|
HCNA-25 配置RIP抑制接口及单播更新
1、基本配置及搭建RIPv1网络 <Huawei>system-view [Huawei]sysname r1 [r1]interface GigabitEthernet 0/0/0 [r1-GigabitEthernet0/0/0]ip address 172.16.10.1 24 [r1-GigabitEthernet0/0/0]quit [r1]rip1 [r1-rip-1]network172.16.0.0 [r1-rip-1]return <Huawei>system-view [Huawei]sysname r2 [r2]interface GigabitEthernet 0/0/1 [r2-GigabitEthernet0/0/1]ip address 172.16.10.2 24 [r2-GigabitEthernet0/0/1]interface GigabitEthernet0/0/2 [r2-GigabitEthernet0/0/2]ip address 192.168.10.1 24 [r2-GigabitEthernet0/0/2]quit [r2]rip1 [r2-rip-1]network172.16.0.0 [r2-rip-1]network192.168.10.0 [r2-rip-1]return <Huawei>system-view [Huawei]sysname r3 [r3]interface GigabitEthernet 0/0/1 [r3-GigabitEthernet0/0/1]ip address 172.16.10.3 24 [r3-GigabitEthernet0/0/1]interface GigabitEthernet0/0/2 [r3-GigabitEthernet0/0/2]ip address 192.168.20.1 24 [r3-GigabitEthernet0/0/2]quit [r3]rip1 [r3-rip-1]network172.16.0.0 [r3-rip-1]network192.168.20.0 [r3-rip-1]return <r1>display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes :9 Destination/Mask Proto Pre Cost Flags NextHop Interface …… 192.168.10.0/24 RIP 100 1 D 172.16.10.2 GigabitEthernet 0/0/0 192.168.20.0/24 RIP 100 1 D 172.16.10.3 GigabitEthernet 0/0/0 …… <r2>display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 11 Routes :11 Destination/Mask Proto Pre Cost Flags NextHop Interface …… 192.168.20.0/24 RIP 100 1 D 172.16.10.3 GigabitEthernet 0/0/1 …… <r3>display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 11 Routes :11 Destination/Mask Proto Pre Cost Flags NextHop Interface …… 192.168.10.0/24 RIP 100 1 D 172.16.10.2 GigabitEthernet 0/0/1 …… 所有的路由器已经学习到相应的路由条目,所有PC间通信正常。
上面是对PC2网口进行抓包,发现会有很多对于PC来说无用的RIP更新报文发送过来,从而占用网络宽带。同时,PC1和PC3也会收到,这是因为这些PC所在的网段都被宣告进了RIP协议中,路由对应接口参与了RIP协议。
2、配置RIP抑制接口,优化公司网络 [r1]rip 1 [r1-rip-1]silent-interface GigabitEthernet0/0/0 //配置接口GE0/0/0为抑制接口 [r2]rip 1 [r2-rip-1]silent-interface GigabitEthernet 0/0/1 [r2-rip-1]silent-interface GigabitEthernet 0/0/2 [r3]rip 1 [r3-rip-1]silent GigabitEthernet 0/0/1 [r3-rip-1]silent GigabitEthernet 0/0/2 当接口被配置成为抑制接口后,该接口将只接收RIP更新报文,而不发送更新报文。 <r2>display rip Public VPN-instance RIPprocess : 1 RIPversion : 1 Preference : 100 …… Silent-interfaces : GigabitEthernet0/0/1 GigabitEthernet0/0/2 查看R1,R2,R3的RIP协议都会有Silent-interface内容,说明配置成功。 此时再对PC网口抓包,就不会再收到RIP更新报文了。 注意:此时再查看各路由器路由表,将不会再学习到宣告参与RIP协议的网段,PC也不法正常通信。
3、配置RIP单播更新,恢复网络通信 [r1]rip 1 [r1-rip-1]peer172.16.10.2 [r1-rip-1]peer172.16.10.3 [r1-rip-1]return <r1>display rip PublicVPN-instance RIP process : 1 RIP version : 1 Preference : 100 …… Networks : 172.16.0.0 Configured peers : 172.16.10.3 172.16.10.2 Number of routes in database : 2 …… [r2]rip 1 [r2-rip-1]peer 172.16.10.1 //手动指定邻居 [r2-rip-1]peer 172.16.10.3 [r2-rip-1]return [r3]rip 1 [r3-rip-1]peer172.16.10.1 [r3-rip-1]peer172.16.10.2 [r3-rip-1]return <r1>display iprouting-table Route Flags: R -relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes : 9 Destination/Mask Proto Pre Cost Flags NextHop Interface …… 192.168.10.0/24 RIP 100 1 D 172.16.10.2 GigabitEthernet 0/0/0 192.168.20.0/24 RIP 100 1 D 172.16.10.3 GigabitEthernet 0/0/0 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 使用peer配置单播之后,各路由的路由表又恢复正常。 PC通信也恢复了正常,此时PC也将不会再收到RIP更新报文了。
4、使用另一种抑制接口方式 [r3-rip-1]undo silent-interfaceGigabitEthernet 0/0/1 //取消接口抑制状态 [r3-rip-1]undo silent-interfaceGigabitEthernet 0/0/2 [r3-rip-1]undo peer 172.16.10.1 //取消手工指定的邻居 [r3-rip-1]undo peer 172.16.10.2 [r3-rip-1]quit [r3]interface GigabitEthernet 0/0/1 [r3-GigabitEthernet0/0/1]undo rip output //接口配置为抑制接口 禁止接口发送RIP报文 [r3-GigabitEthernet0/0/1]quit <r1>display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes :8 Destination/Mask Proto Pre Cost Flags NextHop Interface …… 192.168.10.0/24 RIP 100 1 D 172.16.10.2 GigabitEthernet 0/0/0 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 此时查看R1的路由表时,已经没有了R3的直连网段192.168.20.0路由条目。说明R3上执行的接口undo output生效。 下面在R3上配置与R1间的单播更新。 [r3]rip 1 [r3-rip-1]peer 172.168.10.1 配置完成后行等待一段时间,让路由表收敛完成。 [r1]display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes :8 Destination/Mask Proto Pre Cost Flags NextHop Interface 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.10.0/24 Direct 0 0 D 172.16.10.1 GigabitEthernet 0/0/0 172.16.10.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 172.16.10.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 192.168.10.0/24 RIP 100 1 D 172.16.10.2 GigabitEthernet 0/0/0 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 目前可以发现,R1的路由表中仍然没有192.168.20.0的路由条目,由此可证明使用undo rip output命令来抑制接口,即使配置了单播更新也是无法再以单播的形式发送路由更新的。 而在上一步骤中,当使用silent-interface命令配置抑制接口后,再使用peer命令指定邻居IP的单播更新目的地址后,单播更新则生效。 在接口下可以使用undo rip output命令禁止该接口发送RIP报文,也可以使用undo rip input 命令来禁止接口接收RIP报文,通过这两条命令可以灵活地控制接口对RIP报文的发送和接收(默认情况下是可以同时接收和发送报文)注意:silent-interface 命令的优先级大于rip output或rip input命令的优先级。
| 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-2-5 16:50:17
