计算机网络 第一次实验
第一次实验 IP组网
第一个小实验 linux下常用网络指令
ip address命令的结果
1
2
3
4
5
6
7
8
9
10
11
121: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:ac:2e:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.226.129/24 brd 192.168.226.255 scope global dynamic noprefixroute ens33
valid_lft 1417sec preferred_lft 1417sec
inet6 fe80::ba7:70e3:22ed:d2cf/64 scope link noprefixroute
valid_lft forever preferred_lft forever图中的信息告诉我们,该虚拟机有两个接口,分别是环回(lo)和网络。环回接口是计算机内部使用的一个虚拟接口,它的数据包始终不会离开主机,经常用于测试。网络接口中,ens33是网卡的名称。实际上,在接口名称后面<>包裹的文字里已经注明了接口的作用和状态。环回、广播和多播很容易看出,而UP代表着“网络接口已启用”,LOWER_UP则代表着“网络电缆已插入,设备已连接至网络”。
其后的参数中,mtu表示最大传输单位,qdisc表示数据包排队方式,state是网络接口状态,group是接口组设置,qlen代表了传输队列长度。
接下来的link/ether后面指明了以太网的硬件地址:00:0c:29:ac:2e:54,紧随其后的是广播地址。
接下来inet和inet6部分。inet代表了ipv4地址,而inet6代表ipv6地址。由此我们可以看出,本机的ipv4地址为:192.168.226.129,ipv6地址为:fe80::ba7:70e3:22ed:d2cf。scope global/link分别代表全局/仅本设备有效。noprefixroute则表示无前缀路由。valid_lft 与preferred_lft分别代表地址的有效使用期限和首选生存期。
对于ip地址的”/“后的数字,代表了其子网掩码用二进制表示时为“1”的位数(由高到低),如192.168.226.129/24就代表了子网掩码为255.255.255.0。
在windows cmd中输入ipconfig得到VMnet8的网络地址:192.168.226.1
同时在虚拟机中先执行ip neigh flush all命令后ip neigh的执行结果如下:1
192.168.226.2 dev ens33 lladdr 00:50:56:ec:af:bf REACHABLE
ip neigh用于显示arp缓存表单,用于将ip地址转换为MAC地址。我们看到有一条表项,这里的REACHABLE代表该表项目前仍有效,与此对应的还有STALE(表项过期)等。下面对192.168.226.1 ping 4次以后,得到的输出结果如下:
1
2
3
4
5
6
7
8
9PPING 192.168.226.1 (192.168.226.1) 56(84) bytes of data.
64 bytes from 192.168.226.1: icmp_seq=1 ttl=128 time=0.330 ms
64 bytes from 192.168.226.1: icmp_seq=2 ttl=128 time=0.514 ms
64 bytes from 192.168.226.1: icmp_seq=3 ttl=128 time=0.543 ms
64 bytes from 192.168.226.1: icmp_seq=4 ttl=128 time=0.549 ms
--- 192.168.226.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3081ms
rtt min/avg/max/mdev = 0.330/0.484/0.549/0.089 ms4次都ping成功了。
再次查看
ip neigh的结果:1
2192.168.226.2 dev ens33 lladdr 00:50:56:ec:af:bf REACHABLE
192.168.226.1 dev ens33 lladdr 00:50:56:c0:00:08 REACHABLE可以看到输出结果增加了我们ping的ip地址,由此我们得到了对方机器的MAC地址:00:50:56:c0:00:08。
用
ip route命令查看本机的IPV4路由表如下:1
2
3default via 192.168.226.2 dev ens33 proto dhcp metric 100
169.254.0.0/16 dev ens33 scope link metric 1000
192.168.226.0/24 dev ens33 proto kernel scope link src 192.168.226.129 metric 100路由表中有三条,第一条很明显表明了默认网关是192.168.226.2,并采用DHCP协议动态分配IP。metric指出了该路由的跃点,即由源发往目的所经过的路由器数。
第三条是我们自己所在的网络,这里我们可以看出子网掩码为255.255.255.0,与前面
ip address命令所得一致。这里的src代表源IP地址,即通过这条路由发包时外界所看到的ip地址,这也与前面ip address命令中得到的主机ipv4地址一致。对于第二条,CSDN上的描述是,当DHCP协议失败时,主机将自动在169.254.x.x中选择一个地址分配,使得连接能继续下去。所以我个人认为,它应该是一条备用路由。
sysctl net.ipv4.ip_forward命令输出结果如下:1
net.ipv4.ip_forward = 0
对此的解释在思考题1中。
sudo traceroute --icmp 202.38.64.1命令输出结果如下:1
2
3
4
5
6
7traceroute to 202.38.64.1 (202.38.64.1), 30 hops max, 60 byte packets
1 _gateway (192.168.226.2) 0.719 ms 0.672 ms 0.654 ms
2 192.168.133.254 (192.168.133.254) 3.684 ms 3.791 ms 4.200 ms
3 172.16.0.1 (172.16.0.1) 1.498 ms 1.696 ms 1.676 ms
4 202.38.88.94 (202.38.88.94) 1.074 ms 1.016 ms 1.294 ms
5 202.38.96.60 (202.38.96.60) 1.147 ms 1.211 ms 1.357 ms
6 ns.ustc.edu.cn (202.38.64.1) 0.645 ms 0.751 ms 0.587 ms可以看到,发送的3个包都成功到达,包括网关在内,一共经过了5个路由器。
第二个小实验 Cisco路由器IP组网模拟
按照实验要求搭建网络如下:
其中,各计算机配置的默认网关均为对应连接的路由器接口的ip地址,如PC2的网关配置为192.168.2.1(Router1与Switch1连接的接口的地址)。
静态ip路由:
经过对配置参考的分析,目的网络应该配置需要经过路由器才能到达的网络,而网关则应该配置与本路由器相连的那个路由器对应接口的ip地址。
各路由器的静态路由配置命令如下:
Router0
1
2ip route 192.168.2.0 255.255.255.0 192.168.10.2
ip route 192.168.3.0 255.255.255.0 192.168.10.2Router1
1
2ip route 192.168.1.0 255.255.255.0 192.168.10.1
ip route 192.168.3.0 255.255.255.0 192.168.11.1Router2
1
2ip route 192.168.1.0 255.255.255.0 192.168.11.2
ip route 192.168.2.0 255.255.255.0 192.168.11.2所生成的路由表如下
Router0
1
2
3
4
5
6
7
8192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/1
S 192.168.2.0/24 [1/0] via 192.168.10.2
S 192.168.3.0/24 [1/0] via 192.168.10.2
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0
L 192.168.10.1/32 is directly connected, GigabitEthernet0/0Router1
1
2
3
4
5
6
7
8
9
10
11S 192.168.1.0/24 [1/0] via 192.168.10.1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, GigabitEthernet0/1
L 192.168.2.1/32 is directly connected, GigabitEthernet0/1
S 192.168.3.0/24 [1/0] via 192.168.11.1
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0
L 192.168.10.2/32 is directly connected, GigabitEthernet0/0
192.168.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.11.0/24 is directly connected, GigabitEthernet0/2
L 192.168.11.2/32 is directly connected, GigabitEthernet0/2Router2
1
2
3
4
5
6
7
8S 192.168.1.0/24 [1/0] via 192.168.11.2
S 192.168.2.0/24 [1/0] via 192.168.11.2
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.3.0/24 is directly connected, GigabitEthernet0/1
L 192.168.3.1/32 is directly connected, GigabitEthernet0/1
192.168.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.11.0/24 is directly connected, GigabitEthernet0/2
L 192.168.11.1/32 is directly connected, GigabitEthernet0/2从表中我们可以看到,前缀含“S”的即为我们配置的静态路由(Static)。
PC0 Ping PC4的输出内容:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28C:\>ping 192.168.3.100
Pinging 192.168.3.100 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Ping statistics for 192.168.3.100:
Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
第二次ping
C:\>ping 192.168.3.100
Pinging 192.168.3.100 with 32 bytes of data:
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Ping statistics for 192.168.3.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0msPC0 Ping PC3的输出内容:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27C:\>ping 192.168.2.101
Pinging 192.168.2.101 with 32 bytes of data:
Request timed out.
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Ping statistics for 192.168.2.101:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping 192.168.2.101
Pinging 192.168.2.101 with 32 bytes of data:
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time=4ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Ping statistics for 192.168.2.101:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 4ms, Average = 1ms可以发现,一开始的时候ping不通,但是ping通以后就不会再出现超时的情况。并且经过的路由器越多,ping不通的次数就越多。
动态ip路由
根据配置参考所知,只需要把与路由器直连的子网放入RIP信息库即可,如对于Router0,就只用放入192.168.1.0和192.168.10.0
各路由器的动态路由配置命令如下:
Router0
1
2
3router rip
network 192.168.1.0
network 192.168.10.0Router1
1
2
3
4router rip
network 192.168.2.0
network 192.168.10.0
network 192.168.11.0Router2
1
2
3router rip
network 192.168.3.0
network 192.168.11.0所生成的路由表如下:
Router0
1
2
3
4
5
6
7
8
9192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/1
R 192.168.2.0/24 [120/1] via 192.168.10.2, 00:00:14, GigabitEthernet0/0
R 192.168.3.0/24 [120/2] via 192.168.10.2, 00:00:14, GigabitEthernet0/0
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0
L 192.168.10.1/32 is directly connected, GigabitEthernet0/0
R 192.168.11.0/24 [120/1] via 192.168.10.2, 00:00:14, GigabitEthernet0/0Router1
1
2
3
4
5
6
7
8
9
10
11R 192.168.1.0/24 [120/1] via 192.168.10.1, 00:00:08, GigabitEthernet0/0
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, GigabitEthernet0/1
L 192.168.2.1/32 is directly connected, GigabitEthernet0/1
R 192.168.3.0/24 [120/1] via 192.168.11.1, 00:00:11, GigabitEthernet0/2
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0
L 192.168.10.2/32 is directly connected, GigabitEthernet0/0
192.168.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.11.0/24 is directly connected, GigabitEthernet0/2
L 192.168.11.2/32 is directly connected, GigabitEthernet0/2Router2
1
2
3
4
5
6
7
8
9R 192.168.1.0/24 [120/2] via 192.168.11.2, 00:00:23, GigabitEthernet0/2
R 192.168.2.0/24 [120/1] via 192.168.11.2, 00:00:23, GigabitEthernet0/2
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.3.0/24 is directly connected, GigabitEthernet0/1
L 192.168.3.1/32 is directly connected, GigabitEthernet0/1
R 192.168.10.0/24 [120/1] via 192.168.11.2, 00:00:23, GigabitEthernet0/2
192.168.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.11.0/24 is directly connected, GigabitEthernet0/2
L 192.168.11.1/32 is directly connected, GigabitEthernet0/2由表我们可以看到,前缀为“R”的即为我们配置的动态路由(RIP)
PC0 Ping PC4的输出:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27C:\>ping 192.168.3.100
Pinging 192.168.3.100 with 32 bytes of data:
Request timed out.
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Ping statistics for 192.168.3.100:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping 192.168.3.100
Pinging 192.168.3.100 with 32 bytes of data:
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Reply from 192.168.3.100: bytes=32 time<1ms TTL=125
Ping statistics for 192.168.3.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0msPC0 Ping PC3的输出:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27C:\>ping 192.168.2.101
Pinging 192.168.2.101 with 32 bytes of data:
Request timed out.
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Ping statistics for 192.168.2.101:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping 192.168.2.101
Pinging 192.168.2.101 with 32 bytes of data:
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Reply from 192.168.2.101: bytes=32 time<1ms TTL=126
Ping statistics for 192.168.2.101:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms我们发现,似乎使用动态路由,一开始丢包的情况会有所好转。
结合上网搜集资料和书P359~361页的内容,我们大概可以了解到,Ping的丢包大概是因为主机和路由器都首先需要获得目的机器的MAC地址,因此需要先发送ARP解析来获取MAC地址。当获取到MAC地址后,由于解析时间较长,已经被判定为超时。而每次超时后,主机会延长超时判断的时间,因此最后目的MAC地址可以正常返回,数据得以正常传输。我们大概可以推断,路由器越多,需要经过的ARP解析花费的时间就越多,超时的次数也就越多。利用Packet Tracer的Simulation功能,我们也可以进一步验证这一点。在Simulation中,确实出现了Ping超时的时候,“主机与路由器的通信不止一次”这种现象。
总结
- 思考题1:net.ipv4.ip_forward配置决定了是否允许数据包转发。在前面的实验中,配置结果是0,表示禁止数据包转发。在内网主机与外网主机通信时,由于内网ip不能直接出现在Internet上,当内网向外网发送时,首先会经过网关使用NAT(网络地址转换),然后发给外网主机,外网主机返回的信息也只能发给网关,目的ip地址为网关地址,此时网关所做的将目的地址更改为内网主机ip地址,并发送数据包的过程就叫做数据包转发。只有拥有多个网卡,并且有在不同网卡间交换数据的设备才有设置数据包转发的需要。由以上分析知,在网关上该配置应该为1(允许数据包转发)
- 思考题2:交换机接口可以隔离冲突域,而路由器接口还可以隔离广播域。实验中当我们没有正确设置路由时,我们可以Ping通一个交换机连接的所有设备,甚至包括与交换机连接的路由器的端口,这是因为交换机(网桥)的泛洪算法会使得它在找不到目标地址时会向其除了发送方端口外的所有端口广播信息。然而路由器接口并不会将它收到的广播信息再次广播,它会严格按照路由表工作,这就达到了隔绝广播域的作用。
- 思考题3:总的来说,动态路由的使用方式更加简便,它只关心与本路由器相连的所有子网,相当于将网络划为一个个区域,每个区域之间开一个通道。但是由于没有直接的路径记录,这种路由方式的速度会慢于静态路由。静态路由的配置更加复杂,相当于把网络划分为了一条条道路,但是由于有着直接的ip地址对应,所以路由过程会更快。动态路由适用于网络节点多变、管理员对网络整体架构不清楚、网络规模较大较复杂等场合。若经常在路由器上增减网络,静态路由需要对所有路由器添加路由配置,但动态路由器只需要配置一个路由器即可。同理,如果一个网络有多个管理员,动态路由也可以使他们各司其职,只用专注于自己负责的路由器。而静态路由适用于对网络速度需求较大、结构比较固定、规模较小的场合。
- 我的收获与总结:
- 熟悉了linux环境的使用,以及一些常用的网络指令,以及管道、重定向等功能。
- 对于ip组网过程、各个设备的作用有了更深刻的理解。了解了静态路由配置和动态路由配置的区别。
- 在实验中一开始出现了各主机之间Ping不通的情况,花了很大功夫调整设置都没有成功,最后在CSDN和B站的相关资料中发现了主机默认网关配置丢失,填上默认网关以后网络正常工作。尽管这浪费了几个小时的时间,但是也逼迫我对整个组网过程进行了刨根问底的分析,获得了更加充分的了解。
- 对子网掩码从以往的固有认知(255.255.255.0)扩展到了/24这样的表现方式,以及其二进制表示和十六进制表示。