DynagenでCCIEを目指す
20100506 IS-IS 複数デフォルトゲートウェイ
最終更新:
it_certification
-
view
目的
- IS-IS Level 1 routerから見て、level 2への出口が複数ある場合を考察します。
構成
- 設定概要
- IS-ISによってルーティングします。
- R1はlevel 1とします。それ以外はlevel 1-2とします。
- 構成図
- netファイル
#ghostios = True #sparsemem = True model = 3620 [localhost] [[3620]] image = C:\Program Files\Dynamips\images\c3620-j1s3-mz.123-18.bin ram = 128 [[ROUTER R1]] f0/0 = R2 f0/0 f1/0 = R3 f0/0 model = 3620 [[ROUTER R2]] f1/0 = R4 f0/0 model = 3620 [[ROUTER R3]] f1/0 = R5 f0/0 model = 3620 [[ROUTER R4]] model = 3620 [[ROUTER R5]] model = 3620
- 初期設定 R1
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.21.1 255.255.255.0 ip router isis duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.31.1 255.255.255.0 ip router isis duplex auto speed auto ! router isis net 01.0000.0000.0001.00 is-type level-1 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R2
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.21.2 255.255.255.0 ip router isis duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.22.2 255.255.255.0 ip router isis duplex auto speed auto ! router isis net 01.0000.0000.0002.00 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R3
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.31.3 255.255.255.0 ip router isis duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.32.3 255.255.255.0 ip router isis duplex auto speed auto ! router isis net 01.0000.0000.0003.00 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R4
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.23.4 255.255.255.0 ip router isis ! interface FastEthernet0/0 ip address 192.168.22.4 255.255.255.0 ip router isis duplex auto speed auto ! router isis net 02.0000.0000.0004.00 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R5
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R5 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.33.5 255.255.255.0 ip router isis ! interface FastEthernet0/0 ip address 192.168.32.5 255.255.255.0 ip router isis duplex auto speed auto ! router isis net 03.0000.0000.0005.00 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
検証1 初期設定の確認
- ISIS databaseの確認
R1のISIS databaseを確認します。ATT(attached) bitが成立しているのは、R2, R3です。ATTはareaの出口である事を表します(OSPFのABRのようなものです)。
R1#show isis database IS-IS Level-1 Link State Database: LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL R1.00-00 * 0x00000006 0x6034 925 0/0/0 R2.00-00 0x00000003 0x5DD9 1012 1/0/0 R2.01-00 0x00000001 0x7ED2 824 0/0/0 R3.00-00 0x00000003 0xED27 1165 1/0/0 R3.01-00 0x00000001 0x84CA 926 0/0/0 R1#
- ルーティングテーブルの確認
ATT bitが成立しているR1, R2がデフォルトゲートウェイになっています。
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.21.2 to network 0.0.0.0
C 192.168.31.0/24 is directly connected, FastEthernet1/0
C 192.168.21.0/24 is directly connected, FastEthernet0/0
i L1 192.168.22.0/24 [115/20] via 192.168.21.2, FastEthernet0/0
i L1 192.168.32.0/24 [115/20] via 192.168.31.3, FastEthernet1/0
i*L1 0.0.0.0/0 [115/10] via 192.168.21.2, FastEthernet0/0 <- R2宛てのゲートウェイ
[115/10] via 192.168.31.3, FastEthernet1/0 <- R3宛てのゲートウェイ
R1#
- 疎通確認
R4 Loopback 0とR5 Loopback 0へは疎通不可能です。デフォルトゲートウェイが2つあるため、意図しない負荷分散が起きてしまうからです。(R5への疎通が成功しているのは偶然です。どのように負荷分散するかは制御できません。)
R1#ping 192.168.23.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.4, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R1#traceroute 192.168.23.4
Type escape sequence to abort.
Tracing the route to 192.168.23.4
1 192.168.21.2 20 msec
192.168.31.3 52 msec
192.168.21.2 40 msec
2 192.168.31.3 !H
192.168.22.4 92 msec
192.168.31.3 !H
R1#
R1#ping 192.168.33.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.33.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/54/112 ms
R1#
R1#
R1#traceroute 192.168.33.5
Type escape sequence to abort.
Tracing the route to 192.168.33.5
1 192.168.21.2 40 msec
192.168.31.3 40 msec
192.168.21.2 40 msec
2 192.168.32.5 100 msec
192.168.21.2 !H
192.168.32.5 52 msec
R1#
検証2 level 2 から level 1 への再配送
- 再配送の設定
検証1で生じた問題を解消するための方法のひとつとして、level 2 をlevel 1に再配送する方法があります。R2, R3に以下のような再配送を定義します。
R2(config)#router isis R2(config-router)#redistribute isis ip level-2 into level-1 distribute-list 100 R2(config-router)#exit R2(config)#ip access-list extended 100 R2(config-ext-nacl)#10 permit ip 192.168.23.0 0.0.0.255 any R3(config)#router isis R3(config-router)#redistribute isis ip level-2 into level-1 distribute-list 100 R3(config-router)#exit R3(config)#ip access-list extended 100 R3(config-ext-nacl)#10 permit ip 192.168.33.0 0.0.0.255 any
- ルーティングテーブルの確認
R1のルーティングテーブルを確認します。R4 Loopback 0とR5 Loopback 0へのルートがia(IS-IS inter area)として載っている事が確認できます。
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.21.2 to network 0.0.0.0
C 192.168.31.0/24 is directly connected, FastEthernet1/0
C 192.168.21.0/24 is directly connected, FastEthernet0/0
i ia 192.168.23.0/24 [115/158] via 192.168.21.2, FastEthernet0/0 <- R4 Loopback 0へ
i L1 192.168.22.0/24 [115/20] via 192.168.21.2, FastEthernet0/0
i L1 192.168.32.0/24 [115/20] via 192.168.31.3, FastEthernet1/0
i ia 192.168.33.0/24 [115/158] via 192.168.31.3, FastEthernet1/0 <- R5 Loopback 0へ
i*L1 0.0.0.0/0 [115/10] via 192.168.21.2, FastEthernet0/0
[115/10] via 192.168.31.3, FastEthernet1/0
R1#
添付ファイル
