您现在的位置是: IT外包 ->技术支持 ->数据恢复 ->服务内容 ->
 
本文关键字: 代理ARP
代理ARP的原理
作者: 不详 | 发布时间: 2010-11-22 15:00 | 信息类别: 服务内容 | 访问人次:
评论 推荐 打印 编辑 】 【 关闭
  

  
实验目的:验证代理ARP的原理
代理ARP: 代替远程主机响应本地请求(默认开启)
实验拓扑:


实验步骤:
1. 基本配置

r1(config)#no ip domain lo
r1(config)#line con 0
r1(config-line)#no exec-t
r1(config-line)#logg s

r2(config)#no ip domain lo
r2(config)#line con 0
r2(config-line)#no exec-t
r2(config-line)#logg s

r3(config)#no ip domain lo
r3(config)#line con 0
r3(config-line)#no exec-t
r3(config-line)#logg s

r4(config)#no ip domain lo
r4(config)#line con 0
r4(config-line)#no exec-t
r4(config-line)#logg s

2. 在路由器上配置接口信息,使4台路由器可以ping

r1(config)#int e0/0
r1(config-if)#ip add 10.1.1.1 255.255.0.0
r1(config-if)#no sh

r2(config)#int e0/0
r2(config-if)#ip add 10.1.1.2 255.255.255.0
r2(config-if)#no sh

r3(config)#int e0/0
r3(config-if)#ip add 10.1.1.3 255.255.255.0
r3(config-if)#no sh
r3(config-if)#int e0/1
r3(config-if)#ip add 10.1.2.1 255.255.255.0
r3(config-if)#no sh

r4(config)#int e0/0
r4(config-if)#ip add 10.1.2.2 255.255.255.0
r4(config-if)#no sh

3. 测试路由器的连通性(注意;要打开交换机上的接口)

r1#ping 10.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/448/1004 ms
r1#ping 10.1.1.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/448/1004 ms
r2#ping 10.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/378/864 ms

r3#ping 10.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 400/745/888 ms

r3#ping 10.1.2.2 //验证了r3与r4是相通的

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/404/796 ms
r3#

4. 由r1 ping r4可发现不通

r1#ping 10.1.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

5. 打开r4上调试信息,在r1上ping,则可以看到r4上的发送信息

r4#debug ip packet
IP packet debugging is on

r1#p 10.1.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
r1#

r4#
*Mar 1 00:35:54.795: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:35:54.795: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:35:54.795: IP: s=10.1.2.2 (local), d=10.1.1.1, len 100, unroutable
*Mar 1 00:35:55.451: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:35:55.451: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:35:55.451: IP: s=10.1.2.2 (local), d=10.1.1.1, len 100, unroutable
*Mar 1 00:35:56.147: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:35:56.147: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:35:56.147: IP: s=10.1.2.2 (local), d=10.1.1.1, len 100, unroutable
*Mar 1 00:35:56.399: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:35:56.399: IP: s=10.1.1.1 (Ethernet0/0), d=1
r4#0.1.2.2 (Ethernet0/0), len 100, rcvd 3¬¬¬¬————有接受到的数据包,没有sending的
*Mar 1 00:35:56.399: IP: s=10.1.2.2 (local), d=10.1.1.1, len 100, unroutable
*Mar 1 00:35:56.647: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:35:56.647: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:35:56.647: IP: s=10.1.2.2 (local), d=10.1.1.1, len 100, unroutable ——无法路由
r4#
打开ICMP的调试信息,在r1上ping就可以看到,r4上能接收到r1发的数据包但是r1无法接受到r4的回包

r4#deb ip icmp
ICMP packet debugging is on
r4#
*Mar 1 00:31:43.771: ICMP: echo reply sent, src 10.1.2.2, dst 10.1.1.1
*Mar 1 00:31:44.063: ICMP: echo reply sent, src 10.1.2.2, dst 10.1.1.1
*Mar 1 00:31:44.715: ICMP: echo reply sent, src 10.1.2.2, dst 10.1.1.1
*Mar 1 00:31:44.719: ICMP: echo reply sent, src 10.1.2.2, dst 10.1.1.1
*Mar 1 00:31:44.719: ICMP: echo reply sent, src 10.1.2.2, dst 10.1.1.1
r4#u all ————关闭调试信息


6. 在r4上加一条静态路由,就可以ping通了

r4(config)#int e0/0
r4(config)#ip route 0.0.0.0 0.0.0.0 e0/0

r1#p 10.1.2.2————ping r4以通

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 556/930/1604 ms
r1#

r4#
*Mar 1 00:44:05.419: IP: s=10.1.2.2 (local), d=10.1.1.1 (Ethernet0/0), len 100, sending
*Mar 1 00:44:05.495: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:44:05.495: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:44:05.495: IP: tableid=0, s=10.1.2.2 (local), d=10.1.1.1 (Ethernet0/0), routed via FIB
*Mar 1 00:44:05.499: IP: s=10.1.2.2 (local), d=10.1.1.1 (Ethernet0/0), len 100, sending
*Mar 1 00:44:05.607: IP: tableid=0, s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), routed via RIB
*Mar 1 00:44:05.607: IP: s=10.1.1.1 (Ethernet0/0), d=10.1.2.2 (Ethernet0/0), len 100, rcvd 3
*Mar 1 00:44:05.607: IP: tableid=0, s=10.1.2.2 (local), d=10.1.1.1 (Ethernet0/0), routed via FIB
*Mar 1 00:44:05.607: IP: s=10.1.2.2 (local), d=10.1.1.1 (Ethernet0/0), len 100, sending


7. 查看各个路由器的Mac地址

r1#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.1.2 31 cc09.0680.0000 ARPA Ethernet0/0
Internet 10.1.1.3 33 cc0a.0680.0000 ARPA Ethernet0/0
Internet 10.1.2.2 26 cc0a.0680.0000 ARPA Ethernet0/0
Internet 10.1.1.1 - cc08.0680.0000 ARPA Ethernet0/0

r3#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.1.2 31 cc09.0680.0000 ARPA Ethernet0/0
Internet 10.1.2.1 - cc0a.0680.0001 ARPA Ethernet0/1
Internet 10.1.1.3 - cc0a.0680.0000 ARPA Ethernet0/0
Internet 10.1.2.2 6 cc0b.0680.0000 ARPA Ethernet0/1
Internet 10.1.1.1 26 cc08.0680.0000 ARPA Ethernet0/0

r4#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.2.1 27 cc0a.0680.0001 ARPA Ethernet0/0
Internet 10.1.1.1 5 cc0a.0680.0001 ARPA Ethernet0/0
Internet 10.1.2.2 - cc0b.0680.0000 ARPA Ethernet0/0



8. 查看r3上的Mac地址

r3#show int e0/0
Ethernet0/0 is up, line protocol is up
Hardware is AmdP2, address is cc0a.0680.0000 (bia cc0a.0680.0000)
Internet address is 10.1.1.3/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:03, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
1356 packets input, 88347 bytes, 0 no buffer
Received 1264 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
425 packets output, 61447 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
r3#
*Mar 1 00:56:07.363: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on Ethernet0/0 (not full duplex), with sw1 FastEthernet0/2 (full duplex).
r3#
就会发现代理ARP会使r3的Mac地址也成为r4的,然后回复r1 r4的Mac为cc0a.0680.0000。
评论 推荐 打印 编辑 】 【 关闭
『相关链接』
【郑重声明】【上海IT外包服务网】 刊载此文不代表同意其说法或描述,仅为提供更多信息,也不构成任何投资或其他建议。转载需经作者本人同意并注明出处。本网站有部分文章是由网友自由上传。对于此类文章本站仅提供交流平台,不为其版权负责。如果您发现本网站上有侵犯您的知识产权的文章,请发信至 或直接电话联系: 021-58878998
请您留言
『发表评论』
匿名发表 会员ID: 密码:
上海蝶应信息科技有限公司
上海市 +0086-21-58878998 11394019
dieying@541help.com +0086-21-58878998HappyFreeAngel@hotmail.com
Copyright@2012 IT-WAIBAO.COM Inc.沪ICP备05039378号 版权所有2005-2012管理员登陆