三、 ISDN(6分)(100%)r3:704yy03, spid:704yy03
r5:704yy05, spid:704yy05
isdn 分两步,第一部是基础配置,第二步是
1.
ISDN Basic(3分)
Two side all can dial each other.
Your isdn is per minute and cost is important。(ISDN按分钟计费,而不是每字节)此处题目中特别强调了。
R3和r5两边的outbound的流量大于20%时up第二个b信道。
必须使用interface dialer,不能使用dialer map.
当配置完成之后,要确保在做完后面的配置后R3和R5 can ping each other for test.
R3
user Rack01R5 pass cisco
isdn sw basic-ni
in b0
isdn spid1 7040103
en pp
pp au cha
dialer pool-member 1
no sh
in d0
ip ad 1.1.32.33 255.255.255.252
en pp
pp au cha
dialer remote-name Rack01R5
dialer string 7040103
dialer pool 1
dialer-group 1
no cdp en
no peer nei
dialer-list 1 pro ip per
R5
user Rack01R3 pass cisco
isdn sw basic-ni
in b0
isdn spid1 7040105
en pp
pp au cha
dialer pool-member 1
no sh
in d0
ip ad 1.1.32.34 255.255.255.252
en pp
pp au cha
dialer remote-name Rack01R3
dialer string 7040105
dialer pool 1
dialer-group 1
no cdp en
no peer nei
dialer-list 1 pro ip per
///sh isdn s
///sh int b0
/// ping
/// sh isdn a
/// sh isdn s
/// sh dialer
2.
ISDN Contingency (3分)
Management is only willing to pay for host on VLAN_B to communicate with host on VLAN_A,vice versa(并不排除测试用的可以ping的情形)。
vlan11和vlan13上的hosts互相通讯备份用时可拨号,vice versa(并不排除测试用的可以ping的情形)。需保证下面配置后,仍可以通过由dialer端口发起的包进行isdn的线路测试.
R5 should initial the call first when connectivity is lost。
Nothing else should initial the call
When Frame-Relay restore isdn circuit eventually drop and stay down
isdn 用于vlan13的hosts在r2,r3,r5的frame-relay down的时候仍可到达other topology.
You may add the dialer interface to existing routing protocols or to configure a static route on r5(可以在dialer端口使用动态路由,也可在r5上使用静态路由。)(问了Vincent,这两个随便自己用,两个同时用也可以)
题目明确要求做完ISDN之后仍然要满足之前EIGRP里面关于R2和5选路的要求。
我用了浮动静态路由,结果也能满足要求,可最后还是没得分。
R3
in d0
dialer idle-timeout 300
pp mu
dialer load 51 out
router os 1
net 1.1.32.33 0.0.0.0 a 0
dialer-list 1 pro ip list 101
access-list 101 per icmp host 1.1.32.33 host 1.1.32.34
access-list 101 per ip 1.1.14.0 0.0.0.255 1.1.15.0 0.0.0.255
access-list 101 per ip 1.1.15.0 0.0.0.255 1.1.14.0 0.0.0.255
R5
dialer watch-list 2 ip 1.1.3.3 255.255.255.255
dialer watch-list 2 delay connect 10
in d0
pp mu
dialer load 51 out
dialer watch-group 2
router os 1
net 1.1.32.34 0.0.0.0 a 0
dialer-list 1 pro ip list 101
access-list 101 per icmp host 1.1.32.34 host 1.1.32.33
access-list 101 per ip 1.1.14.0 0.0.0.255 1.1.15.0 0.0.0.255
access-list 101 per ip 1.1.15.0 0.0.0.255 1.1.14.0 0.0.0.255
dialer watch-list 2 delay connect 10 ,这条命令是设置watch-list 的拨号延迟。
因为当帧中继down掉,watch的路由丢失,会立即拨号,同时R5的路由最先选择的是以太链路R2(eigrp),但是由于拨号,R3、R5
ospf的路由会进入路由表,ospf的管理距离是110,eigrp的是170,所以,R5会选择拥有ospf路由的isdn而不选择已经存在的以太链路(eigrp)R2。
如果设置拨号延迟,watch的路由丢失,暂时不拨号,可以给网络一个恢复的时间,之后如果路由还在就不拨号,可以避免不必要的损耗。这样,isdn就能选择eigrp路由,如果帧中继完全down掉才选择isdn。
dialer idle-time 300 ,为什么设成300? isdn如果没有感兴趣流量120秒会断掉,但是断掉之后还发现没有watch那条路由,会再次拨号。isdn的作用是为了VlanA,B之间作备份的,vlan的用户当然不希望isdn经常抖动,而且每抖动一次,都会导致路由器数据库刷新一次,设置时间长一点也是避免路由器数据库的频繁刷新。(看吧,设多少都可以,默认是120,主要是不让isdn频繁抖动就好了)
四、EGP (9分)第一步:建立邻居,R6在65013中,R2,R5在65012中,他们对外表现为AS YY,
R2,R5,R6对外表现为AS YY
R6 can’t peer with R5 directly.
You cant use route-reflect,You may use BGP confederation
BGP Router-ID使用Loopback 0的地址。
R2
router bgp 65012
no auto-summary
no synchronization
bgp router-id 1.1.2.2
bgp confederation identifier 1
bgp confederation peers 65013
neighbor 1.1.5.5 remote-as 65012
neighbor 1.1.5.5 update-source Loopback0
neighbor 1.1.6.6 remote-as 65013
neighbor 1.1.6.6 ebgp-multihop 255
neighbor 1.1.6.6 update-source Loopback0
R5
router bgp 65012
no auto-summary
no synchronization
bgp router-id 1.1.5.5
bgp confederation identifier 1
neighbor 1.1.2.2 remote-as 65012
neighbor 1.1.2.2 update-source Loopback0
neighbor 1.1.2.2 next-hop-self
R6
router bgp 65013
no auto-summary
no synchronization
bgp router-id 1.1.6.6
bgp confederation identifier 1
bgp confederation peers 65012
neighbor 1.1.2.2 remote-as 65012
neighbor 1.1.2.2 ebgp-multihop 255
neighbor 1.1.2.2 update-source Loopback0
neighbor 1.1.2.2 next-hop-self
///sh ip bgp summary
第二步:建立ebgp邻居,R6连接BB1,R5连接BB2,之后,让R5的路由表表现为图标所示
You may use AS65012 and AS65013
R6 peer to BB1 at ip address 150.100.1.254,as is 254
R5 peer to BB2 at ip address 150.100.2.254,as is 254
要求用一条ACL实现,配置成表中显示的模样。不能在R5上使用BGP Confederation Peers命令。(新题中没有这一问,换成了要求在R6上从R2和BB1同时学到197.68.Z.0路由,但要让R6选择从BB1来的路由,注意不能用修改weight和local preference做为解决手段,结果要让R6路由表跟下面图示一样,此问丢分了,所以没有参考答案)
R5的bgp表如下:
Network
Next Hop
Metric LocPrf Weight Path
*>197.68.1.0
150.100.2.254
0
0
254 i
*>197.68.4.0
150.100.2.254
0
30
254 i
*>197.68.5.0
150.100.2.254
0
30
254 i
*>197.68.21.0
150.100.2.254
0
0
254 i
*>197.68.22.0
150.100.2.254
0
0
254 i
R5:
router bgp 65012
neighbor 150.100.2.254 remote-as 254
neighbor 150.100.2.254 route-map setweight in
access-list 10 permit 197.68.4.0 0.0.1.0
route-map setweight permit 10
match ip add 10
set weight 30
route-map setweight permit 20
R6
router bgp 65013
neighbor 150.100.1.254 remote-as 254
第三步:汇总,在R6上做汇总,使R6,R2的路由表跟图表中一样
在R6上做汇总,加summary-only,之后对汇总添加团体属性no-advertise
R6的bgp表如下:
Network
Next Hop
Metric LocPrf Weight Path
*> 197.68.0.0/19
0.0.0.0
100 32768
i
s
197.68.1.0
1.1.5.5
0
100
0 (65012) 254 i
s>
150.100.1.254
0
0 254 253 i
s
197.68.4.0
1.1.5.5
0
100
0 (65012) 254 i
s>
150.100.1.254
0
0 254 253 i
s
197.68.5.0
1.1.5.5
0
100
0 (65012) 254 i
s>
150.100.1.254
0
0 254 253 i
s 197.68.21.0
1.1.5.5
0
100
0 (65012) 254 i
s>
150.100.1.254
0
0 254 253 i
s 197.68.22.0
1.1.5.5
0
100
0 (65012) 254 i
s>
150.100.1.254
0
0 254 253 i
R2的bgp表如下:
Network
Next Hop
Metric LocPrf Weight Path
*>197.68.0.0/19
1.1.6.6
0
100
(65013) i
*>197.68.1.0
1.1.5.5
0
100
0
254 i
*>197.68.4.0
1.1.5.5
0
100
0
254 i
*>197.68.5.0
1.1.5.5
0
100
0
254 i
*>197.68.21.0
1.1.5.5
0
100
0
254 i
*>197.68.22.0
1.1.5.5
0
100
0
254 i
R6
router bgp 65013
aggregate-address 197.68.0.0 255.255.224.0 summary-only
neighbor 3.3.2.2 route-map comm out
!
route-map comm per 10
match ip ad 5
set community no-advertise
!
access-list 5 per 197.68.0.0 0.0.31.255
过滤发往bb1的聚合路由
R6
ro b 65013
nei 150.100.1.254 route-map 2bb1 out
!
route-map 2bb1 deny 10
match ip ad pre summ
!
route-map 2bb1 per 20
!
ip pre summ per 197.68.0.0/19
[
本帖最后由 rswzy 于 2007-6-21 20:46 编辑 ]
