Professional Documents
Culture Documents
MC LC
Phn 1 TNG QUAN
OSI MODEL............................................................................................................2
CABLE
.............................................................................................................3
LNH CISCO CN BN.......................................................................................8
CISCO DISCOVERY PROTOCOL......................................................................21
TELNET ...........................................................................................................26
CRACK PASSWORD...........................................................................................30
BACKUP V RESTORE......................................................................................35
Phn 2 NH TUYN
STATIC ROUTE...................................................................................................40
DYNAMIC ROUTING PROTOCOL RIP............................................................48
DYNAMIC ROUTING PROTOCOL IGRP.........................................................53
DYNAMIC ROUTING PROTOCOL EIGRP.......................................................60
DYNAMIC ROUTING PROTOCOL OSPF.........................................................69
Phn 3 ACCESS-LIST
STANDARD IP ACCESS-LIST...........................................................................75
EXTENDED IP ACCESS-LIST............................................................................80
Phn 4 NAT
...........................................................................................................84
NAT Overload
Dynamic NAT
Static NAT
Phn 5 WAN
PPP
...........................................................................................................90
FRAME-RELAY...................................................................................................95
ISDN
Phn 6 - SWITCH
SWITCH (BASIC CONFIGURE)
VLAN
OSI MODEL:
OSI Model l mt s chun ha cho nhng chc nng Network. Lm cho tnh phc tp
ca network tr nn n gin hn, cho php cc nh pht trin modul ha vic thit k.
Phng php ny cho php nhiu nh pht trin lm vic c lp nhau to ra nhng
chc nng ring bit m vn c th ha hp thnh mt th thng nht mt cch d dng
(plug-and-play).
M hnh OSI
Application
Telnet
HTTP
ASCII
JPEG
Operating systems
Scheduling
Presentation
Chun ha d liu
Session
Transport
Network
TCP
UDP
SPX
IP
IPX
Datalink
802.2
802.3
HDLC
Physical
EIA/TIA
V.35
1
1
4
1
4
1
4
4
3
CABLE:
1. Cp xon 4 i:
L cp thng tin chun STP/UTP Cat-5, gm c 8 si xon vi nhau thnh tng i
mt theo m mu: Cam-Trng v Cam; Lc-Trng v Lc; Dng-Trng v Dng;
Nu-Trng v Nu. Hai u cp ni vi Jack cm RJ-45.
Ty theo chun mu ca 2 u Jack RJ-45 m ta phn bit thnh cc loi sau:
STT
1
2
3
4
5
6
7
8
3
3
2
1
1
2
4
4
Mu sc
Chc nng
STT
Trng L
L
Trng Cam
Dng
Trng Dng
Cam
Trng Nu
Nu
Pht
Pht
Thu
Cha dng
Cha dng
Thu
Cha dng
Cha dng
1
2
3
4
5
6
7
8
Mu sc
Chc nng
3
3
2
1
1
2
4
4
Trng Cam
Cam
Trng L
Dng
Trng Dng
L
Trng Nu
Nu
Pht
Pht
Thu
Cha dng
Cha dng
Thu
Cha dng
Cha dng
Trng hp s dng
Cc thit b mng c chia lm hai nhm:
- Nhm 1: Hub, Switch
- Nhm 2: Cc thit b cn li (Router, Computer, )
Khi u ni hai thit b cng nhm: dng cp cho (crossover)
Khi u ni hai thit b khc nhm: dng cp thng (straight-through)
i vi Switchs:
5
2. Cp Serial:
L cp thng tin (data cable) c 2 u ni vi jack cm DB-60, mt u ni vi
thit b DCE, u cn li ni vi thit b DTE. S dng: Ni 2 cng Serial ca 2
Router, hoc cng serial Router vi tng i s, Frame-Relay
3. Cp console:
hay cn gi l cp Roll : Rolled-over Cable
S ni dy cp Console nh sau :
Cp console c th c
bm li theo s sau:
18
27
36
45
54
63
72
21
6
Lm quen vi ch dng lnh (CLI) v mt s lnh ca router Cisco
Hng dn
1. Ni cp
m bo an ton thit b trong khi thc hnh, cn phi tt hon ton ngun
in cc thit b trong khi ni cp. Dng cp Console ni cng COM1 ca my
PC (dng Terminal chuyn i t DB-9 sang RJ45) vi cng Console ca
Router.
Kim tra li dy v jack cm m bo ni chc chn.
2. ng nhp vo router
Khi ng Windows, vo HyperTerminal
Start Programs Accessories Communicatons Hyper Terminal
t tn v cc thng s nh hnh
Name: <tn file lu tr>
Icon: chn biu tng ty thch
Connect using: COM1
7
y l dng c bn nht c th thng qua mt my tnh cu hnh cc thit b cisco.
Nhng cch thc ny rt b ng, v mt my tnh ch cu hnh c mt router.
Trong thc t phng LAB, ta thng u ni
theo s sau, cu hnh cc router thng
qua Terminal Server.
Terminal Server cung cp truy cp out-ofband, ngha l c th s dng telnet truy
cp router thng qua cng console hay cng
aux. Termial server l router c cc
Asynchronous port ni trc tip vi console
port ca cc thit b router, switch.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Would you like to terminate autoinstall? [yes]:
Bm Enter bt u
vo cu hnh router
9
Bm ? ti Router>? xem tr gip ti mode ny c bao nhiu lnh tt c
Router>?
Exec commands:
access-enable
access-profile
clear
connect
disable
disconnect
enable
exit
help
lock
login
logout
mrinfo
mstat
mtrace
name-connection
pad
ping
ppp
resume
--More--
Vo Priviledge mode:
Router>enable
Router#
Router>enable
Router#logout
10
Lnh gip (?) rt hu dng, bn c th dng trong bt k ch no, Router s a ra
cc lnh c php s dng v ngha ca lnh .
V d mun nh lnh enable ti user mode vo Priviledge mode, nhng bn li qun,
khng nh r lnh enable phi nh nh th no, bn ch cn nh e?
Router>e?
enable exit
Router lit k cho bit, ngay ti mode ny c 2 lnh bt u bng ch e l lnh enable v
lnh exit.
By gi, bn nh vo :
Router>en?
enable
...........................................................................................
...........................................................................................
...........................................................................................
cops
debugging
--More
traffic-shape
users
version
vtemplate
whoami
x25
x29
COPS information
State of each debugging option
router lit k cho ta thy tt c nhng sub-comand i theo sau lnh show, ti y bn lu
c sub-command l version, dng xem tnh trng ca hardware v software
11
Router#s?
*s=show send
slip
start-chat
set
systat
setup
show
RELEASE SOFTWARE
12
Vo ch Global-configuration-mode, dng lnh configuration terminal
Rourter#config terminal
Router(config)#
//c th nh tt l : conf t
t tn cho router l R1
Router(config)#hostname R1
R1(config)#
Sau khi lm xong lnh loggin sync th trn mn hnh console khng cn hin tng b mt
con tr. Lnh exec-timeout X Y c hai tham s X l pht, Y l giy. Dng t thi gian
t kha router nu khng g phm no bt k. Vi thi gian 0 0 c ngha l khng bao gi
timeout. (Ch nn p dng trn thit b phng LAB)
vo mode interface :
R1>en
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface ethernet 0
//lnh tt int e0
R1(config-if)#exit
Sau khi lm xong lnh description cho int e0, bn dng lnh sh int e0 kim tra kt qu.
R1#sh int e0
13
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 0010.7be8.5847 (bia 0010.7be8.5847)
Description: day la int noi vao mang lan
Internet address is 192.168.2.151/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:09, output hang never
IP-Address
OK?
Ethernet0
192.168.2.151 YES
Method
Status
Protocol
NVRAM up
up
Serial0
unassigned
YES
down
Serial1
unassigned
YES
down
14
PASSWORD:
Thng thng c 5 loi password bo mt cho mt router Cisco.
1. Hai loi password u tin l enable password, s dng vo ch priviledge
mode, password ny s yu cu bn nhp vo khi nh lnh enable t user mode vo
privilegde mode.
2. Ba loi cn li t password cho cc ch cho user mode khi truy cp qua cng
console, cng Aux, hay Telnet
//789 c m ha
//456 vn gi nguyn
15
Aux t password cho cng aux, thng dng khi cu hnh cho modem gn router,
quay s vo cu hnh router.
Console t password trc khi vo user mode
vty t password telnet vo router. Nu khng t password, khng th thc hin
telnet vo router.
t password user mode, cn xc nh line mun cu hnh v dng lnh login
cho router bit a ra thng bo chng thc i hi nhp password.
Cu lnh login rt quan trng, nu khng c router s khng thng bo i hi chng
thc.
1. t password aux trn router : vo global config mode nh lnh line aux 0. Ch
rng ch c chn s 0 v ch c mt port aux.
R1(config)#line aux 0
R1(config-line)#login
R1(config-line)#password passaux
16
!
!
!
!
ip subnet-zero
!
!
!
!
interface Ethernet0
--More
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
no ip address
shutdown
!
ip classless
no ip http server
!
!
line con 0
password 123
login
transport input none
line 1 16
line aux 0
password passaux
--More
17
Lnh trn dng copy cu hnh t NVRAM n RAM, dng trong mc ch recovery
password s cp trong phn sau.
Lu : c 3 lnh u thc hin ti priviledge mode
th li cc password t u tin logout ri vo li router. vo c priviledge
mode, cc bn phi tri qua 2 ln kim tra password.
Password USER mode l 123
Password Priviledge mode l 789.
Press RETURN to get started.
TM TT:
Cc lnh c bn dng cu hnh router nh sau:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname rX
RX(config)#enable password 456
RX(config)#enable secret 789
RX(config)#banne motd & chao mung cac ban den voi CCNA tai NHATNGHE &
RX(config)#line console 0
RX(config-line)#loggin syn
RX(config-line)#login
RX(config-line)#password 123
RX(config-line)#exec-timeout 0 0
RX(config-line)#exit
RX(config)#line vty 0 4
RX(config-line)#login
RX(config-line)#password telnet
RX(config-line)#exit
RX(config)#int e 0
RX(config-if)#ip add 192.168.2.150+X 255.255.255.0
RX(config-if)#description day la int noi vao mang lan
18
RX(config-if)#no shut
RX(config-if)#end
RX#sh ver
RX#sh run
RX#wr
Building configuration...
[OK]
RX#
LU : X L S TH T CA ROUTER BN ANG KT NI
19
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Would you like to terminate autoinstall? [yes]:
//bm phm enter
Press RETURN to get started!
20
BI TP CC CU LNH CN BN :
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19. Hn ch tham kho ti liu trong khi thc hin cc lnh c.
A.Thc hin cu hnh router vi yu cu nh sau :
t tn router ca bn l RouterX (X l s th t router ca bn ang kt ni)
Password priviledge khng m ha l 456
Password priviledge m ha l 789
Password console l 123
Mi khi kt ni vo router th c cu thng bo : CCNA NHAT_NGHE
Thi gian router t kha l 5 pht 30 giy
Cc cu thng bo ca router t ng xung hng
Password telnet vo router l Telnet_RouterX
t a ch cho interface ethenet 0 ca router l 192.168.2.150+X
t cu ghi nh cho int e0 l connect to LAN
Lu cu hnh vo NVRAM
Reload v kim tra li cc cu hnh va lm xong. Router ca bn phi kim tra
password 2 ln, lun c cu thng bo mi khi connect vo router, phi ping c
cc router khc.
B.Thc hin tip phn sau nu cn thi gian :
i password console thnh 321
b hn password priviledge mode
khng cho router t logout (t kha)
b a ch IP ADD ca Ether 0 ng thi tt Ether 0
Sau khi thc hin phn B th router ca bn ch cn 1 password duy nht l 321 , khng
c a ch IP ADD v khng t logout.
21
Holdtme
179
126
170
155
139
Capability
T S
R
R
R
R
Platform
1900
2500
2500
2620
2520
Port ID
9
Eth 0
Eth 0
Fas 0/0
Eth 0
22
advertisement version: 1
------------------------Device ID: Router2
Entry address(es):
IP address: 192.168.2.152
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 176 sec
Version :
Cisco Internetwork Operating System Software
--More
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(1)T,
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 16-Mar-00 16:10 by ccai
RELEASE SOFTWARE
advertisement version: 2
Duplex: half
------------------------Device ID: Router16
Entry address(es):
IP address: 192.168.2.166
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 158 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(1)T,
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 16-Mar-00 16:10 by ccai
advertisement version: 2
Duplex: half
--More-(cn na)
RELEASE SOFTWARE
23
Lnh tng ng vi show cdp neighbors detail l show cdp entry *
R1#show cdp entry *
------------------------Device ID: sw1900003094FA5300
Entry address(es):
IP address: 192.168.2.252
Platform: cisco 1900, Capabilities: Trans-Bridge Switch
Interface: Ethernet0, Port ID (outgoing port): 9
Holdtime : 169 sec
Version :
V8.01
advertisement version: 1
------------------------Device ID: Router2
Entry address(es):
IP address: 192.168.2.152
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 176 sec
Version :
Cisco Internetwork Operating System Software
--More
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(1)T,
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 16-Mar-00 16:10 by ccai
RELEASE SOFTWARE
advertisement version: 2
Duplex: half
------------------------Device ID: Router16
Entry address(es):
IP address: 192.168.2.166
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 158 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(1)T,
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 16-Mar-00 16:10 by ccai
advertisement version: 2
Duplex: half
--More-(cn na)
RELEASE SOFTWARE
24
Xem thng tin traffic v cdp ca Router R1:
R1#show cdp traffic
CDP counters :
Total packets output: 177, Input: 818
Hdr syntax: 0, Chksum error: 0, Encaps failed: 6
No memory: 0, Invalid packet: 0, Fragmented: 0
CDP version 1 advertisements output: 87, Input: 447
CDP version 2 advertisements output: 90, Input: 371
Thng tin trng thi CDP trn port hay interface hin th bng lnh show cdp
interface (sh cdp int)
R1#show cdp interface
Ethernet0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
25
Tt CDP trn tng interface dng lnh: no cdp enable
R1#show cdp
% CDP is not enabled
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#cdp run
//bt li CDP trn ton b router R1
R1(config)#^Z
R1#show cdp
//kim tra li, thy R1 bt li CDP
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
R1#show cdp interface
Ethernet0 is up, line protocol is up
// cc interface chy CDP
Encapsulation ARPA
// lu , hin ti E0 ang cha CDP
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
R1#conf t
Enter configuration commands, one per line.
R1(config)#interface e0
R1(config-if)#no cdp enable
R1(config-if)#^Z
R1#
01:37:56: %SYS-5-CONFIG_I: Configured from console by console
R1#
R1#show cdp
//Kim li, thy CDP vn chy trn R1
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
R1#show cdp interface
//nhng interface e0 b tt cdp
Serial0 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
26
TELNET:
Telnet l mt giao thc u cui o (virtual terminal) l mt phn ca b giao thc
TCP/IP. Telnet cho php to kt ni vi thit b t xa, thu nhp thng tin v chy chng
trnh.
Lab ny hng dn dng lnh telnet v cc lnh lin quan trn router.
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17.
t password cho cc ng VTY
R1(config)#line vty 0 4
R1(config-line)#login
R1(config-line)#password telnetpass
R1(config-line)#exit
27
Trying 192.168.2.152 ... Open
.
Password required, but none set
[Connection to 192.168.2.152 closed by foreign host]
R3#
Virtual terminal (VTY) lines cho php vic truy cp vo router thng qua cc phin
ni kt Telnet. VTY lines khng ni trc tip vo cc interfaces nh cch TTY ni
vo asynchronous interface m l cc kt ni o vo router thng qua a ch ca
ethernet port (interface ethernet). Router to nhng VTY lines mt cch linh ng,
trong khi TTY lines l ch ni kt vo nhng cng vt l. Khi ngi dng kt
ni vo router bng VTY line, ngi ang kt ni vo mt cng o trn interface
Sau khi tm thot, ta c th dng lnh sau xem Router ca mnh (R3) ang cn gi
session vi Router no hay khng, bng lnh sau:
R3#show sessions
Conn Host
Address
Byte Idle Conn Name
28
* 1 192.168.2.151
192.168.2.151
2 192.168.2.151
(Enter)
R1#
Cn nu ti R3, sau khi tm thot session khi R1, m by gi mun chm dt session
lun (khng mun quay tr li na) :
R3#show ses
R3#show sessions
Conn Host
* 1 192.168.2.151
Address
192.168.2.151
Byte
0
R3#disconnect 1
Closing connection to 192.168.2.151 [confirm]
R3#show session
% No connections open
R3#
User
User
Host(s)
idle
idle
Mode
Idle
Location
00:00:00
00:00:16 192.168.2.153
Idle Peer Address
User
Host(s)
idle
Mode
Idle
00:00:00
Location
29
TM TT:
1. ngi khc c th telnet vo Router ca mnh, Router ca mnh phi t
password cho cc ng VTY:
Line vty 0 4
Login
Password telnetpass
2. Khi telnet vo Router khc, mun thot hn (chm dt session) tr li Router mnh:
Exit
Logout
Q
3. Khi telnet vo ngi ta, mun tm thot v th bm t hp phm:
<Ctrl+Shift+6> + X
4. Mun bit Router mnh cn ang gi session vi router no:
Show sessions
5. Mun hy session ang tn ti ca mnh vi Router khc:
Disconnect [s th t session]
6. Mun bit ai ang telnet vo mnh:
Show users
7. Mun hy session ca ngi khc ang telnet vo mnh:
Clear line (s th t line)
30
CRACK PASSWORD:
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17.
Cc bc crack password ca Router Cisco:
1. Tt Bt router, nhn t hp phm <Ctrl+Break> trong 30 giy u
khi ng router vo rom monitor mode
2. Khi vo c monitor mode, ta cu hnh lnh gi tr cho config-register l
0x2142 bit th 6 c gi tr l 1 th router trong ln khi ng k s khng load
cu hnh trong nvram vo ram, do ta s khng b hi password
3. Khi ng li router (trong ch 2142, khng load nvram), copy tan b cu hnh
trong nvram vo ram
4. Vo global config mode no cc lai password, hoc i li password theo
mnh. Sau write li cu hnh vo nvram.
5. vo cc interface c cu hnh g thm lnh NO SHUT
6. Dng lnh config-register i li gi tr l 0x2102 router s khi ng bnh
thng tr li trong ln khi ng k tip.
7. Sao lu li cu hnh vo NVRAM bng lnh WRITE v reload li router.
2500 processor with 16384 Kbytes of main memory
Abort at 0x10CFB9E (PC)
>o/r 0x2142
>i
System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE
SOFTWARE (fc1)
Copyright (c) 1986-1997 by cisco Systems
F3: 7873484+123020+586988 at 0x3000060
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
31
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(12), RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Mon 26-Nov-01 21:28 by kellythw
Image text-base: 0x03041C88, data-base: 0x00001000
cisco 2500 (68030) processor (revision B) with 16384K/2048K bytes of
memory.
Processor board ID 01062894, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Token Ring/IEEE 802.5 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!
00:02:15: %SYS-5-RESTART: System restarted -Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(12), RELEASE
Router>
Router>
Router>
Router> SOFTWARE (fc1)
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Mon 26-Nov-01 21:28 by kellythw
Router>
Router>
Router>en
Router#show run
Building configuration...
Current configuration : 376 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
//do boot vi 2142 nn khng c cu hnh
!
!
!
ip subnet-zero
!
!
interface Serial0
no ip address
shutdown
32
--More
interface Serial1
no ip address
shutdown
!
interface TokenRing0
no ip address
shutdown
!
ip classless
no ip http server
!
!
line con 0
line aux 0
line vty 0 4
!
End
Router#copy startup-config running-config
Destination filename [running-config]?
701 bytes copied in 4.16 secs (175 bytes/sec)
Router#
R1#show run
Building configuration...
33
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Mon 26-Nov-01 21:28 by kellythw
Image text-base: 0x03041C88, data-base: 0x00001000
ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE
SOFTWARE (fc1)
BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1,
PLATFORM SPECIFIC RELEASE SOFTWARE (fc1)
R6 uptime is 4 minutes
System returned to ROM by power-on
System image file is "flash:/r6_flash"
cisco 2500 (68030) processor (revision B) with 16384K/2048K bytes of
memory.
Processor board ID 01062894, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Token Ring/IEEE 802.5 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
--More-Configuration register is 0x2142
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#config-register 0x2102
R1(config)#exit
R1#show ver
TM TT:
1. Bt, tt, Ctrl+break
2. >o/r 0x2142
>i
3. Router#copy start run
4. Router#conf t
Router(config)#no enable pass
Router(config)#no enable sec
Router(config)#line cons 0
Router(config-line)#no login
Router(config-line)#no pass
Router(config-line)#exit
5.
Router(config)#int e 0
Router(config-if)#no shut
34
6.
7.
Router(config-if)#exit
Router(config)#conf 0x2102
Router(config)#end
Router#WRITE
Router#reload
thnh
thnh
35
//t tn file
LU : X L S TH T CA ROUTER BN ANG KT NI
Sau khi backup xong ta c th xem trn C:\backup_config s c 1 file tn l
R1_backup_config. Ta c th xem file ny bng wordpad. Backup thnh cng.
RESTORE CU HNH ROUTER:
restore cu hnh trn router, trc ht ta gi s router mt cu hnh (khng c cu
hnh) ta dng lnh WRITE ERASE xa NVRAM ri dng lnh RELOAD khi ng
li router (thc hin cc cu lnh trong phn XA CU HNH ROUTER trang 19)
RX#write erase
Erasing the nvram filesystem will remove all configuration files!
Continue? [confirm]
//bm phm enter
[OK]
Erase of nvram: complete
RX#
*Mar 1 00:05:46.743: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of
nvram
RX#reload
//dng khi ng li router
Proceed with reload? [confirm]
//bm phm enter
Ch : nu router ca bn xut hin cu hi yu cu save cu hnh
router th phi tr li NO
00:04:56: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE
SOFTWARE (fc1)
36
%SYS-4-CONFIG_NEWER: Configurations from version 12.1 may not be
correctly understood.
F3: 7873484+123020+586988 at 0x3000060
............................
..............................
cisco 2620 (MPC860) processor (revision 0x200) with 45056K/4096K bytes
of memory.
Processor board ID JAD05030IL1 (1384535827)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Would you like to terminate autoinstall? [yes]:
//bm phm enter
Press RETURN to get started!
LU : X L S TH T CA ROUTER BN ANG KT NI
Tip theo thc hin lnh copy tftp run restore
Router#copy tftp run
Address or name of remote host []? 192.168.2.X
Source filename []? RX_backup_config
//tn file lc backup
Destination filename [running-config]?
//bm phm enter
Accessing tftp://192.168.2.14/pc14_config...
Loading pc14_config from 192.168.2.1 (via Ethernet0): !!
[OK - 442/4096 bytes]
442 bytes copied in 2.748 secs (221 bytes/sec)
RX#
37
Building configuration...
[OK]
RX#
//KT THC BI LAB BACKUP V RESTORE CU HNH ROUTER
38
Sau khi backup xong, kim tra trong root directory ca TFTP s c 1 file tn l
Rx_Backup_flash. Backup thnh cng.
RESTORE IOS
RX#copy tftp flash
OK (0x8030)
39
Flash copy took 0:03:51 [hh:mm:ss]
%FLH: Re-booting system after download
F3: 7712008+112808+595100 at 0x3000060
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
//tn IOS mi
40
Configuration register is 0x2102
41
STATIC ROUTE:
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Lu vic cu hnh s IP ca cc interface serial thc hin ging nh vic cu hnh s
IP ca cc interface Ethernet. Tuy nhin v cc int serial dng trong vic kt ni WAN do
kt ni cc int serial trong phng LAB ta dng cross cable. V vy mt trong hai u
ca ng kt ni s ng vai tr gi lp thit b DCE. xem v bit c u no l
DCE, hy dng lnh:
R_A#sh controllers s 0
HD unit 0, idb = 0x1027AC, driver structure at 0x108AF0
buffer size 1524 HD unit 0, V.35 DCE cable
cpb = 0x21, eda = 0x4940, cda = 0x4800
RX ring with 16 entries at 0x214800
00 bd_ptr=0x4800 pak=0x10C36C ds=0x21ECC8 status=80 pak_size=0
01 bd_ptr=0x4814 pak=0x10C110 ds=0x21E60C status=80 pak_size=0
02 bd_ptr=0x4828 pak=0x10BEB4 ds=0x21DF50 status=80 pak_size=0
03 bd_ptr=0x483C pak=0x10BC58 ds=0x21D894 status=80 pak_size=0
//y l u DCE
42
R_A(config-if)#exit
R_A(config)interface s1
R_A(config-if)#ip add 172.17.0.1 255.255.0.0
R_A(config-if)#clock rate 64000
R_A(config-if)#no shut
43
R_A(config)#end
R_A#
R_A#sh ip route
Codes: C - connected, S - static, I IGRP, R - RIP, M mobile, B BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 OSPF external type 2, E EGP
i - IS-IS, L1 - IS-IS level-1, L2 IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o ODR
P - periodic downloaded static route
Gateway of last resort is not set
C
C
S
S
S
S
R_A#
R_A#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
R_A#
44
R_B#ping 192.168.4.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
R_B#
45
Flags
Age Type
(perm, OK) 0
IP
(temp, EX) 0
IP
Address(es)
192.168.2.2
66.94.230.41
66.94.230.47
66.94.230.33
66.94.230.43
66.94.230.37
66.94.230.38
46
www.yahoo.akadns.net
www.yahoo.com
abc
abc
66.94.230.50
(temp, UN)
(temp, UN)
(temp, UN)
0
0
0
66.94.230.48
X.121
X.121
R_A#sh int s 0
Serial0 is up, line protocol is down
Hardware is HD64570
Internet address is 172.16.0.1/16
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Serial1 is up, line protocol is up, trng hp ny l trng hp bnh thng, khng
gp vn ti lp 1 v 2, cc interface hoat ng tt
R_A#sh int s 0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 172.16.0.1/16
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
47
BI TP STATIC ROUTE :
Thc hin cu hnh static route trn cc router sau vi cc s IP c cho trong s .
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Yu cu:
Cc routing table trn mi router phi c 11 subnet
Tt c cc router u c th ping c cc a ch ca cc int loopback trn cc
router cn li.
48
DEFAULT ROUTE:
Trong trng hp bi tp trn ta nhn thy cc router R_B v R_C ch dng duy nht mt
a ch next-hop routing, do n gin routing table ta c th dng default route.
cu hnh default route hiu qu, ch nn cu hnh default route ti cc router c mt
gateway ra ngoi. Cu lnh nh sau:
R_B>en
R_B#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R_B(config)#no ip routing
//tt routing
R_B(config)#ip rouitng
//bt routing
R_B(config)#ip route 0.0.0.0 0.0.0.0 10.10.0.0
R_B(config)#end
R_B#
R_B#ping 10.255.50.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.255.50.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
R_B#
49
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Vic cu hnh IP address cc router nh trong hnh tng t nh trong phn static route.
Sau y l cc bc thc hin cu hnh Dynamic routing protocol RIP
Cu hnh ti R1:
r1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
r1(config)#router rip
//bt chc nng routing RIP
r1(config-router)#network 192.168.10.0
//routing trn int s0
r1(config-router)#network 192.168.30.0
//routing trn int s1
r1(config-router)#network 10.0.0.0
//routing trn int loop 1
r1(config-router)#end
r1#
Cu hnh ti R2:
r2#conf t
Enter configuration commands, one per line.
r2(config)#
r2(config)#router rip
r2(config-router)#network 20.0.0.0
r2(config-router)#network 192.168.10.0
r2(config-router)#network 192.168.30.0
r2(config-router)#end
r2#
50
r2#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP
D - EIGRP, EX EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o ODR
P - periodic downloaded static route
Gateway of last resort is not set
R
C
C
C
R
R
r2#
r3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP
D - EIGRP, EX EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o ODR
P - periodic downloaded static route
Gateway of last resort is not set
51
C
R
R
C
R
C
r3#
Trong trng hp khng mun RIP gi update trn interface no th dng lnh passive-int
r1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
r1(config)#router rip
r1(config-router)#passive-interface ?
Ethernet IEEE 802.3
Loopback Loopback interface
Null
Null interface
Serial
Serial
default
Suppress routing updates on all interfaces
<cr>
r1(config-router)#passive-interface e 0 //RIP s khng gui update trn e0
r1(config)#exit
r1#
Dng lnh sh ip protocol xem thng tin v routing protocol trn router
r1#sh ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 22 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Redistributing: rip
Default version control: send version 1, receive any version
Interface
Send Recv Triggered RIP Key-chain
Loopback1
1
1 2
Serial0
1
1 2
Serial1
1
1 2
Automatic network summarization is in effect
Routing for Networks:
//cc network ang c routing
10.0.0.0
192.168.10.0
192.168.30.0
Passive Interface(s):
//cc interface ang trong trng thi passive
Ethernet0
Routing Information Sources:
//cc router gi update cho R1
Gateway
Distance
Last Update
52
192.168.10.2
120
192.168.30.2
120
Distance: (default is 120)
r1#
00:00:07
00:00:02
on Serial0
on Serial1
via Loopback1
via Serial0
53
00:51:13: RIP: build update entries
00:51:13:
network 10.0.0.0 metric 1
00:51:13:
network 30.0.0.0 metric 2
00:51:13:
network 192.168.30.0 metric 1
00:51:13: RIP: sending v1 update to 255.255.255.255 via Serial1
(192.168.30.1)
00:51:13: RIP: build update entries
r1#
00:51:13:
network 10.0.0.0 metric 1
00:51:13:
network 20.0.0.0 metric 2
00:51:13:
network 192.168.10.0 metric 1
r1#
00:51:31: %LINK-3-UPDOWN: Interface Serial1, changed state to down
00:51:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1,
changed state to down
r1#
00:51:33: RIP: sending v1 flash update to 255.255.255.255 via Loopback1
(10.0.0.1)
00:51:33: RIP: build flash update entries
00:51:33:
network 30.0.0.0 metric 16
00:51:33:
network 192.168.30.0 metric 16
00:51:33: RIP: sending v1 flash update to 255.255.255.255 via Serial0
(192.168.10.1)
00:51:33: RIP: build flash update entries
00:51:33:
network 30.0.0.0 metric 16
00:51:33:
network 192.168.30.0 metric 16
00:51:33: RIP: received v1 update from 192.168.10.2 on Serial0
00:51:33:
30.0.0.0 in 16 hops (inaccessible)
00:51:33:
192.168.20.0 in 16 hops (inaccessible)
00:51:33:
192.168.30.0 in 16 hops (inaccessible)
r1#
54
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Cu hnh IGRP ti R1:
r1(config)#router igrp 10
r1(config-router)#net 192.168.10.0
r1(config-router)#net 192.168.30.0
r1(config-router)#net 10.0.0.0
r1(config-router)#end
r1#
55
Cu hnh IGRP ti R3:
r3(config)#router igrp 10
r3(config-router)#net 192.168.20.0
r3(config-router)#net 192.168.30.0
r3(config-router)#net 30.0.0.0
r3(config-router)#end
r3#
Xem c 3 bng routing ta nhn xt thy IGRP load balance equal. By gi thay i tham
s bandwidth v delay s nh hng n metric ca c 3 router.
56
r2#sh ip route
Gateway of last resort is not set
I
C
C
C
I
I
r3#sh ip route
Gateway of last resort is not set
C
I
I
C
I
C
57
Tng t cho R2 v R3
Cc bng routing mi sau khi thm tham s VARIANCE nh sau:
r1#sh ip route
Gateway of last resort is not set
C
I
C
I
C
I
r1#
r2#sh ip route
Gateway of last resort is not set
I
C
C
C
I
I
r2#
r3#sh ip route
Gateway of last resort is not set
C
I
I
C
I
C
r3#
58
192.168.10.0
192.168.30.0
Routing Information Sources:
Gateway
Distance
192.168.10.2
100
192.168.30.2
100
Distance: (default is 100)
Last Update
00:00:33
00:00:49
Khi c mt netID no chuyn trng thi DOWN, IGRP update vi metric 4294967295
l maximum metric ca IGRP.
59
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
A. Cu Hnh Cc Router Trong S Bng RIP Vi Yu Cu Sau:
Tt c cc router u ping c tt c cc a ch loopback ca cc router cn li.
Cc router R1, R2, R3 khng c cc route loadbalance.
Thi gian update l 60s 240s 240s 360s
B. Cu Hnh Thm Cc Router Trong S Bng IGRP Vi Yu Cu Sau:
Tt c cc router u ping c tt c cc a ch loopback ca cc router cn li.
iu chnh tham s:
S0R1---S0R2
bandwidth = 64K bps,
delay = 20000
S1R1---S1R3
bandwidth = 128K bps,
delay = 10000
S1R2---S0R3
bandwidth = 256K bps,
delay = 8000
Cu hnh sao cho cc router loadbalance unequal path
C.Yu Cu Thm Trong Trng Hp Cn Thi Gian:
Gii thch ti sao ti router R1 khng thy c cc subnet ca cc int LOOP trn
cc router khc (R2, R3). Tng t i vi R2 v R3.
Gii thch ti sao hin ti mi router ang chy 2 protocol RIP v IGRP nhng ti
sao trn routing table ch c cc routes hc c bng IGRP.
60
Thc hin cu hnh thm cho RIP sao cho tt c cc router u dng RIP
routing, ch l khng tt IGRP.
Phn tch hot ng ca classfull routing protocol.
61
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Cu hnh a ch IP ADD ca cc int ging trong s , cu hnh routing EIGRP cn bn
nh sau:
Ti router R1:
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s 0
R1(config-if)#ip add 172.16.0.1 255.255.0.0
R1(config-if)#no shut
R1(config-if)#clo ra 64000
R1(config-if)#int s 1
R1(config-if)#ip add 172.17.0.1 255.255.0.0
R1(config-if)#clo ra 64000
R1(config-if)#no shut
R1(config-if)#
R1(config-if)#exit
R1(config)#router eigrp 10
R1(config-router)#network 172.16.0.0
r1(config-router)#network 172.17.0.0
r1(config-router)#no eigrp log-neighbor-warnings
r1(config-router)#end
r1#
62
Ti router R2:
r2(config)#router eigrp 10
r2(config-router)#network 172.16.0.0
r2(config-router)#network 192.168.1.0
r2(config-router)#end
r2#
Ti router R3:
r3(config)#router eigrp 10
r3(config-router)#network 172.17.0.0
r3(config-router)#network 192.168.2.0
r3(config-router)#end
r3#
r2#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o ODR
P periodic downloaded static route
Gateway of last resort is not set
D
C
63
Sending 5, 100-byte ICMP Echos to 192.168.2.81, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/62/84 ms
r2#
r3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o ODR
P - periodic downloaded static route
Gateway of last resort is not set
C
D
D
64
Routing Information Sources:
Gateway
Distance
Last Update
172.16.0.2
90
00:01:28
172.17.0.2
90
00:01:30
Distance: internal 90 external 170
Protocol EIGRP lu tr thm hai loi bng khc vi routing table l neighbor table v
topology table.
r1#sh ip eigrp neighbor
IP-EIGRP neighbors for process 10
H
Address
Interface
Type
1
0
172.16.0.2
172.17.0.2
Se0
Se1
Hold Uptime
SRTT
RTO
(sec)
(ms)
11 00:01:55
27
13 00:01:56 888
200
5000
Cnt Num
0 71
0 3
Seq
65
S ni dy v a ch IP
Cu hnh tng t trong s trc, ch c R3 thay i.
Cu hnh R3:
r3(config)#router eigrp 10
r3(config-router)#net 172.17.0.0
r3(config-router)#net 192.168.1.0
r3(config-router)#end
r3#
r1#
r2#sh ip route
Gateway of last resort is not set
D
C
C
C
D
r2#
r3#sh ip route
Gateway of last resort is not set
C
66
D
D
C
C
r3#
67
4294967295 SM 4294967295 - 1657856 4294967295
00:23:02: IP-EIGRP: Int 192.168.1.144/28 M 4294967295 1657856
4294967295 SM 4294967295 - 1657856 4294967295
EIGRP cho php ta tt auto-summary v ng thi cho php ta cu hnh summary manual.
Cu hnh summary manual ti R2 v R3:
r2(config)#int s 0
r2(config-if)#ip summary-address eigrp 10 192.168.1.64 255.255.255.224
r2(config-if)#end
r2#
r3(config)#int s 1
r3(config-if)#ip summary-address eigrp 10 192.168.1.128 255.255.255.224
r3(config-if)#end
r3#
68
00:24:06: IP-EIGRP:
00:24:06: IP-EIGRP:
128256 - 256 128000
00:24:06: IP-EIGRP:
r1#
00:24:06: IP-EIGRP:
00:24:06: IP-EIGRP:
00:24:30: IP-EIGRP:
00:24:30: IP-EIGRP:
128256 - 256 128000
00:24:30: IP-EIGRP:
00:24:30: IP-EIGRP:
00:24:30: IP-EIGRP:
69
BI TP EIGRP:
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Cu Hnh Cc Router Trong S Bng EIGRP Vi Yu Cu Sau:
Tt c cc router u ping c tt c cc a ch loopback ca cc router cn li.
Cu hnh summary sao cho routing table trn R1 v R2 gim ti mc ti thiu
(khng nhiu hn 8 routes) m vn c kh nng routing bnh thng. Khng c
dng default route
Routing table ca R1 khng nhiu hn 11 routes.
70
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Cu hnh a ch IP ADD ca cc int ging trong s , cu hnh routing OSPF cn bn
nh sau:
Ti router R1:
r1(config)#router ospf 100
r1(config-router)#net 10.12.0.1 0.0.0.0 a 0
r1(config-router)#net 10.13.0.1 0.0.0.0 a 0
r1(config-router)#net 10.1.1.1 0.0.0.0 a 0
r1(config-router)#net 10.1.2.1 0.0.0.0 a 0
r1(config-router)#net 10.1.3.1 0.0.0.0 a 0
Ti router R2:
r2(config)#router ospf 200
r2(config-router)#net 10.23.0.0 0.0.0.255 area 0
r2(config-router)#net 10.12.0.0 0.0.0.255 area 0
r2(config-router)#net 10.2.1.0 0.0.0.255 area 0
r2(config-router)#net 10.2.2.0 0.0.0.255 area 0
r2(config-router)#net 10.2.3.0 0.0.0.255 area 0
71
Ti router R3:
r3(config)#router ospf 300
r3(config-router)#net 10.0.0.0 0.255.255.255 area 0
72
r2#sh ip pro
Routing Protocol is "ospf 200"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Redistributing: ospf 200
Routing for Networks:
10.2.1.2/32
10.2.2.2/32
10.2.3.2/32
10.12.0.2/32
10.23.0.2/32
Routing Information Sources:
Gateway
Distance
Last Update
10.3.3.3
110
00:04:49
10.1.3.1
110
00:04:49
Distance: (default is 110)
ADV Router
Age
Seq#
Checksum Link
10.1.3.1
10.2.3.2
10.3.3.3
94
90
85
0x80000008 0xE41E
0x80000008 0xFCE7
0x80000005 0x3F9C
7
7
7
Pri
State
1
1
FULL/
FULL/
Dead Time
Address
00:00:32
00:00:38
10.12.0.2
10.13.0.3
Serial0
Serial1
73
Process ID 100, Router ID 10.1.3.1, Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host
Serial0 is up, line protocol is up
Internet Address 10.12.0.1/24, Area 0
Process ID 100, Router ID 10.1.3.1, Network Type POINT_TO_POINT, Cost:
64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.2.3.2
Suppress hello for 0 neighbor(s)
Serial1 is up, line protocol is up
Internet Address 10.13.0.1/24, Area 0
Process ID 100, Router ID 10.1.3.1, Network Type POINT_TO_POINT, Cost:
64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03
Index 5/5, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.3.3.3
Suppress hello for 0 neighbor(s)
74
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh sau trn c R1, R2
v R3:
r1(config)#no ip routing
r1(config)#ip routing
r1(config)#int s0
r1(config-if)#no ip add
r1(config-if)#shut
r1(config)#int s1
r1(config-if)#no ip add
r1(config-if)#shut
r1(config)#int e0
r1(config-if)#ip add 10.10.X.1 255.255.255.0
r1(config-if)#no shut
Tham s X l tham s c gio vin cung cp, c dt khc nhau
trnh trng hp trng s IP ADD.(X l s nhm ca bn)
Cu hnh ti R1:
r1(config)#router ospf 100
r1(config-router)#net 10.0.0.0 0.255.255.255 a 0
75
Cu hnh ti R2:
R2(config)#router ospf 100
R2(config-router)#net 10.0.0.0 0.255.255.255 a 0
Cu hnh ti R3:
R3(config)#router ospf 100
R3(config-router)#net 10.0.0.0 0.255.255.255 a 0
Database ti R1:
r1#sh ip ospf data
OSPF Router with ID (10.1.3.1) (Process ID 100)
Router Link States (Area 0)
Link ID
count
10.1.3.1
10.2.3.2
10.3.3.3
ADV Router
Age
Seq#
Checksum Link
10.1.3.1
10.2.3.2
10.3.3.3
71
71
50
0x80000003 0xB0CF
0x80000002 0x3F37
0x80000002 0xCB9F
4
4
4
ADV Router
10.3.3.3
Age
50
Seq#
Checksum
0x80000002 0x7D5F
Trn R1 khng ch c cc router link state, ngoi ra cn c Net link state do DR gi.
r1#sh ip ospf nei
Neighbor ID
Pri
10.3.3.3
1
10.2.3.2
1
State
FULL/DR
FULL/BDR
Dead Time
00:00:38
00:00:35
Address
10.10.1.3
10.10.1.2
Interface
Ethernet0
Ethernet0
State
FULL/DROTHER
FULL/DR
Dead Time
00:00:30
00:00:30
Address
10.10.1.1
10.10.1.3
Interface
Ethernet0
Ethernet0
State
FULL/BDR
FULL/DROTHER
Dead Time
00:00:39
00:00:32
Address
10.10.1.2
10.10.1.1
Interface
Ethernet0
Ethernet0
76
STANDARD ACCESS-LIST:
Strandard access-list ch c th lc cho php hoc cm cc packet da trn a ch
source ca packet . Vic cu hnh access-list phi thc hin hai giai on:
Cu hnh to access-lits
Apply access-lits vo interface
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
cc router trong s c kh nng routing, ta cu hnh RIP. d thc hin, ta dng
cc cu lnh sau:
RX(config)#router RIP
RX(config-router)#net 10.0.0.0
RX(config-router)#end
RX#
77
RX(config)#access-list 1 permit any
RX(config)#int s 0
RX(config-if)#ip access-group 1 in
RX(config)#int s 1
RX(config-if)#ip access-group 1 in
RX(config-if)#end
Sau khi lm xong, ta thc hin lnh PING t RY, kt qu thnh cng v default lnh PING
s dng a ch IP ADD ca OUTGOING interface lm a ch SOURCE do kim
tra kt qu ca access-list, ta dng lnh PING vi extended command.
Cc kt qu di y c thc hin trn cc router R_A v R_B. trong X=1=R_A;
Y=2=R_B
Dng lnh Ping vi cc thng s thm vo a ch source kim tra th kt qu:
R_B#ping
Protocol [ip]:
Target IP address: 10.1.1.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: yes
Source address or interface: 10.2.2.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
R_B#
R_B#ping
Protocol [ip]:
Target IP address: 10.1.1.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: yes
Source address or interface: 10.2.1.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 10.1.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
78
ICMP:
ICMP:
ICMP:
R_A#
ICMP:
R_A#
ICMP:
R_A#
ICMP:
c
Cng nh trng hp trn, ta phi dng cu lnh ip telnet source-interface loop 2 ti R_Y
ch nh source cho router RY telnet:
LOOP2 ca RY khng th telnet vo RX:
R_B#conf t
R_B(config)#ip telnet source-interface loop 2
R_B(config)#^Z
R_B#10.1.2.1
Trying 10.1.2.1 ...
% Connection refused by remote host
R_B#
79
B.
80
R_A#sh line
Tty Typ
Tx/Rx
A Modem
* 0 CTY
Line 1 is currently invalid
Line 2 is currently invalid
Line 3 is currently invalid
4 AUX
9600/9600
5 VTY
6 VTY
7 VTY
8 VTY
9 VTY
-
20
20
20
20
20
R_A#sh ip int s 0
Serial0 is up, line protocol is up
Internet address is 10.12.0.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is enabled
Multicast reserved groups joined: 224.0.0.9
Outgoing access list is not set
Inbound access list is 110
Uses
0
Noise
4
Overruns
0/0
0
7
0
0
0
0
0
0
0
0
0
0
0/0
0/0
0/0
0/0
0/0
0/0
81
EXTENDED ACCESS-LIST:
Extended access-list cho php ta kim tra v chn cc packet da trn a ch source,
source port, a ch ch v port ca ch n, do ta c th ch nh cm hoc cho php
i vi tng applycation. Dng li s s IP nh trng hp standard access-list.
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
cc router trong s c kh nng routing, ta cu hnh RIP. d thc hin, ta dng
cc cu lnh sau:
RX(config)#router RIP
RX(config-router)#net 10.0.0.0
RX(config-router)#end
RX#
82
RX(config)#access-list 100 deny TCP host 10.Y.2.Y host 10.X.3.X eq 23
RX(config)#access-list 100 permit IP any any
RX(config)#int s 0
RX(config-if)#ip access-group 100 in
RX(config)#int s 1
RX(config-if)#ip access-group 100 in
RX(config-if)#end
R_A>q
[Connection to 10.1.1.1 closed by foreign host]
R_B#10.1.2.1
Trying 10.1.2.1 ...
% Destination unreachable; gateway or host down
R_B#10.1.3.1
//khng c telnet vo loop2 v loop3 ca R_A
Trying 10.1.3.1 ...
% Destination unreachable; gateway or host down
R_B#
B.
83
R_B#
84
BI TP ACCESS-LIST:
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Cu hnh EIGRP 10 routing, sau cu hnh access-list nh sau:
Ti R_A:
Cm khng cho ton b Subnet Loop1 ca R_B telnet vo Loop1 ca R_A
Cm khng cho ton b Subnet Loop1 ca R_C lin lc vi Loop1 ca R_A
Cm khng cho bt k s IP no khc vi NET 10.0.0.0 c lin lc vi R_A
Tt c cc loi traffic trong ton h thng u hot ng bnh thng.
Ti R_B:
Cm khng cho ton b Subnet Loop2 ca R_A telnet vo Loop2 ca R_B
Cm khng cho ton b Subnet Loop2 ca R_C lin lc vi Loop2 ca R_B
Cm khng cho bt k s IP no khc vi NET 10.0.0.0 c lin lc vi R_B
Tt c cc loi traffic trong ton h thng u hot ng bnh thng.
Ti R_C:
Cm khng cho ton b Subnet Loop3 ca R_A telnet vo Loop3 ca R_C
Cm khng cho ton b Subnet Loop3 ca R_C lin lc vi Loop3 ca R_C
Cm khng cho bt k s IP no khc vi NET 10.0.0.0 c lin lc vi R_C
Tt c cc loi traffic trong ton h thng u hot ng bnh thng.
o Yu cu chung:
Lm duy nht mt name access-list tn l: bai_tap_access_list
Access-list khng di hn 3 hng
85
NAT:
cc my PC trong mng LAN c th lin lc vi cc my tnh khc trn th gii, chng
phi c mt s IP dng lm a ch lin lc vi bn ngoi. iu ny hu nh khng th
thc hin c vi IP V.4. Do cc PC trong mng LAN c t s IP private, y l
cc s IP khng hp l trn Internet (khng th routing bng cc s ny). Trn thc t, cc
PC trong mng LAN s lin lc ra internet bng hai cch: Proxy server hoc NAT. Dng
Proxy s gp nhiu kh khn trong vic tng thch vi cc application khc nhau. Cch
dng NAT c ng dng rng ri hn v u im tng thch vi rt nhiu Application.
Trong chng trnh CCNA ta hc cch thc hin hai loi NAT l Dynamic NAT v Static
NAT.
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.Z l tham
s do gio vin cung cp cho bn trnh trng hp trng s IP.(Z l s nhm ca
bn)
86
private. Net from ISP 203.162.Z.0/24 c gi lp l NET_ID m ISP cung cp cho khch
hng. Sau khi cu hnh xong s ip add, cc router phi hot ng c nh sau:
R_B ping c R_C v S0 ca R_A
R_B#p 192.168.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R_B#p 210.10.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
R_C khng th ping c S0 ca R_B v thiu thng s trong bng routing, hin
nhin khng ping c S0 ca R_A
R_C#p 210.10.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R_C#p 210.10.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R_B#p 65.5.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 65.5.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Cu hnh tip theo ti R_A, R_B v R_C cc router ny c kh nng routing bnh
thng:
R_C t default route v R_B
R_C#conf t
R_C(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
R_B#conf t
R_B(config)#ip route 0.0.0.0 0.0.0.0 210.10.1.1
R_A#conf t
R_A(config)#ip route 203.162.1.0 255.255.255.0 s0
87
R_C#p 210.10.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R_B#p 65.5.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 65.5.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
R_A#p 192.168.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R_C#p 210.10.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R_C#p 65.5.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 65.5.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CNG LC
R_A#debug ip icmp
ICMP packet debugging is on
R_A#
01:50:07: ICMP: echo reply sent,
01:50:09: ICMP: echo reply sent,
01:50:11: ICMP: echo reply sent,
01:50:13: ICMP: echo reply sent,
01:50:15: ICMP: echo reply sent,
01:50:21: ICMP: echo reply sent,
01:50:23: ICMP: echo reply sent,
01:50:25: ICMP: echo reply sent,
01:50:27: ICMP: echo reply sent,
01:50:29: ICMP: echo reply sent,
src
src
src
src
src
src
src
src
src
src
88
Sau khi thc hin cc cu lnh trn ti R_B, R_C c kh nng lin lc vi R_A
R_C#p 210.10.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/44 ms
R_C#p 65.5.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 65.5.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/40 ms
ICMP:
ICMP:
ICMP:
ICMP:
ICMP:
echo
echo
echo
echo
echo
reply
reply
reply
reply
reply
sent,
sent,
sent,
sent,
sent,
src
src
src
src
src
210.10.1.1,
210.10.1.1,
210.10.1.1,
210.10.1.1,
210.10.1.1,
ICMP:
ICMP:
ICMP:
ICMP:
ICMP:
echo
echo
echo
echo
echo
reply
reply
reply
reply
reply
sent,
sent,
sent,
sent,
sent,
src
src
src
src
src
65.5.1.1,
65.5.1.1,
65.5.1.1,
65.5.1.1,
65.5.1.1,
dst
dst
dst
dst
dst
dst
dst
dst
dst
dst
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
210.10.1.2
Outside local
65.5.1.1:5777
65.5.1.1:5778
65.5.1.1:5779
65.5.1.1:5780
65.5.1.1:5781
210.10.1.1:6551
210.10.1.1:6552
210.10.1.1:6553
210.10.1.1:6554
210.10.1.1:6555
Outside global
65.5.1.1:5777
65.5.1.1:5778
65.5.1.1:5779
65.5.1.1:5780
65.5.1.1:5781
210.10.1.1:6551
210.10.1.1:6552
210.10.1.1:6553
210.10.1.1:6554
210.10.1.1:6555
2. Dynamic NAT
Trong trng hp tng qut hn, c th cu hnh NAT trn cc s IP ca ISP cung cp cho
khch hng. iu ny cho php m rng thm kh nng hot ng ca NAT. Trong s
NET 203.162.Z.0/24 l cc s IP do ISP cung cp, ta cu hnh NAT trn 10 s u tin
(203.162.Z.1-203.162.Z.10). thc hin cc lnh sau ti R_B:
R_B#cle ip nat trans *
R_B#conf t
R_B(config)#no ip nat inside source list 1 int s0 overload
89
R_B(config)#ip nat pool abc 203.162.1.1 203.162.1.10 netmask 255.255.255.0
R_B(config)#ip nat inside source list 1 pool abc overload
R_C#p 210.10.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.10.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/44 ms
R_C#p 65.5.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 65.5.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/40 ms
R_A#
01:56:01:
01:56:01:
01:56:01:
01:56:01:
01:56:02:
R_A#
01:56:04:
01:56:04:
01:56:04:
01:56:04:
01:56:04:
ICMP:
ICMP:
ICMP:
ICMP:
ICMP:
echo
echo
echo
echo
echo
reply
reply
reply
reply
reply
sent,
sent,
sent,
sent,
sent,
src
src
src
src
src
210.10.1.1,
210.10.1.1,
210.10.1.1,
210.10.1.1,
210.10.1.1,
ICMP:
ICMP:
ICMP:
ICMP:
ICMP:
echo
echo
echo
echo
echo
reply
reply
reply
reply
reply
sent,
sent,
sent,
sent,
sent,
src
src
src
src
src
65.5.1.1,
65.5.1.1,
65.5.1.1,
65.5.1.1,
65.5.1.1,
Inside local
192.168.1.3:4358
192.168.1.3:4359
192.168.1.3:4360
192.168.1.3:4361
192.168.1.3:4362
192.168.1.3:9058
192.168.1.3:9059
192.168.1.3:9060
192.168.1.3:9061
192.168.1.3:9062
dst
dst
dst
dst
dst
dst
dst
dst
dst
dst
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
203.162.1.1
Outside local
65.5.1.1:4358
65.5.1.1:4359
65.5.1.1:4360
65.5.1.1:4361
65.5.1.1:4362
210.10.1.1:9058
210.10.1.1:9059
210.10.1.1:9060
210.10.1.1:9061
210.10.1.1:9062
Outside global
65.5.1.1:4358
65.5.1.1:4359
65.5.1.1:4360
65.5.1.1:4361
65.5.1.1:4362
210.10.1.1:9058
210.10.1.1:9059
210.10.1.1:9060
210.10.1.1:9061
210.10.1.1:9062
// LU : SAU KHI THC HIN XONG CU HNH STATIC NAT PHI RELOAD
LI ROUTER CU HNH MI C TC DNG.//
R_B#sh ip nat tran
Pro Inside global
--- 203.162.1.100
Inside local
192.168.1.3
Outside local
---
Outside global
---
90
R_C#
3
3
3
3
91
PPP:
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Trong bi LAB ny yu cu hai router cng thc hin, cc kt qu c trch dn di y
c thc hin ti hai router RA v RB. Lm tng t i vi RA v RC.
t a ch IP cho Router RA
RA(config)#INT S0
RA(config-if)#ip add 192.168.1.1 255.255.255.0
RA(config-if)#clo ra 64000
RA(config-if)#no shut
RA(config-if)#int s 1
RA(config-if)#ip add 192.168.2.1 255.255.255.0
RA(config-if)#clo ra 64000
RA(config-if)#no shut
t a ch IP cho Router RB
RB(config)#int s0
RB(config-if)#ip add 192.168.1.2 255.255.255.0
RB(config-if)#no shut
92
RA#sh int s 0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input 00:00:05, output 00:00:02, output hang never
Last clearing of "show interface" counters never
RB#sh int s0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.168.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input 00:00:00, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/64/0 (size/threshold/drops)
Conversations 0/1 (active/max active)
RB#p 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
RB#
Thng thng, tng thch han tan vi cc lai router khc nhau, ngi ta thng
chuyn sang s dng PPP thay cho HDLC
RA(config)#int s0
RA(config-if)#encapsulation ppp
Ngay sau khi va chuyn sang s dng PPP cho interface s0 ca RA, th RA khng th lin
lc c RB, v RB vn ang c ng gi l HDLC, ta c th kim tra bng cch t RB
ping th RA:
RB#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
RA#sh int s 0
Serial0 is up, line protocol is down
Hardware is HD64570
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP REQsent
Closed: ipcp, cdp
Last input 00:00:03, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
93
Queueing strategy: weighted fair
Output queue: 0/64/0 (size/threshold/drops)
Conversations 0/2 (active/max active)
Reserved Conversations 0/0 (allocated/max allocated)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
34 packets input, 3197 bytes, 0 no buffer
Received 28 broadcasts, 0 runts, 0 giants
1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 1 abort
Phng php ng gi PPP c nhiu la chn thm cho cu hnh, trong c phm la
chn phng thc chng thc:
RA(config) #int s0
RA(config-if)#ppp authentication chap
RB(config)#int s0
RB(config-if)#ppp authentication chap
Serial0:
Serial0:
Serial0:
Serial0:
Serial0:
Serial0:
Serial0:
Serial0:
94
RB#conf t
RB#username RA password nhatnghe
RA#
%LINK-3-UPDOWN: Interface Serial0, changed state to up
PPP Serial0: Send CHAP challenge id=36 to remote
PPP Serial0: CHAP challenge from RB
PPP Serial0: CHAP response id=36 received from RB
PPP Serial0: Send CHAP success id=36 to remote
PPP Serial0: remote passed CHAP authentication.
PPP Serial0: Passed CHAP authentication with remote.
RA#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to
up
RA#
tit kim bng thng, PPP cho php tin hnh nn d liu trc khi truyn i, v gii
nn d liu khi nhn c.
nn, dng lnh : compress stac
Cu hnh compress cho RA, ping th vi ln n RB, sau dng lnh show compress
xem thng k v vic nn, gii nn, ta thy t l l 0 v do bn RB cha khai bo compress:
RA(config-if)#compress stac
RA#
00:40:14: %SYS-5-CONFIG_I: Configured from console by console
R13#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
R13#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
R13#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
95
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
RA#sho compress
Serial0
Software compression enabled
uncompressed bytes xmt/rcv 0/0
1 min avg ratio xmt/rcv 0.000/0.000
5 min avg ratio xmt/rcv 0.000/0.000
10 min avg ratio xmt/rcv 0.000/0.000
no bufs xmt 0 no bufs rcv 0
resyncs 0
Additional Stacker Stats:
Transmit bytes: Uncompressed =
0 Compressed = 0
Received bytes: Compressed =
0 Uncompressed = 0
96
FRAME RELAY:
S ni dy v a ch IP
Trong lab ny yu cu bn thc hin trc cc cu lnh trong phn XA CU HNH
ROUTER trang 19, sau thc hin tip phn TM TT trang17. Lu khi t s IP
ADD theo s . Hn ch tham kho ti liu trong khi thc hin cc lnh c.
Trong s ny, RA lm nhim v gi lp mi trng truyn thng FRAME RELAY.
Cu hnh Router RA lm nhim v Frame-relay Switch:
RA(config)#frame-relay switching
RA(config)#int s0
RA(config-if)#no ip address
RA(config-if)#clock rate 64000
RA(config-if)#encapsulation frame-relay
RA(config-if)#no shut
RA(config-if)#frame-relay lmi-type cisco
RA(config-if)#frame-relay intf-type dce
RA(config-if)#frame-relay route 500 int s1 600
RA(config)#int s1
RA(config-if)#no ip add
RA(config-if)#clock rate 64000
RA(config-if)#encapsulation frame-relay
RA(config-if)#no shut
RA(config-if)#frame-relay lmi-type ansi
RA(config-if)#frame-relay intf-type dce
RA(config-if)#frame-relay route 600 int s0 500
97
1. Khai bo phng thc ng gi l Fram-relay
RB(config-if)#int s0
RB(config-if)#ip add 192.168.10.1 255.255.255.0
RB(config-if)#encapsulation frame-relay
RB(config-if)#no shut
RC(config-if)#int s1
RC(config-if)#ip add 192.168.10.2 255.255.255.0
RC(config-if)#encapsulation frame-relay
RC(config-if)#no shut
2. Trong trng hp ISP khng cho php Invert ARP hot ng, phi dng lnh Map IP
c hai u kt ni:
RB(config)#int s0
RB(config-if)#frame-relay map ip 192.168.10.2 500
RC(config)#int s1
RC(config-if)#frame-relay map ip 192.168.10.1 600
Xem frame-relay map hin ti ch cn li l static, sau khi nh lnh frame-relay map:
RB#sh fram pvc map
Serial1 (up): ip 192.168.10.2 dlci 500(0x258,0x9480),
CISCO, status defined, active
static,
static,
98
RC(config-if)#ip add 192.168.7.7 255.255.255.0
RB(config)#router rip
RB(config-router)#net 192.168.10.0
RB(config-router)#net 192.168.7.0
RB(config-router)#^Z
via Loopback1
via Serial1
via Loopback1
via Serial1
RC#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C
C
99
RB(config-if)#frame-re map ip 192.168.10.2 500 broadcast
RC(config)#int s 1
RC(config-if)#frame map ip 192.168.10.1 600 broadcast
100
Router RC:
01:19:45: RIP: sending v1 update to 255.255.255.255 via Loopback1
(192.168.7.7)
01:19:45: RIP: build update entries
01:19:45:
network 192.168.10.0 metric 1
01:19:45: RIP: sending v1 update to 255.255.255.255 via Serial1
(192.168.10.2)
01:19:45: RIP: build update entries
01:19:45:
network 192.168.7.0 metric 1
01:19:45:
subnet 192.168.10.0 metric 1
RC(config-if)#
01:19:48: RIP: received v1 update from 192.168.10.1 on Serial1
01:19:48:
192.168.7.0 in 2 hops
RC(config-if)#^Z
RC#
01:19:57: %SYS-5-CONFIG_I: Configured from console by console
RC#
01:20:01: RIP: received v1 update from 192.168.10.1 on Serial1
01:20:01:
192.168.7.0 in 2 hops
01:20:01:
192.168.9.0 in 1 hops
01:20:01:
192.168.10.0 in 1 hops
RC#
01:20:03: RIP: sending v1 flash update to 255.255.255.255 via Loopback1
(192.168.7.7)
01:20:03: RIP: build flash update entries
01:20:03:
network 192.168.9.0 metric 2
01:20:03: RIP: sending v1 flash update to 255.255.255.255 via Serial1
(192.168.10.2)
01:20:03: RIP: build flash update entries
01:20:03:
network 192.168.9.0 metric 2
RC#
RC#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
R
C
C
C th xem li:
RC#sh fram map
Serial1 (up): ip 192.168.10.1 dlci 600(0x258,0x9480), static,
broadcast,
CISCO, status defined, active