RIP在Juniper上的配置
RIP协议,路由信息协议,最简单的距离矢量协议,最大跳数15跳,16不可达,采用广播的方式进行路由表的扩散与更新,数据包中不包含子网掩码(2代中有),以及网络
外层协议的标记等等app
在这里只在Juniper的设备上配置RIP协议,熟悉一下,原理不变ide
网络拓扑图下所示:测试
R1-------R2------R3lua
接口链接:router
em1.12-----em2.12 192.168.1.1/24 接口
em2.23-----em3.23 192.168.2.1/24 ip
在每台路由器上建立相应的环回接口: md5
r1: 1.1.1.1/32 ci
r2: 2.2.2.2/32
r3: 3.3.3.3/32
建立三个逻辑路由器;
logical-routers {
r1;
r2;
r3;
配置接口IP地址:
juniper@Olive# set interfaces em1.12 family inet address 192.168.1.1/24
[edit logical-routers r1]
juniper@Olive# set interfaces lo0.12 family inet address 1.1.1.1/24
在R2 和R3上做相似配置;
查看接口的配置状况:
juniper@Olive> show interfaces terse
Interface Admin Link Proto Local Remote
dsc up up
em0 up up
em0.0 up up inet 192.168.72.10/24
em1 up up
em1.12 up up inet 192.168.1.1/24
em1.32767 up up
em2 up up
em2.12 up up inet 192.168.1.2/24
em2.23 up up inet 192.168.2.1/24
em2.32767 up up
em3 up up
em3.23 up up inet 192.168.2.2/24
lo0 up up
lo0.12 up up inet 1.1.1.1/24
lo0.21 up up inet 2.2.2.2 --> 0/0
lo0.23 up up inet 3.3.3.3 --> 0/0
lo0.16384 up up inet 127.0.0.1 --> 0/0
测试通讯:
在R1上去PING R2的接口IP地址:
juniper@Olive# run ping 192.168.1.2 logical-router r1
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0.387 ms
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.351 ms
^C
--- 192.168.1.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.351/0.369/0.387/0.018 ms
[edit logical-routers r1]
在这以前有必要配置一下静态路由,虽然静态路由很是简单的,可是做为Juniper的配置来讲,仍是与思科华为的有些不一样。
有配置的时候必定要指定掩码,你配置了192.168.1.0 next-hop 192.168.1.2 ,它不会报错,可是不通,在之后的配置时
养成良好的习惯。
配置以下所示:
routing-options {
static {
route 192.168.2.0/24 {
next-hop 192.168.1.2;
metric 2;
}
}
}
set routing-options static route 192.168.1.0/24 next-hop 192.168.1.0/24 next-hop 192.168.2.1 metric 2
配置RIP协议:
咱们在思科、华为的设备上的时候,就直接Network了,宣告就好了,但在Juniper的配置的时候,即便你在接口上发送了
组播的数据包,可是邻居仍是起不来,这时你必须配置策略,进行相关的宣告;
首先配置以下策略,将直连的宣告:
Applying Export Policy
policy-options {
policy-statement connected-routes {
term advertise-routes {
from protocol direct;
then accept;
}
}
具体的配置命令就不列出来了。
未来自RIP协议的路由进行宣告:
policy-statement transit-rip-routes {
term advretise-routes {
from protocol rip;
then accept;
}
}
}
在协议中再进行配置:
protocols {
rip {
group neighbor-routers {
export [ connected-routes transit-rip-routes ];
neighbor em3.23;
}
}
}
在接口em3.23上将策略进行应用,将路由信息宣告出去。
查看邻居的信息:
[edit logical-routers r2]
juniper@Olive# run show rip neighbor logical-router r2
Source Destination Send Receive In
Neighbor State Address Address Mode Mode Met
-------- ----- ------- ----------- ---- ------- ---
em2.12 Up 192.168.1.2 224.0.0.9 mcast both 1
em2.23 Up 192.168.2.1 224.0.0.9 mcast both 1
查看路由表信息:
juniper@Olive# run show route protocol rip logical-router r2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[RIP/100] 00:30:08, metric 2, tag 0
> to 192.168.1.1 via em2.12
3.3.3.3/32 *[RIP/100] 00:25:36, metric 2, tag 0
> to 192.168.2.2 via em2.23
224.0.0.9/32 *[RIP/100] 00:25:39, metric 1
MultiRecv
Applying Import Policy
The JUNOS software allows you to filter routes being imported by the local router from its neighbors. You can use import policies to reject unwanted routes or to alter the metric on routes received from certain neighbors. To accomplish these goals, you create a routing policy, which you then apply to the RIP configuration. If you specify more than one policy, they are evaluated in order (first to last) and the first matching policy is applied to the route. If no match is found, the local router imports all usable RIP routes from all neighbors.
在R2上配置以下所示:
policy-statement filter-riesling {
term filter-routes {
from {
protocol rip;
route-filter 192.168.100.0/24 orlonger;
}
then reject;
}
增长一条进入的过滤策略,将192.168.100.0 的过滤了,所在在R2和R1上就再也不在有这样的一条路由信息了;
将在相应的接口进行配置,这是在协议上具体实现的。
protocols {
rip {
group neighbor-routers {
export [ transit-rip-routes connected-routes ];
neighbor em2.12;
neighbor em2.23 {
import filter-riesling;
}
}
Modifying the Incoming Metric
对于些配置我就不做过多的解释,它本意就是如此,只是应用到JUNOS软件中而已,无论你在怎样的设备上配置RIP,它的一些特性不是不会改变的,
RIP运行这么多年了,那个供应商也不会去改变的特性应用,只是在配置方面有所不同而已;
在R1上做以下配置:
protocols {
rip {
group neihbor-routes {
export [ connected-routes transit-rip-routes ];
neighbor em1.12 {
metric-in 5;
}
}
}
}
查看相应的结果:
juniper@Olive# run show route protocol rip logical-router r1
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[RIP/100] 01:07:45, metric 6, tag 0
> to 192.168.1.2 via em1.12
3.3.3.3/32 *[RIP/100] 01:03:13, metric 7, tag 0
> to 192.168.1.2 via em1.12
192.168.2.0/24 *[RIP/100] 01:07:45, metric 6, tag 0
> to 192.168.1.2 via em1.12
224.0.0.9/32 *[RIP/100] 00:02:43, metric 1
MultiRecv
能够看出,度量值增长了;
Modifying the Outgoing Metric
配置命令只增长一小条而已;
protocols {
rip {
group neihbor-routes {
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12;
}
}
}
在其余的路由设备上查看相应的结果:
juniper@Olive# run show route protocol rip logical-router r2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[RIP/100] 01:19:41, metric 11, tag 0
> to 192.168.1.1 via em2.12
3.3.3.3/32 *[RIP/100] 01:15:09, metric 2, tag 0
> to 192.168.2.2 via em2.23
224.0.0.9/32 *[RIP/100] 00:01:40, metric 1
MultiRecv
Configuring Authentication
By default, authentication between RIP neighbors is disabled within the JUNOS software;You can configure it globally for all peers or on a peer-by-peer basis within the neighbor configuration hierarchy;
Simple authentication Uses a plain-text password that is included in the transmitted packet.
MD5 authentication Sends the result of a one-way hashing algorithm in the transmitted packet.
在配置认证的时候,有一个时间的缓冲时间,在这段时间里,虽然你能够看到路由信息,可是Ping不通的,网络尚未收敛完成;
简单配置以下所示:
protocols {
rip {
authentication-type md5;
authentication-key "$9$VMsgJikP36AGD6Ap0hcbs2"; ## SECRET-DATA
group neighbor-routers {
export [ connected-routes transit-rip-routes ];
neighbor em3.23
Controlling Route Preference
The JUNOS software default for the preference of RIP routes within the routing table is 100. The routing table uses the preference values to select the best route when multiple protocols are advertising the same destination prefix;
有些配置操做其实就在协议的全局模式下进行配置的,所应用到的就是启用了协议的接口;
protocols {
rip {
authentication-type md5;
authentication-key "$9$d8w2ajHmFnCZUnCtuEhVwY"; ## SECRET-DATA
group neihbor-routes {
preference 90;
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12;
}
}
}
路由设备上能够看到这一优先级,当网络拓扑图复杂点时,能够修改优先级进行相应的路由选择;
juniper@Olive# run show route protocol rip logical-router r1
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[RIP/90] 01:48:16, metric 2, tag 0
> to 192.168.1.2 via em1.12
3.3.3.3/32 *[RIP/90] 01:48:29, metric 3, tag 0
> to 192.168.1.2 via em1.12
192.168.2.0/24 *[RIP/90] 01:48:16, metric 2, tag 0
> to 192.168.1.2 via em1.12
224.0.0.9/32 *[RIP/100] 00:04:10, metric 1
Configuring Update Messages
By default, all RIP routers will advertise RIPv2 messages via multicast to all configured neighbors. In addition, all routers are able to receive both RIPv1 and RIPv2 messages.;
The receive-options values are:
both Accept RIPv1 and v2 packets.
none Do not receive RIP packets.
version-1 Accept only RIPv1 packets.
version-2 Accept only RIPv2 packets.
配置也是比较简单的;
protocols {
rip {
authentication-type md5;
authentication-key "$9$d8w2ajHmFnCZUnCtuEhVwY"; ## SECRET-DATA
group neihbor-routes {
preference 90;
metric-out 10;
export [ connected-routes transit-rip-routes ];
neighbor em1.12 {
send version-1;
receive version-1
Configuring the Number of Route Entries in an Update Message
You can increase the default size of the RIP Response messages to include more than 25 route entries in each Update message. The maximum number of route entries you can advertise is 255 in a single message;
juniper@Olive# set protocols rip message-size 100
如此就行;
Accepting Packets Whose Reserved Fields Are Nonzero
Recall that the Request and Response messages for both RIPv1 and RIPv2 were identical. The difference between them was in the use of the message fields. RIPv1 viewed many fields as reserved, while the RIPv2 specification used those same fields for subnet mask, next hop, and so forth.
这一条命令的做用是由于RIPV1和RIPV2的数据包格式不同,为不使检验出错,忽略检查 ;
juniper@Olive# set protocols rip no-check-zero
- 1. Juniper下的rip配置
- 2. RIP的配置
- 3. JUNIPER GRE 配置
- 4. ipv6的rip配置
- 5. 帧中继上的RIP配置
- 6. juniper SRX Remoat ***配置
- 7. Juniper MPLS-E×××配置
- 8. Juniper E×××+VxLAN配置
- 9. juniper srx 650配置
- 10. juniper防火墙×××的配置
- 更多相关文章...
- • Hibernate事务的配置 - Hibernate教程
- • Eclipse Debug 配置 - Eclipse 教程
- • TiDB 在摩拜单车在线数据业务的应用和实践
- • IntelliJ IDEA 代码格式化配置和快捷键
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. Juniper下的rip配置
- 2. RIP的配置
- 3. JUNIPER GRE 配置
- 4. ipv6的rip配置
- 5. 帧中继上的RIP配置
- 6. juniper SRX Remoat ***配置
- 7. Juniper MPLS-E×××配置
- 8. Juniper E×××+VxLAN配置
- 9. juniper srx 650配置
- 10. juniper防火墙×××的配置