Router Configuration
发布时间:2019-07-04 10:05:31编辑:auto阅读(1286)
配置RIP被动接口
Target:
配置RIP被动接口用来过滤路由的条目,增强网络的安全性。
实验原理:
使用被动接口,禁止在连接ISP路由器的接口上发送RIP更新。
实验拓扑图:
Step:
步骤1 在路由器上配置IP路由选择和IP地址。
RA#config t
RA(config)# interface FastEthernet 0/0
RA(config-if)#ip address 172.16.1.5 255.255.255.252
RA(config)#interface FastEthernet 0/1
RA(config-if)#ip address 172.16.1.1 255.255.255.252
RA(config)#interface Loopback 0
RA(config-if)#ip address 172.16.3.1 255.255.255.0
RB(config)#interface FastEthernet 0/0
RB(config-if)#ip address 172.16.1.9 255.255.255.252
RB(config)#interface FastEthernet 0/1
RB(config-if)#ip address 172.16.1.2 255.255.255.252
RB(config)#interface Loopback 0
RB(config-if)#ip address 172.16.2.1 255.255.255.0
RC(config)# interface FastEthernet 0/0
RC(config-if)#ip address 172.16.1.10 255.255.255.252
RC(config)# interface FastEthernet 0/1
RC(config-if)#ip address 172.16.1.6 255.255.255.252
RC(config)#interface Loopback 0
RC(config-if)#ip address 210.10.1.1 255.255.255.0
步骤2 配置RIP。
RA(config)# router rip
RA(config-router)# version 2
RA(config-router)#network 172.16.0.0
RA(config-router)#no auto-summary
RB(config)# router rip
RB(config-router)#version 2
RB(config-router)#network 172.16.0.0
RB(config-router)#no auto-summary
步骤3 配置被动接口。
RA(config)# router rip
RA(config-router)# passive-interface FastEthernet 0/0
RB(config)# router rip
RB(config-router)# passive-interface FastEthernet 0/0
步骤4 验证测试。
用debug ip rip packet send来测试RIP更新。
下面显示的是完成“步骤2”时的测试,这时可以从Fa0/0接口上发送会发现RIP的更新,这样对于安全和带宽都有影响。
RA#debug ip rip packet send
RA#Sep 7 00:15:07 RA %7: [RIP] Output timer expired to send reponse
Sep 7 00:15:07 RA %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:15:07 RA %7: [RIP] Building update entries on FastEthernet 0/0
Sep 7 00:15:07 RA %7: 172.16.1.0/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:15:07 RA %7: 172.16.1.8/30 via 0.0.0.0 metric 2 tag 0
Sep 7 00:15:07 RA %7: 172.16.2.0/24 via 0.0.0.0 metric 2 tag 0
Sep 7 00:15:07 RA %7: 172.16.3.0/24 via 0.0.0.0 metric 1 tag 0
Sep 7 00:15:07 RA %7: [RIP] Send packet to 224.0.0.9 Port 520 on FastEthernet 0/0
RB#debug ip rip packet send
Sep 7 00:21:57 RB %7: [RIP] Send packet to 224.0.0.9 Port 520 on FastEthernet 0/0
Sep 7 00:21:57 RB %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:21:57 RB %7: [RIP] Building update entries on FastEthernet 0/1
Sep 7 00:21:57 RB %7: 172.16.1.8/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:21:57 RB %7: 172.16.2.0/24 via 0.0.0.0 metric 1 tag 0
下面显示的是完成“步骤3”时的测试,这时RIP的更新只从Fa0/1接口上发送,不会从Fa0/0发送更新。
RA#debug ip rip packet send
RA#Sep 7 00:26:37 RA %7: [RIP] Output timer expired to send reponse
Sep 7 00:26:37 RA %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:26:37 RA %7: [RIP] Building update entries on FastEthernet 0/1
Sep 7 00:26:37 RA %7: 172.16.1.4/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:26:37 RA %7: 172.16.3.0/24 via 0.0.0.0 metric 1 tag 0
Sep 7 00:26:37 RA %7: [RIP] Send packet to 224.0.0.9 Port 520 on FastEthernet 0/1
Sep 7 00:26:37 RA %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:26:37 RA %7: [RIP] Building update entries on Loopback 0
Sep 7 00:26:37 RA %7: 172.16.1.0/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:26:37 RA %7: 172.16.1.4/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:26:37 RA %7: 172.16.1.8/30 via 0.0.0.0 metric 2 tag 0
Sep 7 00:26:37 RA %7: 172.16.2.0/24 via 0.0.0.0 metric 2 tag 0
Sep 7 00:26:37 RA %7: [RIP] Send packet to 224.0.0.9 Port 520 on Loopback 0
RB# debug ip rip packet send
Sep 7 00:35:57 RB %7: [RIP] Output timer expired to send reponse
Sep 7 00:35:57 RB %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:35:57 RB %7: [RIP] Building update entries on FastEthernet 0/1
Sep 7 00:35:57 RB %7: 172.16.1.8/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:35:57 RB %7: 172.16.2.0/24 via 0.0.0.0 metric 1 tag 0
Sep 7 00:35:57 RB %7: [RIP] Send packet to 224.0.0.9 Port 520 on FastEthernet 0/1
Sep 7 00:35:57 RB %7: [RIP] Prepare to send MULTICAST response...
Sep 7 00:35:57 RB %7: [RIP] Building update entries on Loopback 0
Sep 7 00:35:57 RB %7: 172.16.1.0/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:35:57 RB %7: 172.16.1.4/30 via 0.0.0.0 metric 2 tag 0
Sep 7 00:35:57 RB %7: 172.16.1.8/30 via 0.0.0.0 metric 1 tag 0
Sep 7 00:35:57 RB %7: 172.16.3.0/24 via 0.0.0.0 metric 2 tag 0
Sep 7 00:35:57 RB %7: [RIP] Send packet to 224.0.0.9 Port 520 on Loopback 0
【参考配置】
RA#show running-config
Building configuration...
Current configuration : 721 bytes
!
version RGNOS 10.1.00(4), Release(18443)(Tue Jul 17 20:50:30 CST 2007 -ubu1server)
hostname RA
!
enable secret 5 $1$db44$8x67vy78Dz5pq1xD
!
interface FastEthernet 0/0
ip address 172.16.1.5 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet 0/1
ip address 172.16.1.1 255.255.255.252
duplex auto
speed auto
!
interface Loopback 0
ip address 172.16.3.1 255.255.255.0
!
router rip
version 2
passive-interface FastEthernet 0/0
network 172.16.0.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 FastEthernet 0/0
!
line con 0
line aux 0
line vty 0 4
login
!
end
RB#show running-config
Building configuration...
Current configuration : 721 bytes
!
version RGNOS 10.1.00(4), Release(18443)(Tue Jul 17 20:50:30 CST 2007 -ubu1server)
hostname RB
!
enable secret 5 $1$db44$8x67vy78Dz5pq1xD
!
interface FastEthernet 0/0
ip address 172.16.1.9 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet 0/1
ip address 172.16.1.2 255.255.255.252
duplex auto
speed auto
!
interface Loopback 0
ip address 172.16.2.1 255.255.255.0
!
router rip
version 2
passive-interface FastEthernet 0/0
network 172.16.0.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 FastEthernet 0/0
!
line con 0
line aux 0
line vty 0 4
login
!
end
RC#show running-config
Building configuration...
Current configuration : 682 bytes
!
version RGNOS 10.1.00(4), Release(18443)(Tue Jul 17 20:50:30 CST 2007 -ubu1server)
hostname RC
!
enable secret 5 $1$db44$8x67vy78Dz5pq1xD
!
interface FastEthernet 0/0
ip address 172.16.1.10 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet 0/1
ip address 172.16.1.6 255.255.255.252
duplex auto
speed auto
!
interface Loopback 0
ip address 210.10.1.1 255.255.255.0
!
ip route 172.16.2.0 255.255.255.0 FastEthernet 0/0
ip route 172.16.3.0 255.255.255.0 FastEthernet 0/1
!
line con 0
line aux 0
line vty 0 4
login
!
end
上一篇: windows __asm int 3;
下一篇: au3实现文件对比
- openvpn linux客户端使用
46464
- H3C基本命令大全
44349
- openvpn windows客户端使用
35802
- H3C IRF原理及 配置
33358
- Python exit()函数
28058
- openvpn mac客户端使用
24624
- python全系列官方中文文档
23551
- 1.常用turtle功能函数
18763
- python 获取网卡实时流量
18019
- python 获取Linux和Windows硬件信息
16705
- python3-scipy-ndimage平滑
4526°
- python3-scikit-image平滑去噪
5086°
- python3-PIL非线性噪声平滑
4618°
- python3-Scipy-ndimage进行盒核与高斯核平滑比较
4757°
- python3-PIL高斯模糊滤波器平滑
5422°
- python3-PIL基于盒模糊核均值化平滑
4383°
- python3-PIL线性噪声平滑
4435°
- python3-scikit-image直方图匹配
4980°
- python3-scikit-image对比拉伸和直方图均衡化
4875°
- python3-PIL二值化
6126°
- 姓名:Run
- 职业:谜
- 邮箱:383697894@qq.com
- 定位:上海 · 松江
