|
|
|
R1和R2为公司内网,R3为外网,在R1和R2上配置EIGRP,在R2和R3上配置默认路由,实验目的是用四种方法实现R1和R2内网可以访问外网R3。 1.实验拓扑:
2. 配置各路由器相连接口IP地址
R1(config)#int s1/0
R1(config-if)#ip add
R1(config-if)#ip address 10.1.1.1 255.255.252.0
R1(config-if)#no shut
R1(config-if)#int lo1
R1(config-if)#ip ad
R1(config-if)#ip address 11.11.11.11 255.255.255.255
R1(config-if)#int lo2
R1(config-if)#ip ad
R1(config-if)#ip address 172.16.9.1 255.255.255.0
R1(config-if)#int lo2
R1(config-if)#ip ad
R1(config-if)#ip address 172.16.10.1 255.255.255.0
R1(config-if)#int lo3
R1(config-if)#ip ad
R1(config-if)#ip address 172.16.11.1 255.255.255.0
R1(config-if)#int lo4
R1(config-if)#ip ad
R1(config-if)#ip address 172.16.12.1 255.255.255.0
R1(config-if)#
R2(config)#int s1/1
R2(config-if)#ip ad
R2(config-if)#ip address 10.1.1.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#int s1/0
R2(config-if)#ip ad
R2(config-if)#ip address 20.1.1.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#int lo1
R2(config-if)#ip ad
R2(config-if)#ip address 22.22.22.22 255.255.255.255
R2(config-if)#
R3(config)#int s1/1
R3(config-if)#ip ad
R3(config-if)#ip address 20.1.1.1 255.255.255.252
R3(config-if)#no shut
R3(config-if)#int lo1
R3(config-if)#ip ad
R3(config-if)#ip address 33.33.33.33 255.255.255.255
R3(config-if)#
3.在R1、R2上配置EIGRP协议,以建立内部网络。
R1(config)#router eigrp 100
R1(config-router)#net
R1(config-router)#network 10.1.1.1 0.0.0.3
R1(config-router)#network 11.11.11.11 0.0.0.0
R1(config-router)#network 172.16.9.1 0.0.0.255
R1(config-router)#network 172.16.10.1 0.0.0.255
R1(config-router)#network 172.16.11.1 0.0.0.255
R1(config-router)#network 172.16.12.1 0.0.0.255
R2(config)#router eigrp 100
R2(config-router)#network 22.22.22.22 0.0.0.0
R2(config-router)#network 10.1.1.2 0.0.0.3
注意R1和R2的自治系统号两边要一至,还有在宣告网络时加入通配符可以保证哪一些端口加入到EIGRP中
4.在R2查看路由表验证EIGRP邻居是否顺利建立。
R2#show ip eigrp 100 neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.1.1.1 Se1/1 10 00:13:13 98 588 0 31
可以看出邻居关系已经建立好了
5.在R2和R3中配置默认路由
R2(config)#ip route 0.0.0.0 0.0.0.0 20.1.1.1
R3(config)#ip route 0.0.0.0 0.0.0.0 20.1.1.2
5.关闭自动汇总采用手工汇总
R1(config-router)#no auto-summary
R1(config)#int s1/0
R1(config-if)#ip summary-address eigrp 100 172.16.9.0 255.255.240.0
6.查看一下R2的路由表
R2#
R2# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 20.1.1.1 to network 0.0.0.0
20.0.0.0/30 is subnetted, 1 subnets
C 20.1.1.0 is directly connected, Serial1/0
172.16.0.0/21 is subnetted, 1 subnets 路由被汇总成一条
D 172.16.8.0 [90/2297856] via 10.1.1.1, 00:00:06, Serial1/1
22.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 22.22.22.22/32 is directly connected, Loopback1
D 22.0.0.0/8 is a summary, 00:10:09, Null0这一条路由没有配置,是自动生成的,作用是防止路由环路
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/30 is directly connected, Serial1/1
D 10.0.0.0/8 is a summary, 00:10:09, Null0
11.0.0.0/32 is subnetted, 1 subnets
D 11.11.11.11 [90/2297856] via 10.1.1.1, 00:01:58, Serial1/1
S* 0.0.0.0/0 [1/0] via 20.1.1.1
7.看一下R2可不可以访问R3
R2#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/40/64 ms
显然可以
然后在看一下R1可不可以访问R3呢?
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
显然不可以
8.采用第一种方法静态路由重分布实现内网和外网可以互达
9.现在在R2上配置静态路由重分布
R2(config)#router eigrp 100
R2(config-router)#re
R2(config-router)#redistribute s
R2(config-router)#redistribute static
10.在查看一下R1的路由表
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.1.1.2 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.12.0/24 is directly connected, Loopback4
D 172.16.8.0/21 is a summary, 00:07:28, Null0
C 172.16.10.0/24 is directly connected, Loopback2
C 172.16.11.0/24 is directly connected, Loopback3
D 22.0.0.0/8 [90/2297856] via 10.1.1.2, 00:09:19, Serial1/0
10.0.0.0/22 is subnetted, 1 subnets
C 10.1.0.0 is directly connected, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
C 11.11.11.11 is directly connected, Loopback1
D*EX 0.0.0.0/0 [170/2681856] via 10.1.1.2, 00:01:24, Serial1/0
11.测试R1是否可以访问R3
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/105/172 ms
显然可以
12.现在我们删除重分布,采用第二种方法实现R1访问外网,就是在R1上配置一条默认路由指向R2
R2(config)#router eigrp 100
R2(config-router)#no redistribute static
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
13.显然删除了重分布R1不可以访问R3了
再在R1上配置一条默认路由指向R2
R1(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.2
R1(config)#^Z
R1#
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 88/116/164 ms
显然配置了一条默认路由,R1就可以和外网R3互通了从上面的配置,可以总结得出要解决外部网络无法访问的问题就需要给内部路由器配置默认路由指向出口路由器R2。但试想一下,如果内部路由器数量非常多的情况下,岂不是要一个个路由器地去配置一条默认路由?明显这样是很不现实的。
14..现在我们删除R1的默认路由,并且使用第三种方法ip default-network的方法实现R1访问外网
R1(config)#no ip route 0.0.0.0 0.0.0.0 10.1.1.2
R1(config)#do ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
.....
显然删除了默认路由,R1就不可以和R3通信了
15.现在用第三种ip default-network的方法实现R1访问外网
R2(config)#router eigrp 100
R2(config-router)#net
R2(config-router)#network 20.0.0.0
R2(config-router)#ex
R2(config)#ip de
R2(config)#ip default-ne
R2(config)#ip default-network 20.0.0.0
现在查看一下R1的路由表
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.1.1.2 to network 20.0.0.0
D* 20.0.0.0/8 [90/2681856] via 10.1.1.2, 00:01:02, Serial1/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.12.0/24 is directly connected, Loopback4
D 172.16.8.0/21 is a summary, 00:26:26, Null0
C 172.16.10.0/24 is directly connected, Loopback2
C 172.16.11.0/24 is directly connected, Loopback3
D 22.0.0.0/8 [90/2297856] via 10.1.1.2, 00:28:17, Serial1/0
10.0.0.0/22 is subnetted, 1 subnets
C 10.1.0.0 is directly connected, Serial1/0
11.0.0.0/32 is subnetted, 1 subnets
C 11.11.11.11 is directly connected, Loopback1
看一下R1可不可以访问R3
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/119/164 ms
呵呵,可以啦
16.现在就差最后一种方法啦!现在用第四种方法,我们先把R2上的ip default-network配置删除了,最后进行在EIGRP上宣告net 0.0.0.0实现R1访问R3,
R2(config)#router eigrp 100
R2(config-router)#net
R2(config-router)#network 20.0.0.0
R2(config-router)#ex
R2(config)#ip de
R2(config)#ip default-ne
R2(config)#ip default-network 20.0.0.0
R2(config)#no ip de
R2(config)#no ip default-n
R2(config)#no ip default-network 20.0.0.0
R2(config)#
R2(config)#router eigrp 100
R2(config-router)#no network 20.0.0.0
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
删除配置后,显然R1不可以与R3通信了,现在进行最后一这噢乖方法的配置
R2(config)#router eigrp 100
R2(config-router)#net
R2(config-router)#network 0.0.0.0
R2(config-router)#ex
在测试R1与R3的连通性
R1#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 136/164/184 ms
可以看出R1可以ping通R3了
写到这里已经用了四种方法实现了在EIGRP和默认路由中实现内网访问外网的四种方法了,呵呵,这是我第一次写的技术文章,里面肯定有很多的不足,希望大家可以帮我指出。
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2013-4-23 09:18:35
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡