一、实验目的
- 掌握接口 IPv4 地址的配置方法
- 理解 LoopBack 接口的作用与含义
- 理解直连路由的产生原则
- 掌握静态路由的配置方法并理解其生效的条件
- 掌握通过 PING 工具测试网络层连通性
- 掌握并理解特殊静态路由的配置方法与应用场景
二、实验环境
安装有eNSP模拟器的PC一台,要求PC能联网。
三、实验拓扑
实验拓扑如下图所示,其中路由器均采用AR2220,并请注意设备间的连接接口。(切忌使用Router,否则本实验无法成功完成。)
AR1、AR2、AR3都是各自网络的网关设备,现在需要通过相应的配置,来实现这些网络之间的互联互通。
四、实验过程
4.1 设备基础配置
设备命名是设备的最基本配置,以下以AR1为例,AR2和AR3可类似操作。
bash
# 进入系统视图,输入前3-4个字符,按Tab键可补全命令,下同
<Huawei>system-view
# 将设备命名为AR1
[Huawei]sysname AR1
# 关闭信息中心,避免大量日志信息干扰操作
[AR1]undo info-center enable
Info: Information center is disabled.4.2 查看IP地址配置与路由表
以下以AR1为例,AR2和AR3可类似操作。
(1)查看路由器上的接口状态,仅以 R1为例
bash
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned up down
NULL0 unassigned up up(s) 【说明】:display ip interface brief命令用来查看接口与 IP 相关的简要信息,包括 IP 地址、子网掩码、物理状态和协议状态以及处于不同状态的接口数目等。当前 AR1 上的 GE0/0/0和 GE0/0/2 接口由于尚未配置 IP地址,所以 IP Address/Mask 字段为unassigned状态,Protocol字段为 down 状态,Physical 字段为 up状态。
(2)查看路由器上的路由表情况,仅以 R1为例
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 4 Routes : 4
Destination/Mask Proto Pre Cost Flags NextHop Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0InLoopBack0 为设备上默认创建的环回接口,它是一个特殊的、固定的 LoopBack 接口。
InLoopBack0 接口使用环回地址 127.0.0.1/8,用来接收所有发送给本机的数据包。该接口上的 IP 地址是不可以改变的,也不通过路由协议对外发布。
4.3 配置路由物理接口的IP地址
按照下表配置路由器的物理接口的 IP 地址。
|---------|----------|-----------------|
| 路由器 | 接口 | IP地址/网络前缀长度 |
| AR1 | GE 0/0/0 | 10.0.12.1/24 |
| AR1 | GE 0/0/2 | 10.0.13.1/24 |
| AR2 | GE 0/0/0 | 10.0.12.2/24 |
| AR2 | GE 0/0/1 | 10.0.23.2/24 |
| AR3 | GE 0/0/1 | 10.0.23.3/24 |
| AR3 | GE 0/0/2 | 10.0.13.3/24 |
[表1 设备物理接口IP]
(1)为AR1物理接口配置IP地址
bash
# 进入系统视图
<AR1>system-view
# 进入GE0/0/0的接口视图
[AR1]interface GigabitEthernet 0/0/0
# 为GE0/0/0指定IP地址和网络前缀长度
[AR1-GigabitEthernet0/0/0]ip address 10.0.12.1 24
# 退出接口视图
[AR1-GigabitEthernet0/0/0]quit
# 进入GE0/0/2的接口视图
[AR1]interface GigabitEthernet 0/0/2
# 为GE0/0/2接口指定IP地址和网络前缀长度
[AR1-GigabitEthernet0/0/2]ip address 10.0.13.1 24
# 直接返回到用户视图
[AR1-GigabitEthernet0/0/2]return
# 保存配置
<AR1>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y # 按y保存
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated执行【display current-configuration 】命令,参照表1,核对配置信息是否正确。按空格键可以翻页。
bash
<AR1>display current-configuration
......此处省略部分输出......
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
ip address 10.0.13.1 255.255.255.0
#
......此处省略部分输出......(2)为AR2物理接口配置IP地址
bash
# 进入系统视图
<AR2>system-view
# 进入GE0/0/0的接口视图
[AR2]interface GigabitEthernet 0/0/0
# 为GE0/0/0指定IP地址和网络前缀长度
[AR2-GigabitEthernet0/0/0]ip address 10.0.12.2 24
# 退出接口视图
[AR2-GigabitEthernet0/0/0]quit
# 进入GE0/0/1的接口视图
[AR2]interface GigabitEthernet 0/0/1
# 为GE0/0/1接口指定IP地址和网络前缀长度
[AR2-GigabitEthernet0/0/1]ip address 10.0.13.2 24
# 直接返回到用户视图
[AR2-GigabitEthernet0/0/1]return
# 保存配置
<AR2>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y # 按y保存
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated同样的操作,参照表1,核对配置信息是否正确。
(3)为AR2物理接口配置IP地址
bash
# 进入系统视图
<AR3>system-view
# 进入GE0/0/0的接口视图
[AR3]interface GigabitEthernet 0/0/1
# 为GE0/0/1指定IP地址和网络前缀长度
[AR3-GigabitEthernet0/0/1]ip address 10.0.23.3 24
# 退出接口视图
[AR3-GigabitEthernet0/0/1]quit
# 进入GE0/0/2的接口视图
[AR3]interface GigabitEthernet 0/0/2
# 为GE0/0/2接口指定IP地址和网络前缀长度
[AR3-GigabitEthernet0/0/2]ip address 10.0.13.3 24
# 直接返回到用户视图
[AR3-GigabitEthernet0/0/2]return
# 保存配置
<AR3>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y # 按y保存
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated同样的操作,参照表1,核对配置信息是否正确。
4.4 测试并查看路由表
(1)使用ping工具检测连通性
在AR1路由器上,分别测试与AR2和AR3路由器连接接口地址的连通性。
bash
[AR1]ping 10.0.12.2
PING 10.0.12.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=120 ms
Reply from 10.0.12.2: bytes=56 Sequence=2 ttl=255 time=40 ms
[AR1]ping 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=80 ms
Reply from 10.0.13.3: bytes=56 Sequence=2 ttl=255 time=20 ms同样的操作,可以测试AR2、AR3路由器与其它路由器连接接口的连通性。
(2)查看路由表
在AR1路由器,执行【display ip routing-table】查看路由表,如下所示。
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0可以看到,在接口IP 地址配置完成之后,针对每个接口自动生成了三条直连路由。分别是:
- 指向接口所在网段的路由。
- 指向接口 IP 地址的主机路由。
- 指向接口所在网段广播地址的主机路由。
**注:**主机路由就是掩码长度为 32 的路由。
同样的操作,可以查看AR2和AR3的路由表。
4.5 创建并配置 LoopBack接口
LoopBack 接口属于设备上的逻辑接口,逻辑接口是指能够实现数据交换功能但物理上不存在、需要通过配置建立的接口。
LoopBack接口创建后除非手工关闭该接口,否则LoopBack接口物理层状态和链路层协议永远处于 UP状态。
一般情况下,LoopBack 接口使用 32 位掩码。使用 LoopBack接口一般有如下目的:
- 作为一台路由器的管理地址,起到标识一台设备的作用。
- 使用该接口地址作为动态路由协议 OSPF 的 Router id。
- 其他提高网络可靠性的用途。
本实验使用 LoopBack 接口模拟客户端。
按照下表配置各设备的 LoopBack 接口
| 路由器 | 接口 | IP 地趱/网络前缀长度 |
|---|---|---|
| AR1 | LoopBack0 | 10.0.1.1/32 |
| AR2 | LoopBack0 | 10.0.1.2/32 |
| AR3 | LoopBack0 | 10.0.1.3/32 |
| [表2 设备 LoopBack 接口IP] |
(1)配置AR1的LoopBack接口
bash
[AR1]interface LoopBack 0
[AR1-LoopBack0]ip address 10.0.1.1 32
[AR1-LoopBack0]quit(2)配置AR2的LoopBack接口
bash
[AR2]interface LoopBack 0
[AR2-LoopBack0]ip address 10.0.1.2 32
[AR2-LoopBack0]quit(3)配置AR3的LoopBack接口
bash
[AR3]interface LoopBack 0
[AR3-LoopBack0]ip address 10.0.1.3 32
[AR3-LoopBack0]quit查看设备上的路由表,以AR1为例。
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0此时已经生成了相应的直连路由(即10.0.1.1/32所在行)。同样的操作,可以查看其它路由器的路由表。
(4)测试各 LoopBack 接囗之间的连通性
以AR1为例,测试与其它两个路由器的LoopBack0接口地址的连通性。
bash
[AR1]ping -a 10.0.0.1 10.0.1.2
PING 10.0.1.2: 56 data bytes, press CTRL_C to break
Request time out
Request time out
[AR1]ping -a 10.0.0.1 10.0.1.3
PING 10.0.1.3: 56 data bytes, press CTRL_C to break
Request time out
Request time out注:ping -a source-ip-address destination-ip-address命令用来指定发送 ICMP ECHO-REQUEST 报文的源 IP 地址及目的 IP地址。此时由于路由器上没有到达目的 IP的路由条目所以无法 PING 通。
4.6 配置静态路由
配置静态路由的命令格式如下:
ip route-static 目标IP地址 网络前缀长度 网关IP地址
对于本实验而言,目标IP地址就是各目标LoopBack0接口的IP地址,网络前缀长度为32,网关IP地址为目标物理接口的IP地址。
(1)在AR1上配置到达 AR2和 AR3的 LoopBack0 接口的路由条目。
bash
# 添加到AR2的LoopBack 0的静态路由
[AR1]ip route-static 10.0.1.2 32 10.0.12.2
# 添加到AR3的LoopBack 0的静态路由
[AR1]ip route-static 10.0.1.3 32 10.0.13.3再次查看AR1路由器的路由表,如下所示。
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.2/32 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/0
10.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/2
......此处省略后续输出......可以看到,目前已经有了到达AR2和AR3的LoopBack 0接口的静态路由(Flags标志为RD)。
再次测试与AR2和AR3的LoopBack 0接口的连通性。
bash
[AR1]ping -a 10.0.0.1 10.0.1.2
PING 10.0.1.2: 56 data bytes, press CTRL_C to break
Request time out
Request time out
[AR1]ping -a 10.0.0.1 10.0.1.3
PING 10.0.1.3: 56 data bytes, press CTRL_C to break
Request time out
Request time out发现仍然ping不通,原因是AR2、AR3到AR1的回程还没有配置静态路由。
(2) 在 AR2 上添加到达 AR1的 LoopBack0 的路由
bash
# 配置到AR1的LoopBack 0 接口的静态路由
[AR2]ip route-static 10.0.1.1 32 10.0.12.1
# 配置到AR3的LoopBack 0 接口的静态路由
[AR2]ip route-static 10.0.1.3 32 10.0.23.3
# 查看路由表
[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Static 60 0 RD 10.0.12.1 GigabitEthernet 0/0/0
10.0.1.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.3/32 Static 60 0 RD 10.0.23.3 GigabitEthernet 0/0/1
......此处省略后续输出......再次测试与AR2的LoopBack0接口的连通性。
bash
[AR1]ping -a 10.0.1.1 10.0.1.2
PING 10.0.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.2: bytes=56 Sequence=1 ttl=255 time=70 ms
Reply from 10.0.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms可见,现在已可以ping通了。
(3) 在 AR3 上添加到达 AR1和AR3的 LoopBack0 的路由
bash
# 配置到AR1的LoopBack0接口的静态路由
[AR3]ip route-static 10.0.1.1 32 10.0.13.1
# 配置到AR2的LoopBack0接口的静态路由
[AR3]ip route-static 10.0.1.2 32 10.0.23.2
# 查看路由表
[AR3]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Static 60 0 RD 10.0.13.1 GigabitEthernet 0/0/2
10.0.1.2/32 Static 60 0 RD 10.0.23.2 GigabitEthernet 0/0/1
......此处省略其它输出......此时,可测试各设备到其它设备的LoopBack0接口的连通性,可发现全部可以ping通。以AR2为例
bash
[AR2]ping -a 10.0.1.2 10.0.1.1
PING 10.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=255 time=20 ms
[AR2]ping -a 10.0.1.2 10.0.1.3
PING 10.0.1.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.3: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.1.3: bytes=56 Sequence=2 ttl=255 time=30 ms4.7 配置备份路径
可将 AR1->AR3->AR2配置成 AR1的LoopBack0 到AR2的LoopBack0接囗的备份路径,具体操作如下:
(1)配置 AR1 和 AR2 上的静态路由
bash
# 配置AR1的LoopBack0到AR2的LoopBack0接口的备用静态路由
[AR1]ip route-static 10.0.1.2 32 10.0.13.3 preference 100
bash
# 配置AR1的LoopBack0到AR2的LoopBack0接口的备用静态路由
[AR2]ip route-static 10.0.1.1 32 10.0.23.3 preference 100(2)查看 AR1 和 AR2 上的路由表
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.2/32 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/0
10.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/2
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
bash
[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Static 60 0 RD 10.0.12.1 GigabitEthernet 0/0/0
10.0.1.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.3/32 Static 60 0 RD 10.0.23.3 GigabitEthernet 0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet 0/0/0
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.23.0/24 Direct 0 0 D 10.0.23.2 GigabitEthernet 0/0/1
10.0.23.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
10.0.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0此时配置的 preference 为100 的静态路由没有被加载到路由表中。
(3)测试备用路由
关闭 AR1和 AR2 之间的链路对应的接口(GE0/0/0),使得优先级高的路由失效。
bash
[AR1]interface GigabitEthernet 0/0/0
# 关闭接口
[AR1-GigabitEthernet0/0/0]shutdown
[AR1-GigabitEthernet0/0/0]quit再次查看AR1和AR2的路由表,可以看到preference 为100 的静态路由被激活。
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.2/32 Static 100 0 RD 10.0.13.3 GigabitEthernet 0/0/2
......此处省略其它输出......
bash
[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Static 100 0 RD 10.0.23.3 GigabitEthernet 0/0/1
......此处省略其它输出......再次测试AR1的LoopBack0接口与AR2的LoopBack0接口之间的连通性,可以看到仍可连通。
bash
[AR1]ping -a 10.0.1.1 10.0.1.2
PING 10.0.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.2: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 10.0.1.2: bytes=56 Sequence=2 ttl=254 time=30 ms利用tracert命令追踪数据包传输路径。
bash
[AR1]tracert -a 10.0.1.1 10.0.1.2
traceroute to 10.0.1.2(10.0.1.2), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.13.3 40 ms 20 ms 20 ms
2 10.0.23.2 20 ms 20 ms 20 ms tracert 命令主要用于查看数据包从源端到目的端的路径信息。可以看到数据包经过了 AR3 的 GE0/0/2,再经过 R3 的 GE0/0/1 转发给 AR2的 GE0/0/1。
**注:**部分实验环境下设备出于安全考虑,不会回复ICMP 报文,实验现象可能会有所偏差,可以按 Ctrl+C 结束 tracert。
4.8 配置默认路由
(1)恢复接口并删除已经配置的路由条目
恢复激活AR1的GE 0/0/0接口,并删除所有到达AR2的LoopBack0接口的路由条目。
bash
[AR1]interface GigabitEthernet 0/0/0
# 激活接口
[AR1-GigabitEthernet0/0/0]undo shutdown
[AR1-GigabitEthernet0/0/0]quit
# 删除AR1的LoopBack0到AR2的LoopBack0接口的路由
[AR1]undo ip route-static 10.0.1.2 32 10.0.12.2
# 删除AR1的LoopBack0到AR2的LoopBack0接口的路由
[AR1]undo ip route-static 10.0.1.2 32 10.0.13.3(2)查看AR1的路由表
bash
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.3/32 Static 60 0 RD 10.0.13.3 GigabitEthernet 0/0/2
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet 0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet 0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0可以看到,此时AR1的路由表中,已不存在到 AR2 的 LoopBack0(10.0.1.2/32)的路由条目。 AR1的LoopBack0接口到AR2的LoopBack0接口已不可ping通(自行测试)
(3)添加并查看默认路由
bash
# 添加默认路由
[AR1]ip route-static 0.0.0.0 0 10.0.12.2
# 查看路由表
[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 60 0 RD 10.0.12.2 GigabitEthernet 0/0/0
......此处省略其它输出......可以看到,此时默认路由已经被激活。
(4)测试AR1的LoopBack0到AR2的LoopBack0接口的连通性
bash
[AR1]ping -a 10.0.1.1 10.0.1.2
PING 10.0.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.2: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 10.0.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms可以看到此时,AR1的LoopBack0到AR2的LoopBack0接口又可以ping通,证明默认路由已生效。
利用tracert命令追踪数据包,可以看到数据包没有经过AR3。
bash
[AR1]tracert -a 10.0.1.1 10.0.1.2
traceroute to 10.0.1.2(10.0.1.2), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.12.2 30 ms 20 ms 20 ms 保存配置,并查看配置内容。
(1)AR1
bash
# 保存配置
<AR1>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
# 查看当前配置
<AR1>display current-configuration
[V200R003C00]
#
sysname AR1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
ip address 10.0.13.1 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 10.0.1.1 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 10.0.12.2
ip route-static 10.0.1.3 255.255.255.255 10.0.13.3
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<AR1>(2)AR2
bash
# 保存配置
<AR2>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
# 查看当前配置
<AR2>display current-configuration
[V200R003C00]
#
sysname AR2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.0.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.0.23.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 10.0.1.2 255.255.255.255
#
ip route-static 10.0.1.1 255.255.255.255 10.0.12.1
ip route-static 10.0.1.1 255.255.255.255 10.0.23.3 preference 100
ip route-static 10.0.1.3 255.255.255.255 10.0.23.3
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return(3)AR3
bash
# 保存配置
<AR3>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
# 查看当前配置内容
<AR3>display current-configuration
[V200R003C00]
#
sysname AR3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
ip address 10.0.23.3 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.0.13.3 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 10.0.1.3 255.255.255.255
#
ip route-static 10.0.1.1 255.255.255.255 10.0.13.1
ip route-static 10.0.1.2 255.255.255.255 10.0.23.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return思考题:
(1)什么情况下,配置的静态路由会被添加到 IP 路由表中?若配置的下一跳不可达,该路由可以被加入到 IP 路由表吗?
答:同时满足下列两个条件,静态路由会被添加到路由表中:
- 该路由所配置的下一跳可达。
- 这条路由是到达目的网段(主机)的最优路由。
故,当下一跳不可达时,不会被添加到IP 路由表。
(2)当测试 LoopBack接口之间连通性时,若不加-a参数,则ICMP 报文的源IP 地址将会是什么?
答:在华为设备上执行 ping操作时,设备会查询路由表来确定出接口,出接口的IP地址将会被作为 ICMP 报文的源 IP 地址。
参考文献
HCIA-Datacom V1.0实验手册