2. IGRP protocol
IGRP (Interior Gateway Routing Protocol) is a dynamic distance vector routing protocol designed by Cisco in the mid-1980s. Use combined user configuration scales including latency, bandwidth, reliability, and load.
By default, IGRP sends a route update broadcast every 90 seconds. During 3 update cycles (i.e. 270 seconds), no update is received from the first router in the route, and the route is declared inaccessible. After 7 update cycles, i.e. 630 seconds, the Cisco IOS software clears the route from the routing table.
1. Related Commands
Tasks Command
Specify the use of RIP protocol router igrp autonomous-system1
Specify the network connected to this router.network.network.
Specify the node address adjacent to this router. neighbor ip-address
Note: 1. The autonomous-system can be established at will, not the actual autonomous-system, but the autonomous-system needs to be the same if the router running IGRP wants to exchange route update information.
2. Give an example
Router1:
router igrp 200
network 192.200.10.0
network 192.20.10.0
!
3. OSPF protocol
OSPF (Open Shortest Path First) is an internal gateway protocol (Interior Gateway Protocol, referred to as IGP) used to make decisions within a single autonomous system (autonomous system, AS). Compared with RIP, OSPF is a link state path with protocol, while RIP is a distance vector routing protocol.
Links are another way of saying router interfaces, so OSPF is also called interface state routing protocol. OSPF establishes a link state database by informing the state of the network interface between routers and generating a shortest path tree. Each OSPF router uses these shortest paths to construct a routing table.
See RFC2178 for documentation.
1. Related Commands
Global settings
Tasks Command
Specify the use of OSPF protocol router ospf process-id1
Specify the network connected to this router.network address.wildcard-mask.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.area.
Specify the node address adjacent to this router. neighbor ip-address
Note: 1. The OSPF routing process process-id must specify the range between 1-65535. Multiple OSPF processes can be configured on the same router, but it is best not to do so. Multiple OSPF processes require copies of multiple OSPF databases and must run multiple copies of shortest path algorithms. process-id only works inside the router, and the process-ids of different routers can be different.
2. wildcard-mask is the inverse code of the subnet mask. The decimal number with the network area ID area-id within 0-4294967295 can also be in the IP address format. When the network area ID is 0 or 0.0.0.0 is the main domain. Routers in different network areas learn routing information through the backbone domain.
2. Examples of basic configuration:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
!
Router3:
interface ethernet 0
ip address 192.1.0.130 255.255.255.192
!
router ospf 300
network 192.1.0.128 0.0.0.63 area 1
!
Router4:
interface ethernet 0
ip address 192.1.0.66 255.255.255.192
!
router ospf 400
network 192.1.0.64 0.0.0.63 area 1
!
Related debugging commands:
debug ip ospf events
debug ip ospf packet
show ip ospf
show ip ospf database
show ip ospf interface
show ip ospf neighbor
show ip route
Under OSPF, no zone verification is used. There are two ways to enable authentication features, plain text authentication and message digest (md5) authentication. The authentication password transmitted by plain text authentication is plain text, and it will be determined by the network detector, so it is not safe and is not recommended. Message Digest (md5) authentication must encrypt the password before transmitting the authentication password, so it is generally recommended to use this method for authentication.
When using authentication, all router interfaces in the zone must use the same authentication method. To enable authentication, passwords must be configured for each router interface in the zone in the router interface configuration mode.
Tasks Command
Specify authentication area area-id authentication [message-digest]
Use plain text authentication ip ospf authentication-key password
Use Message Digest (md5) Authentication ip ospf message-digest-key keyid md5 key
The following lists two examples of verification settings. The network distribution and address allocation environment of the example are the same as the above basic configuration examples, except that the authentication function is used on area 0 of Router1 and Router2. :
Example 1. Use plain text authentication
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication
!
Example 2. Message Digest (md5) Authentication:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication message-digest
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication message-digest
!
Related debugging commands:
debug ip ospf adj
debug ip ospf events
4. Reassign routes
In actual work, we will encounter networks using multiple IP routing protocols. In order for the entire network to work properly, successful routing redistribution must be performed between multiple routing protocols.
The following lists the settings for reassigning routes between OSPF and RIP:
Router1's Serial 0 port and Router2's Serial 0 port run OSPF, Router1's Ethernet 0 port run RIP 2, Router3's RIP2, Router2 has a static route to Router4's 192.168.2.0/24 network, Router4 uses the default static route. OSPF and RIP routes need to be reassigned between Router1 and Router3, and static routes and direct routes on Router2.
Commands involved in the example
Tasks Command
Reassign direct connection routes redistribute connected
Reassign static routes redistribute static
Reassign ospf routes redistribute ospf process-id metric metric-value
Reassign rip routes redistribute rip metric metric-value
Router1:
interface ethernet 0
ip address 192.168.1.1 255.255.255.0
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
redistribute rip metric 10
network 192.200.10.4 0.0.0.3 area 0
!
router rip
version 2
redistribute ospf 100 metric 1
network 192.168.1.0
!
Router2:
interface loopback 1
ip address 192.168.3.2 255.255.255.0
!
interface ethernet 0
ip address 192.168.0.2 255.255.255.0
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
redistribute connected subnet
redistribute static subnet
network 192.200.10.4 0.0.0.3 area 0
!
ip route 192.168.2.0 255.255.255.0 192.168.0.1
!
Router3:
interface ethernet 0
ip address 192.168.1.2 255.255.255.0
!
router rip
version 2
network 192.168.1.0
!
Router4:
interface ethernet 0
ip address 192.168.0.1 255.255.255.0
!
interface ethernet 1
ip address 192.168.2.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.0.2
!
5. IPX protocol settings
IPX protocol and IP protocol are two different network layer protocols, and their routing protocols are also different. IPX routing protocol is not as rich as IP routing protocols, so it is relatively simple to set up. However, the IPX protocol must specify the encapsulation form when running on Ethernet.
1. Related orders
Start IPX routing ipx routing
Set IPX network and Ethernet encapsulation form ipx network network [encapsulation encapsulation-type]1
Specify the routing protocol, default is RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip}
Note: The range is 1 to FFFFFFFD.
IPX encapsulation type list
Interface type: Packaging type: IPX frame type:
Ethernet novell-ether (default) arpa sap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap
Token Ring sap (default) snap Token-Ring Token-Ring_Snap
FDDI snap (default) sap novell-fddi Fddi_Snap Fddi_802.2 Fddi_Raw
For example:
In this example, the IPX network of the WAN is 3a00, and the IPX network number of the LAN connected to Router1 is 2a00. There is a Novell server in this LAN, and the IPX network number is also 2a00. The IPX network number of the router interface must be the same as the IPX network number set on the Novell server of the same network. The router establishes a known service and its own network address table by listening to SAP, and sends its own SAP table every 60 seconds.
Router1:
ipx routing
interface ethernet 0
ipx network 2a00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 3a00
network 2a00
!
Router2:
ipx routing
interface ethernet 0
ipx network 2b00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 2b00
network 3a00
!
Related debugging commands:
debug ipx packet
debug ipx routing
debug ipx sap
debug ipx spoof
debug ipx spx
show ipx eigrp interfaces
show ipx eigrp neighbors
show ipx eigrp topology
show ipx interface
show ipx route
show ipx servers
show ipx spx-spoof
Chapter 4 Service Quality and Access Control
1. Protocol priority settings
1. Related Commands
Tasks Command
Set priority table items priority-list list-number protocol protocol {high | medium | normal | low} queue-keyword keyword-value
Use the specified priority table priority-group list-number
2. Give an example
Router1:
priority-list 1 protocol ip high tcp telnet
priority-list 1 protocol ip low tcp ftp
priority-list 1 default normal
interface serial 0
priority-group 1
2. Queue customization
1. Related Commands
Tasks Command
Set the queue list to include protocol queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value
Set the size of the queue in the queue list queue-list list-number queue queue-number byte-count byte-count-number
Use the specified queue list custom-queue-list list
2. Give an example
Router1:
queue-list 1 protocol ip 0 tcp telnet
queue-list 1 protocol ip 1 tcp www
queue-list 1 protocol ip 2 tcp ftp
queue-list 1 queue 0 byte-count 300
queue-list 1 queue 1 byte-count 200
queue-list 1 queue 2 byte-count 100
interface serial 0
custom-queue-list 1
3. Access control
1. Related Commands
Tasks Command
Set up access table items access-list list {permit | deny} address mask
Set the size of the queue in the queue list queue-list list-number queue queue-number byte-count byte-count-number
Use the specified access table ip access-group list {in | out}
2. Give an example
Router1:
access-list 1 deny 192.1.3.0 0.0.0.255
access-list 1 permit any
interface serial 0
ip access-group 1 in
Chapter 5 Virtual Local Area Network (VLAN) Routing
1. Virtual LAN (VLAN)
The backbone network technologies we currently use when constructing enterprise networks are generally based on switching and virtual networks. Switching technology changes shared media to exclusive media, greatly improving network speed. Virtual network technology breaks the constraints of the geographical environment. Without changing the physical connection of the network, the workstation can be moved between work groups or subnets at will. The workstations form logical work groups or virtual subnets to improve the operating performance of the information system, balance network data traffic, and rationally utilize hardware and information resources. At the same time, the use of virtual network technology has greatly reduced the burden of network management and maintenance work and reduced network maintenance costs. With the application of virtual network technology, the problem of how to communicate between virtual networks will inevitably arise.
2. Inter-switch link (ISL) protocol
The ISL (Interiorrtching Link) protocol is used to implement VLAN relay between switches. It is a packet marking protocol, and frames sent on support ISL interfaces are composed of a standard Ethernet frame and related VLAN information. As shown in the figure below, data from different VLANs can be transmitted on an ISL-enabled interface.
3. Virtual LAN (VLAN) routing examples
3.1. Example 1:
The device uses a Catalyst5500 switch, and it is equipped with WS-X5530-E3 management engine, and multiple WS-X5225R and WS-X5302 routing switch modules. The WS-X5302 is directly plugged into the switch and is connected to the VLAN on the system backplane through two channels. From the user's perspective, it is considered to be a 1-interface module. This interface supports ISL. There are 3 virtual networks in the switch, named default, qbw, and rgw, and inter-network routing is realized through WS-X5302.
The following is amplified the lower horizontal line part, such as set system name 5500C as the command to be set.
Settings are as follows:
Catalyst 5500 configuration:
begin
set password $1$FMFQ$HfZR5DUszVHIRhrz4h6V70
set enablepass $1$FMFQ$HfZR5DUszVHIRhrz4h6V70
set prompt Console>
set length 24 default
set logout 20
set banner motd ^C^C
!
#system
set system baud 9600
set system modem disable
set system name 5500C
set system location
set system contact
!
#ip
set interface sc0 1 10.230.4.240 255.255.255.0 10.230.4.255
set interface sc0 up
set interface sl0 0.0.0.0 0.0.0.0
set interface sl0 up
set arp agingtime 1200
set ip redirect enable
set ip unreachable enable
set ip fragmentation enable
set ip route 0.0.0.0 10.230.4.15 1
set ip alias default 0.0.0.0
!
#Command alias
!
#vtp
set vtp domain hne
set vtp mode server
set vtp v2 disable
set vtp pruning disable
set vtp pruneeligible 2-1000
clear vtp pruneeligible 1001-1005
set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 777 name rgw type ethernet mtu 1500 said 100777 state active
set vlan 888 name qbw type ethernet mtu 1500 said 100888 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active bridge 0x0 stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active bridge 0x0 stp ibm
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active parent 0 ring 0x0 mode srb aremaxhop 7 stemaxhop 7
!
#set boot command
set boot config-register 0x102
set boot system flash bootflash:cat5000-sup3.
!
#module 1 : 2-port 1000BaseLX Supervisor
set module name 1
set vlan 1 1/1-2
set port enable 1/1-2
!
#module 2 : empty
!
#module 3 : 24-port 10/100BaseTX Ethernet
set module name 3
set module enable 3
set vlan 1 3/1-22
set vlan 777 3/23
set vlan 888 3/24
set trunk 3/1 on isl 1-1005
#module 4 empty
!
#module 5 empty
!
#module 6 : 1-port Routetch
set module name 6
set port level 6/1 normal
set port trap 6/1 disable
set port name 6/1
set cdp enable 6/1
set cdp interval 6/1 60
set trunk 6/1 on isl 1-1005
!
#module 7 : 24-port 10/100BaseTX Ethernet
set module name 7
set module enable 7
set vlan 1 7/1-22
set vlan 888 7/23-24
set trunk 7/1 on isl 1-1005
set trunk 7/2 on isl 1-1005
!
#module 8 empty
!
#module 9 empty
!
#module 10 : 12-port 100BaseFX MM Ethernet
set module name 10
set module enable 10
set vlan 1 10/1-12
set port channel 10/1-4 off
set port channel 10/5-8 off
set port channel 10/9-12 off
set port channel 10/1-2 on
set port channel 10/3-4 on
set port channel 10/5-6 on
set port channel 10/7-8 on
set port channel 10/9-10 on
set port channel 10/11-12 on
#module 11 empty
!
#module 12 empty
!
#module 13 empty
!
tch port analyzer
!set span 1 1/1 both inpkts disable
set span disable
!
#cam
set cam agingtime 1-2,777,888,1003,1005 300
end
5500C> (enable)
WS-X5302 routing module settings:
Router#wri t
Building configuration...
Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Router
!
enable secret 5 $1$w1kK$AJK69fGOD7BqKhKcSNBf6.
!
ip subnet-zero
!
interface Vlan1
ip address 10.230.2.56 255.255.255.0
!
interface Vlan777
ip address 10.230.3.56 255.255.255.0
!
interface Vlan888
ip address 10.230.4.56 255.255.255.0
!
no ip classless
!
line con 0
line aux 0
line vty 0 4
password router
login
!
end
Router#
Previous page1234Next pageRead the full text