Texnalogiyalarini rivojlantirish vazirligi toshkent axborot texnalogiyalar unversiteti qarshi filiali
BGP va IS-IS marshrutlash protokollari uchun autentifikatsiya
Yüklə 271,9 Kb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Quyidagi misollarda
|
BGP va IS-IS marshrutlash protokollari uchun autentifikatsiya
kalitini sozlash BGP protokol asosida qurilgan tarmoq topologiyasi QARSHI-2022 BGP protokol bo`yicha qurilgan tarmoq uchun ishni bajarish tartibi Kompyuterlarga ko‘rsatilgan topologiya bo‘yicha IP manzillarni kiriting. a) R1 marshrutizatorning konfiguratsiyasini sozlaymiz. R1(config)#router bgp 65100 R1(config-router)#bgp router-id 1.1.1.1 R1(config-router)#neighbor 172.16.0.2 remote-as 65200 R1(config-router)#neighbor 172.16.13.2 remote-as 65300 R1(config-router)#network 192.168.1.0 mask 255.255.255.0 R1(config-router)#exit b) R1 marshrutizatorning konfiguratsiyasini sozlaymiz R2(config)#router bgp 65200 R2(config-router)#bgp router-id 2.2.2.2 R2(config-router)#neighbor 172.16.0.1 remote-as 65100 R2(config-router)#neighbor 172.16.23.2 remote-as 65300 R2(config-router)#network 192.168.2.0 mask 255.255.255.0 R2(config-router)#exit s) R1 marshrutizatorning konfiguratsiyasini sozlaymiz R3(config)#router bgp 65300 QARSHI-2022 R3(config-router)#bgp router-id 3.3.3.3 R3(config-router)#neighbor 172.16.13.1 remote-as 65100 R3(config-router)#neighbor 172.16.23.1 remote-as 65200 R3(config-router)#network 192.168.3.0 mask 255.255.255.0 R3(config-router)#exit Quyidagi misollarda biz BGP ni tashqi shlyuz protokoli (EGP) va IS-IS ni ichki shlyuz protokoli (IGP) sifatida sozlaymiz. Agar siz OSPF dan foydalansangiz, uni ko'rsatilgan IS-IS konfiguratsiyasiga o'xshash tarzda sozlash mumkin. 3. BGP ni sozlash Ushbu misol, shuningdek, marshrutlash protokollariga qarshi hujumlarning yaxshi ko'rsatkichi bo'lishi mumkin bo'lgan marshrutlash protokoli hodisalari va xatolar uchun bir qator kuzatuv variantlarini sozlaydi. Ushbu hodisalar tajovuzkorga ishora qilishi mumkin bo'lgan protokolni autentifikatsiya qilishda xatoliklarni o'z ichiga oladi. Buzg'unchi ma'lum bir xatti-harakatni yuzaga keltirish uchun marshrutizatorga soxta yoki boshqa noto'g'ri tuzilgan marshrutlash paketlarini yuborishi mumkin. [edit] protocols { bgp { group ibgp { type internal; traceoptions { file bgp- trace size 1m files 10; flag state; flag general; } local-address 10.10.5.1; log-updown; neighbor 10.2.1.1; authentication-key "$9$aH1j8gqQ1gjyjgjhgjgiiiii"; } group ebgp { type external; traceoptions { file ebgp-trace size 10m files 10; flag state; QARSHI-2022 flag general; } local-address 10.10.5.1; log-updown; peer-as 2; neighbor 10.2.1.2; authentication-key "$9$aH1j8gqQ1gjyjgjhgjgiiiii"; } } } Yüklə 271,9 Kb. Dostları ilə paylaş:
|