RIP实验要求如下:
实现思路如下:
1、使用192开头的地址;主要内容如下:
R1-R2:192.168.1.0/24 R2-R3:192.168.2.0/24
R3-R4:192.168.3.0/24 R1-R4:192.168.4.0/24
R4-R5:192.168.5.0/24 R4-R6:192.168.6.0/24
R6-R7:100.1.1.0/24
2、实现R3使用R2访问R1环回:
在R1连接R2出接口增大其度量值,将其增大为2
3、在R1上做路由汇总,将三个环回做汇总
4、在R4连接R6出接口做路由过滤,过滤掉R1的三个环回
网络拓扑图如下:
基础配置:
R1:
interface Serial2/0/0
ip address 192.168.1.1 255.255.255.0
#
interface Serial2/0/1
ip address 192.168.4.1 255.255.255.0
#
interface LoopBack1
ip address 172.168.1.1 255.255.255.0
#
interface LoopBack2
ip address 172.168.2.1 255.255.255.0
#
interface LoopBack3
ip address 172.168.3.1 255.255.255.0
#
rip 100
undo summary
version 2
network 172.16.0.0
network 192.168.1.0
network 192.168.4.0
network 172.168.0.0
R2:
interface Serial2/0/0
ip address 192.168.1.2 255.255.255.0
#
interface Serial2/0/1
ip address 192.168.2.1 255.255.255.0
#
rip 100
undo summary
version 2
network 192.168.2.0
network 192.168.1.0
R3:
interface Serial2/0/0
ip address 192.168.3.1 255.255.255.0
#
interface Serial2/0/1
ip address 192.168.2.2 255.255.255.0
#
rip 100
undo summary
version 2
network 192.168.2.0
network 192.168.3.0
R4:
interface Serial1/0/0
ip address 192.168.5.1 255.255.255.0
#
interface Serial1/0/1
ip address 192.168.6.1 255.255.255.0
#
interface Serial2/0/0
ip address 192.168.3.2 255.255.255.0
#
interface Serial2/0/1
ip address 192.168.4.2 255.255.255.0
#
rip 100
undo summary
version 2
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
network 192.168.6.0
R5:
interface Serial2/0/0
ip address 192.168.5.2 255.255.255.0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.0
#
rip 100
undo summary
version 2
network 192.168.5.0
R6:
interface Serial2/0/0
ip address 192.168.6.2 255.255.255.0
rip version 2 multicast
#
interface Serial2/0/1
ip address 100.1.1.1 255.255.255.0
#
rip 100
undo summary
network 192.168.6.0
network 100.0.0.0
R7:
interface Serial2/0/0
ip address 100.1.1.2 255.255.255.0
#
rip 100
undo summary
version 1
network 100.0.0.0
至此,7个路由器全网可达
验证
[R1]ping 100.1.1.2 #R1 ping R7
PING 100.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 100.1.1.2: bytes=56 Sequence=1 ttl=253 time=40 ms
- 指标一:R3使用R2访问R1环回
实现:在R1出接口s2/0/1上将metric值加大
[R1]interface Serial 2/0/1
[R1-Serial2/0/1]rip metricout 3
- 指标二:加快网络收敛,提高安全性
实现:做路由汇总,做安全认证
#路由汇总:
[R1]interface Serial 2/0/0
[R1-Serial2/0/0]rip summary-address 172.168.0.0 255.255.252.0
[R1]interface Serial 2/0/1
[R1-Serial2/0/1]rip summary-address 172.168.0.0 255.255.252.0
#安全认证:
R2-R3明文:
[R2]interface Serial 2/0/0
[R2-Serial2/0/0]rip authentication-mode simple cipher cisco
R4-R5密文:
[R4]interface Serial 2/0/0
[R4-Serial2/0/0]rip authentication-mode md5 nonstandard cipher cisco 1
- 指标三:R6-R7不可学习到R1的环回路由
实现:在R4连接R6出接口做路由过滤,过滤R1的环回
配置如下:
[R4]acl 2000
[R4-acl-basic-2000]rule deny source 172.168.0.0 0
[R4-acl-basic-2000]rule permit
[R4-acl-basic-2000]q
[R4]rip 100
[R4-rip-100]filter-policy 2000 export Serial 1/0/1
验证:查看R6路由表 —— 无R1环回路由
[R6]display ip routing-table protocol rip
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.1.0/24 RIP 100 3 D 192.168.6.1 Serial2/0/0
192.168.2.0/24 RIP 100 2 D 192.168.6.1 Serial2/0/0
192.168.3.0/24 RIP 100 1 D 192.168.6.1 Serial2/0/0
192.168.4.0/24 RIP 100 1 D 192.168.6.1 Serial2/0/0
192.168.5.0/24 RIP 100 1 D 192.168.6.1 Serial2/0/0
- 指标四:全网可达
实现:R5配置缺省
[R5]rip 100
[R5-rip-100]default-route originate
验证:
[R1]ping 5.5.5.5 #R1 ping R5环回
PING 5.5.5.5: 56 data bytes, press CTRL_C to break
Reply from 5.5.5.5: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 5.5.5.5: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 5.5.5.5: bytes=56 Sequence=3 ttl=254 time=30 ms
Reply from 5.5.5.5: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 5.5.5.5: bytes=56 Sequence=5 ttl=254 time=30 ms