在这篇文章中,我们将带领您了解Cisco交换机/路由器ssh配置的全貌,包括cisco交换机ssh配置命令的相关情况。同时,我们还将为您介绍有关C#SSH.netCisco连接、CCIE总结:路由器、
在这篇文章中,我们将带领您了解Cisco 交换机/路由器 ssh 配置的全貌,包括cisco交换机ssh配置命令的相关情况。同时,我们还将为您介绍有关C# SSH.net Cisco 连接、CCIE总结:路由器、交换机、CCNA 实验攻略 1:配置 Cisco 交换机、CCNP (BCMSN) 实验:交换机密码恢复(Cisco 3550 交换机)的知识,以帮助您更好地理解这个主题。
本文目录一览:- Cisco 交换机/路由器 ssh 配置(cisco交换机ssh配置命令)
- C# SSH.net Cisco 连接
- CCIE总结:路由器、交换机
- CCNA 实验攻略 1:配置 Cisco 交换机
- CCNP (BCMSN) 实验:交换机密码恢复(Cisco 3550 交换机)
Cisco 交换机/路由器 ssh 配置(cisco交换机ssh配置命令)
一准备工作:
1.开启交换机/路由器
2.连击Console控制线,到控制电脑
3.打开com口控制软件(支持ssh协议)
二配置工作:
1.进入特权模式
Cisco> enable2.输入密码
Password:3.进入全局配置模式
Cisco# conf t4.进入接口
(1)路由器输入
Cisco(config)#int GigabitEthernet 0/1 (2)交换机输入
Cisco(config)#int Vlan 15.根据需要配置IP
Cisco (config-if)#ip add x.x.x.x x.x.x.x6.打开接口
Cisco (config-if)#no shutdown7.可查看以上配置(可跳过,需要时查看)
Cisco (config-if)#do sh ip int br查看当前接口配置
8.退出接口
Cisco (config-if)#exi9.设置域名
Cisco (config)#ip domain-name cisco.com 为交换机/路由器配置一个域名,也可以认为该交换机/路由器属于这个域
10.配置SSH加密方式
Cisco (config)#crypto key generate rsa 生成一个为rsa算法的密钥
The name for the keys will be: R1.cisco.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024 ----------设置密钥为1024位
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
*Mar 1 00:59:17.179: %SSH-5-ENABLED: SSH 1.99 has been enabled
PS:在Cisoc中rsa支持360-2048位密钥,该算法的原理是:主机将自己的公用密钥分发给相关的客户机,客户机在访问主机时则使用该主机的公开密钥来加密数据,主机则使用自己的私有的密钥来解密数据,从而实现主机密钥认证,确定客户机的可靠身份。
11.配置虚拟终端
Cisco (config)#line vty 0 512.使用本地数据库
Cisco (config-line)#login local 13.配置远程登录方式
Cisco (config-line)#transport input ssh 可先用Cisco (config-line)#transport input none ----------关闭VTY其他的远程登录协议
14.允许远程登录(非常重要)
Cisco (config-line)# access-class 1 in15.退出虚拟终端
Cisco (config-line)#exi16.创建用户名和密码
Cisco (config)#username admin password admin17.设置特权密码(可不设)
Cisco (config)#enable secret cisco 18.加入AAA认证
Cisco (config)# aaa new-model19.配置ssh超时时间
Cisco (config)#ip ssh time-out 12020.设置ssh版本
Cisco (config)#ip ssh version 2 配置完成
C# SSH.net Cisco 连接
如何解决C# SSH.net Cisco 连接?
我想用 C# 编写一个程序,我可以用它在 Cisco 交换机上执行标准化命令。要设置 SSH 连接,我使用 SSH.net。不幸的是,我的程序不起作用。我不确定是否会建立 SSH 连接。在任何情况下,都不会执行提到的命令。 不幸的是,我是一个新手程序员,我需要你的帮助。你能告诉我我做错了什么吗?
非常感谢。
亚历克斯
class Program
{
static void Main(string[] args)
{
ConnectionInfo ConnNfo = new ConnectionInfo("192.168.1.1",22,"username",new AuthenticationMethod[]{
new PasswordAuthenticationMethod("username","password"),}
);
using (var sshclient = new SshClient(ConnNfo))
{
sshclient.Connect();
if (!sshclient.IsConnected)
{
Console.WriteLine("not connect...");
}
else
{
Console.WriteLine("connect...");
}
var cmd = sshclient.runcommand("enable");
cmd = sshclient.runcommand("cisco");
cmd = sshclient.runcommand("conf t");
cmd = sshclient.runcommand("int gi 1/0/2");
cmd = sshclient.runcommand("des Test");
cmd = sshclient.runcommand("exit");
Console.ReadLine();
sshclient.disconnect();
}
Console.ReadKey();
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)
CCIE总结:路由器、交换机
bbs.spoto.net/forum-178-1.html -----雏鹰部落
GNS3安装
1、安装的所有目录不能使用中文
ISO如何操作
securecrt如何使用建立会话:之前总是连不上的原因是没有选 telnet协议,而不是ssh协议,要注意。
cmd如何进入GNS3模式:telnet localhost 2001
GNS3使用过程以及两个路由怎样连接
打开软件--添加镜像(c3640-jk9o3s-mz.124-13a)--计算IDLE值直到出现*号选择即可,目的是降低cpu使用率在10%以下才可以--暂停双击--添加快速以太网口--add a link--两个路由连接起来
命令+?=查看帮助
用户模式:》 输入exit 可以退出
特权模式:# 输入enable进入特权模式
全局模式(router(config)#模式--更高一级):输入configure terminal特权模式
全局模式退出:end 到上一级,exit 到用户模式
pc4(config)#default interface f 0/0 ------还原默认配置
配置console密码,下次再插console就得输入密码
R1(config)#line console 0 ---进入接口
R1(config)#password spoto
R1(config-line)#login 当其他设备连接这台设备时需要密码验证
R1(config-line)#no login
R1(config-line)#no pas spoto
用户模式-特权模式 设置密码
到特权模式下
R1(config)#enable secret spoto
VTY口令-用于限制人员通过telnet访问设备,设备第一次现场调试,以后要通过远程telnet调试,
实验:
R1作为被调试的设备,R2去登陆R1调试
R1(config)#line vty 0 4 vty:虚拟通道 0-4:要开5个通道
R1(config-line)#password spototelnet
R1#sh ip int
R1#sh ip int b
R1#conf t
R1(config)#int f 0/0
R1(config-if)#ip add 1.1.1.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#no shutdown
R2(config)#int f 0/0
R2(config-if)#ip add 1.1.1.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R1(config-if)#ping 1.1.1.2 ---------这个模式报错--Ping测试要在特权模式下
^
% Invalid input detected at ''^'' marker
R1#ping 1.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/44/88 ms
R2#telnet 1.1.1.1 -------------注意是特权模式下
Trying 1.1.1.1 ... Open
User Access Verification
Password:
% Password: timeout expired!
Password: spototelnet
R1>enable
Password:spoto
R1#
查看当前所有配置
R1#show running-config ---注意在特权模式下 --保存在内存里面 即RAM里面,重启后会清空
start-up-config 存储在NVRA里面 现在设备都放在flash里面 保存在这里面--再重启不丢失
保存配置 第一种
R1#write
Building configuration...
[OK]
保存配置 第二种
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
清空配置
R1#erase startup-config 针对旧设备, 都对当前配置没有影响,重启后才生效
R1#delete flash:config.text 现在设备 都对当前配置没有影响,重启后才生效
配IP步骤:
先进入:用户模式-》特权模式-》全局模式-》进入接口
接口区分:如果一台设备有两个插槽,第一个插槽编号是0,第二个插槽编号是1。第一个插槽里面只有一个接口编号是0;第二个插槽里面有两个接口编号,一个是0,一个是1,
一、配置以太网接口(就是以太网链路)--基于8.2.3标准走,用的ARP协议
进入普通10M以太网口
interface ethernet 0/0 -----进入第一个插槽编号,第0个接口
interface ethernet 1/0 -----进入第二个插槽编号,第0个接口
interface ethernet 1/1 -----进入第二个插槽编号,第1个接口
ethernet 0/0 第一个0表示10M 整个意思:10M以太网口
进入快速以太网口
interface fast-ethernet 0/0
添加ip
R1(config-if)#ip add 1.1.1.1 255.255.255.0
激活接口--------思科设备默认是关闭的
R1(config-if)#no shutdown
实验:
R1#conf terminal
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0 -----提示符已变成 -if
R1(config-if)#no shutdown
R1(config-if)#end
R1#
R2#configure terminal
R2(config)#interface f 0/0 interface s 0/0
R2(config-if)#ip address 192.168.1.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#end
R2#
Ping测试要在特权模式下
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
.!!!! ------5个包,第一个包超时
Success rate is 80 percent (4/5), round-trip min/avg/max = 28/45/88 ms
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/71/136 ms
二、配置serial接口(就是串行接口) (就是串行链路)(广域网链路)
DCE端
R1(config)#interface serial 0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config)#clock rate 6400 在DCE端配置时钟信号。时钟信号在运营商,用户是DTE端,线缆两头分别写着DCE和DTE,做模拟实验,需要一端模拟运营商,
DTE端不用配时钟
R1(config)#interface serial 0/0
R1(config-if)#ip address 192.168.1.2 255.255.255.0
R1(config-if)#no shutdown
查看具体接口配置信息
R1#show interfaces f0/0 ----------注意模式
FastEthernet0/0 is up, line protocol is up ----物理接口和协议都是up
Hardware is AmdFE, address is cc00.0b00.0000 (bia cc00.0b00.0000) ---快速以太网口和MAC地
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, BW-带宽是100M, DLY--延迟
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
R1#show ip int brief ------查看哪些接口配了哪些ip
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.1 YES manual up up
YES manual up---------是物理状态,如果连接路由器的线断了就是down了,
Protocol up---------是协议状态,如果没有配置时钟信号,就是down
路由选择原理;静态路由(S),直连路由(C)
R1#show ip route
C 192.168.1.0/24 is directly connected, FastEthernet0/0
C:表示通过什么渠道获得,比如手工配置,C是直连,。S是手工配置的静态的
192.168.1.0/24 :表示目标地址
FastEthernet0/0 :表示从哪出去,从接口出去还是吓一跳扔给谁。
直连路由:路由接口配完IP后,接口激活,且双up:物理和协议都up,就会学习到紧邻路由的网络号,如:192.168.2.0/24, ---C
静态路由:人工建表,指定去哪个网段,如果去的网段号很多,就得配好多表,--适合中小型网络。
动态路由:两个路由之间相互对话,从而学到远端路由所知道的,比如3.0;4.0;6.0等网段。
直连路由的获取:两端路由只能知道一侧的路由,中间的路由可以知道紧邻两侧的路由信息。
静态路由配置: PC->网关->目的路由->目的路由后面是公网
需要人工配置告诉网关去往目的地的路由信息,即网络号
静态路由配置两种方式
R1(config)#ip route 192.168.1.0 255.255.255.255.0 192.168.12.1 192.168.1.0指的是公网IP 192.168.12.1指的是和目的路由器相连的左边的IP.------叫做扔给对端IP
R1(config)#ip route 192.168.1.0 255.255.255.255.0 serial 0 serial 0指的是网关紧挨着右边的接口 --------叫做扔给本地接口。
通信是双向的,还需要配置回来的路由信息,也是这样的,
实验:
PC-> R1路由->R2路由->R3目的路由->目的路由后面的公网
-( R1路由)-S0/0 192.168.12.1/24
192.168.12.2/24 S0/0-( R2路由)-S0/1 192.16823.2/24
192.168.23.3/24 S0/0-( R3路由)
R1(config)#ip route 192.168.23.0 255.255.255.0 192.168.12.2
R3(config)#ip route 192.168.12.0 255.255.255.255.0 serial s0/0
192.168.12.2------叫做扔给对端IP
serial s0/0指的是网关紧挨着右边的接口 --------叫做扔给本地接口。
通信是双向的,还需要配置回来的路由信息,也是这样的,
默认路由 表示符号:S*
实验(紧接着上面):PC-> R1路由->R2路由--后面接着好多网段IP,有1.0;2.0;3.0;4.0;多个隔离网络
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.12.2 192.168.12.2相当于默认网关。
telnet七层访问构造 客户 A---网关路由---远端路由---客户 B
源端口是一个随机端口,目的端口一定是23端口。
osi七层:7-5层不重要,4层把端口号封装TCP头部,然后建立三次握手连接在四层,源端口是一个随机端口,目的端口一定是23端口;3层报头加IP,源IP和目的IP;2层是帧头,加上源mac和目标网关路由mac地址(mac只能在本地LAN有效)。A要把数据发给B,必须得先发给网关,所以必须得知道网关的mac地址。
A通过地址解析协议发送广播给网关,网关收到后再回一个给A,A就会更新它的mac表,然后加上源mac和目标网关路由mac地址,最后变成10100的字样传给网关路由,网关收到后拆到第三层漏出IP,如果发现不是给自己的,就原封不动的打包回去,但是他要帮客户送出去,但是查了查路由没有到远端的路由表,所以我们就配置静态路由的方法告诉他怎么走。到远端路由后要拆封到帧,填上自己的mac地址和客户B的mac地址,所以也要广播得到,然后送给B计算机,B也要一层层拆,拆到应用层,看是23端口号,是telnet程序,所以就丢给了telnet程序处理。
同理B回包的时候也得走这个过程。
cmd里面输入 :arp -a 得到所有的mac地址。
lookback接口是虚拟接口,是个软件接口跟物理接口一样,可以配置IP地址。当物理接口不够用时,就可以用lookback接口。所以要开启这个、
静态路由坏处:当有好多个路由时,基本每个路由都要配路由表,会很忙,而且有一个远端路由坏掉时 ,也不是道。
动态路由协议
--------动态的更新,是一个对话。
静态路由坏处:当有好多个路由时,基本每个路由都要配路由表,会很忙,而且有一个远端路由坏掉时 ,也不是道。
动态路由坏处:需要占用一定的cpu等资源,会占用一定带宽,但对网络不会造成太大影响
动网路由协议分类:内部网关协议和外部网关协议。
AS号:自治系统,-自我管理
AS号内部---------选择内部网关协议
不同AS之间---------选择外部网关协议--------比如两个跨国公司之间,---比如两个农业银行之间
内部网关协议包括:1、距离矢量协议 2、链路状态协议
外部网关协议包括:BGP--适用于超大型网络
距离矢量协议
距离矢量协议包括:1、RIPV1和RIPV2 2、EIGRP
距离指的跳数--hop 一跳要跨越一台路由器,比如 R1要通过 R2 跨越2.0网段,这就是垮了一跳,以条数衡量一条路由的好坏,
矢量:R2要通告给R1,R1要经过R2,这就是方向
一旦两台路由之间运行协议,路由就会更新自己的路由表,进行对话,周期性的更新,
更新方式:采用广播, 缺点:对链路和设备造成损耗,
收敛完成的意思:动态路由学习完毕
收敛分两步:1、初次路由信息交换,进一步交欢
度量值(Metric):衡量一条路由的好和坏 ----附图见网盘--动态路由--距离矢量路由协议。就是说路由 --------前提在同一协议中做比较A连接了两个分支路由。
-A-B-E-1.0 ---------A到1.0经过了2跳 --------更忧 来源-RIP,网络号,viaB
-A-C-D-E-1.0 --------A到1.0经过了3跳
这样以后都会走更忧的路径,但是当2跳的任何地方出了问题,就会选择3跳的路径
度量值(Metric):同一台路由器收到多条去往同一个目的地的路由,会比较Metric值,Metric值忧的会被装进路由表,注:Metric值有比较条数的,有比较带宽的。如果两个Metric都相同就会同时使用,这就是负载均衡,
RIP缺点:当3跳的那条链路带宽比2跳的那条链路带宽大时,就是浪费,---附图见网盘--动态路由--距离矢量路由协议
冗余:自动切换链路,当有一个链路挂掉时候,而静态的路由是无法自动切换的。
查看度量值(Metric):show ip route ------附图见网盘--动态路由--距离矢量路由协议
Metric:在同一协议中做比较
管理距离(AD值):指的是不同动态协议之间做比较选择最优路径。
总结:
一台路由器,当它从两种不同的动态路由协议选择协议中,学习到去往同一个目的地的路由,比较AD值。取信小的将路由装入路由表,进行数据转发,另一条路径,只有当优选的路径DOWN掉的时候,才会出现和使用;
一台路由器,当它从同种动态路由协议,但不同方向(邻居)学习 去往同一个目的地的路由,则比较metric度量值,选择忧的,装入路由表,进行数据转发。
依照传闻的更新方式(广播、更新路由表) -----容易被骗,容易产生环路
逐跳更新
环路的产生:-A-B-C-
当C右端链路断掉时。但是仍然周期性的更新,当有pc访问C时,C告诉走B,B再告诉走C,往复循环,直到跑死,------------附图见网盘--动态路由--距离矢
还有达到无穷大
量路由协议
消除环路的方法: A-B-C-x
1、定义最大度量值防止计数至无穷大(最大跳数)16 ----这是RIP的最大上限
2、水平分隔 --附图见网盘--动态路由--距离矢
3、抑制计时器:抑制计时器:远端出问题时,B和C先启动计时器。观察,如果恢复,就继续使用
4、路由中毒 ---路由无穷大--就是不可达-----泛红出去------附图见网盘--动态路由--距离矢
5、毒性逆转 :带有路由中毒的水平分隔,:C告诉B路由不可达,B也告诉C我知道路由不可达,并等待C右边的线路好
6、触发更新:拓扑发送变化时,路由立即发送更新消息
RIP:适用于金融行业,
基于UDP,端口520的应用层协议。
管理距离120
RIP实验
R1 R2 R3
如果有多个路由,依次宣告自己的网络号即可
R1#conf t
R1(config)#interface S 0/0
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no sh
R1#ping 192.168.12.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/38/52 ms
R1#ping 192.168.23.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#conf t
R1(config)#router rip
R1(config-router)#network 192.168.12.0
R1(config-router)#end
R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
(配置Rip后)
R1#ping 192.168.23.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R2#configure t
R2(config)#int s 0/0
R2(config-if)#ip address 192.168.12.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#int s 0/1
R2(config-if)#ip address 192.168.23.2 255.255.255.0
R2(config-if)#no sh
R2(config)#end
R2#sh ip int b
R2#ping 192.168.23.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/35/48 ms
R2#conf t
R2(config)#router rip
R2(config-router)#net
R2(config-router)#network 192.168.12.0
R2(config-router)#network 192.168.23.0
R3#conf t
R3(config)#int s 0/0
R3(config-if)#ip address 192.168.23.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#end
R3#conf t
R3(config)#router rip
R3(config-router)#network 192.168.23.0
R3(config-router)#end
R3#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
R 192.168.12.0/24 [120/1] via 192.168.23.2, 00:00:22, Serial0/0
C 192.168.23.0/24 is directly connected, Serial0/0
R3#ping 192.168.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/68/96 ms
EIGRP
--增强型内部网关路由协议 --思科私有---只能在思科设备上运行--前身是IGRP
RFC文档 ----规范 www.rfc
特点:收敛速度比较快,减少带宽浪费,(触发性更新)--当网络拓扑发送变化时才更新,
支持多种网络层协议,(ip,ipx,appletalk) ---见截图
无类路由:可以识别不同掩码
高级距离矢量协议:不只只是根据跳数,也可以根据带宽。
100%无环路,---DUAL算法
首先形成邻居表,再进行路由信息同步,然后启用DUAL算法,查看哪个更忧。
三种表:邻居表,拓扑表。路由表,
通过组播方式泛红:224.0.0.10发送
metric计算==带宽+延迟 =BW+DLY BW=(10的7次方/带宽 )*256
DLY= ((延迟(微妙)/10)*256
带宽:沿路所有数据出接口带宽最低值,且是接口的带宽,而不是链路的带宽
延迟:沿路所有数据出接口延迟的和
DUAL算法:提供无环路
后继路由器:就是选择metric最优的那条路的下一个路由器。
可行距离:本地到达目标地的metric值,(FD) 本地可以是A 可以是B
可行后继路由器:备份的那个 (FS)
A-B-D-
A-C-D-
通告距离:C通告给A到达目的地的D右面网段的距离,(AD)
可行后继成立的条件:C通告给A到达目的地的D右面网段的距离,(AD)要小于 A通过B到达D右面网段的距离。(FD)
路由更新和数据包的方向是相反的
K值要相等
EIGRP的配置
AS:域,比如一个省份就是一个域,不同的AS用不同的号码区分,
debug:一般不要开启,开启后会出现大量调试信息,有可能把设备跑坏,
自动汇总:防止远端网络号down掉的反复计算DUAL值协议默认开启汇总,
10.1.1.0/24 这是个子网 10.网段是A类地址,进行了子网划分。
172.16.0.0/16
192.168.12.0 是个主类地址,
EIGRP的配置实验
R1#conf t
R1(config)#interface S 0/0
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#router eigrp 100
R1(config-router)#network 192.168.12.0
R1(config-router)#end
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
R2#configure t
R2(config)#int s 0/0
R2(config-if)#ip address 192.168.12.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#
*Mar 1 00:05:13.543: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R2(config-if)#
*Mar 1 00:05:14.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R2(config-if)#in
R2(config-if)#int lo0
R2(config-if)#
*Mar 1 00:05:40.851: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R2(config-if)#ip add 2.2.2.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#router eigrp 100
R2(config-router)#networ
R2(config-router)#network 192.168.12.0
R2(config-router)#
*Mar 1 00:06:40.487: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.12.1 (Serial0/0) is up: new adjacency
R2(config-router)#netw
R2(config-router)#network 2.2.2.
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
D 2.0.0.0/8 [90/2297856] via 192.168.12.2, 00:00:12, Serial0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 13 00:02:10 73 438 0 4
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 14 00:02:33 73 438 0 4
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 13 00:02:43 73 438 0 4
R1#
Connected to Dynamips VM "R1" (ID 13, type c3600) - Console port
Press ENTER to get the prompt.
R1#sh
R1#show ip
R1#show ip eifr
R1#show ip eigrp
R1#show ip eigrp nei
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 13 00:52:02 73 438 0 4
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 14 00:52:20 73 438 0 4
R1#conf
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s 0/0
R1(config-if)#shu
R1(config-if)#shutdown
R1(config-if)#
*Mar 1 01:05:01.555: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.12.2 (Serial0/0) is down: interface down
R1(config-if)#
*Mar 1 01:05:03.515: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down
*Mar 1 01:05:04.515: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down
R1(config-if)#debu
R1(config-if)#de
R1(config-if)#debu
R1(config-if)#debug ip eigr
R1(config-if)#end
R1#d
*Mar 1 01:05:59.195: %SYS-5-CONFIG_I: Configured from console by console
R1#deb
R1#debug ip eigr
R1#debug ip eigrp ?
<1-65535> Autonomous System
neighbor IP-EIGRP neighbor debugging
notifications IP-EIGRP event notifications
summary IP-EIGRP summary route processing
vrf Select a VPN Routing/Forwarding instance
<cr>
R1#debug ip eigrp
IP-EIGRP Route Events debugging is on
R1#conf
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s 0/0
R1(config-if)#no shu
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 01:08:34.855: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 01:08:35.859: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 01:08:44.755: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.12.2 (Serial0/0) is up: new adjacency
*Mar 1 01:08:44.915: IP-EIGRP(Default-IP-Routing-Table:100): Processing incoming UPDATE packet
*Mar 1 01:08:44.919: IP-EIGRP(Default-IP-Routing-Table:100): 192.168.12.0/24 - do advertise out Serial0/0
*Mar 1 01:08:44.987: IP-EIGRP(Default-IP-Routing-Table:100): Processing incoming UPDATE packet
*Mar 1 01:08:44.991: IP-EIGRP(Default-IP-Routing-Table:100): Int 2.0.0.0/8 M 2297856 - 1657856 640000 SM 128256 - 256 128000
*Mar 1 01:08:44.991: IP-EIGRP(Default-IP-Routing-Table:100): route installed for 2.0.0.0 ()
*Mar 1 01:08:44.995: IP-EIGRP(Default-IP-Routing-Table:100): 192.168.12.0/24 - do advertise out Serial0/0
R1(config-if)#
*Mar 1 01:08:45.083: IP-EIGRP(Default-IP-Routing-Table:100): Processing incoming UPDATE packet
*Mar 1 01:08:45.087: IP-EIGRP(Default-IP-Routing-Table:100): Int 2.0.0.0/8 M 2297856 - 1657856 640000 SM 128256 - 256 128000
R1(config-if)#end
R1#sh
*Mar 1 01:11:41.339: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
D 2.0.0.0/8 [90/2297856] via 192.168.12.2, 00:03:01, Serial0/0
R1#un all
All possible debugging has been turned off
R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
D 2.0.0.0/8 [90/2297856] via 192.168.12.2, 00:04:33, Serial0/0 ---这个8见截图,
R1#show ip eigrp neigh
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.12.2 Se0/0 11 00:41:48 121 726 0 7
R1#ping 192.168.12.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/40/76 ms
R1#show ip eigrp topology
IP-EIGRP Topology Table for AS(100)/ID(192.168.12.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 2.0.0.0/8, 1 successors, FD is 2297856
via 192.168.12.2 (2297856/128256), Serial0/0
P 192.168.12.0/24, 1 successors, FD is 2169856
via Connected, Serial0/0
实验:见截图 三个路由构成三角形。R3连接一个lookback接口
R1#conf
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int f 0/0
^
% Invalid input detected at ''^'' marker.
R1(config)#int s 0/0
R1(config-if)#ip add 192.168.12.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 01:12:39.935: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 01:12:40.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-if)#int s 0/1
*Mar 1 01:13:04.195: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down
R1(config-if)#int s 0/1
R1(config-if)#ip add 192.168.13.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 01:13:41.003: %LINK-3-UPDOWN: Interface Serial0/1, changed state to up
R1(config-if)#
*Mar 1 01:13:42.007: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
R1(config-if)#
*Mar 1 01:14:04.207: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
R1(config-if)#netw
R1(config-if)#networ
R1(config-if)#network 192.168.12.0
^
% Invalid input detected at ''^'' marker.
R1(config-if)#rout
R1(config-if)#routing i
^
% Invalid input detected at ''^'' marker.
R1(config-if)#routing ei 1
^
% Invalid input detected at ''^'' marker.
R1(config-if)#route
R1(config-if)#router ei 1
R1(config-router)#netw
R1(config-router)#network 192.168.12.0
R1(config-router)#network 192.168.13.0
R1(config-router)#
*Mar 1 01:22:54.179: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-router)#
*Mar 1 01:23:51.639: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.12.2 (Serial0/0) is up: new adjacency
R1(config-router)#
*Mar 1 01:26:24.207: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
R1(config-router)#
*Mar 1 01:29:43.699: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.13.3 (Serial0/1) is up: new adjacency
R1(config-router)#end
R2#conf
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int s 0/0
R2(config-if)#ip add 192.168.12.2
% Incomplete command.
R2(config-if)#ip add 192.168.12.2
R2(config-if)#ip add 192.168.12.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#
*Mar 1 01:22:48.531: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R2(config-if)#
*Mar 1 01:22:49.535: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R2(config-if)#int s 0/1
R2(config-if)#ip add 192.168.23.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#
*Mar 1 01:23:14.087: %LINK-3-UPDOWN: Interface Serial0/1, changed state to up
R2(config-if)#
*Mar 1 01:23:15.091: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
R2(config-if)#rout
R2(config-if)#router ei 1
R2(config-router)#netw
R2(config-router)#network
*Mar 1 01:23:42.515: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
R2(config-router)#network 192.168.12.0
R2(config-router)#network 192.168.12.0
*Mar 1 01:23:50.183: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.12.1 (Serial0/0) is up: new adjacency
R2(config-router)#network 192.168.23.0
R3#int
R3#int
R3#conf
R3#configure t
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip add 192.168.13.3 255.255.255.0
^
% Invalid input detected at ''^'' marker.
R3(config)#int s 0/0
R3(config-if)#ip add 192.168.13.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#no shutdown
R3(config-if)#
*Mar 1 01:26:18.555: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R3(config-if)#
*Mar 1 01:26:19.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config-if)#int s 0/1
R3(config-if)#ip add 192.168.23.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#no shutdown
R3(config)#int lo0
R3(config-if)#
*Mar 1 01:28:14.019: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R3(config-if)#ip add 3.3.3.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#no shutdown
R3(config-router)#router ei 1
R3(config-router)#network 192.168.23.0
R3(config-router)#network 192.168.13.0
R3(config-router)#network 3.0.0.0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 192.168.13.3 Se0/1 12 00:01:57 82 492 0 12
0 192.168.12.2 Se0/0 12 00:07:49 74 444 0 12
R1#sho
R1#show ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
C 192.168.13.0/24 is directly connected, Serial0/1
D 3.0.0.0/8 [90/2297856] via 192.168.13.3, 00:00:55, Serial0/1
D 192.168.23.0/24 [90/2681856] via 192.168.13.3, 00:02:27, Serial0/1
[90/2681856] via 192.168.12.2, 00:02:27, Serial0/0
R1#sho
R1#show ip ei
R1#show ip eigrp to
R1#show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(192.168.13.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 3.0.0.0/8, 1 successors, FD is 2297856
via 192.168.13.3 (2297856/128256), Serial0/1
P 192.168.12.0/24, 1 successors, FD is 2169856
via Connected, Serial0/0
P 192.168.13.0/24, 1 successors, FD is 2169856
via Connected, Serial0/1
P 192.168.23.0/24, 2 successors, FD is 2681856
via 192.168.12.2 (2681856/2169856), Serial0/0
via 192.168.13.3 (2681856/2169856), Serial0/1
R1#show ip eigrp topology all
R1#show ip eigrp topology all-links
IP-EIGRP Topology Table for AS(1)/ID(192.168.13.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 3.0.0.0/8, 1 successors, FD is 2297856, serno 5
via 192.168.13.3 (2297856/128256), Serial0/1
via 192.168.12.2 (2809856/2297856), Serial0/0
P 192.168.12.0/24, 1 successors, FD is 2169856, serno 1
via Connected, Serial0/0
P 192.168.13.0/24, 1 successors, FD is 2169856, serno 2
via Connected, Serial0/1
P 192.168.23.0/24, 2 successors, FD is 2681856, serno 4
via 192.168.12.2 (2681856/2169856), Serial0/0
via 192.168.13.3 (2681856/2169856), Serial0/1
R1#show ip protocols ------ 查看全局指令
负载均衡
负载均衡:同时出现了两条路由到达目的地。并且metric值相等。提高了带宽的利用率。
不等价负载均衡: --见图
允许两条优劣路由都放在路由表里。--防止闲置带宽:同时使用两条链路,
variance=2 自定义这个数
(20+10)=30<[2*FD=40] 这个时候30这个metric值就可以作为负载路由一起使用。
网络工程师概念:不是机房,不是弱电,是整个路由器,交换机等设备组成的系统,上面跑了平台,又有各种协议,根据客户现场进需求行规划。变成实施方案,最终落实,
多和行业内人士交流。
OSPF
OSPF协议:链路状态路由协议(开放式最短路径优先)---用的最广泛 --SPF算法 很多园区网都在用
O:开放 共有的 没有跳数限制
路由之间交流的是链路的状态而不是直接的路由信息,而距离矢量路由协议交流的直接是路由信息
状态:这个接口到某个路由之间的开销或邻居关系。
根据开销选择 路径,和带宽成反比,带宽越大,到达目的地的开销越小。
cost=10的8次方/接口带宽 带宽=沿路入接口所有带宽之和
OSPF报文类型 相当于婚恋过程
HELLO:建立初步关系 ,采用组播方式,224.0.0.5,发给所有运行OSPF协议的路由器
DBD:链路状态表 LSA:具体信息,在LSDB中 --这一步了解基本信息,LSDB在拓扑表中,
LSR:请求详细情况--链路状态信息
LSU:给的答复(包括了多了LSA)
LSACK:确认报文的安全机制,对LSU中的LSA进行确认。
OSPF区域:
泛红,每台路由都要装在小区内的所有信息,浪费资源,所以区域要弄小点,且区域大,不易管理,且拓扑发生变化容易发生网络抖动,
OSPF 区域划分,以路由器为界限,
OSPF三张表:邻居表,拓扑表,OSPF路由表。
OSPF优势
几乎适应所有网络类型,包括以太网,点对点串行链路,就是运行在OS七层的第二层,比如物理层是以太网接口,在二层就会识别封装成以太网帧,如果是串行接口,就封装成HPLC的帧,接口不一样,封装时候叫的名字也不一样,然后OSPF就会根据这种不同的数据链路层进行操作,不同的数据链路就是不同的网络,
一共4种网络类型
广播型:就是以太网链路,比如在LAN中连接了多台路由器,简称BMA。
串行链路:就是点对点模式,一条线两头各连一个路由,只有两个
NBMA:也是多路型网络,但是不支持广播和组播,最典型的封装方式就是 x.25和帧中
通配符(反掩码):用来匹配,=255.255.255.255-接口的掩码
实验--通配符
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int f 0/0
^
% Invalid input detected at ''^'' marker.
R1(config)#int s 0/0
R1(config-if)#ip add 192.168.12.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 00:03:55.751: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 00:03:56.755: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 00:04:23.955: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down
R1(config-if)#rou
R1(config-if)#router os
R1(config-if)#ex
R1(config)#router os
R1(config)#router ospf 1
R1(config-router)#netw
R1(config-router)#network 192.168.12.0 0.0.0.255 ar
R1(config-router)#network 192.168.12.0 0.0.0.255 area 0 ---- 255.255.255.255-3个255
R1(config-router)#
*Mar 1 00:08:03.955: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-router)#
*Mar 1 00:09:35.611: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.23.2 on Serial0/0 from LOADING to FULL, Loading Done
R2#conf
R2#configure t
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#in
R2(config)#interface s 0/0
R2(config-if)#ip add 192.168.12.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#
*Mar 1 00:07:49.223: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R2(config-if)#in
*Mar 1 00:07:50.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R2(config-if)#in
R2(config-if)#int
R2(config-if)#ex
R2(config)#int s 0/1
R2(config-if)#ip add 192.168.23.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#
*Mar 1 00:08:47.295: %LINK-3-UPDOWN: Interface Serial0/1, changed state to up
R2(config-if)#
*Mar 1 00:08:48.299: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
R2(config-if)#ex
R2(config)#rou
R2(config)#router os
R2(config)#router ospf 1
R2(config-router)#
*Mar 1 00:09:13.151: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
R2(config-router)#netw
R2(config-router)#network 192.168.12.0 0.0.0.255 a
R2(config-router)#network 192.168.12.0 0.0.0.255 area 0
R2(config-router)#
*Mar 1 00:09:34.371: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.1 on Serial0/0 from LOADING to FULL, Loading Done
R2(config-router)#net
R2(config-router)#network 192.168.23.0 0.0.0.255 ar
R2(config-router)#network 192.168.23.0 0.0.0.255 area 0
R2(config-router)#
*Mar 1 00:11:43.151: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
R3#conf
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int s 0/0
R3(config-if)#ip add 192.168.23.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#no shutdown
R3(config-if)#
*Mar 1 00:11:30.879: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R3(config-if)#
*Mar 1 00:11:31.883: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config-if)#ex
R3(config)#rou
R3(config)#routee
R3(config)#router os
R3(config)#router ospf 1
R3(config-router)#netw
R3(config-router)#network 192.168.23.0 0.0.0.255 a 0
R3(config-router)#
*Mar 1 00:14:48.359: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.23.2 on Serial0/0 from LOADING to FULL, Loading Done
R1(config-router)#end
R1#
*Mar 1 00:15:07.071: %SYS-5-CONFIG_I: Configured from console by console
R1#sh
R1#show ip os
R1#show ip ospf ne
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.23.2 0 FULL/ - 00:00:38 192.168.12.2 Serial0/0
R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial0/0
O 192.168.23.0/24 [110/128] via 192.168.12.2, 00:01:17, Serial0/0
R1#ping 192.168.23.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/60/64 ms
多区域配置:area0 area1 不一样而已。
二层交换基础
VLAN概念
TRUNK概念
二层交换基本配置
交换机对帧进行转发,如果不知道数据包的走向就会泛红,不能隔绝广播域,
园区网络分层结构
接入层:用户接入,接入安全,防止PC中毒影响整个网络,接入层VLAN,接受用户流量
汇聚层:流量汇聚,链路冗余,设备冗余,防止环路
核心层:高速转发,服务器接入,路由选择,
出口层:广域网接入,出口策略,带宽控制,链路备份。
接入层交换机---二层交换机,二层:数据链路层,定义了MAC地址,
作用:学习MAC地址,数据转发,帧:源和目的,还有data,环路避免,
交换机为什么工作在第二层:能够识别帧,转发帧。
mac地址:硬件地址,叫做二层地址,00000111,出厂时唯一的,
工作原理:刚开始寻址,泛红,之后就是针对性的
VLAN概念
HUB:整个是个冲突域
交换机:一个接口就是一个冲突域,整台是个广播域,是个LAN,比如192.168.1.0/24,不能隔绝广播域,因为是根据MAC地址转发,
路由器:每个接口就是个独立的广播域,
交换机如何划分多个广播域
192.168.1.1 和192.168.1.2 是一个VLAN 192.168.1.3H和 192.168.1.4 是另一个LAN, 这两个LAN之间不能互访,要想互访需要借助路由器配置。
VLAN V:就是虚拟
不同的LAN之间不能互访,要想通信就得知道MAC,而要知道MAC就得通过广播来获得,而不同的LAN是不同的广播,所以无法获得,
1、静态VLAN --人工配置
2、动态VLAN --通过VSPS服务器实现,防止人员位置发生变化,MAC注册后。一直跟踪MAC,别管电脑到哪里
集成商:布线,强电弱电等,
网络工程师:调试设备,运营。个根据客户需求,上架设备。100台设备,一个下午。善用工具,myBase管理脚本--复制粘贴,大型设备都是写脚本,复制粘贴,速度很快
trunk :一条链路需要承载多ALAN信息的时候,需要使用trunk来实现。标记不同颜色,存在于交换机之间或交换机与路由器之间。由人为手工配置,
trunk:要配在链路上,就是干道上,交换机之间用的Trunk
ISL:思科私有,一种封装协议,
802.1Q又叫Qus:共有协议,使用里面插入tag来做标记,
数据帧:又叫纯洁以太网数据帧,
VTP模式:思科私有,在大型网络中,动态管理VLAN,在server模式,发送并更新,让其他交换机也具有,放在flash里面的vlan.dat里面。删除配置文件,他也在,client端只能学习,transparent下不学习,只转发。 --------很少用。 -在Teunk之间运行,
vlan的基本配置
跨交换机配置vlan
等车排队的时候放些视频学习材料
c3600模拟交换机添加的模块是 GNS3里面的倒数第二个NM-16ESW,PC分配快速以太网口,
路由器怎么模拟pc
1、 no ip routing ---关掉路由功能
2、 interface f/0
ip address xxx
no shutdown
3、 ip default-gateway xxxx ---指定网关
sw1(vlan)#ex -----这种方式退出才会保存
R1#conf
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#host
R1(config)#hostname sw1
sw1(config)#end
sw1#
*Mar 1 00:10:10.939: %SYS-5-CONFIG_I: Configured from console by console
sw1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#vlan 10
^
% Invalid input detected at ''^'' marker.
sw1(config)#end
sw1#
*Mar 1 00:18:38.879: %SYS-5-CONFIG_I: Configured from console by console
R2#conf
R2#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#host
R2(config)#hostname sw2
sw2(config)#end
R3#conf
R3#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#hos
R3(config)#hostname pc1
pc1(config)#no ip rou
pc1(config)#no ip routi
pc1(config)#no ip routing
pc1(config)#int f 0/0
pc1(config-if)#ip add 192.168.10.1 255.255.255.0
pc1(config-if)#no sh
pc1(config-if)#no shutdown
pc1(config-if)#
*Mar 1 00:11:58.447: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:11:59.447: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
pc1(config-if)#ip def
pc1(config-if)#ip defau
pc1(config-if)#ex
pc1(config)#ip defa
pc1(config)#ip default-gate
pc1(config)#ip default-gateway 192.168.10.254
pc1(config)#end
R4#conf
R4#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#host
R4(config)#hostname pc2
pc2(config)#no ip rou
pc2(config)#no ip rout
pc2(config)#no ip routi
pc2(config)#no ip routing
pc2(config)#int f 0/0
pc2(config-if)#ip add 192.168.20.1 255.255.255.0
pc2(config-if)#no shu
pc2(config-if)#no shutdown
pc2(config-if)#
*Mar 1 00:14:04.523: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:14:05.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
pc2(config-if)#ex
pc2(config)#end
R5#conf
R5#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#host
R5(config)#hostname pc3
pc3(config)#no ip rou
pc3(config)#no ip routti
pc3(config)#no ip routi
pc3(config)#no ip routing
pc3(config)#int f 0/0
pc3(config-if)#ip add 192.168.10.2 255.255.255.0
pc3(config-if)#no sh
pc3(config-if)#no shutdown
R6#conf
R6#configure t
R6#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R6(config)#hostn
R6(config)#hostname pc4
pc4(config)#no ip rout
pc4(config)#no ip routi
pc4(config)#no ip routing
pc4(config)#int f 0/0
pc4(config-if)#ip add 192.168.20.2 255.255.255.0
pc4(config-if)#no sh
pc4(config-if)#no shutdown
pc4(config-if)#end
sw1#vlan da
sw1(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
sw1(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
sw1(vlan)#ex
APPLY completed.
Exiting....
sw1#conf
sw1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#int f 0/0
sw1(config-if)#swit
sw1(config-if)#switchport mo
sw1(config-if)#switchport mode acc
sw1(config-if)#switchport mode access
sw1(config-if)#swi
sw1(config-if)#switchport ac vl
sw1(config-if)#switchport ac vlan 10
sw1(config-if)#ex
sw1(config)#int f 0/1
sw1(config-if)#switchport mode access
sw1(config-if)#switchport ac vlan 10
sw1(config-if)#ex
sw1(config)#int f 0/2
sw1(config-if)#sw
sw1(config-if)#swi
sw1(config-if)#switchport mo
sw1(config-if)#switchport mode ac
sw1(config-if)#sw mo
sw1(config-if)#sw mode ac vl
sw1(config-if)#sw mode ac vla
sw1(config-if)#sw acc
sw1(config-if)#sw access vl
sw1(config-if)#sw access vlan 20
sw1(config-if)#end
sw1#
*Mar 1 00:24:44.411: %SYS-5-CONFIG_I: Configured from console by console
sw1#sho
sw1#show vl
sw1#show vlan-s
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15
10 VLAN0010 active Fa0/0, Fa0/1
20 VLAN0020 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
sw1#conf
sw1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#sw
sw1(config)#swi
sw1(config)#int f 0/15
sw1(config-if)#swi
sw1(config-if)#switchport tru
sw1(config-if)#switchport trunk en
sw1(config-if)#switchport trunk encapsulation ?
dot1q Interface uses only 802.1q trunking encapsulation when trunking
sw1(config-if)#switchport trunk encapsulation do
sw1(config-if)#switchport trunk encapsulation dot1q
sw1(config-if)#swi
sw1(config-if)#switchport mo
sw1(config-if)#switchport mode tru
sw1(config-if)#switchport mode trunk
sw1(config-if)#
*Mar 1 00:27:37.255: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk
sw1(config-if)#ex
sw1(config)#end
sw1#
*Mar 1 00:27:58.959: %SYS-5-CONFIG_I: Configured from console by console
sw1#sho
sw1#show int
sw1#show interfaces tru
sw1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/15 1-1005
Port Vlans allowed and active in management domain
Fa0/15 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/15 1,10,20
sw2#vlan da
sw2(vlan)#vl
sw2(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
sw2(vlan)#vl
sw2(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
sw2(vlan)#ex
APPLY completed.
Exiting....
sw2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#int f 0/1
sw2(config-if)#sw
sw2(config-if)#switchport ac
sw2(config-if)#switchport access vl
sw2(config-if)#switchport access vlan 10
sw2(config-if)#int f 0/2
sw2(config-if)#sw
sw2(config-if)#switchport ac
sw2(config-if)#switchport access vl
sw2(config-if)#switchport access vlan 20
sw2(config-if)#int f 0/15
sw2(config-if)#sw
sw2(config-if)#switchport mo
sw2(config-if)#switchport mode tru
sw2(config-if)#switchport mode trunk
sw2(config-if)#
*Mar 1 00:31:10.931: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk
sw2(config-if)#sw
sw2(config-if)#switchport tru
sw2(config-if)#switchport trunk en
sw2(config-if)#switchport trunk encapsulation do
sw2(config-if)#switchport trunk encapsulation dot1q
sw2(config-if)#ex
sw2(config)#end
sw2#sho
*Mar 1 00:31:47.155: %SYS-5-CONFIG_I: Configured from console by console
sw2#sho
sw2#show int
sw2#show interfaces tru
sw2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/15 1-1005
Port Vlans allowed and active in management domain
Fa0/15 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/15 1,10,20
pc1#show ip it
pc1#show ip ii
pc1#show ip in
pc1#show ip int
pc1#show ip interface b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.10.1 YES manual up up
pc1#ping 192.168.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 8/21/40 ms
pc2#ping 192.168.20.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 20/40/76 ms
pc2#
不同的VLAN要访问就得借助路由器,而路由器的接口少,非常宝贵,提出了单臂,必须是快速以太网口,就是一个物理接口承载两个vlan,通过创建子接口实现。
单臂实验--接着上面的实验----不同的VLAN要访问---通过创建子接口实现
单臂路由缺点:占用带宽,链路来回占用,
sw2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#int f 0/2
sw2(config-if)#no sw ac vl
sw2(config-if)#no sw ac vlan 20 -----------去掉vlan要改成Trunk
sw2(config-if)#sw
sw2(config-if)#switchport no
sw2(config-if)#switchport mo
sw2(config-if)#switchport mode tr
sw2(config-if)#switchport mode trunk
sw2(config-if)#
*Mar 1 01:08:22.583: %DTP-5-TRUNKPORTON: Port Fa0/2 has become dot1q trunk
sw2(config-if)#sw
sw2(config-if)#switchport tru
sw2(config-if)#switchport trunk en
sw2(config-if)#switchport trunk encapsulation d
sw2(config-if)#switchport trunk encapsulation dot1q
sw2(config-if)#ex
sw2(config)#end
sw2#sh
*Mar 1 01:09:01.275: %SYS-5-CONFIG_I: Configured from console by console
sw2#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/2 on 802.1q trunking 1
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/2 1-1005
Fa0/15 1-1005
Port Vlans allowed and active in management domain
Fa0/2 1,10,20
Fa0/15 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/2 1,10,20
Fa0/15 1,10,20
sw2#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
pc4#conf
pc4#configure t
Enter configuration commands, one per line. End with CNTL/Z.
pc4(config)#ip rou
pc4(config)#ip routi
pc4(config)#ip routing
pc4(config)#defau
pc4(config)#default int
pc4(config)#default interface f 0/0 ---------恢复默认配置
Building configuration...
Interface FastEthernet0/0 set to default configuration
pc4(config)#end
pc4#
*Mar 1 01:06:57.819: %SYS-5-CONFIG_I: Configured from console by console
pc4#host
pc4#hostna
pc4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
pc4(config)#hostn
pc4(config)#hostname
pc4(config)#hostname GW
pc4(config)#hostname GW
GW(config)#int f 0/0
GW(config-if)#no shu
GW(config-if)#no shutdown
GW(config-if)#int f 0/0.10
GW(config-subif)#enca
GW(config-subif)#encapsulation do
GW(config-subif)#encapsulation dot1Q 10
GW(config-subif)#ip add 192.168.10.254 255.255.255.0
GW(config-subif)#no sh
GW(config-subif)#int f 0/0.20
GW(config-subif)#en
GW(config-subif)#encapsulation do
GW(config-subif)#encapsulation dot1Q 20
GW(config-subif)#ip add 192.168.20.254 255.255.255.0
GW(config-subif)#no sh
GW(config-subif)#ex
GW(config)#end
GW#sho
GW#show
*Mar 1 01:16:16.787: %SYS-5-CONFIG_I: Configured from console by console
GW#show ip int b
GW#show ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES TFTP up up
FastEthernet0/0.10 192.168.10.254 YES manual up up
FastEthernet0/0.20 192.168.20.254 YES manual up up
pc2#configure t
Enter configuration commands, one per line. End with CNTL/Z.
pc2(config)#ip def
pc2(config)#ip default-g
pc2(config)#ip default-gateway 192.168.10.254
pc2(config)#^Z
pc2#
*Mar 1 01:19:01.843: %SYS-5-CONFIG_I: Configured from console by console
pc2#configure t
Enter configuration commands, one per line. End with CNTL/Z.
pc2(config)#ip default-gateway 192.168.20.254
pc3(config-if)#ip def
pc3(config-if)#ip defau
pc3(config-if)#ip defaul
pc3(config-if)#ip default-
pc3(config-if)#ip default-g
pc3(config-if)#ex
pc3(config)#ip def
pc3(config)#ip default-ge
pc3(config)#ip default-get
pc3(config)#ip default-g
pc3(config)#ip default-gateway 192.168.10.254
pc1#sh ip int b
pc1#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.10.1 YES manual up up
pc1#sh ip ro
Default gateway is 192.168.10.254
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
pc1#ping 192.168.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 36/46/64 ms
pc1#ping 192.168.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/48/84 ms
总结:
trunk只有在不同的vlan的时候才设置在链路上
纯净的数据帧只有在trunk链路中才会打上封装。
学会创建自己的个人笔记,要通过word来写,可以自定义格式。生成目录树。
383187373
VTP的基本配置
OSPF
STP生成树---在二层
单点故障:1、单链路,2、单设备
冗余又容易造成环路
三层链路:两台路由器之间叫做三层链路,存在于广播中
二层链路:存在于交换机与交换机之间。通过vlan接口互联的。
二层还没有很好的机制避免环路,
环路的缺点:
1、环路--广播风暴,资源耗尽,网络卡,ping丢包等都是这个环路造成。ping100个包,丢50个包。一旦有一台pc中毒,就会泛红产生广播风暴,2、环路占用资源
3、MAC地址表乱,带来了MAC泛红攻击,---当MAC地址表满了以后就不能再学习新的mac,
4、造成MAC地址飘逸,--manc地址一会在这个接口一会在另一个接口,--紊乱,
交换机对帧进行转发,
STP通过选举解决了环路--生成树协议 802.1D标准
做法:
1、选择根桥----路由---就是交换机
2、每个非根桥选择一个根端口。DP --距离根桥交换机距离最小,cost值来衡量---ospf里面用的
3、每一段选择一个指定端口,---距离根桥交换机距离最小
4、选择一个非指定端口,---阻塞掉
通过BPDU包泛红来操作
刚开始所有的交换机都认为自己的根桥,不断发送BPDU包,最后达成共识,选出根桥。
Bridge ID = 2个字节桥优先级(人为给路由器定的) + 6个字节桥MAC地址 (背板的MAC地址)
都要比小,适用:路径相等时,
Bridge ID 装在BPDU报文中,BPDU泛红后,所有人达成共识,生成一个Root ID --根桥
1Gb/s是千兆的 cost值---19 开销值
10Mb/s 10M的 cost值----100
如果路径代价相等就比较 Bridge ID
2.1 每个非根桥选择一个根端口 RP
1、最低的桥ID
2、最低的根路径代价
3、最低发送者桥ID Bridge ID
4、最低端口ID
3.1、每一段选择一个指定端口 DP
1、最低的桥ID
2、最低的根路径代价
3、最低发送者桥ID Bridge ID
4、最低端口ID
CCNA 实验攻略 1:配置 Cisco 交换机
要配置好 Cisco 交换必须熟悉 IOS 命令及相关的知识。
交换机启动:
C2950 Boot Loader (C2950-HBOOT-M) Version 12.1(11r)EA1, RELEASE SOFTWARE (fc1)
Compiled Mon 22-Jul-02 18:57 by miwang
Cisco WS-C2950-24 (RC32300) processor (revision C0) with 21039K bytes of memory.
2950-24 starting...
Base ethernet MAC Address: 000C.CF79.47D3
Xmodem file system is available.
Initializing Flash...
flashfs[0]: 1 files, 0 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 64016384
flashfs[0]: Bytes used: 3058048
flashfs[0]: Bytes available: 60958336
flashfs[0]: flashfs fsck took 1 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
Loading "flash:/c2950-i6q4l2-mz.121-22.EA4.bin"...
########################################################################## [OK]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA4, RELEASE SOFTWARE(fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 18-May-05 22:31 by jharirba
Cisco WS-C2950-24 (RC32300) processor (revision C0) with 21039K bytes of memory.
Processor board ID FHK0610Z0WC
Running Standard Image
24 FastEthernet/IEEE 802.3 interface(s)
63488K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 000C.CF79.47D3
Motherboard assembly number: 73-5781-09
Power supply part number: 34-0965-01
Motherboard serial number: FOC061004SZ
Power supply serial number: DAB0609127D
Model revision number: C0
Motherboard revision number: A0
Model number: WS-C2950-24
System serial number: FHK0610Z0WC
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA4, RELEASE SOFTWARE(fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 18-May-05 22:31 by jharirba
Press RETURN to get started!
一、几种配置命令模式:
Switch>用户命令模式
Switch>
Switch>en
Switch>en
Switch>enable 进入特权命令模式
Switch#
Switch#dis
Switch#disa
Switch#disable 退出特权命令模式
Switch>
Switch>enab
Switch>enable
Switch#
Switch#confi
Switch#config 进入端口配置命令模式
Configuring from terminal, memory, or network [terminal]? 这里有三种模式
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostna
Switch(config)#hostname bindu 改名
bindu(config)#
bindu(config)#int
bindu(config)#interface f0/0
%Invalid interface type and number
bindu(config)#interface f0/1
bindu(config-if)#二、检查、查看命令:查看当前配置状况,通常是以 show (sh) 为开始命令
在特权命令模式下使用
show version 查看 IOS 的版本
show flash 查看 flash 内存使用状况
show mac-address-table 查看 MAC 地址列表
三、密码设置命令
首先设置进入特权模式的密码:
Switch_bindu(config)#enable password able 设置进入特权模式的密码
Switch_bindu(config-line)# 可以通过console端口连接设备及Telnet远程登录时所需的密码bindu(config)#hostname Switch_bindu
Switch_bindu(config)#ena
Switch_bindu(config)#enable pass
Switch_bindu(config)#enable password able
Switch_bindu(config)#lin
Switch_bindu(config)#line con
Switch_bindu(config)#line console 0
Switch_bindu(config-line)#pass
Switch_bindu(config-line)#password line
Switch_bindu(config-line)#logi
Switch_bindu(config-line)#login
Switch_bindu(config-line)#line vty
Switch_bindu(config-line)#line vty 0 4
Switch_bindu(config-line)#pass
Switch_bindu(config-line)#password vty
Switch_bindu(config-line)#login
Switch_bindu(config-line)#exit
Switch_bindu(config)#默认情况下,这些密码都是以明文的形式存储的,所有很容易查看到。为了避免这种情况,我们可以以秘文的形式存储各种密码:
service password-encryption
CCNP (BCMSN) 实验:交换机密码恢复(Cisco 3550 交换机)
实验过程:
第一步:接通电源,长按 mode 键,等 led 灯不闪时,会出现下列字符
he system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
boot
第二步:加载 flash
switch: flash_init
Initializing Flash...
flashfs[0]: 8 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 7145984
flashfs[0]: Bytes available: 8852992
flashfs[0]: flashfs fsck took 16 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
第三步:查看有没有 config.text 文件
switch: dir flash:
unable to stat ash:/: permission denied
switch: dir flash:
Directory of flash:/
2 -rwx 7134080 <date> 3550.bin
3 -rwx 916 <date> vlan.dat
4 -rwx 3244 <date> n
5 -rwx 2209 <date> statr
6 -rwx 0 <date> system_env_vars
7 -rwx 0 <date> env_vars
8 -rwx 24 <date> private-config.text
10 -rwx 2188 <date> config.text
8852992 bytes available (7145984 bytes used)
第四步:修改 config.text 名称。
switch: rename flash:config.text flash:config.qq
switch: dir flash:
Directory of flash:/
2 -rwx 7134080 <date> 3550.bin
3 -rwx 916 <date> vlan.dat
4 -rwx 3244 <date> n
5 -rwx 2209 <date> statr
6 -rwx 0 <date> system_env_vars
7 -rwx 0 <date> env_vars
8 -rwx 24 <date> private-config.text
10 -rwx 2188 <date> config.qq
8852992 bytes available (7145984 bytes used)
第五步:重新引导
switch: boot
Loading "flash:/3550.bin"...####################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
[Connection to sw2 closed by foreign host]
lab>
00:02:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24, changed state to up
Switch#rename flash:config.qq flash:config.text
Destination filename [config.text]?
Switch#
第六步:把原来的名字改回来并加裁
switch: rename flash:config. qq flash:config. text
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
Failed to generate persistent self-signed certificate.
Secure server will use temporary self-signed certificate.
2188 bytes copied in 0.208 secs (10519 bytes/sec)
第七步:清除密码,配置相关并保存
关于Cisco 交换机/路由器 ssh 配置和cisco交换机ssh配置命令的问题我们已经讲解完毕,感谢您的阅读,如果还想了解更多关于C# SSH.net Cisco 连接、CCIE总结:路由器、交换机、CCNA 实验攻略 1:配置 Cisco 交换机、CCNP (BCMSN) 实验:交换机密码恢复(Cisco 3550 交换机)等相关内容,可以在本站寻找。
本文标签:
