level0 6 rip
lo0 R2 s1/1 12.16.12.2------12.16.12.1 s1/0 R1 s1/1 13.16.13.1--------s1/0 13.16.13.3 R3
lo0:2.2 r1(R2) s1/0 ---- s2/0 r1(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
R1 loopback 0 1.1.1.1
R2 loopback 0 2.2.2.2
R3 loopback 0 3.3.3.3
step 1...
r1:
en
config t
banner motd #
welcome to beijing onetom
#
disable
en
config t
enable password cisco
service pasword-encryption
hostname R2
no ip domain-lookup
line console 0
exec-timeout 0 0
logging synchronous
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 12.16.12.2 255.255.255.0
no shutdown
end
r2
en
config t
banner motd $
Welcome to Handsome boy
$
end
disable
en
config t
enable password cisco
service password-encryption
hostname R1
no ip domain-lookup
line console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s2/0
ip add 12.16.12.1 255.255.255.0
no shutdown
exit
int s1/0
ip add 13.16.13.1 255.255.255.0
no shutdown
exit
r3
en
config t
banner motd %
www.Handsome boy.com
%
end
disable
en
config t
hostname R3
enable password cisco
service password-encryption
no ip domain-lookup
line console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 3.3.3.3 255.255.255.255
exit
int s2/0
ip add 13.16.13.3 255.255.255.0
no shutdown
exit
r1 show ip int bri
r2 show ip int bri
r3 show ip int bri
R1 ping 12.16.12.2
R1 Ping 13.16.13.3
r1 config t
ip classless
ip subnet-zero
end
r2 config t
ip classless
ip subnet-zero
end
r3 config t
ip classless
ip subnet-zero
end
r2 int s2/0
no ip route-cache
end
-------------------------------------------------------------
step 2.....
r2 debug ip packet
r2 debug ip icmp
r2 unde all
r1 show ip route
r2 show cdp ?
show cdp neighbors ?
show cdp neighbos detail
show ip route
r1 show ip route
r3 show ip route
r1 config t
alias exec rt show ip route
alias exec on show ip ospf neighbor
end
r1 rt
r1 on
r2 config t
alias exec rt show ip route
alias exec on show ip ospf neighbor
end
r2 rt
r2 on
r3 config t
alias exec rt show ip route
alias exec on show ip ospf neighbor
end
r3 rt
r3 on
r1 show run
r2 show run
r3 show run
R1 #copy running-config startup-config
R2 #copy running-config startup-config
R3 #copy running-config startup-config
---------------------------------------------------------------
step 3..........
r1 show ip int bri
r2 show ip int bri
r3 show ip int bri
r2 config t
router rip
network 12.16.12.0 让R某个接口启动RIP
network 2.2.2.2
end
r1 config t
router rip
network 12.16.12.0 最终会被汇总成12.0.0.0 主网
network 13.16.13.0
network 1.1.1.1
end
r3 config t
router rip
network 13.16.13.0
network 3.3.3.3
end
r2 show ip route rip
r1 show ip route
r3 show ip route
r3 show ip route rip
r2 ping 3.3.3.3
!!!!!
r2 show ip protocols 可以看RIP的信息 更新时间啊
r3 show ip protocols
r2#disable
r2>traceroute 3.3.3.3
r3#disbale
r3>trace 2.2.2.2
r2>en
r2 debug ip rip 看它的传递数据信息
r2#ping 3.3.3.3
unde all
r3>en
r3 debug ip rip
r3 ping 2.2.2.2
unde all
===================================================================
计时器
r1 show ip route rip
r1 show ip route rip
r1 show ip route rip 每条路由都是有计时器的
r1 debug ip rip 我们看是不是30S 发一个给R2。 还可以看它发的是不是它的全路由
unde all
r2 debug ip rip 在loopback口是看不到的 因为没人给它发的 。
unde all
注意RIP有个随机抖动的时间。
r3 config t
router rip
timers basic 10.15,15.25 /30 180 180 240 最好不要改这是看效果
passive-interface s2/0
end
r1 debug ip packet detail 看具体的IP包是哪些
可以看到UDP SRC=520 DST=520 这个是RIP包
r1 unde all
r1 show ip route rip 同时打开R2debug ip rip看失效后发送的是16跳
r1 show ip route rip 计时器有助我们排错 我们可以看它的有没有发更新
r 3.0.0.0/8 is possibly down, routing via 13.1.1.3 serial 1/0 这条线路已经无效了
r1 ping 3.3.3.3
!!!!! 这是因为这条路由还没被刷新计时器动作。直到holddown timer计时器起作用 这路由才会从路由表下掉 这是后面的更新就没有这路由了。
r2 show ip protocols 看计时器
R2 config t
router rip
timers basic 10.
timers baisc 10.15,15.25 最好不要改
r2 show ip route rip
r2 show ip protocols
==============================================================
被动接口 单播更新
R1 F0/0 100.1.1.0-----R2 F0 100.1.1.2-------R3 F0 100.1.1.3
以上接的以太网 以太网任何两点连着的。
r1 loopback 0 1.1.1.1
r2 loopback 0 2.2.2.2
r3 loopback 0 3.3.3.3
R1
en
config t
enable password cisco
hostname R1
no ip domain-lookup
lin console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
interface f0/0
no shutdown
ip add 100.1.1.1 255.255.255.0
inter lo 0
ip add 1.1.1.1 255.255.255.255
end
R2
en
config t
enable password cisco
hostname R2
no ip domain-lookup
lin consle 0
exec-timeout 0 0
logging syn
password zhou
no login
exit
line vty 0 4
password zhou
no login
exit
line aux 0
no login
no password
exit
interface f0/0
no shutdown
ip add 100.1.1.2 255.255.255.0
inter lo 0
ip add 2.2.2.2 255.255.255.255
end
R3
en
config t
enable password cisco
hostname R3
no ip domain-lookup
lin consle 0
exec-timeout 0 0
logging syn
password zhou
no login
exit
line vty 0 4
password zhou
no login
exit
line aux 0
no password
no login
exit
interface f0/0
no shutdown
ip add 100.1.1.3 255.255.255.0
inter lo 0
ip add 3.3.3.3 255.255.255.255
end
r1 ping 100.1.1.2
!!!!!
r1 ping 100.1.1.3
!!!!!
--------------------------------
r2 config t
router rip
network 100.1.1.0
network 2.2.2.2
end
r1 config t
router rip
network 100.1.1.0
network 1.1.1.1
end
r3 config t
router rip
network 100.1.1.0
network 3.3.3.3
end
r1 show ip route rip
看看学到那些路由
r2 show ip route rip
r3 show ip route rip
r1 debug ip rip
看它的发送255.255.255.255. source 地址
r1 unde all
r1 debug ip packet detail 看具体的IP包是哪些
可以看到UDP SRC=520 DST=520 这个是RIP包
r1 unde all
r1 config t
router rip
neighbor 100.1.1.2
end
r1 debug ip packet detail
可以看到目标不是255.255.255.255 了。
但它跟别的R依然是255.255.255.255.
r2 config t
router rip
neighbor 100.1.1.1
end
r1 show ip route rip
r3 show ip route rip 可以看到他们还是没有超时
现在我们取消邻居 看passive掉的
r1 config t
router rip
no neighbor 100.1.1.2
end
r2 config t
router rip
no neighbor 100.1.1.1
end
r1 config t
router rip
passive-interface f0/0
end
r1 debug ip rip
可以看它不会在发送更新
unde all
r2 debug ip rip
unde all
r3 debug ip rip
unde all
r2 show ip route rip
r3 show ip route rip
r1 config t
router rip
no passive-interface f0/0
end
r1 show ip rip
想想RIP 4个计时器
r2 show ip rip
r3 show ip rip
r1 config t
router rip
passive-interface f0/0
end
r2 config t
router rip
passive-interface f0/0
end
r3 show ip route rip
r3 clear ip route *
r2 clear ip route *
r1 show ip route rip 它有3的路由没有2的路由
r2 show ip route rip 它有3的路由没有1的路由
r3 show ip route rip 他是没有路由的
r1 config t
router rip
neighbor 100.1.1.2 发单播
end
r2 config t
router rip
neighbor 100.1.1.1 发单播
end
r2 debug ip rip 看到发送到100.1.1.1 的路由 这说明了单播是可以穿越被动的passive.
unde all
r1 debug ip rip
unde all
r1 show ip route rip
r3 show ip route rip R3还是没有路由的
r1 ping 2.2.2.2 source loopback 0
!!!!!
r1 ping 3.3.3.3 source loopback 0
......
r2 ping 1.1.1.1 source loopback 0 要用loopback去拼
!!!!!
r2 ping 3.3.3.3 source loopback 0
.....
要是用ip地址去拼肯定拼的通 因为以太网两点之间是直连的。
========================================================================
路由过滤
lo0 R2 s1/1-12.1.1.2------12.1.1.1 s1/0 R1 s1/1-13.1.1.1--------s1/0 13.1.1.3 R3
lo0:2.2 r1(R2) s1/0 ---- s2/0 r1(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
R1 loopback 0 1.1.1.1
R2 loopback 0 2.2.2.2
R3 loopback 0 3.3.3.3
loopback0 192.168.0.1
192.168.1.1
192.168.2.1
192.168.3.1
step 1...
r1:
en
config t
enable password cisco
service passord-encryption
hostname R2
no ip domain-lookup
lin console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no login
no password
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 12.1.1.2 255.255.255.0
no shutdown
end
r2
en
config t
enable password cisco
service passord-encryption
hostname R1
no ip domain-lookup
lin console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s2/0
ip add 12.1.1.1 255.255.255.0
no shutdown
exit
int s1/0
ip add 13.1.1.1 255.255.255.0
no shutdown
exit
r3
en
config t
enable password cisco
service passord-encryption
hostname R3
no ip domain-lookup
lin console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no login
no password
exit
int lo 0
ip add 3.3.3.3 255.255.255.255
ip add 192.168.0.1 255.255.255.255 secondary
ip add 192.168.1.1 255.255.255.255 secondary
ip add 192.168.2.1 255.255.255.255 secondary
ip add 192.168.3.1 255.255.255.255 secondary
exit
int s2/0
ip add 13.1.1.3 255.255.255.0
no shutdown
exit
R1 ping 12.1.1.2
R1 Ping 13.1.1.3
----------------------------------------------
r1 show ip route rip
r2 show ip route rip 也学到192.168.0.1 4个网段
我们做过滤 过滤有IN/OUT 这是有区别的 IN先过滤再装表,OUT先装表再过滤。
r1 config t
access-list 10 ?
access-list 10 deny 192.168.0.0 0.0.0.255
access-list 10 permit any 因为它是默认拒绝的
r1 show ip access-list
r1 config t
router rip
#?
distribute-list ?
distribute-list 10 ?
distribute-list 10 in ?
distribute-list 10 in s1/0
end
r1 clear ip route *
r1 show ip route
可以发现它没有这条路由 过滤了
r2 clear ip route *
r2 show ip router
没有这条路由
r1 debug ip rip 看R3 有没有发出来
可以看R3 发出了
unde all
r1 show ip protocol
可以看它做的动作
ri show ip access-list
现在我们换过来再出口做
r1 config t
router rip
no distribute-list 10 in s1/0
distribute-list 10 out s2/0
end
r2 show ip route rip 看它有没那条路由
r1 show ip route rip 看它有没那条路由
r1 clear ip route *
r1 debug ip rip
unde all
===========================================================
路由偏移 offset
lo0 R2 s1/1-12.1.1.2------12.1.1.1 s1/0 R1 s1/1-13.1.1.1--------s1/0 13.1.1.3 R3
lo0:2.2 r1(R2) s1/0 ---- s2/0 r2(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
R3 s1/0--------------s2/0 R2
接上面的实验
r2 show ip route rip
r2 debug ip rip 看它受到的路由
unde all
r2 show ip route rip
R1 debug ip rip
看3.0.0.0 是多少跳
r3 config t
access-list 10 permit 3.0.0.0 0.0.0.0.255
router rip
#?
offset-list ?
offset-list 10 ?
offset-list 10 out 5 s2/0
end
r3 debug ip rip
看它传出去几跳
unde all
r2 show ip route rip
r2#traceroute 3.3.3.3 跟踪路由
现在让它从R3走 在R1做进站偏移
r1 config t
access-list 10 permit 3.0.0.0
router rip
offset-list 10 ?
offset-list 10 in ?
offset-list 10 in 2 s1/0
end
r1 debug ip rip
看R3传过来是几跳
unde all
r3 debug ip rip
看R3 发出去3.0.0.0是几跳
unde all
r1 show ip route rip
r2# traceroute 3.3.3.3
r2 config t
router rip
offset-list ?
offset-list 10 ?
end
===================================================================
边界路由 边界R:被不同的主网分开号的产生了边界。R发现有边界的时候他会发主网号
边界汇总:减少路由条目,
lo0 R2 s1/1-12.1.1.2------12.1.1.1 s1/0 R1 s1/1-13.1.1.1--------s1/0 13.1.1.3 R3
lo0:2.2 r1(R2) s1/0 ---- s2/0 r1(R1) lo0 1.1 s1/0 -------- s2/0 r3 lo0 3.3
R1 loopback0 1.1.1.1
R2 loopback0 2.2.2.2
100.2.2.2
R3 loopback0 3.3.3.3
100.1.1.3
step 1...
r1:
en
config t
enable password cisco
service password-encryption
hostname R2
no ip domain-lookup
line console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 12.1.1.2 255.255.255.0
no shutdown
end
r2
en
config t
enable password cisco
service password-encryption
hostname R1
no ip domain-lookup
lin console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no login
no password
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s2/0
ip add 12.1.1.1 255.255.255.0
no shutdown
exit
int s1/0
ip add 13.1.1.1 255.255.255.0
no shutdown
exit
r3
en
config t
enable password cisco
service password-encryption
hostname R3
no ip domain-lookup
line console 0
exec-timeout 0 0
logging syn
password zhou
login
exit
line vty 0 4
password zhou
login
exit
line aux 0
no password
no login
exit
int lo 0
ip add 3.3.3.3 255.255.255.255
exit
int s2/0
ip add 13.1.1.3 255.255.255.0
no shutdown
exit
R1 ping 12.1.1.2
R1 Ping 13.1.1.3
-------------------------------------------------------------
r3 show ip interface brief
r2 show ip int bri
r1 config t
router rip
network 1.1.1.1
network 12.1.1.0
network 13.1.1.0
end
r2 config t
router rip
network 2.2.2.2
network 12.1.1.0
end
r3 config t
router rip
network 3.3.3.3
network 13.0.0.0
end
r2 show ip route rip
r3 show ip route rip
r1 show ip route rip
r2 debug ip rip
发的是2.0.0.0
unde all
r3 debug ip rip
发的事3.0.0.0 不是3.3.3.3 这个就RIP 边界问题
unde all
r2 config t
int lo 10
ip add 12.2.2.1 255.255.255.0
end
r2 show ip protocol
r1 show ip rip
这里我们看到的是
r2 debug ip rip
看到他会发12.0.0.0之外还会发过子网12.2.2.0出去
因为lo0 发出去的12.2.2.0 和s1/0上的12.0.0.0是同一个主网的所以是没有边界的 没有边界就可以不用发主网号直接发子网。
但S1/0和lo 10 发给lo 0时会汇总成12.0.0.0
unde all
r3 config t
int lo 0
ip add 100.3.3.3 255.255.255.0 secondary
end
r3 config t
router rip
network 100.3.3.0
end
r2 config t
int lo 0
ip add 100.2.2.2 255.255.255.0 secondary
end
r2 config t
router rip
network 100.2.2.0
end
r3 show ip protocol
routing for networks:
3.0.0.0
13.0.0.0
100.0.0.0
r2 show ip protocol
routing for networks:
2.0.0.0
12.0.0.0
100.0.0.0
r3 debug ip rip
要知道因为边界R3传给R1的是100.0.0.0和3.0.0.0
undebug
r2 dubug ip rip
要知道因为边界R2传给R1的是100.0.0.0和2.0.0.0 subnet12.2.2.0
undebug
r1 show ip route rip
这里要看100.0.0.8 两条路 因为都是1跳 所以负载均衡了
R 100.0.0.0/8 [120/1] via 12.1.1.2 00:00:12 serial 2/0
[120/1] via 13.1.1.3 00:00:20 serial 1/0
r1 ping 100.3.3.3
!!!!
r1 ping 100.2.2.2
!!!!
r1 config t
no ip cef 基于源目的快速转发 cisco
end
r1 ping 100.3.3.3
!u!u!! 它丢包了
r1 ping 100.2.2.2
!!u!u
它除了有CEF还有
r1 config t
int s2/0
no ip route-cache 基于数据包一个包走上一个包走下
inter s1/0
no ip route-cache
end
r1 ping 100.3.3.3
!U!U!
r1 ping 100.2.2.2
U!U!U
要解决这个问题
就用rip version 2带子网汇总
r2 config t
router rip
version 2 在V1上关闭路由汇总是没有用的 因为V1根本不认输子网掩码
#?
no auto-summary
end
r3 clear ip route*
r1 show ip router rip
--------------------------------------------------------------------
位置 C:\Users\Administrator\Documents
RIP协议命令大全
RIP和RIPNG
RIP V1 和V2配置所使用的命令
Ra(config)#router rip 起用RIP路由协议
Ra(config-routr)#network 192.168.1.0 在路由进程中宣告该网段并启动IP地址在该网段内的接口上的RIP进程
Ra(config-router)#passive-interface e0 指定某接口上不发出路由条目通告,但可以接收通告
Ra(config-router)#output-delay 50 发出的每一个路由通告数据包之间间隔50毫秒
Ra(config-router)#offset-list 1 out/in 3 发出(收到)的路由通告的METRIC加3
Ra(config-if)#ip rip triggered 在该接口上(串口)不发出周期性路由更新,只在路由表变化时发出变化的那一部分路由条目
Ra#show ip protocol 显示路由器上现在正运行的路由协议
Ra#show ip route 显示路由表内容
Ra#debug ip rip 调试RIP路由协议的运行情况
Ra#debug ip rip triggerer 调试RIP路由进程的触发更新路由的情况
Ra(config-router)#neighbor 192.168.2.1 定义邻居,所有发到该邻居的路由更新将用单播地址,而不是广播或组播
Ra(config-router)#timer basic 30 180 180 240 定义RIP各定时器(update,expire,hold,flush)
Ra(config-router)#version 2 指定运行RIPV2版本
Ra(config-if)#ip rip send version 1 2 指定接口上发送路由更新的版本
Ra(config-if)#ip rip receive version 1 2 指定接口接收路由更新的版本
Ra(config-router)# ip split-horizon 起用水平分割(默认是开启的)
Ra(config-router)#auto-summry 启用自动地址归纳
Ra(config)# key chain Tewa 定义钥匙串
Ra(config-keychain)#key 1 定义钥匙
Ra(config-keychain-key)#key-string abc 定义密钥
Ra(config-if)# ip rip authentication key-chain Tewa 定义将在接口上使用的钥匙
Ra(config-if)#ip rip authentication mode md5 指出使用MD5算法验证密钥
Ra(config-keychain-key)# accept-lifetime 16:30:00 Jul 1 2004 duration 43200
Ra(config-keychain-key)# send-lifetime 16:30:00 Jul 1 2004 duration 43200
Ra(config-keychain-key)# accept-lifetime 04:00:00 Jul 2 2004 13:00:00 Dec 31 2004
Ra(config-keychain-key)# send-lifetime 04:00:00 Jul 2 2004 13:00:00 Dec 31 2004
Ra(config-keychain-key)# accept-lifetime 12:30:00 Dec 31 2004 infinite
Ra(config-keychain-key)# send-lifetime 12:30:00 Dec 31 2004 infinite
Ra(config)#ip classless 将路由器查找路由表的方式改成最长前缀匹配模式(不按地址类别)
RIPNG配置使用的命令
RIPNG配置方法同RIP不同,它只需要在全局打开IPV6 UNICAST-ROUTE后,在要运行的接口上配置IPV6 RIP XXX ENABLE就可以了.进程名相同的接口之间可以交换RIPNG的路由更新,进程名不同的接口之间则不交换,用这种方式来隐性的定义不同的RIPNG路由域.同一接口可属于不同的路由域.RIPNG同他的前辈有三个主要的不同:一是取消了验证机制,利用IPV6的AH头和ESP头来完成验证;二是发出的路由更新包增加了一个,由原来的一个包里既有路由条目和下一跳信息改成发出两个包,一个包里是路由条目,一个包里是专门的下一跳信息,同时更新包的大小也由原来的512K改成只受MTU控制;三是增加了进程号机制,网络大小由原来的最多16台的半径变成可以有无限台路由器相连的网络都跑RIP,以进程号来限制同一域内仍然是16跳的半径.不同的进程之间可以都用同一组播地址但要求使用不同的端口号.
Ra(config-if)#ipv6 rip abc enable 启用进程名称为ABC的RIPNG
Ra(config)#ipv6 router rip abc 进入名为ABC的路由进程中
Ra(config-rtr)#port 522 multicast-gorup ff02::9 定义ABC使用的端口号和组播地址
Ra#show ipv6 rip 显示每一个RIPNG进程配置情况
Ra#debug ipv6 rip 调试ipv6运行情况
Ra(config-rtr)#timers 30 180 0 120 自定义该进程使用的定时(update,timeout,holdtime,flush)
Ra(config-rtr)#distance 120 自定义该进程使用的管理距离
Ra(config-rtr)#maximum-path 16 自定义等开销负载均衡的路径数
Ra(config-rtr)# poison-reverse 打开反向毒化(默认是关闭的)
Ra(config-rtr)# split-horizon 打开水平分割(默认是开的)
Ra(config-if)#ipv6 rip abc metric-offset 4 从该接口发出的该进程的所有路由度量加4
