實驗來源:工大瑞普Cisco網絡技術論壇 650) this.width=650;" alt="" src="http://img1.51cto.com/attachment/200706/200706131181708229203.gif" border="0" /> 1.按照試驗拓撲配置好各臺路由器的接口IP地址; 2.使用ping命令驗證相鄰兩臺路由器的連通性; 3.配置RIP協議: R1配置: Router(config)#router rip Router(config-router)#version 2 Router(config-router)#network 10.1.1.0 Router(config-router)#network 172.16.1.0 Router(config-router)#passive-interface loopback 0 Router(config-router)#no auto-summary //取消自動彙總 Router(config)#router rip Router(config-router)#version 2 Router(config-router)#network 172.16.1.0 Router(config-router)#network 172.16.2.0 Router(config-router)#no auto-summary Router(config)#router rip Router(config-router)#version 2 Router(config-router)#network 10.2.2.0 Router(config-router)#network 172.16.2.0 Router(config-router)#passive-interface loopback 0 Router(config-router)#no auto-summary Router#show ip protocols Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 0 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 Interface Send Recv Triggered RIP Key-chain Serial1/1 2 2 Loopback0 2 2 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 10.0.0.0 172.16.0.0 Routing Information Sources: Gateway Distance Last Update 172.16.1.2 120 00:00:13 Distance: (default is 120) Router#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/24 is subnetted, 2 subnets C 172.16.1.0 is directly connected, Serial1/0 C 172.16.2.0 is directly connected, Serial1/1 10.0.0.0/24 is subnetted, 2 subnets R 10.2.2.0 [120/1] via 172.16.2.1, 00:00:20, Serial1/1 R 10.1.1.0 [120/1] via 172.16.1.1, 00:01:43, Serial1/0 5.OK,下面開始配置RIP驗證,舉例在R2上配置,驗證R1: Router(config)#key chain cisco //定義鑰匙鏈。鑰匙鏈名爲cisco Router(config-keychain)#key 1 //定義鑰匙鏈上的第一個鑰匙 Router(config-keychain-key)#key-string key //定義密鑰 Router(config-keychain-key)#exit Router(config-keychain)#exit Router(config)#interface serial 1/0 Router(config-if)#ip rip authentication key-chain cisco //在接口下起用rip驗證,並使用鑰匙鏈cisco Router(config-if)#ip rip authentication mode md5 //定義鑰匙的驗證是md5的 Router(config-if)#exit Router#debug ip rip RIP protocol debugging is on Router# *Mar 1 00:07:34.643: RIP: received v2 update from 172.16.2.1 on Serial1/1 *Mar 1 00:07:34.643: 10.2.2.0/24 via 0.0.0.0 in 1 hops *Mar 1 00:07:36.519: RIP: sending v2 update to 224.0.0.9 via Serial1/1 (172.16.2.2) *Mar 1 00:07:36.519: RIP: build update entries *Mar 1 00:07:36.519: 10.1.1.0/24 via 0.0.0.0, metric 2, tag 0 *Mar 1 00:07:36.523: 172.16.1.0/24 via 0.0.0.0, metric 1, tag 0 *Mar 1 00:07:42.539: RIP: ignored v2 packet from 172.16.1.1 (invalid authentication) //無效的 驗證 *Mar 1 00:07:45.623: RIP: sending v2 update to 224.0.0.9 via Serial1/0 (172.16.1.2) *Mar 1 00:07:45.623: RIP: build update entries *Mar 1 00:07:45.623: 10.2.2.0/24 via 0.0.0.0, metric 2, tag 0 *Mar 1 00:07:45.627: 172.16.2.0/24 via 0.0.0.0, metric 1, tag 0 Router#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/24 is subnetted, 2 subnets C 172.16.1.0 is directly connected, Serial1/0 C 172.16.2.0 is directly connected, Serial1/1 10.0.0.0/24 is subnetted, 2 subnets R 10.2.2.0 [120/1] via 172.16.2.1, 00:00:23, Serial1/1 R 10.1.1.0/24 is possibly down, routing via 172.16.1.1, Serial1/0 如果我們想讓R1繼續可以和R2更新,那麼也需要在R1上配置key,方法和在R2上配置時一樣。。(爲了演示方便,我把認證模式改爲test了),然後我們再在R2上debug 一下: Router#debug ip rip RIP protocol debugging is on Router# *Mar 1 00:19:24.475: RIP: received packet with text authentication key *Mar 1 00:19:24.475: RIP: received v2 update from 172.16.1.1 on Serial1/0 *Mar 1 00:19:24.479: 10.1.1.0/24 via 0.0.0.0 in 1 hops OK,實驗完。 |
RIPv2的認證(Enabling RIPv2 Autherization)
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.