[P1&P2&BBR]通用部分
| router eigrp 100 net x.x.x.x [P1R1] int s1/0 ip add 10.0.0.2 255.0.0.0 no shut encpa fr fr map ip 10.0.0.1 103 br Serial1/0.1 (up): ip 11.0.0.2 dlci 604(0x25C,0x94C0), static, broadcast, CISCO, status defined, active Serial1/0.1 (up): ip 11.0.0.3 dlci 605(0x25D,0x94D0), static, broadcast, CISCO, status defined, active |
[P1R2|P2R1|P2R2]配置都是这样,不再阐述
| [BBR1] int s1/0 no ip add no shut int s1/0.1 mu ip add 10.0.0.1 fr map ip 10.0.0.2 301 br fr map ip 10.0.0.3 302 br [BBR2] int s1/0 no ip add no shut int s1/0.1 mu ip add 11.0.0.1 fr map ip 11.0.0.2 604 br fr map ip 11.0.0.3 605 br |
非等价负载均衡[在P1范围内测试]
整个网络收敛后,路由表,我们在P1R4上察看路由表
| [Copy to clipboard] CODE: D 200.200.200.0/24 [90/2300416] via 192.168.4.2, 00:03:37, FastEthernet0/0 [90/2300416] via 192.168.3.1, 00:03:37, Serial1/0 |
ok,这里看到到达200.200.200.0的两条路由的metric完全相同,我们在P1R3上定义ACL抓PAC
access-list 101 permit icmp any 200.200.200.0 255.255.255.0
deb ip pac 101
看到ping 200.200.200.200结果
| [Copy to clipboard] CODE: Sending 5, 100-byte ICMP Echos to 200.200.200.200, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/24/48 ms P1R4# 18:34:57: IP: tableid=0, s=192.168.4.1 (local), d=200.200.200.200 (FastEthernet0/0), routed via RIB 18:34:57: IP: s=192.168.4.1 (local), d=200.200.200.200 (FastEthernet0/0), len 100, sending 18:34:57: IP: tableid=0, s=192.168.3.2 (local), d=200.200.200.200 (Serial1/0), routed via RIB 18:34:57: IP: s=192.168.3.2 (local), d=200.200.200.200 (Serial1/0), len 100, sending 18:34:57: IP: tableid=0, s=192.168.4.1 (local), d=200.200.200.200 (FastEthernet0/0), routed via RIB 18:34:57: IP: s=192.168.4.1 (local), d=200.200.200.200 (FastEthernet0/0), len 100, sending 18:34:57: IP: tableid=0, s=192.168.3.2 (local), d=200.200.200.200 (Serial1/0), routed via RIB |
上面的是等价负载均衡,下面我们要设法改变某个接口的metric,默认是BW和Delay在起作用,那么如果你必须更改DELAY或BANDWDITH以达到你的特殊目的,建议你更改DELAY,因为其它协议也要用到BANDWITH如OSPF,另外,在使用限制EIGRP使用带宽的命令中也涉及到BANDWITH,所以一般修改DELAY参数(尤其在做实验时,为了简化METRIC值)
先察看默认的delay和eigrp top 表
| sh int f0/0 P1R4#sh int f0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is cc03.0c7c.0000 (bia cc03.0c7c.0000) Internet address is 192.168.4.1/24 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec |
下面更改
int f0/0
delay 1000
[P1R2|P2R1|P2R2]配置都是这样,不再阐述
| [BBR1] int s1/0 no ip add no shut int s1/0.1 http://CiscoTec.CN CiscoTec.cn [Copy to clipboard] |
CODE:
察看sh ip route
| D 200.200.200.0/24 [90/2300416] via 192.168.3.1, 00:00:01, Serial1/0 D 172.17.0.0/16 [90/2942976] via 192.168.4.2, 00:00:01, FastEthernet0/0 D 172.16.0.0/16 [90/3452416] via 192.168.4.2, 00:00:01, FastEthernet0/0 D 172.19.0.0/16 [90/2942976] via 192.168.4.2, 00:00:01, FastEthernet0/0 D 172.18.0.0/16 [90/3454976] via 192.168.4.2, 00:00:01, FastEthernet0/0 |
到达200.200.200.0的最佳路径已经变为1条,f0/0已经被去除
那么我们察看一下top表中到达该网段的所有可行路径
| [Copy to clipboard] CODE: P1R4#sh ip eigrp top 200.200.200.0 IP-EIGRP (AS 100): Topology entry for 200.200.200.0/24 State is Passive, Query origin flag is 1, 2 Successor(s), FD is 2300416 Routing Descriptor Blocks: 192.168.3.1 (Serial1/0), from 192.168.3.1, Send flag is 0x0 Composite metric is (2300416/156160), Route is Internal Vector metric: Minimum bandwidth is 1544 Kbit Total delay is 25100 microseconds Reliability is 255/255 Load is 1/255 Minimum MTU is 1500 Hop count is 2 192.168.4.2 (FastEthernet0/0), from 192.168.4.2, Send flag is 0x0 Composite metric is (2553856/2297856), Route is Internal Vector metric: Minimum bandwidth is 1544 Kbit Total delay is 35000 microseconds Reliability is 255/255 Load is 1/255 Minimum MTU is 1500 Hop count is 2 |
可以看到
| [Copy to clipboard] CODE: 192.168.3.1 (Serial1/0), from 192.168.3.1, Send flag is 0x0 Composite metric is (2300416/156160), Route is Internal 192.168.4.2 (FastEthernet0/0), from 192.168.4.2, Send flag is 0x0 Composite metric is (2553856/2297856), Route is Internal |
因为我们更改了delay值,导致f0/0的metric由原来的2300416/156160变为2553856/2297856),导致f0/0从最优路径中被删除
那么2300416和2553856之间的差别只有不到2倍,这里我们使用variance来更改
router eigrp 100
var 2
然后,再次察看ip route
验证结果
[Copy to clipboard]
CODE:
P1R4#sh ip route
D 200.200.200.0/24 [90/2300416] via 192.168.3.1, 00:00:22, Serial1/0
[90/2553856] via 192.168.4.2, 00:00:22, FastEthernet0/0
variance 2
最佳路径度量乘以这个值后得到一个数,若次优路径度量值小于这个数,就会被和最佳路径一起装入路由表。
================================================================
下面我们在P1范围内进行EIGRP验证实验[P1R3-P1R4]
[P1R3&P1R4通用部分]
| key chain cisco key 1 key-string mypass int s1/0 ip auth key eigrp 100 cisco ip auth mod eigrp 100 md5 注意和RIP区分 ip rip auth key xxx ip rip auth key md5 |
下面我们在P1R4上当方面应用key-chain到s1/0
在应用之前我们观察目前邻居情况
| P1R4#sh ip eigrp nei IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 1 192.168.3.1 Se1/0 13 00:00:01 1 2000 1 0 0 192.168.4.2 Fa0/0 11 00:32:20 25 200 0 166 |
可以看到对方
然后在s1/0上应用key chain,再次观察
| P1R4#sh ip eigrp nei IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 0 192.168.4.2 Fa0/0 11 00:34:12 25 200 0 166 |
已经消失了
验证结果
在对端的s1/0上同样实施key chain后
| P1R4#sh ip eigrp nei IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 1 192.168.3.1 Se1/0 12 00:00:04 1 3000 0 139 0 192.168.4.2 Fa0/0 11 00:35:06 25 200 0 166 |
验证匹配后邻居关系再次建立
关于EIGRP的验证附属实验
我们知道RIP支持两种认证,明文和MD5,但是有人却说EIGRP只支持MD5验证,但是配置的时候却需要指定MD5,那么我们在上面
的基础上,去掉最后指定MD5的语句看看
no ip auth mod eigrp 100 md5
但是结果却是
| [Copy to clipboard] CODE: P1R3(config-if)# 20:39:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 192.168.3.2 (Serial1/0) is down: authentication mode changed P1R3(config-if)# 20:40:06: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 192.168.3.2 (Serial1/0) is up: new adjacency [Copy to clipboard] CODE: P1R4#sh ip eigrp nei IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 1 192.168.3.1 Se1/0 11 00:01:57 1 3000 0 141 0 192.168.4.2 Fa0/0 13 00:42:43 25 200 0 166 |
邻居关系一样建立好好的,而且对端经过确认可以正常的从P1R4学习到完整的路由表,所以说明文和MD5他都支持的
[另外建议的实验]
通过debug eigrp xxx观察hell,interval,hold等
知识点:
EIGRP5种协议报文
Hello:建立邻居关系,224.0.0.10,不需要确认
LAN,p2p WAN,MP带宽大于T1: 5秒间隔
MP带宽小于T1: 60秒间隔
注意:hold time为hello time的3倍,改变hello需要手工指定hold
#ip eigrp hold-time
Update:发送路由更新
Query:询问邻居关于路由的信息
Reply:对query的回复
以上3种报文需要进行显式确认(即每个报文需要单独确认),并设置序列号以便重传,次数限制为16
ACK:确认
EIGRP metricsMetric = [K1 * BandW + (K2 * BandW)/(256-load) + K3*Delay] * [K5/(reliability + K4)]
By default: K1=K3=1 and K2=K4=K5=0, so:
Metric = 10000000/BandW*256 + Delay/10*256
show interface 察看value
注意:k的值包含在hello报文中,不匹配邻居关系不会建立
为重分布路由设置一个缺省metric
default-metric 10000 100 255 1 1500
关于Finite stat machine(FSM)
当某种事件引起PASSIVE状态的路由,进行重新查找FS时,如果有FS则FS升级成S(SUCCESSOR),如果没有则路由器向所有邻居发送QUERY,此路由变为ACTIVE状态,此状态下有很多限制,例如不可更改FD,不可更改SUCCESSOR等,当所有发出的QUERY都收到REPLY时,路由器对此路由重新进行计算,并选出新的S,FD,删除不符合FC条件的FS(FC的一个重要条件是:下一跳路由所通告的距距离(AD)必要小于当前的FD,这是为了防止LOOP等)并发送UPDATE。做为接收到路由器发出QUERY的路由器在他的FS里找出最好的通告给初始路由器,如果他也没有,则同理,发送QUERY。需要指出的一点是缺省情况下如果路由器在3分钟内没有收到某一QUERY的REPLY则进行SIA状态,并对从此邻居所收到的所有路由进行QUERY,时间可以手动更改还有一点,一个设计好的网络不应该出现SIA的情况,一种错误的认识是设计多个AS连接起来,事实证明这种方法并不
好,因为QUERY在AS 边界会被发送到另一个AS去,其结果是本AS中没有SIA,但另一个AS中可能存在SIA其实,FSM比上边说的还要复杂,(非常复杂)例如,引起路由状态改变的因素可以有三种,如新发现路由等等,不同的因素引发的状态改变以及不同的方向上收到Q UERY以及REPLY还会有不同的处理EIGRP Unequal-Cost Load Balancing允许metric小于最小FD指定倍数的路由成为successor
例如:RouterA到达网络Z有三条路径
via B: AD=10,FD=30
via C: AD=10,FD=20
via D: AD=25,FD=45
明显,via C是最短路径,但等价负载均衡不允许有多个路由并存,通过设置variace可以让路由协议自动进行负载均衡
如果#variance 2
那么via C: 30 < 2*FD(20)满足条件
via D: 45 > 2*FD(20)不符合条件
Bandwidth over WAN interface
1.p2p subint using frame-relay: 设为CIR
2.Multipoing:设为邻居带宽的总和
如果每个PVC有不同的CIR
- 转换为p2p配置
- lowest CIR * PVC总数
举个例子:
点到点星型拓扑,总部CIR=256k,到分部有10条PVC,每条CIR=56kbps
划分p2p subint,每条PVC分配25kbps,调整eigrp协议数据报最大占用50%的VC容量
#interface serial 0.1 point-to-point
bandwidth 25
ip bandwidth-percent eigrp 1 110
注意:25的110%为28Kbps,即56kbps/2
相关命令
| show ip eigrp neighbors show ip eigrp topology show ip route eigrp show ip protocols show ip eigrp traffic debug ip routing debug eigrp packets debug eigrp neighbors debug eigrp pac hell0 debug ip eigrp debug ip eigrp summary clear ip eigrp neighbors /*清空整个EIGRP的邻居关系,然后重新建立,使用在改动过配置之后 */ |