Cisco默认路由
:IT学习乐园
:Builder
:20240329
:859

 默认路由的指令供有3种 ip default-getway / ip default-network /ip route 0.0.0.0 0.0.0.0,可以分成两类:
(第1类)ip default-gateway
当路由器上的ip routing(no ip routing)无效时,使用它指定默认路由.
二层交换机上的ip default-gateway的地址总是与管理vlan的地址配合出现,以用于vty远程管理,仅此一个目的而已。如果不需要远程管理,可以不配置,不会影响其他的数据通讯.如果配置了管理vlan的地址,就一定要配置ip default-gateway的地址。否则无法远程管理。管理vlan的地址必须与ip defaulut-gaeway地址在同一网段。

(第2类)ip default-network和ip route 0.0.0.0 0.0.0.0
两者都用于ip routing有效的路由器上,区别主要在于路由协议是否传播这条路由信息。比如:IGRP无法识别0.0.0.0,因此传播默认路由时必须用ip default-network。当用ip default-network指令设定多条默认路由时,administrative distance最短的成为最终的默认路由;如果有复数条路由distance值相等,那么在路由表(show ip route)中靠上的成为默认路由。同时使用ip default-network和ip route 0.0.0.0 0.0.0.0双方设定默认路由时,如果ip default-network设定的网络是直连(静态、且已知)的,那么它就成为默认路由;如果ip default-network指定的网络是由交换路由信息得来的,则ip route 0.0.0.0 0.0.0.0指定的表项成为默认路由。最后,如果使用多条ip route 0.0.0.0 0.0.0.0指令,则流量会自动在多条链路上负载均衡。

---------------------------------

ip default-gateway xxx.xxx.xxx.xxx实验:

实验拓朴如下:

Router1 F0/0 <----> Switch1 F0/0

 

Router1配置如下:


R1#
R1#show run
Building configuration...

Current configuration : 754 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Po4x$WpjSLfwi0YL00lWwykkdg/
enable password 7 094F471A1A0A
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!         
banner motd ^C Welcome to connect to Router1 ^C
!
line con 0
 exec-timeout 0 0
 password 7 070C285F4D06
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 14141B180F0B
 login
!
!
end

R1#

 

Switch1配置如下:

 


SW1#
SW1#show run
Building configuration...

Current configuration : 1206 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$8oKx$H/87Jc87yOOZuGmxdhUT4/
enable password 7 094F471A1A0A
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface FastEthernet0/0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
 ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!         
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Switch 1 ^C
!
line con 0
 exec-timeout 0 0
 password 7 00071A150754
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 1511021F0725
 login
!
!
end      

SW1#

 

--------------------------------------------

从R1 telnet 到 SW1

R1#telnet 192.168.1.2
Trying 192.168.1.2 ... Open
 Welcome to connect to Switch 1

User Access Verification

Password: 
SW1>enable

Password: 
SW1#

 

-------------------------------------------

 

通过HTTP访问二层交换机实验:

拓朴如下:

Switch1 F0/0 <----> XPC P0/0

 

Switch1配置如下:

show run
Building configuration...

Current configuration : 1210 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$moZL$5USUg2xNltpxOKN1IKhUe0
enable password 7 121A0C041104
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface FastEthernet0/0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
 ip address 192.168.1.200 255.255.255.0

!
ip default-gateway 192.168.1.104
ip http server

no ip http secure-server
!
!
!
!
!
!
control-plane
!         
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Switch 1 ^C
!
line con 0
 exec-timeout 0 0
 password 7 030752180500
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 05080F1C2243
 login
!
!
end      

SW1#

 

打开浏览器输入Vlan 1的IP地址192.168.1.200.然后输入密码框中输入enable secret中的密码,就可以看见交换机的信息。

 

SW1(config)#username builder privilege 15 secret Builder

SW1(config)#privilege exec level 15 show run

 

SW1(config)#line console 0
SW1(config-line)#login local

 

SW1(config)#line vty 0 4 
SW1(config-line)#login local

通过上设置后,则需要输入用户名及enable secret密后才能用HTTP的方式进行访问.

---------------------------------------------------------------------------

 ip route 0.0.0.0 0.0.0.0 xxx实验拓朴如下:(一般用在只有一条出口的链路上)

Router1 F0/0 <----> Router2 F0/0

Router1配置如下:


R1#show run
Building configuration...

Current configuration : 946 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$5huI$P5MYtt.EAlIzHd0P.f/Go.
enable password 7 1511021F0725
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface Loopback0
 ip address 192.168.2.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.3.2 255.255.255.0
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Router1 ^C
!
line con 0
 exec-timeout 0 0
 password 7 060506324F41
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 01100F175804
 login
!
!         
end

R1#      

 

R2配置如下:


R2#
R2#show run
Building configuration...

Current configuration : 882 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HewH$w0pvrzNpLTKrzdvqmUggJ0
enable password 7 094F471A1A0A
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 192.168.4.1 255.255.255.0
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.1.2
!
!
!
!
!
!
control-plane
!
!
!         
!
!
!
!
!
!
banner motd ^C Welcome to connect to Router2 ^C
!
line con 0
 exec-timeout 0 0
 password 7 121A0C041104
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 13061E010803
 login
!
!
end

R2#

-----------------

验证:

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, Loopback0
C    192.168.3.0/24 is directly connected, FastEthernet1/0
S*   0.0.0.0/0 is directly connected, FastEthernet0/0
R1#

 

R2# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.1.2 to network 0.0.0.0

C    192.168.4.0/24 is directly connected, FastEthernet1/0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 192.168.1.2
R2#

 

 R1#ping 192.168.4.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/33/96 ms
R1#

 

 R2#ping 192.168.2.1      

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/34/76 ms
R2#

 -------------------------

将R1上的路由修改为静态路由

R1(config)#no ip route 0.0.0.0 0.0.0.0 fa0/0

R1(config)#ip route 192.168.4.0 255.255.255.0 192.168.1.1

 

 R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

S    192.168.4.0/24 [1/0] via 192.168.1.1
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, Loopback0
C    192.168.3.0/24 is directly connected, FastEthernet1/0
R1#
R1#

 ---------------------------------------

运行ip default-network xxx.xxx.xxx.xxx后会将相应的静态路由修改为候选默认路由

R1(config)#ip default-network ?
  A.B.C.D  IP address of default network

R1(config)#ip default-network 192.168.4.0
R1(config)#end
R1#sh
*Mar  1 00:34:13.671: %SYS-5-CONFIG_I: Configured from console by console
R1#show  ip  route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.1.1 to network 192.168.4.0

S*   192.168.4.0/24 [1/0] via 192.168.1.1
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, Loopback0
C    192.168.3.0/24 is directly connected, FastEthernet1/0
R1#

---------------------------

注意:路由选择,是先选匹配路由,然后才是缺省路由.




 




华为云速邮箱
华为云速邮箱

企业办公必备, 安全简单易用收发稳定的企业邮箱...限时...

立刻前往...
开发者免费试用
开发者免费试用

9:30开抢,每天限量100份.个人认证新用户绑定邮箱后...

立刻前往...
域名建站专场
域名建站专场

域名建站专场:域名1元起,免费云解析,一站式建站,买3年...

立刻前往...
华为企业应用专场
华为企业应用专场

企业建站买1年送2年,商标注册270元起,企业邮箱400...

立刻前往...