eigrp 实验二（,chap认证，非等开销负载均衡，干涉选路，）_综合

一：实验拓扑及要求

1.R1为ISP，只能配置IP地址
2.R1与R2间为PPP封装，使用chap认证，
R1主认证方
3.R2-R8地址为172.16.0.0/16
4.R4的S1/1口带宽为800k，R4到R2的环回为
非等开销负载均衡
5.保证更新安全，减少条目数量
6.R6到达R8的环回通过R7进行
7.R2–R8均可访问R1的环回
8.R1telnetR2实际登录到R8

二：实验IP地址规划（自行规划）

172.16.0.0/16
172.16.XXX0 0000.0
16.0/19 骨干 0.0/30 4.0/30 …
环回：32.0/19 R2
64.0/19 R3
96.0/19 R4
128.0/19 R5
160.0/19 R6
192.0/19 R7
224.0/19 R8

三：配置思路

地址规划–地址配置–chap–eigrp–改差异值–安全（key chain)–接口汇总–选路备份-- 缺省–重发布—NAT—映射

四：设备配置

R1:
enab
config t

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r1

int lo 0
ip add 1.1.1.1 255.255.255.0
int s4/0
ip add 12.1.1.1 255.255.255.0
no shut

encapsulation ppp
ppp authentication chap

username r2 password cisco

R2:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r2
int s4/0
ip add 12.1.1.2 255.255.255.0
ip nat outside
no shu

encapsulation ppp
int lo 0
ip add 172.16.32.1 255.255.255.224
inter f0/0
ip add 172.16.0.2 255.255.255.252
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
no shu
ip nat inside
inter f0/1
ip add 172.16.12.1 255.255.255.252
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp

no sh
ip nat inside
exit
ip route 0.0.0.0 0.0.0.0 12.1.1.1
access-list 2 permit 172.16.0.0 0.0.255.255
ip nat inside source list 2 interface serial 4/0 overload
ip nat inside source static tcp 172.16.224.1 23 12.1.1.2 23
ip nat inside source static tcp 172.16.224.129 23 12.1.1.2 23
router eigrp 100
no au
net 172.16.32.0
net 172.16.0.0
net 172.16.12.0
variance 2

redistribute static

exit

username r1 password cisco

R3:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r3
int lo 0
ip add 172.16.64.1 255.255.255.240
int lo 1
ip add 172.16.64.129 255.255.255.240
inter f0/0
ip add 172.16.0.1 255.255.255.252
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
no shut
ip summ eigr 100 172.16.64.0 255.255.255.224
inter s4/0
ip add 172.16.4.2 255.255.255.252
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
no shut
ip summ eigr 100 172.16.64.0 255.255.255.224
exit
router eigrp 100
no au
net 172.16.4.0
net 172.16.0.0
net 172.16.64.0
net 172.16.64.128

R4:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r4
int lo 0
ip add 172.16.96.1 255.255.255.240
int lo 1
ip add 172.16.96.129 255.255.255.240

inter s4/0
ip add 172.16.4.1 255.255.255.252
no shut
ip summ eigr 100 172.16.96.0 255.255.255.224
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
inter s4/1
ip add 172.16.8.2 255.255.255.252
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
no shut
band 800
ip summ eigr 100 172.16.96.0 255.255.255.224
exit
router eigrp 100
no au
net 172.16.96.0
net 172.16.4.0
net 172.16.8.0
net 172.16.96.128

R5:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r5
int lo 0
ip add 172.16.128.1 255.255.255.240
int lo 1
ip add 172.16.128.129 255.255.255.240

inter s4/0
ip add 172.16.16.1 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.128.0 255.255.255.224
inter s4/1
ip add 172.16.8.1 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.128.0 255.255.255.224
inter f0/1
ip add 172.16.12.2 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.128.0 255.255.255.224
exit
router eigrp 100
no au
net 172.16.128.0
net 172.16.8.0
net 172.16.12.0
net 172.16.16.0
net 172.16.128.128

R6:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r6
int lo 0
ip add 172.16.160.1 255.255.255.240
int lo 1
ip add 172.16.160.129 255.255.255.240

inter s4/0
ip add 172.16.16.2 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.160.0 255.255.255.224
inter s4/1
ip add 172.16.20.2 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.160.0 255.255.255.224
inter s4/2
ip add 172.16.28.1 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.160.0 255.255.255.224

exit
access-list 1 permit 172.16.224.0
access-list 1 permit 172.16.224.128
router eigrp 100
no au
net 172.16.16.0
net 172.16.160.0
net 172.16.20.0
net 172.16.28.0
net 172.16.160.128
offset-list 1 in 100000000 Serial4/1

R7:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r7
int lo 0
ip add 172.16.192.1 255.255.255.240
int lo 1
ip add 172.16.192.129 255.255.255.240
inter s4/2
ip add 172.16.28.2 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.192.0 255.255.255.224
inter s4/0
ip add 172.16.24.1 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.192.0 255.255.255.224

exit
router eigrp 100
no au
net 172.16.192.0
net 172.16.28.0
net 172.16.24.0
net 172.16.192.128

R8:

enab
config t
key chain ccnp
key 1
key-string cisco

line consol 0
logg sy
exec-time 0 0
exi

no ip domain-lookup

hostname r8
int lo 0
ip add 172.16.224.1 255.255.255.240
int lo 1
ip add 172.16.224.129 255.255.255.240

inter s4/0
ip add 172.16.24.2 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.224.0 255.255.255.224
inter s4/1
ip add 172.16.20.1 255.255.255.252
no shut
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 ccnp
ip summ eigr 100 172.16.224.0 255.255.255.224

exit

username ccnp privilege 15 secret cisco
line vty 0 4
login local
exit
router eigrp 100
no au
net 172.16.24.0
net 172.16.224.0
net 172.16.20.0
net 172.16.224.128