本文共 4723 字,大约阅读时间需要 15 分钟。
实验一、EIGRP的路由汇总
实验拓扑图:
通过“no auto-summary”来关闭自动汇总,然后进行手工汇总,R4的配置如下:
R4(config)# router eigrp 1
R4(config-router)#no auto-summary
R4(config-router)#network 192.168.34.0
R4(config-router)#network 4.4.0.0 255.255.252.0
R4(config-router)#exit
在R3上查看路由信息如下:
R3#show ip route eigrp
D 192.168.12.0/24 [90/2681856] via 192.168.23.2, 00:06:15, Serial1/1
4.0.0.0/24 is subnetted, 4 subnets
D 4.4.0.0 [90/2297856] via 192.168.34.4, 00:34:35, Serial1/2
D 4.4.1.0 [90/2297856] via 192.168.34.4, 00:34:35, Serial1/2
D 4.4.2.0 [90/2297856] via 192.168.34.4, 00:34:35, Serial1/2
D 4.4.3.0 [90/2297856] via 192.168.34.4, 00:34:35, Serial1/2
D 1.1.1.0 [90/2809856] via 192.168.23.2, 00:00:52, Serial1/1
以上输出表明关于R4有4条明细路由条目,
在R4的Serial1/2上执行路由汇总,在R3、R4上查看路由表:
R4(config)#interface serial 1/2
R4(config-if)#ip summary-address ?
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
rip Routing Information Protocol (RIP)
R4(config-if)#ip summary-address eigrp 1 4.4.0.0 255.255.252.0
R3的路由表信息为:
以上输出显示:在路由器R4上执行手工汇总后,会在自己的路由表中产生一条指向“null0”的EIGRP路由,主要是防止路由环路产生的,在路由器R3上收到被汇总的路由条目“4.4.0.0/22”。
【注】:当被汇总的明细路由条目全部down掉以后,汇总路由才自动从路由表中被删除,从而有效避免路由抖动。
实验二、EIGRP是否支持CIDR(无类域间路由)
现在把R4的lo0—lo3的地址改为:
Lo0:172.16.12.4/24
lo1:172.16.13.4/24
lo2:172.16.14.4/24
lo3:172.16.15.4/24
观察R4的S1/2是否能实现路由汇总?
R4的配置如下:
R4(config)#router eigrp 1
R4(config-router)#network 172.16.12.0 0.0.3.255
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D 192.168.12.0/24 [90/3193856] via 192.168.34.3, 00:45:21, Serial1/2
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/3321856] via 192.168.34.3, 00:27:03, Serial1/2
172.16.0.0/24 is subnetted, 4 subnets
C 172.16.12.0 is directly connected, Loopback0
C 172.16.13.0 is directly connected, Loopback1
C 172.16.14.0 is directly connected, Loopback2
C 172.16.15.0 is directly connected, Loopback3
D 192.168.23.0/24 [90/2681856] via 192.168.34.3, 01:16:32, Serial1/2
C 192.168.34.0/24 is directly connected, Serial1/2
在R4路由器上执行手动汇总:
R4(config)#interface serial 1/2
R4(config-if)#ip summary-address ?
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
rip Routing Information Protocol (RIP)
R4(config-if)#ip summary-address eigrp 1 172.16.12.0 255.255.252.0
在R3和R4上查看一下:
从R3和R4路由表的输出可以看出EIGRP是支持CIDR汇总的,这一点和RIPv2是不同的。
实验三、EIGRP认证
实验拓扑图:
配置R1路由器:
ip authenti mode eigrp 1 md5 //认证模式为md5
ip authenti key-chain eigrp 1 ccnp //在接口上调用钥匙链
配置R2路由器的serial1/0接口:
R2(config)#key chain ccnp
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#int s1/0
R2(config-if)#ip authenti mode eigrp 1 md5
R2(config-if)#ip authenti key-chain eigrp 1 ccnp
R2(config-if)#
*Mar 1 02:01:51.075: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.12.1 (Serial1/0) is up: new adjacency
R2(config-if)#exit
配置R2路由器的serial1/1接口
R2(config)#interface serial 1/1
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
R2(config-if)#ip authentication mode ei
R2(config-if)#ip authentication mode eigrp 1 ?
md5 Keyed message digest
R2(config-if)#ip authentication mode eigrp 1 md5
R2(config-if)#ip authentication key-chain ?
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
R2(config-if)#ip authentication key-chain eigrp ?
<1-65535> Autonomous system number
R2(config-if)#ip authentication key-chain eigrp 1 ?
WORD name of key-chain
R2(config-if)#ip authentication key-chain eigrp 1 ccnp
配置R3路由器的serial1/1接口:
R3(config)#key chain ccnp
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string cisco
R3(config-keychain-key)#int s1/1
R3(config-if)#ip authentication mode eigrp 1 md5
R3(config-if)#ip authentication key-chain eigrp 1 ccnp
R3(config-if)#int s1/2
R3(config-if)#ip authentication mode eigrp 1 md5
R3(config-if)#ip authentication key-chain eigrp 1 ccnp
配置R4路由器的serial1/2接口:
R4(config)#key chain ccnp
R4(config-keychain)#key 1
R4(config-keychain-key)#key-string cisco
R4(config-keychain-key)#int s1/2
R4(config-if)#ip authentication mode eigrp 1 md5
R4(config-if)#ip authentication key-chain eigrp 1 ccnp
如果钥匙链的密钥正确,则会出现下面的提示信息(以R4为例):
*Mar 1 03:25:06.283: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.34.3 (Serial1/2) is up: new adjacency
如果钥匙链的密钥不正确,则会出现下面的提示信息(以R4为例):
*Mar 1 03:23:39.195: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.34.3 (Serial1/2) is down: Auth failure