|
|
RIP协议,路由信息协议,最简单的距离矢量协议,最大跳数15跳,16不可达,采用广播的方式进行路由表的扩散与更新,数据包中不包含子网掩码(2代中有),以及
外层协议的标记等等
在这里只在Juniper的设备上配置RIP协议,熟悉一下,原理不变
网络拓扑图下所示:
R1-------R2------R3
接口连接:
em1.12-----em2.12 192.168.1.1/24
em2.23-----em3.23 192.168.2.1/24
在每台路由器上创建相应的环回接口:
r1: 1.1.1.1/32
r2: 2.2.2.2/32
r3: 3.3.3.3/32
创建三个逻辑路由器;
logical-routers {
r1;
r2;
r3;
配置接口IP地址:
juniper@Olive# set interfaces em1.12 family inet address 192.168.1.1/24
[edit logical-routers r1]
juniper@Olive# set interfaces lo0.12 family inet address 1.1.1.1/24
在R2 和R3上作类似配置;
查看接口的配置情况:
juniper@Olive> show interfaces terse
Interface Admin Link Proto Local Remote
dsc up up
em0 up up
em0.0 up up inet 192.168.72.10/24
em1 up up
em1.12 up up inet 192.168.1.1/24
em1.32767 up up
em2 up up
em2.12 up up inet 192.168.1.2/24
em2.23 up up inet 192.168.2.1/24
em2.32767 up up
em3 up up
em3.23 up up inet 192.168.2.2/24
lo0 up up
lo0.12 up up inet 1.1.1.1/24
lo0.21 up up inet 2.2.2.2 --> 0/0
lo0.23 up up inet 3.3.3.3 --> 0/0
lo0.16384 up up inet 127.0.0.1 --> 0/0
测试通信:
在R1上去PING R2的接口IP地址:
juniper@Olive# run ping 192.168.1.2 logical-router r1
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0.387 ms
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.351 ms
^C
--- 192.168.1.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.351/0.369/0.387/0.018 ms
[edit logical-routers r1]
在这之前有必要配置一下静态路由,虽然静态路由非常简单的,但是作为Juniper的配置来说,还是与思科华为的有些不同。
有配置的时候一定要指定掩码,你配置了192.168.1.0 next-hop 192.168.1.2 ,它不会报错,但是不通,在以后的配置时
养成良好的习惯。
配置如下所示:
routing-options {
static {
route 192.168.2.0/24 {
next-hop 192.168.1.2;
metric 2;
}
}
}
set routing-options static route 192.168.1.0/24 next-hop 192.168.1.0/24 next-hop 192.168.2.1 metric 2
配置RIP协议:
我们在思科、华为的设备上的时候,就直接Network了,宣告就行了,但在Juniper的配置的时候,即使你在接口上发送了
组播的数据包,但是邻居还是起不来,这时你必须配置策略,进行相关的宣告;
首先配置如下策略,将直连的宣告:
Applying Export Policy
policy-options {
policy-statement connected-routes {
term advertise-routes {
from protocol direct;
then accept;
}
}
具体的配置命令就不列出来了。
将来自RIP协议的路由进行宣告:
policy-statement transit-rip-routes {
term advretise-routes {
from protocol rip;
then accept;
}
}
}
在协议中再进行配置:
protocols {
rip {
group neighbor-routers {
export [ connected-routes transit-rip-routes ];
neighbor em3.23;
}
}
}
在接口em3.23上将策略进行应用,将路由信息宣告出去。
查看邻居的信息:
[edit logical-routers r2]
juniper@Olive# run show rip neighbor logical-router r2
Source Destination Send Receive In
Neighbor State Address Address Mode Mode Met
-------- ----- ------- ----------- ---- ------- ---
em2.12 Up 192.168.1.2 224.0.0.9 mcast both 1
em2.23 Up 192.168.2.1 224.0.0.9 mcast both 1
查看路由表信息:
juniper@Olive# run show route protocol rip logical-router r2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[RIP/100] 00:30:08, metric 2, tag 0
> to 192.168.1.1 via em2.12
3.3.3.3/32 *[RIP/100] 00:25:36, metric 2, tag 0
> to 192.168.2.2 via em2.23
224.0.0.9/32 *[RIP/100] 00:25:39, metric 1
MultiRecv
Applying Import Policy
The JUNOS software allows you to filter routes being imported by the local router from its neighbors. You can use import policies to reject unwanted routes or to> 在R2上配置如下所示:
policy-statement filter-riesling {
term filter-routes {
from {
protocol rip;
route-filter 192.168.100.0/24 orlonger;
}
then reject;
}
增加一条进入的过滤策略,将192.168.100.0 的过滤了,所在在R2和R1上就不再在有这样的一条路由信息了;
将在相应的接口进行配置,这是在协议上具体实现的。
protocols {
rip {
group neighbor-routers {
export [ transit-rip-routes connected-routes ];
neighbor em2.12;
neighbor em2.23 {
import filter-riesling;
}
}
Modifying the Incoming Metric
对于些配置我就不作过多的解释,它本意就是如此,只是应用到JUNOS软件中而已,不管你在怎样的设备上配置RIP,它的一些特性不是不会改变的,
RIP运行这么多年了,那个供应商也不会去改变的特性应用,只是在配置方面有所不一样而已;
在R1上作如下配置:
protocols {
rip {
group neihbor-routes {
export [ connected-routes transit-rip-routes ];
neighbor em1.12 {
metric-in 5;
}
}
}
}
查看相应的结果:
juniper@Olive# run show route protocol rip logical-router r1
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[RIP/100] 01:07:45, metric 6, tag 0
> to 192.168.1.2 via em1.12
3.3.3.3/32 *[RIP/100] 01:03:13, metric 7, tag 0
> to 192.168.1.2 via em1.12
192.168.2.0/24 *[RIP/100] 01:07:45, metric 6, tag 0
> to 192.168.1.2 via em1.12
224.0.0.9/32 *[RIP/100] 00:02:43, metric 1
MultiRecv
可以看出,度量值增加了;
Modifying the Outgoing Metric
配置命令只增加一小条而已;
protocols {
rip {
group neihbor-routes {
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12;
}
}
}
在其他的路由设备上查看相应的结果:
juniper@Olive# run show route protocol rip logical-router r2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[RIP/100] 01:19:41, metric 11, tag 0
> to 192.168.1.1 via em2.12
3.3.3.3/32 *[RIP/100] 01:15:09, metric 2, tag 0
> to 192.168.2.2 via em2.23
224.0.0.9/32 *[RIP/100] 00:01:40, metric 1
MultiRecv
Configuring Authentication
By default, authentication between RIP neighbors is disabled within the JUNOS software;You can configure it globally for all peers or on a peer-by-peer basis within the neighbor configuration hierarchy;
Simple authentication Uses a plain-text password that is included in the transmitted packet.
MD5 authentication Sends the result of a one-way hashing algorithm in the transmitted packet.
在配置认证的时候,有一个时间的缓冲时间,在这段时间里,虽然你可以看到路由信息,但是Ping不通的,网络还没有收敛完成;
简单配置如下所示:
protocols {
rip {
authentication-type md5;
authentication-key "$9$VMsgJikP36AGD6Ap0hcbs2"; ## SECRET-DATA
group neighbor-routers {
export [ connected-routes transit-rip-routes ];
neighbor em3.23
Controlling Route Preference
The JUNOS software default for the preference of RIP routes within the routing table is 100. The routing table uses the preference values to select the best route when multiple protocols are advertising the same destination prefix;
有些配置操作其实就在协议的全局模式下进行配置的,所应用到的就是启用了协议的接口;
protocols {
rip {
authentication-type md5;
authentication-key "$9$d8w2ajHmFnCZUnCtuEhVwY"; ## SECRET-DATA
group neihbor-routes {
preference 90;
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12;
}
}
}
路由设备上可以看到这一优先级,当网络拓扑图复杂点时,可以修改优先级进行相应的路由选择;
juniper@Olive# run show route protocol rip logical-router r1
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[RIP/90] 01:48:16, metric 2, tag 0
> to 192.168.1.2 via em1.12
3.3.3.3/32 *[RIP/90] 01:48:29, metric 3, tag 0
> to 192.168.1.2 via em1.12
192.168.2.0/24 *[RIP/90] 01:48:16, metric 2, tag 0
> to 192.168.1.2 via em1.12
224.0.0.9/32 *[RIP/100] 00:04:10, metric 1
Configuring Update Messages
By default, all RIP routers will advertise RIPv2 messages via multicast to all configured neighbors. In addition, all routers are able to receive both RIPv1 and RIPv2 messages.;
The receive-options values are:
both Accept RIPv1 and v2 packets.
none Do not receive RIP packets.
version-1 Accept only RIPv1 packets.
version-2 Accept only RIPv2 packets.
配置也是比较简单的;
protocols {
rip {
authentication-type md5;
authentication-key "$9$d8w2ajHmFnCZUnCtuEhVwY"; ## SECRET-DATA
group neihbor-routes {
preference 90;
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12 {
send version-1;
receive version-1
Configuring the Number of Route Entries in an Update Message
You can increase the default> juniper@Olive# set protocols rip message-size 100
如此就行;
Accepting Packets Whose Reserved Fields Are Nonzero
Recall that the Request and Response messages for both RIPv1 and RIPv2 were> 这一条命令的作用是因为RIPV1和RIPV2的数据包格式不一样,为不使检验出错,忽略检查 ;
juniper@Olive# set protocols rip no-check-zero |
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-7-27 13:17:22
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡