Cyber_Security_Notes/B. 第二阶段/拓扑练习/0828_BFD和静态路由.md

208 lines
6.7 KiB
Markdown
Raw Normal View History

2024-08-28 15:26:45 +08:00
# BFD和静态路由
![image-20240828140643096](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240828140643096.png)
### 一、配IP
- **AR1**
```
[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip add 192.168.1.254 24
[AR1-GigabitEthernet0/0/2]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip add 192.168.12.1 24
[AR1-GigabitEthernet0/0/0]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip add 192.168.13.1 24
[AR1-GigabitEthernet0/0/1]quit
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR1]ip route-static 192.168.2.0 24 192.168.12.2
2024-08-28 17:14:00 +08:00
[AR1]ip route-static 192.168.2.0 24 192.168.13.3 preference 100
2024-08-28 15:26:45 +08:00
```
- **AR2**
```
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip add 192.168.12.2 24
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]ip add 192.168.24.2 24
[AR2-GigabitEthernet0/0/1]quit
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR2]ip route-static 192.168.1.0 24 192.168.12.1
[AR2]ip route-static 192.168.2.0 24 192.168.24.4
```
- **AR3**
```
[AR3]int g0/0/0
[AR3-GigabitEthernet0/0/0]ip add 192.168.13.3 24
[AR3-GigabitEthernet0/0/0]int g0/0/1
[AR3-GigabitEthernet0/0/1]ip add 192.168.34.3 24
[AR3-GigabitEthernet0/0/1]quit
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR3]ip route-static 192.168.1.0 24 192.168.13.1
[AR3]ip route-static 192.168.2.0 24 192.168.34.4
```
- **AR4**
```
[AR4]int g0/0/0
[AR4-GigabitEthernet0/0/0]ip add 192.168.24.4 24
[AR4-GigabitEthernet0/0/0]int g0/0/1
[AR4-GigabitEthernet0/0/1]ip add 192.168.34.4 24
[AR4-GigabitEthernet0/0/1]int g0/0/2
[AR4-GigabitEthernet0/0/2]ip add 192.168.2.254 24
[AR4-GigabitEthernet0/0/2]quit
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR4]ip route-static 192.168.1.0 24 192.168.24.2
[AR4]ip route-static 192.168.1.0 24 192.168.34.3 preference 100
```
### 二、BFD
- **AR1**
```
[AR1]ip route-static 192.168.24.0 24 192.168.12.2
[AR1]ip route-static 192.168.34.0 24 192.168.13.3
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR1]bfd
[AR1-bfd]quit
[AR1]bfd ntd2407 bind peer-ip 192.168.24.4
[AR1-bfd-session-ntd2407]discriminator local 1
[AR1-bfd-session-ntd2407]discriminator remote 4
[AR1-bfd-session-ntd2407]min-tx-interval 10
[AR1-bfd-session-ntd2407]min-rx-interval 10
[AR1-bfd-session-ntd2407]commit
2024-08-28 16:41:56 +08:00
[AR1-bfd-session-ntd2407]quit
2024-08-28 17:14:00 +08:00
[AR1]ip route-static 192.168.2.0 24 192.168.12.2 track bfd-session ntd2407
2024-08-28 15:26:45 +08:00
```
- *注解:*
1. `[AR1]bfd`进入BFD配置模式
2. `[AR1-bfd]quit`退出BFD配置模式
3. `[AR1]bfd ntd2407 bind peer-ip 192.168.24.4`:创建一个名为`ntd2407`的BFD会话并将其绑定到对端IP地址`192.168.24.4`
4. `[AR1-bfd-session-ntd2407]discriminator local 1`为本地设备设置BFD会话的鉴别器值为`1`
5. `[AR1-bfd-session-ntd2407]discriminator remote 4`设置对端设备BFD会话的鉴别器值为`4`
6. `[AR1-bfd-session-ntd2407]min-tx-interval 10`设置BFD会话的最小发送间隔为`10`毫秒
7. `[AR1-bfd-session-ntd2407]min-rx-interval 10`设置BFD会话的最小接收间隔为`10`毫秒
8. `[AR1-bfd-session-ntd2407]commit`提交BFD会话的配置使其生效
2024-08-28 17:14:00 +08:00
9. `ip route-static 192.168.2.0 24 192.168.12.2 track bfd-session ntd2407`BFD与静态路由联动
2024-08-28 15:26:45 +08:00
- **AR4**
```
[AR4]ip route-static 192.168.12.0 24 192.168.24.2
[AR4]ip route-static 192.168.13.0 24 192.168.34.3
2024-08-28 16:41:56 +08:00
2024-08-28 15:26:45 +08:00
[AR4]bfd
[AR4-bfd]quit
[AR4]bfd ntd2407 bind peer-ip 192.168.12.1
[AR4-bfd-session-ntd2407]discriminator local 4
[AR4-bfd-session-ntd2407]discriminator remote 1
[AR4-bfd-session-ntd2407]min-tx-interval 10
[AR4-bfd-session-ntd2407]min-rx-interval 10
[AR4-bfd-session-ntd2407]commit
```
- *注解:*
1. `[AR1]bfd`进入BFD配置模式
2. `[AR1-bfd]quit`退出BFD配置模式
3. `[AR1]bfd ntd2407 bind peer-ip 192.168.12.1`:创建一个名为`ntd2407`的BFD会话并将其绑定到对端IP地址`192.168.12.1`
4. `[AR1-bfd-session-ntd2407]discriminator local 4`为本地设备设置BFD会话的鉴别器值为`4`
5. `[AR1-bfd-session-ntd2407]discriminator remote 1`设置对端设备BFD会话的鉴别器值为`1`
6. `[AR1-bfd-session-ntd2407]min-tx-interval 10`设置BFD会话的最小发送间隔为`10`毫秒
7. `[AR1-bfd-session-ntd2407]min-rx-interval 10`设置BFD会话的最小接收间隔为`10`毫秒
2024-08-28 16:41:56 +08:00
8. `[AR1-bfd-session-ntd2407]commit`提交BFD会话的配置使其生效
2024-08-28 17:14:00 +08:00
### 三、完备性测试
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
- **AR1**
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
```
[AR1]dis bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 4 192.168.24.4 Up S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0
```
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
- **PC1**
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
```
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
From 192.168.2.1: bytes=32 seq=4 ttl=125 time=32 ms
From 192.168.2.1: bytes=32 seq=5 ttl=125 time=15 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
2 packet(s) received
60.00% packet loss
round-trip min/avg/max = 0/23/32 ms
```
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
### 四、功能性测试
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
- **断连测试**
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
![image-20240828153740948](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240828153740948.png)
2024-08-28 16:41:56 +08:00
2024-08-28 17:14:00 +08:00
- **AR1**
- 查看BFD信息
```
[AR1]dis bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 4 192.168.24.4 Down S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 0/1
```
- **PC1**
- PING
```
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.2.1: bytes=32 seq=2 ttl=125 time=31 ms
From 192.168.2.1: bytes=32 seq=3 ttl=125 time=16 ms
From 192.168.2.1: bytes=32 seq=4 ttl=125 time=47 ms
From 192.168.2.1: bytes=32 seq=5 ttl=125 time=16 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/27/47 ms
```
- Tracert
```
PC>tracert 192.168.2.1
traceroute to 192.168.2.1, 8 hops max
(ICMP), press Ctrl+C to stop
1 192.168.1.254 16 ms 15 ms 16 ms
2 192.168.13.3 16 ms 15 ms 16 ms
3 192.168.34.4 16 ms 31 ms 15 ms
4 192.168.2.1 16 ms 31 ms 16 ms
```