Toshkent Axborot Texnalogiyalari
Universiteti Nurafshon Filliali “Kompyuter
injiniringi” fakulteti 210-21- guruh talabasi
Abdumuminova Gulchehraning tarmoq
xavfsizligi fanidan tayyorlagan
MUSTAQIL ISHI
Ustoz:
Dostonbek Islomov
Talaba:
Abdumuminova Gulchehra
Nurafshon - 2024
Mavzu: RIP protokoli asosida dinamik marshrutlashni sozlash
Routing Information Protocol (RIP)
- masofaviy vektorli marshrutlash protokoli.
Masofa-vektor protokoli bilan ishlaydigan marshrutizatorlar marshrutlash
jadvallarining barchasini yoki bir qismini qo'shnilariga marshrutni yangilash
xabarlarida yuboradilar.
RIP tarmog'ining bir qismi sifatida xostlarni sozlash uchun RIP dan foydalanishingiz
mumkin. Ushbu turdagi marshrutlash ozgina texnik xizmat ko'rsatishni talab qiladi,
shuningdek, tarmog'ingiz o'zgarganda yoki tarmoq aloqasi to'xtatilganda
marshrutlash jadvallarini avtomatik ravishda qayta sozlaydi. RIPv2 IBM® i
mahsulotiga qo'shildi, shuning uchun siz tarmoq bo'ylab marshrutlarni yangilash
uchun RIP paketlarini yuborishingiz va qabul qilishingiz mumkin.
Quyidagi rasmda 10.1.1.x tarmog'iga AS2 orqali ulanishni tavsiflovchi markaziy
tizimga (AS1) statik marshrut qo'shilgan. Bu statik marshrutdir (tarmoq ma'muringiz
tomonidan qo'shilgan), marshrutni qayta taqsimlash "ha" ga o'rnatilgan. Ushbu
sozlama ushbu marshrutni boshqa marshrutizatorlar va tizimlar bilan baham
ko'rishga olib keladi, shunda ular 10.1.1.x uchun trafikka ega bo'lganda, ular trafikni
markaziy IBM i platformangizga (AS1) yo'naltiradi. AS2 marshrutlangan tizimni
ishga tushirdi, shunda u RIP ma'lumotlarini yuboradi va oladi. Ushbu misolda AS1
AS2 ning 10.1.2.x ga to'g'ridan-to'g'ri ulanishi haqida xabar yubormoqda.
Quyidagi jarayon oldingi rasmda trafikning marshrutini tavsiflaydi.
AS1 ushbu RIP paketini AS2 dan oladi va uni qayta ishlaydi. Agar AS1 da 10.1.2.x
ga marshrut bo'lmasa, u ushbu marshrutni saqlaydi. Agar uning 10.1.2.x ga yo'li
bo'lsa, ya'ni bir xil hopslar soni yoki undan kam bo'lsa, u yangi marshrut
ma'lumotlarini o'chirib tashlaydi. Ushbu misolda AS1 marshrut ma'lumotlarini
saqlaydi.
AS1 R1 dan 10.1.5.x ga marshrut ma'lumotlari bilan ma'lumot oladi. AS1 ushbu
marshrut ma'lumotlarini saqlaydi.
AS1 R2 dan 10.1.3.x ga marshrut ma'lumotlari bilan ma'lumot oladi. AS1 ushbu
marshrut ma'lumotlarini saqlaydi.
Keyingi safar AS1 RIP xabarlarini yuborganda, u AS1 biladigan, R1 bilmagan
bo'lishi mumkin bo'lgan barcha ulanishlarni tavsiflovchi ma'lumotni R1 ga yuboradi.
AS1 10.1.1.x, 10.1.2.x va 10.1.3.x haqida marshrut ma'lumotlarini yuboradi. AS1
10.1.4.x haqida ma'lumotni R1 ga yubormaydi, chunki AS1 R1 ning 10.1.4.x ga
ulanganligini va marshrutga muhtoj emasligini biladi. Shunga o'xshash ma'lumotlar
R2 va AS3 ga yuboriladi.
Mavzuga mos amaliy ish
1.
2.
3.
4.
5.
6.
Located 'asa961-lfbff-k8.SPA' @ cluster 11.
########################################################################
LFBFF signature verified.
INIT: version 2.88 booting
Starting udev
Configuring network interfaces... done.
Populating dev cache
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
There are differences between boot sector and its backup.
Differences: (offset:original/backup)
65:01/00
Not automatically fixing this.
Starting check/repair pass.
Starting verification pass.
/dev/sdb1: 110 files, 814352/1798211 clusters
dosfsck(/dev/sdb1) returned 0
IO Memory Nodes: 1
IO Memory Per Node: 205520896 bytes
Global Reserve Memory Per Node: 314572800 bytes Nodes=1
LCMB: got 205520896 bytes on numa-id=0, phys=0x10dc00000, virt=0x2aaaab000000
LCMB: HEAP-CACHE POOL got 314572800 bytes on numa-id=0, virt=0x7fea63e00000
Processor memory: 1502519902
Compiled on Fri 18-Mar-16 14:04 PDT by builders
Total NICs found: 13
i354 rev03 Gigabit Ethernet @ irq255 dev 20 index 08 MAC: 000A.F3EC.4501
ivshmem rev03 Backplane Data Interface @ index 09 MAC: 0000.0001.0002
en_vtun rev00 Backplane Control Interface @ index 10 MAC: 0000.0001.0001
en_vtun rev00 Backplane Int-Mgmt Interface @ index 11 MAC: 0000.0001.0003
en_vtun rev00 Backplane Ext-Mgmt Interface @ index 12 MAC: 0000.0000.0000
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0x87BD3754 0x0BB7B96B 0x1E70CC23 0x24210060 0xAD676079
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
Maximum VLANs : 30 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 50 perpetual
Total VPN Peers : 50 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total UC Proxy Sessions : 160 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA 5506 Security Plus license.
Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Cisco Adaptive Security Appliance Software Version 9.6(1)
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.
A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************
Cisco Adaptive Security Appliance Software, version 9.6
Copyright (c) 1996-2016 by Cisco Systems, Inc.
For licenses and notices for open source software used in this product, please visit
http://www.cisco.com/go/asa-opensource
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Reading from flash...
!.
Cryptochecksum (unchanged): 678b579a 1bae445f 16707afc 3f8e53e7
INFO: Power-On Self-Test in process.
.......................................................................
INFO: Power-On Self-Test complete.
INFO: Starting HW-DRBG health test...
INFO: HW-DRBG health test passed.
INFO: Starting SW-DRBG health test...
INFO: SW-DRBG health test passed.
Type help or '?' for a list of available commands.
ciscoasa>en
ciscoasa>enable
Password:
ciscoasa#conf t
ciscoasa#conf terminal
ciscoasa(config)#int gig1/1
ciscoasa(config-if)#ip add
ciscoasa(config-if)#ip address 192.168.1.1 255.255.255.0
ciscoasa(config-if)#name i
ciscoasa(config-if)#namei
ciscoasa(config-if)#nameif INSIDE
INFO: Security level for "INSIDE" set to 0 by default.
ciscoasa(config-if)#sec
ciscoasa(config-if)#security-level 100
ciscoasa(config-if)#exit
ciscoasa(config)#
ciscoasa(config)#
ciscoasa(config)#
ciscoasa(config)#dhc
ciscoasa(config)#dhcpd
% Incomplete command.
ciscoasa(config)#dhc
ciscoasa(config)#dhcpd ?
configure mode commands/options:
address Configure the IP pool address range after this keyword
auto_config Enable auto configuration from client
dns Configure the IP addresses of the DNS servers after this keyword
domain Configure DNS domain name after this keyword
enable Enable the DHCP server
lease Configure the DHCPD lease length after this keyword
option Configure options to pass to DHCP clients after this keyword
ciscoasa(config)#dhcpd add
ciscoasa(config)#dhcpd address 192.168.1.10-192.168.1.100
% Incomplete command.
ciscoasa(config)#
ciscoasa(config)#
ciscoasa#
%SYS-5-CONFIG_I: Configured from console by console
ciscoasa#
ciscoasa#conf t
ciscoasa#conf terminal
ciscoasa(config)#dhc
ciscoasa(config)#dhcpd address 192.168.1.10-192.168.1.100 in
ciscoasa(config)#dhcpd address 192.168.1.10-192.168.1.100 inSIDE
ciscoasa(config)#dhc
ciscoasa(config)#dhcpd dn
ciscoasa(config)#dhcpd dns 192.168.1.1
ciscoasa(config)#
ciscoasa(config)#dhc
ciscoasa(config)#dhcpd e
ciscoasa(config)#dhcpd enable in
ciscoasa(config)#dhcpd enable inSIDE
ciscoasa(config)#ex
ciscoasa(config)#exit
ciscoasa#
ciscoasa#wr me
ciscoasa#wr memory
Building configuration...
Cryptochecksum: 678b579a 1bae445f 16707afc 3f8e53e7
1223 bytes copied in 2.282 secs (535 bytes/sec)
[OK]
ciscoasa#conf t
ciscoasa#conf terminal
ciscoasa(config)#int gig1/1
ciscoasa(config-if)#no shut
ciscoasa(config-if)#ex
ciscoasa(config-if)#exit
ciscoasa(config)#
ciscoasa(config)#wr me
ciscoasa(config)#wr me
ciscoasa(config)#wr me
ciscoasa(config)#wr me
Building configuration...
Cryptochecksum: 678b579a 1bae445f 16707afc 3f8e53e7
1214 bytes copied in 1.624 secs (747 bytes/sec)
[OK]
| 