|
Bog BOS: IOS: Лабораторные работы |
Последние изменения: |
Последнее изменение текста: 19980626
Скопировано с www.bog.pp.ru: 2024.12.03
Используемый стенд: стенд 1.
Предварительные действия:
enable
erase start
reload
Действия по шагам:
Router#configure terminal
Router(config)#hostname c2522
c2522(config)#enable secret cisco
c2522(config)#ip subnet-zero
c2522(config)#ip classless
c2522(config)#no ip domain-lookup
c2522(config)#clock timezone MSK 3
c2522(config)#clock summer-time MSD recurring last Sun Mar 2:00 last Sun
Oct 2:00
c2522(config)#line console 0
c2522(config-line)#password cisco
c2522(config-line)#login
c2522(config-line)#no exec-timeout
c2522(config-line)#exit
c2522(config)#line aux 0
c2522(config-line)#password cisco
c2522(config-line)#login
c2522(config-line)#no exec-timeout
c2522(config-line)#exit
c2522(config)#line vty 0 4
c2522(config-line)#password cisco
c2522(config-line)#login
c2522(config-line)#no exec-timeout
c2522(config-line)#exit
c2522(config)#exit
c2522#copy running-config startup-config
Получившаяся конфигурация (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2522
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Ethernet0
═no ip address
═shutdown
!
interface Serial...
═no ip address
═shutdown
!
!
interface BRI0
═no ip address
═shutdown
!
ip classless
!
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
═
Действия по шагам:
Router>enable
Router#configure terminal
Router(config)#hostname c2500x
c2500x(config)#enable secret cisco
c2500x(config)#ip subnet-zero
c2500x(config)#ip classless
c2500x(config)#no ip domain-lookup
c2500x(config)#clock timezone MSK 3
c2500x(config)#clock summer-time MSD recurring last Sun Mar 2:00 last Sun
Oct 2:00
c2500x(config)#line console 0
c2500x(config-line)#password cisco
c2500x(config-line)#login
c2500x(config-line)#no exec-timeout
c2500x(config-line)#exit
c2500x(config)#line 1 8 (или 16)
c2500x(config-line)#password cisco
c2500x(config-line)#login
c2500x(config-line)#no exec-timeout
c2500x(config-line)#exit
c2500x(config)#line aux 0
c2500x(config-line)#password cisco
c2500x(config-line)#login
c2500x(config-line)#no exec-timeout
c2500x(config-line)#exit
c2500x(config)#line vty 0 4
c2500x(config-line)#password cisco
c2500x(config-line)#login
c2500x(config-line)#no exec-timeout
c2500x(config-line)#exit
═
c2500x(config)#exit
c2500x#copy running-config startup-config
Получившаяся конфигурация (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500x
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Ethernet0
═no ip address
═shutdown
!
interface Serial...
═no ip address
═shutdown
!
ip classless
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 8
═exec-timeout 0 0
═password cisco
═login
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Используемый стенд: стенд 1.
Используется
конфигурация из
лабораторной работы 1.1.3.
Действия по шагам:
Router#configure terminal
c2522(config)#frame-relay switching
c2522(config)#interface serial 0
c2522(config-if)#encapsulation frame-relay
c2522(config-if)#frame-relay lmi-type ansi
c2522(config-if)#frame-relay intf-type dce
c2522(config-if)#clock rate 2000000
c2522(config-if)#frame-relay route 31 interface serial 1 34
c2522(config-if)#no shutdown
c2522(config-if)#exit
c2522(config)#interface serial 1
c2522(config-if)#encapsulation frame-relay
c2522(config-if)#frame-relay lmi-type ansi
c2522(config-if)#frame-relay intf-type dce
c2522(config-if)#clock rate 2000000
c2522(config-if)#frame-relay route 34 interface serial 0 31
c2522(config-if)#no shutdown
c2522(config-if)#exit
c2522(config)#exit
c2522#copy running-config startup-config
Получившаяся
конфигурация (show run):
═
Current configuration:
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2522
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Ethernet0
═no ip address
═shutdown
!
interface Serial0
═no ip address
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay route 31 interface Serial1 34
!
interface Serial1
═no ip address
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay route 34 interface Serial0 31
!
interface Serial...
═no ip address
═shutdown
!
!
interface BRI0
═no ip address
═shutdown
!
ip classless
!
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
═
Действия по шагам (вместо n и m должны быть соответствующие числа):
c2500x#configure terminal
c2500b(config)#frame-relay switching
c2500x(config)#interface ethernet 0
c2500x(config-if)#ip address 10.127.n.1 255.255.255.0
c2500x(config-if)#no shutdown
c2500x(config-if)#exit
c2500x(config)#interface loopback 0
c2500x(config-if)#ip address 10.128.n.1 255.255.255.255
c2500x(config-if)#no shutdown
c2500x(config-if)#exit
c2500x(config)#interface serial 0
c2500x(config-if)#ip address 10.127.10.n 255.255.255.252
c2500x(config-if)#encapsulation frame-relay
c2500x(config-if)#frame-relay lmi-type ansi
c2500b(config-if)#frame-relay intf-type dce
c2500b(config-if)#clock rate 2000000
c2500x(config-if)#frame-relay map ip 10.127.10.n m broadcast
c2500x(config-if)#frame-relay interface-dlci m
c2500x(config-fr-dlci)#exit
c2500x(config)#interface serial 0
c2500x(config-if)#no shutdown
c2500x(config-if)#exit
c2500x(config)#interface serial 1
c2500x(config-if)#ip address 10.127.10.n 255.255.255.252
c2500x(config-if)#encapsulation frame-relay
c2500x(config-if)#frame-relay lmi-type ansi
c2500b(config-if)#frame-relay intf-type dce
c2500b(config-if)#clock rate 2000000
c2500x(config-if)#frame-relay map ip 10.127.10.n m broadcast
c2500x(config-if)#frame-relay interface-dlci m
c2500x(config-fr-dlci)#exit
c2500x(config)#interface serial 1
c2500x(config-if)#no shutdown
c2500x(config-if)#exit
c2500x(config)#ip route 10.128.n.1 255.255.255.255 10.127.10.m
c2500x(config)#ip route 10.128.k.1 255.255.255.255 10.127.10.l
c2500x(config)#ip route 10.127.10.i 255.255.255.252 10.127.10.j
c2500x(config)#ip route 10.127.n.0 255.255.255.0 10.127.10.m
c2500x(config)#ip route 10.127.k.0 255.255.255.0 10.127.10.l
c2500x(config)#exit
c2500x#copy running-config startup-config
Получившаяся конфигурация (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
ip classless
ip route 10.128.0.1 255.255.255.255 10.127.10.13
ip route 10.128.1.1 255.255.255.255 10.127.10.10
ip route 10.127.10.0 255.255.255.252 10.127.10.13
ip route 10.127.10.0 255.255.255.252 10.127.10.10
ip route 10.127.0.0 255.255.255.0 10.127.10.13
ip route 10.127.1.0 255.255.255.0 10.127.10.10
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 8
═exec-timeout 0 0
═password cisco
═login
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Используемый стенд: стенд 1.
Основные
используемые команды:
IOS (tm) 2500 Software (C2500-JS-L), Version 11.2(9)P, RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Compiled Tue 30-Sep-97 17:44 by ccai Image text-base: 0x03040420, data-base: 0x00001000 ROM: System Bootstrap, Version 11.0(10c), SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOF WARE (fc1) c2500a uptime is 9 minutes System restarted by power-on System image file is "flash:c2500-js-l.112-9.P", booted via flash cisco 2509 (68030) processor (revision M) with 14336K/2048K bytes of memory. Processor board ID 06910910, with hardware revision 00000000 Bridging software. SuperLAT software copyright 1990 by Meridian Technology Corp). X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. TN3270 Emulation software. 1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 8 terminal line(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102
Ethernet0 is up, line protocol is up═ ═ Hardware is Lance, address is 0000.0c47.5373 (bia 0000.0c47.5373) ═ Internet address is 10.127.1.1/24 ═ MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 ═ Encapsulation ARPA, loopback not set, keepalive set (10 sec) ═ ARP type: ARPA, ARP Timeout 04:00:00 ═ Last input 00:00:00, output 00:00:00, output hang never ═ Last clearing of "show interface" counters never ═ Queueing strategy: fifo ═ Output queue 0/40, 0 drops; input queue 1/75, 2 drops ═ 5 minute input rate 2000 bits/sec, 3 packets/sec ═ 5 minute output rate 1000 bits/sec, 2 packets/sec ════ 13010550 packets input, 3447223041 bytes, 0 no buffer ════ Received 781033 broadcasts, 0 runts, 0 giants ════ 590 input errors, 590 CRC, 527 frame, 0 overrun, 0 ignored, 0 abort ════ 0 input packets with dribble condition detected ════ 14429325 packets output, 1537136256 bytes, 0 underruns ════ 403 output errors, 843260 collisions, 1 interface resets ════ 0 babbles, 127 late collision, 1588213 deferred ════ 0 lost carrier, 0 no carrier ════ 0 output buffer failures, 0 output buffers swapped out
Serial0 is up, line protocol is up ═ Hardware is HD64570 ═ Internet address is 10.127.10.10/30 ═ MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 ═ Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) ═ LMI enq sent═ 39, LMI stat recvd 39, LMI upd recvd 0, DTE LMI up ═ LMI enq recvd 0, LMI stat sent═ 0, LMI upd sent═ 0 ═ LMI DLCI 0═ LMI type is ANSI Annex D═ frame relay DTE ═ FR SVC disabled, LAPF state down ═ Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 ═ Last input 00:00:08, output 00:00:08, output hang never ═ Last clearing of "show interface" counters never ═ Input queue: 0/75/0 (size/max/drops); Total output drops: 0 ═ Queueing strategy: weighted fair ═ Output queue: 0/64/0 (size/threshold/drops) ════ Conversations═ 0/1 (active/max active) ════ Reserved Conversations 0/0 (allocated/max allocated) ═ 5 minute input rate 0 bits/sec, 0 packets/sec ═ 5 minute output rate 0 bits/sec, 0 packets/sec ════ 39 packets input, 576 bytes, 0 no buffer ════ Received 0 broadcasts, 0 runts, 0 giants, 0 throttles ════ 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort ════ 40 packets output, 568 bytes, 0 underruns ════ 40 packets output, 568 bytes, 0 underruns ════ 0 output errors, 0 collisions, 2 interface resets ════ 0 output buffer failures, 0 output buffers swapped out ════ 6 carrier transitions ════ DCD=up═ DSR=up═ DTR=up═ RTS=up═ CTS=up
System flash directory: File═ Length══ Name/status ═══════ addr═════ fcksum═ ccksum ═ 1══ 8096112═ c2500-js-l.112-9.P ═══════ 0x40═════ 0xE4E6═ 0xE4E6 [8096176 bytes used, 292432 available, 8388608 total] 8192K bytes of processor board System flash (Read ONLY) ══ Chip═══ Bank═══ Code═════ Size═════ Name ═══ 1═════ 1══════ 89A0═════ 2048KB═══ INTEL 28F016SA ═══ 2═════ 1══════ 89A0═════ 2048KB═══ INTEL 28F016SA ═══ 3═════ 1══════ 89A0═════ 2048KB═══ INTEL 28F016SA ═══ 4═════ 1══════ 89A0═════ 2048KB═══ INTEL 28F016SA Executing current image from System flash
Serial0 (up): ip 10.127.10.9 dlci 33(0x21,0x810), static, ═════════════ broadcast, ═════════════ CISCO, status defined, active Serial1 (up): ip 10.127.10.2 dlci 34(0x22,0x820), static, ═════════════ broadcast, ═════════════ CISCO, status defined, active
PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 33, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 ═ input pkts 0════════════ output pkts 0═══════════ in bytes 0 ═ out bytes 0═════════════ dropped pkts 0══════════ in FECN pkts 0 ═ in BECN pkts 0══════════ out FECN pkts 0═════════ out BECN pkts 0 ═ in DE pkts 0════════════ out DE pkts 0 ═ out bcast pkts 0═════════ out bcast bytes 0 ═ pvc create time 00:13:45, last time pvc status changed 00:13:45 PVC Statistics for interface Serial1 (Frame Relay DTE) DLCI = 34, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1 ═ input pkts 0════════════ output pkts 0═══════════ in bytes 0 ═ out bytes 0═════════════ dropped pkts 0══════════ in FECN pkts 0 ═ in BECN pkts 0══════════ out FECN pkts 0═════════ out BECN pkts 0 ═ in DE pkts 0════════════ out DE pkts 0 ═ out bcast pkts 0═════════ out bcast bytes 0 ═ pvc create time 00:13:51, last time pvc status changed 00:13:08
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP ══════ D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area ══════ N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 ══════ E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP ══════ i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default ══════ U - per-user static route, o - ODR Gateway of last resort is not set ════ 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C══════ 10.127.10.8/30 is directly connected, Serial0 C══════ 10.127.10.0/30 is directly connected, Serial1 C══════ 10.128.1.1/32 is directly connected, Loopback0
Упражнение 1: на каждом
маршрутизаторе "уронить" один
последовательный интерфейс (shutdown). Соседи
должны определиыь, какой именно
интерфейс был выключен.
Упражнение 2: привести все в порядок.
Выключить коммутатор Frame Relay (c2522).
Перестроить таблицы
маршрутизации так, чтобы сеть
оставалась связной.
Используемый стенд: стенд 1.
Используется
конфигурация из
лабораторной работы 1.3.1.
Упражнение: закрыть доступ по telnet в "свою"
подсеть, за
исключением доступа с
персоналок.
Действия по шагам (вместо n и m должны быть
соответствующие числа):
═
c2500x#configure terminal
═
c2500x(config)#access-list 101 deny ip 10.127.n.0 0.0.0.255 any
c2500x(config)#access-list 101 deny ip 10.128.n.0 0.0.0.255 any
c2500x(config)#access-list 101 deny ip 10.127.10.k 0.0.0.3 any
c2500x(config)#access-list 101 deny ip 10.127.10.m 0.0.0.3 any
═
c2500x(config)#access-list 101 permit tcp 10.127.0.2 0.0.255.0 any eq telnet
═
c2500x(config)#access-list 101 deny tcp any any eq telnet
═
c2500x(config)#access-list 101 permit any any
═
c2500x(config)#interface serial 0
c2500x(config-if)#ip access-group 101 in
c2500x(config-if)#exit
c2500x(config)#interface serial 1
c2500x(config-if)#ip access-group 101 in
c2500x(config-if)#exit
c2500x(config)#exit
c2500x#
Получившаяся конфигурация, изменения выделены (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═ip access-group 101 in
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═ip access-group 101 in
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
ip classless
ip route 10.128.0.1 255.255.255.255 10.127.10.13
ip route 10.128.1.1 255.255.255.255 10.127.10.10
ip route 10.127.10.0 255.255.255.252 10.127.10.13
ip route 10.127.10.0 255.255.255.252 10.127.10.10
ip route 10.127.0.0 255.255.255.0 10.127.10.13
ip route 10.127.1.0 255.255.255.0 10.127.10.10
!
access-list 101 deny ip 10.127.2.0 0.0.0.255 any
access-list 101 deny ip 10.128.2.0 0.0.0.255 any
access-list 101 deny ip 10.127.10.12 0.0.0.3 any
access-list 101 deny ip 10.127.10.8 0.0.0.3 any
access-list 101 permit tcp 10.127.0.2 0.0.255.0 any eq telnet
access-list 101 deny tcp any any eq telnet
access-list 101 permit any any
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 8
═exec-timeout 0 0
═password cisco
═login
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Используемый стенд: стенд 1.
Используется
конфигурация из
лабораторной работы 1.3.1.
Упражнение: уменьшить скорость Frame Relay до 4800,
запустить на PC команду
════════════ telnet
адрес-соседнего-маршрутизатора 19
где соседний - по часовой стрелке, 19 - порт для
сервиса chargen. Убедиться, что канал
загружен и работать
невозножно. Снять задачу и
настроить алгоритм
обработки очередей так, чтобы chargen никому не
мешал.
Предварительные действия:
═
c2500x(config)#service tcp-small-servers
═
(config)#interface serial 0 (и 1)
(config-if)#clock rate 4800
Действия по шагам (вместо n и m должны быть соответствующие числа):
═
c2500x#configure terminal
═
c2500x(config)#priority-list 1 protocol ip low tcp chargen
c2500x(config)#priority-list 1 queue-limit 20 40 60 5
═
c2500x(config)#interface serial 0
c2500x(config-if)#priority-group 1
c2500x(config-if)#exit
c2500x(config)#interface serial 1
c2500x(config-if)#priority-group 1
c2500x(config-if)#exit
c2500x(config)#exit
c2500x#
Получившаяся конфигурация (show run):
Current configuration
!
version 11.2
no service udp-small-servers
service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═priority-group 1
═encapsulation frame-relay
═clockrate 4800
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═ priority-group 1
═encapsulation frame-relay
═clockrate 4800
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
ip classless
ip route 10.128.0.1 255.255.255.255 10.127.10.13
ip route 10.128.1.1 255.255.255.255 10.127.10.10
ip route 10.127.10.0 255.255.255.252 10.127.10.13
ip route 10.127.10.0 255.255.255.252 10.127.10.10
ip route 10.127.0.0 255.255.255.0 10.127.10.13
ip route 10.127.1.0 255.255.255.0 10.127.10.10
!
priority-list 1 protocol ip low tcp chargen
priority-list 1 queue-limit 20 40 60 5
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 8
═exec-timeout 0 0
═password cisco
═login
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Используемый стенд: стенд 1.
Используется
конфигурация из
лабораторной работы 1.3.1.
Упражнение 1: замена
статической
маршрутизации
динамической EIGRP.
Предварительные действия: убрать
статические маршруты.
Действия по шагам (вместо n и m должны быть
соответствующие числа):
c2500x#debug ip eigrp
c2500x#configure terminal
c2500x(configure)# router eigrp 109
c2500x(configure-router)#═ no auto-summary
c2500x(configure-router)# network 10.0.0.0 0.255.255.255
c2500x(configure-router)# redistribute static
c2500x(configure-router)# exit
c2500x(configure)# exit
c2500x#show ip eigrp topology
Получившаяся конфигурация (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
ip classless
router eigrp 109
═ no auto-summary
═ network 10.0.0.0
═ redistribute static
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 8
═exec-timeout 0 0
═password cisco
═login
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Упражнение 2: "роняем" интерфейс межу c2500a и c2500b (делаем на c2500a: conf terminal;interface serial 0;shutdown). Наблюдаем за изменение топологии в таблицах EIGRP. Восстанавливаем нтерфейс и отмечаем время сходимости EIGRP.
Используемый стенд: стенд 2.
Последовательность шагов:
username c1601x password cisco
username c2500x password cisco
dialer-list 1 protocol ip permit
ip route 0.0.0.0 0.0.0.0 адрес соседа
ip route
адрес-соседа 255.255.255.255 serial 0
Получившаяся конфигурация c2500b(show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
interface Async1
═ip address 10.127.40.1 255.255.255.252
═encapsulation ppp
═async mode interactive
═ppp authentication chap
!
router eigrp 109
═ no auto-summary
═ network 10.0.0.0
═ redistribute static
═passive-interface Async1
!
ip route 10.127.40.0 255.255.255.252 10.127.40.2
ip route 10.127.41.0 255.255.255.0 10.127.40.2
ip route 10.127.40.2 Async1
ip classless
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 16
═exec-timeout 0 0
═password cisco
═autoselect during-login
═autoselect ppp
═login
═modem InOut
═transport input all
═stopbits 1
═speed 115200
═flowcontrol hardware
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Получившаяся конфигурация c1601b (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c1601b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
chat-script dialout ABORT ERROR ABORT BUSY "" "AT" OK "ATDP\T" TIMEOUT 60
CONNECT
!
interface Ethernet0
═ip address 10.127.41.1 255.255.255.0
!
interface Serial0
═physical-layer async
═ip address 10.127.40.2 255.255.255.252
═encapsulation ppp
═async mode interactive
═dialer in-band
═dialer-group 1
═dialer map ip 10.127.40.1 name c2500b modem-script dialout 13
═dialer idle-timeout 600
═ppp authentication chap
!
ip route 0.0.0.0 0.0.0.0 10.127.40.1
ip route 10.127.40.1 255.255.255.255 serial 0
ip classless
dialer-list 1 protocol ip permit
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1
═exec-timeout 0 0
═password cisco
═login
═modem inout
═stopbits 1
═speed 115200
═flowcontrol hardware
═transport input all
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Упражнение 2. сервер tacacs+
default authorization = permit
accounting file = /var/adm/acct
key = cisco
user = c1601a {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = c1601b {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = c1601b {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = c2500a {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = c2500b {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = c2500c {
═══════ global = cleartext "cisco"
═══════ member = pppdefault
}
user = admin {
══ default service = permit
══ login = cleartext "cisco"
══ service = exec { priv-lvl=10 }
}
group = pppdefault {
═══════ service = exec { autocmd = "ppp /routing default" }
═══════ service = ppp protocol = ip {
═══════════════ routing = true
═══════ }
}
#/usr/local/bin/tac_plus -C tacacs.config
aaa new-model
aaa authentication login default tacacs+ enable
aaa authentication login line line
aaa authentication login none none
aaa authentication login local local
aaa authentication ppp default if-needed none
aaa authorization exec tacacs+ if-authenticated
aaa authorization commands 1 tacacs+ if-authenticated
aaa authorization commands 10 tacacs+ if-authenticated
aaa authorization commands 15 tacacs+ if-authenticated
aaa authorization network tacacs+ if-authenticated
aaa accounting network stop-only tacacs+
aaa accounting connection stop-only tacacs+
aaa accounting system stop-only tacacs+
tacacs-server host 10.127.0.2
tacacs-server key cisco
═
Используемый стенд: стенд 2.
Используется
конфигурация из
лабораторной работы 3.1.4
(упражнение 1)
.
Упражнение 1: замена
маршрутизации EIGRP на OSPF.
Предварительные действия: убрать
маршрутизацию EIGRP.
Действия по шагам (вместо n и m должны быть
соответствующие числа):
c2500x#debug ip ospf events
c2500x#configure terminal
c2500x(configure)# no router eigrp 109
c2500x(configure)# router ospf 63
c2500x(configure-router)# network 10.0.0.0 0.255.255.255 area 0
c2500x(configure-router)# redistribute static
neighbor 10.127.10.n
neighbor 10.127.10.m
passive-interface async1
c2500x(configure-router)# exit
c2500x(configure)# exit
c2500x#show ip ospf database
Получившаяся конфигурация c2500b(show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
interface Async1
═ip address 10.127.40.1 255.255.255.252
═encapsulation ppp
═async mode interactive
═ppp authentication chap
!
router ospf 63
═ network 10.0.0.0 0.255.255.255 area 0
═ redistribute static
═ passive-interface Async1
═ neighbor 10.127.10.10
═ neighbor 10.127.10.13
!
ip route 10.127.40.0 255.255.255.252 10.127.40.2
ip route 10.127.41.0 255.255.255.0 10.127.40.2
ip route 10.127.40.2 Async1
ip classless
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 16
═exec-timeout 0 0
═password cisco
═autoselect during-login
═autoselect ppp
═login
═modem InOut
═transport input all
═stopbits 1
═speed 115200
═flowcontrol hardware
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Упражнение 2: "роняем"
интерфейс межу c2500a и c2500b (делаем на c2500a: conf terminal;interface
serial 0;shutdown).
Наблюдаем за изменение
топологии в таблицах OSPF.
Восстанавливаем нтерфейс и
отмечаем время
сходимости OSPF.
Используемый стенд: стенд 3.
Используется
конфигурация из
лабораторной работы 3.1.4
(упражнение 1, EIGRP)
.
Упражнение 1: разбиение
автономной системы на 3 (a - AS100, b - AS200, c - AS300)
Предварительные действия: убрать
маршрутизацию EIGRP.
Действия по шагам (вместо n и m должны быть
соответствующие числа):
c2500x#debug ip eigrp
c2500x#debug ip bgp
c2500x#configure terminal
c2500x(configure)# no router eigrp 109
маршрутизация EIGRP в пределах
автономной системы
c2500x(configure)# router eigrp n
c2500x(configure-router)# no auto-summary
c2500x(configure-router)# network 10.0.0.0
c2500x(configure-router)# redistribute static
c2500x(configure-router)# passive-interface Async1
c2500x(configure-router)# exit
c2500x(configure)# router bgp n
c2500x(configure-router)# neighbor 10.127.10.n remote-as m
c2500x(configure-router)# neighbor 10.127.10.x remote-as y
c2500x(configure-router)#═ exit
c2500x(configure)#═ exit
show ip bgp neighbor
Получившаяся конфигурация c2500b(show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
interface Async1
═ip address 10.127.40.1 255.255.255.252
═encapsulation ppp
═async mode interactive
═ppp authentication chap
!
router eigrp 200
═ no auto-summary
═ network 10.0.0.0
═ redistribute static
═ redistribute bgp 200
═passive-interface Async1
!
router bgp 200
═ neighbor 10.127.10.10 remote-as 100
═ neighbor 10.127.10.13 remote-as 300
!
ip route 10.127.40.0 255.255.255.252 10.127.40.2
ip route 10.127.41.0 255.255.255.0 10.127.40.2
ip route 10.127.40.2 Async1
ip classless
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 16
═exec-timeout 0 0
═password cisco
═autoselect during-login
═autoselect ppp
═login
═modem InOut
═transport input all
═stopbits 1
═speed 115200
═flowcontrol hardware
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
Упражнение 2: "роняем" интерфейс межу c2500a и c2500b (делаем на c2500a: conf terminal;interface serial 0;shutdown). Наблюдаем за изменение топологии в таблицах BGP. Восстанавливаем нтерфейс и отмечаем время сходимости BGP.
Используемый стенд: стенд 2.
Используется
конфигурация из
лабораторной работы 3.1.4
(упражнение 1, EIGRP)
.
Упражнение 1:
переопределение routing policy так, чтобы
пакеты из async наружу шли по правой ветке, а
локальные пакеты по левой.
Предварительные действия:
Действия по шагам (вместо n и m должны быть
соответствующие числа)
c2500x(configure)# access-list 99 deny 10.127.x1.0 0.0.0.255
c2500x(configure)# access-list 99 deny 10.127.x0.0 0.0.0.255
c2500x(configure)# access-list 99 deny 10.128.y.1 0.0.0.1
c2500x(configure)#═ access-list 99 permit any
c2500x(configure)# route-map left permit
c2500x(configure-route-map)# match ip address 99
c2500x(configure-route-map)# set interface serial n
c2500x(configure-route-map)# exit
c2500x(configure)# route-map right permit
c2500x(configure-route-map)# match ip address 99
c2500x(configure-route-map)# set interface serial m
c2500x(configure-route-map)# exit
c2500x(configure)# interface async 1
c2500x(configure-if)# ip policy route-map right
c2500x(configure-if)# exit
c2500x(configure)# ip local policy route-map left
═Получившаяся конфигурация c2500b(show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c2500b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
frame-relay switching
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
!
interface Loopback0
═ip address 10.128.2.1 255.255.255.255
!
interface Ethernet0
═ip address 10.127.2.1 255.255.255.0
!
interface Serial0
═ip address 10.127.10.9 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.10 33 broadcast
═frame-relay interface-dlci 33
!
interface Serial1
═ip address 10.127.10.14 255.255.255.252
═encapsulation frame-relay
═clockrate 2000000
═frame-relay lmi-type ansi
═frame-relay intf-type dce
═frame-relay map ip 10.127.10.13 32 broadcast
═frame-relay interface-dlci 32
!
interface Async1
═ip address 10.127.40.1 255.255.255.252
═ip policy route-map right
═encapsulation ppp
═async mode interactive
═ppp authentication chap
!
router eigrp 109
═ no auto-summary
═ network 10.0.0.0
═ redistribute static
═passive-interface Async1
!
ip route 10.127.40.0 255.255.255.252 10.127.40.2
ip route 10.127.41.0 255.255.255.0 10.127.40.2
ip route 10.127.40.2 Async1
ip classless
ip local policy route-map left
!
access-list 99 deny 10.127.41.0 0.0.0.255
access-list 99 deny 10.127.40.0 0.0.0.255
access-list 99 deny 10.128.2.1 0.0.0.1
access-list 99 permit any
!
route-map left permit
═ match ip address 99
═ set interface serial 0
!
route-map right permit
═ match ip address 99
═ set interface serial 1
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1 16
═exec-timeout 0 0
═password cisco
═autoselect during-login
═autoselect ppp
═login
═modem InOut
═transport input all
═stopbits 1
═speed 115200
═flowcontrol hardware
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end═
Используемый стенд: стенд 4.
Используется
конфигурация из
лабораторной работы 3.1.4
(упражнение 1, EIGRP)
.
Упражнение 1:
организация туннелей,
образующих кольцо между cisco 1601.
Действия по шагам (вместо n и m должны быть
соответствующие числа):
c1601x#configure terminal
c1601x(config)# interface tunnel 0
c1601x(config-if)# tunnel source serial 0
c1601x(config-if)# tunnel destination 10.127.n0.2
c1601x(config-if)# ip address 192.168.x.1
c1601x(config-if)# exit
c1601x(config)# interface tunnel 1
c1601x(config-if)# tunnel source serial 0
c1601x(config-if)# tunnel destination 10.127.m0.2
c1601x(config-if)# ip address 192.168.y.2
c1601x(config-if)# exit
Получившаяся конфигурация c1601b (show run):
Current configuration
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname c1601b
!
enable secret 5 $1$lAKC$LAxlg941G5KVmgaSZvT7u.
!
username c1601b password cisco
username c2500b password cisco
ip subnet-zero
no ip domain-lookup
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00
chat-script dialout ABORT ERROR ABORT BUSY "" "AT" OK "ATDP\T" TIMEOUT 60
CONNECT
!
interface Ethernet0
═ip address 10.127.41.1 255.255.255.0
!
interface Serial0
═physical-layer async
═ip address 10.127.40.2 255.255.255.252
═encapsulation ppp
═async mode interactive
═dialer in-band
═dialer-group 1
═dialer map ip 10.127.40.1 name c2500b modem-script dialout 13
═dialer idle-timeout 600
═ppp authentication chap
!
interface tunnel 0
═ tunnel source serial 0
═ tunnel destination 10.127.20.2
═ ip address 192.168.2.1
!
interface tunnel 1
═ tunnel source serial 0
═ tunnel destination 10.127.30.2
═ ip address 192.168.1.2
!
ip route 0.0.0.0 0.0.0.0 10.127.40.1
ip route 10.127.40.1 255.255.255.255 serial 0
ip classless
dialer-list 1 protocol ip permit
!
line con 0
═exec-timeout 0 0
═password cisco
═login
line 1
═exec-timeout 0 0
═password cisco
═login
═modem inout
═stopbits 1
═speed 115200
═flowcontrol hardware
═transport input all
!
line aux 0
═exec-timeout 0 0
═password cisco
═login
line vty 0 4
═exec-timeout 0 0
═password cisco
═login
!
end
═
═
═
|
Bog BOS: IOS: Лабораторные работы |
Последние изменения: |