当前位置: 首页 > article >正文

CCIE-04-Layer2_WAN_TS

目录

  • 实验条件
    • 网络拓朴
  • 路由器配置
  • 开始排错, 要求R11可以访问R17的telnet
    • 检查R12和R11的e0/0口,有发现
    • 检查R17和R12的S4/0口, 有发现
    • ping R17环回口地址,发现不通
    • telnet R17环回口IP

实验条件

网络拓朴

在这里插入图片描述

路由器配置

R11 4组以太网接口

service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R11
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$ixiY$3Lw0yIdKtcQnWVtqnj8vq/
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
redundancy
!
interface Loopback0
 no shutdown
 ip address 145.11.11.11 255.255.255.255
!
interface Ethernet0/0
 no shutdown
 ip address 145.67.89.1 255.255.255.252
!
interface Ethernet0/1
 no shutdown
 no ip address
 shutdown
!
interface Ethernet0/2
 no shutdown
 no ip address
 shutdown
!
interface Ethernet0/3
 no shutdown
 no ip address
 shutdown
!
interface Ethernet1/0
 no shutdown
 ip address 145.67.89.5 255.255.255.252
 ip authentication mode eigrp 145 md5
!
interface Ethernet1/1
 no shutdown
 no ip address
 shutdown
!
interface Ethernet1/2
 no shutdown
 no ip address
 shutdown
!
interface Ethernet1/3
 no shutdown
 no ip address
 shutdown
!
interface Ethernet2/0
 no shutdown
 ip address 145.67.89.9 255.255.255.252
!
interface Ethernet2/1
 no shutdown
 no ip address
 shutdown
!
interface Ethernet2/2
 no shutdown
 no ip address
 shutdown
!
interface Ethernet2/3
 no shutdown
 no ip address
 shutdown
!
interface Ethernet3/0
 no shutdown
 ip address 145.67.89.13 255.255.255.252
!
interface Ethernet3/1
 no shutdown
 no ip address
 shutdown
!
interface Ethernet3/2
 no shutdown
 no ip address
 shutdown
!
interface Ethernet3/3
 no shutdown
 no ip address
 shutdown
!
!
router eigrp 145
 metric weights 0 1 1 1 1 1
 network 145.11.11.11 0.0.0.0
 network 145.67.89.1 0.0.0.0
 network 145.67.89.5 0.0.0.0
!
router bgp 14567
 bgp router-id 145.11.11.11
 bgp log-neighbor-changes
 network 145.67.89.8 mask 255.255.255.252
 network 145.67.89.12 mask 255.255.255.252
 neighbor IBGP peer-group
 neighbor IBGP remote-as 14567
 neighbor IBGP update-source Loopback0
 neighbor IBGP route-reflector-client
 neighbor IBGP next-hop-self
 neighbor 145.12.12.12 peer-group IBGP
 neighbor 145.13.13.13 peer-group IBGP
 neighbor 145.14.14.14 peer-group IBGP
 neighbor 145.67.89.10 remote-as 65200
 neighbor 145.67.89.10 default-originate
 neighbor 145.67.89.14 remote-as 65200
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
control-plane
!
banner motd Default Password: cisco
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 login
 transport input none
!
!
end

R12 3组以太网接口、4组串口


!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R12
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$tM4m$6cO5WZCiuX8zfSzuSkiFd.
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
username UberMarket_spoke_R17 password 0 ccie
!
redundancy
!
bba-group pppoe CCIE
 virtual-template 1
!
!
interface Loopback0
 ip address 145.12.12.12 255.255.255.255
!
interface Ethernet0/0
 ip address 145.67.89.2 255.255.255.252
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 ip address 145.67.89.17 255.255.255.252
!         
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Ethernet2/0
 ip address 123.45.67.44 255.255.255.248
!
interface Ethernet2/1
 no ip address
 shutdown
!
interface Ethernet2/2
 no ip address
 shutdown
!         
interface Ethernet2/3
 no ip address
 shutdown
!
interface Serial3/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/0
 ip address 145.67.89.21 255.255.255.252
 encapsulation ppp
 peer default ip address pool SPOKE1
 ppp authentication chap
 serial restart-delay 0
!
interface Serial4/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/3
 no ip address
 shutdown
 serial restart-delay 0
!         
interface Serial5/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial5/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial5/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial5/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/0
 no ip address
 shutdown 
 serial restart-delay 0
!
interface Serial6/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial6/3
 no ip address
 shutdown
 serial restart-delay 0
!
!
router eigrp 145
 metric weights 0 1 1 1 1 1
 network 145.12.12.12 0.0.0.0
 network 145.67.89.2 0.0.0.0
 network 145.67.89.17 0.0.0.0
 network 145.67.89.21 0.0.0.0
 offset-list 1 in 1000 Ethernet1/0 
 passive-interface Ethernet2/0
 passive-interface Serial4/0
!
router bgp 14567
 bgp router-id 145.12.12.12
 bgp log-neighbor-changes
 network 123.45.67.20 mask 255.255.255.252
 network 123.45.67.40 mask 255.255.255.248
 neighbor 123.45.67.45 remote-as 12345
 neighbor 123.45.67.45 shutdown
 neighbor 123.45.67.46 remote-as 12345
 neighbor 145.11.11.11 remote-as 14567
 neighbor 145.11.11.11 update-source Loopback0
 neighbor 145.11.11.11 next-hop-self
!
ip local pool SPOKE1 145.67.89.222
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
access-list 1 permit any
!
control-plane
!
banner motd ^CDefault Password: cisco^C
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 login
 transport input none
!
!         
end

R17 1组以太网接口、4组串口


!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R17
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no logging on
enable secret 5 $1$jViT$36ykqM85QJigY7ABWmwxe.
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
redundancy
!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 14
crypto isakmp key CCIE address 0.0.0.0        
!
!
crypto ipsec transform-set CCIEXFORM esp-aes 
 mode transport
!
crypto ipsec profile DMVPNPROFILE
 set transform-set CCIEXFORM 
!
crypto ipsec profile DMVPNPROFILE1
!
interface Loopback0
 no shutdown
 ip address 145.17.17.17 255.255.255.255
!
interface Tunnel0
 no shutdown
 ip address 215.0.0.17 255.255.255.0
 no ip redirects
 ip nhrp authentication USER789
 ip nhrp map multicast 145.67.89.10
 ip nhrp map 215.0.0.1 145.67.89.10
 ip nhrp network-id 5789
 ip nhrp nhs 215.0.0.1
 tunnel source Serial4/0
 tunnel mode gre multipoint
 tunnel key 5789
 tunnel protection ipsec profile DMVPNPROFILE1
!
interface Ethernet0/0
 no shutdown
 ip address 145.67.89.57 255.255.255.252
 shutdown
 duplex auto
!
interface Ethernet0/1
 no shutdown
 no ip address
 shutdown
 duplex auto
!
interface Ethernet0/2
 no shutdown
 no ip address
 shutdown
 duplex auto
!
interface Ethernet0/3
 no shutdown
 no ip address
 shutdown
 duplex auto
!
interface Serial1/0
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/0
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/0
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/2
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/3
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/0
 no shutdown
 ip address negotiated
 encapsulation ppp
 shutdown
 ppp chap hostname UberMarket_spoke_R17
 ppp chap password 0 CCIE
 ppp ipcp route default
 serial restart-delay 0
!
interface Serial4/1
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/2
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial4/3
 no shutdown
 no ip address
 shutdown
 serial restart-delay 0
!
!
router eigrp 200
 network 145.17.17.17 0.0.0.0
 network 145.67.89.57 0.0.0.0
 network 215.0.0.17 0.0.0.0
 eigrp stub connected summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ipv6 ioam timestamp
!
!
!
control-plane
!
!
!
!
!
!
!
banner motd CDefault Password: cisco
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 password cisco
 login
 transport input ssh
!
!
end

开始排错, 要求R11可以访问R17的telnet

根据拓扑检查三台路由器的对应接口状态

检查R12和R11的e0/0口,有发现

**R12**e0/0口处于shutdown状态。开启

R12#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0/0                145.67.89.2     YES NVRAM  administratively down down    
Ethernet0/1                unassigned      YES NVRAM  administratively down down    
Ethernet0/2                unassigned      YES NVRAM  administratively down down    
Ethernet0/3                unassigned      YES NVRAM  administratively down down    
Ethernet1/0                145.67.89.17    YES NVRAM  administratively down down    
Ethernet1/1                unassigned      YES NVRAM  administratively down down    
Ethernet1/2                unassigned      YES NVRAM  administratively down down    
--more--
R12#config t 
Enter configuration commands, one per line.  End with CNTL/Z.
R12(config)#int e0/0
R12(config-if)#no shutdown
R12(config-if)#
%LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
%DUAL-5-NBRCHANGE: EIGRP-IPv4 145: Neighbor 145.67.89.1 (Ethernet0/0) is up: new adjacency
R12(config-if)#
R12(config-if)#do ping 145.67.89.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.67.89.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R12(config-if)#

开启后ping R11是通的,OK

检查R17和R12的S4/0口, 有发现

R17 s4/0口处于shutdown状态。开启

R17(config-if)#do show ip int s4/0
Serial4/0 is up, line protocol is up
  Internet address will be negotiated using IPCP
  Broadcast address is 255.255.255.255
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Local Proxy ARP is disabled
  Security level is default
  Split horizon is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
  ICMP mask replies are never sent
  IP fast switching is enabled
  IP fast switching on the same interface is enabled
  IP Flow switching is disabled
  IP CEF switching is enabled
  IP CEF switching turbo vector
  IP multicast fast switching is enabled
  IP multicast distributed fast switching is disabled
  IP route-cache flags are Fast, CEF

R12 s4/0口处于shutdown状态。开启

R12#show int s4/0
Serial4/0 is up, line protocol is down 
  Hardware is M4T
  Internet address is 145.67.89.21/30
  MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Closed, crc 16, loopback not set
  Keepalive set (10 sec)
  Restart-Delay is 0 secs
  Last input 00:00:01, output 00:00:01, output hang never
  Last clearing of "show interface" counters 01:27:21
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     420 packets input, 9030 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     533 packets output, 10442 bytes, 0 underruns
     0 output errors, 0 collisions, 106 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
 --More-- 

结果发现R12的S4/0口,line protocol is down, 二层协议没有起来。
R12这边的 LCP是close状态, R17却是正常的,开启R12调试

R12#debug ppp negotiation 
PPP protocol negotiation debugging is on
R12#
PPP: Alloc Context [C4A2B53C]
ppp93 PPP: Phase is ESTABLISHING
Se4/0 PPP: Using default call direction
Se4/0 PPP: Treating connection as a dedicated line
Se4/0 PPP: Session handle[6300005D] Session id[93]
Se4/0 LCP: Event[OPEN] State[Initial to Starting]
Se4/0 LCP: O CONFREQ [Starting] id 1 len 15
Se4/0 LCP:    AuthProto CHAP (0x0305C22305)
Se4/0 LCP:    MagicNumber 0xBC1BB661 (0x0506BC1BB661)
Se4/0 LCP: Event[UP] State[Starting to REQsent]
Se4/0 LCP: I CONFREQ [REQsent] id 1 len 10
Se4/0 LCP:    MagicNumber 0xBC1BB888 (0x0506BC1BB888)
Se4/0 LCP: O CONFACK [REQsent] id 1 len 10
Se4/0 LCP:    MagicNumber 0xBC1BB888 (0x0506BC1BB888)
Se4/0 LCP: Event[Receive ConfReq+] State[REQsent to ACKsent]
Se4/0 LCP: I CONFACK [ACKsent] id 1 len 15
Se4/0 LCP:    AuthProto CHAP (0x0305C22305)
Se4/0 LCP:    MagicNumber 0xBC1BB661 (0x0506BC1BB661)
Se4/0 LCP: Event[Receive ConfAck] State[ACKsent to Open]
Se4/0 PPP: Phase is AUTHENTICATING, by this end
Se4/0 CHAP: O CHALLENGE id 1 len 24 from "R12"
Se4/0 LCP: State is Open
Se4/0 CHAP: I RESPONSE id 1 len 41 from "UberMarket_spoke_R17"
Se4/0 PPP: Phase is FORWARDING, Attempting Forward
Se4/0 PPP: Phase is AUTHENTICATING, Unauthenticated User
Se4/0 CHAP: O FAILURE id 1 len 25 msg is "Authentication failed"
Se4/0 PPP DISC: User failed CHAP authentication
PPP: NET STOP send to AAA.
Se4/0 LCP: O TERMREQ [Open] id 2 len 4
Se4/0 LCP: Event[CLOSE] State[Open to Closing]
Se4/0 PPP: Phase is TERMINATING
Se4/0 LCP: I TERMACK [Closing] id 2 len 4
Se4/0 LCP: Event[Receive TermAck] State[Closing to Closed]
Se4/0 LCP: Event[DOWN] State[Closed to Initial]
Se4/0 PPP: Phase is DOWN
// 下面是重试
PPP: Alloc Context [C4A2B53C]
ppp94 PPP: Phase is ESTABLISHING
Se4/0 PPP: Using default call direction

报告认证失败。检查两边的认证的配置
R12 PPP相关配置

R12#show run interface s4/0
Building configuration...

Current configuration : 173 bytes
!
interface Serial4/0
 ip address 145.67.89.21 255.255.255.252
 encapsulation ppp
 peer default ip address pool SPOKE1
 ppp authentication chap
 serial restart-delay 0
end

R12#
R12#show run | section username
username UberMarket_spoke_R17 password 0 ccie
R12#

R17 PPP相关配置

R17(config)#do show run interface s4/0
Building configuration...

Current configuration : 183 bytes
!
interface Serial4/0
 ip address negotiated
 encapsulation ppp
 ppp chap hostname UberMarket_spoke_R17
 ppp chap password 0 CCIE
 ppp ipcp route default
 serial restart-delay 0
end
发现密码不正确
R17(config)# interface Serial4/0
R17(config-if)# no ppp chap password 0 CCIE
R17(config-if)# ppp chap password ccie
R17(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
R17(config-if)#do show ip int br 
Interface                  IP-Address      OK? Method Status                Protocol
......
Serial3/3                  unassigned      YES NVRAM  administratively down down    
Serial4/0                  145.67.89.222   YES IPCP   up                    up      
Serial4/1                  unassigned      YES NVRAM  administratively down down    
Serial4/2                  unassigned      YES NVRAM  administratively down down    
Serial4/3                  unassigned      YES NVRAM  administratively down down    
Loopback0                  145.17.17.17    YES NVRAM  up                    up      
Tunnel0                    215.0.0.17      YES NVRAM  up                    up     

提示接口起来了,不过发现获取到的ip地址和R12对端配置的地址不是相同的网段,查询R12的配置发现是地址池不对。修改

R12#show run | s pool
 peer default ip address pool SPOKE1
ip local pool SPOKE1 145.67.89.222
R12#
R12#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R12(config)#no ip local pool SPOKE1 145.67.89.222
R12(config)#ip local pool SPOKE1 145.67.89.22    
R12(config)#

查询R17.这下地址OKR17(config)# interface s4/0
R17(config-if)# shutdown
R17(config-if)# no sh
%LINK-3-UPDOWN: Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial4/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
%CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
R17(config-if)#do show interface s4/0
Serial4/0 is up, line protocol is up 
  Hardware is M4T
  Internet address is 145.67.89.22/32
  MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: IPCP, CDPCP, crc 16, loopback not set

ping R17环回口地址,发现不通

检查R12 ping R17直连口,已经通了,所物理网络没有问题

R12(config)#do ping 145.67.89.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.67.89.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/9/10 ms
R12(config)#

检查R11路由表,并没有去往R17接口的路由

R11#sho ip route 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      145.11.0.0/32 is subnetted, 1 subnets
C        145.11.11.11 is directly connected, Loopback0
      145.12.0.0/32 is subnetted, 1 subnets
D        145.12.12.12 [90/1603] via 145.67.89.2, 00:25:20, Ethernet0/0
      145.67.0.0/16 is variably subnetted, 10 subnets, 2 masks
C        145.67.89.0/30 is directly connected, Ethernet0/0
L        145.67.89.1/32 is directly connected, Ethernet0/0
C        145.67.89.4/30 is directly connected, Ethernet1/0
L        145.67.89.5/32 is directly connected, Ethernet1/0
C        145.67.89.8/30 is directly connected, Ethernet2/0
L        145.67.89.9/32 is directly connected, Ethernet2/0
C        145.67.89.12/30 is directly connected, Ethernet3/0
L        145.67.89.13/32 is directly connected, Ethernet3/0
D        145.67.89.20/30 [90/8601] via 145.67.89.2, 00:03:37, Ethernet0/0
D        145.67.89.22/32 [90/8601] via 145.67.89.2, 00:03:37, Ethernet0/0
R11#

检查三台路由的动态路由协议。三台机都有EIGRP协议,

R11#show run | s router
router eigrp 145
 metric weights 0 1 1 1 1 1
 network 145.11.11.11 0.0.0.0
 network 145.67.89.1 0.0.0.0
 network 145.67.89.5 0.0.0.0
router bgp 14567
 bgp router-id 145.11.11.11
 bgp log-neighbor-changes
 network 145.67.89.8 mask 255.255.255.252
 network 145.67.89.12 mask 255.255.255.252
 neighbor IBGP peer-group
 neighbor IBGP remote-as 14567
 neighbor IBGP update-source Loopback0
 neighbor IBGP route-reflector-client
 neighbor IBGP next-hop-self
 neighbor 145.12.12.12 peer-group IBGP
 neighbor 145.13.13.13 peer-group IBGP
 neighbor 145.14.14.14 peer-group IBGP
 neighbor 145.67.89.10 remote-as 65200
 neighbor 145.67.89.10 default-originate
 neighbor 145.67.89.14 remote-as 65200


R12#show run | s router
router eigrp 145
 metric weights 0 1 1 1 1 1
 network 145.12.12.12 0.0.0.0
 network 145.67.89.2 0.0.0.0
 network 145.67.89.17 0.0.0.0
 network 145.67.89.21 0.0.0.0
 offset-list 1 in 1000 Ethernet1/0 
 passive-interface Ethernet2/0
 passive-interface Serial4/0
router bgp 14567
 bgp router-id 145.12.12.12
 bgp log-neighbor-changes
 network 123.45.67.20 mask 255.255.255.252
 network 123.45.67.40 mask 255.255.255.248
 neighbor 123.45.67.45 remote-as 12345
 neighbor 123.45.67.45 shutdown
 neighbor 123.45.67.46 remote-as 12345
 neighbor 145.11.11.11 remote-as 14567
 neighbor 145.11.11.11 update-source Loopback0
 neighbor 145.11.11.11 next-hop-self


R17#show run | s router
router eigrp 200
 network 145.17.17.17 0.0.0.0
 network 145.67.89.57 0.0.0.0
 network 215.0.0.17 0.0.0.0
 eigrp stub connected summary

发现R17的eigrp AS号与R11和R12不一样, 而且还配置了K值 。那就no掉重新配置

R17(config)#no router eigrp 200
R17(config)#router eigrp 145
R17(config-router)#network 0.0.0.0
R17(config-router)#metric weights 0 1 1 1 1 1
R17(config-router)#

结果发现,网络并没有起来。再次检查三台路由的EIGRP配置,这时发现R12上EIGRP配置了passive-interface。只接收不发出路由更新。

R12#conf t 
Enter configuration commands, one per line.  End with CNTL/Z.
R12(config)#router eigrp 145
R12(config-router)#no passive-interface Ethernet2/0
R12(config-router)#no passive-interface Serial4/0
%DUAL-5-NBRCHANGE: EIGRP-IPv4 145: Neighbor 145.67.89.22 (Serial4/0) is up: new adjacency
R12(config-router)#do show ip eigrp neighbor
EIGRP-IPv4 Neighbors for AS(145)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
1   145.67.89.22            Se4/0                    10 00:00:45   22   132  0  3
0   145.67.89.1             Et0/0                    11 00:33:41  656  3936  0  7
R12(config-router)#

和R11,R17两个邻居都起来了,再次检查R11路由表

R11#show ip route 
......
      145.12.0.0/32 is subnetted, 1 subnets
D        145.12.12.12 [90/1603] via 145.67.89.2, 00:34:47, Ethernet0/0
      145.17.0.0/32 is subnetted, 1 subnets
D        145.17.17.17 [90/9101] via 145.67.89.2, 00:01:59, Ethernet0/0
      145.67.0.0/16 is variably subnetted, 10 subnets, 2 masks
D        145.67.89.20/30 [90/8601] via 145.67.89.2, 00:13:04, Ethernet0/0
D        145.67.89.22/32 [90/8601] via 145.67.89.2, 00:13:04, Ethernet0/0
D     215.0.0.0/24 [90/107492] via 145.67.89.2, 00:01:59, Ethernet0/0
R11#
R11#ping 145.17.17.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 145.17.17.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/9/10 ms
R11#

路由有了。ping也通了。再次telnet

telnet R17环回口IP

网络通,但是telnet失败

R11#telnet 145.17.17.17
Trying 145.17.17.17 ... 
% Connection refused by remote host

R11#

这种情况通常是对端没有配置telnet,查询R17 配置

R17(config-router)#do show run | s line 
line con 0
 logging synchronous
line aux 0
line vty 0 4
 password cisco
 login
 transport input ssh
R17(config-router)#

修改transport从ssh到telnet

R17(config)#line vty 0 4
R17(config-line)#transport input telnet
R17(config-line)#do show run | s line
line con 0
 logging synchronous
line aux 0
line vty 0 4
 password cisco
 login
 transport input telnet
R17(config-line)#

在R11上再次telnet

R11#telnet 145.17.17.17
Trying 145.17.17.17 ... 
% Connection refused by remote host

R11#telnet 145.17.17.17
Trying 145.17.17.17 ... Open
CDefault Password: cisco

User Access Verification

Password: cisco
R17>en
Password: cisco
R17#

登陆成功!目标达到。


http://www.kler.cn/a/274607.html

相关文章:

  • Python中的上下文管理器:从资源管理到自定义实现
  • 日本充电桩标准--CHAdeMO介绍
  • lambda初探(一)
  • 练习题 最小栈
  • 【Lua热更新】上篇
  • 理解 EXPLAIN
  • qt-pdf-viewer-library 编译过程记录
  • AI Behind GPT-3 Could Help Detect Alzheimer’s
  • openssl3.2 - exp - aes-128-cbc
  • 【技巧】ChatGPT Prompt 提示语大全
  • RabbitMQ问题
  • RabbitMQ 安装保姆级教程
  • 整型数组按个位值排序 - 华为OD统一考试(C卷)
  • wireshark windows 抓包https
  • ES进程除了kill之外,有什么优雅关闭的方式吗?
  • 计算机二级(Python)真题讲解每日一题:《方菱形》
  • 【2024最新版,redis7】redis底层的10种数据结构
  • 力扣爆刷第100天之hot100五连刷86-90
  • cuda从入门到精通(六)共享内存和循环分块实现CUDA矩阵乘
  • 单片机-点亮LED灯
  • Android Kotlin版封装EventBus
  • .htaccess全站设置SSL,wordpress全站设置SSL,网站重定向的次数过多”错误最佳解决方法教程
  • 【Linux】详谈进程优先级进程调度与切换
  • python失物招领系统-安卓-flask-django-nodejs-php
  • 产品推荐 | 基于XC7K325T的FMC接口万兆光纤网络验证平台
  • 5.2.3、【AI技术新纪元:Spring AI解码】 Azure OpenAI 扩展