网络|通过eNSP带你了解静态路由网络|运维|经验分享|物联网

路由器（网络层）作用：
1、隔离泛洪范围——路由器的一个接口对应一个广播域——路由器也被称为网关
2、转发
路由器的转发原理

当一个数据包来到路由器，路由器将基于数据包中的目标IP地址查看路由表，
若表中有记录，则将无条件按照路由表的指示转发，否则直接将数据包丢弃

路由表分析

display ip routing-table——查看路由表

Destination/MaskProtoPreCostFlagsNextHopInterface
192.168.1.0/24Direct00D192.168.1.1GigabitEthernet0/0/0
192.168.2.0/24Direct00D192.168.2.1GigabitEthernet0/0/1

Destination/Mask——表明要去的目的子网
Proto ——协议——可以表示路由条目的类型
Direct——直连路由
Pre——优先级——当两条路由条目的目标网段相同时，我们仅加载优先级较高的路由条目到路由表中，取值范围（0~255），数值越大优先级越低
华为设备静态路由优先级默认为60，直连路由优先级默认为0
NextHop ——吓一跳，就是数据到达目标网段下一个经过路由器接口的入接口的IP，直连路由直接写路由器出接口的IP
Interface——流量流出的接口

直连路由生成的条件 1、接口双UP
2、接口必须配IP

路由器与路由器连接的链路：称为骨干链路——链路中间不添加任何设备

文章图片

路由器获取前往未知网段的路由信息 1、静态路由：由网络管理员手工添加
2、动态路由：所有路由器上运行相同的路由协议，之后通过路由器之间的沟通交流，最终计算生成的路由条

TTL（生存时间值）的主要作用是避免IP包在网络中的无限循环和收发(环路问题)，节省了网络资源，并能使IP包的发送者能收到告警消息。

静态路由配置实现全网可达

文章图片

根据分出的网段和接口的IP进行添加配置AR1的网关

system-view //进入用户视图 [Huawei]sysname r1 //方便区分，更名为r1[r1]interface GigabitEthernet 0/0/0//进入0/0/0接口 [r1-GigabitEthernet0/0/0]ip address 192.168.1.1 24//添加网关，子网掩码 [r1-GigabitEthernet0/0/0]q//退出接口界面[r1]interface GigabitEthernet 0/0/1//进入0/0/1接口 [r1-GigabitEthernet0/0/1]ip address 192.168.2.1 24//添加网关，子网掩码 [r1-GigabitEthernet0/0/1]q[r1]interface GigabitEthernet 0/0/2//进入0/0/2接口 [r1-GigabitEthernet0/0/2]ip address 192.168.3.1 24//添加网关 [r1-GigabitEthernet0/0/2]q [r1]display ip interface brief//查看路由器的接口信息InterfaceIP Address/MaskPhysicalProtocol GigabitEthernet0/0/0192.168.1.1/24upup GigabitEthernet0/0/1192.168.2.1/24upup GigabitEthernet0/0/2192.168.3.1/24upup NULL0unassignedupup(s)

配置AR2的网关

system-view [Huawei]sysname r2[r2]interface GigabitEthernet 0/0/0 [r2-GigabitEthernet0/0/0]ip address 192.168.2.2 24 [r2-GigabitEthernet0/0/0]q[r2]interface GigabitEthernet 0/0/1 [r2-GigabitEthernet0/0/1]ip address 192.168.4.1 24 [r2-GigabitEthernet0/0/1]q[r2]display ip interface brief InterfaceIP Address/MaskPhysicalProtocol GigabitEthernet0/0/0192.168.2.2/24upup GigabitEthernet0/0/1192.168.4.1/24upup GigabitEthernet0/0/2unassigneddowndown NULL0unassignedupup(s)

配置AR3的网关

system-view [Huawei]sysname r3[r3]interface GigabitEthernet 0/0/0 [r3-GigabitEthernet0/0/0]ip address 192.168.3.2 24 [r3-GigabitEthernet0/0/0]q[r3]interface GigabitEthernet 0/0/1 [r3-GigabitEthernet0/0/1]ip address 192.168.5.1 24 [r3-GigabitEthernet0/0/1]q[r3]display ip interface brief InterfaceIP Address/MaskPhysicalProtocol GigabitEthernet0/0/0192.168.3.2/24upup GigabitEthernet0/0/1192.168.5.1/24upup GigabitEthernet0/0/2unassigneddowndown NULL0unassignedupup(s)

配置AR4的网关

system-view [Huawei]sysname r4[r4]interface GigabitEthernet 0/0/0 [r4-GigabitEthernet0/0/0]ip address 192.168.5.2 24 [r4-GigabitEthernet0/0/0]q[r4]interface GigabitEthernet 0/0/1 [r4-GigabitEthernet0/0/1]ip address 192.168.4.2 24 [r4-GigabitEthernet0/0/1]q[r4]interface GigabitEthernet 0/0/2 [r4-GigabitEthernet0/0/2]ip address 192.168.6.1 24 [r4-GigabitEthernet0/0/2]q[r4]display ip interface brief InterfaceIP Address/MaskPhysicalProtocol GigabitEthernet0/0/0192.168.5.2/24upup GigabitEthernet0/0/1192.168.4.2/24upup GigabitEthernet0/0/2192.168.6.1/24upup NULL0unassignedupup(s)

配置PC1的IP地址、网关、子网掩码

文章图片

配置PC2的IP地址、网关、子网掩码

文章图片

使用PC1简单测试
总结：
直连路由：192.168.2.1192.168.3.1全能ping通
非直连路由都无法ping通，
为什么PC1无法ping通192.168.2.2
原因：tcp是双向传输的过程，在AR2的路由表中查询不到PC1的地址信息，就直接扔掉了，
所以无法实现ping通

PC>ping 192.168.6.10Ping 192.168.6.10: 32 data bytes, Press Ctrl_C to break Request timeout! Request timeout!--- 192.168.6.10 ping statistics --- 2 packet(s) transmitted 0 packet(s) received 100.00% packet lossPC>ping 192.168.2.1Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break From 192.168.2.1: bytes=32 seq=1 ttl=255 time=31 ms From 192.168.2.1: bytes=32 seq=2 ttl=255 time<1 ms--- 192.168.2.1 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 0/15/31 msPC>ping 192.168.3.1Ping 192.168.3.1: 32 data bytes, Press Ctrl_C to break From 192.168.3.1: bytes=32 seq=1 ttl=255 time<1 ms From 192.168.3.1: bytes=32 seq=2 ttl=255 time=15 ms--- 192.168.3.1 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 0/7/15 msPC>ping 192.168.3.2Ping 192.168.3.2: 32 data bytes, Press Ctrl_C to break Request timeout! Request timeout!--- 192.168.3.2 ping statistics --- 3 packet(s) transmitted 0 packet(s) received 100.00% packet loss

使用PC2进行今天测试

PC>ping 192.168.1.10Ping 192.168.1.10: 32 data bytes, Press Ctrl_C to break Request timeout! Request timeout! Request timeout!--- 192.168.1.10 ping statistics --- 3 packet(s) transmitted 0 packet(s) received 100.00% packet lossPC>ping 192.168.4.2Ping 192.168.4.2: 32 data bytes, Press Ctrl_C to break From 192.168.4.2: bytes=32 seq=1 ttl=255 time=32 ms From 192.168.4.2: bytes=32 seq=2 ttl=255 time=46 ms--- 192.168.4.2 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 32/39/46 msPC>ping 192.168.4.1Ping 192.168.4.1: 32 data bytes, Press Ctrl_C to break Request timeout! Request timeout!--- 192.168.4.1 ping statistics --- 2 packet(s) transmitted 0 packet(s) received 100.00% packet lossPC>ping 192.168.5.2Ping 192.168.5.2: 32 data bytes, Press Ctrl_C to break From 192.168.5.2: bytes=32 seq=1 ttl=255 time<1 ms From 192.168.5.2: bytes=32 seq=2 ttl=255 time=16 ms--- 192.168.5.2 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 0/8/16 msPC>ping 192.168.2.1Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break Request timeout! Request timeout!--- 192.168.2.1 ping statistics --- 2 packet(s) transmitted 0 packet(s) received 100.00% packet loss

配置静态路由命令：ip route-static 目标网段子网掩码下一个路由器的入口IP
方法：查看直连路由，然后再配静态
配置AR1的静态路由

[r1]display ip routing-table //查看路由表，以下为直连路由192.168.1.0/24Direct00D192.168.1.1GigabitEthernet 0/0/0 192.168.2.0/24Direct00D192.168.2.1GigabitEthernet 0/0/1 192.168.3.0/24Direct00D192.168.3.1GigabitEthernet 0/0/2[r1]ip route-static 192.168.4.0 24 192.168.2.2 //配置到达4.0网段的的静态路由 [r1]ip route-static 192.168.5.0 24 192.168.3.2 //配置到达5.0网段的的静态路由 [r1]ip route-static 192.168.6.0 24 192.168.3.2 //配置到达6.0网段的的静态路由

配置AR2的静态路由

[r2]display ip routing-table 192.168.2.0/24Direct00D192.168.2.2GigabitEthernet 0/0/0 192.168.4.0/24Direct00D192.168.4.1GigabitEthernet 0/0/1[r2]ip route-static 192.168.1.0 24 192.168.2.1 [r2]ip route-static 192.168.3.0 24 192.168.2.1 [r2]ip route-static 192.168.5.0 24 192.168.4.2 [r2]ip route-static 192.168.6.0 24 192.168.4.2

配置AR3的静态路由

[r3]display ip routing-table 192.168.3.0/24Direct00D192.168.3.2GigabitEthernet 0/0/0 192.168.5.0/24Direct00D192.168.5.1GigabitEthernet 0/0/1[r3]ip route-static 192.168.1.0 24 192.168.3.1 [r3]ip route-static 192.168.2.0 24 192.168.3.1 [r3]ip route-static 192.168.4.0 24 192.168.5.2 [r3]ip route-static 192.168.6.0 24 192.168.5.2

配置AR4的静态路由

[r4]display ip routing-table 192.168.4.0/24Direct00D192.168.4.2GigabitEthernet 0/0/1 192.168.5.0/24Direct00D192.168.5.2GigabitEthernet 0/0/0[r4]ip route-static 192.168.1.0 24 192.168.5.1 [r4]ip route-static 192.168.2.0 24 192.168.4.1 [r4]ip route-static 192.168.3.0 24 192.168.5.1

测试
PC1 ping PC2

PC>ping 192.168.6.10//PC1pingPC2Ping 192.168.6.10: 32 data bytes, Press Ctrl_C to break From 192.168.6.10: bytes=32 seq=1 ttl=125 time=31 ms From 192.168.6.10: bytes=32 seq=2 ttl=125 time=31 ms--- 192.168.6.10 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 31/31/31 ms

路由器ping网关

ping 192.168.4.2 PING 192.168.4.2: 56data bytes, press CTRL_C to break Reply from 192.168.4.2: bytes=56 Sequence=1 ttl=254 time=40 ms Reply from 192.168.4.2: bytes=56 Sequence=2 ttl=254 time=30 ms Reply from 192.168.4.2: bytes=56 Sequence=3 ttl=254 time=30 ms Reply from 192.168.4.2: bytes=56 Sequence=4 ttl=254 time=30 ms--- 192.168.4.2 ping statistics --- 4 packet(s) transmitted 4 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/32/40 msping 192.168.5.2 PING 192.168.5.2: 56data bytes, press CTRL_C to break Reply from 192.168.5.2: bytes=56 Sequence=1 ttl=254 time=30 ms Reply from 192.168.5.2: bytes=56 Sequence=2 ttl=254 time=30 ms Reply from 192.168.5.2: bytes=56 Sequence=3 ttl=254 time=30 ms--- 192.168.5.2 ping statistics --- 3 packet(s) transmitted 3 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/30/30 ms

拓展配置负载均衡：当路由器访问同一个目标，且有多条开销相似的路径时，可以让设备将流量拆分后沿多条路径同时传输，起到带宽叠加的功能
1.0~6.0
ip route-static 192.168.6.0 24 192.168.2.2
ip route-static 192.168.6.0 24 192.168.3.2

文章图片

【网络|通过eNSP带你了解静态路由】

环回接口：路由器配置的虚拟接口，一般用于虚拟实验，不受设备的额限制。
ping -a 192.168.1.1 172.16.1.1 ——指定发送数据包的源IP

文章图片

配置AR1网关
[Huawei]interface GigabitEthernet 0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 12.0.0.1 24
配置环回AR1接口
[Huawei]interface loopback0
[Huawei-LoopBack0]ip address 192.168.1.1 24
[Huawei]interface loopback1
[Huawei-LoopBack1]ip address 192.168.2.1 24

配置AR2网关
[Huawei]interface GigabitEthernet 0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 12.0.0.2 24
配置环回AR2接口
[Huawei]interface loopback0
[Huawei-LoopBack0]ip address 172.16.1.1 24
[Huawei]interface loopback1
[Huawei-LoopBack1]ip address 172.16.2.124
测试
[Huawei]ping-a 192.168.1.1 172.16.1.1 ——可以指定发送数据包中的源IP

手工汇总：当路由器可以访问多个连续的子网时，若均通过相同的下一跳，可以将这些网段进行汇总计算后，仅编辑到达汇总网段的路由即可，以达到减少路由条目，提高转发效率
汇总：192.168.1.0/24，192.168.2.0/24——192.168.0.0/224

文章图片

路由黑洞：在汇总中包含网络内实际不存在的网段，可能使流量有去无回浪费链路资源
合理的子网划分和汇总可以减少路由黑洞的产生
例子：网段划分192.168.1.0/24，192.168.2.0/24 汇总为192.168.0.0/22
ping 192.168.0.1这时没有这个网段，则出现黑洞
缺省路由：一条不限定目标的路由条目（不指定目标，只指定下一跳），
特点：若查询本地所有路由均未匹配，则走缺省路由
[r1]ip route-static 0.0.0.0 0.0.0.0 12.0.0.2
[r1]ping 1.1.1.1
空接口路由：缺省路由和路由黑洞相遇将100%出环
空接口路由——Null0 如果Null0口做为出接口，则将所有匹配的路由信息全部丢弃
路由表匹配原则——最长匹配原则/精确匹配原则：子网掩码最长的（范围越小）
空接口路由配置：在黑洞路由器上配置一天空接口路由
ip route-static 192.168.0.0/22 Null 0
浮动静态路由：通过修改默认优先级实现静态路由的备份效果
配置浮动静态路由
ip route-static 21.0.0.2 preference 100
display ip routing-table protocol static //只查看路由表的静态路由
测试使用另一条静太路由关闭之前的接口shutdown