/1
ip address 21.1.1.1 255.255.255.0
no sh
!

!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Loopback1
ip address 2.2.2.2 255.255.255.0
!
interface Loopback2
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
ip address 12.1.1.2 255.255.255.0
no sh
!
interface Serial1/1
ip address 21.1.1.2 255.255.255.0
no sh
!

↓调试配置及监测步骤↓

为R1建立浮动静态路由：
ip route 1.1.1.0 255.255.255.0 12.1.1.2
ip route 1.1.1.0 255.255.255.0 21.1.1.2 50
ip route 2.2.2.0 255.255.255.0 12.1.1.2
ip route 2.2.2.0 255.255.255.0 21.1.1.2 50
ip route 3.3.3.0 255.255.255.0 12.1.1.2
ip route 3.3.3.0 255.255.255.0 21.1.1.2 50
为R2建立浮动静态路由
ip route 4.4.4.0 255.255.255.0 12.1.1.1
ip route 4.4.4.0 255.255.255.0 21.1.1.1 50
注意：蓝色的路由形式就是浮动静态路由路由，路由后面的权值50表示指定的（管理距离），管理距离越高其路由优先权越低（权值范围在1-255之间），例如：指向下一跳地址的IPv4的静态路由的管理距离为1，而指向出站接口的静态路由的管理距离为0。如果有两条静态路由指向相同的目标网络，一条指向下一跳地址，一条指向出站接口，那么则优选后者（管理距离越低路由优先权越高）。

下面看看R1三种情况的路由表：1：正常情况---à2：主链路失效---à3：主链路恢复

正常情况
R1#show ip route
     1.0.0.0/24 is subnetted, 1 subnets
S       1.1.1.0 [1/0] via 12.1.1.2
     2.0.0.0/24 is subnetted, 1 subnets
S       2.2.2.0 [1/0] via 12.1.1.2
     3.0.0.0/24 is subnetted, 1 subnets
S       3.3.3.0 [1/0] via 12.1.1.2
     4.0.0.0/24 is subnetted, 1 subnets
C       4.4.4.0 is directly connected, Loopback0
     21.0.0.0/24 is subnetted, 1 subnets
C       21.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0
主链路失效
R1(config)#int s1/0
R1(config-if)#shutdown
*Jan 6 18:00:52.819: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down
R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
S       1.1.1.0 [50/0] via 21.1.1.2
     2.0.0.0/24 is subnetted, 1 subnets
S       2.2.2.0 [50/0] via 21.1.1.2
     3.0.0.0/24 is subnetted, 1 subnets
S       3.3.3.0 [50/0] via 21.1.1.2
     4.0.0.0/24 is subnetted, 1 subnets
C       4.4.4.0 is directly connected, Loopback0
     21.0.0.0/24 is subnetted, 1 subnets
C       21.1.1.0 is directly connected, Serial1/1
主链路恢复
R1(config)#int s1/0
R1(config-if)#no shutdown
*Jan 6 18:01:21.935: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Jan 6 18:01:22.935: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
R1#sh ip route
     1.0.0.0/24 is subnetted, 1 subnets
S       1.1.1.0 [1/0] via 12.1.1.2
     2.0.0.0/24 is subnetted, 1 subnets
S       2.2.2.0 [1/0] via 12.1.1.2
     3.0.0.0/24 is subnetted, 1 subnets
S       3.3.3.0 [1/0] via 12.1.1.2
     4.0.0.0/24 is subnetted, 1 subnets
C       4.4.4.0 is directly connected, Loopback0
     21.0.0.0/24 is subnetted, 1 subnets
C       21.1.1.0 is directly connected, Serial1/1
     12.0.0.0/24 is subnetted, 1 subnets
C       12.1.1.0 is directly connected, Serial1/0

通过以上对R1 S1/0接口的关开，可以看到3个路由表的变化（主备/链路的切换）。

提示：在每条路由条目中的括号内的数字是，例如[1/0]，前者指定了管理距离为1，后者指定度量值为0（因为静态路由没有度量值）。因此对于相同的目标网络，缺省情况下，到相同目标网络的静态路由总是优先于动态路由。[/img]..

类别：IGP|阅读(673)|回复(2)|赞(0)阅读全文>>

sharkii 的BLOG

资料整理

博客统计信息

热门文章

搜索BLOG文章

最新评论

51CTO推荐博文

51CTO推荐博客

文章

4.1 IGRP的实现