This shows you the differences between two versions of the page.
pr:labs:10 [2018/11/07 22:48] iulia.florea [4. Redistribuire] |
— (current) | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ~~SHOWSOLUTION~~ | ||
- | |||
- | ===== Laboratorul 10. Recapitulare ===== | ||
- | |||
- | ==== Topologie ==== | ||
- | |||
- | {{ :pr:laboratoare:10_topologie.png |}} | ||
- | |||
- | ==== Cerințe ==== | ||
- | |||
- | === Setup === | ||
- | <note important> Descarcati fișierul de topologie ''.net''. | ||
- | |||
- | Descărcați și dezarhivați arhiva de laborator de {{:pr:laboratoare:10_lab.zip|aici}}. Copiați imaginea de IOS în folderul ''ios/'' </note> | ||
- | |||
- | === Exerciții === | ||
- | |||
- | |||
- | ==== 1. Adresare IP (10p) ==== | ||
- | |||
- | **(10p)** Configurați adresele IP ale interfețelor de loopback conform tabelului de mai jos. | ||
- | |||
- | ^ Ruter ^ Interfață ^ Adresă IP | | ||
- | | R1 | Lo0 | 11.11.11.11/24 | | ||
- | | R2 | Lo0 | 12.12.12.12/24 | | ||
- | | R3 | Lo0 | 13.13.13.13/24 | | ||
- | | R4 | Lo0 | 14.14.14.14/24 | | ||
- | | R5 | Lo0 | 15.15.15.1/26 | | ||
- | | R5 | Lo1 | 15.15.15.65/26 | | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | Pe **R1**: | ||
- | <code> | ||
- | int l0 | ||
- | ip add 11.11.11.11 255.255.255.0 | ||
- | </code> | ||
- | |||
- | <code | ||
- | R1#sh ip int brief | ||
- | Interface IP-Address OK? Method Status Protocol | ||
- | […] | ||
- | Loopback0 11.11.11.11 YES manual up up | ||
- | </code> | ||
- | </solution> | ||
- | |||
- | </hidden> | ||
- | |||
- | ==== 2. OSPF ==== | ||
- | |||
- | **a. ** Configurați OSPF aria 0 pe segmentul Ethernet dintre R2 și R5. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R2# | ||
- | router ospf 1 | ||
- | network 89.112.25.0 0.0.0.255 area 0 | ||
- | </code> | ||
- | |||
- | |||
- | <code> | ||
- | R5# | ||
- | router ospf 1 | ||
- | ! | ||
- | int e0/1 | ||
- | ip ospf 1 area 0 | ||
- | </code> | ||
- | |||
- | <code> | ||
- | *Mar 1 00:46:06.519: %OSPF-5-ADJCHG: Process 1, Nbr 12.12.12.1 on Ethernet0/1 | ||
- | rom LOADING to FULL, Loading Done | ||
- | R5#sh ip ospf nei | ||
- | |||
- | Neighbor ID Pri State Dead Time Address Interface | ||
- | 12.12.12.12 1 FULL/BDR 00:00:37 89.112.25.2 Ethernet0/1 | ||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | **b. ** Configurați OSPF aria 1 pe segmentule Seriale R1-R2 si R1-R5 | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R1# | ||
- | router ospf 1 | ||
- | ! | ||
- | int se 1/0 | ||
- | ip ospf 1 area 1 | ||
- | int se 1/1 | ||
- | ip ospf 1 area 1 | ||
- | |||
- | </code> | ||
- | |||
- | <code> | ||
- | R2# | ||
- | int se 1/0 | ||
- | ip ospf 1 area 1 | ||
- | </code> | ||
- | |||
- | <code> | ||
- | R5# | ||
- | int se 1/0 | ||
- | ip ospf 1 area 1 | ||
- | </code> | ||
- | |||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | |||
- | **c. ** Adaugati in OSPF prin redistribuire **doar** interfetele de loopback a lui R5 | ||
- | si sumarizati-le, astfel incat vecinii sa primeasca o singura retea. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | R5(config)# ip access-list standard redist_R5 | ||
- | R5(config-nacl)# permit 15.15.15.0 0.0.0.63 | ||
- | R5(config-nacl)# permit 15.15.15.64 0.0.0.63 | ||
- | R5(config)#route-map rm_redist_R5 | ||
- | |||
- | R5(config-rm)# match ip address redist_R5 | ||
- | R5(config)# router ospf 1 | ||
- | R5(config-router)# redistribute connected route-map redist_R5 subnets | ||
- | R5(config-router)# summary address 15.15.15.0 255.255.255.0 | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | **d. ** Configurați rețeaua OSPF astfel încât R2 să fie mereu ales DR pe legătura dintre R2 și R5. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R2# | ||
- | int e 0/1 | ||
- | ip ospf priority 100 | ||
- | ! | ||
- | clear ip ospf 1 process | ||
- | Reset OSPF process? [no]: yes | ||
- | </code> | ||
- | |||
- | <code> | ||
- | R5#sh ip ospf nei | ||
- | |||
- | Neighbor ID Pri State Dead Time Address Interface | ||
- | 12.14.14.1 100 FULL/DR 00:00:35 89.112.25.2 Ethernet0/1 | ||
- | </code> | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | **e. ** Adaugati legatura R2-R3 in aria 2 si R3-R4 in OSPF 1, aria 3 | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R5# | ||
- | ip access-list standard ACL_OSPF_RED_CONN | ||
- | permit 15.12.13.0 0.0.0.127 | ||
- | ! | ||
- | route-map OSPF_RED_CONN | ||
- | match ip address ACL_OSPF_RED_CONN | ||
- | ! | ||
- | router ospf 1 | ||
- | redistribute connected subnets route-map OSPF_RED_CONN metric-type 1 | ||
- | </code> | ||
- | |||
- | <code> | ||
- | R1#sh ip route ospf | ||
- | […] | ||
- | 15.0.0.0/26 is subnetted, 2 subnets | ||
- | O E1 15.12.13.0 [110/94] via 89.112.12.2, 00:00:01, Serial1/0 | ||
- | O E1 15.12.13.64 [110/94] via 89.112.12.2, 00:00:01, Serial1/0 | ||
- | </code> | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | **f. ** Fara a adauga alte interfete in OSPF, configurati o modalitate ca R4 sa primeasca update-uri OSPF de la R1. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R2(config)#router ospf 1 | ||
- | R2(config-router)#area 2 virtual-link 13.13.13.13 | ||
- | R3(config)#router ospf 1 | ||
- | R3(config-router)#area 2 virtual-link 12.12.12.12 | ||
- | |||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | **g. ** Configurati legatura R4-R5 in OSPF 2. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R1(config)#router ospf 1 | ||
- | R1(config-router)#area 2 stub | ||
- | R1#sh ip ospf | ||
- | […] | ||
- | Area 2 | ||
- | Number of interfaces in this area is 1 (1 loopback) | ||
- | It is a stub area | ||
- | generates stub default route with cost 1 | ||
- | Area has no authentication | ||
- | SPF algorithm last executed 00:02:23.996 ago | ||
- | SPF algorithm executed 7 times | ||
- | Area ranges are | ||
- | Number of LSA 6. Checksum Sum 0x03ADC9 | ||
- | Number of opaque link LSA 0. Checksum Sum 0x000000 | ||
- | Number of DCbitless LSA 0 | ||
- | Number of indication LSA 0 | ||
- | Number of DoNotAge LSA 0 | ||
- | Flood list length 0 | ||
- | </code> | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | ==== 3. IPv6 ==== | ||
- | |||
- | ** a. ** Configurați urmatoarele adrese IPv6: | ||
- | - 2001:1::1/64 pe interfața lo1 a lui R1. | ||
- | - 2001:3::1/64 pe interfața lo1 a lui R3. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R1(config)#int l1 | ||
- | R1(config-if)#ipv6 address 2001:1::1/64 | ||
- | |||
- | R3(config)#int l1 | ||
- | R4(config-if)#ipv6 address 2001:3::1/64 | ||
- | </code> | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ** b. ** Configurați un tunel MCT între R1 și R3 . | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | |||
- | <code> | ||
- | R1#sh runn | sec Tunn | ||
- | interface Tunnel0 | ||
- | no ip address | ||
- | ipv6 address 2001:15::1/64 | ||
- | tunnel source s1/0 | ||
- | tunnel destination 89.112.23.2 | ||
- | tunnel mode ipv6ip | ||
- | </code> | ||
- | |||
- | <code> | ||
- | R3#sh runn | sec Tunn | ||
- | interface Tunnel0 | ||
- | no ip address | ||
- | ipv6 address 2001:15::3/64 | ||
- | tunnel source e0/0 | ||
- | tunnel destination 89.112.12.1 | ||
- | tunnel mode ipv6ip | ||
- | </code> | ||
- | |||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ** c. ** Activati RIPng astfel incat sa aveti conectivitate intre interfetele de Loopback. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | |||
- | R1(config)#interface tunnel 0 | ||
- | R1(config-if)#ipv6 rip myrip enable | ||
- | R1(config)#interface loopback 0 | ||
- | R1(config-if)#ipv6 rip myrip enable | ||
- | |||
- | R3(config)#interface tunnel 0 | ||
- | R3(config-if)#ipv6 rip myrip enable | ||
- | R3(config)#interface loopback 0 | ||
- | R3(config-if)#ipv6 rip myrip enable | ||
- | |||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ==== 4. ACL ==== | ||
- | |||
- | ** 1. ** Configurati reteaua astfel incat sa functioneze ping-ul intre interfete de loopback a lui R1, R2, R3 si R4. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | R1(config)#interface lo0 | ||
- | R1(config-if)#ip ospf 1 area 0 | ||
- | |||
- | R2(config)#interface lo0 | ||
- | R2(config-if)#ip ospf 1 area 0 | ||
- | |||
- | R3(config)#interface lo0 | ||
- | R3(config-if)#ip ospf 1 area 2 | ||
- | |||
- | R4(config)#interface lo0 | ||
- | R4(config-if)#ip ospf 1 area 3 | ||
- | |||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ** 2. ** Permiteti traficul ssh de la interfata Lo0 a lui R1 catre Lo0 a lui R3, doar daca este initiat de R3 | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | R2(config)# ip access-list extended r1_to_r3 | ||
- | R2(config-nacl)#permit tcp host 11.11.11.11 host 13.13.13.13 established | ||
- | R2(config-nacl)#deny tcp host 11.11.11.11 host 13.13.13.13 | ||
- | R2(config-nacl)#permit ip any any | ||
- | |||
- | R2(config)#int s1/0 | ||
- | R2(config-if)#ip access-group r1_to_r3 in | ||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | |||
- | ==== 4. Redistribuire ==== | ||
- | |||
- | ** 1. ** Redistribuiti, pe R5, OSPF 1 in OSPF 2, dar filtrati interfata Lo0 a lui R1. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | R5(config)#ip access-list redist_1_2 | ||
- | R5(config-nacl)#deny 11.11.11.11 0.0.0.255 | ||
- | R5(config-nacl)#permit any | ||
- | |||
- | R5(config)#route-map rm_redist_1_2 | ||
- | R5(config)#match ip address redist_1_2 | ||
- | |||
- | R5(config)# router ospf 2 | ||
- | R5(config-router)#redistribute ospf 1 route-map rm_redist_1_2 subnets | ||
- | |||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ** 2. ** Redistribuiti, pe R5, OSPF 2 in OSPF 1, cu metrica 30 si cost cumulativ. | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | |||
- | R5(config)# router ospf 1 | ||
- | R5(config-router)#redistribute ospf 2 metric-type 1 metric 30 subnets | ||
- | |||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||
- | |||
- | ** 3. ** Configurati reteaua astfel incat ping-ul dintre R1 si R4 sa treaca prin R5 | ||
- | |||
- | <hidden> | ||
- | <solution -hidden> | ||
- | <code> | ||
- | |||
- | R1(config)#ip access-list extended r1_r4 | ||
- | R1(config-nacl)#permit ip any host 89.112.34.2 | ||
- | R1(config-nacl)#permit ip any host 89.112.45.2 | ||
- | |||
- | R1(config)# route-map rm_r1_r4 | ||
- | R1(config-rm)#match ip address r1_r4 | ||
- | |||
- | R2(config)#ip local-policy route-map rm_r1_r4 | ||
- | </code> | ||
- | </solution> | ||
- | </hidden> | ||