Cisco - Tests avec le wildcard mask
Alasta 4 Décembre 2017 cisco cisco ccnp route eigrp acl cli
Description : Voyons l'utilisation du wildcard mask.
Introduction :
Démontrer l'utilisation du wildcard mask au travers de 2 exemples :
- La commande network de l'IGP EIGRP
- L'ACL
Topologie pour le test :
Configuration :
R1 :
1 interface Loopback0
2 ip address 1.1.1.1 255.255.255.255
3 !
4 interface Loopback1
5 ip address 10.1.0.1 255.255.255.255
6 !
7 interface Loopback2
8 ip address 10.2.0.1 255.255.255.255
9 !
10 interface Loopback3
11 ip address 10.3.0.1 255.255.255.255
12 !
13 interface Loopback4
14 ip address 10.4.0.1 255.255.255.255
15 !
16 interface Loopback5
17 ip address 10.5.0.1 255.255.255.255
18 !
19 interface Loopback6
20 ip address 10.6.0.1 255.255.255.255
21 !
22 interface Loopback7
23 ip address 10.7.0.1 255.255.255.255
24 !
25 interface Loopback8
26 ip address 10.8.0.1 255.255.255.255
27 !
28 interface Loopback9
29 ip address 10.9.0.1 255.255.255.255
30 !
31 interface FastEthernet0/0
32 description To_R2
33 ip address 12.12.12.1 255.255.255.0
34 duplex auto
35 speed auto
36 !
37 !
38 interface FastEthernet0/0
39 description To_R2
40 ip address 12.12.12.1 255.255.255.0
41 duplex auto
42 speed auto
43 !
44 interface FastEthernet0/1
45 description To_R3
46 ip address 13.13.13.1 255.255.255.0
47 duplex auto
48 speed auto
49 !
50 router eigrp 100
51 redistribute connected route-map FILTER_CONNECTED_REDISTRIBUTE
52 network 10.0.0.0 0.1.255.255
53 network 10.4.0.0 0.1.255.255
54 network 12.12.12.0 0.0.0.255
55 network 13.13.13.0 0.0.0.255
56 no auto-summary
57 eigrp router-id 1.1.1.1
58 !
59 !
60 !
61 ip access-list standard FILTER_CONNECTED
62 permit 10.6.0.0 0.1.0.1
63 deny any
64 !
65 no cdp log mismatch duplex
66 !
67 route-map FILTER_CONNECTED_REDISTRIBUTE permit 10
68 match ip address FILTER_CONNECTED
69 !
R2 :
1 interface Loopback0
2 ip address 2.2.2.2 255.255.255.255
3 !
4 interface FastEthernet0/0
5 description To_R1
6 ip address 12.12.12.2 255.255.255.0
7 duplex auto
8 speed auto
9 !
10 interface FastEthernet0/1
11 no ip address
12 shutdown
13 duplex auto
14 speed auto
15 !
16 router eigrp 100
17 network 2.2.2.2 0.0.0.0
18 network 12.12.12.0 0.0.0.255
19 no auto-summary
20 eigrp router-id 2.2.2.2
21 !
R3 :
1 interface Loopback0
2 ip address 3.3.3.3 255.255.255.255
3 !
4 interface FastEthernet0/0
5 no ip address
6 shutdown
7 duplex auto
8 speed auto
9 !
10 interface FastEthernet0/1
11 description To_R1
12 ip address 13.13.13.3 255.255.255.0
13 duplex auto
14 speed auto
15 !
16 router eigrp 100
17 network 3.3.3.3 0.0.0.0
18 network 13.13.13.3 0.0.0.0
19 no auto-summary
20 eigrp router-id 3.3.3.3
21 !
Tables de routage :
R1 :
1 R1#sh ip route
2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2
6 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
7 ia - IS-IS inter area, * - candidate default, U - per-user static route
8 o - ODR, P - periodic downloaded static route
9
10 Gateway of last resort is not set
11
12 1.0.0.0/32 is subnetted, 1 subnets
13 C 1.1.1.1 is directly connected, Loopback0
14 2.0.0.0/32 is subnetted, 1 subnets
15 D 2.2.2.2 [90/409600] via 12.12.12.2, 00:14:56, FastEthernet0/0
16 3.0.0.0/32 is subnetted, 1 subnets
17 D 3.3.3.3 [90/409600] via 13.13.13.3, 00:16:02, FastEthernet0/1
18 10.0.0.0/32 is subnetted, 9 subnets
19 C 10.9.0.1 is directly connected, Loopback9
20 C 10.8.0.1 is directly connected, Loopback8
21 C 10.3.0.1 is directly connected, Loopback3
22 C 10.2.0.1 is directly connected, Loopback2
23 C 10.1.0.1 is directly connected, Loopback1
24 C 10.7.0.1 is directly connected, Loopback7
25 C 10.6.0.1 is directly connected, Loopback6
26 C 10.5.0.1 is directly connected, Loopback5
27 C 10.4.0.1 is directly connected, Loopback4
28 12.0.0.0/24 is subnetted, 1 subnets
29 C 12.12.12.0 is directly connected, FastEthernet0/0
30 13.0.0.0/24 is subnetted, 1 subnets
31 C 13.13.13.0 is directly connected, FastEthernet0/1
R2 :
1 R2#sh ip route
2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2
6 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
7 ia - IS-IS inter area, * - candidate default, U - per-user static route
8 o - ODR, P - periodic downloaded static route
9
10 Gateway of last resort is not set
11
12 2.0.0.0/32 is subnetted, 1 subnets
13 C 2.2.2.2 is directly connected, Loopback0
14 3.0.0.0/32 is subnetted, 1 subnets
15 D 3.3.3.3 [90/435200] via 12.12.12.1, 00:14:33, FastEthernet0/0
16 10.0.0.0/32 is subnetted, 5 subnets
17 D 10.1.0.1 [90/409600] via 12.12.12.1, 00:14:33, FastEthernet0/0
18 D EX 10.7.0.1 [170/409600] via 12.12.12.1, 00:06:33, FastEthernet0/0
19 D EX 10.6.0.1 [170/409600] via 12.12.12.1, 00:06:33, FastEthernet0/0
20 D 10.5.0.1 [90/409600] via 12.12.12.1, 00:14:33, FastEthernet0/0
21 D 10.4.0.1 [90/409600] via 12.12.12.1, 00:14:35, FastEthernet0/0
22 12.0.0.0/24 is subnetted, 1 subnets
23 C 12.12.12.0 is directly connected, FastEthernet0/0
24 13.0.0.0/24 is subnetted, 1 subnets
25 D 13.13.13.0 [90/307200] via 12.12.12.1, 00:14:35, FastEthernet0/0
R3
1 R3#sh ip route
2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
3 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
4 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
5 E1 - OSPF external type 1, E2 - OSPF external type 2
6 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
7 ia - IS-IS inter area, * - candidate default, U - per-user static route
8 o - ODR, P - periodic downloaded static route
9
10 Gateway of last resort is not set
11
12 2.0.0.0/32 is subnetted, 1 subnets
13 D 2.2.2.2 [90/435200] via 13.13.13.1, 00:14:42, FastEthernet0/1
14 3.0.0.0/32 is subnetted, 1 subnets
15 C 3.3.3.3 is directly connected, Loopback0
16 10.0.0.0/32 is subnetted, 5 subnets
17 D 10.1.0.1 [90/409600] via 13.13.13.1, 00:15:25, FastEthernet0/1
18 D EX 10.7.0.1 [170/409600] via 13.13.13.1, 00:06:48, FastEthernet0/1
19 D EX 10.6.0.1 [170/409600] via 13.13.13.1, 00:06:48, FastEthernet0/1
20 D 10.5.0.1 [90/409600] via 13.13.13.1, 00:15:28, FastEthernet0/1
21 D 10.4.0.1 [90/409600] via 13.13.13.1, 00:15:28, FastEthernet0/1
22 12.0.0.0/24 is subnetted, 1 subnets
23 D 12.12.12.0 [90/307200] via 13.13.13.1, 00:15:28, FastEthernet0/1
24 13.0.0.0/24 is subnetted, 1 subnets
25 C 13.13.13.0 is directly connected, FastEthernet0/1
Conclusion et Explications :
La configuration spécifique est faite sur R1.
Sur R1 :
l0 : 3.3.3.3/23 <— annoncé via la cmd network
l1 : 10.1.0.1/32 <— annoncé via la cmd network
l2 : 10.2.0.1/32
l3 : 10.3.0.1/32
l4 : 10.4.0.1/32 <— annoncé via la cmd network
l5 : 10.5.0.1/32 <— annoncé via la cmd network
l6 : 10.6.0.1/32 <— annoncé via la redistribution avec filtrage
l7 : 10.7.0.1/32 <— annoncé via la redistribution avec filtrage
l8 : 10.8.0.1/32
l9 : 10.9.0.1/32
network 10.0.0.0 0.1.255.255 : va faire participer à EIGRP les interfaces ayant pour @ 10.0.X.X et 10.1.X.X, ici on n’a que 10.1.0.1, le wildcard mask non contigu (0.1.0.1) ne fonctionne pas avec la cmd network. network 10.4.0.0 0.1.255.255 : va faire participer à EIGRP les interface avec @ 10.4.X.X et 10.5.X.X
Pour éviter de rentrer autant de cmd network que de réseau Loopback on a joué avec le wildcard, du fait de l’impossibilité de mettre un mask non contigu, on a été très ouvert sur les 2 derniers octets donc attention au plan d’adressage.
Autre point, redistribution des @ 10.7.0.1 et 10.8.0.1, via ACL/route-map et redistribution, là le wildcard mask non contigu a fonctionné !.
Seule petit bémol, avec la redistribution l’AD est de 170 eu lieu de 90.