温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

实验设计与排错之二RIPI、II的区别

发布时间:2020-08-22 01:12:13 来源:网络 阅读:686 作者:deshen_feng 栏目:网络安全

一、动态路由

动态路由协议有灵活等很多优点,但是缺点也有,比如占用了额外的带宽,CPU负荷高。

管理距离(Administrative Distances):0到255之间的1个数,它表示一条路由选择信息源的可信性值。该值越小,可信性级别越高。0为最信任,255为最不信任。即没有从这条线路将没有任何流量通过。

假如1台路由器收到远端的2条路由更新,路由器将检查管理距离,管理距离值低的将被选为新路线存放于路由表中;若它们拥有相同的管理距离,将比较它们的度(Metric)。度低的将作为新线路;若它们的管理距离和度都一样,那么将在2条线路做均衡负载。

一些常用路由协议默认的管理距离:

l  直接相连:0

l  静态路由:1

l  EIGRP:90

l  IGRP:100

l  OSPF:110

l  RIP:120

注意:如果你在1条线路上配置了静态路由,又配置了RIP,默认情况下,路由器只会使用静态路由,因为静态路由的管理距离为1小于RIP的管理距离。

三种路由协议:

  • 距离向量(Distance Vector)

  • 链路状态(Link State)

  • 混合型(Hybrid)

距离向量:用于根据距离(Distance)来判断最佳路径,当1个数据包每经过1个路由器时,被称之为经过1跳,经过跳数最少的则作为最佳路径,这类协议的有RIP和IGRP。

  链路状态:也叫最短路径优先(Shortest-Path-First)协议。每个路由器创建3张单独的表,1张用来跟踪与它直接相连的相邻路由器,1张用来决定网络的整个拓扑结构,另外1张作为路由表,所以这种协议对网络的了解程度要比距离向量高,这类协议有OSPF。

  混合型:综合了前2者的特征,这类协议的有EIGRP。

二、RIP I、RIP II的区别

RIPv1

  • 使用广播的方式发送路由更新;

  • 路由更新信息中不携带子网掩码,为有类路由协议;

  • RIP报文大小限制是512字节,最多可以携带25条路由信息;

RIPv2

  • 路由信息中加入了子网掩码,无类的路由协议;

  • RIPv2发送更新报文的方式为组播,组播地址为224.0.0.9;

  • 支持认证;

 

特性

RIPv1

RIPv2

采用跳数为度量值

15是最大的有效度量值,16为无穷大

默认30s更新周期

周期性更新时发送全部路由信息

拓扑改变时发送只针对变化的触发更新

使用路由毒化、水平分割、毒性逆转

使用抑制计时器

发送更新的方式

广播

组播

使用UDP 520端口发送报文

更新中携带子网掩码,支持VLSM

支持认证

1、实例

如下拓扑环境,默认所有路由器都做了RIP v2的普通配置,并且全网通过RIP协议进行网络互联。

实验设计与排错之二RIPI、II的区别

 

 2、分析与排错

(1)、观察RIP路由启用后,路由协议和路由表的信息(以R2为例)

R2#show ip protocols

Routing Protocol is "rip"

Sending updates every 30 seconds, next due in 9 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Redistributing: rip

Default version control: send version 2, receive 2

Interface         Send        Recv                   Triggered RIP        Key-chain

Loopback0       2               2

Serial1/1          2               2

Serial1/3          2               2

Serial1/0          2               2

Serial1/2          2               2

Automatic network summarization is not in effect

Maximum path: 4

Routing for Networks:

10.0.0.0

192.168.10.0

192.168.20.0

192.168.40.0

192.168.50.0

Passive Interface(s):

Routing Information Sources:

Gateway                   Distance                             Last Update

192.168.10.2           120                             00:00:08

192.168.20.2           120                             00:00:28

192.168.50.2           120                             00:00:10

192.168.40.2           120                             00:00:24

Distance: (default is 120)

解释:注意观察红色部分,如下:

Sending updates every 30 seconds, next due in 9 seconds

表示RIP每次以30秒发送更新一次路由表,而下一次更新是在9秒以后。

Invalid after 180 seconds, hold down 180, flushed after 240

此处为计时器信息,在180秒后记录将被作为失效处理,并在180秒会被暂停且可能Down掉,240秒后将会路由表中删除信息。

Routing for Networks:

10.0.0.0

192.168.10.0

192.168.20.0

192.168.40.0

192.168.50.0

路由的网络号包括:(参考以上,此处为略)

Distance: (default is 120)

管理距离默认为120

R2#show ip route rip

10.0.0.0/16 is subnetted, 5 subnets

R                        10.2.0.0 [120/1] via 192.168.10.2, 00:00:06, Serial1/1

R                        10.5.0.0 [120/1] via 192.168.20.2, 00:00:04, Serial1/0

R                        10.11.0.0 [120/1] via 192.168.50.2, 00:00:02, Serial1/3

R                        10.12.0.0 [120/1] via 192.168.40.2, 00:00:18, Serial1/2

192.168.30.0/30 is subnetted, 1 subnets

R                        192.168.30.0 [120/1] via 192.168.40.2, 00:00:18, Serial1/2

[120/1] via 192.168.50.2, 00:00:02, Serial1/3

192.168.60.0/30 is subnetted, 1 subnets

R                        192.168.60.0 [120/1] via 192.168.10.2, 00:00:06, Serial1/1

[120/1] via 192.168.20.2, 00:00:04, Serial1/0

此处我们使用show ip route rip而没有使用show ip route,因为show ip route rip是显示当前路由器启用单独的RIP协议后的路由表,而show ip route是显示当前路由器整个路由表信息。其中我们看到某个网络是通过哪个接口,以多长时间学到的,我们能够发现其时间都没有超过30秒。

(2)、设置R5不让R1、R2、R3、R4学到

首先我们需要知道如何才能不让其它4台路由器来学习R5的路由信息,这里我们可以使用RIP v1和RIP v2版本的功能特性来实现,实验如下:

我们先将R5的RIP版本设置为v1,看看R5和R2会有什么曲别。

R5#conf t

Enter configuration commands, one per line. End with CNTL/Z.

R5(config)#route rip

R5(config-router)#version 1

如下为R2用于实时查看路由更新,其中红色部分可以看到“忽略来自192.168.40.2 v1版本路由信息(为非法版本)”此可以说明R5的RIP已被更改为v1且R2还是v2版,因此不能接收其路由更新。

R2#debug ip rip

RIP: received v2 update from 192.168.20.2 on Serial1/0

10.2.0.0/16 via 0.0.0.0 in 2 hops

10.5.0.0/16 via 0.0.0.0 in 1 hops

192.168.60.0/30 via 0.0.0.0 in 1 hops

RIP: received v2 update from 192.168.50.2 on Serial1/3

10.11.0.0/16 via 0.0.0.0 in 1 hops

10.12.0.0/16 via 0.0.0.0 in 2 hops

192.168.30.0/30 via 0.0.0.0 in 1 hops

RIP: ignored v1 packet from 192.168.40.2 (illegal version)

RIP: received v2 update from 192.168.10.2 on Serial1/1

10.2.0.0/16 via 0.0.0.0 in 1 hops

10.5.0.0/16 via 0.0.0.0 in 2 hops

192.168.60.0/30 via 0.0.0.0 in 1 hops

再来看R2的RIP路由表,其中红色部分时间为00:01:49且已超过30秒,但未到达180秒,而其路由条目还准确的以30秒为单位进行更新。

R2#show ip route rip

10.0.0.0/16 is subnetted, 5 subnets

R               10.2.0.0 [120/1] via 192.168.10.2, 00:00:15, Serial1/1

R               10.5.0.0 [120/1] via 192.168.20.2, 00:00:05, Serial1/0

R               10.11.0.0 [120/1] via 192.168.50.2, 00:00:01, Serial1/3

R               10.12.0.0 [120/1] via 192.168.40.2, 00:01:49, Serial1/2

192.168.30.0/30 is subnetted, 1 subnets

R               192.168.30.0 [120/1] via 192.168.40.2, 00:01:49, Serial1/2

[120/1] via 192.168.50.2, 00:00:01, Serial1/3

192.168.60.0/30 is subnetted, 1 subnets

R               192.168.60.0 [120/1] via 192.168.10.2, 00:00:15, Serial1/1

[120/1] via 192.168.20.2, 00:00:05, Serial1/0

R2#

此为R5的RIP路由记录,且所有路由记录都为30秒以上,已更新不到RIP路由信息了。

R5#show ip route rip

10.0.0.0/16 is subnetted, 5 subnets

R               10.2.0.0 [120/2] via 192.168.40.1, 00:02:22, Serial0/0

R               10.5.0.0 [120/2] via 192.168.40.1, 00:02:22, Serial0/0

R               10.6.0.0 [120/1] via 192.168.40.1, 00:02:22, Serial0/0

R               10.11.0.0 [120/1] via 192.168.30.2, 00:02:14, Serial0/1

192.168.10.0/30 is subnetted, 1 subnets

R               192.168.10.0 [120/1] via 192.168.40.1, 00:02:22, Serial0/0

192.168.20.0/30 is subnetted, 1 subnets

R               192.168.20.0 [120/1] via 192.168.40.1, 00:02:22, Serial0/0

192.168.50.0/30 is subnetted, 1 subnets

R               192.168.50.0 [120/1] via 192.168.40.1, 00:02:22, Serial0/0

[120/1] via 192.168.30.2, 00:02:14, Serial0/1

192.168.60.0/30 is subnetted, 1 subnets

R               192.168.60.0 [120/2] via 192.168.40.1, 00:02:22, Serial0/0

R5#

再看看R2的RIP路由表中红色部分,已00:03:00且为180秒,此时这两条路由记录已为Possibly down(为可能down掉了)

R2#show ip route rip

10.0.0.0/16 is subnetted, 5 subnets

R               10.2.0.0 [120/1] via 192.168.10.2, 00:00:26, Serial1/1

R               10.5.0.0 [120/1] via 192.168.20.2, 00:00:18, Serial1/0

R               10.11.0.0 [120/1] via 192.168.50.2, 00:00:17, Serial1/3

R               10.12.0.0 is possibly down, routing via 192.168.40.2, 00:03:00, Serial1/2

192.168.30.0/30 is subnetted, 1 subnets

R               192.168.30.0 is possibly down, routing via 192.168.40.2, 00:03:00, Serial1/2

[120/1] via 192.168.50.2, 00:00:17, Serial1/3

192.168.60.0/30 is subnetted, 1 subnets

R                192.168.60.0 [120/1] via 192.168.10.2, 00:00:26, Serial1/1

[120/1] via 192.168.20.2, 00:00:18, Serial1/0

R2#

最后再看超过240秒后,此两条记录已被从RIP路由表中删除了,说明R2及其它4台路由器已无法学习到R5的RIP路由更新了,同时R5已不存在其它RIP的路由信息了,只有默认的直连路由信息,同样也说明就算走Se0/1而R4也无法更新到路由信息。

R2#show ip route rip

10.0.0.0/16 is subnetted, 4 subnets

R               10.2.0.0 [120/1] via 192.168.10.2, 00:00:17, Serial1/1

R                10.5.0.0 [120/1] via 192.168.20.2, 00:00:06, Serial1/0

R               10.11.0.0 [120/1] via 192.168.50.2, 00:00:12, Serial1/3

192.168.30.0/30 is subnetted, 1 subnets

R               192.168.30.0 [120/1] via 192.168.50.2, 00:00:12, Serial1/3

192.168.60.0/30 is subnetted, 1 subnets

R               192.168.60.0 [120/1] via 192.168.10.2, 00:00:17, Serial1/1

[120/1] via 192.168.20.2, 00:00:06, Serial1/0

R2#

如下为R5的240秒之后的路由表信息。

R5#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

 

Gateway of last resort is not set

 

10.0.0.0/16 is subnetted, 1 subnets

C               10.12.0.0 is directly connected, Loopback0

192.168.30.0/30 is subnetted, 1 subnets

C               192.168.30.0 is directly connected, Serial0/1

192.168.40.0/30 is subnetted, 1 subnets

C               192.168.40.0 is directly connected, Serial0/0

3、水平分割

首先水平分割是为了减少环路和加快路由汇聚,在实际操作中是为了让路由器减少发送路由表及环路,从而降低路由器负载的一种技术。下面我们来分析实验(默认情况下所有路由器已配置完成并已开启RIP v1协议):

实验设计与排错之二RIPI、II的区别

    由于水平分割默认是开启的,它的原则是从某个端口接收到的信息不再允许从这个端口发出。因此下面例子我们看到,R1在通过本地端口Se0/0/1收到R2的路由更新后,会从R2的Se0/0/0端口以广播的形式发出。另外把本地网络是通过R2的Se0/0/1发出的来减少环路。这就是一个完整的水平分割的过程。

R1#debug ip rip

RIP protocol debugging is on

R1#RIP: received v1 update from 192.168.10.2 on Serial0/0/1

192.168.20.0 in 1 hops

192.168.30.0 in 2 hops

RIP: sending v1 update to 255.255.255.255 via Serial0/0/0 (192.168.10.2)

RIP: build update entries

network 192.168.20.0 metric 1

network 192.168.30.0 metric 2

RIP: sending v1 update to 255.255.255.255 via Serial0/0/1 (192.168.20.2)

RIP: build update entries

network 192.168.10.0 metric 1

R1取消水平分割后,会从本地端口直接发送整个路由表,这样重复发送会引起环路,以及降低路由器负载并会对链路也是不小的压力。

R1(config)#interface serial0/0/1

R1(config-if)#no ip split-horizon

R1(config-if)#end

R1#

%SYS-5-CONFIG_I: Configured from console by console

RIP: sending v1 update to 255.255.255.255 via Serial0/0/1 (192.168.10.1)

RIP: build update entries

network 192.168.10.0 metric 1

network 192.168.20.0 metric 2

network 192.168.30.0 metric 3

RIP: received v1 update from 192.168.10.2 on Serial0/0/1

192.168.20.0 in 1 hops

192.168.30.0 in 2 hops

    4、毒性逆转

即我们常说的毒化路由,其意思是指当接收到一个“metric 16”路由信息时,将其设为“possibly down”,同时再发送一份广播出去,若再没有相关的路由更新后,会立刻将其清除已加速路由的收敛。(如例2.4.3.3水平分割拓扑RIP v1实例,分析如下)。

首先我们将R3的Se0/0/0端口shutdown掉,打开debug ip rip会出现发送毒化路由的信息。

R3(config)#int s0/0/0

R3(config-if)#shutdown

 

R3(config-if)#

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to administratively down

 

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to down

end

R3#

%SYS-5-CONFIG_I: Configured from console by console

 

R3#debug ip rip

RIP protocol debugging is on

R3#RIP: sending v1 update to 255.255.255.255 via Serial0/0/1 (192.168.30.1)

RIP: build update entries

network 192.168.10.0 metric 16

再来看看R2的RIP广播及R1的路由表信息。

R2#debug ip rip

RIP protocol debugging is on

R2#RIP: sending v1 update to 255.255.255.255 via Serial0/0/0 (192.168.10.2)

RIP: build update entries

network 192.168.30.0 metric 16

---------------------------------

R1#show ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

 

Gateway of last resort is not set

 

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C                10.2.0.0/16 is directly connected, Loopback0

L               10.2.0.2/32 is directly connected, Loopback0

192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks

C               192.168.10.0/30 is directly connected, Serial0/0/1

L               192.168.10.1/32 is directly connected, Serial0/0/1

R     192.168.20.0/24 is possibly down, routing via 192.168.10.2, Serial0/0/1

R     192.168.30.0/24 is possibly down, routing via 192.168.10.2, Serial0/0/1

R2已将收到的毒化路由转发广播到R1上,而R1同样会把广播再发出去的同时设置为“Passibly down”并会再下一次接收没有更新时消除,这就是毒化逆转的过程及路由器行为。

 

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI