R1为运营商不能宣告此网段
1.划分网段
192.168.1.0/24 划分网段
192.168.00000001.000 00000 0
192.168.00000001.001 00000 32
192.168.00000001.010 00000 64
192.168.00000001.011 00000 96
192.168.00000001.100 00000 128
192.168.00000001.101 00000 160
192.168.00000001.110 00000 192 两环回192.168.1.192/28 192.168.1.208/28
172.168.0.0/16划分网段
172.168.0 0000000.0
172.168.0.0/18
172.168.128.0/18
2.基本配置
以R6为例
[R6]interface g0/0/1
[R6-GigabitEthernet0/0/1]ip address 192.168.1.130 27
[R6-GigabitEthernet0/0/1]quit
[R6]interface g0/0/0
[R6-GigabitEthernet0/0/0]ip address 192.168.1.161 27
[R6-GigabitEthernet0/0/0]quit
[R6]interface g0/0/02
[R6-GigabitEthernet0/0/2]ip address 172.16.0.1 18
3.RIP宣告网段
R2---R7之间RIP 版本2 宣告
[R6]rip 1
[R6-rip-1]version 2
[R6-rip-1]undo summary
[R6-rip-1]network 192.168.1.0
[R6-rip-1]network 172.16.0.0
[R6-rip-1]network 6.0.0.0
R8---R9之间RIP 版本1 宣告
[R8]rip 1
[R8-rip-1]network 172.16.0.0
[R8-rip-1]network 8.0.0.0
4.RIP版本兼容
在两种版本不同的边界路由器上出口端配置兼容指令写对端的RIP版本
[R8]interface g0/0/0
[R8-GigabitEthernet0/0/0]rip version 1
5. 全网可达可以访问运营商
在R2边界路由器上配置缺省路由并且RIP下放地址再在出口转换NAT
[R2]ip route-static 0.0.0.0 0 12.1.1.1
[R2]rip 1
[R2-rip-1]default-route originate
[R2]acl 2000
[R2-acl-basic-2000]rule permit source any
[R2-acl-basic-2000]quit
[R2]interface g0/0/0
[R2-GigabitEthernet0/0/0]nat outbound 2000
R9可以ping通运营商(运营商也需要写却省地址不然无法访问其他区域)
[R1]ip route-static 0.0.0.0 0 12.1.1.2
6.更改R3访问R7路径走下面
将R3更改为走192.168.1.98到R7环回
[R3]acl 2001
[R3-acl-basic-2001]rule permit source 192.168.1.66 0.0.0.0
[R3-acl-basic-2001]quit
[R3]interface g0/0/1
[R3-GigabitEthernet0/0/1]rip metricin 2001 5
7.远程登陆R2实际登陆R9
R9上打开telnet然后设置远程登陆特权
[R9]telnet server enable
[R9]aaa
[R9-aaa]local-user xx privilege level 15 password cipher yy
Info: Add a new user.
[R9-aaa]quit
[R9]user-interface vty 0 4
[R9-ui-vty0-4]authentication-mode aaa
[R9-ui-vty0-4]quit
R2上更改登陆路由登陆地址
[R2]interface g0/0/0
[R2-GigabitEthernet0/0/0]nat server protocol tcp global 12.1.1.3 23 inside 172.16.1
28.2 23