《计算机硬件及网络基于EIGRP协议的路由解决方案完.pptx》由会员分享,可在线阅读,更多相关《计算机硬件及网络基于EIGRP协议的路由解决方案完.pptx(69页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、Configuring EIGRP1 EIGRP简介第1页/共69页Flexible network designMulticast and unicast instead of broadcast addressManual summarization at any point 100%loop-free classless routingEasy configuration for WANs and LANsLoad balancing across equal-and unequal-cost pathwaysAdvanced distance vectorFast convergenc
2、eSupport for VLSM and discontiguous subnetsPartial updatesSupport for multiple network-layer protocolsEIGRP 特征特征第2页/共69页EIGRP 关键技术关键技术Neighbor discovery/recoveryUses hello packets between neighborsReliable Transport Protocol(RTP)Guaranteed,ordered delivery of EIGRP packets to all neighborsDUAL finit
3、e-state machineSelects lowest-cost,loop free,paths to each destinationProtocol-dependent modules(PDMs)EIGRP supports IP,AppleTalk,and Novell NetWare.Each protocol has its own EIGRP module and operates independently of any of the others that may be running.第3页/共69页EIGRP 邻居表邻居表第4页/共69页DUAL 算法算法Selects
4、 lowest-cost,loop-free paths to each destinationAD=cost between the next-hop router and the destination FD=cost from local router=AD of next-hop router+cost between the local router and the next-hop router Lowest-cost=lowest FD(Current)successor=next-hop router with lowest-cost,loop free pathFeasibl
5、e successor=backup router with loop-free path(AD of feasible successor must be less than FD of current successor route)第5页/共69页EIGRP拓扑表拓扑表第6页/共69页EIGRP IP路由表路由表第7页/共69页示例示例:EIGRP TablesRouter C Tables:第8页/共69页EIGRP 包包Hello:Establish neighbor relationships.Update:Send routing updates.Query:Ask neighb
6、ors about routing information.Reply:Respond to query about routing information.ACK:Acknowledge a reliable packet.第9页/共69页初始路由发现初始路由发现第10页/共69页EIGRP 度量值度量值Same metric components as IGRP:BandwidthDelayReliabilityLoadingMTUEIGRP metric is IGRP metric multiplied by 256.第11页/共69页EIGRP 度量值的计算度量值的计算By defa
7、ult,EIGRP metric:Metric=bandwidth(slowest link)+delay(sum of delays)Delay=sum of the delays in the path,in tens of microseconds,multiplied by 256Bandwidth=107/(minimum bandwidth link along the path,in kilobits per second)*256Formula with default K values(K1=1,K2=0,K3=1,K4=0,K5=0):Metric=K1*BW+(K2*BW
8、)/(256 load)+K3*delayIf K5 not equal to 0:Metric=metric*K5/(reliability+K4):第12页/共69页A B C D Least bandwidth 64 kbps Total delay 6,000 A X Y Z D Least bandwidth 256 kbps Total delay 8,000Delay is the sum of all the delays of the links along the paths:Delay=delay in tens of microseconds x 256Bandwidt
9、h is the lowest bandwidth of the links along the paths:Bandwidth=10,000,000/(bandwidth in kbps)x 256EIGRP 度量值计算示例度量值计算示例第13页/共69页Configuring EIGRP2 部署和验证 EIGRP第14页/共69页router eigrp autonomous-system-number Defines EIGRP as the IP routing protocol.All routers in the internetwork that must exchange EI
10、GRP routing updates must have the same autonomous system number.配置配置 EIGRPnetwork network-number wildcard-maskIdentifies attached networks participating in EIGRP.The wildcard-mask is an inverse mask used to determine how to interpret the address.The mask has wildcard bits,where 0 is a match and 1 is
11、“dont care.”Router(config)#Router(config-router)#第15页/共69页bandwidth kilobits Defines the interfaces bandwidth for the purposes of sending routing update traffic.配置配置EIGRP(续续)Router(config-if)#第16页/共69页配置配置 EIGRP for IP第17页/共69页使用反掩码使用反掩码第18页/共69页使用和配置使用和配置 ip default-network 命令命令第19页/共69页EIGRP 配置示例配
12、置示例第20页/共69页R2 EIGRP 配置配置interface FastEthernet0/0interface Serial0/0/1 bandwidth 64router eigrp 100第21页/共69页验证验证EIGRP:show ip eigrp neighborsR1#show ip eigrp neighborsIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq (sec)(ms)Cnt NumR1#第22页/共69页验证验证 EIGRP:show ip rout
13、e eigrpR1#show ip route eigrpR1#show ip route Gateway of last resort is not set第23页/共69页验证验证 EIGRP:show ip protocolsR1#show ip protocolsRouting Protocol is eigrp 100 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks f
14、lagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1,K2=0,K3=1,K4=0,K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 1 Redistributing:eigrp 100 EIGRP NSF-aware route hold timer is 240sMaximum path:4 Routing for Networks:Routing Information
15、Sources:Gateway Distance Last Update (this router)90 00:09:38 Gateway Distance Last Update Distance:internal 90 external 170第24页/共69页验证验证 EIGRP:show ip eigrp interfacesR1#show ip eigrp interfacesIP-EIGRP interfaces for process 100 Xmit Queue Mean Pacing Time Multicast PendingInterface Peers Un/Relia
16、ble SRTT Un/Reliable Flow Timer RoutesFa0/0 0 0/0 0 0/10 0 0Se0/0/1 1 0/0 10 10/380 424 0第25页/共69页验证验证 EIGRP:show ip eigrp topologyR1#show ip eigrp topologyCodes:P-Passive,A-Active,U-Update,Q-Query,R-Reply,r-reply Status,s-sia Status via Connected,Serial0/0/1 via Summary(40512000/0),Null0 via Summar
17、y(28160/0),Null0 via Connected,FastEthernet0/0第26页/共69页验证验证 EIGRP:show ip eigrp trafficR1#show ip eigrp trafficIP-EIGRP Traffic Statistics for AS 100 Hellos sent/received:429/192 Updates sent/received:4/4 Queries sent/received:1/0 Replies sent/received:0/1 Acks sent/received:4/3 Input queue high wat
18、er mark 1,0 drops SIA-Queries sent/received:0/0 SIA-Replies sent/received:0/0 Hello Process ID:113 PDM Process ID:73第27页/共69页Configuring EIGRP3 配置高级 EIGRP 选项第28页/共69页EIGRP 自动路由汇总自动路由汇总Purpose:Smaller routing tables,smaller updatesAutomatic summarization:On major network boundaries,subnetworks are su
19、mmarized to a single classful(major)network.Automatic summarization occurs by default.第29页/共69页EIGRP 手动路由汇总手动路由汇总Manual summarization has the following characteristics:Summarization is configurable on a per-interface basis in any router within a network.When summarization is configured on an interfa
20、ce,the router immediately creates a route pointing to null0.Loop-prevention mechanismWhen the last specific route of the summary goes away,the summary is deleted.The minimum metric of the specific routes is used as the metric of the summary route.第30页/共69页no auto-summary(config-router)#Turns off aut
21、omatic summarization for the EIGRP process配置路由汇总配置路由汇总ip summary-address eigrp as-number address mask admin-distance(config-if)#Creates a summary address that this interface will generate第31页/共69页手动汇总手动汇总 EIGRP 路由路由第32页/共69页Router C Routing TableRouterC#show ip route Gateway of last resort is not se
22、tRouterC#第33页/共69页EIGRP 负载均衡负载均衡Routes with a metric equal to the minimum metric are installed in the routing table(equal-cost load balancing).There can be up to 6 entries in the routing table for the same destination:The number of entries is configurable.The default is 4.Set to 1 to disable load ba
23、lancing.第34页/共69页EIGRP 非等值负载均衡非等值负载均衡variance multiplierAllows the router to include routes with a metric smaller than the multiplier value times the minimum metric route to that destinationRouter(config-router)#第35页/共69页Router E chooses router C to get to network Z,because it has lowest FD of 20.Wi
24、th a variance of 2,router E chooses router B to get to network Z(20+10=30)20).平衡值示例平衡值示例第36页/共69页配置配置 WAN LinksEIGRP supports different WAN links:Point-to-point linksNBMAMultipoint linksPoint-to-point linksEIGRP uses up to 50%of bandwidth by default;this bandwidth utilization can be changed.第37页/共69
25、页WAN 接口带宽利用接口带宽利用Bandwidth utilization over point-to-point subinterfaces using Frame Relay:Treats bandwidth as T1 by defaultShould manually configure bandwidth as the CIR of the PVCBandwidth utilization over multipoint Frame Relay,ATM,and ISDN PRI:EIGRP uses the bandwidth on the physical interface d
26、ivided by the number of neighbors on that interface to calculate the bandwidth attributed per neighbor.第38页/共69页WAN 接口带宽利用接口带宽利用(续续)Each PVC can have a different CIR,creating an EIGRP packet-pacing problem.Multipoint interfaces:Convert these to point-to-point configuration or manually configure band
27、width by multiplying thelowest CIR by the number of PVCs.第39页/共69页EIGRP WAN 配置配置:FR Hub-and-Spoke 拓扑拓扑Configure each virtual Circuit as point-to-point,specify bandwidth=1/10 of link capacityIncrease EIGRP utilization to 50%of actual VC capacity第40页/共69页Configure lowest CIR virtual circuit as point-t
28、o-point,specify bandwidth=CIR.Configure higher CIR virtual circuits as multipoint,combine CIRs.EIGRP WAN 配置配置:混合混合 Multipoint第41页/共69页Configuring EIGRP4 EIGRP 认证第42页/共69页Router 认证认证Many routing protocols support authentication such that a router authenticates the source of each routing update packet
29、 that it receives.Simple password authentication is supported by:IS-IS OSPF RIPv2 MD5 authentication is supported by:OSPF RIPv2BGPEIGRP第43页/共69页简单密码简单密码 vs.MD5 认证认证Simple password authentication:Router sends packet and key.Neighbor checks whether key matches its key.Process not secure.MD5 authentica
30、tion:Configure a key(password)and key ID;router generates a message digest,or hash,of the key,key ID and message.Message digest is sent with packet;key is not sent.Process OS secure.第44页/共69页EIGRP MD5 认证认证EIGRP supports MD5 authentication.Router generates and checks every EIGRP packet.Router authent
31、icates the source of each routing update packet that it receives.Configure a key(password)and key ID;each participating neighbor must have same key configured.第45页/共69页MD5 认证认证EIGRP MD5 authentication:Router generates a message digest,or hash,of the key,key ID,and message.EIGRP allows keys to be man
32、aged using key chains.Specify key ID(number),key,and lifetime of key.First valid activated key,in order of key numbers,is used.第46页/共69页配置配置 EIGRP MD5 认证认证(续续)key chain name-of-chainRouter(config)#Enters configuration mode for the keychainRouter(config-keychain)#key key-id Identifies key and enters
33、configuration mode for the keyid第47页/共69页配置配置 EIGRP MD5 认证认证(续续)Router(config-keychain-key)#key-string textIdentifies key string(password)Router(config-keychain-key)#accept-lifetime start-time infinite|end-time|duration seconds Optional:Specifies when key will be accepted for received packetsRouter(
34、config-keychain-key)#send-lifetime start-time infinite|end-time|duration seconds Optional:Specifies when key can be used for sending packets第48页/共69页配置配置 EIGRP MD5 认证认证ip authentication mode eigrp autonomous-system md5Router(config-if)#Specifies MD5 authentication for EIGRP packetsRouter(config-if)#
35、ip authentication key-chain eigrp autonomous-system name-of-chain Enables authentication of EIGRP packets using key in the keychain第49页/共69页配置配置 EIGRP MD5 认证示例认证示例第50页/共69页R1 配置配置 EIGRP MD5 认证认证 key chain R1chain key 1 key-string firstkey accept-lifetime 04:00:00 Jan 1 2006 infinite send-lifetime 04
36、:00:00 Jan 1 2006 04:01:00 Jan 1 2006 key 2 key-string secondkey accept-lifetime 04:00:00 Jan 1 2006 infinite send-lifetime 04:00:00 Jan 1 2006 infinite interface FastEthernet0/0!interface Serial0/0/1 bandwidth 64 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 R1chain!rou
37、ter eigrp 100 auto-summary 第51页/共69页R2 配置配置 EIGRP MD5 认证认证 key chain R2chain key 1 key-string firstkey accept-lifetime 04:00:00 Jan 1 2006 infinite send-lifetime 04:00:00 Jan 1 2006 infinite key 2 key-string secondkey accept-lifetime 04:00:00 Jan 1 2006 infinite send-lifetime 04:00:00 Jan 1 2006 inf
38、inite interface FastEthernet0/0!interface Serial0/0/1 bandwidth 64 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 R2chain!router eigrp 100 auto-summary 第52页/共69页查看查看 MD5 认证认证R1#R1#show ip eigrp neighborsIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRT
39、T RTO Q Seq (sec)(ms)Cnt NumR1#show ip routeGateway of last resort is not setType escape sequence to abort.!Success rate is 100 percent(5/5),round-trip min/avg/max=12/15/16 ms第53页/共69页 MD5 认证排错认证排错R1#debug eigrp packetsEIGRP Packets debugging is on (UPDATE,REQUEST,QUERY,REPLY,HELLO,IPXSAP,PROBE,ACK,
40、STUB,SIAQUERY,SIAREPLY)*Jan 21 16:38:51.745:EIGRP:received packet with MD5 authentication,key id=1*Jan 21 16:38:51.745:AS 100,Flags 0 x0,Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0R2#debug eigrp packetsEIGRP Packets debugging is on (UPDATE,REQUEST,QUERY,REPLY,HELLO,IPXSAP,PROBE,ACK,STUB,SIA
41、QUERY,SIAREPLY)R2#*Jan 21 16:38:38.321:EIGRP:received packet with MD5 authentication,key id=2*Jan 21 16:38:38.321:AS 100,Flags 0 x0,Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0第54页/共69页MD5 认证排错认证排错R1(config-if)#key chain R1chainR1(config-keychain)#key 2R1(config-keychain-key)#key-string wron
42、gkeyR2#debug eigrp packetsEIGRP Packets debugging is on (UPDATE,REQUEST,QUERY,REPLY,HELLO,IPXSAP,PROBE,ACK,STUB,SIAQUERY,SIAREPLY)R2#*Jan 21 16:50:18.749:EIGRP:pkt key id=2,authentication mismatchode=5(invalid authentication)*Jan 21 16:50:18.749:EIGRP:Dropping peer,invalid authentication*Jan 21 16:5
43、0:18.749:EIGRP:Sending HELLO on Serial0/0/1*Jan 21 16:50:18.749:AS 100,Flags 0 x0,Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0(Serial0/0/1)is down:Auth failureR2#show ip eigrp neighborsIP-EIGRP neighbors for process 100R2#MD5 authentication on both R1 and R2,but R1 key 2(that it uses when sending)changed 第55页
44、/共69页Configuring EIGRP5 在企业网中应用EIGRP第56页/共69页影响影响EIGRP 可控性的因素可控性的因素Quantity of routing information exchanged between peers;without proper route summarization,this can be excessive.Number of routers that must be involved when a topology change occurs.Depth of topology:the number of hops that informat
45、ion must travel to reach all routers.Number of alternate paths through the network.第57页/共69页EIGRP 查询过程查询过程Queries are sent when a route is lost and no feasible successor is available.The lost route is now in active state.Queries are sent to all neighboring routers on all interfaces except the interf
46、ace to the successor.If the neighbors do not have the lost-route information,queries are sent to their neighbors.If a router has an alternate route,it answers the query;this stops the query from spreading in that branch of the network.第58页/共69页在在 Hub-and-Spoke 拓扑中的更新和查询拓扑中的更新和查询You do not want to us
47、e these paths!第59页/共69页EIGRP StubThe EIGRP stub routing feature improves network stability,reduces resource utilization,and simplifies remote router(spoke)configuration.Stub routing is commonly used in a hub-and-spoke topology.A stub router sends a special peer information packet to all neighboring
48、routers to report its status as a stub router.A neighbor that receives a packet informing it of the stub status does not query the stub router for any routes.第60页/共69页配置配置 EIGRP Stubreceive-only:Prevents the stub from sending any type of route.connected:Permits stub to send connected routes(may stil
49、l need to redistribute).static:Permits stub to send static routes(must still redistribute).summary:Permits stub to send summary routes.Default is connected and summary.eigrp stub receive-only|connected|static|summaryRouter(config-router)#第61页/共69页限制查询和更新限制查询和更新:EIGRP Stub第62页/共69页示例示例:eigrp stub 参数参
50、数If stub connected is configured:If stub summary is configured:第63页/共69页示例示例:eigrp stub 参数参数(续续)If stub static is configured:If stub receive-only is configured:B will not advertise anything to A,so A needs to have a static route to the networks behind B to reach them.第64页/共69页EIGRP 查询进程陷入主动查询进程陷入主动T