EIGRP-2(EIGRP的路由认证)<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
一、实验目的:
EIGRP
的路由认证
二、网络拓朴:
<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />
三、实验步骤:
1
.环境搭建:
!---R1
enable
conf t
ho R1
no ip do lo
line con 0
logg s
no exec-t
int lo0
ip add 172.16.1.1 255.255.255.0
int s1/1
ip add <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />10.1.1.1 255.255.255.0
no shut
exit
!---R2
enable
conf t
ho R2
no ip do lo
line con 0
logg s
no exec-t
int lo0
ip add 172.16.2.1 255.255.255.0
int s1/0
ip add 10.1.1.2 255.255.255.0
no shut
exit
2.起用EIGRP:
!---R1
conf t
router eigrp 50
network 172.16.1.0
network 10.1.1.0
no auto
exit
!---R2
conf t
router eigrp 50
network 172.16.2.0
network 10.1.1.0
no auto
exit
此时
R1
和
R2
成功建立邻居,并且两个
loopback
口互通。
3
.起用认证,配置如下:
!---R1
conf t
key chain my
key 1
key-string cisco
exit
exit
int s1/1
ip authentication mode eigrp 50 md5
ip authentication key-chain eigrp 50 my
exit
当我们对
R1
进行了认证只后,这时会发现邻居
R2
会丢失,因为我们还没有在
R2
上配置相对应的认证,这种情况下,
R1
和
R2
将不能建立邻居关系。
*Jan 9 21:51:10.251: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 10.1.1.2 (Serial1/1) is down: authentication mode changed
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 50
然而,当我们在
R2
上对
EIGRP
进行和
R1
上匹配的认证之后,
R1
和
R2
的邻居关系将会重新建立:
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#key chain my
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#
R2(config)#int s1/0
R2(config-if)#ip authentication mode eigrp 50 md5
R2(config-if)#ip authentication key-chain eigrp 50 my
R2(config-if)#exit
R2(config)#
*Jan 9 21:59:23.283: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 10.1.1.1 (Serial1/0) is up: new adjacency
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.1.1.2 Se1/1 12 00:02:33 1254 5000 0 7
转载于:https://blog.51cto.com/lostmiss/262268
1361
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
