IP路由原理

 

 

 

一.什么是路由

　　路由是指导IP报文发送的路径信息。

 

二.路由表的构成

　　路由表是路由器转发报文的判断依据

三.路由器单跳操作

 

四.路由表查找规则

1.选择度量值小的进行转发

2.永远将下一跳地址指向直连路由

3.如果路由表中没有相匹配的主机路由去匹配就会丢弃，但是如果存在默认路由的话，会默认从默认路由转发。

五.路由的来源

1.直连路由

　　开销小，配置简单，无需人工维护。只能发现本接口所属网段的路由

2.手工配置的静态路由

　　无开销，配置简单，需人工维护，适合简单拓扑结构的网络

3.路由协议发现的动态路由

　　开销大，配置复杂，无需人工维护，适合复杂拓扑结构的网络

六.路由度量值（Metric）

1.路由度量值表示到达折条路由所指目的地址的代价。

2.通常影响路由度量值的因素：

　　线路演示，带宽，线路使用率，线路可信度，跳数，最大传输单元

3.不同路由协议参考的因素不同

七.路由优先级

如果到相同目的地址有多个路由来源，则：

　　a>.以Preference(优先级)确定不同类型优先级；

　　b>.Preference越小，优先级越高；

　　c>.优先级最高的路由被添加进路由表

　　

八.各类路由默认优先级

 

九.路由环路

　　环路产生的原因：配置错误或协议缺陷

 

 

十.实验：

1.单臂路由的配置不同VLAN互通。

以上是一个简单“单臂路由”拓扑图：

a.实现思路：1>.在22层交换机上划分不同的vlan，并将相应的端口加入不同的 VLAN中；

　　　   　　2>.在路由器上配置子接口IP位各个部门员工的网关IP；

 　　　　    3>.不同的VLAN只要经过三层设备就能成功的访问到其他不同的VLAN了；

b.配置过程如下：

 注意：为了操作方便我将“22层核心交换机”更名为core，将“网关出口”更名为gw

 

22层核心交换机配置如下：

1 22层核心交换机配置 2 [Huawei]sysname core 3 [core]interface GigabitEthernet 0/0/1 4 [core-GigabitEthernet0/0/1]port link-type access  #将改口配置为access口  5 [core-GigabitEthernet0/0/1]quit  6 [core]interface GigabitEthernet 0/0/2 7 [core-GigabitEthernet0/0/2]port link-type access  8 [core-GigabitEthernet0/0/2]quit  9 [core]interface GigabitEthernet 0/0/310 [core-GigabitEthernet0/0/3]port link-type access 11 [core-GigabitEthernet0/0/3]quit 12 [core]interface GigabitEthernet 0/0/413 [core-GigabitEthernet0/0/4]port link-type access 14 [core-GigabitEthernet0/0/4]quit 15 [core]interface GigabitEthernet 0/0/516 [core-GigabitEthernet0/0/5]port link-type access 17 [core-GigabitEthernet0/0/5]quit 18 [core]interface GigabitEthernet 0/0/1019 [core-GigabitEthernet0/0/10]port link-type  trunk   #将改口配置为trunk口20 [core-GigabitEthernet0/0/10]port trunk allow-pass vlan all 21 [core-GigabitEthernet0/0/10]undo shutdown 22 [core-GigabitEthernet0/0/10]quit 23 [core]vlan 1024 [core-vlan10]port GigabitEthernet 0/0/1  #将端口加入该VLAN10中25 [core-vlan10]vlan 2026 [core-vlan20]port GigabitEthernet 0/0/227 [core-vlan20]vlan 3028 [core-vlan30]port GigabitEthernet 0/0/329 [core-vlan30]vlan 4030 [core-vlan40]port GigabitEthernet 0/0/431 [core-vlan40]vlan 5032 [core-vlan50]port GigabitEthernet 0/0/533 [core-vlan50]quit 34 [core]dis vlan 10 to 50   #查看10到50所有连续的VLAN信息35 --------------------------------------------------------------------------------36 U: Up;         D: Down;         TG: Tagged;         UT: Untagged;37 MP: Vlan-mapping;               ST: Vlan-stacking;38 #: ProtocolTransparent-vlan;    *: Management-vlan;39 --------------------------------------------------------------------------------40 41 VID  Type    Ports                42 --------------------------------------------------------------------------------43 10   common  UT:GE0/0/1(U)            44 20   common  UT:GE0/0/2(U)            45 30   common  UT:GE0/0/3(U)            46 40   common  UT:GE0/0/4(U)            47 50   common  UT:GE0/0/5(U)            48 49 VID  Status  Property      MAC-LRN Statistics Description      50 --------------------------------------------------------------------------------51 10   enable  default       enable  disable    VLAN 0010                         52 20   enable  default       enable  disable    VLAN 0020                         53 30   enable  default       enable  disable    VLAN 0030                         54 40   enable  default       enable  disable    VLAN 0040                         55 50   enable  default       enable  disable    VLAN 0050                         56 [core]

 网关出口配置过程如下：

1 出口网关配置 2 [Huawei]sysname gw 3 [gw]interface Ethernet 0/0/0 4 [gw-Ethernet0/0/0]undo shutdown  #将物理接口配置成不关闭状态  5 [gw-Ethernet0/0/0]quit  6 [gw]interface Ethernet 0/0/0.1   7 [gw-Ethernet0/0/0.1]vlan-type dot1q 10  #将该子接口172封装成trunk,允许VLAN透传。 8 [gw-Ethernet0/0/0.1]ip address 172.30.1.254 255.255.255.0   #给该虚接口配置一个地址，也是 9 10 172.30.1.0/24的网管地址11 [gw-Ethernet0/0/0.1]undo shutdow  #该接口不启状态12 [gw-Ethernet0/0/0.1]quit 13 [gw]interface Ethernet 0/0/0.214 [gw-Ethernet0/0/0.2]vlan-type dot1q 2015 [gw-Ethernet0/0/0.2]ip address 172.30.2.25416 [gw-Ethernet0/0/0.2]undo shutdown 17 [gw-Ethernet0/0/0.2]quit 18 [gw]interface Ethernet 0/0/0.319 [gw-Ethernet0/0/0.3]vlan-type dot1q 3020 [gw-Ethernet0/0/0.3]ip address 172.30.3.254 2421 [gw-Ethernet0/0/0.3]undo shutdown 22 [gw-Ethernet0/0/0.3]quit 23 [gw]interface Ethernet 0/0/0.424 [gw-Ethernet0/0/0.4]vlan-type dot1q 4025 [gw-Ethernet0/0/0.4]ip address 172.30.4.254 2426 [gw-Ethernet0/0/0.4]undo shutdown 27 [gw-Ethernet0/0/0.4]quit 28 [gw]interface Ethernet 0/0/0.529 [gw-Ethernet0/0/0.5]vlan-type dot1q 5030 [gw-Ethernet0/0/0.5]ip address 172.30.5.254 2431 [gw-Ethernet0/0/0.5]undo shutdown 32 [gw-Ethernet0/0/0.5]quit 33 [gw]

 

运维部门电脑测试结果如下：

1 PC> 2 PC>ipconfig 3  4 Link local IPv6 address...........: fe80::5689:98ff:fea7:2066 5 IPv6 address......................: :: / 128 6 IPv6 gateway......................: :: 7 IPv4 address......................: 172.30.3.1 8 Subnet mask.......................: 255.255.255.0 9 Gateway...........................: 172.30.3.25410 Physical address..................: 54-89-98-A7-20-6611 DNS server........................:12 13 PC>ping 172.30.1.114 15 Ping 172.30.1.1: 32 data bytes, Press Ctrl_C to break16 From 172.30.1.1: bytes=32 seq=1 ttl=127 time=78 ms17 From 172.30.1.1: bytes=32 seq=2 ttl=127 time=47 ms18 From 172.30.1.1: bytes=32 seq=3 ttl=127 time=62 ms19 From 172.30.1.1: bytes=32 seq=4 ttl=127 time=62 ms20 From 172.30.1.1: bytes=32 seq=5 ttl=127 time=62 ms21 22 --- 172.30.1.1 ping statistics ---23   5 packet(s) transmitted24   5 packet(s) received25   0.00% packet loss26   round-trip min/avg/max = 47/62/78 ms27 28 PC>ping 172.30.2.129 30 Ping 172.30.2.1: 32 data bytes, Press Ctrl_C to break31 From 172.30.2.1: bytes=32 seq=1 ttl=127 time=47 ms32 From 172.30.2.1: bytes=32 seq=2 ttl=127 time=62 ms33 From 172.30.2.1: bytes=32 seq=3 ttl=127 time=47 ms34 From 172.30.2.1: bytes=32 seq=4 ttl=127 time=62 ms35 From 172.30.2.1: bytes=32 seq=5 ttl=127 time=47 ms36 37 --- 172.30.2.1 ping statistics ---38   5 packet(s) transmitted39   5 packet(s) received40   0.00% packet loss41   round-trip min/avg/max = 47/53/62 ms42 43 PC>ping 172.30.3.144 45 Ping 172.30.3.1: 32 data bytes, Press Ctrl_C to break46 From 172.30.3.1: bytes=32 seq=1 ttl=128 time<1 ms47 From 172.30.3.1: bytes=32 seq=2 ttl=128 time<1 ms48 From 172.30.3.1: bytes=32 seq=3 ttl=128 time<1 ms49 From 172.30.3.1: bytes=32 seq=4 ttl=128 time<1 ms50 From 172.30.3.1: bytes=32 seq=5 ttl=128 time<1 ms51 52 --- 172.30.3.1 ping statistics ---53   5 packet(s) transmitted54   5 packet(s) received55   0.00% packet loss56   round-trip min/avg/max = 0/0/0 ms57 58 PC>ping 172.30.4.159 60 Ping 172.30.4.1: 32 data bytes, Press Ctrl_C to break61 From 172.30.4.1: bytes=32 seq=1 ttl=127 time=63 ms62 From 172.30.4.1: bytes=32 seq=2 ttl=127 time=46 ms63 From 172.30.4.1: bytes=32 seq=3 ttl=127 time=63 ms64 From 172.30.4.1: bytes=32 seq=4 ttl=127 time=62 ms65 From 172.30.4.1: bytes=32 seq=5 ttl=127 time=47 ms66 67 --- 172.30.4.1 ping statistics ---68   5 packet(s) transmitted69   5 packet(s) received70   0.00% packet loss71   round-trip min/avg/max = 46/56/63 ms72 73 PC>ping 172.30.5.174 75 Ping 172.30.5.1: 32 data bytes, Press Ctrl_C to break76 From 172.30.5.1: bytes=32 seq=1 ttl=127 time=63 ms77 From 172.30.5.1: bytes=32 seq=2 ttl=127 time=62 ms78 From 172.30.5.1: bytes=32 seq=3 ttl=127 time=47 ms79 From 172.30.5.1: bytes=32 seq=4 ttl=127 time=62 ms80 From 172.30.5.1: bytes=32 seq=5 ttl=127 time=93 ms81 82 --- 172.30.5.1 ping statistics ---83   5 packet(s) transmitted84   5 packet(s) received85   0.00% packet loss86   round-trip min/avg/max = 47/65/93 ms87 88 PC>

 

c.总结单臂路由的优缺点：

优点：

　　1>实现了不同VLAN的互通。

　　2>.只需要一个物理接口能给多个VLAN配置网关，通过子接口的技术，子接口必须封装802.1Q的trunk协议。

缺点：

　　1>.不同VLAN的数据每次访问都要通过路由器进行路由查找，效率比较低；

　　2>.购买一个路由器设备比购买一个三层交换机要贵的多，性价比低！ 

 

2.三层交换配置不同VLAN互通。

 

a.三层交换机以内置的三层路由转发引擎执行VLAN间路由功能

 

 

b.配置过程如下：

三层核心交换机配置如下：

1 [Huawei]sysname core 2 [core]interface GigabitEthernet 0/0/1 3 [core-GigabitEthernet0/0/1]port link-type access  #将改口配置为access口  4 [core-GigabitEthernet0/0/1]quit  5 [core]interface GigabitEthernet 0/0/2 6 [core-GigabitEthernet0/0/2]port link-type access  7 [core-GigabitEthernet0/0/2]quit  8 [core]interface GigabitEthernet 0/0/3 9 [core-GigabitEthernet0/0/3]port link-type access 10 [core-GigabitEthernet0/0/3]quit 11 [core]interface GigabitEthernet 0/0/412 [core-GigabitEthernet0/0/4]port link-type access 13 [core-GigabitEthernet0/0/4]quit 14 [core]interface GigabitEthernet 0/0/515 [core-GigabitEthernet0/0/5]port link-type access 16 [core-GigabitEthernet0/0/5]quit 17 [core]interface GigabitEthernet 0/0/1018 [core-GigabitEthernet0/0/10]port link-type  trunk   #将改口配置为trunk口19 [core-GigabitEthernet0/0/10]port trunk allow-pass vlan all 20 [core-GigabitEthernet0/0/10]undo shutdown 21 [core-GigabitEthernet0/0/10]quit 22 [core]vlan 1023 [core-vlan10]port GigabitEthernet 0/0/1  #将端口加入该VLAN10中24 [core-vlan10]vlan 2025 [core-vlan20]port GigabitEthernet 0/0/226 [core-vlan20]vlan 3027 [core-vlan30]port GigabitEthernet 0/0/328 [core-vlan30]vlan 4029 [core-vlan40]port GigabitEthernet 0/0/430 [core-vlan40]vlan 5031 [core-vlan50]port GigabitEthernet 0/0/532 [core-vlan50]quit 33 [core]dis vlan 10 to 50   #查看10到50所有连续的VLAN信息34  --------------------------------------------------------------------------------35  U: Up;         D: Down;         TG: Tagged;         UT: Untagged;36  MP: Vlan-mapping;               ST: Vlan-stacking;37  #: ProtocolTransparent-vlan;    *: Management-vlan;38  --------------------------------------------------------------------------------39  40  VID  Type    Ports                41  --------------------------------------------------------------------------------42  10   common  UT:GE0/0/1(U)            43  20   common  UT:GE0/0/2(U)            44  30   common  UT:GE0/0/3(U)            45  40   common  UT:GE0/0/4(U)            46  50   common  UT:GE0/0/5(U)            47  48  VID  Status  Property      MAC-LRN Statistics Description      49  --------------------------------------------------------------------------------50  10   enable  default       enable  disable    VLAN 0010                         51  20   enable  default       enable  disable    VLAN 0020                         52  30   enable  default       enable  disable    VLAN 0030                         53  40   enable  default       enable  disable    VLAN 0040                         54  50   enable  default       enable  disable    VLAN 0050                         55 [core]56 [core]interface Vlanif 10  #创建SVI57 [core-Vlanif10]ip address 172.30.1.254 24  #给当前VLAN10配置一个管理地址。58 [core-Vlanif10]undo shutdown 59 [core-Vlanif10]quit 60 [core]interface Vlanif 2061 [core-Vlanif20]ip address 172.30.2.254 2462 [core-Vlanif20]undo shutdown 63 [core-Vlanif20]quit 64 [core]interface Vlanif 3065 [core-Vlanif30]ip address 172.30.3.254 2466 [core-Vlanif30]undo shutdown 67 [core-Vlanif30]quit 68 [core]interface Vlanif 4069 [core-Vlanif40]ip address 172.30.4.254 2470 [core-Vlanif40]undo shutdown 71 [core-Vlanif40]quit 72 [core]interface Vlanif 5073 [core-Vlanif50]ip address 172.30.5.254 2474 [core-Vlanif50]undo shutdown 75 [core-Vlanif50]quit

 

运维部门电脑测试结果如下：

1 PC>ipconfig 2  3 Link local IPv6 address...........: fe80::5689:98ff:fea7:2066 4 IPv6 address......................: :: / 128 5 IPv6 gateway......................: :: 6 IPv4 address......................: 172.30.3.1 7 Subnet mask.......................: 255.255.255.0 8 Gateway...........................: 172.30.3.254 9 Physical address..................: 54-89-98-A7-20-6610 DNS server........................:11 12 PC>ping 172.30.1.113 14 Ping 172.30.1.1: 32 data bytes, Press Ctrl_C to break15 From 172.30.1.1: bytes=32 seq=1 ttl=127 time=31 ms16 From 172.30.1.1: bytes=32 seq=2 ttl=127 time=15 ms17 From 172.30.1.1: bytes=32 seq=3 ttl=127 time<1 ms18 From 172.30.1.1: bytes=32 seq=4 ttl=127 time=47 ms19 From 172.30.1.1: bytes=32 seq=5 ttl=127 time=16 ms20 21 --- 172.30.1.1 ping statistics ---22   5 packet(s) transmitted23   5 packet(s) received24   0.00% packet loss25   round-trip min/avg/max = 0/21/47 ms26 27 PC>ping 172.30.2.128 29 Ping 172.30.2.1: 32 data bytes, Press Ctrl_C to break30 From 172.30.2.1: bytes=32 seq=1 ttl=127 time=47 ms31 From 172.30.2.1: bytes=32 seq=2 ttl=127 time<1 ms32 From 172.30.2.1: bytes=32 seq=3 ttl=127 time<1 ms33 From 172.30.2.1: bytes=32 seq=4 ttl=127 time=32 ms34 From 172.30.2.1: bytes=32 seq=5 ttl=127 time=46 ms35 36 --- 172.30.2.1 ping statistics ---37   5 packet(s) transmitted38   5 packet(s) received39   0.00% packet loss40   round-trip min/avg/max = 0/25/47 ms41 42 PC>ping 172.30.3.143 44 Ping 172.30.3.1: 32 data bytes, Press Ctrl_C to break45 From 172.30.3.1: bytes=32 seq=1 ttl=128 time<1 ms46 From 172.30.3.1: bytes=32 seq=2 ttl=128 time<1 ms47 From 172.30.3.1: bytes=32 seq=3 ttl=128 time<1 ms48 From 172.30.3.1: bytes=32 seq=4 ttl=128 time<1 ms49 From 172.30.3.1: bytes=32 seq=5 ttl=128 time<1 ms50 51 --- 172.30.3.1 ping statistics ---52   5 packet(s) transmitted53   5 packet(s) received54   0.00% packet loss55   round-trip min/avg/max = 0/0/0 ms56 57 PC>ping 172.30.4.158 59 Ping 172.30.4.1: 32 data bytes, Press Ctrl_C to break60 From 172.30.4.1: bytes=32 seq=1 ttl=127 time=31 ms61 From 172.30.4.1: bytes=32 seq=2 ttl=127 time=31 ms62 From 172.30.4.1: bytes=32 seq=3 ttl=127 time=16 ms63 From 172.30.4.1: bytes=32 seq=4 ttl=127 time=31 ms64 From 172.30.4.1: bytes=32 seq=5 ttl=127 time=16 ms65 66 --- 172.30.4.1 ping statistics ---67   5 packet(s) transmitted68   5 packet(s) received69   0.00% packet loss70   round-trip min/avg/max = 16/25/31 ms71 72 PC>ping 172.30.5.173 74 Ping 172.30.5.1: 32 data bytes, Press Ctrl_C to break75 From 172.30.5.1: bytes=32 seq=1 ttl=127 time=16 ms76 From 172.30.5.1: bytes=32 seq=2 ttl=127 time=15 ms77 From 172.30.5.1: bytes=32 seq=3 ttl=127 time=16 ms78 From 172.30.5.1: bytes=32 seq=4 ttl=127 time<1 ms79 From 172.30.5.1: bytes=32 seq=5 ttl=127 time=31 ms80 81 --- 172.30.5.1 ping statistics ---82   5 packet(s) transmitted83   5 packet(s) received84   0.00% packet loss85   round-trip min/avg/max = 0/15/31 ms86 87 PC>

 

c.三层交换机的优点

　　1>.不用路由器照样实现不同VLAN间的互通；

　　2>.性价比高，功能比普通二层交换机要多的多.