Junos路由器静态路由及动态路由rip和ospf配置测试-阿里云开发者社区

开发者社区> 开发与运维> 正文
登录阅读全文

Junos路由器静态路由及动态路由rip和ospf配置测试

简介:

一.测试拓扑:

wKioL1Ls1K-SwH1YAABW4dzX3A4810.jpg
二.基本配置:
A.R1:
interface Ethernet0/0
ip address 202.100.100.1 255.255.255.0
    no shut
interface Loopback0
    ip address 1.1.1.1 255.255.255.255
B.R2:
interface Ethernet0/0
    ip address 202.100.100.2 255.255.255.0
    no shut
interface Ethernet0/1
    ip address 202.100.1.2 255.255.255.0
    no shut
interface Loopback0
    ip address 2.2.2.2 255.255.255.255
C.JUNOS1:
set system root-authentication plain-text-password

set interfaces em0 unit 0 family inet address 202.100.1.10/24
set interfaces em1 unit 0 family inet address 10.1.1.10/24
D.R3:
interface Ethernet0/0
    ip address 10.1.1.3 255.255.255.0
    no shut
interface Loopback0
    ip address 3.3.3.3 255.255.255.255
三.JUNOS静态路由配置:
A.配置方法:
set routing-options static route 0.0.0.0/0 next-hop 202.100.1.2
commit
B.测试:
root> ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=255 time=51.869 ms
^C
--- 1.1.1.1 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 51.869/51.869/51.869/nan ms
四.RIP动态路由配置:
--junos如果不配置认证,不用配置策略,配置认证,如果不配置策略,接口发出的rip包不会带有认证信息,junos只能接收rip。
A.JUNOS:
①配置策略:
set policy-options policy-statement advertis-routers-through-rip term 1 from protocol direct
set policy-options policy-statement advertis-routers-through-rip term 1 from protocol rip
set policy-options policy-statement advertis-routers-through-rip term 1 then accept
②配置接口,将接口加入group
set protocols rip group rip-group neighbor em1.0
③group export策略
set protocols rip group rip-group export advertis-routers-through-rip
④配置认证
全局:
set protocols rip authentication-type md5
set protocols rip authentication-key  cisco
接口:
set protocols rip group rip-group neighbor em1.0 authentication-type md5
set protocols rip group rip-group neighbor em1.0 authentication-key  cisco
B.R2:
①基本配置:
router rip
version 2
network 10.0.0.0
network 192.168.1.0
②配置认证:
key chain rip
key 1
  key-string cisco
interface Ethernet0/0
    ip rip authentication mode md5
    ip rip authentication key-chain rip
备注:测试时发现用c2691-adventerprisek9-mz.124-15.T14.BIN的2691的路由器配置完rip认证后,rip包中不会有认证信息,可能是IOS的问题。
C.验证:
root# run show route 

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

3.0.0.0/8          *[RIP/100] 00:09:09, metric 2, tag 0
                   > to 10.1.1.3 via em1.0
10.1.1.0/24        *[Direct/0] 00:28:05
                   > via em1.0
10.1.1.10/32       *[Local/0] 00:28:05
                     Local via em1.0
13.0.0.0/8         *[RIP/100] 00:09:09, metric 2, tag 0
                   > to 10.1.1.3 via em1.0
202.100.1.0/24     *[Direct/0] 00:28:05
                   > via em0.0
202.100.1.10/32    *[Local/0] 00:28:05
                     Local via em0.0
224.0.0.9/32       *[RIP/100] 00:01:10, metric 1
                     MultiRecv
R3#show ip route rip
R    202.100.1.0/24 [120/1] via 10.1.1.10, 00:00:19, Ethernet0/0

五.OSPF动态路由配置:

A.R1:
router ospf 1
    router-id 1.1.1.1
    network 202.100.100.1 0.0.0.0 area 0
    network 1.1.1.1 0.0.0.0 a 0
interface Ethernet0/0
    ip ospf authentication message-digest
    ip ospf message-digest-key 1 md5 cisco
---链路认证
B.R2:
router ospf 1
    router-id 2.2.2.2
    area 0 authentication message-digest
    network 202.100.1.2 0.0.0.0 area 0
    network 202.100.100.2 0.0.0.0 area 0
interface Ethernet0/0
    ip ospf message-digest-key 1 md5 cisco
interface Ethernet0/1
    ip ospf message-digest-key 1 md5 cisco
---区域认证
C.JUNOS:
set protocols ospf area 0.0.0.0 interface em0.0 authentication md5 1 key cisco
D:验证:
root# run show ospf neighbor
Address          Interface              State     ID               Pri  Dead
202.100.1.2      em0.0                  Full      2.2.2.2            1    32
root# run show route protocol ospf   

inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.1/32         *[OSPF/10] 00:00:04, metric 12
                   > to 202.100.1.2 via em0.0
202.100.100.0/24   *[OSPF/10] 04:48:10, metric 11
                   > to 202.100.1.2 via em0.0
224.0.0.5/32       *[OSPF/10] 04:48:22, metric 1
                     MultiRecv

六.OSPF和rip双向路由重分布配置:
A.RIP往OSPF:
①配置策略:
set policy-options policy-statement into-ospf term rip-to-ospf from protocol rip
set policy-options policy-statement into-ospf term rip-to-ospf from route-filter 3.0.0.0/8 exact
set policy-options policy-statement into-ospf term rip-to-ospf then accept
set policy-options policy-statement into-ospf term direct-to-ospf from protocol  direct
set policy-options policy-statement into-ospf term direct-to-ospf from route-filter 10.1.1.0/24 exact
set policy-options policy-statement into-ospf term direct-to-ospf then accept
set policy-options policy-statement into-ospf then reject
②调用策略:
set protocols ospf export into-ospf
③验证:
R1#show ip route ospf
O E2 3.0.0.0/8 [110/2] via 202.100.100.2, 00:07:57, Ethernet0/0
O    202.100.1.0/24 [110/20] via 202.100.100.2, 00:10:49, Ethernet0/0
    10.0.0.0/24 is subnetted, 1 subnets
O E2    10.1.1.0 [110/0] via 202.100.100.2, 00:00:04, Ethernet0/0
B.OSPFRIP
①配置策略:
set policy-options policy-statement into-rip term ospf-to-rip from protocol ospf
set policy-options policy-statement into-rip term ospf-to-rip from route-filter 202.100.100.0/24 exact
set policy-options policy-statement into-rip term ospf-to-rip from route-filter 1.1.1.1/32 exact
set policy-options policy-statement into-rip term ospf-to-rip then accept
set policy-options policy-statement into-rip term direct-to-rip from protocol direct
set policy-options policy-statement into-rip term direct-to-rip from route-filter 202.100.1.0/24 exact
set policy-options policy-statement into-rip term direct-to-rip then accept
set policy-options policy-statement into-rip then reject
②调用策略:
set protocols rip group rip-group export into-rip
③验证:
R3#show ip route rip
    1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/1] via 10.1.1.10, 00:00:24, Ethernet0/0
R    202.100.100.0/24 [120/1] via 10.1.1.10, 00:00:24, Ethernet0/0
R    202.100.1.0/24 [120/1] via 10.1.1.10, 00:00:24, Ethernet0/0




本文转自 碧云天 51CTO博客,原文链接:http://blog.51cto.com/333234/1355447,如需转载请自行联系原作者

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

分享:
开发与运维
使用钉钉扫一扫加入圈子
+ 订阅

集结各类场景实战经验,助你开发运维畅行无忧

其他文章
最新文章
相关文章