Lab pertama adalah membahas authentication pada routing RIP.
Lab 1 - RIP Authentication
Taopologi yang digunakan adalah sbb :
Skenario authentikasi sbb :
Link R1 & R2 : MD5 authentication
Link R2 & R3 : clear text authentication
Link R1 & R3 : No authentication
Konfigurasi R1 :
key chain RIP
key 1
key-string CISCO
!
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 13.13.13.1 255.255.255.0
!
interface Serial0/0
ip address 12.12.12.1 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain RIP
!
router rip
version 2
network 0.0.0.0
no auto-summary
Konfifgurasi R2 :
key chain RIP
key 1
key-string CISCO
!
key 1
key-string CISCO
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
ip rip authentication key-chain RIP
!
interface Serial0/0
ip address 12.12.12.2 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain RIP
!
router rip
version 2
network 0.0.0.0
no auto-summary
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
ip rip authentication key-chain RIP
!
interface Serial0/0
ip address 12.12.12.2 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain RIP
!
router rip
version 2
network 0.0.0.0
no auto-summary
Konfigurasi R3:
key chain RIP
key 1
key-string CISCO
!
interface Loopback0key 1
key-string CISCO
!
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 13.13.13.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 23.23.23.3 255.255.255.0
ip rip authentication key-chain RIP
duplex auto
speed auto
!
router rip
version 2
network 0.0.0.0
no auto-summary
Hasil cek pada router R3 setelah 'debug ip rip' diaktifkan :
R3#
*Mar 1 03:16:13.919: RIP: received packet with text authentication CISCO
*Mar 1 03:16:13.919: RIP: received v2 update from 23.23.23.2 on FastEthernet0/1
*Mar 1 03:16:13.923: 1.1.1.1/32 via 0.0.0.0 in 2 hops
*Mar 1 03:16:13.927: 2.2.2.2/32 via 0.0.0.0 in 1 hops
*Mar 1 03:16:13.935: 12.12.12.0/24 via 0.0.0.0 in 1 hops
*Mar 1 03:16:13.919: RIP: received packet with text authentication CISCO
*Mar 1 03:16:13.919: RIP: received v2 update from 23.23.23.2 on FastEthernet0/1
*Mar 1 03:16:13.923: 1.1.1.1/32 via 0.0.0.0 in 2 hops
*Mar 1 03:16:13.927: 2.2.2.2/32 via 0.0.0.0 in 1 hops
*Mar 1 03:16:13.935: 12.12.12.0/24 via 0.0.0.0 in 1 hops
Hasil show ip protocol di R2 dan R3 :
R3#sh ip proto
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 25 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2
FastEthernet0/1 2 2 RIP
Loopback0 2 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
0.0.0.0
Routing Information Sources:
Gateway Distance Last Update
13.13.13.1 120 00:00:02
23.23.23.2 120 00:00:12
Distance: (default is 120)
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 25 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2
FastEthernet0/1 2 2 RIP
Loopback0 2 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
0.0.0.0
Routing Information Sources:
Gateway Distance Last Update
13.13.13.1 120 00:00:02
23.23.23.2 120 00:00:12
Distance: (default is 120)
R2#sh ip proto
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 23 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2 RIP
Serial0/0 2 2 RIP
Loopback0 2 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
0.0.0.0
Routing Information Sources:
Gateway Distance Last Update
12.12.12.1 120 00:00:21
23.23.23.3 120 00:00:20
Distance: (default is 120)
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 23 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2 RIP
Serial0/0 2 2 RIP
Loopback0 2 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
0.0.0.0
Routing Information Sources:
Gateway Distance Last Update
12.12.12.1 120 00:00:21
23.23.23.3 120 00:00:20
Distance: (default is 120)
Hasil ip route dan ping dari R1 ke IP Loopback R2 dan R3 :
R1#sh ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 12.12.12.2, 00:00:09, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 13.13.13.3, 00:00:06, FastEthernet0/0
23.0.0.0/24 is subnetted, 1 subnets
R 23.23.23.0 [120/1] via 13.13.13.3, 00:00:06, FastEthernet0/0
[120/1] via 12.12.12.2, 00:00:09, Serial0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial0/0
13.0.0.0/24 is subnetted, 1 subnets
C 13.13.13.0 is directly connected, FastEthernet0/0
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 12.12.12.2, 00:00:09, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 13.13.13.3, 00:00:06, FastEthernet0/0
23.0.0.0/24 is subnetted, 1 subnets
R 23.23.23.0 [120/1] via 13.13.13.3, 00:00:06, FastEthernet0/0
[120/1] via 12.12.12.2, 00:00:09, Serial0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial0/0
13.0.0.0/24 is subnetted, 1 subnets
C 13.13.13.0 is directly connected, FastEthernet0/0
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/10/20 ms
R1#ping 3.3.3.3Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/10/20 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/32/48 ms
Terlihat bahwa ping dari R1 ke R2 dan R3 sudah sukses, berarti authentication ketiga router tersebut sudah sesuai dengan skenario.
Tidak ada komentar:
Posting Komentar