Router1 S1/0 <----> Router2 S1/0
Router2 S1/1 <----> Router3 S1/1
Switch
Switch
Switch
Switch
Switch
Switch
Switch
R1(inside) s1/0 I
R2(border) s1/1 IP 61.163.7.200 R3(border) s1/1 IP 61.163.7.254
sw1(user-sw1) vlan 1 IP 172.16.1.2 R1(inside) f0/0 IP 172.16.1.1
sw2(user-sw2) vlan 1 ip 172.16.2.2 R1(inside) f0/1 172.16.2.1
sw3(isp-sw) vlan 1 ip 100.100.100.2 R3(isp) f0/0 100.100.100.1
vpc0/1 ip 172.16.1.3
vpc0/2 ip 172.16.2.3
vpc0/3 ip 100.100.100.3
R1 配置:ripv2 172.16.0.0
rip認證
s1/0 手工彙總
單播路由
被動接口f0/0,f0/1
R2 配置 ripv2
RIP缺省路由 default-information
RIP單播更新
RIP認證
動態路由 172.16.0.0 61.163.7.201 61.163.7.206
靜態路由 172.16.2.3 61.163.7.210
rip認證
rip 偏移列表
R3 配置(做ISP路由供測試用)
R1具體配置
inside#show run
Building configuration...
Current configuration : 1533 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname inside
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$mMdI$JkjyWJvZcPHERCUvfaby/.
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
key chain aa
key 10
key-string cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 172.16.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.2.1 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address
ip rip authentication mode md5
ip rip authentication key-chain aa
ip summary-address rip 172.16.0.0 255.255.0.0
no fair-queue
serial restart-delay 0
!
interface Serial1/1
no ip address
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router rip
version 2
passive-interface FastEthernet0/0
passive-interface FastEthernet0/1
passive-interface Serial1/0
network
network 172.16.0.0
neighbor
no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
inside#
R2配置
border#show run
Building configuration...
Current configuration : 1881 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname border
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
key chain aa
key 10
key-string cisco
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address
ip nat inside
ip rip authentication mode md5
ip rip authentication key-chain aa
ip virtual-reassembly
no fair-queue
serial restart-delay 0
!
interface Serial1/1
ip address 61.163.7.200 255.255.255.0
ip nat outside
ip virtual-reassembly
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router rip
version 2
passive-interface Serial1/0
offset-list
network
neighbor
default-information originate
no auto-summary
!
ip forward-protocol nd
ip route
!
!
ip http server
no ip http secure-server
ip nat pool cisco 61.163.7.201 61.163.7.205 netmask 255.255.255.0
ip nat inside source list 10 pool cisco overload
ip nat inside source list 101 pool cisco overload
ip nat inside source static 172.16.2.3 61.163.7.210
!
access-list 11 permit 172.16.0.0
access-list 101 permit ip 172.16.0.0 0.0.255.255 any
access-list 101 permit i
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
border#
R3具體配置
isp#show run
*Mar 1 01:25:57.751: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/0 (not full duplex), with isp-user FastEthernet0/0 (full duplex).
isp#show run
Building configuration...
Current configuration : 1129 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname isp
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 100.100.100.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
no fair-queue
serial restart-delay 0
!
interface Serial1/1
ip address 61.163.7.254 255.255.255.0
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
isp#