3. Asynchronous dial-backup DDN dedicated line:
This example uses a DDN dedicated line for the main connection, and the backup line is for telephone dialing. When the DDN dedicated line is connected normally, the main port S0 state is up, and the line protocol is also up, the backup line state is standby and the line protocol is down, and all communications are carried out through the main interface. When the main interface connection fails and the port status is down, the backup interface is activated to complete data communication. This method is not suitable for backups for X.25. Because, as long as the connection between the X.25 interface and the X.25 switch is normal, the interface and line protocol status are also up, it does not consider the status of the router that needs to communicate with other places. Therefore, if the local router is normal and the other router connection fails, the backup line will not be activated locally. Example 4 will describe how to do dial-up backup for X.25.
The following are the relevant commands:
Task Command
Specify the delay time when the secondary line state changes after the main line changes backup delay {enable-delay | never} {disable-delay | never}
Specify an interface as backup interface type number
hostname c2522rb
!
enable secret 5 $1$J5vn$ceYDe2FwPhrZi6qsIIz6g0
enable password cisco
!
username c4700 password 0 cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
!
interface Ethernet0
ip address 16.122.51.254 255.255.255.0
no ip mroute-cache
!
interface Serial0
backup delay 10 10
backup interface Serial2
ip address 16.250.123.18 255.255.255.252
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip mroute-cache
shutdown
!
interface Serial2
physical-layer async
ip address 16.249.123.18 255.255.255.252
encapsulation ppp
async mode dedicated
dialer in-band
dialer idle-timeout 60
dialer map ip 16.249.123.17 name c4700 6825179
dialer-group 1
ppp authentication chap
!
interface Serial3
no ip address
shutdown
no cdp enable
!
interface Serial4
no ip address
shutdown
no cdp enable
!
interface Serial5
no ip address
no ip mroute-cache
shutdown
!
interface Serial6
no ip address
no ip mroute-cache
shutdown
!
interface Serial7
no ip address
no ip mroute-cache
shutdown
!
interface Serial8
no ip address
no ip mroute-cache
shutdown
!
interface Serial9
no ip address
no ip mroute-cache
shutdown
!
interface BRI0
no ip address
no ip mroute-cache
shutdown
!
router eigrp 200
network 16.0.0.0
!
ip classless
!
dialer-list 1 protocol ip permit
!
line con 0
line 2
script dialer cisco-default
script reset reset
modem InOut
modem autoconfigure discovery
rxspeed 38400
txspeed 38400
flowcontrol hardware
line aux 0
line vty 0 4
password cisco
login
!
end
c2522rb#
4. Asynchronous dialing backup X.25:
To set up dial-up backup for X.25, first of all, the ports connected to X.25 must run the dynamic routing protocol, and the asynchronous dial-up port must use static routing. In this example, select EIGRP as the routing protocol, and set the static routed Metric value to 200. Since the default metric of EIGRP is 90, when two paths lead to the same network segment at the same time, the path with a small Metric value takes effect. When there is a problem with X.25 connection, the router cannot learn the routing table through the routing protocol, then the static route takes effect and access is achieved through the dial-up port. When the X.25 connection returns to normal, the router can learn the routing table again. Due to the different metric values, the static route is automatically replaced by dynamic routes, which realizes the backup function.
The router Router1 is configured as follows:
hostname router1
!
enable secret 5 $1$UTvD$.
enable password cisco
!
username router2 password cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
interface Ethernet0
ip address 202.96.38.100 255.255.255.0
!
interface Serial0
ip address 202.96.0.1 255.255.255.0
encapsulation x25
x25 address 10112227
x25 htc 16
x25 map ip 202.96.0.2 10112225 broadcast
!
interface Serial1
no ip address
shutdown
!
!
interface Async 1
ip address 202.96.1.1 255.255.255.252
encapsulation ppp
dialer in-band
dialer idle-timeout 60
dialer map ip 202.96.1.2 name router2 modem-script cisco-default 2113470
dialer-group 1
ppp authentication chap
!
router eigrp 200
redistribute connected
network 202.96.0.0
!
ip route 202.96.37.0 255.255.255.0 202.96.1.2 200
dialer-list 1 protocol ip permit
line con 0
line aux 0
script dialer cisco-default
script reset reset
modem InOut
modem autoconfigure discovery
transport input all
rxspeed 38400
txspeed 38400
flowcontrol hardware
line vty 0 4
password cisco
login
!
end
The router Router2 configuration is as follows:
hostname router2
!
enable secret 5 $1$T4IU$2cIqak8f/E4Ug6dLT0k.J0
enable password cisco
!
username router1 password cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
!
interface Ethernet0
ip address 202.96.37.100 255.255.255.0
!
interface Serial0
ip address 202.96.0.2 255.255.255.0
no ip mroute-cache
encapsulation x25
x25 address 10112225
x25 htc 16
x25 map ip 202.96.0.1 10112227 broadcast
!
interface Serial1
no ip address
shutdown
!
interface Async1
ip address 202.96.1.2 255.255.255.252
encapsulation ppp
keepalive 30
async default routing
async mode dedicated
dialer in-band
dialer idle-timeout 60
dialer wait-for-carrier-time 120
dialer map ip 202.96.1.1 name router1 modem-script cisco-default 2113469
dialer-group 1
ppp authentication chap
!
router eigrp 200
redistribute static
network 202.96.0.0
!
no ip classless
ip route 202.96.38.0 255.255.255.0 202.96.1.1 200
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 0 0
line aux 0
script reset reset
modem InOut
modem autoconfigure discovery
transport input all
rxspeed 38400
txspeed 38400
flowcontrol hardware
line vty 0 4
password cisco
login
!
end
Routing protocol:
1. RIP protocol
RIP (Routing information Protocol) is an early and more common internal gateway protocol (IGP), suitable for small and similar networks, and is a typical distance vector (distance-vector) protocol. See RFC1058 and RFC1723 for documentation.
RIP exchanges routing information by broadcasting UDP packets and sends routing information updates every 30 seconds. RIP provides a hop count as a scale to measure routing distance. The hop count is the number of routers a packet must pass through to reach the target. If there are two routers with uneven speed or different bandwidth to the same target, but the hop count is the same, RIP considers the two routes to be equally distanced. The maximum number of hops supported by RIP is 15, that is, the number of routers to pass between the source and destination network is 15, and the number of hops 16 means unreachable.
1. Related Commands
Task Command
Specify the use of RIP protocol router rip
Specify RIP version {1|2}1
Specify the network network to which the router is connected to the network network
Note: RIP version 2 supports verification, key management, routing summary, classless inter-domain routing (CIDR) and variable-length subnet masks (VLSMs)
2. Give an example
Router1:
router rip
version 2
network 192.200.10.0
network 192.20.10.0
!
Related debugging commands:
show ip protocol
show ip route
Return to the directory
II. IGRP protocol
IGRP (Interior Gateway Routing Protocol) is a dynamic distance vector routing protocol designed by Cisco in the mid-1980s. Use combined user configuration scales including latency, bandwidth, reliability, and load.
By default, IGRP sends a route update broadcast every 90 seconds. During 3 update cycles (i.e. 270 seconds), no update is received from the first router in the route, and the route is declared inaccessible. After 7 update cycles, 630 seconds, the Cisco IOS software clears the route from the routing table.
1. Related Commands
Task Command
Specify the use of RIP protocol router igrp autonomous-system1
Specify the network network to which the router is connected to the network network
Specify the node address adjacent to the router neighbor ip-address
Note: 1. The autonomous-system can be established at will, not the actual autonomous-system, but the autonomous-system needs to be the same if the router running IGRP wants to exchange route update information.
2. Give an example
Router1:
router igrp 200
network 192.200.10.0
network 192.20.10.0
!
III. OSPF protocol
OSPF (Open Shortest Path First) is an internal gateway protocol (IGP) used to make decisions within an autonomous system (AS). Compared with RIP, OSPF is a link state path with protocol, while RIP is a distance vector routing protocol.
Links are another way of saying router interfaces, so OSPF is also called interface state routing protocol. OSPF establishes a link state database by informing the state of the network interface between routers and generating a shortest path tree. Each OSPF router uses these shortest paths to construct a routing table.
See RFC2178 for documentation.
1. Related Commands
Global settings
Task Command
Specify the use of OSPF protocol router ospf process-id1
Specify the network address wildcard-mask area area-id2
Specify the node address adjacent to the router neighbor ip-address
Note: 1. The OSPF routing process process-id must specify the range between 1-65535. Multiple OSPF processes can be configured on the same router, but it is best not to do so. Multiple OSPF processes require copies of multiple OSPF databases and must run multiple copies of shortest path algorithms. process-id only works inside the router, and the process-ids of different routers can be different.
2. wildcard-mask is the inverse code of the subnet mask. The decimal number with the network area ID area-id within 0-4294967295 can also be in the IP address format. When the network area ID is 0 or 0.0.0.0 is the main domain. Routers in different network areas learn routing information through the backbone domain.
2. Examples of basic configuration:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
!
Router3:
interface ethernet 0
ip address 192.1.0.130 255.255.255.192
!
router ospf 300
network 192.1.0.128 0.0.0.63 area 1
!
Router4:
interface ethernet 0
ip address 192.1.0.66 255.255.255.192
!
router ospf 400
network 192.1.0.64 0.0.0.63 area 1
!
Related debugging commands:
debug ip ospf events
debug ip ospf packet
show ip ospf
show ip ospf database
show ip ospf interface
show ip ospf neighbor
show ip route
3. Use authentication
For security reasons, we can enable authentication on routers in the same OSPF zone, and only routers in the same zone that have been authenticated can advertise routing information to each other.
By default, OSPF does not use zone verification. There are two ways to enable authentication features, plain text authentication and message digest (md5) authentication. The authentication password transmitted by plain text authentication is plain text, and it will be determined by the network detector, so it is not safe and is not recommended. Message Digest (md5) authentication must encrypt the password before transmitting the authentication password, so it is generally recommended to use this method for authentication.
When using authentication, all router interfaces in the zone must use the same authentication method. To enable authentication, passwords must be configured for each router interface in the zone in the router interface configuration mode.
Task Command
Specify authentication area area-id authentication [message-digest]
Use plain text authentication-key password
Authentication using message digest (md5) ip ospf message-digest-key keyid md5 key
The following lists two examples of verification settings. The network distribution and address allocation environment of the example are the same as the above basic configuration examples, except that the authentication function is used on area 0 of Router1 and Router2. :
Example 1. Use plain text authentication
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication
!
Example 2. Message Digest (md5) Authentication:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication message-digest
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication message-digest
!
Related debugging commands:
debug ip ospf adj
debug ip ospf events
Return to the directory
4. Reassign routes
In actual work, we will encounter networks using multiple IP routing protocols. In order for the entire network to work properly, successful routing redistribution must be performed between multiple routing protocols.
The following lists the settings for reassigning routes between OSPF and RIP:
Router1's Serial 0 port and Router2's Serial 0 port run OSPF, Router1's Ethernet 0 port run RIP 2, Router3's RIP 2, Router2 has static routes to Router4's 192.168.2.0/24 network, Router4 uses the default static route. OSPF and RIP routes need to be reassigned between Router1 and Router3, and static routes and direct routes on Router2.
Commands involved in the example
Task Command
Redistributed routes redistributed connected
Redistribute static routes
redistribute ospf process-id metric metric-value
Redistribute rip metric metric-value
Router1:
interface ethernet 0
ip address 192.168.1.1 255.255.255.0
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
redistribute rip metric 10
network 192.200.10.4 0.0.0.3 area 0
!
router rip
version 2
redistribute ospf 100 metric 1
network 192.168.1.0
!
Router2:
interface loopback 1
ip address 192.168.3.2 255.255.255.0
!
interface ethernet 0
ip address 192.168.0.2 255.255.255.0
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
redistribute connected subnet
redistribute static subnet
network 192.200.10.4 0.0.0.3 area 0
!
ip route 192.168.2.0 255.255.255.0 192.168.0.1
!
Router3:
interface ethernet 0
ip address 192.168.1.2 255.255.255.0
!
router rip
version 2
network 192.168.1.0
!
Router4:
interface ethernet 0
ip address 192.168.0.1 255.255.255.0
!
interface ethernet 1
ip address 192.168.2.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.0.2
!
5. IPX protocol settings
IPX protocol and IP protocol are two different network layer protocols, and their routing protocols are also different. IPX routing protocol is not as rich as IP routing protocols, so it is relatively simple to set up. However, the IPX protocol must specify the encapsulation form when running on Ethernet.
1. Related Commands
Start IPX routing ipx routing
Set IPX network and Ethernet encapsulation form ipx network network [encapsulation encapsulation-type]1
Specify routing protocol, default is RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip}
Note: The range is 1 to FFFFFFD.
IPX encapsulation type list
Interface type Encapsulation type IPX frame type
Ethernet novelll-ether (default) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap
Token Ring sap (default) snap Token-Ring Token-Ring_Snap
FDDI snap (default) sap novelll-fddi Fddi_Snap Fddi_802.2 Fddi_Raw
For example:
In this example, the IPX network of the WAN is 3a00, and the IPX network number of the LAN connected to Router1 is 2a00. There is a Novell server in this LAN, and the IPX network number is also 2a00. The IPX network number of the router interface must be the same as the IPX network number set on the Novell server of the same network. The router establishes a known service and its own network address table by listening to SAP, and sends its own SAP table every 60 seconds.
Router1:
ipx routing
interface ethernet 0
ipx network 2a00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 3a00
network 2a00
!
Router2:
ipx routing
interface ethernet 0
ipx network 2b00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 2b00
network 3a00
!
Related debugging commands:
debug ipx packet
debug ipx routing
debug ipx sap
debug ipx spoof
debug ipx spx
show ipx eigrp interfaces
show ipx eigrp neighbors
show ipx eigrp topology
show ipx interface
show ipx route
show ipx servers
show ipx spx-spoof
5. IPX protocol settings
IPX protocol and IP protocol are two different network layer protocols, and their routing protocols are also different. IPX routing protocol is not as rich as IP routing protocols, so it is relatively simple to set up. However, the IPX protocol must specify the encapsulation form when running on Ethernet.
1. Related Commands
Start IPX routing ipx routing
Set IPX network and Ethernet encapsulation form ipx network network [encapsulation encapsulation-type]1
Specify routing protocol, default is RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip}
Note: The range is 1 to FFFFFFD.
IPX encapsulation type list
Interface type Encapsulation type IPX frame type
Ethernet novelll-ether (default) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap
Token Ring sap (default) snap Token-Ring Token-Ring_Snap
FDDI snap (default) sap novelll-fddi Fddi_Snap Fddi_802.2 Fddi_Raw
For example:
In this example, the IPX network of the WAN is 3a00, and the IPX network number of the LAN connected to Router1 is 2a00. There is a Novell server in this LAN, and the IPX network number is also 2a00. The IPX network number of the router interface must be the same as the IPX network number set on the Novell server of the same network. The router establishes a known service and its own network address table by listening to SAP, and sends its own SAP table every 60 seconds.
Router1:
ipx routing
interface ethernet 0
ipx network 2a00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 3a00
network 2a00
!
Router2:
ipx routing
interface ethernet 0
ipx network 2b00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 2b00
network 3a00
!
Related debugging commands:
debug ipx packet
debug ipx routing
debug ipx sap
debug ipx spoof
debug ipx spx
show ipx eigrp interfaces
show ipx eigrp neighbors
show ipx eigrp topology
show ipx interface
show ipx route
show ipx servers
show ipx spx-spoof
4., Chapter Service quality and access control
1. Protocol priority settings
1. Related Commands
Task Command
Set priority-list list-number protocol protocol {high | medium | normal | low} queue-keyword keyword keyword-value
priority-group list-number
2. Give an example
Router1:
priority-list 1 protocol ip high tcp telnet
priority-list 1 protocol ip low tcp ftp
priority-list 1 default normal
interface serial 0
priority-group 1
Return to the directory
2. Queue customization
1. Related Commands
Task Command
Set the queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value
Set the size of the queue in the queue list queue-list list-number queue queue queue-number byte-count byte-count-number
custom-queue-list list
2. Give an example
Router1:
queue-list 1 protocol ip 0 tcp telnet
queue-list 1 protocol ip 1 tcp www
queue-list 1 protocol ip 2 tcp ftp
queue-list 1 queue 0 byte-count 300
queue-list 1 queue 1 byte-count 200
queue-list 1 queue 2 byte-count 100
interface serial 0
custom-queue-list 1
Return to the directory
3. Access control
1. Related Commands
Task Command
Set access table item access-list list {permit | deny} address mask
Set the size of the queue in the queue list queue-list list-number queue queue queue-number byte-count byte-count-number
Use the specified access table ip access-group list {in | out}
2. Give an example
Router1:
access-list 1 deny 192.1.3.0 0.0.0.255
access-list 1 permit any
interface serial 0
ip access-group 1 in
This example uses a DDN dedicated line for the main connection, and the backup line is for telephone dialing. When the DDN dedicated line is connected normally, the main port S0 state is up, and the line protocol is also up, the backup line state is standby and the line protocol is down, and all communications are carried out through the main interface. When the main interface connection fails and the port status is down, the backup interface is activated to complete data communication. This method is not suitable for backups for X.25. Because, as long as the connection between the X.25 interface and the X.25 switch is normal, the interface and line protocol status are also up, it does not consider the status of the router that needs to communicate with other places. Therefore, if the local router is normal and the other router connection fails, the backup line will not be activated locally. Example 4 will describe how to do dial-up backup for X.25.
The following are the relevant commands:
Task Command
Specify the delay time when the secondary line state changes after the main line changes backup delay {enable-delay | never} {disable-delay | never}
Specify an interface as backup interface type number
hostname c2522rb
!
enable secret 5 $1$J5vn$ceYDe2FwPhrZi6qsIIz6g0
enable password cisco
!
username c4700 password 0 cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
!
interface Ethernet0
ip address 16.122.51.254 255.255.255.0
no ip mroute-cache
!
interface Serial0
backup delay 10 10
backup interface Serial2
ip address 16.250.123.18 255.255.255.252
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip mroute-cache
shutdown
!
interface Serial2
physical-layer async
ip address 16.249.123.18 255.255.255.252
encapsulation ppp
async mode dedicated
dialer in-band
dialer idle-timeout 60
dialer map ip 16.249.123.17 name c4700 6825179
dialer-group 1
ppp authentication chap
!
interface Serial3
no ip address
shutdown
no cdp enable
!
interface Serial4
no ip address
shutdown
no cdp enable
!
interface Serial5
no ip address
no ip mroute-cache
shutdown
!
interface Serial6
no ip address
no ip mroute-cache
shutdown
!
interface Serial7
no ip address
no ip mroute-cache
shutdown
!
interface Serial8
no ip address
no ip mroute-cache
shutdown
!
interface Serial9
no ip address
no ip mroute-cache
shutdown
!
interface BRI0
no ip address
no ip mroute-cache
shutdown
!
router eigrp 200
network 16.0.0.0
!
ip classless
!
dialer-list 1 protocol ip permit
!
line con 0
line 2
script dialer cisco-default
script reset reset
modem InOut
modem autoconfigure discovery
rxspeed 38400
txspeed 38400
flowcontrol hardware
line aux 0
line vty 0 4
password cisco
login
!
end
c2522rb#
4. Asynchronous dialing backup X.25:
To set up dial-up backup for X.25, first of all, the ports connected to X.25 must run the dynamic routing protocol, and the asynchronous dial-up port must use static routing. In this example, select EIGRP as the routing protocol, and set the static routed Metric value to 200. Since the default metric of EIGRP is 90, when two paths lead to the same network segment at the same time, the path with a small Metric value takes effect. When there is a problem with X.25 connection, the router cannot learn the routing table through the routing protocol, then the static route takes effect and access is achieved through the dial-up port. When the X.25 connection returns to normal, the router can learn the routing table again. Due to the different metric values, the static route is automatically replaced by dynamic routes, which realizes the backup function.
The router Router1 is configured as follows:
hostname router1
!
enable secret 5 $1$UTvD$.
enable password cisco
!
username router2 password cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
interface Ethernet0
ip address 202.96.38.100 255.255.255.0
!
interface Serial0
ip address 202.96.0.1 255.255.255.0
encapsulation x25
x25 address 10112227
x25 htc 16
x25 map ip 202.96.0.2 10112225 broadcast
!
interface Serial1
no ip address
shutdown
!
!
interface Async 1
ip address 202.96.1.1 255.255.255.252
encapsulation ppp
dialer in-band
dialer idle-timeout 60
dialer map ip 202.96.1.2 name router2 modem-script cisco-default 2113470
dialer-group 1
ppp authentication chap
!
router eigrp 200
redistribute connected
network 202.96.0.0
!
ip route 202.96.37.0 255.255.255.0 202.96.1.2 200
dialer-list 1 protocol ip permit
line con 0
line aux 0
script dialer cisco-default
script reset reset
modem InOut
modem autoconfigure discovery
transport input all
rxspeed 38400
txspeed 38400
flowcontrol hardware
line vty 0 4
password cisco
login
!
end
The router Router2 configuration is as follows:
hostname router2
!
enable secret 5 $1$T4IU$2cIqak8f/E4Ug6dLT0k.J0
enable password cisco
!
username router1 password cisco
ip subnet-zero
chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c
chat-script reset atz
!
interface Ethernet0
ip address 202.96.37.100 255.255.255.0
!
interface Serial0
ip address 202.96.0.2 255.255.255.0
no ip mroute-cache
encapsulation x25
x25 address 10112225
x25 htc 16
x25 map ip 202.96.0.1 10112227 broadcast
!
interface Serial1
no ip address
shutdown
!
interface Async1
ip address 202.96.1.2 255.255.255.252
encapsulation ppp
keepalive 30
async default routing
async mode dedicated
dialer in-band
dialer idle-timeout 60
dialer wait-for-carrier-time 120
dialer map ip 202.96.1.1 name router1 modem-script cisco-default 2113469
dialer-group 1
ppp authentication chap
!
router eigrp 200
redistribute static
network 202.96.0.0
!
no ip classless
ip route 202.96.38.0 255.255.255.0 202.96.1.1 200
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 0 0
line aux 0
script reset reset
modem InOut
modem autoconfigure discovery
transport input all
rxspeed 38400
txspeed 38400
flowcontrol hardware
line vty 0 4
password cisco
login
!
end
Routing protocol:
1. RIP protocol
RIP (Routing information Protocol) is an early and more common internal gateway protocol (IGP), suitable for small and similar networks, and is a typical distance vector (distance-vector) protocol. See RFC1058 and RFC1723 for documentation.
RIP exchanges routing information by broadcasting UDP packets and sends routing information updates every 30 seconds. RIP provides a hop count as a scale to measure routing distance. The hop count is the number of routers a packet must pass through to reach the target. If there are two routers with uneven speed or different bandwidth to the same target, but the hop count is the same, RIP considers the two routes to be equally distanced. The maximum number of hops supported by RIP is 15, that is, the number of routers to pass between the source and destination network is 15, and the number of hops 16 means unreachable.
1. Related Commands
Task Command
Specify the use of RIP protocol router rip
Specify RIP version {1|2}1
Specify the network network to which the router is connected to the network network
Note: RIP version 2 supports verification, key management, routing summary, classless inter-domain routing (CIDR) and variable-length subnet masks (VLSMs)
2. Give an example
Router1:
router rip
version 2
network 192.200.10.0
network 192.20.10.0
!
Related debugging commands:
show ip protocol
show ip route
Return to the directory
II. IGRP protocol
IGRP (Interior Gateway Routing Protocol) is a dynamic distance vector routing protocol designed by Cisco in the mid-1980s. Use combined user configuration scales including latency, bandwidth, reliability, and load.
By default, IGRP sends a route update broadcast every 90 seconds. During 3 update cycles (i.e. 270 seconds), no update is received from the first router in the route, and the route is declared inaccessible. After 7 update cycles, 630 seconds, the Cisco IOS software clears the route from the routing table.
1. Related Commands
Task Command
Specify the use of RIP protocol router igrp autonomous-system1
Specify the network network to which the router is connected to the network network
Specify the node address adjacent to the router neighbor ip-address
Note: 1. The autonomous-system can be established at will, not the actual autonomous-system, but the autonomous-system needs to be the same if the router running IGRP wants to exchange route update information.
2. Give an example
Router1:
router igrp 200
network 192.200.10.0
network 192.20.10.0
!
III. OSPF protocol
OSPF (Open Shortest Path First) is an internal gateway protocol (IGP) used to make decisions within an autonomous system (AS). Compared with RIP, OSPF is a link state path with protocol, while RIP is a distance vector routing protocol.
Links are another way of saying router interfaces, so OSPF is also called interface state routing protocol. OSPF establishes a link state database by informing the state of the network interface between routers and generating a shortest path tree. Each OSPF router uses these shortest paths to construct a routing table.
See RFC2178 for documentation.
1. Related Commands
Global settings
Task Command
Specify the use of OSPF protocol router ospf process-id1
Specify the network address wildcard-mask area area-id2
Specify the node address adjacent to the router neighbor ip-address
Note: 1. The OSPF routing process process-id must specify the range between 1-65535. Multiple OSPF processes can be configured on the same router, but it is best not to do so. Multiple OSPF processes require copies of multiple OSPF databases and must run multiple copies of shortest path algorithms. process-id only works inside the router, and the process-ids of different routers can be different.
2. wildcard-mask is the inverse code of the subnet mask. The decimal number with the network area ID area-id within 0-4294967295 can also be in the IP address format. When the network area ID is 0 or 0.0.0.0 is the main domain. Routers in different network areas learn routing information through the backbone domain.
2. Examples of basic configuration:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
!
Router3:
interface ethernet 0
ip address 192.1.0.130 255.255.255.192
!
router ospf 300
network 192.1.0.128 0.0.0.63 area 1
!
Router4:
interface ethernet 0
ip address 192.1.0.66 255.255.255.192
!
router ospf 400
network 192.1.0.64 0.0.0.63 area 1
!
Related debugging commands:
debug ip ospf events
debug ip ospf packet
show ip ospf
show ip ospf database
show ip ospf interface
show ip ospf neighbor
show ip route
3. Use authentication
For security reasons, we can enable authentication on routers in the same OSPF zone, and only routers in the same zone that have been authenticated can advertise routing information to each other.
By default, OSPF does not use zone verification. There are two ways to enable authentication features, plain text authentication and message digest (md5) authentication. The authentication password transmitted by plain text authentication is plain text, and it will be determined by the network detector, so it is not safe and is not recommended. Message Digest (md5) authentication must encrypt the password before transmitting the authentication password, so it is generally recommended to use this method for authentication.
When using authentication, all router interfaces in the zone must use the same authentication method. To enable authentication, passwords must be configured for each router interface in the zone in the router interface configuration mode.
Task Command
Specify authentication area area-id authentication [message-digest]
Use plain text authentication-key password
Authentication using message digest (md5) ip ospf message-digest-key keyid md5 key
The following lists two examples of verification settings. The network distribution and address allocation environment of the example are the same as the above basic configuration examples, except that the authentication function is used on area 0 of Router1 and Router2. :
Example 1. Use plain text authentication
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf authentication-key cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication
!
Example 2. Message Digest (md5) Authentication:
Router1:
interface ethernet 0
ip address 192.1.0.129 255.255.255.192
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 100
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.128 0.0.0.63 area 1
area 0 authentication message-digest
!
Router2:
interface ethernet 0
ip address 192.1.0.65 255.255.255.192
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
ip ospf message-digest-key 1 md5 cisco
!
router ospf 200
network 192.200.10.4 0.0.0.3 area 0
network 192.1.0.64 0.0.0.63 area 2
area 0 authentication message-digest
!
Related debugging commands:
debug ip ospf adj
debug ip ospf events
Return to the directory
4. Reassign routes
In actual work, we will encounter networks using multiple IP routing protocols. In order for the entire network to work properly, successful routing redistribution must be performed between multiple routing protocols.
The following lists the settings for reassigning routes between OSPF and RIP:
Router1's Serial 0 port and Router2's Serial 0 port run OSPF, Router1's Ethernet 0 port run RIP 2, Router3's RIP 2, Router2 has static routes to Router4's 192.168.2.0/24 network, Router4 uses the default static route. OSPF and RIP routes need to be reassigned between Router1 and Router3, and static routes and direct routes on Router2.
Commands involved in the example
Task Command
Redistributed routes redistributed connected
Redistribute static routes
redistribute ospf process-id metric metric-value
Redistribute rip metric metric-value
Router1:
interface ethernet 0
ip address 192.168.1.1 255.255.255.0
!
interface serial 0
ip address 192.200.10.5 255.255.255.252
!
router ospf 100
redistribute rip metric 10
network 192.200.10.4 0.0.0.3 area 0
!
router rip
version 2
redistribute ospf 100 metric 1
network 192.168.1.0
!
Router2:
interface loopback 1
ip address 192.168.3.2 255.255.255.0
!
interface ethernet 0
ip address 192.168.0.2 255.255.255.0
!
interface serial 0
ip address 192.200.10.6 255.255.255.252
!
router ospf 200
redistribute connected subnet
redistribute static subnet
network 192.200.10.4 0.0.0.3 area 0
!
ip route 192.168.2.0 255.255.255.0 192.168.0.1
!
Router3:
interface ethernet 0
ip address 192.168.1.2 255.255.255.0
!
router rip
version 2
network 192.168.1.0
!
Router4:
interface ethernet 0
ip address 192.168.0.1 255.255.255.0
!
interface ethernet 1
ip address 192.168.2.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.0.2
!
5. IPX protocol settings
IPX protocol and IP protocol are two different network layer protocols, and their routing protocols are also different. IPX routing protocol is not as rich as IP routing protocols, so it is relatively simple to set up. However, the IPX protocol must specify the encapsulation form when running on Ethernet.
1. Related Commands
Start IPX routing ipx routing
Set IPX network and Ethernet encapsulation form ipx network network [encapsulation encapsulation-type]1
Specify routing protocol, default is RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip}
Note: The range is 1 to FFFFFFD.
IPX encapsulation type list
Interface type Encapsulation type IPX frame type
Ethernet novelll-ether (default) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap
Token Ring sap (default) snap Token-Ring Token-Ring_Snap
FDDI snap (default) sap novelll-fddi Fddi_Snap Fddi_802.2 Fddi_Raw
For example:
In this example, the IPX network of the WAN is 3a00, and the IPX network number of the LAN connected to Router1 is 2a00. There is a Novell server in this LAN, and the IPX network number is also 2a00. The IPX network number of the router interface must be the same as the IPX network number set on the Novell server of the same network. The router establishes a known service and its own network address table by listening to SAP, and sends its own SAP table every 60 seconds.
Router1:
ipx routing
interface ethernet 0
ipx network 2a00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 3a00
network 2a00
!
Router2:
ipx routing
interface ethernet 0
ipx network 2b00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 2b00
network 3a00
!
Related debugging commands:
debug ipx packet
debug ipx routing
debug ipx sap
debug ipx spoof
debug ipx spx
show ipx eigrp interfaces
show ipx eigrp neighbors
show ipx eigrp topology
show ipx interface
show ipx route
show ipx servers
show ipx spx-spoof
5. IPX protocol settings
IPX protocol and IP protocol are two different network layer protocols, and their routing protocols are also different. IPX routing protocol is not as rich as IP routing protocols, so it is relatively simple to set up. However, the IPX protocol must specify the encapsulation form when running on Ethernet.
1. Related Commands
Start IPX routing ipx routing
Set IPX network and Ethernet encapsulation form ipx network network [encapsulation encapsulation-type]1
Specify routing protocol, default is RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip}
Note: The range is 1 to FFFFFFD.
IPX encapsulation type list
Interface type Encapsulation type IPX frame type
Ethernet novelll-ether (default) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap
Token Ring sap (default) snap Token-Ring Token-Ring_Snap
FDDI snap (default) sap novelll-fddi Fddi_Snap Fddi_802.2 Fddi_Raw
For example:
In this example, the IPX network of the WAN is 3a00, and the IPX network number of the LAN connected to Router1 is 2a00. There is a Novell server in this LAN, and the IPX network number is also 2a00. The IPX network number of the router interface must be the same as the IPX network number set on the Novell server of the same network. The router establishes a known service and its own network address table by listening to SAP, and sends its own SAP table every 60 seconds.
Router1:
ipx routing
interface ethernet 0
ipx network 2a00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 3a00
network 2a00
!
Router2:
ipx routing
interface ethernet 0
ipx network 2b00 encapsulation sap
!
interface serial 0
ipx network 3a00
!
ipx router eigrp 10
network 2b00
network 3a00
!
Related debugging commands:
debug ipx packet
debug ipx routing
debug ipx sap
debug ipx spoof
debug ipx spx
show ipx eigrp interfaces
show ipx eigrp neighbors
show ipx eigrp topology
show ipx interface
show ipx route
show ipx servers
show ipx spx-spoof
4., Chapter Service quality and access control
1. Protocol priority settings
1. Related Commands
Task Command
Set priority-list list-number protocol protocol {high | medium | normal | low} queue-keyword keyword keyword-value
priority-group list-number
2. Give an example
Router1:
priority-list 1 protocol ip high tcp telnet
priority-list 1 protocol ip low tcp ftp
priority-list 1 default normal
interface serial 0
priority-group 1
Return to the directory
2. Queue customization
1. Related Commands
Task Command
Set the queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value
Set the size of the queue in the queue list queue-list list-number queue queue queue-number byte-count byte-count-number
custom-queue-list list
2. Give an example
Router1:
queue-list 1 protocol ip 0 tcp telnet
queue-list 1 protocol ip 1 tcp www
queue-list 1 protocol ip 2 tcp ftp
queue-list 1 queue 0 byte-count 300
queue-list 1 queue 1 byte-count 200
queue-list 1 queue 2 byte-count 100
interface serial 0
custom-queue-list 1
Return to the directory
3. Access control
1. Related Commands
Task Command
Set access table item access-list list {permit | deny} address mask
Set the size of the queue in the queue list queue-list list-number queue queue queue-number byte-count byte-count-number
Use the specified access table ip access-group list {in | out}
2. Give an example
Router1:
access-list 1 deny 192.1.3.0 0.0.0.255
access-list 1 permit any
interface serial 0
ip access-group 1 in