首页
学习
活动
专区
工具
TVP
发布
精选内容/技术社群/优惠产品,尽在小程序
立即前往

中间系统到中间系统路由协议综合实验

实验目的:

1. 熟悉ISIS路由协议的基础操作方法。

2. 掌握该协议的区域划分,路由级别调整过程。

3. 掌握该协议的网络类型以及网络类型中广播类型的DIS的选举流程。

4. 掌握该协议的路由引入,路由聚合,路由过滤,路由认证等操作流程。

实验要求:

1.R1,R2和R3是Level-1路由器,R6是Level-2路由器。SystemID为0000.0000.000X。ISIS的进程号为1.

通告相关接口,网段10.0.X.0/24暂不通告。

2.R4和R6,R5和R6之间不能有DIS选举;

R1,R2和R3共享网络中,要求R3为DIS,需在R1和R2上配置,且优先级设置尽量小仍可以参与DIS选举。

3.R6引入10.0.X.0/24网段,并标记为100;

区域47.0001能够通过R4 学到10.0.x.0/24网段明细,且必须保持这些路由的标记为100.

4. R2只允许通过缺省路由访问区域47.0002的网络。不能使用ACL和前缀列表。

5. 区域47.0001的所有路由器发送LSP和SNP需要进行认证,认证类型为MD5,密码为Huawei;

level-2路由发送的IIH需要进行认证,认证类型为MD5,密码为Huawei。

实验步骤:

R1配置:

[V200R003C00]

#

sysname R1

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47.0001.0000.0000.0001.00

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 192.168.1.1 255.255.255.0

isis enable 1

isis dis-priority 0

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

Return

R2的配置:

[V200R003C00]

#

sysname R2

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47.0001.0000.0000.0002.00

filter-policy route-policy deny_dir import

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 192.168.1.2 255.255.255.0

isis enable 1

isis dis-priority 0

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

isis enable 1

#

route-policy deny_dir deny node 10

if-match tag 100

#

route-policy deny_dir permit node 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R3的配置:

[V200R003C00]

#

sysname R3

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-1

cost-style wide

network-entity 47.0001.0000.0000.0003.00

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

ip address 34.1.1.3 255.255.255.0

isis enable 1

#

interface Serial1/0/1

link-protocol ppp

ip address 35.1.1.3 255.255.255.0

isis enable 1

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 192.168.1.3 255.255.255.0

isis enable 1

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 3.3.3.3 255.255.255.255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R4的配置:

[V200R003C00]

#

sysname R4

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

cost-style wide

network-entity 47.0001.0000.0000.0004.00

import-route isis level-2 into level-1 filter-policy route-policy Import_dir

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

ip address 34.1.1.4 255.255.255.0

isis enable 1

#

interface Serial1/0/1

link-protocol ppp

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 46.1.1.4 255.255.255.0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 4.4.4.4 255.255.255.255

isis enable 1

#

route-policy Import_dir permit node 10

if-match tag 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R5的配置:

[V200R003C00]

#

sysname R5

#

board add 0/1 2SA

board add 0/2 2SA

board add 0/4 4GET

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

cost-style wide

network-entity 47.0001.0000.0000.0005.00

#

firewall zone Local

priority 15

#

interface Serial1/0/0

link-protocol ppp

#

interface Serial1/0/1

link-protocol ppp

ip address 35.1.1.5 255.255.255.0

isis enable 1

#

interface Serial2/0/0

link-protocol ppp

#

interface Serial2/0/1

link-protocol ppp

#

interface GigabitEthernet0/0/0

ip address 56.1.1.5 255.255.255.0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet4/0/0

#

interface GigabitEthernet4/0/1

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

interface LoopBack0

ip address 5.5.5.5 255.255.255.255

isis enable 1

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

R6的配置:

[V200R003C00]

#

sysname R6

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

acl number 2000

rule 5 permit source 10.0.0.0 0.0.3.255

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password cipher %$%$K8m.Nt84DZ}e#

local-user admin service-type http

#

isis 1

is-level level-2

cost-style wide

network-entity 47.0002.0000.0000.0006.00

import-route direct route-policy tag

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 46.1.1.6 255.255.255.0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/1

ip address 56.1.1.6 255.255.255.0

isis enable 1

isis circuit-type p2p

isis ppp-negotiation 3-way only

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 6.6.6.6 255.255.255.255

isis enable 1

#

interface LoopBack11

ip address 10.0.0.1 255.255.255.0

#

interface LoopBack12

ip address 10.0.1.1 255.255.255.0

#

interface LoopBack13

ip address 10.0.3.1 255.255.255.0

#

route-policy tag permit node 10

if-match acl 2000

apply tag 100

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

  • 发表于:
  • 原文链接https://kuaibao.qq.com/s/20200807A0WA4P00?refer=cp_1026
  • 腾讯「腾讯云开发者社区」是腾讯内容开放平台帐号(企鹅号)传播渠道之一,根据《腾讯内容开放平台服务协议》转载发布内容。
  • 如有侵权,请联系 cloudcommunity@tencent.com 删除。

扫码

添加站长 进交流群

领取专属 10元无门槛券

私享最新 技术干货

扫码加入开发者社群
领券