HCNA-25 配置RIP抑制接口及单播更新
HCNA-25 配置RIP抑制接口及单播更新1、基本配置及搭建RIPv1网络<Huawei>system-viewsysname r1interface GigabitEthernet 0/0/0ip address 172.16.10.1 24quitrip1network172.16.0.0return <Huawei>system-viewsysname r2interface GigabitEthernet 0/0/1ip address 172.16.10.2 24interface GigabitEthernet0/0/2ip address 192.168.10.1 24quitrip1network172.16.0.0network192.168.10.0return<Huawei>system-viewsysname r3interface GigabitEthernet 0/0/1ip address 172.16.10.3 24interface GigabitEthernet0/0/2ip address 192.168.20.1 24quitrip1network172.16.0.0network192.168.20.0return <r1>display ip routing-tableRoute Flags: R - relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 9 Routes :9 Destination/Mask Proto PreCost Flags NextHop Interface…… 192.168.10.0/24RIP 1001 D172.16.10.2 GigabitEthernet0/0/0 192.168.20.0/24RIP 1001 D172.16.10.3 GigabitEthernet0/0/0…… <r2>display ip routing-tableRoute Flags: R - relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 11 Routes :11 Destination/Mask Proto PreCost Flags NextHop Interface…… 192.168.20.0/24RIP 1001 D172.16.10.3 GigabitEthernet0/0/1…… <r3>display ip routing-tableRoute Flags: R - relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 11 Routes :11 Destination/Mask Proto PreCost Flags NextHop Interface…… 192.168.10.0/24RIP 1001 D172.16.10.2 GigabitEthernet0/0/1……所有的路由器已经学习到相应的路由条目,所有PC间通信正常。
上面是对PC2网口进行抓包,发现会有很多对于PC来说无用的RIP更新报文发送过来,从而占用网络宽带。同时,PC1和PC3也会收到,这是因为这些PC所在的网段都被宣告进了RIP协议中,路由对应接口参与了RIP协议。
2、配置RIP抑制接口,优化公司网络rip 1silent-interface GigabitEthernet0/0/0//配置接口GE0/0/0为抑制接口 rip 1silent-interface GigabitEthernet 0/0/1silent-interface GigabitEthernet 0/0/2 rip 1silent GigabitEthernet 0/0/1silent GigabitEthernet 0/0/2当接口被配置成为抑制接口后,该接口将只接收RIP更新报文,而不发送更新报文。<r2>display ripPublic VPN-instance RIPprocess : 1 RIPversion : 1 Preference : 100…… Silent-interfaces : GigabitEthernet0/0/1 GigabitEthernet0/0/2 查看R1,R2,R3的RIP协议都会有Silent-interface内容,说明配置成功。此时再对PC网口抓包,就不会再收到RIP更新报文了。注意:此时再查看各路由器路由表,将不会再学习到宣告参与RIP协议的网段,PC也不法正常通信。
3、配置RIP单播更新,恢复网络通信rip 1peer172.16.10.2peer172.16.10.3return<r1>display ripPublicVPN-instance RIP process : 1 RIP version : 1 Preference : 100…… Networks : 172.16.0.0 Configured peers : 172.16.10.3 172.16.10.2 Number of routes in database : 2…… rip 1peer 172.16.10.1//手动指定邻居peer 172.16.10.3return rip 1peer172.16.10.1peer172.16.10.2return <r1>display iprouting-tableRoute Flags: R -relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 9 Routes : 9 Destination/Mask ProtoPreCost Flags NextHop Interface…… 192.168.10.0/24RIP 100 1 D 172.16.10.2 GigabitEthernet0/0/0192.168.20.0/24RIP 100 1 D 172.16.10.3 GigabitEthernet0/0/0255.255.255.255/32Direct 0 0 D127.0.0.1 InLoopBack0使用peer配置单播之后,各路由的路由表又恢复正常。PC通信也恢复了正常,此时PC也将不会再收到RIP更新报文了。
4、使用另一种抑制接口方式undo silent-interfaceGigabitEthernet 0/0/1//取消接口抑制状态undo silent-interfaceGigabitEthernet 0/0/2undo peer 172.16.10.1//取消手工指定的邻居undo peer 172.16.10.2quitinterface GigabitEthernet 0/0/1undo rip output//接口配置为抑制接口 禁止接口发送RIP报文quit<r1>display ip routing-tableRoute Flags: R - relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 8 Routes :8 Destination/Mask ProtoPreCost Flags NextHop Interface……192.168.10.0/24RIP 100 1 D 172.16.10.2 GigabitEthernet0/0/0255.255.255.255/32Direct 0 0 D127.0.0.1 InLoopBack0此时查看R1的路由表时,已经没有了R3的直连网段192.168.20.0路由条目。说明R3上执行的接口undo output生效。下面在R3上配置与R1间的单播更新。rip 1peer 172.168.10.1配置完成后行等待一段时间,让路由表收敛完成。display ip routing-tableRoute Flags: R - relay, D - download to fib------------------------------------------------------------------------------Routing Tables: Public Destinations : 8 Routes :8 Destination/Mask ProtoPreCost Flags NextHop Interface 127.0.0.0/8 Direct0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32Direct0 0 D 127.0.0.1 InLoopBack0127.255.255.255/32Direct 0 0 D127.0.0.1 InLoopBack0 172.16.10.0/24Direct0 0 D 172.16.10.1 GigabitEthernet0/0/0 172.16.10.1/32Direct0 0 D 127.0.0.1 GigabitEthernet0/0/0 172.16.10.255/32Direct0 0 D 127.0.0.1 GigabitEthernet0/0/0192.168.10.0/24RIP 100 1 D 172.16.10.2 GigabitEthernet0/0/0255.255.255.255/32Direct 0 0 D127.0.0.1 InLoopBack0目前可以发现,R1的路由表中仍然没有192.168.20.0的路由条目,由此可证明使用undo rip output命令来抑制接口,即使配置了单播更新也是无法再以单播的形式发送路由更新的。而在上一步骤中,当使用silent-interface命令配置抑制接口后,再使用peer命令指定邻居IP的单播更新目的地址后,单播更新则生效。在接口下可以使用undo rip output命令禁止该接口发送RIP报文,也可以使用undo rip input 命令来禁止接口接收RIP报文,通过这两条命令可以灵活地控制接口对RIP报文的发送和接收(默认情况下是可以同时接收和发送报文)注意:silent-interface 命令的优先级大于rip output或rip input命令的优先级。
页:
[1]
