RIP RIPv2 Authentication 认证配置
拓朴
实验说明
R1,R2,R3实现RIP版本2,之间互相认证
配置(方法一)
R1的配置
!
hostname R1
!
interface FastEthernet0/0
ip address 172.16.0.1 255.255.255.0
ip rip authentication key-chain R1
ip rip authentication mode text //默认是明文认证,如果要使用MD5加密认证,将text换成md5
duplex half
!
interface Serial2/1
ip address 192.168.0.1 255.255.255.0
ip rip authentication key-chain R1
serial restart-delay 0
!
key chain R1
key 3
key-string cisco
!
router rip
version 2
network 172.16.0.0
network 192.168.0.0
!
R2的配置
!
hostname R2
!
interface Serial2/1
ip address 192.168.0.2 255.255.255.0
ip rip authentication key-chain R2
serial restart-delay 0
!
key chain R2
key 10
key-string cisco
!
router rip
version 2
network 192.168.0.0
R3的配置
!
hostname R3
!
interface FastEthernet0/0
ip address 172.16.0.3 255.255.255.0
ip rip authentication key-chain R3
duplex half
!
key chain R3
key 11
key-string cisco
!
router rip
version 2
network 172.16.0.0
!
调试
R2上进行调试
R2#debug ip rip
*Feb 22 04:46:36.347: RIP: sending request on Serial2/1 to 224.0.0.9
*Feb 22 04:46:36.347: RIP: sending request on Serial2/1 to 224.0.0.9
*Feb 22 04:46:36.347: RIP: sending request on Serial2/1 to 224.0.0.9
*Feb 22 04:46:38.347: RIP: sending v2 flash update to 224.0.0.9 via Serial2/1 (192.168.0.2)
*Feb 22 04:46:38.347: RIP: build flash update entries - suppressing null update
*Feb 22 04:46:54.147: RIP: received packet with text authentication cisco
*Feb 22 04:46:54.151: RIP: received v2 update from 192.168.0.1 on Serial2/1
*Feb 22 04:46:54.151: 172.16.0.0/24 via 0.0.0.0 in 1 hops
*Feb 22 04:46:56.155: RIP: sending v2 flash update to 224.0.0.9 via Serial2/1 (192.168.0.2)
*Feb 22 04:46:56.155: RIP: build flash update entries - suppressing null update
*Feb 22 04:47:02.291: RIP: sending v2 update to 224.0.0.9 via Serial2/1 (192.168.0.2)
*Feb 22 04:47:02.291: RIP: build update entries - suppressing null update
*Feb 22 04:47:21.375: RIP: received packet with text authentication cisco
*Feb 22 04:47:21.379: RIP: received v2 update from 192.168.0.1 on Serial2/1
*Feb 22 04:47:21.379: 172.16.0.0/24 via 0.0.0.0 in 1 hops
*Feb 22 04:47:29.527: RIP: sending v2 update to 224.0.0.9 via Serial2/1 (192.168.0.2)
*Feb 22 04:47:29.527: RIP: build update entries - suppressing null update
*Feb 22 04:47:49.571: RIP: received packet with text authentication cisco
*Feb 22 04:47:49.571: RIP: received v2 update from 192.168.0.1 on Serial2/1
*Feb 22 04:47:49.571: 172.16.0.0/24 via 0.0.0.0 in 1 hops
*Feb 22 04:47:57.807: RIP: sending v2 update to 224.0.0.9 via Serial2/1 (192.168.0.2)
*Feb 22 04:47:57.807: RIP: build update entries - suppressing null update
R2#show ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 4 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 1, receive any version
Interface Send Recv Triggered RIP Key-chain
Serial2/1 2 2 R2 //可以看到key-chain使用R2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
192.168.0.0
Routing Information Sources:
Gateway Distance Last Update
192.168.0.1 120 00:00:04
Distance: (default is 120)
检查路由表,观察能否学习到路由条目
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
R 172.16.0.0 [120/1] via 192.168.0.1, 00:00:17, Serial2/1
C 192.168.0.0/24 is directly connected, Serial2/1