From 28b72a348f43b9434abbb5d33de841664544cb70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E5=A8=9C?= <2977047384@qq.com> Date: Tue, 22 Apr 2025 22:26:38 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E8=B7=AF=E7=94=B1=E9=87=8D=E5=88=86?= =?UTF-8?q?=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...57\347\224\261\351\207\215\345\217\221.md" | 186 ++++++++++++++++++ 1 file changed, 186 insertions(+) create mode 100644 "19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" diff --git "a/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" "b/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" new file mode 100644 index 0000000..0b51364 --- /dev/null +++ "b/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" @@ -0,0 +1,186 @@ +# 路由重分布 + +### 1、路由重发布的概念 +①、在某些组网中,可能存在多种路由协议,每种路由协议对路由信息的理解及处理是不同的,因此初始情况下,路由信息在不同的路由协议之间是相互隔离的; +②、路由重发布(Route redistribution)也被称为路由引入(Route +importation),指的是将路由信息从一种路由协议发布到另一种路由协议的操作。 +③、在网络中部署路由重发布,可以使得路由信息能够在多种路由协议之间实现传递,从而全网的数据能够实现互通。 +### 2、路由重发布相关要点 + +①、路由重发布的操作,是在路由选择域的边界设备上完成将路由信息从一个路由协议引入到另一个路由协议; +②、将路由信息从路由协议A引入到路由协议B,则是在路由协议B的配置视图下完成相关配置; +③、路由重发布是具有方向性的,将路由信息从路由协议A引入到路由协议B则路由协议B可获知A中的路由信息,但是此时,A还并不知晓B路由协议中的路由信息,除非配置b-to-A的路由重发布。 +④、只有存在于路由表中的路由才能够被顺利地重发布。 + +### 3、 转换命令 + +①将RIP转成OSPF + +```shell +# 1.先进入目标协议OSPF +Router(config):router ospf 1 +# 2.将来源RIP重分发 +Router(config-router)#redistribute rip subnets // 获取来自RIP子网络的路由进行分发 +``` + +②将OSPF转成RIP + +```shell +# 1.先进入目标协议RIP +Router(config):router rip +Router(config-router):version 2 +# 2.将来源OSPF重分发 +Router(config-router)#redistribute ospf 1 metric 5 // 获取来自OSPF进程1的路由进行重分发,且设置metric为5 +``` + +③将静态转成OSPF + +```shell +# 1.先进入目标协议OSPF +Router(config):router ospf 1 +# 2.将来源静态重分发 +Router(config-router)#redistribute static subnets +``` + +④将静态转成RIP + +```shell +# 1.先进入目标协议RIP +Router(config):router RIP +# 2.将来源静态重分发 +Router(config-router)#redistribute static +``` + +**注意:**只能将静态重分发为动态,而不能将动态重分发为静态,所以指向动态的方向可以用默认路由,指向具体静态网络时,要写具体 + +# 作业 + +![image-20250422222001509](https://gitee.com/civet-hair/picgo2/raw/master/img/image-20250422222001509.png) + +```shell +# 作为转发的路由的路由表 +Router#show ip route +Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP + D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area + N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 + E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP + i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area + * - candidate default, U - per-user static route, o - ODR + P - periodic downloaded static route + +Gateway of last resort is not set + + 2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 2.0.0.0/8 is directly connected, GigabitEthernet0/0 +L 2.2.2.2/32 is directly connected, GigabitEthernet0/0 + 3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 3.0.0.0/8 is directly connected, GigabitEthernet0/1 +L 3.3.3.1/32 is directly connected, GigabitEthernet0/1 + 4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 4.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 4.4.4.1/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks +R 10.0.0.0/8 [120/1] via 3.3.3.2, 00:00:03, GigabitEthernet0/1 +O 10.10.10.0/24 [110/3] via 2.2.2.1, 01:13:01, GigabitEthernet0/0 +O 10.10.20.0/24 [110/2] via 2.2.2.1, 01:13:01, GigabitEthernet0/0 +O 192.168.10.0/24 [110/4] via 2.2.2.1, 01:13:01, GigabitEthernet0/0 +O 192.168.20.0/24 [110/2] via 2.2.2.1, 01:13:01, GigabitEthernet0/0 +R 192.168.100.0/24 [120/1] via 3.3.3.2, 00:00:03, GigabitEthernet0/1 +R 192.168.120.0/24 [120/3] via 3.3.3.2, 00:00:03, GigabitEthernet0/1 +S 192.168.200.0/24 [1/0] via 4.4.4.2 +S 192.168.220.0/24 [1/0] via 4.4.4.2 +``` + + + +```shell +# ospf路由表 +Router#show ip route +Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP + D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area + N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 + E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP + i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area + * - candidate default, U - per-user static route, o - ODR + P - periodic downloaded static route + +Gateway of last resort is not set + + 2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 2.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 2.2.2.1/32 is directly connected, GigabitEthernet0/2 +O E2 3.0.0.0/8 [110/20] via 2.2.2.2, 01:04:08, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks +O E2 10.0.0.0/8 [110/20] via 2.2.2.2, 01:04:08, GigabitEthernet0/2 +O 10.10.10.0/24 [110/2] via 10.10.20.1, 01:36:19, GigabitEthernet0/0 +C 10.10.20.0/24 is directly connected, GigabitEthernet0/0 +L 10.10.20.2/32 is directly connected, GigabitEthernet0/0 +O 192.168.10.0/24 [110/3] via 10.10.20.1, 01:36:19, GigabitEthernet0/0 + 192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks +C 192.168.20.0/24 is directly connected, GigabitEthernet0/1 +L 192.168.20.254/32 is directly connected, GigabitEthernet0/1 +O E2 192.168.100.0/24 [110/20] via 2.2.2.2, 01:04:08, GigabitEthernet0/2 +O E2 192.168.120.0/24 [110/20] via 2.2.2.2, 01:04:08, GigabitEthernet0/2 +O E2 192.168.200.0/24 [110/20] via 2.2.2.2, 00:24:30, GigabitEthernet0/2 +O E2 192.168.220.0/24 [110/20] via 2.2.2.2, 00:24:30, GigabitEthernet0/2 + +``` + +```shell +# rip路由表 +Router#show ip route +Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP + D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area + N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 + E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP + i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area + * - candidate default, U - per-user static route, o - ODR + P - periodic downloaded static route + +Gateway of last resort is not set + +R 2.0.0.0/8 [120/5] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 + 3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 3.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 3.3.3.2/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks +R 10.0.0.0/8 [120/5] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 +C 10.20.10.0/24 is directly connected, GigabitEthernet0/0 +L 10.20.10.1/32 is directly connected, GigabitEthernet0/0 +R 10.20.20.0/24 [120/1] via 10.20.10.2, 00:00:05, GigabitEthernet0/0 +R 192.168.10.0/24 [120/5] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 +R 192.168.20.0/24 [120/5] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 + 192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks +C 192.168.100.0/24 is directly connected, GigabitEthernet0/1 +L 192.168.100.254/32 is directly connected, GigabitEthernet0/1 +R 192.168.120.0/24 [120/2] via 10.20.10.2, 00:00:05, GigabitEthernet0/0 +R 192.168.200.0/24 [120/1] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 +R 192.168.220.0/24 [120/1] via 3.3.3.1, 00:00:18, GigabitEthernet0/2 +``` + +```shell +# 静态路由表 +Router#show ip route +Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP + D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area + N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 + E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP + i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area + * - candidate default, U - per-user static route, o - ODR + P - periodic downloaded static route + +Gateway of last resort is 4.4.4.1 to network 0.0.0.0 + + 4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 4.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 4.4.4.2/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks +C 10.30.10.0/24 is directly connected, GigabitEthernet0/0 +L 10.30.10.2/32 is directly connected, GigabitEthernet0/0 +C 10.30.20.0/24 is directly connected, GigabitEthernet0/1 +L 10.30.20.1/32 is directly connected, GigabitEthernet0/1 +S 192.168.200.0/24 [1/0] via 10.30.10.1 +S 192.168.220.0/24 [1/0] via 10.30.20.2 +S* 0.0.0.0/0 [1/0] via 4.4.4.1 +``` + -- Gitee From 6fc158393b0409d7ea17e8ae5690afc7a8d1a410 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E5=A8=9C?= <2977047384@qq.com> Date: Wed, 23 Apr 2025 16:44:20 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=E8=B7=AF=E7=94=B1=E8=AE=BF=E9=97=AE?= =?UTF-8?q?=E6=8E=A7=E5=88=B6ACL?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...1\227\256\346\216\247\345\210\266(ACL).md" | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 "19 \346\235\216\345\250\234/20250423 \350\267\257\347\224\261\350\256\277\351\227\256\346\216\247\345\210\266(ACL).md" diff --git "a/19 \346\235\216\345\250\234/20250423 \350\267\257\347\224\261\350\256\277\351\227\256\346\216\247\345\210\266(ACL).md" "b/19 \346\235\216\345\250\234/20250423 \350\267\257\347\224\261\350\256\277\351\227\256\346\216\247\345\210\266(ACL).md" new file mode 100644 index 0000000..99c64dc --- /dev/null +++ "b/19 \346\235\216\345\250\234/20250423 \350\267\257\347\224\261\350\256\277\351\227\256\346\216\247\345\210\266(ACL).md" @@ -0,0 +1,100 @@ +# 路由访问控制 ACL + +## 一、ACL 基础概念 + +1. **定义**:访问控制列表(ACL)是一种基于包过滤的访问控制技术,它通过配置一系列规则,对网络中的数据包进行检查和过滤,从而控制网络流量的进出,实现网络安全和访问管理。 + +1. **作用** + +- - **网络安全**:限制非法的网络访问,阻止恶意流量进入网络,保护内部网络资源免受未经授权的访问和攻击。 + +- - **流量管理**:对不同类型的流量进行分类和控制,例如限制某些用户或应用程序的带宽使用,优化网络性能。 + +- - **网络策略实施**:根据企业的网络策略,允许或禁止特定的网络通信,确保网络使用符合规定。 + +1. **分类** + +- - **标准 ACL**:只能根据数据包的源 IP 地址进行过滤,编号范围为 1 - 99(传统)和 1300 - 1999(扩展编号)。 + +- - **扩展 ACL**:可以根据数据包的源 IP 地址、目的 IP 地址、协议类型、端口号等多种条件进行过滤,编号范围为 100 - 199(传统)和 2000 - 2699(扩展编号)。 + +- - **命名 ACL**:使用名称代替编号来标识 ACL,方便管理和理解,可用于标准 ACL 和扩展 ACL。 + +## 二、思科模拟器中 ACL 的配置 + +### (一)标准 ACL 配置 + +1. **进入全局配置模式**:在特权模式下输入configure terminal命令。 + +1. **创建标准 ACL**:使用access - list ACL编号 permit / deny 源IP地址 通配符掩码命令。例如,创建一个编号为 1 的标准 ACL,拒绝源 IP 地址为 192.168.1.0/24的数据包进入网络,命令为`access - list 1 deny 192.168.1.0 0.0.0.255`;如果要允许其他所有 IP 地址的数据包通过,可使用`access - list 1 permit any`。 + +1. **应用 ACL 到接口**:进入要应用 ACL 的接口配置模式,使用`ip access - group ACL编号 in|out`命令。in表示对进入接口的数据包进行过滤,out表示对从接口发出的数据包进行过滤。例如,将 ACL 1 应用到 FastEthernet0/0 接口的入方向,命令为`interface FastEthernet0/0`,然后`ip access - group 1 in`。 + +### (二)扩展 ACL 配置 + +1. **进入全局配置模式**:同样在特权模式下输入configure terminal。 + +1. **创建扩展 ACL**:使用access - list ACL编号 permit|deny 协议 源IP地址 通配符掩码 目的IP地址 通配符掩码 [operator] [port]命令。例如,创建一个编号为 101 的扩展 ACL,拒绝源 IP 地址为 192.168.1.0/24的主机通过 TCP 协议访问目的 IP 地址为 [92.168.2.0/24 的主机的 80 端口,命令为`access - list 101 deny tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255eq 80`;允许其他所有 IP 地址的所有协议的数据包通过,使用`access - list 101 permit ip any any`。 + +1. **应用 ACL 到接口**:与标准 ACL 应用方式相同,进入接口配置模式,使用ip access - group ACL编号 in|out命令将 ACL 应用到相应接口。 + +### (三)命名 ACL 配置 + +1. **进入全局配置模式**:configure terminal。 + +1. **创建命名 ACL** + +- - **标准命名 ACL**:使用ip access - list standard ACL名称进入标准命名 ACL 配置模式,然后使用permit|deny 源IP地址 通配符掩码添加规则。例如,创建一个名为 “standard_acl” 的标准命名 ACL,拒绝源 IP 地址为 10.0.0.0/8的数据包,命令为ip access - list standard standard_acl,接着deny 10.0.0.0 0.255.255.255。 + +- - **扩展命名 ACL**:使用ip access - list extended ACL名称进入扩展命名 ACL 配置模式,按照扩展 ACL 的规则语法添加规则。例如,创建一个名为 “extended_acl” 的扩展命名 ACL,拒绝源 IP 地址为 172.16.0.0/16 的主机通过 UDP 协议访问目的 IP 地址为 172.17.0.0/16 的主机的 53 端口,命令为ip access - list extended extended_acl,然后deny udp 172.16.0.0 0.0.255.255172.17.0.00.0.255.255 eq 53。 + +1. **应用 ACL 到接口**:与前面两种 ACL 应用方法一致,在接口配置模式下使用ip access - group ACL名称 in|out命令。 + +## 三、ACL 配置示例 + +### (一)标准 ACL 示例 + +网络拓扑:有两个网段,192.168.1.0/24 和 192.168.2.0/24,通过路由器连接。要求禁止 192.168.1.0/24 网段的主机访问 192.168.2.0/24 网段。 + +``` +R1(config)#access - list 1 deny 192.168.1.0 0.0.0.255 +R1(config)#access - list 1 permit any +R1(config)#interface FastEthernet0/1 +R1(config - if)#ip access - group 1 out +``` + +### (二)扩展 ACL 示例 + +网络拓扑同上,要求禁止 192.168.1.0/24 网段的主机通过 HTTP 协议(TCP 80 端口)访问 192.168.2.0/24 网段,允许其他所有流量。 + +``` +R1(config)#access - list 101 deny tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 80 +R1(config)#access - list 101 permit ip any any +R1(config)#interface FastEthernet0/1 +R1(config - if)#ip access - group 101 out +``` + +### (三)命名 ACL 示例 + +网络拓扑不变,使用命名 ACL 实现禁止 192.168.1.0/24 网段的主机通过 FTP 协议(TCP 21 端口)访问 192.168.2.0/24 网段。 + +``` +R1(config)#ip access - list extended ftp_deny +R1(config - ext - nacl)#deny tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 21 +R1(config - ext - nacl)#permit ip any any +R1(config)#interface FastEthernet0/1 +R1(config - if)#ip access - group ftp_deny out +``` + +## 四、ACL 配置注意事项 + +1. **规则顺序**:ACL 中的规则是按照从上到下的顺序进行匹配的,一旦数据包匹配到某条规则,就不再继续向下匹配。因此,要合理安排规则顺序,将最严格、最特殊的规则放在前面。 + +1. **通配符掩码**:通配符掩码与子网掩码的概念不同,通配符掩码中 0 表示 “必须匹配”,1 表示 “不必关心”。在配置 ACL 时,要正确使用通配符掩码来准确指定 IP 地址范围。 + +1. **隐含规则**:每个 ACL 末尾都有一条隐含的deny any规则,即如果数据包不匹配 ACL 中的任何一条允许规则,就会被拒绝。因此,如果需要允许某些流量,必须明确配置允许规则。 + +1. **应用接口方向**:要根据实际需求正确选择 ACL 应用到接口的方向(in或out),否则可能无法达到预期的过滤效果。 + +1. **测试与验证**:配置完 ACL 后,要使用ping、traceroute等命令进行测试,检查 ACL 是否按照预期工作。同时,可以使用`show access - lists`命令查看 ACL 的配置和匹配情况,使用`show ip interface`命令查看接口上应用的 ACL 信息。 + -- Gitee From c7a6e8d522e85929cd727df790d9e208a2794ba6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E5=A8=9C?= <2977047384@qq.com> Date: Wed, 23 Apr 2025 17:40:39 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E8=B7=AF=E7=94=B1=E5=99=A8=E9=87=8D?= =?UTF-8?q?=E5=88=86=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...57\347\224\261\351\207\215\345\217\221.md" | 167 ++++++++++++++++++ 1 file changed, 167 insertions(+) diff --git "a/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" "b/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" index 0b51364..55b89bc 100644 --- "a/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" +++ "b/19 \346\235\216\345\250\234/20250422 \350\267\257\347\224\261\351\207\215\345\217\221.md" @@ -57,6 +57,173 @@ Router(config-router)#redistribute static ![image-20250422222001509](https://gitee.com/civet-hair/picgo2/raw/master/img/image-20250422222001509.png) + + +```shell +# 静态路由新端口配置ip +Router(config)#interface g0/2 +Router(config-if)#ip address 4.4.4.2 255.0.0.0 +Router(config-if)#no shutdown +# 开启默认路由 +Router(config-if)#ex +Router(config)#ip route 0.0.0.0 0.0.0.0 4.4.4.1 +# 查看静态路由器路由表 +Router#show ip route +Gateway of last resort is 4.4.4.1 to network 0.0.0.0 + + 4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 4.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 4.4.4.2/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks +C 10.30.10.0/24 is directly connected, GigabitEthernet0/0 +L 10.30.10.2/32 is directly connected, GigabitEthernet0/0 +C 10.30.20.0/24 is directly connected, GigabitEthernet0/1 +L 10.30.20.1/32 is directly connected, GigabitEthernet0/1 +S 192.168.200.0/24 [1/0] via 10.30.10.1 +S 192.168.220.0/24 [1/0] via 10.30.20.2 +S* 0.0.0.0/0 [1/0] via 4.4.4.1 +# 中间路由配置连接静态路由端口ip +Router(config)#interface g0/2 +Router(config-if)#ip address 4.4.4.1 255.0.0.0 +Router(config-if)#no shutdown +# 开启静态路由 +Router(config-if)#ex +Router(config)#ip route 192.168.200.0 255.255.255.0 4.4.4.2 +Router(config)#ip route 192.168.220.0 255.255.255.0 4.4.4.2 +``` + +```shell +# RIP路由新端口配置ip +Router(config)#interface g0/2 +Router(config-if)#ip address 3.3.3.2 255.0.0.0 +Router(config-if)#no shutdown +Router(config-if)#ex +# 进入rip模式 +Router(config)#route rip +Router(config-router)#version 2 +Router(config-router)#network 3.3.3.0 +Router(config-router)#ex +# 查看rip路由器路由表 +Router#show ip route +Gateway of last resort is not set + 3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 3.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 3.3.3.2/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks +C 10.20.10.0/24 is directly connected, GigabitEthernet0/0 +L 10.20.10.1/32 is directly connected, GigabitEthernet0/0 +R 10.20.20.0/24 [120/1] via 10.20.10.2, 00:00:01, GigabitEthernet0/0 + 192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks +C 192.168.100.0/24 is directly connected, GigabitEthernet0/1 +L 192.168.100.254/32 is directly connected, GigabitEthernet0/1 +R 192.168.120.0/24 [120/2] via 10.20.10.2, 00:00:01, GigabitEthernet0/0 +# 中间路由器连接rip端口配置ip +Router(config)#interface g0/1 +Router(config-if)#ip address 3.3.3.1 255.0.0.0 +Router(config-if)#no shutdown +Router(config-if)#ex +# 进入rip模式 +Router(config)#route rip +Router(config-router)#version 2 +Router(config-router)#network 3.3.3.0 +# 查看中间路由器的路由表 +Router#show ip route +Gateway of last resort is not set + 3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 3.0.0.0/8 is directly connected, GigabitEthernet0/1 +L 3.3.3.1/32 is directly connected, GigabitEthernet0/1 + 4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 4.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 4.4.4.1/32 is directly connected, GigabitEthernet0/2 +R 10.0.0.0/8 [120/1] via 3.3.3.2, 00:00:00, GigabitEthernet0/1 +R 192.168.100.0/24 [120/1] via 3.3.3.2, 00:00:00, GigabitEthernet0/1 +R 192.168.120.0/24 [120/3] via 3.3.3.2, 00:00:00, GigabitEthernet0/1 +S 192.168.200.0/24 [1/0] via 4.4.4.2 +S 192.168.220.0/24 [1/0] via 4.4.4.2 +``` + +```shell +# ospf路由器新端口ip配置 +Router(config)#interface g0/2 +Router(config-if)#ip address 2.2.2.2 255.0.0.0 +Router(config-if)#no shutdown +# 进入ospf模式 +Router(config)#route ospf 1 +Router(config-router)#network 2.2.2.0 0.255.255.255 area 0 +# 查看ospf路由器路由表 +Router#show ip route +Gateway of last resort is not set + 2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 2.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 2.2.2.2/32 is directly connected, GigabitEthernet0/2 +O E2 3.0.0.0/8 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks +O E2 10.0.0.0/8 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +O 10.10.10.0/24 [110/2] via 10.10.20.1, 00:24:49, GigabitEthernet0/0 +C 10.10.20.0/24 is directly connected, GigabitEthernet0/0 +L 10.10.20.2/32 is directly connected, GigabitEthernet0/0 +O 192.168.10.0/24 [110/3] via 10.10.20.1, 00:24:49, GigabitEthernet0/0 + 192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks +C 192.168.20.0/24 is directly connected, GigabitEthernet0/1 +L 192.168.20.254/32 is directly connected, GigabitEthernet0/1 +O E2 192.168.100.0/24 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +O E2 192.168.120.0/24 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +# 配置中间路由器连接ospf端口ip +Router(config)#interface g0/0 +Router(config-if)#ip address 2.2.2.1 255.0.0.0 +Router(config-if)#no shutdown +# 进入ospf模式 +Router(config)#route ospf 1 +Router(config-router)#network 2.2.2.0 0.255.255.255 area 0 +# 查看中间路由器路由表 +show ip route +Gateway of last resort is not set + 2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 2.0.0.0/8 is directly connected, GigabitEthernet0/0 +L 2.2.2.1/32 is directly connected, GigabitEthernet0/0 + 3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 3.0.0.0/8 is directly connected, GigabitEthernet0/1 +L 3.3.3.1/32 is directly connected, GigabitEthernet0/1 + 4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 4.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 4.4.4.1/32 is directly connected, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks +R 10.0.0.0/8 [120/1] via 3.3.3.2, 00:00:11, GigabitEthernet0/1 +O 10.10.10.0/24 [110/3] via 2.2.2.2, 00:01:52, GigabitEthernet0/0 +O 10.10.20.0/24 [110/2] via 2.2.2.2, 00:01:52, GigabitEthernet0/0 +O 192.168.10.0/24 [110/4] via 2.2.2.2, 00:01:52, GigabitEthernet0/0 +O 192.168.20.0/24 [110/2] via 2.2.2.2, 00:01:52, GigabitEthernet0/0 +R 192.168.100.0/24 [120/1] via 3.3.3.2, 00:00:11, GigabitEthernet0/1 +R 192.168.120.0/24 [120/3] via 3.3.3.2, 00:00:11, GigabitEthernet0/1 +S 192.168.200.0/24 [1/0] via 4.4.4.2 +S 192.168.220.0/24 [1/0] via 4.4.4.2 +``` + +```shell +# 中间路由配置转发命令 +Router(config)#route ospf 1 //将rip转发成ospf +Router(config-router)#redistribute rip subnets //每一个网段都转发成ospf +# ospf 路由器的路由表状态 +Router#show ip route + 2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks +C 2.0.0.0/8 is directly connected, GigabitEthernet0/2 +L 2.2.2.2/32 is directly connected, GigabitEthernet0/2 +O E2 3.0.0.0/8 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 + 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks +O E2 10.0.0.0/8 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +O 10.10.10.0/24 [110/2] via 10.10.20.1, 00:24:49, GigabitEthernet0/0 +C 10.10.20.0/24 is directly connected, GigabitEthernet0/0 +L 10.10.20.2/32 is directly connected, GigabitEthernet0/0 +O 192.168.10.0/24 [110/3] via 10.10.20.1, 00:24:49, GigabitEthernet0/0 + 192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks +C 192.168.20.0/24 is directly connected, GigabitEthernet0/1 +L 192.168.20.254/32 is directly connected, GigabitEthernet0/1 +O E2 192.168.100.0/24 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +O E2 192.168.120.0/24 [110/20] via 2.2.2.1, 00:00:31, GigabitEthernet0/2 +``` + + + ```shell # 作为转发的路由的路由表 Router#show ip route -- Gitee