IPv4编址及IPv4路由基础
一、实验目的
- 掌握接口 IPv4 地址的配置方法
- 理解 LoopBack 接口的作用与含义
- 理解直连路由的产生原则
- 掌握静态路由的配置方法并理解其生效的条件
- 掌握通过 PING 工具测试网络层连通性
- 掌握并理解特殊静态路由的配置方法与应用场景
二、实验环境
安装有eNSP模拟器的PC一台,要求PC能联网。
三、实验拓扑
实验拓扑如下图所示,其中路由器均采用AR2220,并请注意设备间的连接接口。(切忌使用Router,否则本实验无法成功完成。)
AR1、AR2、AR3都是各自网络的网关设备,现在需要通过相应的配置,来实现这些网络之间的互联互通。
四、实验过程
4.1 设备基础配置
设备命名是设备的最基本配置,以下以AR1为例,AR2和AR3可类似操作。
# 进入系统视图,输入前3-4个字符,按Tab键可补全命令,下同
<Huawei>system-view # 将设备命名为AR1
[Huawei]sysname AR1# 关闭信息中心,避免大量日志信息干扰操作
[AR1]undo info-center enable
Info: Information center is disabled.4.2 查看IP地址配置与路由表
以下以AR1为例,AR2和AR3可类似操作。
(1)查看路由器上的接口状态,仅以 R1为例
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned up down
NULL0 unassigned up up(s) 【说明】:display ip interface brief命令用来查看接口与 IP 相关的简要信息,包括 IP 地址、子网掩码、物理状态和协议状态以及处于不同状态的接口数目等。当前 AR1 上的 GE0/0/0和 GE0/0/2 接口由于尚未配置 IP地址,所以 IP Address/Mask 字段为unassigned状态,Protocol字段为 down 状态,Physical 字段为 up状态。
(2)查看路由器上的路由表情况,仅以 R1为例
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 4 Routes : 4 Destination/Mask Proto Pre Cost Flags NextHop Interface127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0InLoopBack0 为设备上默认创建的环回接口,它是一个特殊的、固定的 LoopBack 接口。
InLoopBack0 接口使用环回地址 127.0.0.1/8,用来接收所有发送给本机的数据包。该接口上的 IP 地址是不可以改变的,也不通过路由协议对外发布。
4.3 配置路由物理接口的IP地址
按照下表配置路由器的物理接口的 IP 地址。
| 路由器 | 接口 | IP地址/网络前缀长度 |
| AR1 | GE 0/0/0 | 10.0.12.1/24 |
| GE 0/0/2 | 10.0.13.1/24 | |
| AR2 | GE 0/0/0 | 10.0.12.2/24 |
| GE 0/0/1 | 10.0.13.2/24 | |
| AR3 | GE 0/0/1 | 10.0.23.3/24 |
| GE 0/0/2 | 10.0.13.3/24 |
(1)为AR1物理接口配置IP地址
# 进入系统视图
<AR1>system-view# 进入GE0/0/0的接口视图
[AR1]interface GigabitEthernet 0/0/0# 为GE0/0/0指定IP地址和网络前缀长度
[AR1-GigabitEthernet0/0/0]ip address 10.0.12.1 24# 退出接口视图
[AR1-GigabitEthernet0/0/0]quit# 进入GE0/0/2的接口视图
[AR1]interface GigabitEthernet 0/0/2# 为GE0/0/2接口指定IP地址和网络前缀长度
[AR1-GigabitEthernet0/0/2]ip address 10.0.13.1 24# 直接返回到用户视图
[AR1-GigabitEthernet0/0/2]return # 保存配置
<AR1>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:y # 按y保存It will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated
执行【display current-configuration 】命令,参照表1,核对配置信息是否正确。按空格键可以翻页。
<AR1>display current-configuration
……此处省略部分输出……priority 15
#
interface GigabitEthernet0/0/0ip address 10.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2ip address 10.0.13.1 255.255.255.0
#
……此处省略部分输出……
(2)为AR2物理接口配置IP地址
# 进入系统视图
<AR2>system-view# 进入GE0/0/0的接口视图
[AR2]interface GigabitEthernet 0/0/0# 为GE0/0/0指定IP地址和网络前缀长度
[AR2-GigabitEthernet0/0/0]ip address 10.0.12.2 24# 退出接口视图
[AR2-GigabitEthernet0/0/0]quit# 进入GE0/0/1的接口视图
[AR2]interface GigabitEthernet 0/0/1# 为GE0/0/1接口指定IP地址和网络前缀长度
[AR2-GigabitEthernet0/0/1]ip address 10.0.13.2 24# 直接返回到用户视图
[AR2-GigabitEthernet0/0/1]return # 保存配置
<AR2>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:y # 按y保存It will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated
同样的操作,参照表1,核对配置信息是否正确。
(3)为AR2物理接口配置IP地址
# 进入系统视图
<AR3>system-view# 进入GE0/0/0的接口视图
[AR3]interface GigabitEthernet 0/0/1# 为GE0/0/1指定IP地址和网络前缀长度
[AR3-GigabitEthernet0/0/1]ip address 10.0.23.3 24# 退出接口视图
[AR3-GigabitEthernet0/0/1]quit# 进入GE0/0/2的接口视图
[AR3]interface GigabitEthernet 0/0/2# 为GE0/0/2接口指定IP地址和网络前缀长度
[AR3-GigabitEthernet0/0/2]ip address 10.0.13.3 24# 直接返回到用户视图
[AR3-GigabitEthernet0/0/2]return # 保存配置
<AR3>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:y # 按y保存It will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated
同样的操作,参照表1,核对配置信息是否正确。
4.4 测试并查看路由表
(1)使用ping工具检测连通性
在AR1路由器上,分别测试与AR2和AR3路由器连接接口地址的连通性。
[AR1]ping 10.0.12.2PING 10.0.12.2: 56 data bytes, press CTRL_C to breakReply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=120 msReply from 10.0.12.2: bytes=56 Sequence=2 ttl=255 time=40 ms[AR1]ping 10.0.13.3PING 10.0.13.3: 56 data bytes, press CTRL_C to breakReply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=80 msReply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=20 ms
同样的操作,可以测试AR2、AR3路由器与其它路由器连接接口的连通性。
(2)查看路由表
在AR1路由器,执行【display ip routing-table】查看路由表,如下所示。
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 10 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/010.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/210.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/210.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
可以看到,在接口IP 地址配置完成之后,针对每个接口自动生成了三条直连路由。分别是:
- 指向接口所在网段的路由。
- 指向接口 IP 地址的主机路由。
- 指向接口所在网段广播地址的主机路由。
注:主机路由就是掩码长度为 32 的路由。
同样的操作,可以查看AR2和AR3的路由表。
4.5 创建并配置 LoopBack接口
LoopBack 接口属于设备上的逻辑接口,逻辑接口是指能够实现数据交换功能但物理上不存在、需要通过配置建立的接口。
LoopBack接口创建后除非手工关闭该接口,否则LoopBack接口物理层状态和链路层协议永远处于 UP状态。
一般情况下,LoopBack 接口使用 32 位掩码。使用 LoopBack接口一般有如下目的:
- 作为一台路由器的管理地址,起到标识一台设备的作用。
- 使用该接口地址作为动态路由协议 OSPF 的 Router id。
- 其他提高网络可靠性的用途。
本实验使用 LoopBack 接口模拟客户端。
按照下表配置各设备的 LoopBack 接口
| 路由器 | 接口 | IP 地趱/网络前缀长度 |
|---|---|---|
| AR1 | LoopBack0 | 10.0.1.1/32 |
| AR2 | LoopBack0 | 10.0.1.2/32 |
| AR3 | LoopBack0 | 10.0.1.3/32 |
(1)配置AR1的LoopBack接口
[AR1]interface LoopBack 0
[AR1-LoopBack0]ip address 10.0.1.1 32
[AR1-LoopBack0]quit(2)配置AR2的LoopBack接口
[AR2]interface LoopBack 0
[AR2-LoopBack0]ip address 10.0.1.2 32
[AR2-LoopBack0]quit(3)配置AR3的LoopBack接口
[AR3]interface LoopBack 0
[AR3-LoopBack0]ip address 10.0.1.3 32
[AR3-LoopBack0]quit查看设备上的路由表,以AR1为例。
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 11 Routes : 11 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/010.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/210.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/210.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0此时已经生成了相应的直连路由(即10.0.1.1/32所在行)。同样的操作,可以查看其它路由器的路由表。
(4)测试各 LoopBack 接囗之间的连通性
以AR1为例,测试与其它两个路由器的LoopBack0接口地址的连通性。
[AR1]ping -a 10.0.0.1 10.0.1.2PING 10.0.1.2: 56 data bytes, press CTRL_C to breakRequest time outRequest time out[AR1]ping -a 10.0.0.1 10.0.1.3PING 10.0.1.3: 56 data bytes, press CTRL_C to breakRequest time outRequest time out注:ping -a source-ip-address destination-ip-address命令用来指定发送 ICMP ECHO-REQUEST 报文的源 IP 地址及目的 IP地址。此时由于路由器上没有到达目的 IP的路由条目所以无法 PING 通。
4.6 配置静态路由
配置静态路由的命令格式如下:
ip route-static 目标IP地址 网络前缀长度 网关IP地址
对于本实验而言,目标IP地址就是各目标LoopBack0接口的IP地址,网络前缀长度为32,网关IP地址为目标物理接口的IP地址。
(1)在AR1上配置到达 AR2和 AR3的 LoopBack0 接口的路由条目。
# 添加到AR2的LoopBack 0的静态路由
[AR1]ip route-static 10.0.1.2 32 10.0.12.2# 添加到AR3的LoopBack 0的静态路由
[AR1]ip route-static 10.0.1.3 32 10.0.13.3再次查看AR1路由器的路由表,如下所示。
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.2/32 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/010.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/2
……此处省略后续输出……可以看到,目前已经有了到达AR2和AR3的LoopBack 0接口的静态路由(Flags标志为RD)。
再次测试与AR2和AR3的LoopBack 0接口的连通性。
[AR1]ping -a 10.0.0.1 10.0.1.2PING 10.0.1.2: 56 data bytes, press CTRL_C to breakRequest time outRequest time out[AR1]ping -a 10.0.0.1 10.0.1.3PING 10.0.1.3: 56 data bytes, press CTRL_C to breakRequest time outRequest time out发现仍然ping不通,原因是AR2、AR3到AR1的回程还没有配置静态路由。
(2) 在 AR2 上添加到达 AR1的 LoopBack0 的路由
# 配置到AR1的LoopBack 0 接口的静态路由
[AR2]ip route-static 10.0.1.1 32 10.0.12.1# 配置到AR3的LoopBack 0 接口的静态路由
[AR2]ip route-static 10.0.1.3 32 10.0.23.3# 查看路由表
[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Static 60 0 RD 10.0.12.1 GigabitEthernet 0/0/010.0.1.2/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.3/32 Static 60 0 RD 10.0.23.3 GigabitEthernet 0/0/1
……此处省略后续输出……再次测试与AR2的LoopBack0接口的连通性。
[AR1]ping -a 10.0.1.1 10.0.1.2PING 10.0.1.2: 56 data bytes, press CTRL_C to breakReply from 10.0.1.2: bytes=56 Sequence=1 ttl=255 time=70 msReply from 10.0.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms可见,现在已可以ping通了。
(3) 在 AR3 上添加到达 AR1和AR3的 LoopBack0 的路由
# 配置到AR1的LoopBack0接口的静态路由
[AR3]ip route-static 10.0.1.1 32 10.0.13.1# 配置到AR2的LoopBack0接口的静态路由
[AR3]ip route-static 10.0.1.2 32 10.0.23.2# 查看路由表
[AR3]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Static 60 0 RD 10.0.13.1 GigabitEthernet 0/0/210.0.1.2/32 Static 60 0 RD 10.0.23.2 GigabitEthernet 0/0/1
……此处省略其它输出……此时,可测试各设备到其它设备的LoopBack0接口的连通性,可发现全部可以ping通。以AR2为例
[AR2]ping -a 10.0.1.2 10.0.1.1PING 10.0.1.1: 56 data bytes, press CTRL_C to breakReply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=20 msReply from 10.0.1.1: bytes=56 Sequence=2 ttl=255 time=20 ms[AR2]ping -a 10.0.1.2 10.0.1.3PING 10.0.1.3: 56 data bytes, press CTRL_C to breakReply from 10.0.1.3: bytes=56 Sequence=1 ttl=255 time=30 msReply from 10.0.1.3: bytes=56 Sequence=2 ttl=255 time=30 ms4.7 配置备份路径
可将 AR1->AR3->AR2配置成 AR1的LoopBack0 到AR2的LoopBack0接囗的备份路径,具体操作如下:
(1)配置 AR1 和 AR2 上的静态路由
# 配置AR1的LoopBack0到AR2的LoopBack0接口的备用静态路由
[AR1]ip route-static 10.0.1.2 32 10.0.13.3 preference 100# 配置AR1的LoopBack0到AR2的LoopBack0接口的备用静态路由
[AR2]ip route-static 10.0.1.1 32 10.0.23.3 preference 100(2)查看 AR1 和 AR2 上的路由表
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.2/32 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/010.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/210.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/010.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/210.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/210.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Static 60 0 RD 10.0.12.1 GigabitEthernet 0/0/010.0.1.2/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.3/32 Static 60 0 RD 10.0.23.3 GigabitEthernet 0/0/110.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet 0/0/010.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.23.0/24 Direct 0 0 D 10.0.23.2 GigabitEthernet 0/0/110.0.23.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/110.0.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
此时配置的 preference 为100 的静态路由没有被加载到路由表中。
(3)测试备用路由
关闭 AR1和 AR2 之间的链路对应的接口(GE0/0/0),使得优先级高的路由失效。
[AR1]interface GigabitEthernet 0/0/0# 关闭接口
[AR1-GigabitEthernet0/0/0]shutdown
[AR1-GigabitEthernet0/0/0]quit再次查看AR1和AR2的路由表,可以看到preference 为100 的静态路由被激活。
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 10 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.2/32 Static 100 0 RD 10.0.13.3 GigabitEthernet 0/0/2
……此处省略其它输出……[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 10 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Static 100 0 RD 10.0.23.3 GigabitEthernet 0/0/1
……此处省略其它输出……再次测试AR1的LoopBack0接口与AR2的LoopBack0接口之间的连通性,可以看到仍可连通。
[AR1]ping -a 10.0.1.1 10.0.1.2PING 10.0.1.2: 56 data bytes, press CTRL_C to breakReply from 10.0.1.2: bytes=56 Sequence=1 ttl=254 time=30 msReply from 10.0.1.2: bytes=56 Sequence=2 ttl=254 time=30 ms利用tracert命令追踪数据包传输路径。
[AR1]tracert -a 10.0.1.1 10.0.1.2traceroute to 10.0.1.2(10.0.1.2), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.13.3 40 ms 20 ms 20 ms 2 10.0.23.2 20 ms 20 ms 20 ms tracert 命令主要用于查看数据包从源端到目的端的路径信息。可以看到数据包经过了 AR3 的 GE0/0/2,再经过 R3 的 GE0/0/1 转发给 AR2的 GE0/0/1。
注:部分实验环境下设备出于安全考虑,不会回复ICMP 报文,实验现象可能会有所偏差,可以按 Ctrl+C 结束 tracert。
4.8 配置默认路由
(1)恢复接口并删除已经配置的路由条目
恢复激活AR1的GE 0/0/0接口,并删除所有到达AR2的LoopBack0接口的路由条目。
[AR1]interface GigabitEthernet 0/0/0# 激活接口
[AR1-GigabitEthernet0/0/0]undo shutdown
[AR1-GigabitEthernet0/0/0]quit# 删除AR1的LoopBack0到AR2的LoopBack0接口的路由
[AR1]undo ip route-static 10.0.1.2 32 10.0.12.2# 删除AR1的LoopBack0到AR2的LoopBack0接口的路由
[AR1]undo ip route-static 10.0.1.2 32 10.0.13.3(2)查看AR1的路由表
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 12 Routes : 12 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack010.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/210.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/010.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/010.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/210.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/210.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0可以看到,此时AR1的路由表中,已不存在到 AR2 的 LoopBack0(10.0.1.2/32)的路由条目。 AR1的LoopBack0接口到AR2的LoopBack0接口已不可ping通(自行测试)
(3)添加默认路由
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface0.0.0.0/0 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/0
……此处省略其它输出……可以看到,此时默认路由已经被激活。
(4)测试AR1的LoopBack0到AR2的LoopBack0接口的连通性
[AR1]ping -a 10.0.1.1 10.0.1.2PING 10.0.1.2: 56 data bytes, press CTRL_C to breakReply from 10.0.1.2: bytes=56 Sequence=1 ttl=255 time=40 msReply from 10.0.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms可以看到此时,AR1的LoopBack0到AR2的LoopBack0接口又可以ping通,证明默认路由已生效。
利用tracert命令追踪数据包,可以看到数据包没有经过AR3。
[AR1]tracert -a 10.0.1.1 10.0.1.2traceroute to 10.0.1.2(10.0.1.2), max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.0.12.2 30 ms 20 ms 20 ms 保存配置,并查看配置内容。
(1)AR1
# 保存配置
<AR1>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:yIt will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated# 查看当前配置
<AR1>display current-configuration
[V200R003C00]
#sysname AR1
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 10.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2ip address 10.0.13.1 255.255.255.0
#
interface NULL0
#
interface LoopBack0ip address 10.0.1.1 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 10.0.12.2
ip route-static 10.0.1.3 255.255.255.255 10.0.13.3
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<AR1>(2)AR2
# 保存配置
<AR2>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:yIt will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated# 查看当前配置
<AR2>display current-configuration
[V200R003C00]
#sysname AR2
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 10.0.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 10.0.23.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 10.0.1.2 255.255.255.255
#
ip route-static 10.0.1.1 255.255.255.255 10.0.12.1
ip route-static 10.0.1.1 255.255.255.255 10.0.23.3 preference 100
ip route-static 10.0.1.3 255.255.255.255 10.0.23.3
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return(3)AR3
# 保存配置
<AR3>saveThe current configuration will be written to the device. Are you sure to continue? (y/n)[n]:yIt will take several minutes to save configuration file, please wait.......Configuration file had been saved successfullyNote: The configuration file will take effect after being activated# 查看当前配置内容
<AR3>display current-configuration
[V200R003C00]
#sysname AR3
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1ip address 10.0.23.3 255.255.255.0
#
interface GigabitEthernet0/0/2ip address 10.0.13.3 255.255.255.0
#
interface NULL0
#
interface LoopBack0ip address 10.0.1.3 255.255.255.255
#
ip route-static 10.0.1.1 255.255.255.255 10.0.13.1
ip route-static 10.0.1.2 255.255.255.255 10.0.23.2
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
思考题:
(1)什么情况下,配置的静态路由会被添加到 IP 路由表中?若配置的下一跳不可达,该路由可以被加入到 IP 路由表吗?
答:同时满足下列两个条件,静态路由会被添加到路由表中:
- 该路由所配置的下一跳可达。
- 这条路由是到达目的网段(主机)的最优路由。
故,当下一跳不可达时,不会被添加到IP 路由表。
(2)当测试 LoopBack接口之间连通性时,若不加-a参数,则ICMP 报文的源IP 地址将会是什么?
答:在华为设备上执行 ping操作时,设备会查询路由表来确定出接口,出接口的IP地址将会被作为 ICMP 报文的源 IP 地址。
参考文献:HCIA-Datacom V1.0实验手册