CCIE-13-DMVPN

最新推荐文章于 2024-07-19 17:35:15 发布
最新推荐文章于 2024-07-19 17:35:15 发布
阅读量874 收藏 11
点赞数 19
文章标签: 网络 CISCO OSPF EIGRP IPSEC DMVPN NHRP
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Linux7985/article/details/137395453
版权

目录

实验条件

网络拓朴

在这里插入图片描述

环境配置

在我的资源里可以下载(就在这篇文章的开头也可以下载)
在这里插入图片描述

开始配置

先检测3台路由都能通过公网IP互联互通、

R2#ping 13.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.1.1.3, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms
R2#ping 14.1.1.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.1.1.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R2#

基础有了

部署MGRE

R2interface tunnel0
 ip address 10.1.1.2 255.255.255.0
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

R3interface tunnel0
 ip address 10.1.1.3 255.255.255.0
 tunnel source Ethernet0/1
 tunnel mode gre multipoint

R4interface tunnel0
 ip address 10.1.1.4 255.255.255.0
 tunnel source Ethernet0/2
 tunnel mode gre multipoint

部署NHRP

R2 Hubinterface tunnel0
 ip nhrp network 100
 ip nhrp authentication D-CISCO
 ip nhrp map multicast dynamic

R3 Spokeinterface tunnel0
 ip nhrp network 100
 ip nhrp authentication D-CISCO
 ip nhrp map 10.1.1.2 12.1.1.2
 ip nhrp map multicast 12.1.1.2
 ip nhrp nhs 10.1.1.2

R4 Spokeinterface tunnel0
 ip nhrp network 100
 ip nhrp authentication D-CISCO
 ip nhrp map 10.1.1.2 12.1.1.2
 ip nhrp map multicast 12.1.1.2
 ip nhrp nhs 10.1.1.2

检测网络是否连通(私网IP)

R4#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R4#ping 10.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R4#

部署动态路由协议

OSPF协议

宣告网络时,注意不能宣告公网的IP(12段、13段、14段网络),
只宣告公网,不宣告私网IP,无法建立邻居,因为没有私网的IP,MGRE不会把hello包报文通过tunnel转发给HUB,
同时宣告公网和私网IP,会造成邻居关系翻滚。也不行
只能宣告私网IP以及除tunnel source口IP的其它IP。

R2 Hub:
router ospf 100
 router-id 2.2.2.2
 network 10.2.2.2 0.0.0.0 area 0
 network 10.1.1.0 0.0.0.255 area 0

R3 Spoke:
router ospf 100
 router-id 3.3.3.3
 network 10.3.3.3 0.0.0.0 area 0
 network 10.1.1.0 0.0.0.255 area 0

R4 Spoke:
router ospf 100
 router-id 4.4.4.4
 network 10.4.4.4 0.0.0.0 area 0
 network 10.1.1.0 0.0.0.255 area 0

检查配置结果
R2,R3,R4一直报错

R2(config-router)#
*Apr  5 15:39:26.093: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from LOADING to FULL, Loading Done
*Apr  5 15:39:26.097: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.098: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.099: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.099: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.100: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.101: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.101: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.102: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:26.102: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
R2(config-router)#
*Apr  5 15:39:27.096: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.097: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from LOADING to FULL, Loading Done
*Apr  5 15:39:27.097: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.098: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.098: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.099: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.100: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.100: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.106: %OSPF-5-ADJCHG: Process 100, Nbr 3.3.3.3 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset
*Apr  5 15:39:27.106: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from EXCHANGE to DOWN, Neighbor Down: Adjacency forced to reset

因为默认tunnel接口的ospf网络类型是p2p,这样的话OSPF认为对方是一个路由器,所以一会儿收到R3的hello就和R3建邻居,一会儿收到R4的hello包就重置R3的邻居重新和R4建邻居,造成邻居关系翻滚。因此把接口类型改成点对多点即可以(也可以修改成为广播类型,不过样的话,需要手动指定R2为DR类型才可以)。
修改

R2/R3/R4interface tunnel0
 ip ospf network point-to-multipoint

随后提示邻居起来,路由传递成功。

网络优化

R3#traceroute 10.1.1.4
Type escape sequence to abort.
Tracing the route to 10.1.1.4
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.2 1 msec 1 msec 0 msec
  2 10.1.1.4 1 msec *  1 msec
R3#

现在所有的网络流量都需要从R2走,调整一下策略,让SPOKE之间动态的建立路由,直接通信
可以进行以下修改

R2interface tunnel 0
 ip nhrp redirect

R3interface tunnel 0
 ip nhrp shortcut
 
R4interface tunnel 0
 ip nhrp shortcut

再次测试

R3#traceroute 10.4.4.4
Type escape sequence to abort.
Tracing the route to 10.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.2 1 msec 0 msec 0 msec
  2 10.1.1.4 5 msec *  6 msec
!前几个包需要触发两个SPOKE之间建立连接,所以可能还是和之前一样

R3#traceroute 10.4.4.4        
Type escape sequence to abort.
Tracing the route to 10.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.4 6 msec *  5 msec
  
!路由条目前面出现了%, 下一跳被覆盖了
R3#show ip route 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 13.1.1.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 13.1.1.1
      10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
O        10.1.1.2/32 [110/1000] via 10.1.1.2, 00:11:06, Tunnel0
L        10.1.1.3/32 is directly connected, Tunnel0
O   %    10.1.1.4/32 [110/2000] via 10.1.1.2, 00:07:59, Tunnel0
O        10.2.2.2/32 [110/1001] via 10.1.1.2, 00:11:06, Tunnel0
C        10.3.3.3/32 is directly connected, Loopback0
O   %    10.4.4.4/32 [110/2001] via 10.1.1.2, 00:07:59, Tunnel0
      13.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        13.1.1.0/24 is directly connected, Ethernet0/1
L        13.1.1.3/32 is directly connected, Ethernet0/1

!通过查看show ip nhrp shorcut也能发现下一跳有变化:
R3#show ip nhrp shortcut
10.1.1.4/32 via 10.1.1.4
   Tunnel0 created 00:04:14, expire 00:06:01
   Type: dynamic, Flags: router nhop rib nho 
   NBMA address: 14.1.1.4 
10.4.4.4/32 via 10.1.1.4
   Tunnel0 created 00:03:58, expire 00:06:01
   Type: dynamic, Flags: router used rib nho 
   NBMA address: 14.1.1.4 
R3#

EIGRP协议

注:配置EIGRP前先清空OSPF配置
配置EIGRP

R2:
router eigrp 100
 router-id 2.2.2.2
 network 10.1.1.0 0.0.0.255
 network 10.2.2.2 0.0.0.0
 
R3:
router eigrp 100
 router-id 3.3.3.3
 network 10.1.1.0 0.0.0.255
 network 10.3.3.3 0.0.0.0
 
R4:
router eigrp 100
 router-id 4.4.4.4
 network 10.1.1.0 0.0.0.255
 network 10.4.4.4 0.0.0.0

检查路由表

R2(config-router)#do show ip route
......
S*    0.0.0.0/0 [1/0] via 12.1.1.1
      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.2/32 is directly connected, Tunnel0
C        10.2.2.2/32 is directly connected, Loopback0
D        10.3.3.3/32 [90/27008000] via 10.1.1.3, 00:00:18, Tunnel0
D        10.4.4.4/32 [90/27008000] via 10.1.1.4, 00:00:14, Tunnel0
      12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        12.1.1.0/24 is directly connected, Ethernet0/0
L        12.1.1.2/32 is directly connected, Ethernet0/0


R3(config-router)#do show ip route
......
S*    0.0.0.0/0 [1/0] via 13.1.1.1
      10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.3/32 is directly connected, Tunnel0
D        10.2.2.2/32 [90/27008000] via 10.1.1.2, 00:01:07, Tunnel0
C        10.3.3.3/32 is directly connected, Loopback0
      13.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        13.1.1.0/24 is directly connected, Ethernet0/1
L        13.1.1.3/32 is directly connected, Ethernet0/1


R4(config-router)#do show ip route 
......
S*    0.0.0.0/0 [1/0] via 14.1.1.1
      10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.4/32 is directly connected, Tunnel0
D        10.2.2.2/32 [90/27008000] via 10.1.1.2, 00:01:18, Tunnel0
C        10.4.4.4/32 is directly connected, Loopback0
      14.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        14.1.1.0/24 is directly connected, Ethernet0/2
L        14.1.1.4/32 is directly connected, Ethernet0/2

现在配置了EIGRP后,R2能收到R3和R4传给它的路由,
但是R3和R4收不到彼此通告的路由,这是由于EIGRP是距离矢量协议,传递的就是路由信息,R2能从tunnel口收到R3通告的路由,但由于水平分割的原因不会再从tunnel口发送出去,所以R4收不到该路由;同理,R3收不到R4的路由
R2的tunnel0关闭EIGRP水平分割,让SPOKE之间可以互相收到对方的路由

R2#conf t 
R2(config)#interface tunnel 0
R2(config-if)#no ip split-horizon eigrp 100

R3(config-router)#do show ip route 
......
S*    0.0.0.0/0 [1/0] via 13.1.1.1
      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.3/32 is directly connected, Tunnel0
D        10.2.2.2/32 [90/27008000] via 10.1.1.2, 00:04:45, Tunnel0
C        10.3.3.3/32 is directly connected, Loopback0
D        10.4.4.4/32 [90/28288000] via 10.1.1.2, 00:00:35, Tunnel0
      13.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        13.1.1.0/24 is directly connected, Ethernet0/1
L        13.1.1.3/32 is directly connected, Ethernet0/1


R4(config-router)#do show ip route 
......
S*    0.0.0.0/0 [1/0] via 14.1.1.1
      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.4/32 is directly connected, Tunnel0
D        10.2.2.2/32 [90/27008000] via 10.1.1.2, 00:05:05, Tunnel0
D        10.3.3.3/32 [90/28288000] via 10.1.1.2, 00:00:57, Tunnel0
C        10.4.4.4/32 is directly connected, Loopback0
      14.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        14.1.1.0/24 is directly connected, Ethernet0/2
L        14.1.1.4/32 is directly connected, Ethernet0/2

现在R3和R4能收到彼此的环回口路由了(之前NHRP配置了Redirect和shortcut仍然有效)

R4#traceroute 10.3.3.3
Type escape sequence to abort.
Tracing the route to 10.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.2 1 msec 0 msec 1 msec
  2 10.1.1.3 6 msec *  1 msec
  
R4#traceroute 10.3.3.3
Type escape sequence to abort.
Tracing the route to 10.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.3 1 msec *  0 msec
  
R4#show ip nhrp shortcut
10.1.1.3/32 via 10.1.1.3
   Tunnel0 created 00:00:51, expire 00:09:08
   Type: dynamic, Flags: router nhop rib 
   NBMA address: 13.1.1.3 
10.3.3.3/32 via 10.1.1.3
   Tunnel0 created 00:00:51, expire 00:09:08
   Type: dynamic, Flags: router used rib nho 
   NBMA address: 13.1.1.3

需要注意看R2的tunnel0接口下有没有被配置了(ip next-hop-self eigrp 100),如果被配置的话,需要no掉,不然,路由的下一跳仍然指向R2,这样就达不到优先网络的目的了。

配置IPsec

R2上配置IPSec

!配置身份认证时,对端peer由于是动态的,需要用0.0.0.0
crypto isakmp policy 10
 encryption aes 256
 authentication pre-share
 hash sha256
 group 5
 lifetime 3600
crypto isakmp key d-cisco address 0.0.0.0
crypto ipsec transform-set MYSET esp-aes 256 esp-sha256-hmac
 mode transport
crypto ipsec profile MYPROFILE
 set transform-set MYSET

interface tunnel0
 tunnel protection ipsec profile MYPROFILE

R3/R4上配置IPSec

!配置身份认证时,对端peer由于是动态的,需要用0.0.0.0
crypto isakmp policy 10
 encryption aes 256
 authentication pre-share
 hash sha256
 group 5
 lifetime 3600
crypto isakmp key d-cisco address 0.0.0.0
crypto ipsec transform-set MYSET esp-aes 256 esp-sha256-hmac
 mode transport
crypto ipsec profile MYPROFILE
 set transform-set MYSET

interface tunnel0
 tunnel protection ipsec profile MYPROFILE

检测结果

R4#traceroute 10.3.3.3                                         
Type escape sequence to abort.
Tracing the route to 10.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.2 5 msec 5 msec 5 msec
  2 10.1.1.3 6 msec *  5 msec
R4#traceroute 10.3.3.3
Type escape sequence to abort.
Tracing the route to 10.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.3 5 msec *  7 msec
R4#show crypto session
Crypto session current status

Interface: Tunnel0
Session status: UP-ACTIVE     
Peer: 13.1.1.3 port 500 
  Session ID: 0  
  IKEv1 SA: local 14.1.1.4/500 remote 13.1.1.3/500 Active 
  Session ID: 0  
  IKEv1 SA: local 14.1.1.4/500 remote 13.1.1.3/500 Active 
  IPSEC FLOW: permit 47 host 14.1.1.4 host 13.1.1.3 
        Active SAs: 2, origin: crypto map

Interface: Tunnel0
Session status: UP-ACTIVE     
Peer: 12.1.1.2 port 500 
  Session ID: 0  
  IKEv1 SA: local 14.1.1.4/500 remote 12.1.1.2/500 Active 
  Session ID: 0  
  IKEv1 SA: local 14.1.1.4/500 remote 12.1.1.2/500 Active 
  IPSEC FLOW: permit 47 host 14.1.1.4 host 12.1.1.2 
        Active SAs: 4, origin: crypto map

在这里插入图片描述
数据通讯已被加密

烈火蜓蜻
关注
  • 19
    点赞
  • 11
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 1
    评论
CCIE-LAB-第十一篇-DMVPN+IPSEC+BGP
weixin_48137911的博客
02-26 818
CCIE-LAB-第十一篇-DMVPN+IPSEC+BGP 实际中,思科只会给你5个小时去做下面的全部配置 这个是CCIE-LAB的拓扑图 问题 翻译: 根据以下要求纠正导致DC、Branch3和Branch4之间的DMVPN连接中断的配置问题:DMVPN必须在Ipsec保护的第3阶段模式2下运行。使用FVRF方法,保护DMVPN操作不受涉及隧道3的任何潜在递归路由问题的影响。不要创建任何新的VRFS4。不要更改隧道接口上的隧道源命令5。在辐条上,不添加新的BGP邻居,重用当前正在根据需要更改其VRF成
CCIE-LAB-第十二篇-EIGRP+EIGRP末节区域+leak map+分发列表
weixin_48137911的博客
02-26 313
CCIE-LAB-第十二篇-EIGRP+EIGRP末节区域+leak map+分发列表 实际中,思科只会给你5个小时去做下面的全部配置 这个是CCIE-LAB的拓扑图 问题 翻译:1.确保分支3分支4只能通过EIGRPn DMVPN2接收默认路由。默认路由发起必须在r24上完成,而不使用任何静态路由、重新分配或路由筛选器3。不允许修改分支#3中r6 l和r62的配置以完成此任务4。允许在分支#4中的r70配置中添加命令以完成此任务;r70上的任何现有配置都不能被删除以完成此任务。根据这些要求,在分支#3
CCIE-DMVPN
fa_nei_kuang_tu的博客
09-06 472
2021.9.5 她向我跑来,怎么能如此美好 DMVPN 技术背景 VPN 的建立模型通常有两种: Hub-Spoke(星型结构)和Full-Mesh (网状结构) 以上两种模式均存在较大的弊端 星型结构 中心站点(Hub) 配置量大, 资源消耗大, 因为它需要同每一个远端分支站点建立IPSec VPN, 可能同时维护多套SA. 中心站点扩展性不好, 因为每当一个新的远端分支站点加入时, 中心站点都需要为新加入的远端分支站点提供对应配置来建立IPSec VPN. IPSe
CCIE-DMVPN OSPF
fa_nei_kuang_tu的博客
09-10 245
2021.9.9
CCIE-DMVPN阶段二
fa_nei_kuang_tu的博客
09-06 446
2021.9.6 我们的故事要开始了吗? NHRP 一种二层协议, 用于在NHC (Client, Spoke) 和NHS(Server, Hub) 之间完成实际公网地址与Tunnel 虚拟地址的映射解析 映射可以动态解析完成, 也可以静态绑定 NHS 负责维护数据库, 记录所有Spoke 的映射关系. 每一个NHC 都必须要有NHS 的映射关系, 因此NHS 必须有固定的IP地址 NHRP 工作过程 1.Spoke (NHC) 静态完成NHS 的地址映射关系 2.
CCIE-EI 思科企业基础架构专家
XMWS-IT
10-14 1245
CCIE(Cisco Certified Internetwork Expert)思科认证互联网专家此认证是思科公司推出的网络专家级认证,是全球接受范围最广最受技术行业认可的认证。技术方向设有:· 企业基础架构CCIE-EI· 企业无线· 安全· 协作· 数据中心· 服务运营商CCIE-EI是思科企业基础架构专家认证。为了迎接全智慧网络时代的来临,于2020年2月24日推出的新认证。取代了原来的CCIE R&S的认证。
CCIE--PIM+DMVPN+MSDP
fa_nei_kuang_tu的博客
12-09 1653
2021.12.9 如果喜欢的人能够给你前进的动力,即使不能够在一起,也是值得的,那才是真正的喜欢 7.1 MSDP (Multicast Source Discovery Protocol) MSDP 在多个AS 的RP 之间建立TCP 连接, TCP 目的端口号为639 该TCP 连接负责将组播数据包封装在P2P 的TCP 数据包中进行传输, 从而让其它AS 内的RP 可以收到组播数据包, 并且获知源的信息. 将组播数据包封装到单播包以后称之为SA (Source Active) M
CCIE-RS战报 以为挂了 结果过了
Yeslab_Alan的博客
01-15 2398
    我是从2018年3月份开始理论学习,虽然跟着YESLAB苏sir进行了两轮CCIE理论学习,但由于去年工作很忙一直没有完整地学习完一轮,当然原计划在去年7月份进版本的计划也随之泡汤。过了国庆之后,我下定决心在年前考完,这样也算完成一个小目标了。     关于备考——痛并快乐着     我是10月12日进的版本,按照苏sir的建议三个月完成学习。刚进版本的时候边看视频边参照文档特别痛苦,...
CCIE 之路 2016.9.20-2017.2.24
shufanhao.top Blog
02-25 2496
今天终于考完了,最终结果PASS, 晚上没事就总结下。主要分为三部分吧,首先是为什么要考CCIE, 然后说下如何备战CCIE, 最后是战报分享和考试技巧。这也是做每一个事情或者学习每一种技术的,经常问自己的问题,why , what, how. 当然这里没有WHAT了. What is CCIE, I believe you know.1 WHY至于为什么要考CCIE,其实说来很简单。2015年7月
CCIE-DC 300-620.vce
05-22
CCIE-DC 300-620.vce 最近刚通过
CLC-CCIE-SEC-v6.0-Practice-Lab-v1.0.zip
02-09
【标题】"CLC-CCIE-SEC-v6.0-Practice-Lab-v1.0.zip" 提供的是一份针对Cisco Certified Internetwork Expert (CCIE) Security版本6.0的实践实验室指南。这个压缩包可能包含了一系列练习、案例研究和模拟测试,旨在...
CCIE-RS v5.1 最新笔试内容.zip
07-30
CCIE-RS v5.1 最新笔试内容 含 vce
CCIE EI SD-WAN
03-22
│ 01-SDW-L1_01-SD-WAN简介及思科SD-WAN.mp4 网盘文件永久连接 │ 02-SDW-L1_02 SD-WAN部署.mp4 │ 03-SDW-L1-03 OMP协议讲解.mp4 │ 04-SDW-L1_04-SD-WAN数据及分段.mp4 │ 05-SD-WAN ZTP 与 Template.mp4 ...
【Socket 编程】基于UDP协议建立多人聊天室
稻草人敲代码的博客
07-19 271
对于服务端来说,除了要接收消息之外,还要实现一个路由转发模块,该路由转发模块可以将相应发送给所有连接的客户端。而对于客户端来说,除了要发送消息给聊天室,还要能实时看到其它所有客户端的消息。下面来看看具体实现的代码,代码只给出核心模块,其余代码模块代码可以借鉴我之前的博客。具体来说,服务器类实现的功能只有收消息。
网络协议-SOTP 协议格式
ziyunLLL的博客
07-19 265
SOTP(Secure Overlay Transport Protocol)是一种安全的覆盖层传输协议,旨在提供增强的安全性和功能。2.密钥管理:密钥的管理和交换是协议安全的重要部分,通常使用公钥基础设施(PKI)或密钥交换协议(如 Diffie-Hellman)。1.安全性:确保加密算法和认证算法的安全性。常用的加密算法包括 AES,常用的认证算法包括 HMAC-SHA256。3.性能:加密和认证会增加计算开销,需要在安全性和性能之间找到平衡。SOTP 协议格式的一般结构。
docker build时的网络问题
最新发布
flynetcn的专栏
07-19 217
docker build网络问题
27_MobileNetV3网络详解
https://github.com/foxpup11?tab=repositories
07-17 803
https://www.bilibili.com/video/BV1GK4y1p7uE/?spm_id_from=333.999.0.0&vd_source=7dace3632125a1ef7fd32c285eb2fbac

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

烈火蜓蜻

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值