干货 IPv4路由基础配置与静态路由

2024-11-18 10:25:08

背景:

AR1、AR2、AR3来自3个不同的网络(网段)并且分别为自己网络的网关,通过静态路由配置实现各网络之间的互通,当AR1>AR2线路中断时能够将流量自动切换到AR1>AR3>AR2路线进行访问。

拓扑:

步骤一:

查看3台设备是否已经配置IP地址

display ip interface brief命令是用来查看接口与IP相关的简要信息,包括IP地、子网掩码、物理状态、协议状态等处于不同状态的接口数目等。

<AR1>system-view #其他两台设备均为此命令查看,这里就不在详述。
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3

Interface               IP Address/Mask  Physical  Protocol
GigabitEthernet0/0/0    unassigned          up         down
GigabitEthernet0/0/1    unassigned          up         down
GigabitEthernet0/0/2    unassigned          down       down
NULL0                   unassigned          up         up(s)

IP Address/Mask 显示为unassigned则表示该接口未配置地址

步骤二:

配置设备与终端互联的IP地址以及PC终端地址

AR1:

<AR1>system-view 
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 10.1.12.1 24
[AR1]interface GigabitEthernet 0/0/1
[AR1-GigabitEthernet0/0/1]ip address 10.1.13.1 24
[AR1-GigabitEthernet0/0/2]ip address 1.1.1.1 24

AR2:

<AR2>system-view 
[AR2]interface GigabitEthernet 0/0/0
[AR2-GigabitEthernet0/0/0]ip address 10.1.12.2 24
[AR2]interface GigabitEthernet 0/0/1
[AR2-GigabitEthernet0/0/1]ip address 10.1.23.2 24
[AR2-GigabitEthernet0/0/2]ip address 2.2.2.1 24

AR3:

<AR3>system-view 
[AR3]interface GigabitEthernet 0/0/0
[AR3-GigabitEthernet0/0/0]ip address 10.1.13.3 24
[AR3]interface GigabitEthernet 0/0/1
[AR3-GigabitEthernet0/0/1]ip address 10.1.23.3 24
[AR3-GigabitEthernet0/0/2]ip address 3.3.3.1 24

步骤三:

查看物理接口地址是否配置成功

[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0

Interface                 IP Address/Mask Physical Protocol
GigabitEthernet0/0/0      10.1.12.1/24         up         up        
GigabitEthernet0/0/1      10.1.13.1/24         up         up        
GigabitEthernet0/0/2      1.1.1.1/24           up         up        
NULL0                     unassigned up         up(s)


[AR2]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0

Interface                 IP Address/Mask Physical Protocol
GigabitEthernet0/0/0      10.1.12.2/24         up         up        
GigabitEthernet0/0/1      10.1.23.2/24         up         up        
GigabitEthernet0/0/2      2.2.2.1/24           up         up        
NULL0                     unassigned up         up(s)


[AR3]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 0

Interface                 IP Address/Mask Physical Protocol
GigabitEthernet0/0/0      10.1.13.3/24         up         up        
GigabitEthernet0/0/1      10.1.23.3/24         up         up        
GigabitEthernet0/0/2      3.3.3.1/24           up         up        
NULL0                     unassigned up         up(s)

步骤四:

测试各网段的连通性,在此以AR1为例。

[AR1]ping 10.1.12.2
  PING 10.1.12.2: 56  data bytes, press CTRL_C to break
    Reply from 10.1.12.2: bytes=56 Sequence=1 ttl=255 time=40 ms
    Reply from 10.1.12.2: bytes=56 Sequence=2 ttl=255 time=30 ms
    Reply from 10.1.12.2: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 10.1.12.2: bytes=56 Sequence=4 ttl=255 time=30 ms
    Reply from 10.1.12.2: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 10.1.12.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/28/40 ms
[AR1]ping 10.1.13.3
  PING 10.1.13.3: 56  data bytes, press CTRL_C to break
    Reply from 10.1.13.3: bytes=56 Sequence=1 ttl=255 time=60 ms
    Reply from 10.1.13.3: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 10.1.13.3: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 10.1.13.3: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 10.1.13.3: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 10.1.13.3 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/28/60 ms

步骤五:

查看AR1的路由表

[AR1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 13       Routes : 13       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Direct 0    0           D 1.1.1.1         GigabitEthernet
0/0/2
        1.1.1.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      1.1.1.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      10.1.12.0/24  Direct 0    0           D 10.1.12.1       GigabitEthernet
0/0/0
      10.1.12.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
    10.1.12.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
      10.1.13.0/24  Direct 0    0           D 10.1.13.1       GigabitEthernet
0/0/1
      10.1.13.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.13.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0

大家可以看到,当接口地址配置完成之后,针对每个接口IP地址会自动生成3条直连路由。

步骤六:

测试PC1与PC2之间的连通性

PC>ping 2.2.2.5

Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!

--- 2.2.2.5 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss

使用Ping命令来指定发送ICMP echo-request报文,此时由于路由器上没有到达该目的IP的路由条目,所以无法Ping通PC2。

步骤七:

在AR1上配置到达AR2和AR3的PC网段的路由条目

ip route-static 2.2.2.5 24 10.1.12.2
ip route-static 3.3.3.5 24 10.1.13.3

查看AR1的路由表

[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 15       Routes : 15       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Direct 0    0           D 1.1.1.1         GigabitEthernet
0/0/2
        1.1.1.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      1.1.1.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
        2.2.2.0/24  Static 60   0          RD 10.1.12.2       GigabitEthernet
0/0/0
        3.3.3.0/24  Static 60   0          RD 10.1.13.3       GigabitEthernet
0/0/1
      10.1.12.0/24  Direct 0    0           D 10.1.12.1       GigabitEthernet
0/0/0
      10.1.12.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
    10.1.12.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
      10.1.13.0/24  Direct 0    0           D 10.1.13.1       GigabitEthernet
0/0/1
      10.1.13.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.13.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0

此时查看标红处我们配置的静态路由已经加入到了AR1的路由表中。

此时我们再次测试PC1是否能与PC2互通

PC1>ping 2.2.2.5
Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!

--- 2.2.2.5 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss

大家可以看到,我们虽然写了去往PC2的静态路由但是还是无法通信,原因就是数据包去往PC2后他无法将数据包返回到我们PC1的接口,静态路由是需要我们将两端的双向路由都要写进各自的路由表中,这样我们才能通信。

此时我们将AR2也添加上去往PC1的路由再来试试。

[AR2]ip route-static 1.1.1.5 24 10.1.12.1

查看我们的AR2的路由表中是否存在去往AR1中PC网关的路由条目。

[AR2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 14       Routes : 14       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Static 60   0          RD 10.1.12.1       GigabitEthernet
0/0/0
        2.2.2.0/24  Direct 0    0           D 2.2.2.1         GigabitEthernet
0/0/2
        2.2.2.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      2.2.2.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      10.1.12.0/24  Direct 0    0           D 10.1.12.2       GigabitEthernet
0/0/0
      10.1.12.2/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
    10.1.12.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
      10.1.23.0/24  Direct 0    0           D 10.1.23.2       GigabitEthernet
0/0/1
      10.1.23.2/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.23.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0

标红处我们可以看到AR2的路由表中存在去往PC1的路由,那么这个时候我们再去看下PC1能否Ping通PC2。

PC1>ping 2.2.2.5
Ping 2.2.2.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 2.2.2.5: bytes=32 seq=2 ttl=126 time=15 ms
From 2.2.2.5: bytes=32 seq=3 ttl=126 time=16 ms
From 2.2.2.5: bytes=32 seq=4 ttl=126 time=31 ms
From 2.2.2.5: bytes=32 seq=5 ttl=126 time=32 ms

--- 2.2.2.5 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/23/32 ms

这个时候我们就可以看到PC1与PC2互通了。

步骤八:

我们将剩余的路由条目完成配置

[AR2]ip route-static 1.1.1.5 24 10.1.12.1
[AR2]ip route-static 3.3.3.5 24 10.1.23.3
[AR3]ip route-static 1.1.1.5 24 10.1.13.1
[AR3]ip route-static 2.2.2.5 24 10.1.23.2
PC1>ping 3.3.3.5
Ping 3.3.3.5: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 3.3.3.5: bytes=32 seq=2 ttl=126 time=31 ms
From 3.3.3.5: bytes=32 seq=3 ttl=126 time=31 ms
From 3.3.3.5: bytes=32 seq=4 ttl=126 time=16 ms
From 3.3.3.5: bytes=32 seq=5 ttl=126 time=31 ms

--- 3.3.3.5 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/27/31 ms

此时我们3台终端都能成功互相访问了。

步骤九:

我们查看AR1和AR2的链路没断开之前路由的走向

tracert命令只要用于查看数据包从源端到目的端的路径信息。

PC1>tracert 2.2.2.5
traceroute to 2.2.2.5, 8 hops max
(ICMP), press Ctrl+C to stop
 1 1.1.1.1   16 ms  <1 ms  15 ms
 2 *10.1.12.2   32 ms  15 ms
 3 *2.2.2.5   16 ms  31 ms

标红处下一跳是AR2的接口地址,说明此时走的是主路线。

配置PC1到PC2的备份路由

[AR1]ip route-static 2.2.2.5 24 10.1.13.3 preference 100
[AR2]ip route-static 1.1.1.5 24 10.1.23.3 preference 100

我们在查看AR1和AR2的路由表

[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 15       Routes : 15       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Direct 0    0           D 1.1.1.1         GigabitEthernet
0/0/2
        1.1.1.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      1.1.1.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
        2.2.2.0/24  Static 60   0          RD 10.1.12.2       GigabitEthernet
0/0/0
        3.3.3.0/24  Static 60   0          RD 10.1.13.3       GigabitEthernet
0/0/1
      10.1.12.0/24  Direct 0    0           D 10.1.12.1       GigabitEthernet
0/0/0
      10.1.12.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
    10.1.12.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
      10.1.13.0/24  Direct 0    0           D 10.1.13.1       GigabitEthernet
0/0/1
      10.1.13.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.13.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
[AR2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 15       Routes : 15       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Static 60   0          RD 10.1.12.1       GigabitEthernet
0/0/0
        2.2.2.0/24  Direct 0    0           D 2.2.2.1         GigabitEthernet
0/0/2
        2.2.2.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      2.2.2.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
        3.3.3.0/24  Static 60   0          RD 10.1.23.3       GigabitEthernet
0/0/1
      10.1.12.0/24  Direct 0    0           D 10.1.12.2       GigabitEthernet
0/0/0
      10.1.12.2/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
    10.1.12.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/0
      10.1.23.0/24  Direct 0    0           D 10.1.23.2       GigabitEthernet
0/0/1
      10.1.23.2/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.23.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0

我们可以看到AR1和AR2的路由表中并没有存在刚刚配置的备份路由条目

这个时候我们关闭AR1>AR2互联的接口

[AR1]int GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]shutdown

在查看AR1和AR2的路由表

[AR1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 12       Routes : 12       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Direct 0    0           D 1.1.1.1         GigabitEthernet
0/0/2
        1.1.1.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      1.1.1.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
        2.2.2.0/24  Static 100  0          RD 10.1.13.3       GigabitEthernet
0/0/1
        3.3.3.0/24  Static 60   0          RD 10.1.13.3       GigabitEthernet
0/0/1
      10.1.13.0/24  Direct 0    0           D 10.1.13.1       GigabitEthernet
0/0/1
      10.1.13.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.13.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
[AR2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 12       Routes : 12       

Destination/Mask Proto Pre Cost Flags NextHop Interface

        1.1.1.0/24  Static 100  0          RD 10.1.23.3       GigabitEthernet
0/0/1
        2.2.2.0/24  Direct 0    0           D 2.2.2.1         GigabitEthernet
0/0/2
        2.2.2.1/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
      2.2.2.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/2
        3.3.3.0/24  Static 60   0          RD 10.1.23.3       GigabitEthernet
0/0/1
      10.1.23.0/24  Direct 0    0           D 10.1.23.2       GigabitEthernet
0/0/1
      10.1.23.2/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
    10.1.23.255/32  Direct 0    0           D 127.0.0.1       GigabitEthernet
0/0/1
      127.0.0.0/8   Direct 0    0           D 127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct 0    0           D 127.0.0.1       InLoopBack0
127.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0
255.255.255.255/32  Direct 0    0           D 127.0.0.1       InLoopBack0

标红处我们可以看到刚刚配置的备份路由(浮动静态路由)在接口shutdown时,原先的路由失效,优先级低的路由出现了。

这个时候我们在用tracert命令进行追踪数据包看去往PC2的流量是否切换到AR3的路线。

PC1>tracert 2.2.2.5
traceroute to 2.2.2.5, 8 hops max
(ICMP), press Ctrl+C to stop
 1 1.1.1.1   15 ms  16 ms  16 ms
 2 10.1.13.3   15 ms  32 ms  15 ms
 3 *10.1.23.2   31 ms  16 ms
 4 *2.2.2.5   31 ms  16 ms

标红处我们可以看到当主路线断开以后备份路由(浮动静态路由)自动生效接替了主线路的路由,到此所有配置结束,备份路由(浮动静态路由)在我们实际生产环境中用途很广泛,大家可以在使用过程中灵活搭配其他路由协议来进行配置。


相关推荐