IP网络路由技术简介.doc

IP网络路由技术简介 基于TCP/IP协议的Internet已逐步发展成为当今世界上规模最大、拥有用户和资源最多的一个超大型计算机网络，TCP/IP协议也因此成为事实上的工业标准。IP网络正逐步成为当代乃至未来计算机网络的主流。IP网络是由通过路由设备互连起来的IP子网构成的，这些路由设备负责在IP子网间寻找路由，并将IP分组转发到下一个IP子网。IP地址IP地址是IP网络中数据传输的依据，它标识了IP网络中的一个连接，一台主机可以有多个IP地址。IP分组中的IP地址在网络传输中是保持不变的。1.基本地址格式现在的IP网络使用32位地址，以点分十进制表示，如172.16.0.0。地址格式为：IP地址=网络地址主机地址或IP地址=主机地址子网地址主机地址。网络地址是由Internet权力机构(InterNIC)统一分配的，目的是为了保证网络地址的全球唯一性。主机地址是由各个网络的系统管理员分配。因此，网络地址的唯一性与网络内主机地址的唯一性确保了IP地址的全球唯一性。2.保留地址的分配根据用途和安全性级别的不同，IP地址还可以大致分为两类：公共地址和私有地址。公用地址在Internet中使用，可以在Internet中随意访问。私有地址只能在内部网络中使用，只有通过代理服务器才能与Internet通信。一个机构或网络要连入Internet，必须申请公用IP地址。但是考虑到网络安全和内部实验等特殊情况，在IP地址中专门保留了三个区域作为私有地址，其地址范围如下：10.0.0.0/8：10.0.0.010.255.255.255 172.16.0.0/12：172.16.0.0172.31.255.255 192.168.0.0/16：192.168.0.0192.168.255.255使用保留地址的网络只能在内部进行通信，而不能与其他网络互连。因为本网络中的保留地址同样也可能被其他网络使用，如果进行网络互连，那么寻找路由时就会因为地址的不唯一而出现问题。但是这些使用保留地址的网络可以通过将本网络内的保留地址翻译转换成公共地址的方式实现与外部网络的互连。这也是保证网络安全的重要方法之一。 无类域间路由(CIDR)由于每年连入Internet的主机数成倍增长，因此Internet面临B类地址匮乏、路由表爆炸和整个地址耗尽等危机。无类域间路由(CIDR)就是为解决这些问题而开发的一种直接的解决方案，它使Internet得到足够的时间来等待新一代IP协议的产生。按CIDR策略，可采用申请几个C类地址取代申请一个单独的B类地址的方式来解决B类地址的匮乏问题。所分配的C类地址不是随机的，而是连续的，它们的最高位相同，即具有相同的前缀，因此路由表就只需用一个表项来表示一组网络地址，这种方法称为“路由表聚类”。另外，除了“路由表聚类”措施外，还可以由每个ISP从InterNIC获得一段地址空间后，再将这些地址分配给用户。 路由选择技术IP网络中的路由选择是由路由设备完成的。路由器通过执行一定的路由协议，为IP数据报寻找一条到达目的主机或网络的最佳路由，并转发该数据报，实现路由选择。1.路由协议路由协议分为两大类：路由选择协议(Routing Protocol)这类协议使用一定的路由算法找出到达目的主机或网络的最佳路径，如RIP(路由信息协议)等。路由传送协议(Routed Protocol)这类协议沿已选好的路径传送数据报，如通过IP协议能将物理连接转变成网络连接，实现网络层的主要功能路由选择。2.直连路由与非直连路由IP协议是根据路由来转发数据的。路由器中的路由有两种：直连路由和非直连路由。路由器各网络接口所直连的网络之间使用直连路由进行通信。直连路由是在配置完路由器网络接口的IP地址后自动生成的，因此，如果没有对这些接口进行特殊的限制，这些接口所直连的网络之间就可以直接通信。由两个或多个路由器互连的网络之间的通信使用非直连路由。非直连路由是指人工配置的静态路由或通过运行动态路由协议而获得的动态路由。其中静态路由比动态路由具有更高的可操作性和安全性。IP网络已经逐渐成为现代网络的标准，用IP协议组建网络时，必须使用路由设备将各个IP子网互连起来，并且在IP子网间使用路由机制，通过IP网关互连形成层次性的网际网。Cisco路由器配置Cisco2511拨入配置Cisco2509 CallBack典型配置Cisco Router之间CallBack典型配置拨号备份：一、DDN设置二、ROUTERB (CALLER)三、Hayes modem的设置Cisco2511拨入配置version 12.0service timestamps debug uptimeservice timestamps log uptimeservice password-encryptionservice udp-small-serversservice tcp-small-servers!hostname dialin_2511_radius!aaa new-modelaaa authentication login default radiusaaa authentication login no_radius localaaa authentication login admin noneaaa authentication enable default enableaaa authentication ppp default if-needed radiusaaa authorization exec default radius if-authenticatedaaa authorization network default radiusaaa accounting suppress null-usernameaaa accounting network default start-stop radiusenable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXenable password 7 YYYYYYYYYYYYYY!username admin password 7 ZZZZZZZZZZZZZip subnet-zeroip address-pool localasync-bootp dns-server 192.168.2.4chat-script factory-default AT&F1&Wchat-script cisco-default ABORT ERROR AT Z OK ATDT T TIMEOUT 3 0 c CONNECT cchat-script usr-courier-veverything AT&FS0=1&C1&D2&H1&R2&N14&B1&W!interface Ethernet0ip address 192.168.2.30 255.255.255.0!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown! interface Group-Async1ip unnumbered Ethernet0no ip directed-broadcastencapsulation pppno ip route-cacheno ip mroute-cacheasync mode interactivepeer default ip address pool defaultno cdp enableppp authentication pap chapgroup-range 1 16!ip local pool default 192.168.2.64 192.168.2.79ip classlessip route 0.0.0.0 0.0.0.0 192.168.2.1!radius-server host 192.168.2.99 auth-port 1645acct-port 1646 radius-server key Testing_radius!line con 0session-timeout 10exec-timeout 0 0login authentication no_radiustransport preferred nonetransport input noneline 1 16autoselect pppmodem InOuttransport input allspeed 57600flowcontrol hardwareline aux 0transport input allline vty 0 4exec-timeout 30 0login authentication no_radius!endCisco2509 CallBack典型配置version 11.3service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Router!enable password cisco!username cisco callback-dialstring callback-rotary 1 password 0 cisco!chat-script cb ATDTT TIMEOUT 60 CONNECT!interface Ethernet0ip address 192.168.1.201 255.255.255.0!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!interface Group-Async1ip unnumbered Ethernet0encapsulation pppdialer in-bandasync mode dedicatedpeer default ip address pool mypoolno cdp enableppp callback acceptppp authentication chap group-range 1 8! ip local pool mypool 192.168.1.221 192.168.1.228no ip classless!line con 0line 1 8script callback cbrotary 1modem InOuttransport input allflowcontrol hardware line aux 0 transport input all flowcontrol hardware line vty 0 4 password cisco login ! endCisco Router之间CallBack典型配置CallBack Server-version 11.3service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname server!enable password cisco!username client password 0 ciscochat-script cb ATDTT TIMEOUT 60 CONNECT!interface Ethernet0ip address 192.168.1.201 255.255.255.0no keepalive!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!interface Async8ip address 10.1.1.2 255.255.255.0encapsulation pppdialer in-banddialer map ip 10.1.1.1 name client class cb 228dialer-group 1async mode dedicatedno peer default ip addressno cdp enableppp callback acceptppp authentication chap!no ip classlessip route 160.4.1.0 255.255.255.0 10.1.1.1! !map-class dialer cbdialer callback-server usernamedialer-list 1 protocol ip permit!line con 0line 1 8script dialer cblogin localmodem InOuttransport input allflowcontrol hardwareline aux 0line vty 0 4password ciscologin!endCallBack Client-version 11.2no service udp-small-serversno service tcp-small-servers!hostname client!enable secret 5 $1$agg8$blP5tNZMOq0xYXvsO/hGG0enable password admin!username server password 0 ciscochat-script cb ATDTT TIMEOUT 60 CONNECT!interface Ethernet0ip address 160.4.1.98 255.255.255.224no keepalive!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!interface Async1ip address 10.1.1.1 255.255.255.0encapsulation pppasync mode dedicateddialer in-banddialer map ip 10.1.1.2 name server 391dialer-group 1no cdp enableppp callback requestppp authentication chap!no ip classlessip route 192.168.1.0 255.255.255.0 10.1.1.2!dialer-list 1 protocol ip permit!line con 0line aux 0script dialer cblogin localmodem InOuttransport input allflowcontrol hardwareline vty 0 4password ciscologin!end拨号备份一、 DDN设置（一）、ROUTER A(CALLER)Router#Router#sh runBuilding configuration.Current configuration:!version 11.3no service password-encryption!hostname Router!enable secret 5 $1$rAk2$zromrvFspaNC7ICZihqcD/enable password cisco!chat-script config-modem ATDT408 TIMEOUT 30 CONNECT c!interface Ethernet0ip address 132.147.160.111 255.255.255.0no mop enabled!interface Serial0backup delay 10 10backup interface Async9ip address 200.1.1.1 255.255.255.0encapsulation pppno ip mroute-cacheclockrate 64000!interface Serial1no ip addressshutdown!interface Async9ip address 200.2.2.1 255.255.255.0encapsulation pppdialer in-banddialer map ip 200.2.2.2 modem-script config-modem 408dialer-group 1async mode dedicated!ip classlessip route 132.147.161.0 255.255.255.0 200.1.1.2 10ip route 132.147.161.0 255.255.255.0 200.2.2.2 100dialer-list 1 protocol ip permit!line con 0line 1 8line aux 0modem InOutflowcontrol hardware line vty 0 4password ciscologin!endRouter#sh lineTty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns* 0 CTY - - - - - 0 0 0/01 TTY 9600/9600 - - - - - 0 0 0/02 TTY 9600/9600 - - - - - 0 0 0/03 TTY 9600/9600 - - - - - 0 0 0/04 TTY 9600/9600 - - - - - 0 0 0/05 TTY 9600/9600 - - - - - 0 0 0/06 TTY 9600/9600 - - - - - 0 0 0/07 TTY 9600/9600 - - - - - 0 0 0/08 TTY 9600/9600 - - - - - 0 0 0/09 AUX 9600/9600 - inout - - - 0 0 0/010 VTY - - - - - 0 0 0/011 VTY - - - - - 0 0 0/012 VTY - - - - - 0 0 0/013 VTY - - - - - 0 0 0/014 VTY - - - - - 0 0 0/0Router#sh line aux 0Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns9 AUX 9600/9600 - inout - - - 0 0 0/0Line 9, Location: , Type: Length: 24 lines, Width: 80 columnsBaud rate (TX/RX) is 9600/9600, no parity, 2 stopbits, 8 databitsStatus: noneCapabilities: Hardware Flowcontrol In, Hardware Flowcontrol OutModem Callout, Modem RI is CD, Line is permanent async interfaceModem state: IdleModem hardware state: CTS* noDSR noDTR RTSSpecial Chars: Escape Hold Stop Start Disconnect Activation x none - - noneTimeouts: Idle EXEC Idle Session Modem Answer Session Dispatch 00:10:00 never none not set Idle Session Disconnect WarningneverModem type is unknown.Session limit is not set.Time since activation: neverEditing is enabled.History is enabled, history size is 10.DNS resolution in show commands is enabledFull user help is disabledAllowed transports are pad v120 telnet rlogin mop. Preferred is telnet.No output characters are paddedNo special data dispatching charactersRouter#sh s0% Invalid input detected at marker.Router#sh int s0 Serial0 is up, line protocol is upHardware is HD64570Internet address is 200.1.1.1/24Backup interface Async9, kickin load not set, kickout load not setfailure delay 10 sec,secondary disable delay 10 secMTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive set (10 sec)LCP OpenOpen: IPCP, CDPCPLast input 00:00:02, output 00:00:03, output hang neverLast clearing of show interface counters neverInput queue: 0/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec49 packets input, 2127 bytes, 0 no bufferReceived 49 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort48 packets output, 1795 bytes, 0 underruns0 output errors, 0 collisions, 4 interface resets0 output buffer failures,0 output buffers swapped out3 carrier transitionsDCD=up DSR=up DTR=up RTS=up CTS=upRouter#sh int a9Async9 is standby mode, line protocol is downHardware is Async SerialInternet address is 200.2.2.1/24MTU 1500 bytes, BW 9 Kbit, DLY 100000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive not setDTR is pulsed for 5 seconds on resetLCP ClosedClosed: IPCP, CDPCPLast input 00:03:09, output 00:03:22, output hang neverLast clearing of show interface counters neverInput queue: 0/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec15 packets input, 1184 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants, 0 throttles1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort66 packets output, 1917 bytes, 0 underruns0 output errors, 0 collisions, 7 interface resets0 output buffer failures, 0 output buffers swapped out0 carrier transitionsRouter#!*Router#%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down%LINK-3-UPDOWN: Interface Serial0, changed state to down%LINK-3-UPDOWN: Interface Async9, changed state to downRouter#sh int a9Async9 is up (spoofing), line protocol is up (spoofing)Hardware is Async SerialInternet address is 200.2.2.1/24MTU 1500 bytes, BW 9 Kbit, DLY 100000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive not setDTR is pulsed for 5 seconds on resetLCP ClosedClosed: IPCP, CDPCPLast input 00:06:41, output 00:06:55, output hang neverLast clearing of show interface counters neverInput queue: 0/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec15 packets input, 1184 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants, 0 throttles1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort66 packets output, 1917 bytes, 0 underruns0 output errors, 0 collisions, 7 interface resets0 output buffer failures, 0 output buffers swapped out0 carrier transitionsRouter#sh int s0Serial0 is down, line protocol is downHardware is HD64570Internet address is 200.1.1.1/24Backup interface Async9, kickin load not set, kickout load not setfailure delay 10 sec, secondary disable delay 10 secMTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive set (10 sec)LCP ClosedClosed: IPCP, CDPCPLast input 00:02:25, output 00:02:25, output hang neverLast clearing of show interface counters neverInput queue: 0/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec81 packets input, 3189 bytes, 0 no bufferReceived 81 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort81 packets output, 3106 bytes, 0 underruns0 output errors, 0 collisions, 9 interface resets0 output buffer failures, 0 output buffers swapped out4 carrier transitionsDCD=up DSR=up DTR=down RTS=down CTS=upRouter#$*Router#ping 132.147.161.111Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 132.147.161.111, timeout is 2 seconds: .Success rate is 0 percent (0/5)Router#%LINK-3-UPDOWN: Interface Async9, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Async9, changed state to upRouter#ping 132.147.161.111Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 132.147.161.111, timeout is 2 seconds: !Success rate is 100 percent (5/5), round-trip min/avg/max = 376/386/404 msRouter#sh int a9Async9 is up, line protocol is upHardware is Async SerialInternet address is 200.2.2.1/24MTU 1500 bytes, BW 9 Kbit, DLY 100000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive not setDTR is pulsed for 5 seconds on resetLCP OpenOpen: IPCP, CDPCPLast input 00:00:10, output 00:00:10, output hang neverLast clearing of show interface counters neverInput queue: 1/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec27 packets input, 2064 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants, 0 throttles2 input errors, 2 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort77 packets output, 2514 bytes, 0 underruns0 output errors, 0 collisions, 7 interface resets0 output buffer failures, 0 output buffers swapped out0 carrier transitionsRouter#sh int s0Serial0 is down, line protocol is downHardware is HD64570Internet address is 200.1.1.1/24Backup interface Async9, kickin load not set, kickout load not setfailure delay 10 sec, secondary disable delay 10 secMTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255Encapsulation PPP, loopback not set, keepalive set (10 sec)LCP ClosedClosed: IPCP, CDPCPLast input 00:03:51, output 00:03:51, output hang neverLast clearing of show interface counters neverInput queue: 0/75/0 (size/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops)Conversations 0/1 (active/max active/threshold)Reserved Conversations 0/0/64 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec81 packets input, 3189 bytes, 0 no bufferReceived 81 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort81 packets output, 3106 bytes, 0 underruns0 output errors, 0 collisions, 12 interface resets0 output buffer failures, 0 output buffers swapped out4 carrier transitionsDCD=up DSR=up DTR=down RTS=down CTS=upRouter#!*%LINK-3-UPDOWN: Interface Serial0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Async9, changed state to down%LINK-5-CHANGED: Interface Async9, changed state to standby modeRouter#ping 132.147.161.111Type escape se