Chinaunix首页 | 论坛 | 博客
  • 博客访问: 7219216
  • 博文数量: 3857
  • 博客积分: 6409
  • 博客等级: 准将
  • 技术积分: 15948
  • 用 户 组: 普通用户
  • 注册时间: 2008-09-02 16:48
个人简介

迷彩 潜伏 隐蔽 伪装

文章分类

全部博文(3857)

文章存档

2017年(5)

2016年(63)

2015年(927)

2014年(677)

2013年(807)

2012年(1241)

2011年(67)

2010年(7)

2009年(36)

2008年(28)

分类:

2012-05-29 09:32:09

如上图所示,配置如下:

R1#show run
Building configuration...

Current configuration : 941 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial0/0
ip address 192.1.12.1 255.255.255.0
serial restart-delay 0
!
interface Serial0/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
ip http server
no ip http secure-server
!
ip route 3.3.3.0 255.255.255.0 Serial0/0 5 permanent
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

R2#show run
Building configuration...

Current configuration : 1039 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial0/0
ip address 192.1.12.2 255.255.255.0
serial restart-delay 0
clock rate 64000
!
interface Serial0/1
ip address 192.1.23.2 255.255.255.0
serial restart-delay 0
clock rate 64000
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet1/0
ip address 193.1.23.2 255.255.255.0
duplex auto
speed auto
!
ip http server
no ip http secure-server
!
ip route 3.3.3.0 255.255.255.0 FastEthernet1/0
ip route 3.3.3.0 255.255.255.0 Serial0/1
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

R3#show run
Building configuration...

Current configuration : 948 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial0/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/1
ip address 192.1.23.3 255.255.255.0
serial restart-delay 0
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet1/0
ip address 193.1.23.3 255.255.255.0
duplex auto
speed auto
!        
ip http server
no ip http secure-server
!
ip route 192.1.12.0 255.255.255.0 192.1.23.2
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
end

此试验为验证R2到R3上双线负载均衡的现象,从而学习的两种转发:进程转发、快速转发

采用进程交换方式转发分组时,将基于每个分组来做出等成本路径上的负载均衡决策;

采用快速交换方式转发分组时,将基于目的地来做出等成本路径上的负载均衡决策。

首先说明,涉及到ip cef (全局支持快速转发),no ip route-cache(接口下关闭快速转发变成进程转发)

1,我们在R2上配置 no ip cef ,关闭全局快速转发。使R2变成进程转发。

    我们ping 3.3.3.3 并开启debug ip packet观察

R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!
*Mar 1 01:18:51.651: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 01:18:51.651: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:18:51.795: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 01:18:51.795: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 01:18:51.799: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 01:18:51.799: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 01:18:51.803: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, encapsulation failed.!
*Mar 1 01:18:53.799: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 01:18:53.799: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:18:53.907: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 01:18:53.907: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 01:18:53.911: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 01:18:53.911: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 01:18:53.915: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, encapsulation failed.!

一通一断现象,从路径看走193的全不通,因为encapsulation failed. 此原因为我们写静态路由的时候是以出接口为下一跳,从而路由在进程转发时候找到此链路上时,会查找2层RARP相关信息对数据重新封成帧,导致封装失败而ping不通。   

※如果我们静态路由下一跳为IP地址,则不会产生这样现象。所以写静态路由时候尽量写下一跳IP地址而不要写出接口。

2,我们查看路由条目详细信息。
R2#show ip route 3.3.3.0
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0 (connected)
Routing Descriptor Blocks:
* directly connected, via FastEthernet1/0
      Route metric is 0, traffic share count is 1
    directly connected, via Serial0/1
      Route metric is 0, traffic share count is 1
此时关闭快速转发后,每一个包的转发都会跟随着下一跳指针的跳动而走不一样的下一跳F1/0或S0/1,这也是说明上面我们为什么通一个断一个,当指针跳到S0/1时,包可以通,跳到F1/0时,就会不通。

3,我们将静态路由该为下一跳IP地址后,可以看到负载均衡的同时下一跳指针的变化,数据包均通。
R2
#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
    193.1.23.3
      Route metric is 0, traffic share count is 1
* 192.1.23.3
      Route metric is 0, traffic share count is 1

R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/137/236 ms
R2#
*Mar 1 01:41:23.215: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 01:41:23.215: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:41:23.355: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 01:41:23.355: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 01:41:23.359: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 01:41:23.359: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 01:41:23.499: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:41:23.499: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:41:23.503: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 01:41:23.503: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:4
R2#1:23.595: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 01:41:23.595: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 01:41:23.599: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 01:41:23.599: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 01:41:23.835: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:41:23.835: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:41:23.839: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 01:41:23.839: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:41:23.907: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 01:41:23.907: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
R2#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 193.1.23.3
      Route metric is 0, traffic share count is 1
    192.1.23.3
      Route metric is 0, traffic share count is 1

4,然后我们再将R2的ip cef 功能全局打开,即全局快速转发,并开启debug ip packet观察。
R2(config)#ip cef
R2(config)#^Z
R2#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 193.1.23.3
      Route metric is 0, traffic share count is 1
    192.1.23.3
      Route metric is 0, traffic share count is 1

R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/124/172 ms
R2#
*Mar 1 01:43:44.247: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via FIB
*Mar 1 01:43:44.247: IP: s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:43:44.415: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:43:44.415: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:43:44.419: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via FIB
*Mar 1 01:43:44.419: IP: s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:43:44.559: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:43:44.559: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:43:44.563: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via FIB
*Mar 1 01:43:44.563: IP: s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending

R2#*Mar 1 01:43:44.655: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:43:44.655: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:43:44.659: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via FIB
*Mar 1 01:43:44.659: IP: s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:43:44.727: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:43:44.727: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 01:43:44.731: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via FIB
*Mar 1 01:43:44.735: IP: s=193.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 01:43:44.871: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 01:43:44.871: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEt
R2#hernet1/0), len 100, rcvd 3

此现象观察到快速转发而为实现包的负载均衡,应为基于目的的负载均衡,如我们ping其它地址将会看到负载路径的变化。

5,我们将R2的ip cef全局no掉,使R2进入进程交换,我们分别从R1和R2上ping 3.3.3.3 观察结果。
R2
#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
    193.1.23.3
      Route metric is 0, traffic share count is 1
* 192.1.23.3
      Route metric is 0, traffic share count is 1

R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 96/196/284 ms
R2#
*Mar 1 00:19:48.607: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 00:19:48.607: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 00:19:48.823: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 00:19:48.823: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 00:19:48.827: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 00:19:48.827: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 00:19:49.107: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 00:19:49.107: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 00:19:49.111: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 00:19:49.111: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 00:1
R2#9:49.203: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 00:19:49.203: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
*Mar 1 00:19:49.207: IP: tableid=0, s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), routed via RIB
*Mar 1 00:19:49.207: IP: s=193.1.23.2 (local), d=3.3.3.3 (FastEthernet1/0), len 100, sending
*Mar 1 00:19:49.467: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), routed via RIB
*Mar 1 00:19:49.467: IP: s=3.3.3.3 (FastEthernet1/0), d=193.1.23.2 (FastEthernet1/0), len 100, rcvd 3
*Mar 1 00:19:49.471: IP: tableid=0, s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), routed via RIB
*Mar 1 00:19:49.471: IP: s=192.1.23.2 (local), d=3.3.3.3 (Serial0/1), len 100, sending
*Mar 1 00:19:49.587: IP: tableid=0, s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), routed via RIB
*Mar 1 00:19:49.587: IP: s=3.3.3.3 (Serial0/1), d=192.1.23.2 (Serial0/1), len 100, rcvd 3
R2#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 193.1.23.3
      Route metric is 0, traffic share count is 1
    192.1.23.3
      Route metric is 0, traffic share count is 1

此信息可看出R2在进程转发模式下,R2自身发起的ping包按照进程转发负载均衡的。接着我们去R1发起ping包并观察现象。
R2#clear ip route * (清除路由表,这样R2上对R1来的ping包的第一个包会进行进程转发,随后按照cache表进行快速转发,以下信息可以看到R2上就第一个包进行了进程路由寻径的输出。)
*Mar 1 00:23:15.899: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=192.1.12.1 (Serial0/0), routed via RIB
*Mar 1 00:23:15.899: IP: s=3.3.3.3 (FastEthernet1/0), d=192.1.12.1 (Serial0/0), g=192.1.12.1, len 100, forward
R2#
*Mar 1 00:23:16.923: IP: tableid=0, s=3.3.3.3 (FastEthernet1/0), d=192.1.12.1 (Serial0/0), routed via RIB
*Mar 1 00:23:16.927: IP: s=3.3.3.3 (FastEthernet1/0), d=192.1.12.1 (Serial0/0), g=192.1.12.1, len 100, forward
R2#show ip route 3.3.3.3
Routing entry for 3.3.3.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
    193.1.23.3
      Route metric is 0, traffic share count is 1
* 192.1.23.3
      Route metric is 0, traffic share count is 1

此分节试验目的在于,我们在认识进程转发与快速转发的同时,我们应该知道R2处于进程转发的同时只对自身发起 的包有效,对其他路由过来的包当第一个包进行进程寻径后在Cache缓存中会存在其转发出口,当在接到同一目的的包时,将对其进行基于目的的快速转发。也 可以理解为Cache只对穿越其路由器的流量生效,对其本身产生的流量无效。此为cisco的ip cef功能。
阅读(616) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~