愛伊米

當前位置:首頁>數碼

中間系統到中間系統路由協議綜合實驗

  • 分類:由 萱萱的爸爸 發表于 數碼
  • 時間:2020-08-07

中間系統到中間系統路由協議綜合實驗

實驗目的:

1。 熟悉ISIS路由協議的基礎操作方法。

2。 掌握該協議的區域劃分,路由級別調整過程。

3。 掌握該協議的網路型別以及網路型別中廣播型別的DIS的選舉流程。

4。 掌握該協議的路由引入,路由聚合,路由過濾,路由認證等操作流程。

實驗要求:

1。R1,R2和R3是Level-1路由器,R6是Level-2路由器。SystemID為0000。0000。000X。ISIS的程序號為1。

通告相關介面,網段10。0。X。0/24暫不通告。

2。R4和R6,R5和R6之間不能有DIS選舉;

R1,R2和R3共享網路中,要求R3為DIS,需在R1和R2上配置,且優先順序設定儘量小仍可以參與DIS選舉。

3。R6引入10。0。X。0/24網段,並標記為100;

區域47。0001能夠透過R4 學到10。0。x。0/24網段明細,且必須保持這些路由的標記為100。

4。 R2只允許透過預設路由訪問區域47。0002的網路。不能使用ACL和字首列表。

5。 區域47。0001的所有路由器傳送LSP和SNP需要進行認證,認證型別為MD5,密碼為Huawei;

level-2路由傳送的IIH需要進行認證,認證型別為MD5,密碼為Huawei。

實驗步驟:

R1配置:

[V200R003C00]

#

sysname R1

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage。zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47。0001。0000。0000。0001。00

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 192。168。1。1 255。255。255。0

isis enable 1

isis dis-priority 0

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 1。1。1。1 255。255。255。255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

Return

R2的配置:

[V200R003C00]

#

sysname R2

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage。zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47。0001。0000。0000。0002。00

filter-policy route-policy deny_dir import

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 192。168。1。2 255。255。255。0

isis enable 1

isis dis-priority 0

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 2。2。2。2 255。255。255。255

isis enable 1

#

route-policy deny_dir deny node 10

if-match tag 100

#

route-policy deny_dir permit node 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R3的配置:

[V200R003C00]

#

sysname R3

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage。zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47。0001。0000。0000。0003。00

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

ip address 34。1。1。3 255。255。255。0

isis enable 1

#

interface Serial1/0/1

link-protocol ppp

ip address 35。1。1。3 255。255。255。0

isis enable 1

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 192。168。1。3 255。255。255。0

isis enable 1

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 3。3。3。3 255。255。255。255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R4的配置:

[V200R003C00]

#

sysname R4

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage。zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

cost-style wide

network-entity 47。0001。0000。0000。0004。00

import-route isis level-2 into level-1 filter-policy route-policy Import_dir

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

ip address 34。1。1。4 255。255。255。0

isis enable 1

#

interface Serial1/0/1

link-protocol ppp

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 46。1。1。4 255。255。255。0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 4。4。4。4 255。255。255。255

isis enable 1

#

route-policy Import_dir permit node 10

if-match tag 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R5的配置:

[V200R003C00]

#

sysname R5

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage。zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

cost-style wide

network-entity 47。0001。0000。0000。0005。00

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

#

interface Serial1/0/1

link-protocol ppp

ip address 35。1。1。5 255。255。255。0

isis enable 1

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 56。1。1。5 255。255。255。0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 5。5。5。5 255。255。255。255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R6的配置:

[V200R003C00]

#

sysname R6

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage。zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

acl number 2000

rule 5 permit source 10。0。0。0 0。0。3。255

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m。Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-2

cost-style wide

network-entity 47。0002。0000。0000。0006。00

import-route direct route-policy tag

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 46。1。1。6 255。255。255。0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

ip address 56。1。1。6 255。255。255。0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 6。6。6。6 255。255。255。255

isis enable 1

#

interface LoopBack11

ip address 10。0。0。1 255。255。255。0

#

interface LoopBack12

ip address 10。0。1。1 255。255。255。0

#

interface LoopBack13

ip address 10。0。3。1 255。255。255。0

#

route-policy tag permit node 10

if-match acl 2000

apply tag 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

標籤:interface255addresslocalScheme

相關文章

推薦文章