IP路由原理
一.什么是路由
路由是指导IP报文发送的路径信息。
二.路由表的构成
路由表是路由器转发报文的判断依据
三.路由器单跳操作
四.路由表查找规则
1.选择度量值小的进行转发
2.永远将下一跳地址指向直连路由
3.如果路由表中没有相匹配的主机路由去匹配就会丢弃,但是如果存在默认路由的话,会默认从默认路由转发。
五.路由的来源
1.直连路由
开销小,配置简单,无需人工维护。只能发现本接口所属网段的路由
2.手工配置的静态路由
无开销,配置简单,需人工维护,适合简单拓扑结构的网络
3.路由协议发现的动态路由
开销大,配置复杂,无需人工维护,适合复杂拓扑结构的网络
六.路由度量值(Metric)
1.路由度量值表示到达折条路由所指目的地址的代价。
2.通常影响路由度量值的因素:
线路演示,带宽,线路使用率,线路可信度,跳数,最大传输单元
3.不同路由协议参考的因素不同
七.路由优先级
如果到相同目的地址有多个路由来源,则:
a>.以Preference(优先级)确定不同类型优先级;
b>.Preference越小,优先级越高;
c>.优先级最高的路由被添加进路由表
八.各类路由默认优先级
九.路由环路
环路产生的原因:配置错误或协议缺陷
十.实验:
1.单臂路由的配置不同VLAN互通。
以上是一个简单“单臂路由”拓扑图:
a.实现思路:1>.在22层交换机上划分不同的vlan,并将相应的端口加入不同的 VLAN中;
2>.在路由器上配置子接口IP位各个部门员工的网关IP;
3>.不同的VLAN只要经过三层设备就能成功的访问到其他不同的VLAN了;
b.配置过程如下:
注意:为了操作方便我将“22层核心交换机”更名为core,将“网关出口”更名为gw
22层核心交换机配置如下:
1 22层核心交换机配置 2 [Huawei]sysname core 3 [core]interface GigabitEthernet 0/0/1 4 [core-GigabitEthernet0/0/1]port link-type access #将改口配置为access口 5 [core-GigabitEthernet0/0/1]quit 6 [core]interface GigabitEthernet 0/0/2 7 [core-GigabitEthernet0/0/2]port link-type access 8 [core-GigabitEthernet0/0/2]quit 9 [core]interface GigabitEthernet 0/0/3 10 [core-GigabitEthernet0/0/3]port link-type access 11 [core-GigabitEthernet0/0/3]quit 12 [core]interface GigabitEthernet 0/0/4 13 [core-GigabitEthernet0/0/4]port link-type access 14 [core-GigabitEthernet0/0/4]quit 15 [core]interface GigabitEthernet 0/0/5 16 [core-GigabitEthernet0/0/5]port link-type access 17 [core-GigabitEthernet0/0/5]quit 18 [core]interface GigabitEthernet 0/0/10 19 [core-GigabitEthernet0/0/10]port link-type trunk #将改口配置为trunk口 20 [core-GigabitEthernet0/0/10]port trunk allow-pass vlan all 21 [core-GigabitEthernet0/0/10]undo shutdown 22 [core-GigabitEthernet0/0/10]quit 23 [core]vlan 10 24 [core-vlan10]port GigabitEthernet 0/0/1 #将端口加入该VLAN10中 25 [core-vlan10]vlan 20 26 [core-vlan20]port GigabitEthernet 0/0/2 27 [core-vlan20]vlan 30 28 [core-vlan30]port GigabitEthernet 0/0/3 29 [core-vlan30]vlan 40 30 [core-vlan40]port GigabitEthernet 0/0/4 31 [core-vlan40]vlan 50 32 [core-vlan50]port GigabitEthernet 0/0/5 33 [core-vlan50]quit 34 [core]dis vlan 10 to 50 #查看10到50所有连续的VLAN信息 35 -------------------------------------------------------------------------------- 36 U: Up; D: Down; TG: Tagged; UT: Untagged; 37 MP: Vlan-mapping; ST: Vlan-stacking; 38 #: ProtocolTransparent-vlan; *: Management-vlan; 39 -------------------------------------------------------------------------------- 40 41 VID Type Ports 42 -------------------------------------------------------------------------------- 43 10 common UT:GE0/0/1(U) 44 20 common UT:GE0/0/2(U) 45 30 common UT:GE0/0/3(U) 46 40 common UT:GE0/0/4(U) 47 50 common UT:GE0/0/5(U) 48 49 VID Status Property MAC-LRN Statistics Description 50 -------------------------------------------------------------------------------- 51 10 enable default enable disable VLAN 0010 52 20 enable default enable disable VLAN 0020 53 30 enable default enable disable VLAN 0030 54 40 enable default enable disable VLAN 0040 55 50 enable default enable disable VLAN 0050 56 [core]
网关出口配置过程如下:
1 出口网关配置 2 [Huawei]sysname gw 3 [gw]interface Ethernet 0/0/0 4 [gw-Ethernet0/0/0]undo shutdown #将物理接口配置成不关闭状态 5 [gw-Ethernet0/0/0]quit 6 [gw]interface Ethernet 0/0/0.1 7 [gw-Ethernet0/0/0.1]vlan-type dot1q 10 #将该子接口172封装成trunk,允许VLAN透传。 8 [gw-Ethernet0/0/0.1]ip address 172.30.1.254 255.255.255.0 #给该虚接口配置一个地址,也是 9 10 172.30.1.0/24的网管地址 11 [gw-Ethernet0/0/0.1]undo shutdow #该接口不启状态 12 [gw-Ethernet0/0/0.1]quit 13 [gw]interface Ethernet 0/0/0.2 14 [gw-Ethernet0/0/0.2]vlan-type dot1q 20 15 [gw-Ethernet0/0/0.2]ip address 172.30.2.254 16 [gw-Ethernet0/0/0.2]undo shutdown 17 [gw-Ethernet0/0/0.2]quit 18 [gw]interface Ethernet 0/0/0.3 19 [gw-Ethernet0/0/0.3]vlan-type dot1q 30 20 [gw-Ethernet0/0/0.3]ip address 172.30.3.254 24 21 [gw-Ethernet0/0/0.3]undo shutdown 22 [gw-Ethernet0/0/0.3]quit 23 [gw]interface Ethernet 0/0/0.4 24 [gw-Ethernet0/0/0.4]vlan-type dot1q 40 25 [gw-Ethernet0/0/0.4]ip address 172.30.4.254 24 26 [gw-Ethernet0/0/0.4]undo shutdown 27 [gw-Ethernet0/0/0.4]quit 28 [gw]interface Ethernet 0/0/0.5 29 [gw-Ethernet0/0/0.5]vlan-type dot1q 50 30 [gw-Ethernet0/0/0.5]ip address 172.30.5.254 24 31 [gw-Ethernet0/0/0.5]undo shutdown 32 [gw-Ethernet0/0/0.5]quit 33 [gw]
运维部门电脑测试结果如下:
1 PC> 2 PC>ipconfig 3 4 Link local IPv6 address...........: fe80::5689:98ff:fea7:2066 5 IPv6 address......................: :: / 128 6 IPv6 gateway......................: :: 7 IPv4 address......................: 172.30.3.1 8 Subnet mask.......................: 255.255.255.0 9 Gateway...........................: 172.30.3.254 10 Physical address..................: 54-89-98-A7-20-66 11 DNS server........................: 12 13 PC>ping 172.30.1.1 14 15 Ping 172.30.1.1: 32 data bytes, Press Ctrl_C to break 16 From 172.30.1.1: bytes=32 seq=1 ttl=127 time=78 ms 17 From 172.30.1.1: bytes=32 seq=2 ttl=127 time=47 ms 18 From 172.30.1.1: bytes=32 seq=3 ttl=127 time=62 ms 19 From 172.30.1.1: bytes=32 seq=4 ttl=127 time=62 ms 20 From 172.30.1.1: bytes=32 seq=5 ttl=127 time=62 ms 21 22 --- 172.30.1.1 ping statistics --- 23 5 packet(s) transmitted 24 5 packet(s) received 25 0.00% packet loss 26 round-trip min/avg/max = 47/62/78 ms 27 28 PC>ping 172.30.2.1 29 30 Ping 172.30.2.1: 32 data bytes, Press Ctrl_C to break 31 From 172.30.2.1: bytes=32 seq=1 ttl=127 time=47 ms 32 From 172.30.2.1: bytes=32 seq=2 ttl=127 time=62 ms 33 From 172.30.2.1: bytes=32 seq=3 ttl=127 time=47 ms 34 From 172.30.2.1: bytes=32 seq=4 ttl=127 time=62 ms 35 From 172.30.2.1: bytes=32 seq=5 ttl=127 time=47 ms 36 37 --- 172.30.2.1 ping statistics --- 38 5 packet(s) transmitted 39 5 packet(s) received 40 0.00% packet loss 41 round-trip min/avg/max = 47/53/62 ms 42 43 PC>ping 172.30.3.1 44 45 Ping 172.30.3.1: 32 data bytes, Press Ctrl_C to break 46 From 172.30.3.1: bytes=32 seq=1 ttl=128 time<1 ms 47 From 172.30.3.1: bytes=32 seq=2 ttl=128 time<1 ms 48 From 172.30.3.1: bytes=32 seq=3 ttl=128 time<1 ms 49 From 172.30.3.1: bytes=32 seq=4 ttl=128 time<1 ms 50 From 172.30.3.1: bytes=32 seq=5 ttl=128 time<1 ms 51 52 --- 172.30.3.1 ping statistics --- 53 5 packet(s) transmitted 54 5 packet(s) received 55 0.00% packet loss 56 round-trip min/avg/max = 0/0/0 ms 57 58 PC>ping 172.30.4.1 59 60 Ping 172.30.4.1: 32 data bytes, Press Ctrl_C to break 61 From 172.30.4.1: bytes=32 seq=1 ttl=127 time=63 ms 62 From 172.30.4.1: bytes=32 seq=2 ttl=127 time=46 ms 63 From 172.30.4.1: bytes=32 seq=3 ttl=127 time=63 ms 64 From 172.30.4.1: bytes=32 seq=4 ttl=127 time=62 ms 65 From 172.30.4.1: bytes=32 seq=5 ttl=127 time=47 ms 66 67 --- 172.30.4.1 ping statistics --- 68 5 packet(s) transmitted 69 5 packet(s) received 70 0.00% packet loss 71 round-trip min/avg/max = 46/56/63 ms 72 73 PC>ping 172.30.5.1 74 75 Ping 172.30.5.1: 32 data bytes, Press Ctrl_C to break 76 From 172.30.5.1: bytes=32 seq=1 ttl=127 time=63 ms 77 From 172.30.5.1: bytes=32 seq=2 ttl=127 time=62 ms 78 From 172.30.5.1: bytes=32 seq=3 ttl=127 time=47 ms 79 From 172.30.5.1: bytes=32 seq=4 ttl=127 time=62 ms 80 From 172.30.5.1: bytes=32 seq=5 ttl=127 time=93 ms 81 82 --- 172.30.5.1 ping statistics --- 83 5 packet(s) transmitted 84 5 packet(s) received 85 0.00% packet loss 86 round-trip min/avg/max = 47/65/93 ms 87 88 PC>
c.总结单臂路由的优缺点:
优点:
1>实现了不同VLAN的互通。
2>.只需要一个物理接口能给多个VLAN配置网关,通过子接口的技术,子接口必须封装802.1Q的trunk协议。
缺点:
1>.不同VLAN的数据每次访问都要通过路由器进行路由查找,效率比较低;
2>.购买一个路由器设备比购买一个三层交换机要贵的多,性价比低!
2.三层交换配置不同VLAN互通。
a.三层交换机以内置的三层路由转发引擎执行VLAN间路由功能
b.配置过程如下:
三层核心交换机配置如下:
1 [Huawei]sysname core 2 [core]interface GigabitEthernet 0/0/1 3 [core-GigabitEthernet0/0/1]port link-type access #将改口配置为access口 4 [core-GigabitEthernet0/0/1]quit 5 [core]interface GigabitEthernet 0/0/2 6 [core-GigabitEthernet0/0/2]port link-type access 7 [core-GigabitEthernet0/0/2]quit 8 [core]interface GigabitEthernet 0/0/3 9 [core-GigabitEthernet0/0/3]port link-type access 10 [core-GigabitEthernet0/0/3]quit 11 [core]interface GigabitEthernet 0/0/4 12 [core-GigabitEthernet0/0/4]port link-type access 13 [core-GigabitEthernet0/0/4]quit 14 [core]interface GigabitEthernet 0/0/5 15 [core-GigabitEthernet0/0/5]port link-type access 16 [core-GigabitEthernet0/0/5]quit 17 [core]interface GigabitEthernet 0/0/10 18 [core-GigabitEthernet0/0/10]port link-type trunk #将改口配置为trunk口 19 [core-GigabitEthernet0/0/10]port trunk allow-pass vlan all 20 [core-GigabitEthernet0/0/10]undo shutdown 21 [core-GigabitEthernet0/0/10]quit 22 [core]vlan 10 23 [core-vlan10]port GigabitEthernet 0/0/1 #将端口加入该VLAN10中 24 [core-vlan10]vlan 20 25 [core-vlan20]port GigabitEthernet 0/0/2 26 [core-vlan20]vlan 30 27 [core-vlan30]port GigabitEthernet 0/0/3 28 [core-vlan30]vlan 40 29 [core-vlan40]port GigabitEthernet 0/0/4 30 [core-vlan40]vlan 50 31 [core-vlan50]port GigabitEthernet 0/0/5 32 [core-vlan50]quit 33 [core]dis vlan 10 to 50 #查看10到50所有连续的VLAN信息 34 -------------------------------------------------------------------------------- 35 U: Up; D: Down; TG: Tagged; UT: Untagged; 36 MP: Vlan-mapping; ST: Vlan-stacking; 37 #: ProtocolTransparent-vlan; *: Management-vlan; 38 -------------------------------------------------------------------------------- 39 40 VID Type Ports 41 -------------------------------------------------------------------------------- 42 10 common UT:GE0/0/1(U) 43 20 common UT:GE0/0/2(U) 44 30 common UT:GE0/0/3(U) 45 40 common UT:GE0/0/4(U) 46 50 common UT:GE0/0/5(U) 47 48 VID Status Property MAC-LRN Statistics Description 49 -------------------------------------------------------------------------------- 50 10 enable default enable disable VLAN 0010 51 20 enable default enable disable VLAN 0020 52 30 enable default enable disable VLAN 0030 53 40 enable default enable disable VLAN 0040 54 50 enable default enable disable VLAN 0050 55 [core] 56 [core]interface Vlanif 10 #创建SVI 57 [core-Vlanif10]ip address 172.30.1.254 24 #给当前VLAN10配置一个管理地址。 58 [core-Vlanif10]undo shutdown 59 [core-Vlanif10]quit 60 [core]interface Vlanif 20 61 [core-Vlanif20]ip address 172.30.2.254 24 62 [core-Vlanif20]undo shutdown 63 [core-Vlanif20]quit 64 [core]interface Vlanif 30 65 [core-Vlanif30]ip address 172.30.3.254 24 66 [core-Vlanif30]undo shutdown 67 [core-Vlanif30]quit 68 [core]interface Vlanif 40 69 [core-Vlanif40]ip address 172.30.4.254 24 70 [core-Vlanif40]undo shutdown 71 [core-Vlanif40]quit 72 [core]interface Vlanif 50 73 [core-Vlanif50]ip address 172.30.5.254 24 74 [core-Vlanif50]undo shutdown 75 [core-Vlanif50]quit
运维部门电脑测试结果如下:
1 PC>ipconfig 2 3 Link local IPv6 address...........: fe80::5689:98ff:fea7:2066 4 IPv6 address......................: :: / 128 5 IPv6 gateway......................: :: 6 IPv4 address......................: 172.30.3.1 7 Subnet mask.......................: 255.255.255.0 8 Gateway...........................: 172.30.3.254 9 Physical address..................: 54-89-98-A7-20-66 10 DNS server........................: 11 12 PC>ping 172.30.1.1 13 14 Ping 172.30.1.1: 32 data bytes, Press Ctrl_C to break 15 From 172.30.1.1: bytes=32 seq=1 ttl=127 time=31 ms 16 From 172.30.1.1: bytes=32 seq=2 ttl=127 time=15 ms 17 From 172.30.1.1: bytes=32 seq=3 ttl=127 time<1 ms 18 From 172.30.1.1: bytes=32 seq=4 ttl=127 time=47 ms 19 From 172.30.1.1: bytes=32 seq=5 ttl=127 time=16 ms 20 21 --- 172.30.1.1 ping statistics --- 22 5 packet(s) transmitted 23 5 packet(s) received 24 0.00% packet loss 25 round-trip min/avg/max = 0/21/47 ms 26 27 PC>ping 172.30.2.1 28 29 Ping 172.30.2.1: 32 data bytes, Press Ctrl_C to break 30 From 172.30.2.1: bytes=32 seq=1 ttl=127 time=47 ms 31 From 172.30.2.1: bytes=32 seq=2 ttl=127 time<1 ms 32 From 172.30.2.1: bytes=32 seq=3 ttl=127 time<1 ms 33 From 172.30.2.1: bytes=32 seq=4 ttl=127 time=32 ms 34 From 172.30.2.1: bytes=32 seq=5 ttl=127 time=46 ms 35 36 --- 172.30.2.1 ping statistics --- 37 5 packet(s) transmitted 38 5 packet(s) received 39 0.00% packet loss 40 round-trip min/avg/max = 0/25/47 ms 41 42 PC>ping 172.30.3.1 43 44 Ping 172.30.3.1: 32 data bytes, Press Ctrl_C to break 45 From 172.30.3.1: bytes=32 seq=1 ttl=128 time<1 ms 46 From 172.30.3.1: bytes=32 seq=2 ttl=128 time<1 ms 47 From 172.30.3.1: bytes=32 seq=3 ttl=128 time<1 ms 48 From 172.30.3.1: bytes=32 seq=4 ttl=128 time<1 ms 49 From 172.30.3.1: bytes=32 seq=5 ttl=128 time<1 ms 50 51 --- 172.30.3.1 ping statistics --- 52 5 packet(s) transmitted 53 5 packet(s) received 54 0.00% packet loss 55 round-trip min/avg/max = 0/0/0 ms 56 57 PC>ping 172.30.4.1 58 59 Ping 172.30.4.1: 32 data bytes, Press Ctrl_C to break 60 From 172.30.4.1: bytes=32 seq=1 ttl=127 time=31 ms 61 From 172.30.4.1: bytes=32 seq=2 ttl=127 time=31 ms 62 From 172.30.4.1: bytes=32 seq=3 ttl=127 time=16 ms 63 From 172.30.4.1: bytes=32 seq=4 ttl=127 time=31 ms 64 From 172.30.4.1: bytes=32 seq=5 ttl=127 time=16 ms 65 66 --- 172.30.4.1 ping statistics --- 67 5 packet(s) transmitted 68 5 packet(s) received 69 0.00% packet loss 70 round-trip min/avg/max = 16/25/31 ms 71 72 PC>ping 172.30.5.1 73 74 Ping 172.30.5.1: 32 data bytes, Press Ctrl_C to break 75 From 172.30.5.1: bytes=32 seq=1 ttl=127 time=16 ms 76 From 172.30.5.1: bytes=32 seq=2 ttl=127 time=15 ms 77 From 172.30.5.1: bytes=32 seq=3 ttl=127 time=16 ms 78 From 172.30.5.1: bytes=32 seq=4 ttl=127 time<1 ms 79 From 172.30.5.1: bytes=32 seq=5 ttl=127 time=31 ms 80 81 --- 172.30.5.1 ping statistics --- 82 5 packet(s) transmitted 83 5 packet(s) received 84 0.00% packet loss 85 round-trip min/avg/max = 0/15/31 ms 86 87 PC>
c.三层交换机的优点
1>.不用路由器照样实现不同VLAN间的互通;
2>.性价比高,功能比普通二层交换机要多的多.