路由軟件詳細(xì)使用教程_第1頁
路由軟件詳細(xì)使用教程_第2頁
路由軟件詳細(xì)使用教程_第3頁
路由軟件詳細(xì)使用教程_第4頁
路由軟件詳細(xì)使用教程_第5頁
已閱讀5頁,還剩24頁未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報或認(rèn)領(lǐng)

文檔簡介

1、Zebra路由軟件詳細(xì)使用教程 轉(zhuǎn)貼 2008-03-20 21:31:42 字號:大 中 小 前言Zebra是一個路由軟件包,提供基于TCP/IP路由服務(wù),支持RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP- 4, 和 BGP-4+等眾多路由協(xié)議。Zebra還支持BGP特性路由反射器(Route Reflector)。除了傳統(tǒng)的 IPv4路由協(xié)議,Zebra也支持IPv6路由協(xié)議。如果運(yùn)行的SNMP守護(hù)進(jìn)程(需要ucd-snmp)支持SMUX協(xié) 議,Zebra還能支持路由協(xié)議MIBs。由以上可見,Zebra的確是一個很不錯的路由系統(tǒng),但比起真正的路由器就簡直

2、是小兒科,所以網(wǎng)絡(luò)高手 就當(dāng)這文章是小孩子過家家吧,而對于象我這樣的初學(xué)者(特別是沒有真實設(shè)備或足夠設(shè)備進(jìn)行實驗) 也不失為一個學(xué)習(xí)和熟悉路由配置、路由協(xié)議的好工具。我沒有實際的配置經(jīng)驗,對路由的技術(shù)細(xì)節(jié)也 不是十分清晰,完全是在扔破磚頭。希望路由高手指正概念錯誤。安裝Zebra目前最新的版本是0.92a,它的安裝非常簡單,我們只需從下載zebra- 0.92a.tar.gz,然后執(zhí)行以下命令安裝(本文環(huán)境是RedHat7.2):shell tar xzf zebra-0.92a.tar.gzshell cd zebra-0.92ashell ./configureshell makeshel

3、l make install這樣Zebra就安裝好了,安裝的執(zhí)行文件:shell ls /usr/local/sbinbgpd ospfd ripd zebra配置文件:shell ls /usr/local/etcbgpd.conf.sample ospfd.conf.sample zebra.c運(yùn)行編譯安裝完Zebra后,可以看到有4個可執(zhí)行文件和5個配置樣本文件,我們就使用它的配置樣本文件:shell cd /usr/local/etcshell cp zebra.conf.sample zebra.confZebra的各進(jìn)程有各自的終端接口或VTY,如果我們需要給連接到它們的端口設(shè)置別

4、名的話,在/etc/ services文件添加如下內(nèi)容:zebrasrv 2600/tcp # zebra servicezebra 2601/tcp # zebra vtyripd 2602/tcp # RIPd vtyripngd 2603/tcp # RIPngd vtyospfd 2604/tcp # OSPFd vtybgpd 2605/tcp # BGPd vtyospf6d 2606/tcp # OSPF6d vty然后就可以啟動Zebra了:shell zebra -d這樣,Zebra就以守護(hù)進(jìn)程啟動了,其它的參數(shù)請參考zebra -h?;韭酚膳渲妹钪苯佑胻elnet連接:

5、shell telnet localhost 2601Trying 127.0.0.1.Connected to localhost.Escape character is .Hello, this is zebra (version 0.92a).Copyright 1996-2001 Kunihiro Ishiguro.User Access VerificationPassword:Zebra會提示輸入口令,我們通過/usr/local/etc/zebra.conf可以看到口令是zebra,enable口令也是zebra。輸 入口令zebra,得到路由器用戶模式提示符:Router進(jìn)入特

6、權(quán)模式:Router enPassword:Router#輸入一個問號,看看Zebra提供了多少路由命令:Router# ? configure Configuration from vty interface copy Copy configuration debug Debugging functions (see also undebug) disable Turn off privileged mode command end End current mode and change to enable mode. exit Exit current mode and down to p

7、revious mode help Description of the interactive help system list Print command list no Negate a command or set its defaults quit Exit current mode and down to previous mode show Show running system information terminal Set terminal line parameters who Display who is on vty write Write running confi

8、guration to memory, network, or terminal提供的命令很少,實際路由器好多命令都沒有,我們只能用有限的命令投入到無限的實驗中去。Router# sh runCurrent configuration:!hostname Routerpassword zebraenable password zebra!interface lo!interface eth0!line vty!endZebra把操作系統(tǒng)的網(wǎng)絡(luò)接口當(dāng)做路由器的接口,所以在做比較復(fù)雜的路由實驗,會需要比較多的網(wǎng)卡。進(jìn)入全局模式,盡可能把實際可用的配置命令都實驗一遍:Router# conf tRo

9、uter(config)#自己取一個路由器名字:Router(config)# hostname r1r1(config)#Zebra比較簡單,登陸口令不是在line下修改,而是直接在全局模式下用password修改r1(config)# password passwordZebra不支持enable secret password這種MD5加密口令,只能使用enable password password來修改 enable口令:r1# conf tr1(config)# enable password password在路由器配置中加密所有的口令:r1(config)# service p

10、assword-encryption回到特權(quán)模式:r1(config)# exitr1# sh runCurrent configuration:!hostname r1password 8 alA5.vcyMAwXQenable password 8 ksbxOFN8xcFMcservice password-encryption!interface lo!interface eth0!line vty!end我們看到剛才的明文密碼都進(jìn)行加密了,給我們的實驗機(jī)也提高安全性。Zebra有一點(diǎn)比較惡心,如果我 們先設(shè)置了service password-encryption,然后再修改口令,sh

11、 run就發(fā)現(xiàn)口令又都是明文的了,但是由 于有service password-encryption,所以就無法登陸了。去掉會話超時,免得10分鐘沒有動作,就把我們給踢了。但是在實際的路由器配置中,為安全起見我們 最好還是設(shè)上會話超時。r1# conf tr1(config)# line vtyr1(config-line)# exec-timeout 0 0設(shè)置日志記錄,Zebra可以把日志記錄到標(biāo)準(zhǔn)輸出、syslog、以及指定輸出文件:r1(config-line)# exitr1(config)# log stdoutr1(config)# no log stdoutr1(config)

12、# log syslogr1(config)# no log syslogr1(config)# log file /usr/local/etc/zebra.log配置接口IP地址:r1(config)# int lor1(config-if)# ip address 127.0.0.1/8r1(config-if)# exitr1(config)# int eZebra比較奇怪,不能使用ip address 192.168.5.121 255.255.255.0這種形式設(shè)置IP。測試一下,就設(shè)置成 和Linux中使用的一樣。保存我們剛才的配置:r1(config-if)# exitr1(co

13、nfig)# exitr1# copy run startConfiguration saved to /usr/local/etc/zebra.confr1#2、用Zebra做簡單的RIP實驗RIP是應(yīng)用較早、使用較普遍的IGP,適用于小型同類網(wǎng)絡(luò),是典型的距離向量(distance-vector)協(xié) 議。RIP通過廣播UDP報文來交換路由信息,每30秒發(fā)送一次路由信息更新。RIP提供跳躍計數(shù)(hop count)作為尺度來衡量路由距離,跳躍計數(shù)是一個包到達(dá)目標(biāo)所必須經(jīng)過的路由器的數(shù)目。如果到相同 目標(biāo)有二個不等速或不同帶寬的路由器,但跳躍計數(shù)相同,則RIP認(rèn)為兩個路由是等距離的。RIP最多

14、支 持的跳數(shù)為15,即在源和目的網(wǎng)間所要經(jīng)過的最多路由器的數(shù)目為15,跳數(shù)16表示不可達(dá)。RIPv2支持 驗證、密鑰管理、路由匯總、無類域間路由(CIDR)和變長子網(wǎng)掩碼(VLSMs)。Zebra支持RIPv2,使用ripd程序?qū)崿F(xiàn)RIP路由功能,但ripd程序需要在zebra程序讀取接口信息,所以zebra 一定要在ripd之前啟動。由于條件所限,下面的RIP實驗是在兩臺單網(wǎng)卡的RedHat7.2下做的,所以只是 最簡單的演示。按照上面基本配置的方法初始化第一臺機(jī)器:shell_1 cd /usr/local/etcshell_1 cp zebra.conf.sample zebra.con

15、fshell_1 cp ripd.conf.sample ripd.confshell_1 zebra -d進(jìn)入zebra設(shè)置IP/24r1(config-if)# ctrl+zr1# copy run start進(jìn)入第一臺機(jī)器的rip設(shè)置shell_1 ripd -dshell_1 telnet localhost 2602Password:ripd enripd# conf tripd(config)# hostname r1_ripd !改個名字好辨認(rèn)r1_ripd(config)# router rip !啟動ripr1_ripd(config-router)# network 192

16、.168.5.0/24 !RIPv1是有類別路由協(xié)議,RIPv2是無類別路由協(xié)議,Zebra 默認(rèn)支持RIPv2,指定網(wǎng)絡(luò)需要子網(wǎng)掩碼。r1的RIP簡單配置這樣就可用了,下面來檢驗一下:r1_ripd# sh ip protocolsRouting Protocol is rip Sending updates every 30 seconds with +/-50%, next due in 3 seconds Timeout after 180 seconds, garbage collect after 120 seconds Outgoing update filter list fo

17、r all interface is not set Incoming update filter list for all interface is not set Default redistribution metric is 1 Redistributing: Default version control: send version 2, receive version 2 Interface Send Recv Key-chain eth0 2 2 Routing for Networks: 192.168.5.0/24 Routing Information Sources: G

18、ateway BadPackets BadRoutes Distance Last Update Distance: (default is 120)我們看到RIP已經(jīng)起來了,是RIPv2。r1_ripd# sh ip ripCodes: R - RIP, C - connected, O - OSPF, B - BGP Network Next Hop Metric From Time由于就兩個接口直連,沒有其它網(wǎng)絡(luò),所以sh ip rip看不到什么。Zebra對log處理可能有些問題,使用log stdout不能顯示各種debug信息,所以只能記錄到文件,在shell下 用tail命令查看

19、。r1_ripd# debug rip eventsr1_ripd# debug rip packetr1_ripd(config)# log file /usr/local/etc/ripd.log然后我們在shell下查看debug信息shell_1 tail -f /usr/local/etc/ripd.log-8-2002/04/28 22:17:44 RIP: update timer fire!2002/04/28 22:17:44 RIP: SEND UPDATE to eth0 ifindex 22002/04/28 22:17:44 RIP: multicast announ

20、ce on eth02002/04/28 22:17:44 RIP: update routes on interface eth0 ifindex 22002/04/28 22:18:23 RIP: update timer fire!2002/04/28 22:18:23 RIP: SEND UPDATE to eth0 ifindex 22002/04/28 22:18:23 RIP: multicast announce on eth02002/04/28 22:18:23 RIP: update routes on interface eth0 ifindex 22002/04/28

21、 22:19:04 RIP: update timer fire!2002/04/28 22:19:04 RIP: SEND UPDATE to eth0 ifindex 22002/04/28 22:19:04 RIP: multicast announce on eth02002/04/28 22:19:04 RIP: update routes on interface eth0 ifindex 2-8 ripd -dshell_2 telnet localhost 2602Password:ripd enripd# conf tripd(config)# hostname r2_rip

22、dr2_ripd(config)# router ripr2_ripd(config-ro執(zhí)行完network命令,我們看到第一臺機(jī)器的tail -f /usr/local/etc/ripd.log輸出下面的信息:-8 0.0.0.0 family 0 tag 0 metric 162002/04/28 22:19:15 RIP: update routes to neighbor 192.168.5.1232002/04/28 22:19:35 RIP: update timer fire!2002/04/28 22:19:35 RIP: SEND UPDATE to eth0 ifinde

23、x 22002/04/28 22:19:35 RIP: multicast announce on eth02002/04/28 22:19:35 RIP: update routes on interface eth0 ifindex 2-8 cd /usr/local/etcshell_1 cp zebra.conf.sample zebra.confshell_1 cp ospfd.conf.sample ospfd.confshell_1 zebra -d進(jìn)入zebra設(shè)置IPshell_1 telnet localhost 2601Password:Router enPassword

24、:Router# conf tRouter(config)# hostname r1r1(config)# int eth0r1(config-if)# ip address 192.168.5.121/24r1(config-if)# ctrl+zr1# copy run start進(jìn)入第一臺機(jī)器的ospf設(shè)置shell_1 ospfd -dshell_1 telnet localhost 2604Password:ospfd enospfd# conf tospfd(config)# hostname r1_ospfd !改個名字好辨認(rèn)r1_ospfd(config)# router os

25、pf !啟動ospfr1_ospfd(config-router)# ospf router-id 192.168.5.121 !設(shè)置router-idr1_ospfd(config-router)# network 192.168.5.0/24 area 0!最關(guān)鍵的,來標(biāo)識路由器上哪些IP網(wǎng)絡(luò)號是OSPF的一部分,對于每個網(wǎng)絡(luò),我們必須標(biāo)識該網(wǎng)絡(luò)所屬 的區(qū)域。由于我們只有兩臺機(jī)器,當(dāng)然只有一個網(wǎng)絡(luò),所以只需執(zhí)行一個network命令就夠了。對于我們的小網(wǎng)絡(luò),ospf就算配好了,下面來檢驗一下:r1_ospfd(config-router)# ctrl+zr1_ospfd# sh ip os

26、pf route= OSPF network routing table =N 192.168.5.0/24 10 area: 0.0.0.0 directly attached to eth0= OSPF router routing table = OSPF external routing table =r1_ospfd# sh ip ospf database OSPF Router with ID (192.168.5.121) Router Link States (Area 0.0.0.0)Link ID ADV Router Age Seq# CkSum Link count1

27、92.168.5.121 192.168.5.121 126 0x80000002 0x8584 1r1_ospfd# sh ip ospf int eth0eth0 is up, line protocol is up Internet Address 192.168.5.121/24, Area 0.0.0.0 Router ID 192.168.5.121, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 192.168.5.121,

28、 Interface Address 192.168.5.121 No backup designated router on this network Timer intarvals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Neighbor Count is 0, Adjacent neighbor count is 0由于網(wǎng)絡(luò)里沒有其它的路由器,r1就把自己選為DR(指定路由器)了。Zebra對log處理可能有些問題,使 用log stdout不能顯示各種debug信息,所以只能記

29、錄到文件,在shell下用tail命令查看。而且debug命令和 實際路由器也有不同。r1_ospfd# debug ospf eventr1_ospfd(config)# log file /usr/local/etc/ospfd.log然后我們在shell下查看debug信息shell_1 tail -f /usr/local/etc/ospfd.log-8-2002/04/28 14:24:27 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 14:24:37 OSPF: make_hello: option

30、s: 2, int: eth0:192.168.5.1212002/04/28 14:24:47 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 14:24:57 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 14:25:07 OSPF: make_hello: options: 2, int: eth0:192.168.5.121-8 ospfd -dshell_2 telnet localhost 2604Passwo執(zhí)行完net

31、work命令,我們看到第一臺機(jī)器的tail -f /usr/local/etc/ospfd.log輸出下面的信息:-8-2002/04/28 14:25:51 OSPF: Packet 192.168.5.123 Hello:RECV: Options *|*|-|-|-|-|E|*2002/04/28 14:25:51 OSPF: NSMeth0:192.168.5.121:0.0.0.0: start2002/04/28 14:25:52 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 14:25:52 OSP

32、F: couldnt find any VL to associate the packet with2002/04/28 14:25:52 OSPF: DR-Election1st: Backup 192.168.5.1232002/04/28 14:25:52 OSPF: DR-Election1st: DR 192.168.5.1212002/04/28 14:25:52 OSPF: PacketDD: Negotiation done (Slave).-8-r1收到r2(192.168.5.123)發(fā)過來的hello數(shù)據(jù)包,交換信息后選舉DR,由于本身192.168.5.121是DR了

33、,所以 只選舉了BDR就好了。這時在r1上就能看到r2了。r1_ospfd# sh ip ospf neigNeighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL192.168.5.123 1 Full/Backup 00:00:37 192.168.5.123 eth0:192.168.5.121 0 0 0檢驗其它信息r1_ospfd# sh ip ospf database OSPF Router with ID (192.168.5.121) Router Link States (Area 0.0.0.0

34、)Link ID ADV Router Age Seq# CkSum Link count192.168.5.121 192.168.5.121 1259 0x80000008 0x534e 1192.168.5.123 192.168.5.123 1265 0x80000006 0x534a 1 Net Link States (Area 0.0.0.0)Link ID ADV Router Age Seq# CkSum192.168.5.123 192.168.5.123 1265 0x80000001 0x5a5ar1_ospfd# sh ip ospf int eth0eth0 is

35、up, line protocol is up Internet Address 192.168.5.121/24, Area 0.0.0.0 Router ID 192.168.5.121, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 192.168.5.121, Interface Address 192.168.5.121 Backup Designated Router (ID) 192.168.5.123, Interface

36、 Address 192.168.5.123 Timer intarvals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:01 Neighbor Count is 1, Adjacent neighbor count is 1和前面的輸出信息相比,發(fā)生了很多變化,兩臺路由器已經(jīng)相互識別了。OSPF不象RIP一樣,每隔30秒 給所有的鄰居廣播一次完整的路由表,而是通過IP多目組播地址224.0.0.5每隔10秒發(fā)送一個很小的hello 數(shù)據(jù)包來維護(hù)鄰居關(guān)系,當(dāng)鏈路發(fā)生變化的時候,才重新計算。拔掉兩

37、臺機(jī)器連接的網(wǎng)線,看ospfd.log的記錄:-8-2002/04/28 16:25:53 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 16:25:57 OSPF: Packet 192.168.5.123 Hello:RECV: Options *|*|-|-|-|-|E|*2002/04/28 16:26:03 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 16:26:13 OSPF: make_hello: options:

38、 2, int: eth0:192.168.5.1212002/04/28 16:26:23 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 16:26:33 OSPF: make_hello: options: 2, int: eth0:192.168.5.1212002/04/28 16:26:37 OSPF: ospf_check_abr_status(): Start2002/04/28 16:26:37 OSPF: ospf_check_abr_status(): looked through areas

39、2002/04/28 16:26:37 OSPF: ospf_check_abr_status(): bb_configured: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): bb_act_attached: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): areas_configured: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): areas_act_attached: 12002/04/28 16:26:37 OS

40、PF: nsm_change_status(): scheduling new router-LSA origination2002/04/28 16:26:37 OSPF: DR-Election1nd: Backup 0.0.0.02002/04/28 16:26:37 OSPF: DR-Election1nd: DR 192.168.5.1212002/04/28 16:26:37 OSPF: ospf_check_abr_status(): Start2002/04/28 16:26:37 OSPF: ospf_check_abr_status(): looked through ar

41、eas2002/04/28 16:26:37 OSPF: ospf_check_abr_status(): bb_configured: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): bb_act_attached: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): areas_configured: 12002/04/28 16:26:37 OSPF: ospf_check_abr_status(): areas_act_attached: 12002/04/28 16:26:37

42、 OSPF: Timerrouter-LSA: (router-LSA Refresh expire)2002/04/28 16:26:37 OSPF: counting fully adjacent virtual neighbors in area 0.0.0.02002/04/28 16:26:37 OSPF: there are 0 of them2002/04/28 16:26:37 OSPF: SPF: calculation timer scheduled2002/04/28 16:26:37 OSPF: SPF: calculation timer delay = 52002/

43、04/28 16:26:37 OSPF: ospf_flood_through_interface(): considering int eth0:192.168.5.1212002/04/28 16:26:37 OSPF: ospf_flood_through_interface(): considering nbr 192.168.5.1212002/04/28 16:26:42 OSPF: SPF: Timer (SPF calculation expire)2002/04/28 16:26:42 OSPF: ospf_spf_calculate: Start2002/04/28 16:

44、26:42 OSPF: ospf_spf_calculate: running Dijkstra for area 0.0.0.02002/04/28 16:26:42 OSPF: SPF Result: 0 R 192.168.5.1212002/04/28 16:26:42 OSPF: = OSPF routing table =2002/04/28 16:26:42 OSPF: =2002/04/28 16:26:42 OSPF: ospf_process_stub():processing stubs for area 0.0.0.02002/04/28 16:26:42 OSPF:

45、ospf_process_stub():processing router LSA, id: 192.168.5.1212002/04/28 16:26:42 OSPF: ospf_process_stub(): we have 1 links to process2002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): Start2002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): processing route to 192.168.5.0/242002/04/28 16:26:42 OSPF: ospf

46、_intra_add_stub(): calculated cost is 0 + 10 = 102002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): installing new route2002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): this network is on this router2002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): the interface is eth0:192.168.5.1212002/04/28 16:26:42 OSPF: ospf_intra_add_stub(): Stop2002/04/28 16:26:42 OSPF: children of V:2002/04/28

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論