CCNP-EIGRP&帧中继、负载均衡、认证、stub区域
2015-11-24 11:11
417 查看
by小世界[/u][/b]http://redcisco.blog.163.com/实验需求:1.保证全网互通,考察EIGRP&帧中继Unequal-Cost Load-Balancing2.实现负载均衡,考察EIGRP&负载均衡,理解FD、ADAdjacency Authentication3.R1和R2启用EIGRP-md5认证,考察EIGRP&认证实验拓扑图:
实验步骤:1.拓扑图基本配置R1参考配置interface Loopback0 ip address 1.1.1.1 255.255.255.0interface Serial0/0 ip address 124.1.1.1 255.255.255.0 encapsulation frame-relayinterface Serial0/1 ip address 12.1.1.1 255.255.255.0
router eigrp 100 network 1.1.1.1 0.0.0.0 network 12.1.1.1 0.0.0.0 network 124.1.1.1 0.0.0.0 no auto-summary
R2参考配置interface Loopback0 ip address 2.2.2.2 255.255.255.0interface Serial0/0 ip address 124.1.1.2 255.255.255.0 encapsulation frame-relayinterface Serial0/1 ip address 12.1.1.2 255.255.255.0
router eigrp 100 network 2.2.2.2 0.0.0.0 network 12.1.1.2 0.0.0.0 network 124.1.1.2 0.0.0.0 no auto-summary
R4参考配置(路由器模拟FR交换机)interface Serial0/0---no sh no ip address encapsulation frame-relay frame-relay lmi-type cisco frame-relay intf-type dce frame-relay route 102 interface Serial0/1 201!interface Serial0/1---no sh[/b] no ip address encapsulation frame-relay frame-relay lmi-type cisco frame-relay intf-type dce frame-relay route 201 interface Serial0/0 102帧中继状态测试:R4#show frame-relay route Input Intf Input Dlci Output Intf Output Dlci StatusSerial0/0 102 Serial0/1 201 activeSerial0/1 201 Serial0/0 102 active2.实现负载均衡基础测试R1(config-if)#do show inter s0/1Serial0/1 is up, line protocol is up Hardware is M4T Internet address is 12.1.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec
R1(config-if)#inter s0/1R1(config-if)#bandwidth 64R1(config-if)#inter s0/0R1(config-if)#bandwidth 256
R1#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsC 1.1.1.0 is directly connected, Loopback0 2.0.0.0/24 is subnetted, 1 subnetsD 2.2.2.0 [90/10639872] via 124.1.1.2, 00:00:19, Serial0/0 124.0.0.0/24 is subnetted, 1 subnetsC 124.1.1.0 is directly connected, Serial0/0 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, Serial0/1
R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/2297856] via 124.1.1.1, 00:00:02, Serial0/0 [90/2297856] via 12.1.1.1, 00:00:02, Serial0/1此时,(未修改R2的两个接口带宽)metric计算演示:在R2看来,路由是有左到右的,对于路由的入方向,这样R1的两个接口没有参与metric计算带宽是取最小值1.544M,延迟取5000+20000usec(10000000/1544+25000/10)*256=2298031.0 2.0.0.0/24 is subnetted, 1 subnetsC 2.2.2.0 is directly connected, Loopback0 124.0.0.0/24 is subnetted, 1 subnetsC 124.1.1.0 is directly connected, Serial0/0 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, Serial0/1//理解完FD、AD,测试完,再修改R2的两个接口的带宽R2(config)#inter s0/0R2(config-if)#bandwidth 256R2(config-if)#inter s0/1R2(config-if)#bandwidth 64
//在进行等价均衡之前的路由表和拓扑表信息:R2#show ip ei topP 1.1.1.0/24, 1 successors, FD is 10639872 via 124.1.1.1 (10639872/128256), Serial0/0 via 12.1.1.1 (40640000/128256), Serial0/1
R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/10639872] via 124.1.1.1, 00:03:06, Serial0/0
//等价均衡处理:R2#conf tR2(config)#router ei 100R2(config-router)#variance 4
//在进行等价均衡之后的路由表R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/10639872] via 124.1.1.1, 00:00:04, Serial0/0 [90/40640000] via 12.1.1.1, 00:00:04, Serial0/13.EIGRP认证实验首先R1和R2保证key chain x 一致。R1 key chain r1tor2-----R2 key chain r2tor1 key 1 key-string cisco123 accept-lifetime 02:30:00 May 1 2002 02:35:00 May 1 2002 send-lifetime 02:34:00 May 1 2002 02:40:00 May 1 2002 key 2 key-string cisco456//修改时钟:R1#clock set 02:28:00 1 May 2002R1#May 1 02:28:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 02:39:12 UTC Wed May 1 2002 to 02:28:00 UTC Wed May 1 2002, configured from console by console.R1#show clock02:29:04.987 UTC Wed May 1 2002
R1#show ip eigrp neiIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num1 124.1.1.2 Se0/0 141 00:03:26 102 612 0 670 12.1.1.2 Se0/1 13 00:04:14 87 2280 0 66//此时邻居关系正常。R1#clear ip eig neiMay 1 02:32:24.223: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is down: manually clearedMay 1 02:32:24.231: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is down: manually clearedR1#May 1 02:32:28.623: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is up: new adjacencyR1#May 1 02:32:36.959: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is up: new adjacencyR1#R1#show key chain Key-chain r1tor2: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) [valid now] send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now] [valid now]现在是有效的。[/b]R1#show clock02:34:16.019 UTC Wed May 1 2002R1#May 1 02:35:02.375: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is down: Auth failureR1#May 1 02:35:18.463: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is down: Auth failureR1#May 1 02:40:01.959: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is up: new adjacencyR1#May 1 02:40:47.431: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is up: new adjacencyR1#
//再观察key chain的作用R1#show clock 02:45:28.819 UTC Wed May 1 2002
R1#show key chain Key-chain r1tor2: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]----只有key 2 生效。
//R2同理测试R2#R2#clock set 02:28:00 1 May 2002R2#May 1 02:28:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 02:39:08 UTC Wed May 1 2002 to 02:28:00 UTC Wed May 1 2002, configured from console by console.R2#May 1 02:28:00.539: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#show May 1 02:28:48.035: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#show ip eig neiIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num1 124.1.1.1 Se0/0 176 00:00:05 145 870 0 620 12.1.1.1 Se0/1 11 00:00:53 90 2280 0 63R2#May 1 02:32:22.719: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is down: Interface Goodbye receivedMay 1 02:32:22.731: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is down: Interface Goodbye receivedR2#May 1 02:32:27.135: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#May 1 02:32:35.555: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#show key chain Key-chain r2tor1: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) [valid now] send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]R2#show clo R2#show clock 02:34:07.079 UTC Wed May 1 2002R2#May 1 02:35:00.935: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is down: Auth failureR2#May 1 02:35:17.039: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is down: Auth failure
R2#May 1 02:40:00.403: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#May 1 02:40:45.847: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacency
R2#show clock 02:45:07.883 UTC Wed May 1 2002
R2#show key chain Key-chain r2tor1: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]
4.EIGRP-stub 实验
//当R1不是eigrp stub区域时,关闭R2的环回口,测试R2(config)#inter lo 0R2(config-if)#shR2(config-if)#May 1 03:20:02.827: EIGRP: Enqueueing QUERY on Serial0/1 iidbQ un/rely 0/1 serno 52-52May 1 03:20:02.827: EIGRP: Enqueueing QUERY on Serial0/0 iidbQ un/rely 0/1 serno 52-52May 1 03:20:02.831: EIGRP: Enqueueing QUERY on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 52-52May 1 03:20:02.831: EIGRP: Enqueueing QUERY on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 52-52May 1 03:20:02.835: EIGRP: Sending QUERY on Serial0/1 nbr 12.1.1.1May 1 03:20:02.839: AS 100, Flags 0x0, Seq 145/130 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 52-52May 1 03:20:02.839: EIGRP: Sending QUERY on Serial0/0 nbr 124.1.1.1May 1 03:20:02.843: AS 100, Flags 0x0, Seq 146/131 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 52-52
May 1 03:20:02.963: EIGRP: received packet with MD5 authentication, key id = 2//认证内容May 1 03:20:03.003: EIGRP: received packet with MD5 authentication, key id = 2
May 1 03:20:03.003: EIGRP: Received QUERY on Serial0/0 nbr 124.1.1.1May 1 03:20:03.007: AS 100, Flags 0x0, Seq 133/146 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:20:03.067: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:20:03.067: EIGRP: Received QUERY on Serial0/1 nbr 12.1.1.1May 1 03:20:03.067: AS 100, Flags 0x0, Seq 134/145 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#May 1 03:20:04.807: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively downMay 1 03:20:05.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to downR2(config-if)#
//当R1不是eigrp stub区域时,再次开启R2的环回口,测试R2(config-if)#no shR2(config-if)#May 1 03:20:11.827: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 54-54May 1 03:20:11.827: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 54-54May 1 03:20:11.831: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 54-54May 1 03:20:11.831: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 54-54
May 1 03:20:11.835: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:20:11.839: AS 100, Flags 0x0, Seq 148/134 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 54-54May 1 03:20:11.839: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:20:11.843: AS 100, Flags 0x0, Seq 149/135 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 54-54May 1 03:20:11.995: EIGRP: Received UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:20:11.995: AS 100, Flags 0x0, Seq 137/148 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:20:12.003: EIGRP: Received UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:20:12.003: AS 100, Flags 0x0, Seq 136/149 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#May 1 03:20:13.795: %LINK-3-UPDOWN: Interface Loopback0, changed state to upMay 1 03:20:14.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upR2(config-if)#//现在关闭debugR2(config-if)#R2(config-if)#do un all All possible debugging has been turned offR2(config-if)#
//将R1配置为eigrp stub区域命令配置:R1(config)#router ei 100R1(config-router)#eigrp stub//当邻居关系稳定之后,继续在R2上测试R2#May 1 03:22:32.071: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyMay 1 03:23:13.379: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#R2#R2#debug eigrp packets query update EIGRP Packets debugging is on (UPDATE, QUERY)R2#R2(config)#inter lo 0R2(config-if)#do show ip inter briInterface IP-Address OK? Method Status ProtocolSerial0/0 124.1.1.2 YES manual up up Serial0/1 12.1.1.2 YES manual up up Loopback0 2.2.2.2 YES manual up up R2(config-if)#shR2(config-if)#May 1 03:23:37.539: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:37.907: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 58-58May 1 03:23:37.907: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 58-58May 1 03:23:37.911: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 58-58May 1 03:23:37.911: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 58-58May 1 03:23:37.915: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1//不再是查询包May 1 03:23:37.919: AS 100, Flags 0x0, Seq 159/145 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 58-58R2(config-if)#May 1 03:23:37.919: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1//不再是查询包[/b]May 1 03:23:37.923: AS 100, Flags 0x0, Seq 160/146 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 58-58May 1 03:23:38.127: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:38.131: EIGRP: Received QUERY on Serial0/1 nbr 12.1.1.1May 1 03:23:38.131: AS 100, Flags 0x0, Seq 148/159 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:23:38.143: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:38.143: EIGRP: Received QUERY on Serial0/0 nbr 124.1.1.1May 1 03:23:38.143: AS 100, Flags 0x0, Seq 147/160 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0//再次开启R2的环回口,测试R2(config-if)#no shR2(config-if)#May 1 03:23:46.515: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:46.819: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 61-61May 1 03:23:46.819: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 61-61May 1 03:23:46.823: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 61-61May 1 03:23:46.823: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 61-61May 1 03:23:46.827: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:23:46.827: AS 100, Flags 0x0, Seq 163/148 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 61-61May 1 03:23:46.831: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:23:46.835: AS 100, Flags 0x0, Seq 164/147 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 61-61May 1 03:23:46.979: EIGRP: Received UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:23:46.979: AS 100, Flags 0x0, Seq 149/163 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:23:47.043: EIGRP: Received UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:23:47.043: AS 100, Flags 0x0, Seq 150/164 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#endR2#un allAll possible debugging has been turned off
需要参考的请仔细阅读,感谢Node实验室,感谢王老师,感谢午餐
ps:推荐阅读EIGRPhttp://blog.sina.com.cn/s/blog_63efc8d70100gi7w.html
实验步骤:1.拓扑图基本配置R1参考配置interface Loopback0 ip address 1.1.1.1 255.255.255.0interface Serial0/0 ip address 124.1.1.1 255.255.255.0 encapsulation frame-relayinterface Serial0/1 ip address 12.1.1.1 255.255.255.0
router eigrp 100 network 1.1.1.1 0.0.0.0 network 12.1.1.1 0.0.0.0 network 124.1.1.1 0.0.0.0 no auto-summary
R2参考配置interface Loopback0 ip address 2.2.2.2 255.255.255.0interface Serial0/0 ip address 124.1.1.2 255.255.255.0 encapsulation frame-relayinterface Serial0/1 ip address 12.1.1.2 255.255.255.0
router eigrp 100 network 2.2.2.2 0.0.0.0 network 12.1.1.2 0.0.0.0 network 124.1.1.2 0.0.0.0 no auto-summary
R4参考配置(路由器模拟FR交换机)interface Serial0/0---no sh no ip address encapsulation frame-relay frame-relay lmi-type cisco frame-relay intf-type dce frame-relay route 102 interface Serial0/1 201!interface Serial0/1---no sh[/b] no ip address encapsulation frame-relay frame-relay lmi-type cisco frame-relay intf-type dce frame-relay route 201 interface Serial0/0 102帧中继状态测试:R4#show frame-relay route Input Intf Input Dlci Output Intf Output Dlci StatusSerial0/0 102 Serial0/1 201 activeSerial0/1 201 Serial0/0 102 active2.实现负载均衡基础测试R1(config-if)#do show inter s0/1Serial0/1 is up, line protocol is up Hardware is M4T Internet address is 12.1.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec
R1(config-if)#inter s0/1R1(config-if)#bandwidth 64R1(config-if)#inter s0/0R1(config-if)#bandwidth 256
R1#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsC 1.1.1.0 is directly connected, Loopback0 2.0.0.0/24 is subnetted, 1 subnetsD 2.2.2.0 [90/10639872] via 124.1.1.2, 00:00:19, Serial0/0 124.0.0.0/24 is subnetted, 1 subnetsC 124.1.1.0 is directly connected, Serial0/0 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, Serial0/1
R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/2297856] via 124.1.1.1, 00:00:02, Serial0/0 [90/2297856] via 12.1.1.1, 00:00:02, Serial0/1此时,(未修改R2的两个接口带宽)metric计算演示:在R2看来,路由是有左到右的,对于路由的入方向,这样R1的两个接口没有参与metric计算带宽是取最小值1.544M,延迟取5000+20000usec(10000000/1544+25000/10)*256=2298031.0 2.0.0.0/24 is subnetted, 1 subnetsC 2.2.2.0 is directly connected, Loopback0 124.0.0.0/24 is subnetted, 1 subnetsC 124.1.1.0 is directly connected, Serial0/0 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, Serial0/1//理解完FD、AD,测试完,再修改R2的两个接口的带宽R2(config)#inter s0/0R2(config-if)#bandwidth 256R2(config-if)#inter s0/1R2(config-if)#bandwidth 64
//在进行等价均衡之前的路由表和拓扑表信息:R2#show ip ei topP 1.1.1.0/24, 1 successors, FD is 10639872 via 124.1.1.1 (10639872/128256), Serial0/0 via 12.1.1.1 (40640000/128256), Serial0/1
R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/10639872] via 124.1.1.1, 00:03:06, Serial0/0
//等价均衡处理:R2#conf tR2(config)#router ei 100R2(config-router)#variance 4
//在进行等价均衡之后的路由表R2#show ip rou 1.0.0.0/24 is subnetted, 1 subnetsD 1.1.1.0 [90/10639872] via 124.1.1.1, 00:00:04, Serial0/0 [90/40640000] via 12.1.1.1, 00:00:04, Serial0/13.EIGRP认证实验首先R1和R2保证key chain x 一致。R1 key chain r1tor2-----R2 key chain r2tor1 key 1 key-string cisco123 accept-lifetime 02:30:00 May 1 2002 02:35:00 May 1 2002 send-lifetime 02:34:00 May 1 2002 02:40:00 May 1 2002 key 2 key-string cisco456//修改时钟:R1#clock set 02:28:00 1 May 2002R1#May 1 02:28:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 02:39:12 UTC Wed May 1 2002 to 02:28:00 UTC Wed May 1 2002, configured from console by console.R1#show clock02:29:04.987 UTC Wed May 1 2002
R1#show ip eigrp neiIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num1 124.1.1.2 Se0/0 141 00:03:26 102 612 0 670 12.1.1.2 Se0/1 13 00:04:14 87 2280 0 66//此时邻居关系正常。R1#clear ip eig neiMay 1 02:32:24.223: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is down: manually clearedMay 1 02:32:24.231: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is down: manually clearedR1#May 1 02:32:28.623: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is up: new adjacencyR1#May 1 02:32:36.959: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is up: new adjacencyR1#R1#show key chain Key-chain r1tor2: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) [valid now] send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now] [valid now]现在是有效的。[/b]R1#show clock02:34:16.019 UTC Wed May 1 2002R1#May 1 02:35:02.375: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is down: Auth failureR1#May 1 02:35:18.463: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is down: Auth failureR1#May 1 02:40:01.959: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.2 (Serial0/1) is up: new adjacencyR1#May 1 02:40:47.431: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.2 (Serial0/0) is up: new adjacencyR1#
//再观察key chain的作用R1#show clock 02:45:28.819 UTC Wed May 1 2002
R1#show key chain Key-chain r1tor2: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]----只有key 2 生效。
//R2同理测试R2#R2#clock set 02:28:00 1 May 2002R2#May 1 02:28:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 02:39:08 UTC Wed May 1 2002 to 02:28:00 UTC Wed May 1 2002, configured from console by console.R2#May 1 02:28:00.539: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#show May 1 02:28:48.035: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#show ip eig neiIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num1 124.1.1.1 Se0/0 176 00:00:05 145 870 0 620 12.1.1.1 Se0/1 11 00:00:53 90 2280 0 63R2#May 1 02:32:22.719: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is down: Interface Goodbye receivedMay 1 02:32:22.731: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is down: Interface Goodbye receivedR2#May 1 02:32:27.135: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#May 1 02:32:35.555: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#show key chain Key-chain r2tor1: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) [valid now] send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]R2#show clo R2#show clock 02:34:07.079 UTC Wed May 1 2002R2#May 1 02:35:00.935: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is down: Auth failureR2#May 1 02:35:17.039: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is down: Auth failure
R2#May 1 02:40:00.403: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyR2#May 1 02:40:45.847: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacency
R2#show clock 02:45:07.883 UTC Wed May 1 2002
R2#show key chain Key-chain r2tor1: key 1 -- text "cisco123" accept lifetime (02:30:00 UTC May 1 2002) - (02:35:00 UTC May 1 2002) send lifetime (02:34:00 UTC May 1 2002) - (02:40:00 UTC May 1 2002) key 2 -- text "cisco456" accept lifetime (always valid) - (always valid) [valid now] send lifetime (always valid) - (always valid) [valid now]
4.EIGRP-stub 实验
//当R1不是eigrp stub区域时,关闭R2的环回口,测试R2(config)#inter lo 0R2(config-if)#shR2(config-if)#May 1 03:20:02.827: EIGRP: Enqueueing QUERY on Serial0/1 iidbQ un/rely 0/1 serno 52-52May 1 03:20:02.827: EIGRP: Enqueueing QUERY on Serial0/0 iidbQ un/rely 0/1 serno 52-52May 1 03:20:02.831: EIGRP: Enqueueing QUERY on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 52-52May 1 03:20:02.831: EIGRP: Enqueueing QUERY on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 52-52May 1 03:20:02.835: EIGRP: Sending QUERY on Serial0/1 nbr 12.1.1.1May 1 03:20:02.839: AS 100, Flags 0x0, Seq 145/130 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 52-52May 1 03:20:02.839: EIGRP: Sending QUERY on Serial0/0 nbr 124.1.1.1May 1 03:20:02.843: AS 100, Flags 0x0, Seq 146/131 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 52-52
May 1 03:20:02.963: EIGRP: received packet with MD5 authentication, key id = 2//认证内容May 1 03:20:03.003: EIGRP: received packet with MD5 authentication, key id = 2
May 1 03:20:03.003: EIGRP: Received QUERY on Serial0/0 nbr 124.1.1.1May 1 03:20:03.007: AS 100, Flags 0x0, Seq 133/146 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:20:03.067: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:20:03.067: EIGRP: Received QUERY on Serial0/1 nbr 12.1.1.1May 1 03:20:03.067: AS 100, Flags 0x0, Seq 134/145 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#May 1 03:20:04.807: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively downMay 1 03:20:05.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to downR2(config-if)#
//当R1不是eigrp stub区域时,再次开启R2的环回口,测试R2(config-if)#no shR2(config-if)#May 1 03:20:11.827: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 54-54May 1 03:20:11.827: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 54-54May 1 03:20:11.831: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 54-54May 1 03:20:11.831: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 54-54
May 1 03:20:11.835: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:20:11.839: AS 100, Flags 0x0, Seq 148/134 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 54-54May 1 03:20:11.839: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:20:11.843: AS 100, Flags 0x0, Seq 149/135 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 54-54May 1 03:20:11.995: EIGRP: Received UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:20:11.995: AS 100, Flags 0x0, Seq 137/148 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:20:12.003: EIGRP: Received UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:20:12.003: AS 100, Flags 0x0, Seq 136/149 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#May 1 03:20:13.795: %LINK-3-UPDOWN: Interface Loopback0, changed state to upMay 1 03:20:14.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upR2(config-if)#//现在关闭debugR2(config-if)#R2(config-if)#do un all All possible debugging has been turned offR2(config-if)#
//将R1配置为eigrp stub区域命令配置:R1(config)#router ei 100R1(config-router)#eigrp stub//当邻居关系稳定之后,继续在R2上测试R2#May 1 03:22:32.071: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.1.1.1 (Serial0/1) is up: new adjacencyMay 1 03:23:13.379: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 124.1.1.1 (Serial0/0) is up: new adjacencyR2#R2#R2#debug eigrp packets query update EIGRP Packets debugging is on (UPDATE, QUERY)R2#R2(config)#inter lo 0R2(config-if)#do show ip inter briInterface IP-Address OK? Method Status ProtocolSerial0/0 124.1.1.2 YES manual up up Serial0/1 12.1.1.2 YES manual up up Loopback0 2.2.2.2 YES manual up up R2(config-if)#shR2(config-if)#May 1 03:23:37.539: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:37.907: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 58-58May 1 03:23:37.907: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 58-58May 1 03:23:37.911: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 58-58May 1 03:23:37.911: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 58-58May 1 03:23:37.915: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1//不再是查询包May 1 03:23:37.919: AS 100, Flags 0x0, Seq 159/145 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 58-58R2(config-if)#May 1 03:23:37.919: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1//不再是查询包[/b]May 1 03:23:37.923: AS 100, Flags 0x0, Seq 160/146 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 58-58May 1 03:23:38.127: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:38.131: EIGRP: Received QUERY on Serial0/1 nbr 12.1.1.1May 1 03:23:38.131: AS 100, Flags 0x0, Seq 148/159 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:23:38.143: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:38.143: EIGRP: Received QUERY on Serial0/0 nbr 124.1.1.1May 1 03:23:38.143: AS 100, Flags 0x0, Seq 147/160 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0//再次开启R2的环回口,测试R2(config-if)#no shR2(config-if)#May 1 03:23:46.515: EIGRP: received packet with MD5 authentication, key id = 2May 1 03:23:46.819: EIGRP: Enqueueing UPDATE on Serial0/1 iidbQ un/rely 0/1 serno 61-61May 1 03:23:46.819: EIGRP: Enqueueing UPDATE on Serial0/0 iidbQ un/rely 0/1 serno 61-61May 1 03:23:46.823: EIGRP: Enqueueing UPDATE on Serial0/1 nbr 12.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 61-61May 1 03:23:46.823: EIGRP: Enqueueing UPDATE on Serial0/0 nbr 124.1.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 61-61May 1 03:23:46.827: EIGRP: Sending UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:23:46.827: AS 100, Flags 0x0, Seq 163/148 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 61-61May 1 03:23:46.831: EIGRP: Sending UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:23:46.835: AS 100, Flags 0x0, Seq 164/147 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1 serno 61-61May 1 03:23:46.979: EIGRP: Received UPDATE on Serial0/1 nbr 12.1.1.1May 1 03:23:46.979: AS 100, Flags 0x0, Seq 149/163 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0May 1 03:23:47.043: EIGRP: Received UPDATE on Serial0/0 nbr 124.1.1.1May 1 03:23:47.043: AS 100, Flags 0x0, Seq 150/164 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2(config-if)#endR2#un allAll possible debugging has been turned off
需要参考的请仔细阅读,感谢Node实验室,感谢王老师,感谢午餐
ps:推荐阅读EIGRPhttp://blog.sina.com.cn/s/blog_63efc8d70100gi7w.html
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- CCNP-OSPF over NBMA详解图
- CCNP-BGP选路实验,考察BGP属性:Local-prf和MED
- CCNP-EBGP环回口建立邻居之间启用IGP的效果
- CCNP-BGP选路实验,考察BGP属性:公认必选之AS-path
- CCNP-BGP选路,BGP属性:公认必选之Origin、Next-hop
- CCNP-ipv6下启用ospfv3,tunnle隧道技术实现v6到v4转换
- vfork与fork的区别
- markdown&grunt
- linux命令学习笔记(14):head 命令
- linux命令学习笔记(15):tail 命令
- nagios
- Oracle impdp 远程导出数据到本地数据库,不生成备份文件
- c++实现封装socket2
- Android res/raw文件 读取文件
- 手机APP测试流程&方法
- CCNP-BGP基本配置 理解IBGP和EBGP 学会IBGP全互联 学会用环回口建立EBGP邻居
- 15-11-24 system同步与异步
- linux命令学习笔记(16):which命令
- linux命令学习笔记(17):whereis 命令
- linux命令学习笔记(18):locate 命令