R1# copy running-config startup-config R2# copy running-config startup-config R3# copy running-config startup-config D2# copy running-config startup-config fe80::1:3 R2config# ipv6 route
G
HÌNH EIGRP CHO IPV6
BÀI 7: NAT TRÊN IPv4 th
1.1 C U HÌNH IPV4-IPV6 STATIC ROUTE VÀ
Device Interface IP Address / Prefix
Device Interface IP Address / Prefix
- hình static route và default route cho IPv4 trên R1, R2
Gán tên cho router: router(config)# hostname R1 router(config)# hostname R2
R1(config)# no ip domain lookup
R2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
R1(config)# banner motd $ Authorized Users Only! $
R2(config)# banner motd $ Authorized Users Only! $
R1# copy running-config startup-config
R2# copy running-config startup-config
Gán tên cho router: switch(config)# hostname R1 switch(config)# hostname R2
S1(config)# no ip domain lookup
S2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
S1(config)# banner motd $ Authorized Users Only! $ S2(config)# banner motd $ Authorized Users Only! $
S1# copy running-config startup-config
S2# copy running-config startup-config
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:2::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:1::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:10::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:209::1/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:2::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:1::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:11::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:210::1/64
R1# copy running-config startup-config
R2# copy running-config startup-config
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 172.16.1.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
209.165.200.0/24 is variably subnetted, 2 subnets, 2 masks
R2(config)# ipv6 route 2001:db8:acad:10::/64 2001:db8:acad:1::1
R2(config)# ipv6 route ::/0 2001:db8:acad:2::1
R2(config)# ipv6 route ::/0 2001:db8:acad:1::1 80
R1(config)# ipv6 route ::/0 2001:db8:acad:2::2
IPv6 Routing Table - default - 11 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, a - Application
C 2001:DB8:ACAD:1::/64 [0/0] via GigabitEthernet0/0/1, directly connected
L 2001:DB8:ACAD:1::2/128 [0/0] via GigabitEthernet0/0/1, receive
C 2001:DB8:ACAD:2::/64 [0/0] via GigabitEthernet0/0/0, directly connected
L 2001:DB8:ACAD:2::2/128 [0/0] via GigabitEthernet0/0/0, receive
S 2001:DB8:ACAD:10::/64 [1/0] via 2001:DB8:ACAD:1::1
C 2001:DB8:ACAD:11::/64 [0/0] via Loopback1, directly connected
L 2001:DB8:ACAD:11::1/128 [0/0] via Loopback1, receive
C 2001:DB8:ACAD:210::/64 [0/0] via Loopback2, directly connected
L 2001:DB8:ACAD:210::1/128 [0/0] via Loopback2, receive
Hostname Edge ipv6 unicast-routing interface GigabitEthernet0/0 ip address 192.168.10.1 255.255.255.0 ipv6 address FE80::E link-local ipv6 address 2001:DB8:1:10::1/64 interface GigabitEthernet0/1 ip address 192.168.11.1 255.255.255.0 ipv6 address FE80::E link-local ipv6 address 2001:DB8:1:11::1/64 interface Serial0/0/0 ip address 10.10.10.2 255.255.255.252 ipv6 address FE80::E link-local ipv6 address 2001:DB8:A:1::2/64 interface Serial0/0/1 ip address 10.10.10.6 255.255.255.252 ipv6 address FE80::E link-local ipv6 address 2001:DB8:A:2::2/64 ip route 0.0.0.0 0.0.0.0 Serial0/0/0 ip route 0.0.0.0 0.0.0.0 Serial0/0/1 5
10 ipv6 route ::/0 2001:DB8:A:1::1 ipv6 route ::/0 2001:DB8:A:2::1 5
: hostname ISP1 ipv6 unicast-routing interface GigabitEthernet0/0 ip address 198.0.0.1 255.255.255.0 ipv6 address FE80::1 link-local ipv6 address 2001:DB8:F:F::1/64 interface Serial0/0/0 ip address 10.10.10.1 255.255.255.252 ipv6 address FE80::1 link-local ipv6 address 2001:DB8:A:1::1/64 ip route 192.168.10.0 255.255.255.0 Serial0/0/0 ip route 192.168.11.0 255.255.255.0 Serial0/0/0 ip route 192.168.10.0 255.255.255.0 GigabitEthernet0/0 5 ip route 192.168.11.0 255.255.255.0 GigabitEthernet0/0 5 ipv6 route 2001:DB8:1:10::/64 2001:DB8:A:1::2 ipv6 route 2001:DB8:1:11::/64 2001:DB8:A:1::2 ipv6 route 2001:DB8:1:10::/64 2001:DB8:F:F::2 5 ipv6 route 2001:DB8:1:11::/64 2001:DB8:F:F::2 5 hostname ISP2 ipv6 unicast-routing interface GigabitEthernet0/0 ip address 198.0.0.2 255.255.255.0 ipv6 address FE80::2 link-local ipv6 address 2001:DB8:F:F::2/64 interface Serial0/0/1 ipv6 address FE80::2 link-local ipv6 address 2001:DB8:A:2::1/64 ip route 192.168.10.0 255.255.255.0 Serial0/0/1 ip route 192.168.11.0 255.255.255.0 Serial0/0/1 ip route 192.168.10.0 255.255.255.0 GigabitEthernet0/0 5 ip route 192.168.11.0 255.255.255.0 GigabitEthernet0/0 5 ipv6 route 2001:DB8:1:10::/64 2001:DB8:A:2::2 ipv6 route 2001:DB8:1:11::/64 2001:DB8:A:2::2 ipv6 route 2001:DB8:1:10::/64 2001:DB8:F:F::1 5 ipv6 route 2001:DB8:1:11::/64 2001:DB8:F:F::1 5
Device Interface IP Address Subnet Mask
Gán tên cho router: router(config)# hostname R1 router(config)# hostname R2 router(config)# hostname R3
R1(config)# no ip domain lookup
R2(config)# no ip domain lookup
R3(config)# no ip domain lookup
R1(config)# banner motd $ Authorized Users Only! $
R2(config)# banner motd $ Authorized Users Only! $
R3(config)# banner motd $ Authorized Users Only! $
Gán cisco làm password cho VTY và enable login:
R1(config)# service password-encryption R2(config)# service password-encryption R3(config)# service password-encryption
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
Gán tên cho switch: switch(config)# hostname D1 switch(config)# hostname D2
D1(config)# no ip domain lookup
D2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
D1(config)# banner motd $ Authorized Users Only! $ D2(config)# banner motd $ Authorized Users Only! $
D1# copy running-config startup-config
D2# copy running-config startup-config
R1(config-if)# ip address 10.0.12.1 255.255.255.0 R1(config-if)# no shutdown
R1(config-subif)# ip address 172.16.1.1 255.255.255.0 R1(config-subif)# no shutdown
R1(config-subif)# ip address 192.168.1.1 255.255.255.0 R1(config-subif)# no shutdown
R1(config)# ip dhcp pool HOSTS
D1(config-vlan)# name HOST-VLAN-2
D1(config-if)# switchport trunk encapsulation dot1q
D1(config-if)# switchport mode trunk
Gán interface vào vlan 2 trên D1:
D1(config-if)# switchport mode access
D1(config-if)# switchport access vlan 2
R2(config-router)# eigrp router-id 2.2.2.2
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af)# eigrp router-id 1.1.1.1
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# eigrp router-id 3.3.3.3
D2(config)# router eigrp BASIC-EIGRP-LAB
D2(config-router)# address-family ipv4 unicast autonomous-system 27
D2(config-router-af)# eigrp router-id 132.132.132.132
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27 R1(config-router-af)# af-interface g0/0/1.2
R1(config-router-af-interface)# passive-interface
R1(config-router-af-interface)# end
R2(config-router)# passive-interface default
R2(config-router)# no passive-interface g0/0/0
R2(config-router)# no passive-interface g0/0/1
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# af-interface default
R3(config-router-af-interface)# passive-interface
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# end
R3# show ip protocols | section Passive
Loopback0 y tính PC1 ping thành công R3
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
R1# show ip eigrp topology all-links
P 192.168.3.0/24, 2 successors, FD is 196689920, serno 8 via 10.0.12.2 (196689920/131153920), g0/0/0 via 172.16.1.2 (196689920/131153920), g0/0/1.1
P 172.16.13.0/24, 1 successors, FD is 196608000, serno 7 via 172.16.1.2 (196608000/131072000), g0/0/1.1 via 10.0.12.2 (262144000/196608000), g0/0/0
P 192.168.1.0/24, 1 successors, FD is 131072000, serno 2 via Connected, g0/0/1.2 via Connected, g0/0/1.1
P 10.0.23.0/24, 1 successors, FD is 196608000, serno 4 via 10.0.12.2 (196608000/131072000), g0/0/0 via 172.16.1.2 (262144000/196608000), g0/0/1.1
P 10.0.12.0/24, 1 successors, FD is 131072000, serno 3 via Connected, g0/0/0 nhau
R3# show ip route eigrp | section 192.168.1.0
R3# show ip route eigrp | section 192.168.1.0
EIGRP-AUTHEN-KEY trên R1, R2, R3, D2 key-string là $3cre7!!
R1(config)# key chain EIGRP-AUTHEN-KEY
R1(config-keychain-key)# key-string $3cre7!!
R2(config-if)# ip authentication key-chain eigrp 27 EIGRP-AUTHEN-KEY
R2(config-if)# ip authentication mode eigrp 27 md5
R2(config-if)# ip authentication key-chain eigrp 27 EIGRP-AUTHEN-KEY
R2(config-if)# ip authentication mode eigrp 27 md5
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af)# af-interface g0/0/0
R1(config-router-af-interface)# authentication key-chain EIGRP-AUTHEN-KEY R1(config-router-af-interface)# authentication mode md5
R1(config-router-af-interface)# end
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# authentication key-chain EIGRP-AUTHEN-KEY R3(config-router-af-interface)# authentication mode md5
R3(config-router-af-interface)# end md5 R1# show ip eigrp interface detail | section G0/0/0
Authentication mode is md5, key-chain is "EIGRP-AUTHEN-KEY"
- $3cre7!! trên R1 và D2 có cùng Named EIGRP
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! R1(config-router-af-interface)# end
D2(config)# router eigrp BASIC-EIGRP-LAB
D2(config-router)# address-family ipv4 unicast autonomous-system 27
D2(config-router-af)# af-interface g1/0/1
D2(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! D2(config-router-af-interface)# end
Authentication mode HMAC-SHA-256 R1# show ip eigrp interface detail | section G0/0/1.1
Authentication mode is HMAC-SHA-256, key-chain is not set
Device Interface IPv6 Address/Prefix Length Link Local Address
Device Interface IPv6 Address/Prefix Length Link Local Address R2
R1(config)# no ip domain lookup
R1(config)# banner motd # R1, Implement EIGRP for IPv6 #
R1(config-if)# ipv6 address 2001:db8:cafe:1::1/64
R1(config-if)# ipv6 address fe80::1:1 link-local
R1(config-if)# no ip address
R1(config-subif)# description VLAN 1 Interface
R1(config-subif)# ipv6 address fe80::1:2 link-local
R1(config-subif)# ipv6 address 2001:db8:acad:1::1/64
R1(config-subif)# description VLAN 2 Interface
R1(config-subif)# ipv6 address fe80::1:3 link-local
R1(config-subif)# ipv6 address 2001:db8:acad:2::1/64
R2(config)# no ip domain lookup
R2(config)# banner motd # R2, Implement EIGRP for IPv6 #
R2(config-if)# ipv6 address 2001:db8:cafe:1::2/64
R2(config-if)# ipv6 address fe80::2:1 link-local
R2(config-if)# ipv6 address 2001:db8:cafe:2::2/64
R2(config-if)#ipv6 address fe80::2:2 link-local
R2(config-if)# description Internet host
R2(config-if)# ipv6 address 2001:db8:ff:999::153/64
R2(config-if)# ipv6 address 2001:db8:cede::1/64
R2(config-if)# ipv6 address fe80::2:4 link-local
R2(config-if)# ipv6 address 2001:db8:cede:1::1/64
R2(config-if)# ipv6 address fe80::2:5 link-local
R3(config)# no ip domain lookup
R3(config)# banner motd # R3, Implement EIGRP for IPv6 #
R3(config-if)# ipv6 address fe80::3:1 link-local R3(config-if)# ipv6 address 2001:db8:cafe:2::1/64 R3(config-if)# no shutdown
R3(config-if)#ipv6 address fe80::3:2 link-local R3(config-if)# ipv6 address 2001:db8:acad:3::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:3 link-local R3(config-if)# ipv6 address 2001:db8:abcd:8::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:4 link-local R3(config-if)# ipv6 address 2001:db8:abcd:9::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:5 link-local R3(config-if)# ipv6 address 2001:db8:abcd:10::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:6 link-local R3(config-if)# ipv6 address 2001:db8:abcd:11::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:7 link-local
R3(config-if)# ipv6 address 2001:db8:abcd:12::1/64
D1(config)# no ip domain lookup
D1(config)# banner motd # D1, Implement EIGRP for IPv6 #
D1(config-vlan)# name HOST-VLAN
D1(config-if)# switchport trunk encapsulation dot1q
D1(config-if)# switchport mode trunk
D1(config-if)# switchport mode access
D1(config-if)# switchport access vlan 2
D2(config)# no ip domain lookup
D2(config)# banner motd # D2, Implement EIGRP for IPv6 #
D2(config-if)# ipv6 address fe80::d1:1 link-local
D2(config-if)# ipv6 address 2001:Db8:acad:1::2/64
D2(config-if)# ipv6 address fe80::d1:2 link-local
D2(config-if)# ipv6 address 2001:db8:acad:3::2/64
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D2# copy running-config startup-config fe80::1:3
R2(config-rtr)# eigrp router-id 2.2.2.2
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# eigrp router-id 1.1.1.1
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# eigrp router-id 3.3.3.3
D2(config)# router eigrp EIGRP_IPV6
D2(config-router)# address-family ipv6 unicast autonomous-system 43
D2(config-router-af)# eigrp router-id 132.132.132.132
# show ipv6 route eigrp uccessor và feasible successor
R1# show ipv6 eigrp topology all-links
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/1.2
R1(config-router-af-interface)# passive-interface
R1(config-router-af-interface)# end
(Classic EIGRP) R2(config)# ipv6 router eigrp 43
R2(config-rtr)# passive-interface default
R2(config-rtr)# no passive-interface g0/0/0
R2(config-rtr)# no passive-interface g0/0/1
RP) R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface default
R3(config-router-af-interface)# passive-interface
R3(config-router-af-interface)# exit-af-interface
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# exit-af-interface
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# end
R3# show ipv6 protocols | include (passive
Loopback4 (passive) Loopback3 (passive) Loopback2 (passive) Loopback1 (passive) hình default route trên R2 qua interface Loopback0 R2(config)# ipv6 route ::/0 2001:db8:ff:999::1
R2(config-rtr)# no redistribute static
R2(config-if)# ipv6 summary-address eigrp 43 ::/0
R2(config-if)# ipv6 summary-address eigrp 43 ::/0
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# summary-address 2001:db8:abcd::/56
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# summary-address 2001:db8:abcd::/56
R3(config-router-af-interface)# end
D 2001:DB8:ABCD::/56 [90/1536640] via FE80::D1:1, Ethernet0/1.1
-AUTHEN-KEY trên R1, R2, R3, D2 i key-string là
R1(config)# key chain EIGRPv6-AUTHEN-KEY
R1(config-keychain-key)# key-string $3cre7!!
R2(config-if)# ipv6 authentication key-chain eigrp 43 EIGRPv6-AUTHEN-KEY R2(config-if)# ipv6 authentication mode eigrp 43 md5
R2(config-if)# ipv6 authentication key-chain eigrp 43 EIGRPv6-AUTHEN-KEY R2(config-if)# ipv6 authentication mode eigrp 43 md5
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/0
R1(config-router-af-interface)# authentication key-chain EIGRPv6-AUTHEN-KEY R1(config-router-af-interface)# authentication mode md5
R1(config-router-af-interface)# end
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# authentication key-chain EIGRPv6-AUTHEN-KEY R3(config-router-af-interface)# authentication mode md5
R3(config-router-af-interface)# end thentication mode md5 R1# show ipv6 eigrp interface detail | section Gi0/0/0
Authentication mode is md5, key-chain is "EIGRP-AUTHEN-KEY"
- G0/0/1.1, R3 interface G0/0/1, và D2 interfaces G1/0/1 - G1/0/11 có cùng Named EIGRP
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/1.1
R1(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! R1(config-router-af-interface)# end
-SHA-256 R1# show ipv6 eigrp interface detail | section Gi0/0/1.1
Authentication mode is HMAC-SHA-256, key-chain is not set
R2(config-if)# no ipv6 summary-address eigrp 43 ::/0
R2(config-if)# no ipv6 summary-address eigrp 43 ::/0
R3# show ipv6 route eigrp | section 2001:DB8:ACAD:2::/64
D 2001:DB8:ACAD:2::/64 [90/2048000] via FE80::2:2, Ethernet0/0 via FE80::D1:2, Ethernet0/1
R3# show ipv6 route eigrp | section 2001:DB8:ACAD:2::/64
D 2001:DB8:ACAD:2::/64 [90/2048000] via FE80::D1:2, Ethernet0/1
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# topology base
R3(config-router-af-topology)# variance 2
R3(config-router-af-topology)# exit
SINGLE-AREA OSPFV2
R1(config)#no ip domain lookup
R1(config-if)# ip address 192.168.1.1 255.255.255.192 R1(config-if)# no shut
R1(config-if)#ip address 10.10.0.1 255.255.255.248 R1(config-if)# no shut
D1(config)# no ip domain lookup
D1(config-if)# ip address 10.10.0.2 255.255.255.248 D1(config-if)# no shut
D1(config-if)# ip address 10.10.8.1 255.255.255.0 D1(config-if)# no shut
D1(config-if)# ip address 10.10.9.1 255.255.255.0 D1(config-if)# no shut
D2(config)# no ip domain lookup
R1# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
R1# show ip interface brief | include manual
GigabitEthernet0/0/1 10.10.0.1 YES manual up up Loopback0 209.165.200.225 YES manual up up Loopback1 192.168.1.1 YES manual up up
D1# show ip interface brief | include manual
GigabitEthernet1/0/5 10.10.0.2 YES manual up up GigabitEthernet1/0/23 10.10.8.1 YES manual up up GigabitEthernet1/0/24 10.10.9.1 YES manual up up
D2# show ip interface brief | include manual
GigabitEthernet1/0/5 10.10.0.3 YES manual up up GigabitEthernet1/0/23 10.10.24.1 YES manual up up GigabitEthernet1/0/24 10.10.25.1 YES manual up up
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 10.10.0.2, timeout is 2 seconds: !!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms R1# ping 10.10.0.3
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 10.10.0.3, timeout is 2 seconds: !!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
R1(config-if)# ip ospf network point-to-point
R1(config-if)# ip ospf 123 area 0
R1(config-if)#ip ospf 123 area 0
R1# show ip protocols | section ospf
Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 209.165.200.225
Number of areas in this router is 1 1 normal 0 stub 0 nssa Maximum path: 4
Routing on Interfaces Configured Explicitly (Area 0):
Reset ALL OSPF processes? [no]: yes R1# show ip protocol | include Router ID
Reset ALL OSPF processes? [no]: yes D1# show ip protocol | include Router ID
Reset ALL OSPF processes? [no]: yes
D2# show ip protocols | include Router ID
R1# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
D1# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
O 10.10.25.0/24 [110/20] via 10.10.0.3, 00:11:17, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
D2# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
O 10.10.9.0/24 [110/20] via 10.10.0.2, 00:14:26, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
R1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
D1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
D2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
R1(config-router)# default-information originate
R1# show ip route static | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D1# show ip route | include Gateway|0/0
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
D2# show ip route | include Gateway|0/0
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
O*E2 0.0.0.0/0 [110/1] via 10.10.0.1, 00:09:36, GigabitEthernet1/0/5 passive interfaces trên R1, D1 và D2
R1(config-router)# passive-interface lo1
D1(config-router)# passive-interface default
D1(config-router)# no passive-interface g1/0/5
D2(config-router)# passive-interface default
D2(config-router)# no passive-interface g1/0/5
R1# show ip protocols | section ospf
R1(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers R1(config-router)# end
D1(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers D1(config-router)# end
D2(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers D2(config-router)# end
, D1, D2 R1# show ip ospf | include Ref
D1# show ip ospf | include Ref
D2# show ip ospf | include Ref
R1# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.10.25.0/24 [110/20] via 10.10.0.3, 00:02:48, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
D2# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.10.9.0/24 [110/20] via 10.10.0.2, 00:00:10, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
Hello timers và Dead timers
R1(config-if)# ip ospf hello-interval 5
R1(config-if)# ip ospf dead-interval 20
D1(config-if)# ip ospf hello-interval 5
D1(config-if)# ip ospf dead-interval 20
D2(config-if)# ip ospf hello-interval 5
D2(config-if)# ip ospf dead-interval 20
R1# show ip ospf interface g0/0/1 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5 D1# show ip ospf interface g1/0/5 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5 D2# show ip ospf interface g1/0/5 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
DR và BDR trong OSPF
Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 1 FULL/BDR 00:00:34 10.10.0.2 G0/0/1
GigabitEthernet0/0/1 is up, line protocol is up
Internet Address 10.10.0.1/29, Interface ID 7, Area 0
Process ID 123, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 10 Topology-MTID Cost Disabled Shutdown Topology Name
Enabled by interface config, including secondary ip addresses
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 3.3.3.3, Interface address 10.10.0.3
Backup Designated router (ID) 2.2.2.2, Interface address 10.10.0.2 Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Can be protected by per-prefix Loop-Free FastReroute
Can be used for per-prefix Loop-Free FastReroute repair paths
Not Protected by per-prefix TI-LFA
Last flood scan length is 1, maximum is 2
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Adjacent with neighbor 3.3.3.3 (Designated Router)
D2(config-if)# ip ospf priority 0
R1(config-if)# ip ospf priority 255
Neighbor ID Pri State Dead Time Address Interface
R1# show ip ospf interface g0/0/1 | include State
Transmit Delay is 1 sec, State DR, Priority 255
Neighbor ID Pri State Dead Time Address Interface
MULTI-AREA OSPFV2
R1(config)# no ip domain lookup
R1(config)# banner motd # This is R1, Implement Multi-Area OSPFv2 Lab #
R2(config)# no ip domain lookup
R2(config)# banner motd # This is R2, Implement Multi-Area OSPFv2 Lab #
R3(config)# no ip domain lookup
R3(config)# banner motd # This is R3, Implement Multi-Area OSPFv2 Lab #
D1(config)# no ip domain lookup
D1(config)# banner motd # This is D1, Implement Multi-Area OSPFv2 Lab #
D2(config)# no ip domain lookup
D2(config)# banner motd # This is D2, Implement Multi-Area OSPFv2 Lab #
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
R1# show ip interface brief | include manual
GigabitEthernet0/0/0 172.16.0.2 YES manual up up GigabitEthernet0/0/1 10.10.0.1 YES manual up up
R2# show ip interface brief | include manual GigabitEthernet0/0/0 172.16.0.1 YES manual up up GigabitEthernet0/0/1 172.16.1.1 YES manual up up Loopback0 209.165.200.225 YES manual up up
R3# show ip interface brief | include manual GigabitEthernet0/0/0 172.16.1.2 YES manual up up GigabitEthernet0/0/1 10.10.4.1 YES manual up up
D1# show ip interface brief | include manual GigabitEthernet1/0/11 10.10.0.2 YES manual up up GigabitEthernet1/0/23 10.10.1.1 YES manual up up
GigabitEthernet1/0/11 10.10.4.2 YES manual up up
GigabitEthernet1/0/23 10.10.5.1 YES manual up up
D1(config-router)# auto-cost reference-bandwidth 1000
*** IP Routing is NSF aware ***
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
D1#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi1/0/23 123 1 10.10.1.1/24 100 DR 0/0
R1(config-router)# auto-cost reference-bandwidth 1000
R1# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 1.1.1.1
It is an area border router
Number of areas in this router is 2 2 normal 0 stub 0 nssa Maximum path: 4
R1#show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 1
SPF algorithm last executed 00:12:29.782 ago
Number of LSA 3 Checksum Sum 0x0142E6
Number of opaque link LSA 0 Checksum Sum 0x000000
Number of interfaces in this area is 1
SPF algorithm last executed 00:12:19.777 ago
Number of LSA 4 Checksum Sum 0x01C317
Number of opaque link LSA 0 Checksum Sum 0x000000
R1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/0 123 0 172.16.0.2/30 1 DR 0/0
Neighbor ID Pri State Dead Time Address Interface
R1# show ip ospf neighbor detail
Neighbor 1.1.1.2, interface address 10.10.0.2, interface-id 38
In the area 1 via interface GigabitEthernet0/0/1
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R1#show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
Known via "ospf 123", distance 110, metric 11, type intra area
Last update from 10.10.0.2 on GigabitEthernet0/0/1, 00:25:25 ago
Route metric is 11, traffic share count is 1
R2(config-router)# auto-cost reference-bandwidth 1000
R2(config-router)# default-information originate
R2# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
R2#show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 2
SPF algorithm last executed 00:05:04.999 ago
Number of LSA 5 Checksum Sum 0x01F6E8
Number of opaque link LSA 0 Checksum Sum 0x000000
R2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/1 123 0 172.16.1.1/30 1 DR 0/0
Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/DR 00:00:36 172.16.0.2 G0/0/0
R2# show ip ospf neigh detail
Neighbor 1.1.1.1, interface address 172.16.0.2, interface-id 5
In the area 0 via interface GigabitEthernet0/0/0
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R2# show ip route static | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
Known via "ospf 123", distance 110, metric 12, type inter area
Last update from 172.16.0.2 on GigabitEthernet0/0/0, 00:31:08 ago
Route metric is 12, traffic share count is 1
R3(config-router)# auto-cost reference-bandwidth 1000
R3# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
It is an area border router
Number of areas in this router is 2 2 normal 0 stub 0 nssa
R3# show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 1
SPF algorithm last executed 00:10:38.256 ago
Number of LSA 8 Checksum Sum 0x0396BA
Number of opaque link LSA 0 Checksum Sum 0x000000 Number of DCbitless LSA 0
Number of interfaces in this area is 1
SPF algorithm last executed 00:10:13.755 ago
Number of LSA 6 Checksum Sum 0x0362CF
Number of opaque link LSA 0 Checksum Sum 0x000000 Number of DCbitless LSA 0
R3# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/0 123 0 172.16.1.2/30 1 BDR 1/1
Neighbor ID Pri State Dead Time Address Interface 2.2.2.1 1 FULL/DR 00:00:31 172.16.1.1 G0/0/0
R3# show ip ospf neighbor detail
Neighbor 2.2.2.1, interface address 172.16.1.1, interface-id 6
In the area 0 via interface GigabitEthernet0/0/0
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R3# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.1.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
Known via "ospf 123", distance 110, metric 1, candidate default path Tag 123, type extern 2, forward metric 1
Last update from 172.16.1.1 on GigabitEthernet0/0/0, 00:28:41 ago Routing Descriptor Blocks:
* 172.16.1.1, from 2.2.2.1, 00:28:41 ago, via GigabitEthernet0/0/0 Route metric is 1, traffic share count is 1
Known via "ospf 123", distance 110, metric 13, type inter area
Last update from 172.16.1.1 on GigabitEthernet0/0/0, 00:29:10 ago Routing Descriptor Blocks:
* 172.16.1.1, from 1.1.1.1, 00:29:10 ago, via GigabitEthernet0/0/0 Route metric is 13, traffic share count is 1
D2(config-router)# auto-cost reference-bandwidth 1000
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
D2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi1/0/23 123 2 10.10.5.1/24 10 DR 0/0 G11/0/11 123 2 10.10.4.2/30 1 BDR 1/1
Neighbor ID Pri State Dead Time Address Interface 3.3.3.1 1 FULL/BDR 00:00:33 10.10.4.1 G1/0/11
D2# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.4.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
Known via "ospf 123", distance 110, metric 1, candidate default path
Tag 123, type extern 2, forward metric 2
Last update from 10.10.4.1 on G1/0/11, 00:18:31 ago
Route metric is 1, traffic share count is 1
Pinging 10.10.5.10 with 32 bytes of data:
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR 00:00:32 10.10.0.1 G1/0/11
D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
OSPF Router with ID (1.1.1.2) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1806 0x80000005 0x00DC15 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
D1# show ip ospf database router
OSPF Router with ID (1.1.1.2) (Process ID 123)
Routing Bit Set on this LSA in topology Base with MTID 0
Options: (No TOS-capability, DC)
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.0.2 (Link Data) Router Interface address: 10.10.0.1 Number of TOS metrics: 0
Options: (No TOS-capability, DC)
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.0.2 (Link Data) Router Interface address: 10.10.0.2 Number of MTID metrics: 0
(Link ID) Network/subnet number: 10.10.1.0
Xem thông tin network LSA type 2
D1# show ip ospf database network
OSPF Router with ID (1.1.1.2) (Process ID 123)
Options: (No TOS-capability, DC)
Link State ID: 10.10.0.2 (address of Designated Router)
Xem thông tin network LSA type 3
D1# show ip ospf database summary
OSPF Router with ID (1.1.1.2) (Process ID 123)
Summary Net Link States (Area 1)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 10.10.4.0 (summary Network Number)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 10.10.5.0 (summary Network Number) Advertising Router: 1.1.1.1
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 172.16.0.0 (summary Network Number) Advertising Router: 1.1.1.1
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 172.16.1.0 (summary Network Number) Advertising Router: 1.1.1.1
Xem thông tin network LSA type 4
D1# show ip ospf database asbr-summary
OSPF Router with ID (1.1.1.2) (Process ID 123)
Summary ASB Link States (Area 1)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 2.2.2.1 (AS Boundary Router address)
Xem thông tin network LSA type 5
D1# show ip ospf database external
OSPF Router with ID (1.1.1.2) (Process ID 123)
Type-5 AS External Link States
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 0.0.0.0 (External Network Number )
Metric Type: 2 (Larger than any link state path)
OSPF Router with ID (1.1.1.1) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1250 0x80000009 0x001E87 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1250 0x80000009 0x00D419 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
OSPF Router with ID (2.2.2.1) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1790 0x80000009 0x001E87 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
MULTI-AREA OSPFV3
Device Interface IPv4 Address IPv6 Address IPv6 Link-Local R1 G0/0/0 172.16.0.2/30 2001:db8:acad:a001::2/64 fe80::1:2
R1(config)# no ip domain lookup
R1(config-if)# ipv6 add 2001:db8:acad:a001::2/64 R1(config-if)# ipv6 add fe80::1:2 link-local
R1(config-if)# ip add 10.10.0.1 255.255.255.252 R1(config-if)# ipv6 add 2001:db8:acad:1001::1/64 R1(config-if)# ipv6 add fe80::1:1 link-local
R2(config)# no ip domain lookup
R2(config-if)# ip add 172.16.0.1 255.255.255.252 R2(config-if)# ipv6 add 2001:db8:acad:a001::1/64 R2(config-if)# ipv6 add fe80::2:1 link-local
R2(config-if)# ip address 172.16.1.1 255.255.255.252 R2(config-if)# ipv6 add 2001:db8:acad:a002::1/64 R2(config-if)# ipv6 add fe80::2:2 link-local
R2(config-if)# ipv6 add 2001:db8:feed:209::1/64
R2(config-if)# ipv6 add fe80::2:3 link-local
R3(config)# no ip domain lookup
R3(config-if)# ipv6 add 2001:db8:acad:a002::2/64
R3(config-if)# ipv6 add fe80::3:2 link-local
R3(config-if)# ipv6 add 2001:db8:acad:2001::1/64
R3(config-if)# ipv6 add fe80::3:1 link-local
D1(config)# no ip domain lookup
D1(config-if)# ip address 10.10.0.2 255.255.255.252 D1(config-if)# ipv6 add 2001:db8:acad:1001::2/64 D1(config-if)# ipv6 add fe80::d1:2 link-local
D1(config-if)# ip address 10.10.1.1 255.255.255.0 D1(config-if)# ipv6 add 2001:db8:acad:1002::1/64 D1(config-if)# ipv6 add fe80::d1:1 link-local
D2(config)# no ip domain lookup
D2(config-if)# ip address 10.10.4.2 255.255.255.252 D2(config-if)# ipv6 add 2001:db8:acad:2001::2/64 D2(config-if)# ipv6 add fe80::d2:2 link-local
D2(config-if)# ipv6 add 2001:db8:acad:2002::1/64
D2(config-if)# ipv6 add fe80::d2:1 link-local
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
2001:DB8:ACAD:1001::/64 attached to GigabitEthernet1/0/11
2001:DB8:ACAD:1001::2/128 receive for GigabitEthernet1/0/11
2001:DB8:ACAD:1002::/64 attached to GigabitEthernet1/0/23
2001:DB8:ACAD:1002::1/128 receive for GigabitEthernet1/0/23
D1(config-if)# ipv6 ospf 123 area 1
D1(config-if)# ipv6 ospf 123 area 1
Routing Process "ospfv3 123" with ID 1.1.1.2
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243) Event-log enabled, Maximum number of events: 1000, Mode: cyclic Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission limit dc 24 non-dc 24
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 0 Checksum Sum 0x000000
Number of areas in this router is 1 1 normal 0 stub 0 nssa
Graceful restart helper support enabled
Reference bandwidth unit is 100 mbps
Number of interfaces in this area is 2
Number of LSA 12 Checksum Sum 0x0486C1
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "ND"
IPv6 Routing Protocol is "ospf 123"
Number of areas: 1 normal, 0 stub, 0 nssa
R1(config-router)# address-family ? ipv4 Address family ipv6 Address family
R1(config-router)# address-family ipv4 ? unicast Address Family modifier vrf Specify parameters for a VPN Routing/Forwarding instance
R1(config-router)# address-family ipv4 unicast
Router Address Family configuration commands: adjacency Control adjacency formation area OSPF area parameters authentication Authentication parameters auto-cost Calculate OSPF interface cost according to bandwidth auto-cost-determination Calculate OSPF interface cost according to bandwidth bfd BFD configuration commands compatible Compatibility list default Set a command to its defaults default-information Control distribution of default information default-metric Set metric of redistributed routes discard-route Enable or disable discard-route installation distance Define an administrative distance distribute-list Filter networks in routing updates event-log Event Logging exit-address-family Exit from Address Family configuration mode graceful-restart Graceful-restart options help Description of the interactive help system interface-id Source of the interface ID limit Limit a specific OSPF feature local-rib-criteria Enable or disable usage of local RIB as route criteria log-adjacency-changes Log changes in adjacency state manet Specify MANET OSPF parameters max-lsa Maximum number of non self-generated LSAs to accept max-metric Set maximum metric maximum-paths Forward packets over multiple paths mpls MPLS Traffic Engineering configs no Negate a command or set its defaults passive-interface Suppress routing updates on an interface prefix-suppression Enable prefix suppression process-min-time Percentage of quantum to be used before releasing CPU queue-depth Hello/Router process queue depth redistribute Redistribute information from another routing protocol router-id router-id for this OSPF process shutdown Shutdown the router process snmp Modify snmp parameters statistics Enable or disable OSPF statistics options summary-address Configure IP address summaries summary-prefix Configure IP address summaries timers Adjust routing timers
R1(config-router-af)# router-id 1.1.1.1
R1(config-router-af)# exit-address-family
R1(config-router)# address-family ipv6 unicast
R1(config-router-af)# router-id 1.1.1.1
R1(config-router-af)# exit-address-family
R1(config-if)# ospfv3 123 ipv4 area 0
R1(config-if)# ospfv3 123 ipv6 area 0
R1(config-if)# ospfv3 123 ipv4 area 1
R1(config-if)# ospfv3 123 ipv6 area 1
R2(config-router)# address-family ipv4 unicast R2(config-router-af)# router-id 2.2.2.1
R2(config-router-af)# exit-address-family R2(config-router)# address-family ipv6 unicast R2(config-router-af)# router-id 2.2.2.1
R2(config-router-af)# exit-address-family R2(config-router)# exit
R2(config-if)# ospfv3 123 ipv4 area 0
R2(config-if)# ospfv3 123 ipv6 area 0
R2(config-if)# ospfv3 123 ipv4 area 0
R2(config-if)# ospfv3 123 ipv6 area 0
R3(config-router)# address-family ipv4 unicast R3(config-router-af)# exit-address-family R3(config-router)# address-family ipv6 unicast R3(config-router-af)# exit-address-family R3(config-router)# exit
R3(config-if)# ospfv3 123 ipv4 area 0
R3(config-if)# ospfv3 123 ipv6 area 0
R3(config-if)# ospfv3 123 ipv4 area 2
R3(config-if)# ospfv3 123 ipv6 area 2
D2(config-router)# address-family ipv4 unicast
D2(config-router-af)# router-id 3.3.3.2
D2(config-router-af)# exit-address-family
D2(config-router)# address-family ipv6 unicast
D2(config-router-af)# router-id 3.3.3.2
D2(config-router-af)# exit-address-family
D2(config-if)# ospfv3 123 ipv4 area 2
D2(config-if)# ospfv3 123 ipv6 area 2
D2(config-if)# ospfv3 123 ipv4 area 2
D2(config-if)# ospfv3 123 ipv6 area 2
OSPFv3 Router with ID (1.1.1.2) (Process ID 123)
Neighbor ID Pri State Dead Time Interface ID Interface 1.1.1.1 1 FULL/DR 00:00:39 6 g1/0/11
OSPFv3 Router with ID (1.1.1.1) (Process ID 123)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:31 5 g0/0/0 1.1.1.2 1 FULL/BDR 00:00:38 471 g0/0/1
OSPFv3 123 address-family ipv4 (router-id 1.1.1.1)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:38 5 g0/0/0
OSPFv3 123 address-family ipv6 (router-id 1.1.1.1)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:32 5 g0/0/0 1.1.1.2 1 FULL/BDR 00:00:30 471 g0/0/1
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, la - LISP alt, lr - LISP site-registrations ld - LISP dyn-eid, lA - LISP away, le - LISP extranet-policy
OI 2001:DB8:ACAD:2001::/64 [110/4] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:2002::/64 [110/5] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A001::/64 [110/2] via FE80::1:1, GigabitEthernet1/0/11 via FE80::1:1, GigabitEthernet1/0/11
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
O IA 10.10.5.0/24 [110/4] via 172.16.0.1, 00:17:34, GigabitEthernet0/0/0 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, a - Application
O 2001:DB8:ACAD:1002::/64 [110/2] via FE80::D1:2, GigabitEthernet0/0/1
OI 2001:DB8:ACAD:2001::/64 [110/3] via FE80::2:1, GigabitEthernet0/0/0
OI 2001:DB8:ACAD:2002::/64 [110/4] via FE80::2:1, GigabitEthernet0/0/0
O 2001:DB8:ACAD:A002::/64 [110/2] via FE80::2:1, GigabitEthernet0/0/0
OSPFv3 Router with ID (1.1.1.2) (Process ID 123)
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 1096 0x80000009 0 1 B 1.1.1.2 1110 0x80000005 0 1 None
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 1.1.1.1 1152 0x80000001 6144 0x2002 6
OSPFv3 123 address-family ipv4 (router-id 1.1.1.1)
ADV Router Age Seq# Fragment ID Link count Bits
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 2.2.2.1 539 0x80000001 5120 0x2002 5
ADV Router Age Seq# Fragment ID Link count Bits
OSPFv3 123 address-family ipv6 (router-id 1.1.1.1)
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 530 0x80000005 0 1 B 2.2.2.1 508 0x80000009 0 2 None 3.3.3.1 508 0x80000006 0 1 B
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 2.2.2.1 539 0x80000001 5120 0x2002 5
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 553 0x80000006 0 1 B 1.1.1.2 552 0x80000025 0 1 None
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 1.1.1.2 481 0x80000016 0 0x2001 0
D2(config-router)# no passive-interface g1/0/23
D2(config-router)# address-family ipv4 unicast
D2(config-router-af)# passive-interface g1/0/23
D2(config-router-af)# exit-address-family
D2(config-router)# address-family ipv6 unicast
D2(config-router-af)# passive-interface g1/0/23
D2(config-router-af)# exit-address-family
R1(config-router)# address-family ipv6 unicast
R1(config-router-af)# area 1 range 2001:db8:acad:1000::/52
R3(config-router)# address-family ipv6 unicast
R3(config-router-af)# area 2 range 2001:db8:acad:2000::/52
OI 2001:DB8:ACAD:1000::/52 [110/3] via FE80::1:2, GigabitEthernet0/0/0
OI 2001:DB8:ACAD:2000::/52 [110/3] via FE80::3:2, GigabitEthernet0/0/1
Interface PID Area AF Cost State Nbrs F/C Gi0/0/1 123 0 ipv4 1 BDR 1/1 Gi0/0/0 123 0 ipv4 1 DR 1/1 Gi0/0/1 123 0 ipv6 1 BDR 1/1 Gi0/0/0 123 0 ipv6 1 DR 1/1
R2(config-if)# ospfv3 network point-to-point
R2(config-if)# ospfv3 network point-to-point
R1(config-if)# ospfv3 network point-to-point
R3(config-if)# ospfv3 network point-to-point
Interface PID Area AF Cost State Nbrs F/C
R2(config-router)# address-family ipv6 unicast
R2(config-router-af)# default-information originate
R2(config-router)# address-family ipv4 unicast
R2(config-router-af)# default-information originate
OE2 ::/0 [110/1], tag 123 via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:2000::/52 [110/5] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A001::/64 [110/2] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A002::/64 [110/3] via FE80::1:1, GigabitEthernet1/0/11
Gateway of last resort is 10.10.4.1 to network 0.0.0.0
EBGP TRÊN IPV4
Router R1 hostname R1 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.1.1 255.255.255.224 no shut exit
100 interface Loopback1 ip address 192.168.1.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.1.2.1 255.255.255.0 no shut exit interface Serial1/0 ip address 10.1.3.1 255.255.255.128 no shut exit interface Serial1/1 ip address 10.1.3.129 255.255.255.128 no shut exit
Router R2 hostname R2 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.2.1 255.255.255.224 no shut exit interface Loopback1 ip address 192.168.2.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.1.2.2 255.255.255.0 no shut interface FasttEthernet1/0 ip address 10.2.3.2 255.255.255.0 no shut exit
Router R3 hostname R3 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.3.1 255.255.255.224 no shut exit interface Loopback1 ip address 192.168.3.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.2.3.3 255.255.255.0 negotiation auto no shut exit interface Serial1/0 ip address 10.1.3.3 255.255.255.128 no shut exit interface Serial1/1 ip address 10.1.3.130 255.255.255.128 no shut exit
R1(config)# router bgp 1000 b -id cho R1
R1(config-router)# bgp router-id 1.1.1.1 c neighbors cho R1
R1(config-router)# neighbor 10.1.2.2 remote-as 500
R1(config-router)# neighbor 10.1.3.3 remote-as 300
R1(config-router)# neighbor 10.1.3.130 remote-as 300 d
R1(config-router)# network 192.168.1.0 mask 255.255.255.224 R1(config-router)# network 192.168.1.64 mask 255.255.255.192
R2(config)# router bgp 500 b -id cho R2
R2(config-router)# bgp router-id 2.2.2.2 c
R2(config-router)# neighbor 10.1.2.1 remote-as 1000
R2(config-router)# neighbor 10.2.3.3 remote-as 300 d
R2(config-router)# network 192.168.2.0 mask 255.255.255.224 R2(config-router)# network 192.168.2.64 mask 255.255.255.192
R3(config-router)# bgp router-id 3.3.3.3 c
R3(config-router)# no bgp default ipv4-unicast
Ch bgp default ipv4-unicast c b t m nh trên các IOS R1 và R2 s d ng ch cho phép t i giá tr IPv4 address family prefixes L nh no bgp default ipv4-unicast s t t ch , các bgp neighbors ph i IPv4 address family (AF) b ng cách c u hình th công
L nh BGP network c n ph c thi t l p v i IPv4 AF d
R3(config-router)# neighbor 10.2.3.2 remote-as 500
R3(config-router)# neighbor 10.1.3.1 remote-as 1000
R3(config-router)# neighbor 10.1.3.129 remote-as 1000
Ki m tra m i quan h láng gi ng BGP a
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set b established, R2 và R3 là idle)
BGP neighbor is 10.1.2.1, remote AS 1000, external link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:35:34
Last read 00:00:28, last write 00:00:35, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle, down for never
0 active, is not multisession capable (disabled)
R3(config-router)# address-family ipv4
R3(config-router-af)# neighbor 10.1.3.1 activate
R3(config-router-af)# neighbor 10.1.3.129 activate
R3(config-router-af)# neighbor 10.2.3.2 activate
R3(config-router-af)# network 192.168.3.0 mask 255.255.255.224 d
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip bgp neighbors | begin BGP neighbor is 10.2.3.3 BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 3.3.3.3
BGP state = Established, up for 00:12:16
Last read 00:00:37, last write 00:00:52, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
-configure R1# show running-config | section bgp router bgp 1000 bgp router-id 1.1.1.1 bgp log-neighbor-changes network 192.168.1.0 mask 255.255.255.224 network 192.168.1.64 mask 255.255.255.192 neighbor 10.1.2.2 remote-as 500 neighbor 10.1.3.3 remote-as 300 neighbor 10.1.3.130 remote-as 300
R2# show running-config | section bgp router bgp 500 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 192.168.2.0 mask 255.255.255.224 network 192.168.2.64 mask 255.255.255.192 neighbor 10.1.2.1 remote-as 1000
R3# show running-config | section bgp router bgp 300 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 10.1.3.1 remote-as 1000 neighbor 10.1.3.129 remote-as 1000 neighbor 10.2.3.2 remote-as 500
! address-family ipv4 network 192.168.3.0 mask 255.255.255.224 network 192.168.3.64 mask 255.255.255.192 neighbor 10.1.3.1 activate neighbor 10.1.3.129 activate neighbor 10.2.3.2 activate exit-address-family
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
192.168.1.0/27 a show ip bgp ip-prefix
BGP routing table entry for 192.168.1.0/27, version 14
Paths: (2 available, best #2, table default)
Origin IGP, localpref 100, valid, external rx pathid: 0, tx pathid: 0
Origin IGP, metric 0, localpref 100, valid, external, best rx pathid: 0, tx pathid: 0x0
1 b show ip bgp neighbors trên R2
BGP neighbor is 10.1.2.1, remote AS 1000, external link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:00:51
1 active, is not multisession capable (disabled)
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised and received
Stateful switchover support enabled: NO for session 1
BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 3.3.3.3
BGP state = Established, up for 16:23:45
Last read 00:00:29, last write 00:00:51, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised and received
Stateful switchover support enabled: NO for session 1
Do log neighbor state changes (via global configuration)
Default minimum time between advertisement runs is 30 seconds
C u hình và ki m tra Route Summarization và Atomic Aggregate
192.168.3.0/24 prefix aggregate-address Summary-only address-family ipv4
R1(config-router)# aggregate-address 192.168.1.0 255.255.255.0 summary-only
R3(config-router)# address-family ipv4
R3(config-router-af)# aggregate-address 192.168.3.0 255.255.255.0 summary-only c 2: Ki m tra route summarization dùng atomic aggregate a
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 5 subnets, 4 masks
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 5 subnets, 4 masks
BGP table version is 69, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network Next Hop Metric LocPrf Weight Path
BGP table version is 69, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network Next Hop Metric LocPrf Weight Path s> 192.168.1.0/27 0.0.0.0 0 32768 i
BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-
Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
BGP routing table entry for 192.168.1.0/24, version 45
Paths: (2 available, best #2, table default)
Origin IGP, localpref 100, valid, external, atomic-aggregate rx pathid: 0, tx pathid: 0
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best rx pathid: 0, tx pathid: 0x0
ADVERTISING DEFAULT ROUTE
BÀI 7: NAT TRÊN IPv4 th
1.1 C U HÌNH IPV4-IPV6 STATIC ROUTE VÀ
Device Interface IP Address / Prefix
Device Interface IP Address / Prefix
- hình static route và default route cho IPv4 trên R1, R2
Gán tên cho router: router(config)# hostname R1 router(config)# hostname R2
R1(config)# no ip domain lookup
R2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
R1(config)# banner motd $ Authorized Users Only! $
R2(config)# banner motd $ Authorized Users Only! $
R1# copy running-config startup-config
R2# copy running-config startup-config
Gán tên cho router: switch(config)# hostname R1 switch(config)# hostname R2
S1(config)# no ip domain lookup
S2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
S1(config)# banner motd $ Authorized Users Only! $ S2(config)# banner motd $ Authorized Users Only! $
S1# copy running-config startup-config
S2# copy running-config startup-config
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:2::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:1::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:10::1/64
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:209::1/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:2::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:1::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:11::2/64
R2(config-if)# ipv6 address fe80::2 link-local
R2(config-if)# ipv6 address 2001:db8:acad:210::1/64
R1# copy running-config startup-config
R2# copy running-config startup-config
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 172.16.1.2 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
209.165.200.0/24 is variably subnetted, 2 subnets, 2 masks
R2(config)# ipv6 route 2001:db8:acad:10::/64 2001:db8:acad:1::1
R2(config)# ipv6 route ::/0 2001:db8:acad:2::1
R2(config)# ipv6 route ::/0 2001:db8:acad:1::1 80
R1(config)# ipv6 route ::/0 2001:db8:acad:2::2
IPv6 Routing Table - default - 11 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, a - Application
C 2001:DB8:ACAD:1::/64 [0/0] via GigabitEthernet0/0/1, directly connected
L 2001:DB8:ACAD:1::2/128 [0/0] via GigabitEthernet0/0/1, receive
C 2001:DB8:ACAD:2::/64 [0/0] via GigabitEthernet0/0/0, directly connected
L 2001:DB8:ACAD:2::2/128 [0/0] via GigabitEthernet0/0/0, receive
S 2001:DB8:ACAD:10::/64 [1/0] via 2001:DB8:ACAD:1::1
C 2001:DB8:ACAD:11::/64 [0/0] via Loopback1, directly connected
L 2001:DB8:ACAD:11::1/128 [0/0] via Loopback1, receive
C 2001:DB8:ACAD:210::/64 [0/0] via Loopback2, directly connected
L 2001:DB8:ACAD:210::1/128 [0/0] via Loopback2, receive
Hostname Edge ipv6 unicast-routing interface GigabitEthernet0/0 ip address 192.168.10.1 255.255.255.0 ipv6 address FE80::E link-local ipv6 address 2001:DB8:1:10::1/64 interface GigabitEthernet0/1 ip address 192.168.11.1 255.255.255.0 ipv6 address FE80::E link-local ipv6 address 2001:DB8:1:11::1/64 interface Serial0/0/0 ip address 10.10.10.2 255.255.255.252 ipv6 address FE80::E link-local ipv6 address 2001:DB8:A:1::2/64 interface Serial0/0/1 ip address 10.10.10.6 255.255.255.252 ipv6 address FE80::E link-local ipv6 address 2001:DB8:A:2::2/64 ip route 0.0.0.0 0.0.0.0 Serial0/0/0 ip route 0.0.0.0 0.0.0.0 Serial0/0/1 5
10 ipv6 route ::/0 2001:DB8:A:1::1 ipv6 route ::/0 2001:DB8:A:2::1 5
: hostname ISP1 ipv6 unicast-routing interface GigabitEthernet0/0 ip address 198.0.0.1 255.255.255.0 ipv6 address FE80::1 link-local ipv6 address 2001:DB8:F:F::1/64 interface Serial0/0/0 ip address 10.10.10.1 255.255.255.252 ipv6 address FE80::1 link-local ipv6 address 2001:DB8:A:1::1/64 ip route 192.168.10.0 255.255.255.0 Serial0/0/0 ip route 192.168.11.0 255.255.255.0 Serial0/0/0 ip route 192.168.10.0 255.255.255.0 GigabitEthernet0/0 5 ip route 192.168.11.0 255.255.255.0 GigabitEthernet0/0 5 ipv6 route 2001:DB8:1:10::/64 2001:DB8:A:1::2 ipv6 route 2001:DB8:1:11::/64 2001:DB8:A:1::2 ipv6 route 2001:DB8:1:10::/64 2001:DB8:F:F::2 5 ipv6 route 2001:DB8:1:11::/64 2001:DB8:F:F::2 5 hostname ISP2 ipv6 unicast-routing interface GigabitEthernet0/0 ip address 198.0.0.2 255.255.255.0 ipv6 address FE80::2 link-local ipv6 address 2001:DB8:F:F::2/64 interface Serial0/0/1 ipv6 address FE80::2 link-local ipv6 address 2001:DB8:A:2::1/64 ip route 192.168.10.0 255.255.255.0 Serial0/0/1 ip route 192.168.11.0 255.255.255.0 Serial0/0/1 ip route 192.168.10.0 255.255.255.0 GigabitEthernet0/0 5 ip route 192.168.11.0 255.255.255.0 GigabitEthernet0/0 5 ipv6 route 2001:DB8:1:10::/64 2001:DB8:A:2::2 ipv6 route 2001:DB8:1:11::/64 2001:DB8:A:2::2 ipv6 route 2001:DB8:1:10::/64 2001:DB8:F:F::1 5 ipv6 route 2001:DB8:1:11::/64 2001:DB8:F:F::1 5
Device Interface IP Address Subnet Mask
Gán tên cho router: router(config)# hostname R1 router(config)# hostname R2 router(config)# hostname R3
R1(config)# no ip domain lookup
R2(config)# no ip domain lookup
R3(config)# no ip domain lookup
R1(config)# banner motd $ Authorized Users Only! $
R2(config)# banner motd $ Authorized Users Only! $
R3(config)# banner motd $ Authorized Users Only! $
Gán cisco làm password cho VTY và enable login:
R1(config)# service password-encryption R2(config)# service password-encryption R3(config)# service password-encryption
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
Gán tên cho switch: switch(config)# hostname D1 switch(config)# hostname D2
D1(config)# no ip domain lookup
D2(config)# no ip domain lookup
Gán cisco làm password cho VTY và enable login:
D1(config)# banner motd $ Authorized Users Only! $ D2(config)# banner motd $ Authorized Users Only! $
D1# copy running-config startup-config
D2# copy running-config startup-config
R1(config-if)# ip address 10.0.12.1 255.255.255.0 R1(config-if)# no shutdown
R1(config-subif)# ip address 172.16.1.1 255.255.255.0 R1(config-subif)# no shutdown
R1(config-subif)# ip address 192.168.1.1 255.255.255.0 R1(config-subif)# no shutdown
R1(config)# ip dhcp pool HOSTS
D1(config-vlan)# name HOST-VLAN-2
D1(config-if)# switchport trunk encapsulation dot1q
D1(config-if)# switchport mode trunk
Gán interface vào vlan 2 trên D1:
D1(config-if)# switchport mode access
D1(config-if)# switchport access vlan 2
R2(config-router)# eigrp router-id 2.2.2.2
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af)# eigrp router-id 1.1.1.1
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# eigrp router-id 3.3.3.3
D2(config)# router eigrp BASIC-EIGRP-LAB
D2(config-router)# address-family ipv4 unicast autonomous-system 27
D2(config-router-af)# eigrp router-id 132.132.132.132
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27 R1(config-router-af)# af-interface g0/0/1.2
R1(config-router-af-interface)# passive-interface
R1(config-router-af-interface)# end
R2(config-router)# passive-interface default
R2(config-router)# no passive-interface g0/0/0
R2(config-router)# no passive-interface g0/0/1
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# af-interface default
R3(config-router-af-interface)# passive-interface
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# end
R3# show ip protocols | section Passive
Loopback0 y tính PC1 ping thành công R3
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
R1# show ip eigrp topology all-links
P 192.168.3.0/24, 2 successors, FD is 196689920, serno 8 via 10.0.12.2 (196689920/131153920), g0/0/0 via 172.16.1.2 (196689920/131153920), g0/0/1.1
P 172.16.13.0/24, 1 successors, FD is 196608000, serno 7 via 172.16.1.2 (196608000/131072000), g0/0/1.1 via 10.0.12.2 (262144000/196608000), g0/0/0
P 192.168.1.0/24, 1 successors, FD is 131072000, serno 2 via Connected, g0/0/1.2 via Connected, g0/0/1.1
P 10.0.23.0/24, 1 successors, FD is 196608000, serno 4 via 10.0.12.2 (196608000/131072000), g0/0/0 via 172.16.1.2 (262144000/196608000), g0/0/1.1
P 10.0.12.0/24, 1 successors, FD is 131072000, serno 3 via Connected, g0/0/0 nhau
R3# show ip route eigrp | section 192.168.1.0
R3# show ip route eigrp | section 192.168.1.0
EIGRP-AUTHEN-KEY trên R1, R2, R3, D2 key-string là $3cre7!!
R1(config)# key chain EIGRP-AUTHEN-KEY
R1(config-keychain-key)# key-string $3cre7!!
R2(config-if)# ip authentication key-chain eigrp 27 EIGRP-AUTHEN-KEY
R2(config-if)# ip authentication mode eigrp 27 md5
R2(config-if)# ip authentication key-chain eigrp 27 EIGRP-AUTHEN-KEY
R2(config-if)# ip authentication mode eigrp 27 md5
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af)# af-interface g0/0/0
R1(config-router-af-interface)# authentication key-chain EIGRP-AUTHEN-KEY R1(config-router-af-interface)# authentication mode md5
R1(config-router-af-interface)# end
R3(config)# router eigrp BASIC-EIGRP-LAB
R3(config-router)# address-family ipv4 unicast autonomous-system 27
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# authentication key-chain EIGRP-AUTHEN-KEY R3(config-router-af-interface)# authentication mode md5
R3(config-router-af-interface)# end md5 R1# show ip eigrp interface detail | section G0/0/0
Authentication mode is md5, key-chain is "EIGRP-AUTHEN-KEY"
- $3cre7!! trên R1 và D2 có cùng Named EIGRP
R1(config)# router eigrp BASIC-EIGRP-LAB
R1(config-router)# address-family ipv4 unicast autonomous-system 27
R1(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! R1(config-router-af-interface)# end
D2(config)# router eigrp BASIC-EIGRP-LAB
D2(config-router)# address-family ipv4 unicast autonomous-system 27
D2(config-router-af)# af-interface g1/0/1
D2(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! D2(config-router-af-interface)# end
Authentication mode HMAC-SHA-256 R1# show ip eigrp interface detail | section G0/0/1.1
Authentication mode is HMAC-SHA-256, key-chain is not set
Device Interface IPv6 Address/Prefix Length Link Local Address
Device Interface IPv6 Address/Prefix Length Link Local Address R2
R1(config)# no ip domain lookup
R1(config)# banner motd # R1, Implement EIGRP for IPv6 #
R1(config-if)# ipv6 address 2001:db8:cafe:1::1/64
R1(config-if)# ipv6 address fe80::1:1 link-local
R1(config-if)# no ip address
R1(config-subif)# description VLAN 1 Interface
R1(config-subif)# ipv6 address fe80::1:2 link-local
R1(config-subif)# ipv6 address 2001:db8:acad:1::1/64
R1(config-subif)# description VLAN 2 Interface
R1(config-subif)# ipv6 address fe80::1:3 link-local
R1(config-subif)# ipv6 address 2001:db8:acad:2::1/64
R2(config)# no ip domain lookup
R2(config)# banner motd # R2, Implement EIGRP for IPv6 #
R2(config-if)# ipv6 address 2001:db8:cafe:1::2/64
R2(config-if)# ipv6 address fe80::2:1 link-local
R2(config-if)# ipv6 address 2001:db8:cafe:2::2/64
R2(config-if)#ipv6 address fe80::2:2 link-local
R2(config-if)# description Internet host
R2(config-if)# ipv6 address 2001:db8:ff:999::153/64
R2(config-if)# ipv6 address 2001:db8:cede::1/64
R2(config-if)# ipv6 address fe80::2:4 link-local
R2(config-if)# ipv6 address 2001:db8:cede:1::1/64
R2(config-if)# ipv6 address fe80::2:5 link-local
R3(config)# no ip domain lookup
R3(config)# banner motd # R3, Implement EIGRP for IPv6 #
R3(config-if)# ipv6 address fe80::3:1 link-local R3(config-if)# ipv6 address 2001:db8:cafe:2::1/64 R3(config-if)# no shutdown
R3(config-if)#ipv6 address fe80::3:2 link-local R3(config-if)# ipv6 address 2001:db8:acad:3::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:3 link-local R3(config-if)# ipv6 address 2001:db8:abcd:8::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:4 link-local R3(config-if)# ipv6 address 2001:db8:abcd:9::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:5 link-local R3(config-if)# ipv6 address 2001:db8:abcd:10::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:6 link-local R3(config-if)# ipv6 address 2001:db8:abcd:11::1/64 R3(config-if)# no shutdown
R3(config-if)# ipv6 address fe80::3:7 link-local
R3(config-if)# ipv6 address 2001:db8:abcd:12::1/64
D1(config)# no ip domain lookup
D1(config)# banner motd # D1, Implement EIGRP for IPv6 #
D1(config-vlan)# name HOST-VLAN
D1(config-if)# switchport trunk encapsulation dot1q
D1(config-if)# switchport mode trunk
D1(config-if)# switchport mode access
D1(config-if)# switchport access vlan 2
D2(config)# no ip domain lookup
D2(config)# banner motd # D2, Implement EIGRP for IPv6 #
D2(config-if)# ipv6 address fe80::d1:1 link-local
D2(config-if)# ipv6 address 2001:Db8:acad:1::2/64
D2(config-if)# ipv6 address fe80::d1:2 link-local
D2(config-if)# ipv6 address 2001:db8:acad:3::2/64
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D2# copy running-config startup-config fe80::1:3
R2(config-rtr)# eigrp router-id 2.2.2.2
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# eigrp router-id 1.1.1.1
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# eigrp router-id 3.3.3.3
D2(config)# router eigrp EIGRP_IPV6
D2(config-router)# address-family ipv6 unicast autonomous-system 43
D2(config-router-af)# eigrp router-id 132.132.132.132
# show ipv6 route eigrp uccessor và feasible successor
R1# show ipv6 eigrp topology all-links
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/1.2
R1(config-router-af-interface)# passive-interface
R1(config-router-af-interface)# end
(Classic EIGRP) R2(config)# ipv6 router eigrp 43
R2(config-rtr)# passive-interface default
R2(config-rtr)# no passive-interface g0/0/0
R2(config-rtr)# no passive-interface g0/0/1
RP) R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface default
R3(config-router-af-interface)# passive-interface
R3(config-router-af-interface)# exit-af-interface
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# exit-af-interface
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# no passive-interface
R3(config-router-af-interface)# end
R3# show ipv6 protocols | include (passive
Loopback4 (passive) Loopback3 (passive) Loopback2 (passive) Loopback1 (passive) hình default route trên R2 qua interface Loopback0 R2(config)# ipv6 route ::/0 2001:db8:ff:999::1
R2(config-rtr)# no redistribute static
R2(config-if)# ipv6 summary-address eigrp 43 ::/0
R2(config-if)# ipv6 summary-address eigrp 43 ::/0
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# summary-address 2001:db8:abcd::/56
R3(config-router-af-interface)# exit
R3(config-router-af)# af-interface g0/0/1
R3(config-router-af-interface)# summary-address 2001:db8:abcd::/56
R3(config-router-af-interface)# end
D 2001:DB8:ABCD::/56 [90/1536640] via FE80::D1:1, Ethernet0/1.1
-AUTHEN-KEY trên R1, R2, R3, D2 i key-string là
R1(config)# key chain EIGRPv6-AUTHEN-KEY
R1(config-keychain-key)# key-string $3cre7!!
R2(config-if)# ipv6 authentication key-chain eigrp 43 EIGRPv6-AUTHEN-KEY R2(config-if)# ipv6 authentication mode eigrp 43 md5
R2(config-if)# ipv6 authentication key-chain eigrp 43 EIGRPv6-AUTHEN-KEY R2(config-if)# ipv6 authentication mode eigrp 43 md5
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/0
R1(config-router-af-interface)# authentication key-chain EIGRPv6-AUTHEN-KEY R1(config-router-af-interface)# authentication mode md5
R1(config-router-af-interface)# end
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# af-interface g0/0/0
R3(config-router-af-interface)# authentication key-chain EIGRPv6-AUTHEN-KEY R3(config-router-af-interface)# authentication mode md5
R3(config-router-af-interface)# end thentication mode md5 R1# show ipv6 eigrp interface detail | section Gi0/0/0
Authentication mode is md5, key-chain is "EIGRP-AUTHEN-KEY"
- G0/0/1.1, R3 interface G0/0/1, và D2 interfaces G1/0/1 - G1/0/11 có cùng Named EIGRP
R1(config)# router eigrp EIGRP_IPV6
R1(config-router)# address-family ipv6 unicast autonomous-system 43
R1(config-router-af)# af-interface g0/0/1.1
R1(config-router-af-interface)# authentication mode hmac-sha-256 $3cre7!! R1(config-router-af-interface)# end
-SHA-256 R1# show ipv6 eigrp interface detail | section Gi0/0/1.1
Authentication mode is HMAC-SHA-256, key-chain is not set
R2(config-if)# no ipv6 summary-address eigrp 43 ::/0
R2(config-if)# no ipv6 summary-address eigrp 43 ::/0
R3# show ipv6 route eigrp | section 2001:DB8:ACAD:2::/64
D 2001:DB8:ACAD:2::/64 [90/2048000] via FE80::2:2, Ethernet0/0 via FE80::D1:2, Ethernet0/1
R3# show ipv6 route eigrp | section 2001:DB8:ACAD:2::/64
D 2001:DB8:ACAD:2::/64 [90/2048000] via FE80::D1:2, Ethernet0/1
R3(config)# router eigrp EIGRP_IPV6
R3(config-router)# address-family ipv6 unicast autonomous-system 43
R3(config-router-af)# topology base
R3(config-router-af-topology)# variance 2
R3(config-router-af-topology)# exit
R1(config)#no ip domain lookup
R1(config-if)# ip address 192.168.1.1 255.255.255.192 R1(config-if)# no shut
R1(config-if)#ip address 10.10.0.1 255.255.255.248 R1(config-if)# no shut
D1(config)# no ip domain lookup
D1(config-if)# ip address 10.10.0.2 255.255.255.248 D1(config-if)# no shut
D1(config-if)# ip address 10.10.8.1 255.255.255.0 D1(config-if)# no shut
D1(config-if)# ip address 10.10.9.1 255.255.255.0 D1(config-if)# no shut
D2(config)# no ip domain lookup
R1# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
R1# show ip interface brief | include manual
GigabitEthernet0/0/1 10.10.0.1 YES manual up up Loopback0 209.165.200.225 YES manual up up Loopback1 192.168.1.1 YES manual up up
D1# show ip interface brief | include manual
GigabitEthernet1/0/5 10.10.0.2 YES manual up up GigabitEthernet1/0/23 10.10.8.1 YES manual up up GigabitEthernet1/0/24 10.10.9.1 YES manual up up
D2# show ip interface brief | include manual
GigabitEthernet1/0/5 10.10.0.3 YES manual up up GigabitEthernet1/0/23 10.10.24.1 YES manual up up GigabitEthernet1/0/24 10.10.25.1 YES manual up up
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 10.10.0.2, timeout is 2 seconds: !!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms R1# ping 10.10.0.3
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 10.10.0.3, timeout is 2 seconds: !!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
R1(config-if)# ip ospf network point-to-point
R1(config-if)# ip ospf 123 area 0
R1(config-if)#ip ospf 123 area 0
R1# show ip protocols | section ospf
Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 209.165.200.225
Number of areas in this router is 1 1 normal 0 stub 0 nssa Maximum path: 4
Routing on Interfaces Configured Explicitly (Area 0):
Reset ALL OSPF processes? [no]: yes R1# show ip protocol | include Router ID
Reset ALL OSPF processes? [no]: yes D1# show ip protocol | include Router ID
Reset ALL OSPF processes? [no]: yes
D2# show ip protocols | include Router ID
R1# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
D1# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
O 10.10.25.0/24 [110/20] via 10.10.0.3, 00:11:17, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
D2# show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
O 10.10.9.0/24 [110/20] via 10.10.0.2, 00:14:26, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
R1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
D1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
D2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
R1(config-router)# default-information originate
R1# show ip route static | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D1# show ip route | include Gateway|0/0
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
D2# show ip route | include Gateway|0/0
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
O*E2 0.0.0.0/0 [110/1] via 10.10.0.1, 00:09:36, GigabitEthernet1/0/5 passive interfaces trên R1, D1 và D2
R1(config-router)# passive-interface lo1
D1(config-router)# passive-interface default
D1(config-router)# no passive-interface g1/0/5
D2(config-router)# passive-interface default
D2(config-router)# no passive-interface g1/0/5
R1# show ip protocols | section ospf
R1(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers R1(config-router)# end
D1(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers D1(config-router)# end
D2(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed
Please ensure reference bandwidth is consistent across all routers D2(config-router)# end
, D1, D2 R1# show ip ospf | include Ref
D1# show ip ospf | include Ref
D2# show ip ospf | include Ref
R1# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.10.25.0/24 [110/20] via 10.10.0.3, 00:02:48, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
D2# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.10.9.0/24 [110/20] via 10.10.0.2, 00:00:10, GigabitEthernet1/0/5 192.168.1.0/26 is subnetted, 1 subnets
Hello timers và Dead timers
R1(config-if)# ip ospf hello-interval 5
R1(config-if)# ip ospf dead-interval 20
D1(config-if)# ip ospf hello-interval 5
D1(config-if)# ip ospf dead-interval 20
D2(config-if)# ip ospf hello-interval 5
D2(config-if)# ip ospf dead-interval 20
R1# show ip ospf interface g0/0/1 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5 D1# show ip ospf interface g1/0/5 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5 D2# show ip ospf interface g1/0/5 | include Timer
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
DR và BDR trong OSPF
Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 1 FULL/BDR 00:00:34 10.10.0.2 G0/0/1
GigabitEthernet0/0/1 is up, line protocol is up
Internet Address 10.10.0.1/29, Interface ID 7, Area 0
Process ID 123, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 10 Topology-MTID Cost Disabled Shutdown Topology Name
Enabled by interface config, including secondary ip addresses
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 3.3.3.3, Interface address 10.10.0.3
Backup Designated router (ID) 2.2.2.2, Interface address 10.10.0.2 Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Can be protected by per-prefix Loop-Free FastReroute
Can be used for per-prefix Loop-Free FastReroute repair paths
Not Protected by per-prefix TI-LFA
Last flood scan length is 1, maximum is 2
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Adjacent with neighbor 3.3.3.3 (Designated Router)
D2(config-if)# ip ospf priority 0
R1(config-if)# ip ospf priority 255
Neighbor ID Pri State Dead Time Address Interface
R1# show ip ospf interface g0/0/1 | include State
Transmit Delay is 1 sec, State DR, Priority 255
Neighbor ID Pri State Dead Time Address Interface
R1(config)# no ip domain lookup
R1(config)# banner motd # This is R1, Implement Multi-Area OSPFv2 Lab #
R2(config)# no ip domain lookup
R2(config)# banner motd # This is R2, Implement Multi-Area OSPFv2 Lab #
R3(config)# no ip domain lookup
R3(config)# banner motd # This is R3, Implement Multi-Area OSPFv2 Lab #
D1(config)# no ip domain lookup
D1(config)# banner motd # This is D1, Implement Multi-Area OSPFv2 Lab #
D2(config)# no ip domain lookup
D2(config)# banner motd # This is D2, Implement Multi-Area OSPFv2 Lab #
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
R1# show ip interface brief | include manual
GigabitEthernet0/0/0 172.16.0.2 YES manual up up GigabitEthernet0/0/1 10.10.0.1 YES manual up up
R2# show ip interface brief | include manual GigabitEthernet0/0/0 172.16.0.1 YES manual up up GigabitEthernet0/0/1 172.16.1.1 YES manual up up Loopback0 209.165.200.225 YES manual up up
R3# show ip interface brief | include manual GigabitEthernet0/0/0 172.16.1.2 YES manual up up GigabitEthernet0/0/1 10.10.4.1 YES manual up up
D1# show ip interface brief | include manual GigabitEthernet1/0/11 10.10.0.2 YES manual up up GigabitEthernet1/0/23 10.10.1.1 YES manual up up
GigabitEthernet1/0/11 10.10.4.2 YES manual up up
GigabitEthernet1/0/23 10.10.5.1 YES manual up up
D1(config-router)# auto-cost reference-bandwidth 1000
*** IP Routing is NSF aware ***
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
D1#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi1/0/23 123 1 10.10.1.1/24 100 DR 0/0
R1(config-router)# auto-cost reference-bandwidth 1000
R1# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 1.1.1.1
It is an area border router
Number of areas in this router is 2 2 normal 0 stub 0 nssa Maximum path: 4
R1#show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 1
SPF algorithm last executed 00:12:29.782 ago
Number of LSA 3 Checksum Sum 0x0142E6
Number of opaque link LSA 0 Checksum Sum 0x000000
Number of interfaces in this area is 1
SPF algorithm last executed 00:12:19.777 ago
Number of LSA 4 Checksum Sum 0x01C317
Number of opaque link LSA 0 Checksum Sum 0x000000
R1# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/0 123 0 172.16.0.2/30 1 DR 0/0
Neighbor ID Pri State Dead Time Address Interface
R1# show ip ospf neighbor detail
Neighbor 1.1.1.2, interface address 10.10.0.2, interface-id 38
In the area 1 via interface GigabitEthernet0/0/1
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R1#show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
Known via "ospf 123", distance 110, metric 11, type intra area
Last update from 10.10.0.2 on GigabitEthernet0/0/1, 00:25:25 ago
Route metric is 11, traffic share count is 1
R2(config-router)# auto-cost reference-bandwidth 1000
R2(config-router)# default-information originate
R2# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
R2#show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 2
SPF algorithm last executed 00:05:04.999 ago
Number of LSA 5 Checksum Sum 0x01F6E8
Number of opaque link LSA 0 Checksum Sum 0x000000
R2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/1 123 0 172.16.1.1/30 1 DR 0/0
Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/DR 00:00:36 172.16.0.2 G0/0/0
R2# show ip ospf neigh detail
Neighbor 1.1.1.1, interface address 172.16.0.2, interface-id 5
In the area 0 via interface GigabitEthernet0/0/0
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R2# show ip route static | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
Known via "ospf 123", distance 110, metric 12, type inter area
Last update from 172.16.0.2 on GigabitEthernet0/0/0, 00:31:08 ago
Route metric is 12, traffic share count is 1
R3(config-router)# auto-cost reference-bandwidth 1000
R3# show ip protocols | begin ospf
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
It is an area border router
Number of areas in this router is 2 2 normal 0 stub 0 nssa
R3# show ip ospf | begin Ref
Reference bandwidth unit is 1000 mbps
Number of interfaces in this area is 1
SPF algorithm last executed 00:10:38.256 ago
Number of LSA 8 Checksum Sum 0x0396BA
Number of opaque link LSA 0 Checksum Sum 0x000000 Number of DCbitless LSA 0
Number of interfaces in this area is 1
SPF algorithm last executed 00:10:13.755 ago
Number of LSA 6 Checksum Sum 0x0362CF
Number of opaque link LSA 0 Checksum Sum 0x000000 Number of DCbitless LSA 0
R3# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi0/0/0 123 0 172.16.1.2/30 1 BDR 1/1
Neighbor ID Pri State Dead Time Address Interface 2.2.2.1 1 FULL/DR 00:00:31 172.16.1.1 G0/0/0
R3# show ip ospf neighbor detail
Neighbor 2.2.2.1, interface address 172.16.1.1, interface-id 6
In the area 0 via interface GigabitEthernet0/0/0
Neighbor priority is 1, State is FULL, 6 state changes
Options is 0x12 in Hello (E-bit, L-bit)
Options is 0x52 in DBD (E-bit, L-bit, O-bit)
Index 1/1/1, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R3# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.1.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
Known via "ospf 123", distance 110, metric 1, candidate default path Tag 123, type extern 2, forward metric 1
Last update from 172.16.1.1 on GigabitEthernet0/0/0, 00:28:41 ago Routing Descriptor Blocks:
* 172.16.1.1, from 2.2.2.1, 00:28:41 ago, via GigabitEthernet0/0/0 Route metric is 1, traffic share count is 1
Known via "ospf 123", distance 110, metric 13, type inter area
Last update from 172.16.1.1 on GigabitEthernet0/0/0, 00:29:10 ago Routing Descriptor Blocks:
* 172.16.1.1, from 1.1.1.1, 00:29:10 ago, via GigabitEthernet0/0/0 Route metric is 13, traffic share count is 1
D2(config-router)# auto-cost reference-bandwidth 1000
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Number of areas in this router is 1 1 normal 0 stub 0 nssa
D2# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C Gi1/0/23 123 2 10.10.5.1/24 10 DR 0/0 G11/0/11 123 2 10.10.4.2/30 1 BDR 1/1
Neighbor ID Pri State Dead Time Address Interface 3.3.3.1 1 FULL/BDR 00:00:33 10.10.4.1 G1/0/11
D2# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.4.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
Known via "ospf 123", distance 110, metric 1, candidate default path
Tag 123, type extern 2, forward metric 2
Last update from 10.10.4.1 on G1/0/11, 00:18:31 ago
Route metric is 1, traffic share count is 1
Pinging 10.10.5.10 with 32 bytes of data:
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Reply from 10.10.5.10: bytes2 time=1ms TTL3
Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR 00:00:32 10.10.0.1 G1/0/11
D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 6 subnets, 3 masks
OSPF Router with ID (1.1.1.2) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1806 0x80000005 0x00DC15 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
D1# show ip ospf database router
OSPF Router with ID (1.1.1.2) (Process ID 123)
Routing Bit Set on this LSA in topology Base with MTID 0
Options: (No TOS-capability, DC)
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.0.2 (Link Data) Router Interface address: 10.10.0.1 Number of TOS metrics: 0
Options: (No TOS-capability, DC)
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.10.0.2 (Link Data) Router Interface address: 10.10.0.2 Number of MTID metrics: 0
(Link ID) Network/subnet number: 10.10.1.0
Xem thông tin network LSA type 2
D1# show ip ospf database network
OSPF Router with ID (1.1.1.2) (Process ID 123)
Options: (No TOS-capability, DC)
Link State ID: 10.10.0.2 (address of Designated Router)
Xem thông tin network LSA type 3
D1# show ip ospf database summary
OSPF Router with ID (1.1.1.2) (Process ID 123)
Summary Net Link States (Area 1)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 10.10.4.0 (summary Network Number)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 10.10.5.0 (summary Network Number) Advertising Router: 1.1.1.1
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 172.16.0.0 (summary Network Number) Advertising Router: 1.1.1.1
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 172.16.1.0 (summary Network Number) Advertising Router: 1.1.1.1
Xem thông tin network LSA type 4
D1# show ip ospf database asbr-summary
OSPF Router with ID (1.1.1.2) (Process ID 123)
Summary ASB Link States (Area 1)
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 2.2.2.1 (AS Boundary Router address)
Xem thông tin network LSA type 5
D1# show ip ospf database external
OSPF Router with ID (1.1.1.2) (Process ID 123)
Type-5 AS External Link States
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 0.0.0.0 (External Network Number )
Metric Type: 2 (Larger than any link state path)
OSPF Router with ID (1.1.1.1) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1250 0x80000009 0x001E87 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1250 0x80000009 0x00D419 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
OSPF Router with ID (2.2.2.1) (Process ID 123)
Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1790 0x80000009 0x001E87 1
Link ID ADV Router Age Seq# Checksum
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
Device Interface IPv4 Address IPv6 Address IPv6 Link-Local R1 G0/0/0 172.16.0.2/30 2001:db8:acad:a001::2/64 fe80::1:2
R1(config)# no ip domain lookup
R1(config-if)# ipv6 add 2001:db8:acad:a001::2/64 R1(config-if)# ipv6 add fe80::1:2 link-local
R1(config-if)# ip add 10.10.0.1 255.255.255.252 R1(config-if)# ipv6 add 2001:db8:acad:1001::1/64 R1(config-if)# ipv6 add fe80::1:1 link-local
R2(config)# no ip domain lookup
R2(config-if)# ip add 172.16.0.1 255.255.255.252 R2(config-if)# ipv6 add 2001:db8:acad:a001::1/64 R2(config-if)# ipv6 add fe80::2:1 link-local
R2(config-if)# ip address 172.16.1.1 255.255.255.252 R2(config-if)# ipv6 add 2001:db8:acad:a002::1/64 R2(config-if)# ipv6 add fe80::2:2 link-local
R2(config-if)# ipv6 add 2001:db8:feed:209::1/64
R2(config-if)# ipv6 add fe80::2:3 link-local
R3(config)# no ip domain lookup
R3(config-if)# ipv6 add 2001:db8:acad:a002::2/64
R3(config-if)# ipv6 add fe80::3:2 link-local
R3(config-if)# ipv6 add 2001:db8:acad:2001::1/64
R3(config-if)# ipv6 add fe80::3:1 link-local
D1(config)# no ip domain lookup
D1(config-if)# ip address 10.10.0.2 255.255.255.252 D1(config-if)# ipv6 add 2001:db8:acad:1001::2/64 D1(config-if)# ipv6 add fe80::d1:2 link-local
D1(config-if)# ip address 10.10.1.1 255.255.255.0 D1(config-if)# ipv6 add 2001:db8:acad:1002::1/64 D1(config-if)# ipv6 add fe80::d1:1 link-local
D2(config)# no ip domain lookup
D2(config-if)# ip address 10.10.4.2 255.255.255.252 D2(config-if)# ipv6 add 2001:db8:acad:2001::2/64 D2(config-if)# ipv6 add fe80::d2:2 link-local
D2(config-if)# ipv6 add 2001:db8:acad:2002::1/64
D2(config-if)# ipv6 add fe80::d2:1 link-local
R1# copy running-config startup-config
R2# copy running-config startup-config
R3# copy running-config startup-config
D1# copy running-config startup-config
D2# copy running-config startup-config
2001:DB8:ACAD:1001::/64 attached to GigabitEthernet1/0/11
2001:DB8:ACAD:1001::2/128 receive for GigabitEthernet1/0/11
2001:DB8:ACAD:1002::/64 attached to GigabitEthernet1/0/23
2001:DB8:ACAD:1002::1/128 receive for GigabitEthernet1/0/23
D1(config-if)# ipv6 ospf 123 area 1
D1(config-if)# ipv6 ospf 123 area 1
Routing Process "ospfv3 123" with ID 1.1.1.2
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243) Event-log enabled, Maximum number of events: 1000, Mode: cyclic Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 50 msecs
Minimum hold time between two consecutive SPFs 200 msecs
Maximum wait time between two consecutive SPFs 5000 msecs
Minimum hold time for LSA throttle 200 msecs
Maximum wait time for LSA throttle 5000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission limit dc 24 non-dc 24
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 0 Checksum Sum 0x000000
Number of areas in this router is 1 1 normal 0 stub 0 nssa
Graceful restart helper support enabled
Reference bandwidth unit is 100 mbps
Number of interfaces in this area is 2
Number of LSA 12 Checksum Sum 0x0486C1
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "ND"
IPv6 Routing Protocol is "ospf 123"
Number of areas: 1 normal, 0 stub, 0 nssa
R1(config-router)# address-family ? ipv4 Address family ipv6 Address family
R1(config-router)# address-family ipv4 ? unicast Address Family modifier vrf Specify parameters for a VPN Routing/Forwarding instance
R1(config-router)# address-family ipv4 unicast
Router Address Family configuration commands: adjacency Control adjacency formation area OSPF area parameters authentication Authentication parameters auto-cost Calculate OSPF interface cost according to bandwidth auto-cost-determination Calculate OSPF interface cost according to bandwidth bfd BFD configuration commands compatible Compatibility list default Set a command to its defaults default-information Control distribution of default information default-metric Set metric of redistributed routes discard-route Enable or disable discard-route installation distance Define an administrative distance distribute-list Filter networks in routing updates event-log Event Logging exit-address-family Exit from Address Family configuration mode graceful-restart Graceful-restart options help Description of the interactive help system interface-id Source of the interface ID limit Limit a specific OSPF feature local-rib-criteria Enable or disable usage of local RIB as route criteria log-adjacency-changes Log changes in adjacency state manet Specify MANET OSPF parameters max-lsa Maximum number of non self-generated LSAs to accept max-metric Set maximum metric maximum-paths Forward packets over multiple paths mpls MPLS Traffic Engineering configs no Negate a command or set its defaults passive-interface Suppress routing updates on an interface prefix-suppression Enable prefix suppression process-min-time Percentage of quantum to be used before releasing CPU queue-depth Hello/Router process queue depth redistribute Redistribute information from another routing protocol router-id router-id for this OSPF process shutdown Shutdown the router process snmp Modify snmp parameters statistics Enable or disable OSPF statistics options summary-address Configure IP address summaries summary-prefix Configure IP address summaries timers Adjust routing timers
R1(config-router-af)# router-id 1.1.1.1
R1(config-router-af)# exit-address-family
R1(config-router)# address-family ipv6 unicast
R1(config-router-af)# router-id 1.1.1.1
R1(config-router-af)# exit-address-family
R1(config-if)# ospfv3 123 ipv4 area 0
R1(config-if)# ospfv3 123 ipv6 area 0
R1(config-if)# ospfv3 123 ipv4 area 1
R1(config-if)# ospfv3 123 ipv6 area 1
R2(config-router)# address-family ipv4 unicast R2(config-router-af)# router-id 2.2.2.1
R2(config-router-af)# exit-address-family R2(config-router)# address-family ipv6 unicast R2(config-router-af)# router-id 2.2.2.1
R2(config-router-af)# exit-address-family R2(config-router)# exit
R2(config-if)# ospfv3 123 ipv4 area 0
R2(config-if)# ospfv3 123 ipv6 area 0
R2(config-if)# ospfv3 123 ipv4 area 0
R2(config-if)# ospfv3 123 ipv6 area 0
R3(config-router)# address-family ipv4 unicast R3(config-router-af)# exit-address-family R3(config-router)# address-family ipv6 unicast R3(config-router-af)# exit-address-family R3(config-router)# exit
R3(config-if)# ospfv3 123 ipv4 area 0
R3(config-if)# ospfv3 123 ipv6 area 0
R3(config-if)# ospfv3 123 ipv4 area 2
R3(config-if)# ospfv3 123 ipv6 area 2
D2(config-router)# address-family ipv4 unicast
D2(config-router-af)# router-id 3.3.3.2
D2(config-router-af)# exit-address-family
D2(config-router)# address-family ipv6 unicast
D2(config-router-af)# router-id 3.3.3.2
D2(config-router-af)# exit-address-family
D2(config-if)# ospfv3 123 ipv4 area 2
D2(config-if)# ospfv3 123 ipv6 area 2
D2(config-if)# ospfv3 123 ipv4 area 2
D2(config-if)# ospfv3 123 ipv6 area 2
OSPFv3 Router with ID (1.1.1.2) (Process ID 123)
Neighbor ID Pri State Dead Time Interface ID Interface 1.1.1.1 1 FULL/DR 00:00:39 6 g1/0/11
OSPFv3 Router with ID (1.1.1.1) (Process ID 123)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:31 5 g0/0/0 1.1.1.2 1 FULL/BDR 00:00:38 471 g0/0/1
OSPFv3 123 address-family ipv4 (router-id 1.1.1.1)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:38 5 g0/0/0
OSPFv3 123 address-family ipv6 (router-id 1.1.1.1)
Neighbor ID Pri State Dead Time Interface ID Interface 2.2.2.1 1 FULL/BDR 00:00:32 5 g0/0/0 1.1.1.2 1 FULL/BDR 00:00:30 471 g0/0/1
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, la - LISP alt, lr - LISP site-registrations ld - LISP dyn-eid, lA - LISP away, le - LISP extranet-policy
OI 2001:DB8:ACAD:2001::/64 [110/4] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:2002::/64 [110/5] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A001::/64 [110/2] via FE80::1:1, GigabitEthernet1/0/11 via FE80::1:1, GigabitEthernet1/0/11
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
O IA 10.10.5.0/24 [110/4] via 172.16.0.1, 00:17:34, GigabitEthernet0/0/0 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, a - Application
O 2001:DB8:ACAD:1002::/64 [110/2] via FE80::D1:2, GigabitEthernet0/0/1
OI 2001:DB8:ACAD:2001::/64 [110/3] via FE80::2:1, GigabitEthernet0/0/0
OI 2001:DB8:ACAD:2002::/64 [110/4] via FE80::2:1, GigabitEthernet0/0/0
O 2001:DB8:ACAD:A002::/64 [110/2] via FE80::2:1, GigabitEthernet0/0/0
OSPFv3 Router with ID (1.1.1.2) (Process ID 123)
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 1096 0x80000009 0 1 B 1.1.1.2 1110 0x80000005 0 1 None
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 1.1.1.1 1152 0x80000001 6144 0x2002 6
OSPFv3 123 address-family ipv4 (router-id 1.1.1.1)
ADV Router Age Seq# Fragment ID Link count Bits
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 2.2.2.1 539 0x80000001 5120 0x2002 5
ADV Router Age Seq# Fragment ID Link count Bits
OSPFv3 123 address-family ipv6 (router-id 1.1.1.1)
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 530 0x80000005 0 1 B 2.2.2.1 508 0x80000009 0 2 None 3.3.3.1 508 0x80000006 0 1 B
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 2.2.2.1 539 0x80000001 5120 0x2002 5
ADV Router Age Seq# Fragment ID Link count Bits 1.1.1.1 553 0x80000006 0 1 B 1.1.1.2 552 0x80000025 0 1 None
ADV Router Age Seq# Link ID Rtr count
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID 1.1.1.2 481 0x80000016 0 0x2001 0
D2(config-router)# no passive-interface g1/0/23
D2(config-router)# address-family ipv4 unicast
D2(config-router-af)# passive-interface g1/0/23
D2(config-router-af)# exit-address-family
D2(config-router)# address-family ipv6 unicast
D2(config-router-af)# passive-interface g1/0/23
D2(config-router-af)# exit-address-family
R1(config-router)# address-family ipv6 unicast
R1(config-router-af)# area 1 range 2001:db8:acad:1000::/52
R3(config-router)# address-family ipv6 unicast
R3(config-router-af)# area 2 range 2001:db8:acad:2000::/52
OI 2001:DB8:ACAD:1000::/52 [110/3] via FE80::1:2, GigabitEthernet0/0/0
OI 2001:DB8:ACAD:2000::/52 [110/3] via FE80::3:2, GigabitEthernet0/0/1
Interface PID Area AF Cost State Nbrs F/C Gi0/0/1 123 0 ipv4 1 BDR 1/1 Gi0/0/0 123 0 ipv4 1 DR 1/1 Gi0/0/1 123 0 ipv6 1 BDR 1/1 Gi0/0/0 123 0 ipv6 1 DR 1/1
R2(config-if)# ospfv3 network point-to-point
R2(config-if)# ospfv3 network point-to-point
R1(config-if)# ospfv3 network point-to-point
R3(config-if)# ospfv3 network point-to-point
Interface PID Area AF Cost State Nbrs F/C
R2(config-router)# address-family ipv6 unicast
R2(config-router-af)# default-information originate
R2(config-router)# address-family ipv4 unicast
R2(config-router-af)# default-information originate
OE2 ::/0 [110/1], tag 123 via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:2000::/52 [110/5] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A001::/64 [110/2] via FE80::1:1, GigabitEthernet1/0/11
OI 2001:DB8:ACAD:A002::/64 [110/3] via FE80::1:1, GigabitEthernet1/0/11
Gateway of last resort is 10.10.4.1 to network 0.0.0.0
Router R1 hostname R1 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.1.1 255.255.255.224 no shut exit
100 interface Loopback1 ip address 192.168.1.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.1.2.1 255.255.255.0 no shut exit interface Serial1/0 ip address 10.1.3.1 255.255.255.128 no shut exit interface Serial1/1 ip address 10.1.3.129 255.255.255.128 no shut exit
Router R2 hostname R2 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.2.1 255.255.255.224 no shut exit interface Loopback1 ip address 192.168.2.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.1.2.2 255.255.255.0 no shut interface FasttEthernet1/0 ip address 10.2.3.2 255.255.255.0 no shut exit
Router R3 hostname R3 no ip domain lookup line con 0 logging sync exec-time 0 0 exit interface Loopback0 ip address 192.168.3.1 255.255.255.224 no shut exit interface Loopback1 ip address 192.168.3.65 255.255.255.192 no shut exit interface FastEthernet0/0 ip address 10.2.3.3 255.255.255.0 negotiation auto no shut exit interface Serial1/0 ip address 10.1.3.3 255.255.255.128 no shut exit interface Serial1/1 ip address 10.1.3.130 255.255.255.128 no shut exit
R1(config)# router bgp 1000 b -id cho R1
R1(config-router)# bgp router-id 1.1.1.1 c neighbors cho R1
R1(config-router)# neighbor 10.1.2.2 remote-as 500
R1(config-router)# neighbor 10.1.3.3 remote-as 300
R1(config-router)# neighbor 10.1.3.130 remote-as 300 d
R1(config-router)# network 192.168.1.0 mask 255.255.255.224 R1(config-router)# network 192.168.1.64 mask 255.255.255.192
R2(config)# router bgp 500 b -id cho R2
R2(config-router)# bgp router-id 2.2.2.2 c
R2(config-router)# neighbor 10.1.2.1 remote-as 1000
R2(config-router)# neighbor 10.2.3.3 remote-as 300 d
R2(config-router)# network 192.168.2.0 mask 255.255.255.224 R2(config-router)# network 192.168.2.64 mask 255.255.255.192
R3(config-router)# bgp router-id 3.3.3.3 c
R3(config-router)# no bgp default ipv4-unicast
Ch bgp default ipv4-unicast c b t m nh trên các IOS R1 và R2 s d ng ch cho phép t i giá tr IPv4 address family prefixes L nh no bgp default ipv4-unicast s t t ch , các bgp neighbors ph i IPv4 address family (AF) b ng cách c u hình th công
L nh BGP network c n ph c thi t l p v i IPv4 AF d
R3(config-router)# neighbor 10.2.3.2 remote-as 500
R3(config-router)# neighbor 10.1.3.1 remote-as 1000
R3(config-router)# neighbor 10.1.3.129 remote-as 1000
Ki m tra m i quan h láng gi ng BGP a
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set b established, R2 và R3 là idle)
BGP neighbor is 10.1.2.1, remote AS 1000, external link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:35:34
Last read 00:00:28, last write 00:00:35, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle, down for never
0 active, is not multisession capable (disabled)
R3(config-router)# address-family ipv4
R3(config-router-af)# neighbor 10.1.3.1 activate
R3(config-router-af)# neighbor 10.1.3.129 activate
R3(config-router-af)# neighbor 10.2.3.2 activate
R3(config-router-af)# network 192.168.3.0 mask 255.255.255.224 d
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip bgp neighbors | begin BGP neighbor is 10.2.3.3 BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 3.3.3.3
BGP state = Established, up for 00:12:16
Last read 00:00:37, last write 00:00:52, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
-configure R1# show running-config | section bgp router bgp 1000 bgp router-id 1.1.1.1 bgp log-neighbor-changes network 192.168.1.0 mask 255.255.255.224 network 192.168.1.64 mask 255.255.255.192 neighbor 10.1.2.2 remote-as 500 neighbor 10.1.3.3 remote-as 300 neighbor 10.1.3.130 remote-as 300
R2# show running-config | section bgp router bgp 500 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 192.168.2.0 mask 255.255.255.224 network 192.168.2.64 mask 255.255.255.192 neighbor 10.1.2.1 remote-as 1000
R3# show running-config | section bgp router bgp 300 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 10.1.3.1 remote-as 1000 neighbor 10.1.3.129 remote-as 1000 neighbor 10.2.3.2 remote-as 500
! address-family ipv4 network 192.168.3.0 mask 255.255.255.224 network 192.168.3.64 mask 255.255.255.192 neighbor 10.1.3.1 activate neighbor 10.1.3.129 activate neighbor 10.2.3.2 activate exit-address-family
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
192.168.1.0/27 a show ip bgp ip-prefix
BGP routing table entry for 192.168.1.0/27, version 14
Paths: (2 available, best #2, table default)
Origin IGP, localpref 100, valid, external rx pathid: 0, tx pathid: 0
Origin IGP, metric 0, localpref 100, valid, external, best rx pathid: 0, tx pathid: 0x0
1 b show ip bgp neighbors trên R2
BGP neighbor is 10.1.2.1, remote AS 1000, external link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:00:51
1 active, is not multisession capable (disabled)
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised and received
Stateful switchover support enabled: NO for session 1
BGP neighbor is 10.2.3.3, remote AS 300, external link
BGP version 4, remote router ID 3.3.3.3
BGP state = Established, up for 16:23:45
Last read 00:00:29, last write 00:00:51, hold time is 180, keepalive interval is 60 seconds
1 active, is not multisession capable (disabled)
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised and received
Stateful switchover support enabled: NO for session 1
Do log neighbor state changes (via global configuration)
Default minimum time between advertisement runs is 30 seconds
C u hình và ki m tra Route Summarization và Atomic Aggregate
192.168.3.0/24 prefix aggregate-address Summary-only address-family ipv4
R1(config-router)# aggregate-address 192.168.1.0 255.255.255.0 summary-only
R3(config-router)# address-family ipv4
R3(config-router-af)# aggregate-address 192.168.3.0 255.255.255.0 summary-only c 2: Ki m tra route summarization dùng atomic aggregate a
R1# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 5 subnets, 4 masks
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
R2# show ip route bgp | begin Gateway
Gateway of last resort is not set
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 5 subnets, 4 masks
BGP table version is 69, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network Next Hop Metric LocPrf Weight Path
BGP table version is 69, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network Next Hop Metric LocPrf Weight Path s> 192.168.1.0/27 0.0.0.0 0 32768 i
BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-
Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
BGP routing table entry for 192.168.1.0/24, version 45
Paths: (2 available, best #2, table default)
Origin IGP, localpref 100, valid, external, atomic-aggregate rx pathid: 0, tx pathid: 0
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best rx pathid: 0, tx pathid: 0x0
R1(config-router)# no aggregate-address 192.168.1.0 255.255.255.0 summary-only
Routing entry for 192.168.1.0/24, 2 known subnets
R2(config-router)# aggregate-address 192.168.1.0 255.255.255.0 summary-only ute summarization dùngatomic aggregate và AS-Set d
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 5 subnets, 4 masks
Network Next Hop Metric LocPrf Weight Path
R2(config-router)# no aggregate-address 192.168.1.0 255.255.255.0 summary-only R2(config-router)# aggregate-address 192.168.1.0 255.255.255.0 as-set summary-only g
R3# show ip route bgp | begin Gateway
Gateway of last resort is not set
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
192.168.3.0/24 is variably subnetted, 5 subnets, 4 masks
Network Next Hop Metric LocPrf Weight Path
R3# show ip bgp 192.168.1.0 | begin Refresh
Origin IGP, metric 0, localpref 100, valid, external, best rx pathid: 0, tx pathid: 0x0 c 1: C c qu ng bá trên R2
C u hình R2 qu ng bá default router t i R1 R2 không nh t thi t ph i có default route riêng (trong m nh tuy n)
R2(config-router)# neighbor 10.1.2.1 default-originate c 2: Ki m tra qu ng bá default route trên R1
R1# show ip route bgp | begin Gateway
Gateway of last resort is 10.1.2.2 to network 0.0.0.0
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
B 192.168.3.0/24 [20/0] via 10.1.2.2, 12:41:58 a Ki m tra b nh tuy p nh t default route
Network Next Hop Metric LocPrf Weight Path
ETHERCHANNEL VÀ HSRP
HSRP
ACCESS CONTROL LIST
HÌNH VÀ TRA VTY
R1#(config)# ip access-list standard BRANCH-OFFICE-POLICY
R1(config-std-nacl)# 40 deny any
Standard IP access list BRANCH-OFFICE-POLICY
6.2 C U HÌNH VÀ KI M TRA H N CH K T N I VTY
Device Interface IP Address Subnet Mask Default Gateway
Device Interface IP Address Subnet Mask Default Gateway
-A và PC- a b no ip domain-lookup hostname R1 service password-encryption enable secret class banner motd #
Unauthorized access is strictly prohibited #
Line con 0 password cisco login logging synchronous line vty 0 4 login c d e K f no ip domain-lookup hostname S1 service password-encryption enable secret class banner motd #
Unauthorized access is strictly prohibited #
Line con 0 password cisco login logging synchronous line vty 0 15 password cisco login exit g h i ig vào startup config ta a b -list
R1(config)# ip access-list ? extended Extended Access List helper Access List acts on helper-address log-update Control access list log updates
160 logging Control access list logging resequence Resequence Access List standard Standard Access List c -list standard
R1(config)# ip access-list standard ?
Standard IP access-list number
Standard IP access-list number (expanded range)
WORD Access-list name d Them tên ADMIN- - ta -std-nacl)
R1(config)# ip access-list standard ADMIN-MGT
Standard Access List configuration commands:
Sequence Number default Set a command to its defaults deny Specify packets to reject exit Exit from access-list configuration mode no Negate a command or set its defaults permit Specify packets to forward remark Access list entry comment f -
R1(config-std-nacl)# permit host 192.168.1.3
R1(config-line)# exit lnet a - ta
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes2 time=5ms TTLd
Reply from 192.168.1.1: bytes2 time=1ms TTLd
Reply from 192.168.1.1: bytes2 time=1ms TTLd
Reply from 192.168.1.1: bytes2 time=1ms TTLd
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 5ms, Average = 2ms
- Phiên telnet có thành công không? g -
Standard IP access list ADMIN-MGT
20 permit 192.168.1.4, wildcard bits 0.0.0.3 (2 matches) ta ta h i - ADMIN-MGT và thêm ACE deny any vào
R1(config)# ip access-list standard ADMIN-MGT
R1(config-std-nacl)# deny any
R1(config-std-nacl)# exit j - tên ADMIN-MGT k - Ta
Standard IP access list ADMIN-MGT
HÌNH VÀ KI TRA EXTENDED ACL
6.3 C U HÌNH VÀ KI M TRA EXTENDED ACL
Device Interface IP Address Subnet Mask Default Gateway R1 G0/0 172.22.34.65 255.255.255.224 N/A
R1(config)# access-list 100 ? deny Specify packets to reject permit Specify packets to forward remark Access list entry comment
R1(config)# access-list 100 permit ? ahp Authentication Header Protocol eigrp Cisco's EIGRP routing protocol esp Encapsulation Security Payload gre Cisco's GRE tunneling icmp Internet Control Message Protocol ospf OSPF routing protocol tcp Transmission Control Protocol udp User Datagram Protocol
R1(config)# access-list 100 permit tcp ?
A.B.C.D Source address any Any source host host A single source host
R1(config)# access-list 100 permit tcp 172.22.34.64 ?
R1(config)# access-list 100 permit tcp 172.22.34.64 0.0.0.31 ?
A.B.C.D Destination address any Any destination host eq Match only packets on a given port number gt Match only packets with a greater port number host A single destination host lt Match only packets with a lower port number neq Match only packets not on a given port number range Match only packets in the range of port numbers
R1(config)# access-list 100 permit tcp 172.22.34.64 0.0.0.31 host
172.22.34.62 ? dscp Match packets with given dscp value eq Match only packets on a given port number established established gt Match only packets with a greater port number lt Match only packets with a lower port number neq Match only packets not on a given port number precedence Match packets with given precedence value range Match only packets in the range of port numbers
R1(config)# access-list 100 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ?
Port number ftp File Transfer Protocol (21) pop3 Post Office Protocol v3 (110) smtp Simple Mail Transport Protocol (25) telnet Telnet (23) www World Wide Web (HTTP, 80)
R1(config)# access-list 100 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ftp
R1(config)# access-list 100 permit icmp 172.22.34.64 0.0.0.31 host 172.22.34.62
10 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ftp
R1(config-if)# ip access-group 100 in
R1(config)# ip access-list ? extended Extended Access List standard Standard Access List
R1(config)# ip access-list extended HTTP_ONLY
R1(config-ext-nacl)# permit tcp 172.22.34.96 ?
R1(config-ext-nacl)# permit tcp 172.22.34.96 0.0.0.15
R1(config-ext-nacl)# permit tcp 172.22.34.96 0.0.0.15 host 172.22.34.62 eq www
R1(config-ext-nacl)# permit icmp 172.22.34.96 0.0.0.15 host 172.22.34.62
10 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ftp
Extended IP access list HTTP_ONLY
10 permit tcp 172.22.34.96 0.0.0.15 host 172.22.34.62 eq www
R1(config-if)# ip access-group HTTP_ONLY in