久久亚洲AV午夜福利精品一区二...,越猛烈欧美动态图,欧美一级在线全免费,亚洲欧洲日产久久av影片

日志樣式

RIPV2認證和觸發(fā)更新

RIPV2的認證分為明文(text)和MD5兩種,當然一種是不加密,一種是加密的,RIPV2默認是明文,不加密的。
實(shí)驗目的:掌握RIPV2明文和MD5的配置規則
RIPV2的觸發(fā)更新
 
拓撲:
 
拓撲和前面的幾個(gè)實(shí)驗是一樣的,這其中各個(gè)路由的基本配置,ip ,和RIPV2 配置都在實(shí)驗3中具體配置過(guò),故不在重復配置!好,下面我們開(kāi)始實(shí)驗:
R1:
1#co
*Nov 8 19:54:36.310: %SYS-5-CONFIG_I: Configured from console by console
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#key chain test \\配置鑰匙鏈
R1(config-keychain)#key 1 \\配置 KEY ID
R1(config-keychain-key)#key-string ccna \\配置KEY 的密匙
R1(config-keychain-key)#^Z
R1#
*Nov 8 19:55:06.678: %SYS-5-CONFIG_I: Configured from console by console
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s1/1
R1(config-if)#ip rip auth mode text \\啟動(dòng)明文認證(默認)可以不配置
R1(config-if)#ip rip auth key-chain test \\在接口上調用鑰匙鏈
R1(config-if)#ip rip trig \\在接口上啟用觸發(fā)更新
R1(config-if)#^Z
R1#
*Nov 8 19:55:50.998: %SYS-5-CONFIG_I: Configured from console by console
R1#
 
配置R2之前我們看下R2現在的路由表:
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.0.0/24 is directly connected, Serial1/0
C 192.168.1.0/24 is directly connected, Serial1/1
R 192.168.2.0/24 [120/1] via 192.168.1.2, 00:00:42, Serial1/1
 
看到R2現在的路由表中沒(méi)有R1的信息,知道什么原因嗎?ok !原因就是R1上采用了明文認證,而R2上沒(méi)有啟用,(說(shuō)明下有的人問(wèn)為什么看不到R3 和R4 在這里為了給大家看清楚我把R3 R4 先停下等會(huì )開(kāi)啟,但對實(shí)驗是沒(méi)有影響的)下面我們在R2上用認證:
R2:
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#key chain test
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string ccna
R2(config-keychain-key)#^Z
R2#
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int s1/0
R2(config-if)#ip rip auth key-chain test
R2(config-if)#ip rip trig
 
這時(shí)我們查看下R2的路由表:

R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
R 1.1.1.0 [120/1] via 192.168.0.1, 00:00:08, Serial1/0
C 192.168.0.0/24 is directly connected, Serial1/0
C 192.168.1.0/24 is directly connected, Serial1/1
R 192.168.2.0/24 [120/1] via 192.168.1.2, 00:01:47, Serial1/1
 
輸出結果我們可以看到R2上的認證和R1是匹配的,因此R2路由中學(xué)習到了R1的路由信息。
 
分別配置R3 R4:
R3:
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#key chain test
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string ccna
R3(config-keychain-key)#^Z
R3#
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int s1/1
R3(config-if)#ip rip auth key-chain test
R3(config-if)#ip rip trig
R3(config)#int s1/0
R3(config-if)#ip rip auth key-chain test
R3(config-if)#ip rip trig
R3(config-if)#
=========================
R4:
R4#conf t
R4(config)#key chain
R4(config)#key chain test
R4(config-keychain)#key 1
R4(config-keychain-key)#key-string ccna
R4(config-keychain-key)#^Z
R4#conf t
R4(config)#int s1/0
R4(config-if)#ip rip auth key-chain test
R4(config-if)#^Z
 
ok!四個(gè)路由都配置好了!下面我們來(lái)調試!
查看R3的路由表:
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
R 1.1.1.0 [120/2] via 192.168.1.1, 01:09:15, Serial1/0
2.0.0.0/21 is subnetted, 1 subnets
R 2.2.0.0 [120/1] via 192.168.2.2, 00:00:13, Serial1/1
R 192.168.0.0/24 [120/1] via 192.168.1.1, 01:09:15, Serial1/0
C 192.168.1.0/24 is directly connected, Serial1/0
C 192.168.2.0/24 is directly connected, Serial1/1
R3#
查看R3上的ip路由協(xié)議配置和統計信息:
 
R3#show protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is administratively down, line protocol is down
Serial1/0 is up, line protocol is up
Internet address is 192.168.1.2/24
Serial1/1 is up, line protocol is up
Internet address is 192.168.2.1/24
Serial1/2 is administratively down, line protocol is down
Serial1/3 is administratively down, line protocol is down
R3#show ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 20 seconds
Invalid after 180 seconds, hold down 0, flushed after 240 \\觸發(fā)更新hold down 自動(dòng)為0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
Serial1/0 2 2 Yes test
Serial1/1 2 2 Yes test //說(shuō)明啟用了s1/0 s1/1啟用了認證和觸發(fā)更新
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
192.168.1.0
192.168.2.0
Routing Information Sources:
Gateway Distance Last Update
192.168.2.2 120 00:00:06
192.168.1.1 120 01:11:29
Distance: (default is 120)
R3#
 
使用‘debug ip rip“ 命令查看路由更新過(guò)程:
 
R3:
R3#debug ip rip
R3#clear ip route *
R3#
*Nov 8 22:46:35.641: RIP: sending triggered request on Serial1/0 to 224.0.0.9
*Nov 8 22:46:35.645: RIP: sending triggered request on Serial1/0 to 224.0.0.9
*Nov 8 22:46:35.649: RIP: sending triggered request on Serial1/1 to 224.0.0.9
*Nov 8 22:46:35.649: RIP: sending triggered request on Serial1/1 to 224.0.0.9
*Nov 8 22:46:35.657: RIP: sending triggered request on Serial1/0 to 224.0.0.9
*Nov 8 22:46:35.661: RIP: sending triggered request on Serial1/1 to 224.0.0.9
*Nov 8 22:46:35.665: RIP: send v2 triggered flush update to 192.168.1.1 on Serial1/0 with no route
*Nov 8 22:46:35.665: RIP: start retransmit timer of 192.168.1.1
*Nov 8 22:46:35.669: RIP: send v2 triggered flush update to 192.168.2.2 on Serial1/1 with no route
*Nov 8 22:46:35.673: RIP: start retransmit timer of 192.168.2.2
*Nov 8 22:46:35.673: RIP: received packet with text authentication ccna
*Nov 8 22:46:35.673: RIP: received v2 triggered update from 192.168.1.1 on Serial1/0
*Nov 8 22:46:35.673:
R3#RIP: sending v2 ack to 192.168.1.1 via Serial1/0 (192.168.1.2),
flush, seq# 4
*Nov 8 22:46:35.673: 192.168.0.0/24 via 0.0.0.0 in 1 hops
*Nov 8 22:46:35.673: 1.1.1.0/24 via 0.0.0.0 in 2 hops
*Nov 8 22:46:35.673: RIP: received packet with text authentication ccna
*Nov 8 22:46:35.673: RIP: received v2 triggered update from 192.168.2.2 on Serial1/1
*Nov 8 22:46:35.673: RIP: sending v2 ack to 192.168.2.2 via Serial1/1 (192.168.2.1),
flush, seq# 3
*Nov 8 22:46:35.677: 2.2.0.0/21 via 0.0.0.0 in 1 hops
*Nov 8 22:46:35.681: RIP: received packet with text authentication ccna
*Nov 8 22:46:35.681: RIP: received v2 triggered update from 192.168.1.1 on Serial1/0
*Nov 8 22:46:35.681: RIP: sending v2 ack to 192.168.1.1 via Serial1/0 (192.168.1.2),
flush, seq# 5
*Nov 8 22:46:35.681: 192.168.0.0/24 via 0.0.0.0 in 1 hops
*Nov 8 22:46:35.681: 1.1.1.0/24 via 0.0.0.0 in 2 hops
*Nov 8 22:46:35.681: RIP: received packet with text authenticati
R3#on ccna
*Nov 8 22:46:35.681: RIP: received v2 triggered update from 192.168.2.2 on Serial1/1
*Nov 8 22:46:35.681: RIP: sending v2 ack to 192.168.2.2 via Serial1/1 (192.168.2.1),
flush, seq# 4
呵呵!看到?jīng)]我們"debug ip rip“,后面加了個(gè)命令“clear ip route *”清除路由表.注意這是一個(gè)事件,按道理路由會(huì )每30秒更新一次,但我們這里采用了觸發(fā)更新,并有個(gè)清除路由表事件,因此當“clear ip route *”命令執行后路由馬上更新,不信可以試下哦!速度還很快的!同時(shí)在看路由更新過(guò)程中帶有“triggered” “text authentication” 字樣,證明接口s1/0 s1/1 啟用了觸發(fā)更新和明文認證。
 
我們再來(lái)查看下RIP的數據庫:

R3#show ip rip database
1.0.0.0/8 auto-summary
1.1.1.0/24
[2] via 192.168.1.1, 00:12:41 (permanent), Serial1/0
* Triggered Routes:
- [2] via 192.168.1.1, Serial1/0
2.0.0.0/8 auto-summary
2.2.0.0/21
[1] via 192.168.2.2, 00:12:41 (permanent), Serial1/1
* Triggered Routes:
- [1] via 192.168.2.2, Serial1/1
192.168.0.0/24 auto-summary
192.168.0.0/24
[1] via 192.168.1.1, 00:12:41 (permanent), Serial1/0
* Triggered Routes:
- [1] via 192.168.1.1, Serial1/0
192.168.1.0/24 auto-summary
192.168.1.0/24 directly connected, Serial1/0
192.168.2.0/24 auto-summary
192.168.2.0/24 directly connected, Serial1/1
R3#
 
怎么樣看到?jīng)]!再次驗證了s1/1 s1/0 啟用了觸發(fā)更新.
這時(shí)我們來(lái)看下他的hold down 時(shí)間:
 
R3#show run | begin router rip
router rip
version 2
timers basic 30 180 0 240 \\由于是觸發(fā)更新,因此在配置中自動(dòng)加入了這行,且定義"hold down " 時(shí)間我0.
network 192.168.1.0
network 192.168.2.0
no auto-summary
!
ip classless
no ip http server
 
===================================
關(guān)于md5 認證試驗這里我就不做了,因為只需要在接口認證模式下定義為MD5(將text改為MD5)就ok 了!其他的都是一樣的!大家可以自己去試驗下哦!
 
好了試驗到這結束!歡迎大家指出不足處!謝謝!

荥阳市| 浦县| 额尔古纳市| 金溪县| 温州市| 三都| 五莲县| 公主岭市| 无极县| 台中市| 百色市| 天全县| 衢州市| 竹溪县| 乐东| 弋阳县| 颍上县| 赞皇县| 北安市| 枞阳县| 隆化县| 金秀| 循化| 开远市| 商丘市| 吉安市| 准格尔旗| 资源县| 昌图县| 房山区| 全州县| 黄石市| 阆中市| 高密市| 车险| 清流县| 汾西县| 三门县| 栖霞市| 沅江市| 肇庆市|