EIGRP 综合实验
{Back to Index}
Table of Contents
1 实验拓扑
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 1.1.123.1 255.255.255.224 no sh exit int lo0 ip address 10.10.1.1 255.255.255.0 ! end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 1.1.123.2 255.255.255.224 no sh ! int s1/0 ip address 1.1.24.2 255.255.255.248 no sh ! int lo0 ip add 10.10.2.2 255.255.255.0 ! end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 10.10.3.3 255.255.255.0 ! int e0/0 ip address 1.1.123.3 255.255.255.224 no sh int s1/0 ip address 1.1.34.3 255.255.255.248 no sh ! end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 10.10.4.4 255.255.255.0 ! int s1/0 ip address 1.1.24.4 255.255.255.248 no sh int s1/2 ip address 1.1.34.4 255.255.255.248 no sh int s1/1 ip add 1.1.45.4 255.255.255.0 encapsulation ppp no peer neighbor-route ! no /32 route in route table and there is /24 instead no sh ! end ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 10.10.5.5 255.255.255.0 ! int s1/1 ip address 1.1.45.5 255.255.255.0 encapsulation ppp no peer neighbor-route no sh ! end
2 RIPv2 配置
2.1 宣告网络
1. R1 R2 R3 运行 RIP Version 2,并把 loopback0 接口和直连以太网段宣告进 RIP 中
=== R1/R2/R3 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 !
2.2 secondary address 重分布直连
在 R1 上,用最小的命令行,增加八个 interface 地址,地址为: 100.1.1.1/24 - 100.1.8.1/24,这八个地址在 R1 的 RIP 数据库中是作为外部路由出现
day0 配置
=== R1 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! === R3 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 !
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! router rip redistribute connected !
2.3 route-map 重分布时调整 metric
只在 R1 做配置,并使用最小的命令行,使 R3 上可以看到的这八个网段的七个, 看不到 100.1.8.0/24 这条路由, 且奇数路由的 metric 为 5, 偶数路由的 metric 为 7,不允许用 Offset-list
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! === R3 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 !
=== R1 ===
ip access-list standard even
permit 100.1.0.0 0.0.6.0
ip access-list standard odd
permit 100.1.1.0 0.0.6.0
ip access-list standard net.100.1.8
permit 100.1.8.0
!
route-map RM_ADJUST_METRIC permit 10
match ip address odd
set metric 5
route-map RM_ADJUST_METRIC permit 20
match ip address even
set metric 7
route-map RM_ADJUST_METRIC permit 30
match ip address net.100.1.8
set metric 16 ! let 100.1.8.0 show in rip database but can not be seen in route table
route-map RM_ADJUST_METRIC permit 40
!
router rip
redistribute connected route-map RM_ADJUST_METRIC
!
注意 ,好像现在 metri 为 16 的 RIP 路由,不再出现在 database 中了。
R3 路由表
R3#sh ip rou
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
R 1.1.24.0/29 [120/1] via 1.1.123.2, 00:00:02, Ethernet0/0
C 1.1.34.0/29 is directly connected, Serial1/0
L 1.1.34.3/32 is directly connected, Serial1/0
C 1.1.123.0/27 is directly connected, Ethernet0/0
L 1.1.123.3/32 is directly connected, Ethernet0/0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
R 10.10.1.0/24 [120/1] via 1.1.123.1, 00:00:23, Ethernet0/0
R 10.10.2.0/24 [120/1] via 1.1.123.2, 00:00:02, Ethernet0/0
C 10.10.3.0/24 is directly connected, Loopback0
L 10.10.3.3/32 is directly connected, Loopback0
100.0.0.0/24 is subnetted, 7 subnets
R 100.1.1.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.2.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.3.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.4.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.5.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.6.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.7.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
2.4 单播更新(passive-interface&neighbor)/关闭水平分割/出方向distribute-list
不可以在 R2 做任何配置,使 R2 看不到 100 网段的 7 条路由, 但可以看到 R1 和 R3 的 loopback 路由,不能通过 Version 1, 2 来解决此问题
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! redistribute connected redistribute connected route-map RM_ADJUST_METRIC ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! === R3 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 !
=== R1 === router rip passive-interface default ! do not send broadcast update neighbor 1.1.123.3 ! send update to R3 only === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! router rip distribute-list 1 out e0/0 !
验证:R2 路由表
R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 1.1.24.0/29 is directly connected, Serial1/0
L 1.1.24.2/32 is directly connected, Serial1/0
R 1.1.34.0/29 [120/1] via 1.1.123.3, 00:00:01, Ethernet0/0
C 1.1.123.0/27 is directly connected, Ethernet0/0
L 1.1.123.2/32 is directly connected, Ethernet0/0
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
R 10.10.1.0/24 [120/2] via 1.1.123.1, 00:00:01, Ethernet0/0
C 10.10.2.0/24 is directly connected, Loopback0
L 10.10.2.2/32 is directly connected, Loopback0
R 10.10.3.0/24 [120/1] via 1.1.123.3, 00:00:01, Ethernet0/0
3 EIGRP 100 配置
3.1 宣告网络
在 R2 R3 R4 的链路运行 EIGRP 100,将 R4 的 loopback0 接口宣告到 EIGRP 100。 在 R4 上,show ip eigrp neighbors,可以看到两个邻接关系。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC passive-interface default neighbor 1.1.123.3 ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 !
==== R2 ===== router eigrp 100 network 1.1.24.2 0.0.0.0 ! ==== R3 ===== router eigrp 100 network 1.1.34.3 0.0.0.0 ! ==== R4 ===== router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 !
3.2 prefix 结合 distribute-list 过滤入方向路由
假设 R4 的 F0/0 口的地址为:150.1.1.1/24,使 R4 与 BB2 建立 EIGRP 邻接关系, 此时 R4 会收到很多从 BB2 传递过来的路由,包括:A、B、C 类。 用最小的 Prefix-list 命令,只允许 B 类路由进入 R4。
=== R4 ===
ip prefix-list list1 permit 128.0.0.0/2 le 32
router eigrp 100
network 150.1.1.1 0.0.0.0
distribute-list prefix list1 in e0/0
3.3 双向重分布与基于协议的 distribute-list 过滤
在 R2 和 R3 上做 RIP 与 EIGRP 的双向重分布。使 R4 上看不到 100.0.0.0 网段的任何路由。 此解决方案不能 用 Route-map,不能用基于接口的过滤,也不能通过 metric 的方法。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC passive-interface default neighbor 1.1.123.3 ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 ! router eigrp 100 network 1.1.24.2 0.0.0.0 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 ! router eigrp 100 network 1.1.34.3 0.0.0.0 ! ==== R4 ===== router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 !
=== R2 === router rip redistribute eigrp 100 metric 1 ! router eigrp 100 redistribute rip metric 10000 100 255 1 1500 !
分发列表通常指定接口用于过滤, 但是 out 方向也可以指定协议 ,通常和重发布呼应起来。
因为 R2 看不到 100.0.0.0 的路由,所以只在 R3 上做过滤即可:
=== R3 ===
router rip
redistribute eigrp 100 metric 1
!
access-list 1 deny 100.1.0.0 0.0.7.0
access-list 1 permit any
!
router eigrp 100
redistribute rip metric 10000 100 255 1 1500
distribute-list 1 out rip ! base on protocol which is redistributed
!
过滤前 R4 上的路由
R4#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
C 1.1.24.0/29 is directly connected, Serial1/0
L 1.1.24.4/32 is directly connected, Serial1/0
C 1.1.34.0/29 is directly connected, Serial1/2
L 1.1.34.4/32 is directly connected, Serial1/2
C 1.1.45.0/24 is directly connected, Serial1/1
L 1.1.45.4/32 is directly connected, Serial1/1
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:00:17, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:17, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:00:17, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:17, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:00:17, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:17, Serial1/0
D EX 10.10.3.0/24 [170/2195456] via 1.1.34.3, 00:00:17, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:17, Serial1/0
C 10.10.4.0/24 is directly connected, Loopback0
L 10.10.4.4/32 is directly connected, Loopback0
100.0.0.0/24 is subnetted, 7 subnets
D EX 100.1.1.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.2.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.3.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.4.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.5.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.6.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
D EX 100.1.7.0 [170/2195456] via 1.1.34.3, 00:00:15, Serial1/2
过滤后 R4 上的路由
R4#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
C 1.1.24.0/29 is directly connected, Serial1/0
L 1.1.24.4/32 is directly connected, Serial1/0
C 1.1.34.0/29 is directly connected, Serial1/2
L 1.1.34.4/32 is directly connected, Serial1/2
C 1.1.45.0/24 is directly connected, Serial1/1
L 1.1.45.4/32 is directly connected, Serial1/1
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:01:29, Serial1/2
[170/2195456] via 1.1.24.2, 00:01:29, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:01:29, Serial1/2
[170/2195456] via 1.1.24.2, 00:01:29, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:01:29, Serial1/2
[170/2195456] via 1.1.24.2, 00:01:29, Serial1/0
D EX 10.10.3.0/24 [170/2195456] via 1.1.34.3, 00:01:29, Serial1/2
[170/2195456] via 1.1.24.2, 00:01:29, Serial1/0
C 10.10.4.0/24 is directly connected, Loopback0
L 10.10.4.4/32 is directly connected, Loopback0
3.4 调整 Hello/Hold Time
使 R2 R3 R4 之间的 EIGRP Hello=2s,HOLD Time=10s。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC passive-interface default neighbor 1.1.123.3 ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 distribute-list 1 out rip ! base on protocol which is redistributed ! ==== R4 ===== router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 !
=== R2 === int s1/0 ip hello-interval eigrp 100 2 ip hold-time eigrp 100 10 ! === R3 === int s1/0 ip hello-interval eigrp 100 2 ip hold-time eigrp 100 10 ! === R4 === int s1/0 ip hello-interval eigrp 100 2 ip hold-time eigrp 100 10 ! int s1/2 ip hello-interval eigrp 100 2 ip hold-time eigrp 100 10 !
3.5 认证
R2 R3 R4 之间的 EIGRP 开启认证
R2/R3
key chain KChain key 1 key-string cisco ! ! int s1/0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 KChain !
R4
key chain KChain key 1 key-string cisco ! ! int s1/0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 KChain int s1/2 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 KChain !
3.6 对同一网段多次汇总/使用 prefix-list 过滤路由
在 R2 上,增加一个 loopback1,其 IP 地址为:161.1.1.1/24,宣告进入 EIGRP, 这时 R4 上应只可以看到161网段的三条路由: 161.1.0.0/16,161.1.0.0/18,161.1.0.0/20 三条路由。 而在 R1 上只能看到 161.1.1.0/24 的路由, 在 R1 上做相应的配置,不能用 Route-map,可以使用基于接口的过滤。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC passive-interface default neighbor 1.1.123.3 ! === R2 === router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 distribute-list 1 out rip ! base on protocol which is redistributed ! ==== R4 ===== router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 !
=== R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! router eigrp 100 network 161.1.1.1 0.0.0.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 !
R2 汇总后 R3 上的路由表
R3#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
D 1.1.24.0/29 [90/2681856] via 1.1.34.4, 08:59:20, Serial1/0
C 1.1.34.0/29 is directly connected, Serial1/0
L 1.1.34.3/32 is directly connected, Serial1/0
C 1.1.123.0/27 is directly connected, Ethernet0/0
L 1.1.123.3/32 is directly connected, Ethernet0/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
R 10.10.1.0/24 [120/1] via 1.1.123.1, 00:00:23, Ethernet0/0
R 10.10.2.0/24 [120/1] via 1.1.123.2, 00:00:11, Ethernet0/0
C 10.10.3.0/24 is directly connected, Loopback0
L 10.10.3.3/32 is directly connected, Loopback0
D 10.10.4.0/24 [90/2297856] via 1.1.34.4, 08:59:20, Serial1/0
100.0.0.0/24 is subnetted, 7 subnets
R 100.1.1.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.2.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.3.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.4.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.5.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.6.0 [120/7] via 1.1.123.1, 00:00:23, Ethernet0/0
R 100.1.7.0 [120/5] via 1.1.123.1, 00:00:23, Ethernet0/0
161.1.0.0/16 is variably subnetted, 4 subnets, 4 masks
D 161.1.0.0/16 [90/2809856] via 1.1.34.4, 00:02:30, Serial1/0
D 161.1.0.0/18 [90/2809856] via 1.1.34.4, 00:02:30, Serial1/0
D 161.1.0.0/20 [90/2809856] via 1.1.34.4, 00:02:30, Serial1/0
R 161.1.1.0/24 [120/1] via 1.1.123.2, 00:00:11, Ethernet0/0
R3#
R2 汇总后 R4 上的路由表
R4#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:02:45, Serial1/2
[170/2195456] via 1.1.24.2, 00:02:45, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:02:45, Serial1/2
[170/2195456] via 1.1.24.2, 00:02:45, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:02:45, Serial1/2
[170/2195456] via 1.1.24.2, 00:02:45, Serial1/0
D EX 10.10.3.0/24 [170/2195456] via 1.1.34.3, 00:02:45, Serial1/2
[170/2195456] via 1.1.24.2, 00:02:45, Serial1/0
161.1.0.0/16 is variably subnetted, 4 subnets, 4 masks
D 161.1.0.0/16 [90/2297856] via 1.1.24.2, 00:02:45, Serial1/0
D 161.1.0.0/18 [90/2297856] via 1.1.24.2, 00:02:45, Serial1/0
D 161.1.0.0/20 [90/2297856] via 1.1.24.2, 00:02:45, Serial1/0
D EX 161.1.1.0/24 [170/2195456] via 1.1.34.3, 00:02:31, Serial1/2 ! 这是由于 RIP/EIGRP 双向重分布造成的
可以在 R3 做重分布时进行过滤:
=== R3 === ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! router eigrp 100 redistribute rip metric 10000 100 255 1 1500 route-map R-E !
过滤后,R4 的路由表
R4#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:00:05, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:05, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:00:05, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:05, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:00:05, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:05, Serial1/0
D EX 10.10.3.0/24 [170/2195456] via 1.1.34.3, 00:00:05, Serial1/2
[170/2195456] via 1.1.24.2, 00:00:05, Serial1/0
161.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
D 161.1.0.0/16 [90/2297856] via 1.1.24.2, 00:01:04, Serial1/0
D 161.1.0.0/18 [90/2297856] via 1.1.24.2, 00:01:04, Serial1/0
D 161.1.0.0/20 [90/2297856] via 1.1.24.2, 00:01:04, Serial1/0
为了在 R1 上只看到 161.1.1.0/24 的路由,可以使用 prefix-list 匹配路由再结合入方向的分发列表:
=== R1 === ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ! ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/16 ge 18 le 18 ! ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/16 ge 20 le 20 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip distribute-list prefix PFL_E00_IN in Ethernet0/0 !
3.7 通过修改AD/调整metric来创建等价路由
把 R3 的 loopback0 宣告进 EIGRP,使 R4 可以看到两条等价路由
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed ! ==== R4 ===== router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 !
=== R3 === router eigrp 100 network 10.10.3.3 0.0.0.0
当前 R2 上看到的这条路由
R2#sh ip ro | b 10.10.3
D 10.10.3.0/24 [90/2809856] via 1.1.24.4, 00:00:32, Serial1/0
D 10.10.4.0/24 [90/2297856] via 1.1.24.4, 00:00:32, Serial1/0
161.1.0.0/16 is variably subnetted, 5 subnets, 5 masks
D 161.1.0.0/16 is a summary, 00:00:31, Null0
D 161.1.0.0/18 is a summary, 00:00:31, Null0
D 161.1.0.0/20 is a summary, 00:00:31, Null0
C 161.1.1.0/24 is directly connected, Loopback1
L 161.1.1.1/32 is directly connected, Loopback1
当前 R2 上 RIP database
R2#sh ip rip database
1.0.0.0/8 auto-summary
1.1.24.0/29 directly connected, Serial1/0
1.1.34.0/29 redistributed
[1] via 1.1.24.4,
1.1.123.0/27 directly connected, Ethernet0/0
10.0.0.0/8 auto-summary
10.10.1.0/24
[2] via 1.1.123.1, from 1.1.123.3, 00:00:11, Ethernet0/0
10.10.2.0/24 directly connected, Loopback0
10.10.3.0/24 redistributed
[1] via 1.1.24.4,
10.10.4.0/24 redistributed
[1] via 1.1.24.4,
161.1.0.0/16 auto-summary
161.1.0.0/16 redistributed
[1] via 0.0.0.0,
161.1.0.0/18 redistributed
[1] via 0.0.0.0,
161.1.0.0/20 redistributed
[1] via 0.0.0.0,
161.1.1.0/24 redistributed
[1] via 0.0.0.0,
R2 调整下管理距离,让 RIP 路由浮现出来:
=== R2 === ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 ! router eigrp 100 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121
修改后 R2 的路由表
R2#sh ip ro | b 10.10.3
R 10.10.3.0/24 [120/1] via 1.1.123.3, 00:00:12, Ethernet0/0
D 10.10.4.0/24 [90/2297856] via 1.1.24.4, 00:00:12, Serial1/0
161.1.0.0/16 is variably subnetted, 5 subnets, 5 masks
D 161.1.0.0/16 is a summary, 00:00:12, Null0
D 161.1.0.0/18 is a summary, 00:00:12, Null0
D 161.1.0.0/20 is a summary, 00:00:12, Null0
C 161.1.1.0/24 is directly connected, Loopback1
L 161.1.1.1/32 is directly connected, Loopback1
但 R4 上目前仍无法形成等价路由,因为 AD 值不一样,R2 方向的 AD 值为 170 ,而 R3 方向的为 90 。
只能修改 R3 传来的路由(D)的 AD 值,因为 distance 无法修改 DEX 路由的 AD :
=== R4 === ip access-list standard ACL_AD_170 permit 10.10.3.0 ! router eigrp 100 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 ! make AD all the same
现在 AD 值相同了,但是 Metric 还不相同:
R4 的 Metric 值
R4#sh ip ei to
EIGRP-IPv4 Topology Table for AS(100)/ID(10.10.4.4)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 1.1.34.0/29, 1 successors, FD is 2169856
via Connected, Serial1/2
P 1.1.123.0/27, 2 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2195456/281600), Serial1/2
P 10.10.4.0/24, 1 successors, FD is 128256
via Connected, Loopback0
P 1.1.24.0/29, 1 successors, FD is 2169856
via Connected, Serial1/0
P 161.1.0.0/16, 1 successors, FD is 2297856
via 1.1.24.2 (2297856/128256), Serial1/0
P 161.1.0.0/18, 1 successors, FD is 2297856
via 1.1.24.2 (2297856/128256), Serial1/0
P 161.1.0.0/20, 1 successors, FD is 2297856
via 1.1.24.2 (2297856/128256), Serial1/0
P 10.10.2.0/24, 2 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2195456/281600), Serial1/2
P 10.10.1.0/24, 2 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2195456/281600), Serial1/2
P 10.10.3.0/24, 1 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2297856/128256), Serial1/2
在 R4 上使用 offset-list 调整 Metric :
=== R4 === ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! router eigrp 100 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 ! adjust metric
出现等价路由
R4#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:25:03, Serial1/2
[170/2195456] via 1.1.24.2, 00:25:03, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:25:03, Serial1/2
[170/2195456] via 1.1.24.2, 00:25:03, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:25:03, Serial1/2
[170/2195456] via 1.1.24.2, 00:25:03, Serial1/0
D EX 10.10.3.0/24 [170/2297856] via 1.1.34.3, 00:25:03, Serial1/2
[170/2297856] via 1.1.24.2, 00:25:03, Serial1/0
161.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
D 161.1.0.0/16 [90/2297856] via 1.1.24.2, 00:25:03, Serial1/0
D 161.1.0.0/18 [90/2297856] via 1.1.24.2, 00:25:03, Serial1/0
D 161.1.0.0/20 [90/2297856] via 1.1.24.2, 00:25:03, Serial1/0
3.8 构建可行后继
在 R3 上增加一个 loopback5,其地址为:5.5.5.5/32,同时宣告到 RIP 与 EIGRP 中。 在 R3 上做配置,使 R4 可以看到此路由,且 metric 值为: 100000000,下一跳指向 R3, 当 R3-R4 的链路断了后,R4 可以通过 R2 到达此路由,且不需要重新收敛。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed network 10.10.3.3 0.0.0.0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 10.10.3.0 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 !
先修改 R3 :
=== R3 === int lo5 ip add 5.5.5.5 255.255.255.255 ! router eigrp 100 network 5.5.5.5 0.0.0.0 ! router rip network 5.0.0.0 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! router eigrp 100 offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 !
观察 R4 路由表
R4#sh ip ro eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:08:58, Serial1/2
[170/2195456] via 1.1.24.2, 00:08:58, Serial1/0
5.0.0.0/32 is subnetted, 1 subnets
D 5.5.5.5 [90/100000000] via 1.1.34.3, 00:00:23, Serial1/2
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:08:58, Serial1/2
[170/2195456] via 1.1.24.2, 00:08:58, Serial1/0
D EX 10.10.2.0/24 [170/2195456] via 1.1.34.3, 00:08:58, Serial1/2
[170/2195456] via 1.1.24.2, 00:08:58, Serial1/0
D 10.10.3.0/24 [170/2297856] via 1.1.34.3, 00:06:28, Serial1/2
[170/2297856] via 1.1.24.2, 00:06:28, Serial1/0
161.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
D 161.1.0.0/16 [90/2297856] via 1.1.24.2, 00:09:00, Serial1/0
D 161.1.0.0/18 [90/2297856] via 1.1.24.2, 00:09:00, Serial1/0
D 161.1.0.0/20 [90/2297856] via 1.1.24.2, 00:09:00, Serial1/0
R4#
和上一节实验一样,需要在 R2 上调整 AD ,以便让 5.5.5.5 的路由可以重分布进 EIGRP :
=== R2 === ip access-list standard ACL_DISTANCE_121 permit 5.5.5.5 ! router eigrp 100 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 !
再观察 R4 的 EIGRP topo 表
R4#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(100)/ID(10.10.4.4)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 1.1.34.0/29, 1 successors, FD is 2169856
via Connected, Serial1/2
P 1.1.123.0/27, 2 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2195456/281600), Serial1/2
P 10.10.4.0/24, 1 successors, FD is 128256
via Connected, Loopback0
P 5.5.5.5/32, 1 successors, FD is 100000000
via 1.1.34.3 (100000000/97830400), Serial1/2
via 1.1.24.2 (2195456/281600), Serial1/0
3.9 通过修改接口延时以调整 metric
在 R3 上增加一个 loopback6,其地址为:6.6.6.6/32,同时宣告到 RIP 及 EIGRP。 使 R4 可以看到此路由,下一跳指向 R2,当 R2-R4 的链路断了后,R4 可以通过 R3 到达此路由,且不需要重新收敛。 请用 Distance xx 来完成此任务, 如果修改 metric 时,不能用 Offset-list,不可以影响其他路由。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 permit 5.5.5.5 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 10.10.3.0 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 !
=== R3 === int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip network 6.0.0.0 ! router eigrp 100 network 6.6.6.6 0.0.0.0 !
=== R2 === ip access-list standard ACL_DISTANCE_121 permit 6.6.6.6 ! router eigrp 100 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 !
R4 还是要调整 AD 值,不然 R2 传来的路由不会复现出来:
=== R4 === ip access-list standard ACL_AD_170 permit 6.6.6.6 ! router eigrp 100 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 !
此时已经完成要求了
R4#sh ip eigrp to
EIGRP-IPv4 Topology Table for AS(100)/ID(10.10.4.4)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 1.1.34.0/29, 1 successors, FD is 2169856
via Connected, Serial1/2
P 1.1.123.0/27, 2 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2195456/281600), Serial1/2
P 10.10.4.0/24, 1 successors, FD is 128256
via Connected, Loopback0
P 5.5.5.5/32, 1 successors, FD is 100000000
via 1.1.34.3 (100000000/97830400), Serial1/2
P 1.1.24.0/29, 1 successors, FD is 2169856
via Connected, Serial1/0
P 6.6.6.6/32, 1 successors, FD is 2195456
via 1.1.24.2 (2195456/281600), Serial1/0
via 1.1.34.3 (2297856/128256), Serial1/2
P 161.1.0.0/16, 1 successors, FD is 2297856
via 1.1.24.2 (2297856/128256), Serial1/0
...
如果 metric 不满足要求需要调整,可以在 R4 上修改接口延时:
int s1/0 delay 100 ! adjust metric !
3.10 安装非等价路径与选择metric最小的路径
针对上题,如果需要安装两条非等价路由该如何做, 如果要求数据包只使用metric小的那条路由,该如何做? 不需要考虑 ROUTE-CACHE,CEF 等。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 permit 5.5.5.5 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 network 6.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 network 6.6.6.6 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 10.10.3.0 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 !
当前 R4 的路由表
R4#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks
C 1.1.24.0/29 is directly connected, Serial1/0
L 1.1.24.4/32 is directly connected, Serial1/0
C 1.1.34.0/29 is directly connected, Serial1/2
L 1.1.34.4/32 is directly connected, Serial1/2
C 1.1.45.0/24 is directly connected, Serial1/1
L 1.1.45.4/32 is directly connected, Serial1/1
D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:09:47, Serial1/2
[170/2195456] via 1.1.24.2, 00:09:47, Serial1/0
5.0.0.0/32 is subnetted, 1 subnets
D 5.5.5.5 [90/100000000] via 1.1.34.3, 00:09:49, Serial1/2
6.0.0.0/32 is subnetted, 1 subnets
D EX 6.6.6.6 [170/2195456] via 1.1.24.2, 00:09:47, Serial1/0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX 10.10.1.0/24 [170/2195456] via 1.1.34.3, 00:09:47, Serial1/2
[170/2195456] via 1.1.24.2, 00:09:47, Serial1/0
...
修改 variance 值:
=== R4 === router eigrp 100 variance 2 !
再看 R4 路由表
R4#sh ip ro Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 1.0.0.0/8 is variably subnetted, 7 subnets, 4 masks C 1.1.24.0/29 is directly connected, Serial1/0 L 1.1.24.4/32 is directly connected, Serial1/0 C 1.1.34.0/29 is directly connected, Serial1/2 L 1.1.34.4/32 is directly connected, Serial1/2 C 1.1.45.0/24 is directly connected, Serial1/1 L 1.1.45.4/32 is directly connected, Serial1/1 D EX 1.1.123.0/27 [170/2195456] via 1.1.34.3, 00:00:03, Serial1/2 [170/2195456] via 1.1.24.2, 00:00:03, Serial1/0 5.0.0.0/32 is subnetted, 1 subnets D 5.5.5.5 [90/100000000] via 1.1.34.3, 00:00:03, Serial1/2 6.0.0.0/32 is subnetted, 1 subnets D 6.6.6.6 [170/2297856] via 1.1.34.3, 00:00:03, Serial1/2 [170/2195456] via 1.1.24.2, 00:00:03, Serial1/0 ... R4#sh ip ro 6.6.6.6 Routing entry for 6.6.6.6/32 Known via "eigrp 100", distance 170, metric 2195456, type internal Redistributing via eigrp 100 Last update from 1.1.34.3 on Serial1/2, 00:00:29 ago Routing Descriptor Blocks: 1.1.34.3, from 1.1.34.3, 00:00:29 ago, via Serial1/2 Route metric is 2297856, traffic share count is 229 Total delay is 25000 microseconds, minimum bandwidth is 1544 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 * 1.1.24.2, from 1.1.24.2, 00:00:29 ago, via Serial1/0 Route metric is 2195456, traffic share count is 240 Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1
选择 metric 小的路径:
=== R4 === router eigrp 100 traffic-share min across-interfaces !
再看下 R4 路由表
R4#sh ip ro 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "eigrp 100", distance 170, metric 2195456, type external
Redistributing via eigrp 100
Last update from 1.1.24.2 on Serial1/0, 00:00:03 ago
Routing Descriptor Blocks:
1.1.34.3, from 1.1.34.3, 00:00:03 ago, via Serial1/2
Route metric is 2297856, traffic share count is 0
Total delay is 25000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
* 1.1.24.2, from 1.1.24.2, 00:00:03 ago, via Serial1/0
Route metric is 2195456, traffic share count is 1
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
3.11 使用 summary-address 向指定邻居注入默认路由
R4向BB2只注入一条DefaultRoute,不可以向其他路由器注入默认路由,不要使用任何形式的过滤。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 permit 5.5.5.5 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 network 6.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 network 6.6.6.6 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 10.10.3.0 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 variance 2 traffic-share min across-interfaces !
=== R4 === int e0/0 ip summary-address eigrp 100 0.0.0.0 0.0.0.0 !
4 EIGRP 99 配置
4.1 单播邻居(需指定接口)
R4-R5 之间的 PPP 链路运行 EIGRP 99,请使用单播建立 EIGRP 邻居关系,并把 R5 的 loopback0 宣告进 EIGRP 进程
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ACL_DISTANCE_121 permit 10.10.3.0 permit 5.5.5.5 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 network 6.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 network 6.6.6.6 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 6.6.6.6 permit 10.10.3.0 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 variance 2 traffic-share min across-interfaces !
=== R4 === router eigrp 99 neighbor 1.1.45.5 s1/1 network 1.1.45.4 0.0.0.0 ! === R5 === router eigrp 99 neighbor 1.1.45.4 s1/1 network 1.1.45.5 0.0.0.0 network 10.10.5.5 0.0.0.0 !
4.2 使用 distance eigrp 修改DEX路由的AD/重分布静态默认路由/stub
在 R5 上增加一个 loopback1,其地址为:7.7.7.7/32,使其在 R4 看到是一条外部路由: 7.7.7.7/32 ( 90/xxxxx )。 R4 要向 R5 只注入一条默认路由,不能用接口下汇总,也不能用 distribute-list,不能用 route-map。 在 R4 上,把 EIGRP 100 与 EIGRP 99 做双向重分布。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 permit 5.5.5.5 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 network 6.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 network 6.6.6.6 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 6.6.6.6 permit 10.10.3.0 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 variance 2 traffic-share min across-interfaces ! router eigrp 99 neighbor 1.1.45.5 s1/1 network 1.1.45.4 0.0.0.0 ! === R5 === router eigrp 99 neighbor 1.1.45.4 s1/1 network 1.1.45.5 0.0.0.0 network 10.10.5.5 0.0.0.0 !
=== R5 === int lo7 ip add 7.7.7.7 255.255.255.255 ! route-map RM_LO7 permit 10 match interface Loopback7 ! router eigrp 99 redistribute connected route-map RM_LO7 !
使用 distance eigrp 直接调整 AD :
=== R4 === router eigrp 99 distance eigrp 90 90 !
单点双向重分布:
=== R4 === router eigrp 100 redistribute eigrp 99 ! router eigrp 99 redistribute eigrp 100 !
将 R4 设为 stub 区域,并只允许重分布 static 路由:
=== R4 === ip route 0.0.0.0 0.0.0.0 null0 ! router eigrp 99 eigrp stub static redistribute static ! !
4.3 解决双点双向重分布的次优路由问题和环路问题
在 R1 上看到 7.7.7.7/32 这条路由下一跳指向 R2,如果 R2 不可达,则 R1 可以通过 R3 到达到达此路由。 R2 与 R3 是可以相互传递路由,此方案还需要考虑双点 双向重分布可能会出现的路由环路或次优路径的问题。
day0 配置
=== R1 === int lo0 ip add 100.1.1.1 255.255.255.0 secondary ip add 100.1.2.1 255.255.255.0 secondary ip add 100.1.3.1 255.255.255.0 secondary ip add 100.1.4.1 255.255.255.0 secondary ip add 100.1.5.1 255.255.255.0 secondary ip add 100.1.6.1 255.255.255.0 secondary ip add 100.1.7.1 255.255.255.0 secondary ip add 100.1.8.1 255.255.255.0 secondary ! ip access-list standard even permit 100.1.0.0 0.0.6.0 ip access-list standard odd permit 100.1.1.0 0.0.6.0 ip access-list standard net.100.1.8 permit 100.1.8.0 ! route-map RM_ADJUST_METRIC permit 10 match ip address odd set metric 5 route-map RM_ADJUST_METRIC permit 20 match ip address even set metric 7 route-map RM_ADJUST_METRIC permit 30 match ip address net.100.1.8 set metric 16 route-map RM_ADJUST_METRIC permit 40 ! ip prefix-list PFL_E00_IN seq 5 deny 161.1.0.0/16 ip prefix-list PFL_E00_IN seq 10 deny 161.1.0.0/18 ip prefix-list PFL_E00_IN seq 15 deny 161.1.0.0/20 ip prefix-list PFL_E00_IN seq 20 permit 0.0.0.0/0 le 32 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute connected route-map RM_ADJUST_METRIC distribute-list prefix PFL_E00_IN in Ethernet0/0 passive-interface default neighbor 1.1.123.3 ! === R2 === int lo1 ip add 161.1.1.1 255.255.255.0 ! int s1/0 ip summary-address eigrp 100 161.1.0.0 255.255.0.0 ip summary-address eigrp 100 161.1.0.0 255.255.192.0 ip summary-address eigrp 100 161.1.0.0 255.255.240.0 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 redistribute eigrp 100 metric 1 ! ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 permit 5.5.5.5 permit 6.6.6.6 ! router eigrp 100 network 1.1.24.2 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 network 161.1.1.1 0.0.0.0 distance 121 1.1.24.4 0.0.0.0 ACL_DISTANCE_121 ! === R3 === int e0/0 no ip split-horizon ! access-list 1 deny 100.1.0.0 0.0.7.0 access-list 1 permit any ! ip access-list standard net.161.1.1 permit 161.1.1.0 ! route-map R-E deny 10 match ip address net.161.1.1 route-map R-E permit 20 ! int lo5 ip add 5.5.5.5 255.255.255.255 ! ip access-list standard ROUTE.5.5.5.5 permit 5.5.5.5 ! int lo6 ip add 6.6.6.6 255.255.255.255 ! router rip version 2 no auto network 1.0.0.0 network 10.0.0.0 network 5.0.0.0 network 6.0.0.0 distribute-list 1 out e0/0 redistribute eigrp 100 metric 1 ! router eigrp 100 network 1.1.34.3 0.0.0.0 network 5.5.5.5 0.0.0.0 network 10.10.3.3 0.0.0.0 network 6.6.6.6 0.0.0.0 redistribute rip metric 10000 100 255 1 1500 route-map R-E distribute-list 1 out rip ! base on protocol which is redistributed offset-list ROUTE.5.5.5.5 out 97702144 Serial1/0 ! ==== R4 ===== ip access-list standard ROUTE.10.10.3.0 permit 10.10.3.0 ! ip access-list standard ACL_AD_170 permit 6.6.6.6 permit 10.10.3.0 ! ip route 0.0.0.0 0.0.0.0 null0 ! router eigrp 100 network 1.1.24.4 0.0.0.0 network 1.1.34.4 0.0.0.0 network 10.10.4.4 0.0.0.0 distance 170 1.1.34.3 0.0.0.0 ACL_AD_170 offset-list ROUTE.10.10.3.0 in 102400 Serial1/0 variance 2 traffic-share min across-interfaces redistribute eigrp 99 ! router eigrp 99 neighbor 1.1.45.5 s1/1 network 1.1.45.4 0.0.0.0 distance eigrp 90 90 eigrp stub static redistribute static redistribute eigrp 100 ! === R5 === int lo7 ip add 7.7.7.7 255.255.255.255 ! route-map RM_LO7 permit 10 match interface Loopback7 ! router eigrp 99 neighbor 1.1.45.4 s1/1 network 1.1.45.5 0.0.0.0 network 10.10.5.5 0.0.0.0 redistribute connected route-map RM_LO7 !
4.3.1 解决次优路径
边界路由器各自调整从对方重分布进来的路由的 AD 值。
=== R2 === ip access-list standard ACL_ROUTES_99 permit 1.1.45.0 permit 7.7.7.7 permit 10.10.5.0 ! router rip distance 172 1.1.123.3 0.0.0.0 ACL_ROUTES_99 ! === R3 === ip access-list standard ACL_ROUTES_99 permit 1.1.45.0 permit 7.7.7.7 permit 10.10.5.0 ! router rip distance 172 1.1.123.2 0.0.0.0 ACL_ROUTES_99 !
观察 R1 的路由
R1#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 5 subnets, 4 masks
R 1.1.24.0/29 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
[120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
R 1.1.34.0/29 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
R 1.1.45.0/24 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
[120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
C 1.1.123.0/27 is directly connected, Ethernet0/0
L 1.1.123.1/32 is directly connected, Ethernet0/0
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
6.0.0.0/32 is subnetted, 1 subnets
R 6.6.6.6 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
7.0.0.0/32 is subnetted, 1 subnets
R 7.7.7.7 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
[120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
C 10.10.1.0/24 is directly connected, Loopback0
L 10.10.1.1/32 is directly connected, Loopback0
R 10.10.2.0/24 [120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
R 10.10.3.0/24 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
R 10.10.4.0/24 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
R 10.10.5.0/24 [120/1] via 1.1.123.3, 00:00:25, Ethernet0/0
[120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
100.0.0.0/8 is variably subnetted, 16 subnets, 2 masks
C 100.1.1.0/24 is directly connected, Loopback0
L 100.1.1.1/32 is directly connected, Loopback0
C 100.1.2.0/24 is directly connected, Loopback0
L 100.1.2.1/32 is directly connected, Loopback0
C 100.1.3.0/24 is directly connected, Loopback0
L 100.1.3.1/32 is directly connected, Loopback0
C 100.1.4.0/24 is directly connected, Loopback0
L 100.1.4.1/32 is directly connected, Loopback0
C 100.1.5.0/24 is directly connected, Loopback0
L 100.1.5.1/32 is directly connected, Loopback0
C 100.1.6.0/24 is directly connected, Loopback0
L 100.1.6.1/32 is directly connected, Loopback0
C 100.1.7.0/24 is directly connected, Loopback0
L 100.1.7.1/32 is directly connected, Loopback0
C 100.1.8.0/24 is directly connected, Loopback0
L 100.1.8.1/32 is directly connected, Loopback0
161.1.0.0/24 is subnetted, 1 subnets
R 161.1.1.0 [120/1] via 1.1.123.2, 00:00:06, Ethernet0/0
R1#
调整下 R1 上从 R3 传来的 7.7.7.7 这条路由的 metric :
=== R3 === access-list 7 permit 7.7.7.7 ! route-map RM_7 permit 10 match ip address 7 set metric 2 route-map RM_7 permit 20 ! router rip redistribute eigrp 100 metric 1 route-map RM_7 !
4.3.2 使用 tag 解决环路隐患
- RIP 区域使用 tag 1000
- EIGRP 区域使用 tag 2000
=== R2 === route-map RM_E_R deny 10 match tag 1000 route-map RM_E_R permit 20 set tag 2000 ! route-map RM_R_E deny 10 match tag 2000 route-map RM_R_E permit 20 set tag 1000 ! router rip redistribute eigrp 100 metric 1 route-map RM_E_R ! router eigrp 100 redistribute rip metric 10000 100 255 1 1500 route-map RM_R_E ! === R3 === route-map RM_E_R deny 10 match tag 1000 route-map RM_E_R permit 15 match ip address 7 set metric 2 set tag 2000 route-map RM_E_R permit 20 set tag 2000 ! route-map RM_R_E deny 10 match tag 2000 route-map RM_R_E permit 20 set tag 1000 ! router rip redistribute eigrp 100 metric 1 route-map RM_E_R ! router eigrp 100 redistribute rip metric 10000 100 255 1 1500 route-map RM_R_E !