《路由器配置基础及科技网.ppt》由会员分享,可在线阅读,更多相关《路由器配置基础及科技网.ppt(97页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、路由器配置基础及科技网路由器配置基础及科技网网络介绍网络介绍中国科技网技术部 陈江宁内容介绍路由器配置介绍路由器配置介绍路由器基础知识介绍路由器基础知识介绍监控与故障诊断监控与故障诊断 基本测试方法基本测试方法设备配置存取及其备份设备配置存取及其备份路由器启动顺序及密码恢复路由器启动顺序及密码恢复保护保护Internet连接安全连接安全中国科技网介绍中国科技网介绍中国科技网的结构简介中国科技网的结构简介中国科技网网络设备简介中国科技网网络设备简介国内外出口简介国内外出口简介网络管理简介网络管理简介路由器基础知识介绍外部配置的途径Router各种模式配置模式配置模式及方法配置模式及方法主要内容外
2、部配置的途径可以通过各种途径进行配置Console PortNetwork ManagementStationvty 0-4VirtualTerminalsInterfacesAuxiliary PortTFTP ServerRouterUser EXEC Mode只限于路由器的某一些有限的权限登录到机器的缺省状态Router#Privileged EXEC Mode有检查,配置,调试等所有权限通过enable可进入此状态Setup Mode初始配置状态以对话的方式来创建一个基本配置才出厂的机器或删了startup-config的机器开机后自动进入或手动用setup命令进入Router(con
3、fig)#Global Configuration Mode全局配置状态在特权执行态输入configterminalOther Configuration ModesRouter(config-mode)#开机后60秒内按ctrl+break键则进入该态在机器不能正常自动引导时进行RXBOOT ModeRouter模式其他的配置状态在特权执行状态输入相应的命令时进入.Router(config)#RouterRouter#Other Configuration ModesExit路由器配置模式综述UserEXECmodePrivilegedEXECmodeGlobalconfiguration
4、modeInterfaceSubinterfaceControllerMap-listMap-classLineRouterIPX-routerRoute-mapConfiguration ModeRouter(config-if)#Router(config-subif)#Router(config-controller)#Router(config-map-list)#Router(config-map-class)#Router(config-line)#Router(config-router)#Router(config-ipx-router)#Router(config-route
5、-map)#Prompt基本的路由器设置步骤一:配置主机名;步骤二:在路由器上设置口令;步骤三:在路由器的接口上配置IP地址;步骤四:在路由器上配置路由协议;步骤五:配置路由器串行接口参数;步骤六:激活接口,检查网络的连通性;步骤七:创建IP主机表;步骤八:配置“noipdomain-lookup”;步骤九:利用CDP协议查看与该路由器相连的网络设备基本的路由器设置(续)步骤十:显示路由器上的IP路由表,检查网络的连通性,应确认能够成功的ping通网络中其他的路由器;步骤十一:检查路由器的路由表,并通过“showipprotocols”检查路由器的协议配置;步骤十二:诊断网络利用debug等命
6、令来捕获路由更新信息;步骤十三:利用showversion查看CiscoIOS版本和路由器的类型;步骤十四:保存路由器的配置;配置路由器的标示Router NameRouter(config)#hostname TokyoTokyo#Login BannerTokyo(config)#banner motd CWelcome to router TokyoAccounting Department3rd Floor C#Interface DescriptionTokyo(config)#interface e 0Tokyo(config-if)#description Engineering
7、 LAN,Bldg.18为路由器及其端口配置标示信息配置密码Router(config)#line console 0Router(config-line)#exec-timeout 15 0Router(config-line)#loginRouter(config-line)#password ciscoConsole Password Virtual Terminal Password Router(config)#line vty 0 4Router(config-line)#login Router(config-line)#password ciscoEnable Password
8、 Router(config)#enable secret san-franPerform Password EncryptionRouter(config)#service password-encryption(set passwords here)Router(config)#no service password-encryptionRouter(config-if)#分配地址和掩码针对端口配置IP地址设定允许使用子网掩码配置IP地址ip address ip-address subnet-maskRouter(config)#ip subnet-zeroRouter(config)#
9、ip classless定义静态ARP缓存Arp ip-address hardware-address type aliasARP 封装类型封装类型 Arp arpa:IEEE 802.3 Ethernet(缺省值)Arp probe:IEEE 802.3网络的HP-Probe协议Arp snap:支持RFC 1402的FDDI和令牌环网络的arp报文提供有主机名到IP地址的解析Router(config)#使用DNS服务ip name-server server-address1 server-address2.server-address6 ip domain-lookupBOOTSYS
10、TEM列表从flash启动系统从网络服务器启动系统从ROM启动系统(Cisco7500上BOOTFLASH)Router(config)boot system flash:rsp-IOSRouter(config)boot system flash slot0:rsp-IOSRouter(config)config-register 0 x010FRouter(config)boot system romRouter(config)boot system flash slot1:rsp-IOSRouterwrRouterreloadDefinesapathtoanIPdestinationne
11、tworkorsubnetip route network mask address|interface distance Router(config)#配置静态路由举例:静态路由Cisco A172.16.1.0 Cisco BE0S0S1S2S0Make changes in configuration modes修改配置修改配置Examine results检查结果检查结果Router#show running-configIntendedresults?No修改现有配置修改现有配置Router(config)#no.Router#config memRouter#copy tftp r
12、unning-configRouter#erase startup-configRouter#reloadYesSave changes to backup保存配置保存配置Router#copy running-config startup-configRouter#copy running-config tftpExamine backup file检查备份配置检查备份配置Router#show startup-config配置修改后的保存监控与故障诊断 RouterA#show versionCisco Internetwork Operating System SoftwareIOS(t
13、m)2500 Software(C2500-JS40-L),Version 11.2(5),RELEASE SOFTWARE(fc1)Copyright(c)1986-1997 by cisco Systems,Inc.Compiled Tue 01-Apr-97 09:12 by ckralikImage text-base:0 x0303F9A8,data-base:0 x00001000ROM:System Bootstrap,Version 5.2(8a),RELEASE SOFTWAREROM:3000 Bootstrap Software(IGS-RXBOOT),Version 1
14、0.2(8a),RELEASE SOFTWARE(fc1)RouterA uptime is 1 day,5 hours,50 minutesSystem restarted by reloadSystem image file is flash:c2500-js40-l.112-5.bin,booted via flash-More-show version 命令Router#show running-configBuilding configuration.Current configuration:!version 11.2!-More-Router#show startup-confi
15、gUsing 1108 out of 130048 bytes!version 11.2!hostname router-More-show running-config 命令show startup-config 命令Usewrite terminalwithRelease10.3andearlierUseshow configwithRelease10.3andearlierRouter#show interface serial 1Serial1 is up,line protocol is up Hardware is cxBus Serial Description:56Kb Lin
16、e San Jose-MP :Operational.Connection Problem.Interface Problem.Disabled.Serial1 is up,line protocol is upSerial1 is up,line protocol is downSerial1 is down,line protocol is downSerial1 is administratively down,line protocol is down激活信号激活信号Keepalives载波信号载波信号Carrier Detectshow interfaceserial清除show i
17、nterface中的计数器Router#clear countersRouter#show interface serial 1Serial1 is up,line protocol is up Hardware is cxBus Serial Description:56Kb Line San Jose-MP Internet address is 150.136.190.203,subnet mask is 255.255.255.0 MTU 1500 bytes,BW 56 Kbit,DLY 20000 usec,rely 255/255,load 1/255 Encapsulation
18、 HDLC,loopback not set,keepalive set(10 sec)Last input 0:00:07,output 0:00:00,output hang never Last clearing of show interface counters 2w4d Output queue 0/40,0 drops;input queue 0/75,0 drops Five minute input rate 0 bits/sec,0 packets/sec Five minute output rate 0 bits/sec,0 packets/sec 16263 pack
19、ets input,1347238 bytes,0 no buffer Received 13983 broadcasts,0 runts,0 giants 2 input errors,0 CRC,0 frame,0 overrun,0 ignored,2 abort 0 input packets with dribble condition detected 22146 packets output,2383680 bytes,0 underruns 0 output errors,0 collisions,2 interface resets,0 restarts 1 carrier
20、transitionsRouter show ip routeCodes:C-connected,S-static,I-IGRP,R-RIP,M-mobile,B-BGP D-EIGRP,EX-EIGRP external,O-OSPF,IA-OSPF inter area E1-OSPF external type 1,E2-OSPF external type 2,E-EGP i-IS-IS,L1-IS-IS level-1,L2-IS-IS level-2,*-candidate defaultGateway of last resort is not set 144.253.0.0 i
21、s subnetted(mask is 255.255.255.0),1 subnetsC 144.253.100.0 is directly connected,Ethernet1R 133.3.0.0 R 153.50.0.0 120/1 via 183.8.128.12,00:00:09,Ethernet0 183.8.0.0 is subnetted(mask is 255.255.255.128),4 subnetsR 183.8.0.128 120/1 via 183.8.128.130,00:00:17,Serial0 120/1 via 183.8.64.130,00:00:1
22、7,Serial1C 183.8.128.0 is directly connected,Ethernet0C 183.8.64.128 is directly connected,Serial1C 183.8.128.128 is directly connected,Serial0R 192.3.63.0 列出IP路由表Router show ip protocolRouting Protocol is igrp 300 Sending updates every 90 seconds,next due in 55 seconds Invalid after 270 seconds,hol
23、d down 280,flushed after 630 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates IGRP metric weight K1=1,K2=0,K3=1,K4=0,K5=0 IGRP maximum hopco
24、unt 100 IGRP maximum metric variance 1 Redistributing:igrp 300 Routing for Networks:183.8.0.0 144.253.0.0 Routing Information Sources:Gateway Distance Last Update 144.253.100.1 100 0:00:52 183.8.128.12 100 0:00:43 183.8.64.130 100 0:01:02 Distance:(default is 100)-More-show ip protocol命令RAMInternetw
25、ork Operating SystemProgramsTables and BuffersActiveConfigurationFileBackupConfigurationFileOperating SystemsInterfacesRouter状态检查命令Router#show versionFlashRouter#show processes CPURouter#show protocolsRouter#show memRouter#show stacksRouter#show buffersRouter#show flashRouter#show running-configRout
26、er#write termRouter#show startup-configRouter#show configNVRAMRouter#show interfacesShowingCDPNeighborsRouterA#show cdp neighborsCapability Codes:R-Router,T-Trans Bridge,B-Source Route Bridge,S-Switch,H-Host,I-IGMPDevice ID Local Intrfce Holdtme Capability Platform Port ID Router Ser 0 151 R 2522 Se
27、r 1 SwitchA0050BD855780 Eth 0 165 T s 1900 2RouterA#show cdp neighbors detail-Device ID:RouterBEntry address(es):Platform:cisco 2522,Capabilities:RouterInterface:Serial1,Port ID(outgoing port):Serial0Holdtime:149 secshowcdpentryRouterA#sh cdp entry*-Device ID:RouterB Entry address(es):IP address:10.
28、1.1.2 Platform:cisco 2522,Capabilities:Router Interface:Serial0,Port ID(outgoing port):Serial1Holdtime:168 secVersion:Cisco Internetwork Operating System Software IOS(tm)2500 Software(C2500-JS-L),Version 12.0(3),RELEASE SOFTWARE(fci)Copyright(c)1986-1999 by cisco Systems,Inc.Compiled Mon 08-Feb-99 1
29、8:18 by phanguyeSwitchBSwitchBRouterARouterARouterBRouterBSwitchASwitchAS0S0S1S1telnet操作Initiate a sessionDenver telnet parisEnd a sessionParis exitSuspend a sessionEscape sequenceParis DenverResume a sessionDenver Disconnect a sessionDenver disconnect parisDisplay sessionsDenver#show sessionsConnHo
30、stAddressIdleConn Name 1Paris131.108.100.152 0Paris 2Tokyo127.102.57.63 0Tokyo*TokyoParisDenver理解cisco错误消息系统错误消息格式:系统错误消息格式:Facility subfacility Severity Mnemonic:Message TextFacility 指出错误消息涉及的设备名。该值可以是协议、硬件设备或者系统软件模块;Subfacility 它仅与通道接口处理器(CIP)卡有关;Sererity 它是一个范围在0到7之间的数字。数字的值越小,严重程度越高;Mnemonic 唯一标
31、识错误信息的单值代码,该代码通常可以暗示错误的类型;Message Text 它是错误信息的简短描述,其中包括涉及的路由器硬件和软件信息;注:并不是所有的消息都涉及到故障或者问题的状况,某些消息显示的是状态方面的注:并不是所有的消息都涉及到故障或者问题的状况,某些消息显示的是状态方面的信息信息信息记录指定记录到系统日志服务器中消息的调试级别,命令:loggingtraplevel指定系统日志数据包含有特定接口的ip地址,而不管数据包通过哪个接口流出路由器,命令:loggingsource-interfacetypenumber将消息记录到系统日志服务器主机,命令:loggingon启用在日志消
32、息中加入时戳功能,命令:servicetimestampslog|debugdatetimemseclocaltimeshow-timezone事件日志记录步骤事件日志记录步骤:信息记录ConsoleTerminalUNIX Host(Running Syslog Server)Buffers(default)Telnet Terminalno logging bufferedterminal monitorlogging onshow logginglogging bufferedDebug OutputandSystem ErrorMessages基本测试方法测试综述Application
33、PresentationSessionTransportNetworkData LinkPhysical7654321telnetpingtraceshow ip routeshow interface验证地址的配置ApplicationTransportInternetNetwork InterfaceHardwareApplicationTransportInternetNetwork InterfaceHardwareTelnetTelnettelnetICMPpingtracetracetrace使用ping命令测试各种协议的报文能够被正确的路由吗?Echo RequestEcho R
34、eplyNetwork Layer测试网络的连接状况Router ping 172.16.101.1Type escape sequence to abort.Sending 5,100-byte ICMP Echos to 172.16.101.1,timeout is 2 seconds:.!Success rate is 80 percent,round-trip min/avg/max=6/6/6 msRouterPing!响应成功接收.请求超时U目的不可达P协议不可达N 网络不可达Iping被中断(for example,Ctrl-Shift-6 X)?不可知报文类型Router#p
35、ingProtocol ip:Target IP address:192.168.101.162Repeat count 5:Datagram size 100:Timeout in seconds 2:Extended commands n:ySource address:Type of service 0:Set DF bit in IP header?no:yesData pattern 0 xABCD:Loose,Strict,Record,Timestamp,Verbosenone:Sweep range of sizes n:Type escape sequence to abor
36、t.Sending 5,100-byte ICMP Echos to 192.168.101.162,timeout is 2 seconds:!Success rate is 100 percent(5/5),round-trip min/avg/max=24/26/28 msRouter#Ping命令支持多协议Ping(扩展)使用trace 命令数据报文传输时经过那条路径?Rome172.16.33.5YorkLondon172.16.12.3Paris172.16.16.2Network LayerYork#trace ROMEType escape to abort.Tracing t
37、he route to ROME(172.16.33.5)1 LONDON(172.16.12.3)1000 msec 8 msec 4 msec2 PARIS(172.16.16.2)8 msec 8 msec 8 msec3 ROME(172.16.33.5)8 msec 8 msec 4 msec York#通过端口地址表示数据到达的地点Router#trace aba.nyc.milType escape sequence to abort.Tracing the route to aba.nyc.mil(26.0.0.73)(172.16.1.6)1000 msec 8 msec 4
38、 msec2barrnet-(172.16.16.2)8 msec 8 msec 8 msec3external-a-gateway.stanford.edu(192.42.110.225)8 msec 4 msec 4 (131.119.254.6)8 msec 8 msec 8 (131.119.3.8)12 msec 12 msec 8 msec6moffett-fld-mb.in.mil(192.52.195.1)216 msec 120 msec 132 msec7aba.nyc.mil(26.0.0.73)412 msec *664 msecIPTraceH主机不可达P协议不可达N
39、网络不可达U端口不可达*报文超时?_ 报文类型不能识别测试ApplicationLayer使用telnet你能登陆远程的路由器吗?ParisTelnetYorkParisApplication设备代码、配置存取及其备份从NVRAM中加载配置文件ConsoleConsoleIOSIOSSetup utilitySetup utilityshowshowstartup-configstartup-configshowshowrunning-configrunning-configLoadandexecuteconfigfromNVRAMIfnoconfiginNVRAM,entersetupmod
40、eConfigConfigConfigConfigRAMRAMNVRAMNVRAMRouter#show running-configBuilding configuration.Current configuration:!version 11.2!-More-Router#show startup-configUsing 1108 out of 130048 bytes!version 11.2!hostname router-More-show running-config 命令show startup-config 命令Displaycurrentandsavedconfigurati
41、on保存配置文件保存配置文件ConfigConfigConfigConfigRAMRAMNVRAMNVRAMNVRAMcopy running startup=writecopy running startup=writecopy startup running(copy startup running(mergemerge)保存配置文件保存配置文件ConfigConfigConfigConfigConsoleConsoleRAMRAMNVRAMNVRAMNVRAMTerminalTFTPservercopy running startupcopy running startupcopy st
42、artup running(copy startup running(mergemerge)TFTPTFTPserverservercopy start tftpcopy start tftpcopy tftp startcopy tftp startcopy run tftpcopy run tftpcopy tftp run copy tftp run(mergemerge)config termconfig term(merge)merge)CopystartuptftpAccess_Server#copy?flashCopyfromsystemflashflh-logCopyFLHlo
43、gfiletoservermopCopyfromaMOPserverrcpCopyfromanrcpserverrunning-configCopyfromcurrentsystemconfigurationstartup-configCopyfromstartupconfigurationtftpCopyfromaTFTPserverAccess_Server#copystartup-config?rcpCopytoanrcpserverrunning-configUpdate(mergewith)currentsystemconfigurationtftpCopytoaTFTPserver
44、Access_Server#copystartup-configtftpNameofconfigurationfiletowriteaccess_server-confg?Writefileaccess_server-confgonhost172.18.7.114?confirmWritingaccess_server-confg!OK备份IOSImagesNetworkNetworkserverserverFLASHFLASHFLASHFLASHRouterRouterc2500-js-l_120-3.binc2500-js-l_120-3.binNetworkNetworkserverse
45、rver备份备份IOSImagesIOSImagesCheck access to the serverCheck access to the serverRouterRouterNetworkNetworkserverserverwg_ro_a#show flashSystem flash directory:File Length Name/status 1 10084696 c2500-js-l_120-3.bin 10084760 bytes used,6692456 available,16777216 total16384K bytes of processor board Sys
46、tem flash(Read ONLY)查看查看IOSImagesIOSImagesVerifyFlashmemoryhasroomfortheIOSimage创建创建ImageImage备份备份BackupcurrentfilespriortoupdatingFlashNetworkNetworkserverserverFLASHFLASHFLASHFLASHcopy flash tftpcopy flash tftp创建Image备份(续)Access_Server#copyflashtftpSystemflashdirectory:FileLengthName/status1398817
47、6/igs-im-l_111-22.bin3988240bytesused,4400368available,8388608totalSourcefilename?/igs-im-l_111-22.binDestinationfilename/igs-im-l_111-22.bin?Verifyingchecksumfor/igs-im-l_111-22.bin(file#1).OKCopy/igs-im-l_111-22.binfromFlashtoserveras/igs-im-l_111-22.bin?yes/noyes!UploadtoserverdoneFlashcopytook00
48、:00:53hh:mm:sswg_ro_a#copy tftp flashAddress or name of remote host 10.1.1.1?Source filename?c2500-js-l_120-3.binDestination filename c2500-js-l_120-3.bin?Accessing tftp:/10.1.1.1/c2500-js-l_120-3.bin.Erase flash:before copying?confirmErasing the flash filesystem will remove all files!Continue?confi
49、rmErasing device.eeeee(output omitted).erasedErase of flash:completeLoading c2500-js-l_120-3.bin from 10.1.1.1(via Ethernet0):!(output omitted)OK-10084696/20168704 bytesVerifying checksum.OK(0 x9AA0)10084696 bytes copied in 309.108 secs(32636 bytes/sec)wg_ro_a#恢复恢复ImageImage备份备份EraseFlashoccursbefor
50、eloadingnewimageNotemessagethatimagealreadyexistsNetworkNetworkserverserverFLASHFLASHFLASHFLASH系统启动综述系统启动的顺序通过终端不断反馈启动的信息核查硬件核查硬件查找并载入查找并载入 Cisco IOS software image查找并调用路由器的配置信息查找并调用路由器的配置信息启动的顺序RAMROMBootstrapLoad BootstrapTFTP ServerFlashROMCiscoInternetworkOperatingSystemLocate and LoadOperating