分类: 系统运维
2011-10-20 10:51:22
从上面的路由表可以看出,R2路由器配置了通过R1路由器s3/2接口(IP地址为10.10.10.1/30)的默认路由。你可以使用traceroute命令在R2上跟踪数据包通过T1线路到达ISP路由器的路由。此时R2路由器可以发送来自内部网络172.31.10.2主机到Internet网192.168.30.1主机的ping包。这个所取作用的是默认路由0.0.0.0 0.0.0.0。具体操作和输出如下所示:
R2#traceroute 192.168.10.2
Type escape sequence to abort.
Tracing the route to 192.168.10.2
1 10.10.10.1 16 msec 20 msec 16 msec
2 192.168.10.2 32 msec * 32 msec
R2#ping
Protocol [ip]:
Target IP address: 192.168.30.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.31.10.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
本来是想在关闭了R1路由器上s3/2接口后,R1路由器会使用备用的56K链路,以R2路由器的s1接口作为下一跳接口,访问R2所连接的内部网络172.31.10.0/24。但是如果你关闭R1上的s3/2接口,按理你应当会期望R1路由器会安装到达内部网络172.31.10.0/24的浮动静态路由,R2路由器也会安装一个通过R1路由器s3/3接口(IP地址为192.168.20.1)到达所有网络(0.0.0.0)的浮动静态路由。此时按理会通过56K线路进行通信。下面进行一下测试,看是否会出现我们期望的结果。先使用“show ip interface brief”命令查看R1路由器上各接口的配置摘要。
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Serial3/0 192.168.10.1 YES manual up up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual up up
Serial3/3 192.168.20.1 YES manual up up
当前显示s3/2接口是打开的。下面使用“shut down”命令关闭该接口,然后再使用“show ip interface brief”命令查看R1路由器上各接口配置摘要,发现s3/2接口已关闭了。操作步骤如下:
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s3/2
R1(config-if)#shut down
R1(config-if)#end
2d21h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/2, changed state to down
2d21h: %LINK-5-CHANGED: Interface Serial3/2, changed state to administratively down
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Serial3/0 192.168.10.1 YES manual up& up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual administratively down down
Serial3/3 192.168.20.1 YES manual up up
下面在R1路由器上使用“show ip route”命令查看一下R1路由器上的路由表。结果显示,在路由表中仍然见到了通过T1线路的主静态路由,这是不应该的,因为已关闭了这个主静态路由所对应的R1路由器s3/2接口。
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
192.168.10.0/30 is subnetted, 1 subnets
C 192.168.10.0 is directly connected, Serial3/0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial3/3
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.10.0 [1/0] via 10.10.10.2 !--- 这是原来配置的主静态路由。
!---
S* 0.0.0.0/0 is directly connected, Serial3/0 !--- 这是到达ISP路由器的默认路由。
这时在R2路由器上转发来自内部网络用户对Inernet主机192.168.30.1的ping操作,发现不通了,因为R1路由器企图通过s3/2接口发送应答消息,但它已关闭。操作步骤和输出显示如下所示:
R2#ping
Protocol [ip]:
Target IP address: 192.168.30.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.31.10.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
但是为什么在在关闭了R1路由器上的s3/2接口,在R1路由器上仍没有安装浮动静态路由,而且主静态路由仍在路由表中呢?造成这个故障的原因是因为静态路由是可以自然递归的。只要你有一个路由可以到达主静态路中所指定的下一跳地址,这个主静态路由就会永远在路由表中。在本示例中,R1认为它可以通过R1路由器上s3/0接口(IP地址为192.168.10.2)到达主静态路由中下一跳地址10.10.10.2(也就是R2路由器的s0接口),而192.168.10.2又是默认路由的下一跳地址,可以到达任何可达目的网络,所以主静态路由仍是有效的,只不过它不再是直接通过s3/2接口进行的,而是通过了s3/0接口绕道去的。这就是静态路由的递归特性。
本文摘自《路由器配置与管理完全手册(Cisco篇)试读样章》第七章
