Cyber_Security_Notes/B. 第二阶段/拓扑练习/0828_BFD和静态路由.md
2024-08-28 17:14:05 +08:00

208 lines
6.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BFD和静态路由
![image-20240828140643096](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240828140643096.png)
### 一、配IP
- **AR1**
```
[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip add 192.168.1.254 24
[AR1-GigabitEthernet0/0/2]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip add 192.168.12.1 24
[AR1-GigabitEthernet0/0/0]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip add 192.168.13.1 24
[AR1-GigabitEthernet0/0/1]quit
[AR1]ip route-static 192.168.2.0 24 192.168.12.2
[AR1]ip route-static 192.168.2.0 24 192.168.13.3 preference 100
```
- **AR2**
```
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip add 192.168.12.2 24
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]ip add 192.168.24.2 24
[AR2-GigabitEthernet0/0/1]quit
[AR2]ip route-static 192.168.1.0 24 192.168.12.1
[AR2]ip route-static 192.168.2.0 24 192.168.24.4
```
- **AR3**
```
[AR3]int g0/0/0
[AR3-GigabitEthernet0/0/0]ip add 192.168.13.3 24
[AR3-GigabitEthernet0/0/0]int g0/0/1
[AR3-GigabitEthernet0/0/1]ip add 192.168.34.3 24
[AR3-GigabitEthernet0/0/1]quit
[AR3]ip route-static 192.168.1.0 24 192.168.13.1
[AR3]ip route-static 192.168.2.0 24 192.168.34.4
```
- **AR4**
```
[AR4]int g0/0/0
[AR4-GigabitEthernet0/0/0]ip add 192.168.24.4 24
[AR4-GigabitEthernet0/0/0]int g0/0/1
[AR4-GigabitEthernet0/0/1]ip add 192.168.34.4 24
[AR4-GigabitEthernet0/0/1]int g0/0/2
[AR4-GigabitEthernet0/0/2]ip add 192.168.2.254 24
[AR4-GigabitEthernet0/0/2]quit
[AR4]ip route-static 192.168.1.0 24 192.168.24.2
[AR4]ip route-static 192.168.1.0 24 192.168.34.3 preference 100
```
### 二、BFD
- **AR1**
```
[AR1]ip route-static 192.168.24.0 24 192.168.12.2
[AR1]ip route-static 192.168.34.0 24 192.168.13.3
[AR1]bfd
[AR1-bfd]quit
[AR1]bfd ntd2407 bind peer-ip 192.168.24.4
[AR1-bfd-session-ntd2407]discriminator local 1
[AR1-bfd-session-ntd2407]discriminator remote 4
[AR1-bfd-session-ntd2407]min-tx-interval 10
[AR1-bfd-session-ntd2407]min-rx-interval 10
[AR1-bfd-session-ntd2407]commit
[AR1-bfd-session-ntd2407]quit
[AR1]ip route-static 192.168.2.0 24 192.168.12.2 track bfd-session ntd2407
```
- *注解:*
1. `[AR1]bfd`进入BFD配置模式
2. `[AR1-bfd]quit`退出BFD配置模式
3. `[AR1]bfd ntd2407 bind peer-ip 192.168.24.4`:创建一个名为`ntd2407`的BFD会话并将其绑定到对端IP地址`192.168.24.4`
4. `[AR1-bfd-session-ntd2407]discriminator local 1`为本地设备设置BFD会话的鉴别器值为`1`
5. `[AR1-bfd-session-ntd2407]discriminator remote 4`设置对端设备BFD会话的鉴别器值为`4`
6. `[AR1-bfd-session-ntd2407]min-tx-interval 10`设置BFD会话的最小发送间隔为`10`毫秒
7. `[AR1-bfd-session-ntd2407]min-rx-interval 10`设置BFD会话的最小接收间隔为`10`毫秒
8. `[AR1-bfd-session-ntd2407]commit`提交BFD会话的配置使其生效
9. `ip route-static 192.168.2.0 24 192.168.12.2 track bfd-session ntd2407`BFD与静态路由联动
- **AR4**
```
[AR4]ip route-static 192.168.12.0 24 192.168.24.2
[AR4]ip route-static 192.168.13.0 24 192.168.34.3
[AR4]bfd
[AR4-bfd]quit
[AR4]bfd ntd2407 bind peer-ip 192.168.12.1
[AR4-bfd-session-ntd2407]discriminator local 4
[AR4-bfd-session-ntd2407]discriminator remote 1
[AR4-bfd-session-ntd2407]min-tx-interval 10
[AR4-bfd-session-ntd2407]min-rx-interval 10
[AR4-bfd-session-ntd2407]commit
```
- *注解:*
1. `[AR1]bfd`进入BFD配置模式
2. `[AR1-bfd]quit`退出BFD配置模式
3. `[AR1]bfd ntd2407 bind peer-ip 192.168.12.1`:创建一个名为`ntd2407`的BFD会话并将其绑定到对端IP地址`192.168.12.1`
4. `[AR1-bfd-session-ntd2407]discriminator local 4`为本地设备设置BFD会话的鉴别器值为`4`
5. `[AR1-bfd-session-ntd2407]discriminator remote 1`设置对端设备BFD会话的鉴别器值为`1`
6. `[AR1-bfd-session-ntd2407]min-tx-interval 10`设置BFD会话的最小发送间隔为`10`毫秒
7. `[AR1-bfd-session-ntd2407]min-rx-interval 10`设置BFD会话的最小接收间隔为`10`毫秒
8. `[AR1-bfd-session-ntd2407]commit`提交BFD会话的配置使其生效
### 三、完备性测试
- **AR1**
```
[AR1]dis bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 4 192.168.24.4 Up S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0
```
- **PC1**
```
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
From 192.168.2.1: bytes=32 seq=4 ttl=125 time=32 ms
From 192.168.2.1: bytes=32 seq=5 ttl=125 time=15 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
2 packet(s) received
60.00% packet loss
round-trip min/avg/max = 0/23/32 ms
```
### 四、功能性测试
- **断连测试**
![image-20240828153740948](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240828153740948.png)
- **AR1**
- 查看BFD信息
```
[AR1]dis bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 4 192.168.24.4 Down S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 0/1
```
- **PC1**
- PING
```
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.2.1: bytes=32 seq=2 ttl=125 time=31 ms
From 192.168.2.1: bytes=32 seq=3 ttl=125 time=16 ms
From 192.168.2.1: bytes=32 seq=4 ttl=125 time=47 ms
From 192.168.2.1: bytes=32 seq=5 ttl=125 time=16 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/27/47 ms
```
- Tracert
```
PC>tracert 192.168.2.1
traceroute to 192.168.2.1, 8 hops max
(ICMP), press Ctrl+C to stop
1 192.168.1.254 16 ms 15 ms 16 ms
2 192.168.13.3 16 ms 15 ms 16 ms
3 192.168.34.4 16 ms 31 ms 15 ms
4 192.168.2.1 16 ms 31 ms 16 ms
```