Lab - Hot Standby Router Protocol

Topology

Objective

Configure inter-VLAN routing with HSRP to provide redundant, fault-tolerant routing to the internal network.

Background

Hot Standby Router Protocol (HSRP) is a Cisco-proprietary redundancy protocol for establishing a fault-tolerant default gateway. It is described in RFC 2281. HSRP provides a transparent failover mechanism to the end stations on the network. This provides users at the access layer with uninterrupted service to the network if the primary gateway becomes inaccessible. The Virtual Router Redundancy Protocol (VRRP) is a standards-based alternative to HSRP and is defined in RFC 3768. The two technologies are similar but not compatible. This lab focuses on HSRP.

Step 1: Prepare the switches for the lab.

Erase the startup config, delete the vlan.dat file, and reload the switches.

Step 2: Configure the host IP settings.

Configure each host with the IP address, subnet mask, and default gateway shown in the topology.

Step 3: Configure basic switch parameters.

1. Configure management IP addresses in VLAN 1, and the hostname, password, and Telnet access on all four switches.

Switch(config)# hostname ALS1
ALS1(config)# enable secret cisco
ALS1(config)# line vty 0 15
ALS1(config-line)# password cisco
ALS1(config-line)# login
ALS1(config-line)# exit
ALS1(config)# interface vlan 1
ALS1(config-if)# ip address 172.16.1.101 255.255.255.0
ALS1(config-if)# no shutdown
Switch(config)# hostname ALS2
ALS2(config)# enable secret cisco
ALS2(config)# line vty 0 15
ALS2(config-line)# password cisco
ALS2(config-line)# login
ALS2(config-line)# exit
ALS2(config)# interface vlan 1
ALS2(config-if)# ip address 172.16.1.102 255.255.255.0
ALS2(config-if)# no shutdown
Switch(config)# hostname DLS1
DLS1(config)# enable secret cisco
DLS1(config)# line vty 0 15
DLS1(config-line)# password cisco
DLS1(config-line)# login
DLS1(config-line)# exit
DLS1(config)# interface vlan 1
DLS1(config-if)# ip address 172.16.1.3 255.255.255.0
DLS1(config-if)# no shutdown
Switch(config)# hostname DLS2
DLS2(config)# enable secret cisco
DLS2(config)# line vty 0 15
DLS2(config-line)# password ciscoDLS2(config-line)# loginDLS2(config-line)# exitDLS2(config)# interface vlan 1DLS2(config-if)# ip address 172.16.1.4 255.255.255.0DLS2(config-if)# no shutdow

2. Configure default gateways on the access layer switches ALS1 and ALS2. The distribution layer switches will not use a default gateway because they act as Layer 3 devices. The access layer switches act as Layer 2 devices and need a default gateway to send management VLAN traffic off of the local subnet for the management VLAN.

ALS1(config)# ip default-gateway 172.16.1.1

ALS2(config)# ip default-gateway 172.16.1.1

Step 4: Configure trunks and EtherChannels between switches.

EtherChannel is used for the trunks because it allows you to utilize both Fast Ethernet interfaces that are available between each device, thereby doubling the bandwidth.

Note: It is good practice to shut down the interfaces on both sides of the link before a port channel is created and then reenable them after the port channel is configured.

1. Configure trunks and EtherChannels from DLS1 and DLS2 to the other three switches according to the diagram. The switchport trunk encapsulation {isl | dot1q} command is used because these switches also support ISL encapsulation.

DLS1(config)# interface range fastEthernet 0/7 - 8
DLS1(config-if-range)# switchport trunk encapsulation dot1q
DLS1(config-if-range)# switchport mode trunk
DLS1(config-if-range)# channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1
DLS1(config-if-range)# interface range fastEthernet 0/9 - 10
DLS1(config-if-range)# switchport trunk encapsulation dot1q
DLS1(config-if-range)# switchport mode trunk
DLS1(config-if-range)# channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2
DLS1(config-if-range)# interface range fastEthernet 0/11 - 12
DLS1(config-if-range)# switchport trunk encapsulation dot1q
DLS1(config-if-range)# switchport mode trunk
DLS1(config-if-range)# channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

DLS2(config)# interface range fastEthernet 0/7 - 8DLS2(config-if-range)# switchport trunk encapsulation dot1qDLS2(config-if-range)# switchport mode trunkDLS2(config-if-range)# channel-group 1 mode desirableCreating a port-channel interface Port-channel 1DLS2(config-if-range)# interface range fastEthernet 0/9 - 10DLS2(config-if-range)# switchport trunk encapsulation dot1qDLS2(config-if-range)# switchport mode trunkDLS2(config-if-range)# channel-group 2 mode desirableCreating a port-channel interface Port-channel 2DLS2(config-if-range)# interface range fastEthernet 0/11 - 12DLS2(config-if-range)# switchport trunk encapsulation dot1qDLS2(config-if-range)# switchport mode trunkDLS2(config-if-range)# channel-group 3 mode desirableCreating a port-channel interface Port-channel 3

2. Configure the trunks and EtherChannel from ALS1 and ALS2 to the other switches. Notice that no encapsulation type is needed because the 2960 supports only 802.1q trunks.

ALS1(config)# interface range fastEthernet 0/7 - 8
ALS1(config-if-range)# switchport mode trunk
ALS1(config-if-range)# channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1
ALS1(config-if-range)# interface range fastEthernet 0/9 - 10
ALS1(config-if-range)# switchport mode trunk
ALS1(config-if-range)# channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2
ALS1(config-if-range)# interface range fastEthernet 0/11 - 12
ALS1(config-if-range)# switchport mode trunk
ALS1(config-if-range)# channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3
ALS2(config)# interface range fastEthernet 0/7 - 8
ALS2(config-if-range)# switchport mode trunk
ALS2(config-if-range)# channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1
ALS2(config-if-range)# interface range fastEthernet 0/9 - 10
ALS2(config-if-range)# switchport mode trunk
ALS2(config-if-range)# channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2
ALS2(config-if-range)# interface range fastEthernet 0/11 - 12
ALS2(config-if-range)# switchport mode trunk
ALS2(config-if-range)# channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

3. Verify trunking between DLS1, ALS1, and ALS2 using the show interface trunk command on all switches.

ALS1#show interface trunk
Port        Mode         Encapsulation  Status        Native vlan
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1
Po3         on           802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-1005
Po2         1-1005
Po3         1-1005

Port        Vlans allowed and active in management domain
Po1         1
Po2         1
Po3         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         1
Po3         1

4. Issue the show etherchannel summary command on each switch to verify the EtherChannels.

DLS1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port

Number of channel-groups in use: 3
Number of aggregators:           3

Group  Port-channel  Protocol    Ports
------+-------------+-----------+----------------------------------------------

1      Po1(SU)           PAgP   Fa0/7(P) Fa0/8(P)
2      Po2(SU)           PAgP   Fa0/9(P) Fa0/10(P)
3      Po3(SU)           PAgP   Fa0/11(P) Fa0/12(P)

Step 5: Configure VTP on ALS1 && ALS 2.

1. Change the VTP mode of ALS1 and ALS2 to client.

ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.

ALS2(config)# vtp mode client
Setting device to VTP CLIENT mode.

2. Verify the VTP changes with the show vtp status command.

ALS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Step 6: Configure VTP on DLS1

1. Create the VTP domain on VTP server DLS1 and create VLANs 10, 20, 30, and 40 for the domain.

DLS1(config)# vtp domain SWPOD
DLS1(config)# vtp version 2
DLS1(config)# vlan 10
DLS1(config-vlan)# name Finance
DLS1(config-vlan)# vlan 20
DLS1(config-vlan)# name Engineering
DLS1(config-vlan)# vlan 30
DLS1(config-vlan)# name Server-Farm1
DLS1(config-vlan)# vlan 40
DLS1(config-vlan)# name Server-Farm2

2. Verify VTP information throughout the domain using the show vlan and show vtp status commands.

Question: How many existing VLANs are in the VTP domain?

DLS1#show vtp status
DLS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 9
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 9
VTP Operating Mode              : Server
VTP Domain Name                 : SWPOD
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x3A 0x29 0x45 0xA0 0x18 0x80 0xDD 0xFF
Configuration last modified by 172.16.1.3 at 3-1-93 00:45:18
Local updater ID is 172.16.1.3 on interface Vl1 (lowest numbered VLAN interface found)

DLS1#show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/13, Fa0/14

Fa0/15, Fa0/16, Fa0/17, Fa0/18

Fa0/19, Fa0/20, Fa0/21, Fa0/22

Fa0/23, Fa0/24, Gig0/1, Gig0/2

10 Finance active

20 Engineering active

30 Server-Farm1 active

40 Server-Farm2 active

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

10 enet 100010 1500 - - - - - 0 0

20 enet 100020 1500 - - - - - 0 0

30 enet 100030 1500 - - - - - 0 0

40 enet 100040 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

1003 tr 101003 1500 - - - - - 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

step 7: Configure Access ports

1. Configure the host ports of all four switches. The following commands configure the switch port mode as access, place the port in the proper VLANs, and turn on spanning-tree PortFast for the ports.

DLS1(config)# interface fastEthernet 0/6
DLS1(config-if)# switchport mode access
DLS1(config-if)# switchport access vlan 30
DLS1(config-if)# spanning-tree portfast
DLS2(config)# interface fastEthernet 0/6
DLS2(config-if)# switchport mode access
DLS2(config-if)# switchport access vlan 40
DLS2(config-if)# spanning-tree portfast
ALS1(config)# interface fastEthernet 0/6
ALS1(config-if)# switchport mode access
ALS1(config-if)# switchport access vlan 10
ALS1(config-if)# spanning-tree portfast
ALS2(config)# interface fastEthernet 0/6
ALS2(config-if)# switchport mode access
ALS2(config-if)# switchport access vlan 20
ALS2(config-if)# spanning-tree portfast

2. Ping from the host on VLAN 10 to the host on VLAN 40. The ping should fail.
Are these results expected at this point? Why?

Note: The switchport host command can be used to configure individual access ports. This command automatically activates access mode, PortFast, and removes all associations of the physical switch port with the port-channel interfaces (if there are any).

Step 8: Configure HSRP interfaces and enable routing.

HSRP provides redundancy in the network. The VLANs can be load-balanced by using the standby group priority priority command. The ip routing command is used on DLS1 and DLS2 to activate routing capabilities on these Layer 3 switches.

Each route processor can route between the various SVIs configured on its switch. In addition to the real IP address assigned to each distribution switch SVI, assign a third IP address in each subnet to be used as a virtual gateway address. HSRP negotiates and determines which switch accepts information forwarded to the virtual gateway IP address.

The standby command configures the IP address of the virtual gateway, sets the priority for each VLAN, and configures the router for preempt. Preemption allows the router with the higher priority to become the active router after a network failure has been resolved.

In the following configurations, the priority for VLANs 1, 10, and 20 is 150 on DLS1, making it the active router for those VLANs. VLANs 30 and 40 have a priority of 100 on DLS1, making DLS1 the standby router for these VLANs. DLS2 is configured to be the active router for VLANs 30 and 40 with a priority of 150, and the standby router for VLANs 1, 10, and 20 with a priority of 100.

DLS1(config)# ip routing
DLS1(config)# interface vlan 1
DLS1(config-if)# standby 1 ip 172.16.1.1
DLS1(config-if)# standby 1 preempt
DLS1(config-if)# standby 1 priority 150
DLS1(config-if)# exit
DLS1(config)# interface vlan 10
DLS1(config-if)# ip address 172.16.10.3 255.255.255.0
DLS1(config-if)# standby 1 ip 172.16.10.1
DLS1(config-if)# standby 1 preempt
DLS1(config-if)# standby 1 priority 150
DLS1(config-if)# exit
DLS1(config)# interface vlan 20
DLS1(config-if)# ip address 172.16.20.3 255.255.255.0
DLS1(config-if)# standby 1 ip 172.16.20.1
DLS1(config-if)# standby 1 preempt
DLS1(config-if)# standby 1 priority 150
DLS1(config-if)# exit
DLS1(config)# interface vlan 30
DLS1(config-if)# ip address 172.16.30.3 255.255.255.0
DLS1(config-if)# standby 1 ip 172.16.30.1
DLS1(config-if)# standby 1 preempt
DLS1(config-if)# standby 1 priority 100
DLS1(config-if)# exit
DLS1(config)# interface vlan 40
DLS1(config-if)# ip address 172.16.40.3 255.255.255.0
DLS1(config-if)# standby 1 ip 172.16.40.1
DLS1(config-if)# standby 1 preempt
DLS1(config-if)# standby 1 priority 100

DLS2(config)# ip routing
DLS2(config)# interface vlan 1
DLS2(config-if)# standby 1 ip 172.16.1.1
DLS2(config-if)# standby 1 preempt
DLS2(config-if)# standby 1 priority 100
DLS2(config-if)# exit
DLS2(config)# interface vlan 10
DLS2(config-if)# ip address 172.16.10.4 255.255.255.0
DLS2(config-if)# standby 1 ip 172.16.10.1
DLS2(config-if)# standby 1 preempt
DLS2(config-if)# standby 1 priority 100
DLS2(config-if)# exit
DLS2(config)# interface vlan 20
DLS2(config-if)# ip address 172.16.20.4 255.255.255.0
DLS2(config-if)# standby 1 ip 172.16.20.1
DLS2(config-if)# standby 1 preempt
DLS2(config-if)# standby 1 priority 100
DLS2(config-if)# exit
DLS2(config)# interface vlan 30
DLS2(config-if)# ip address 172.16.30.4 255.255.255.0
DLS2(config-if)# standby 1 ip 172.16.30.1
DLS2(config-if)# standby 1 preempt
DLS2(config-if)# standby 1 priority 150
DLS2(config-if)# exit
DLS2(config)# interface vlan 40
DLS2(config-if)# ip address 172.16.40.4 255.255.255.0
DLS2(config-if)# standby 1 ip 172.16.40.1
DLS2(config-if)# standby 1 preempt
DLS2(config-if)# standby 1 priority 150

2. Verify HSRP configuration

Issue the show standby command on both DLS1 and DLS2.

DLS1#show standby
Vlan1 - Group 1 (version 2)
  State is Active
5 state changes, last state change 01:06:06
  Virtual IP address is 172.16.1.1
  Active virtual MAC address is 0000.0C9F.F001
    Local virtual MAC address is 0000.0C9F.F001 (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.163 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.1.4
  Priority 150 (configured 150)
  Group name is hsrp-Vl1-1 (default)
Vlan10 - Group 1 (version 2)
  State is Active
5 state changes, last state change 01:06:44
  Virtual IP address is 172.16.10.1
  Active virtual MAC address is 0000.0C9F.F001
    Local virtual MAC address is 0000.0C9F.F001 (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.387 secs
  Preemption disabled
  Active router is local
  Standby router is 172.16.10.4
  Priority 150 (configured 150)
  Group name is hsrp-Vl1-1 (default)
Vlan20 - Group 1 (version 2)
  State is Active
4 state changes, last state change 01:07:31
  Virtual IP address is 172.16.20.1
  Active virtual MAC address is 0000.0C9F.F001
    Local virtual MAC address is 0000.0C9F.F001 (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.223 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.20.4
  Priority 150 (configured 150)
  Group name is hsrp-Vl2-1 (default)
Vlan30 - Group 1 (version 2)
  State is Standby
8 state changes, last state change 01:11:35
  Virtual IP address is 172.16.30.1
  Active virtual MAC address is 0000.0C9F.F001
    Local virtual MAC address is 0000.0C9F.F001 (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.69 secs
  Preemption enabled
  Active router is 172.16.30.4, priority 100 (expires in 7 sec)
    MAC address is 0000.0C9F.F001
  Standby router is local
  Priority 100 (default 100)
  Group name is hsrp-Vl3-1 (default)
Vlan40 - Group 1 (version 2)
  State is Standby
10 state changes, last state change 01:12:13
  Virtual IP address is 172.16.40.1
  Active virtual MAC address is 0000.0C9F.F001
    Local virtual MAC address is 0000.0C9F.F001 (v2 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.737 secs
  Preemption enabled
  Active router is 172.16.40.4, priority 100 (expires in 7 sec)
    MAC address is 0000.0C9F.F001
  Standby router is local
  Priority 100 (default 100)
  Group name is hsrp-Vl4-1 (default)
DLS2#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State    Active          Standby         Virtual IP
Vl1         1    100   Standby  172.16.1.3      local           172.16.1.1
Vl10        1    100 P Standby  172.16.10.3     local           172.16.10.1
Vl20        1    100 P Standby  172.16.20.3     local           172.16.20.1
Vl30        1    150 P Active   local           172.16.30.3     172.16.30.1
Vl40        1    150 P Active   local           172.16.40.3     172.16.40.1

3. Verify HSRP Functionaity.

Verify HSRP by disconnecting the trunks to DLS2. You can simulate this using the shutdown command on those interfaces.

DLS2(config)# interface range fastEthernet 0/7 - 12
DLS2(config-if-range)# shutdown
Output to the console should reflect DLS1 becoming the active router for VLANs 30 and 40.

1w3d: %HSRP-6-STATECHANGE: Vlan30 Grp 1 state Standby -> Active
1w3d: %HSRP-6-STATECHANGE: Vlan40 Grp 1 state Standby -> Active
DLS1#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State    Active          Standby         Virtual IP
Vl1         1    150 P Active   local           172.16.1.4      172.16.1.1
Vl10        1    150   Active   local           172.16.10.4     172.16.10.1
Vl20        1    150 P Active   local           172.16.20.4     172.16.20.1
Vl30        1    100 P Active   local           unknown         172.16.30.1
Vl40        1    100 P Active   local           unknown         172.16.40.1

Note: If both DLS1 and DLS2 have links to the Internet, failure of either switch will cause HSRP to redirect packets to the other switch. The functioning switch will take over as the default gateway to provide virtually uninterrupted connectivity for hosts at the access layer.

时间: 2024-10-09 22:10:25

Lab - Hot Standby Router Protocol的相关文章

HSRP(Hot Standby Router Protocol)

一.简介       HSRP(Hot Standby Router Protocol 热备份路由器协议)是Cisco的专有协议.HSRP把多台路由器组成一个"热备份组",形成一个虚拟路由器.这个组内只有一个路由器是Active(活动)的,并由它来转发数据包,如果活动路由器发生了故障,备份路由器将成为活动路由器.从网络内的主机来看,网关并没有改变. 二.HSRP工作过程 HSRP路由器利用Hello包来互相监听各自的存在.当路由器长时间没有接收到Hello包时,就认为活动路由器故障,备

Network Redundancy Protocols

Redundancy is common point for today's topologies.Especially in mission-critical networks that it is not acceptable that using only one gateway to reach a point. Because one gateway means single point of failure. With multiple gateways, you can still

2.5-冗余VLAN

High-Availability(AH) First hop routers on the LAN redundancy Network/首跳冗余网络(出口第一个网络): 建立:Fault-tolerant/容错网络 避免:Single Points of Failure/单点失效 A:网络拓扑冗余(成本最高的): B:硬件的冗余: 交换引擎的冗余,电源冗余,线卡(大模块,高端设备用)冗余,风扇冗余,线路冗余,ISP冗余(电信和网通,而且出口要不同). C:软件/协议的冗余: HSRP(RFC

Kali Linux 渗透测试之拒绝服务攻击及防御

作为渗透测试人员,有时候需要对客户的系统进行DDOS攻击测试,那么这个时候就需要我们有一款合格的测试工具.而在Kali Linux上就集成了一些DDOS测试工具供测试者使用,下面就简单介绍一些测试工具. kali下的拒绝服务攻击: D(D)OS........................................1 yersinia......................................2 hping3................................

黑客工具软件大全100套

黑客工具软件大全100套  ゴリラ大統領 2011-05-21 16:55:58 #1 Nessus:最好的UNIX漏洞扫描工具 Nessus 是最好的免费网络漏洞扫描器,它可以运行于几乎所有的UNIX平台之上.它不止永久升级,还免费提供多达11000种插件(但需要注册并接受EULA-acceptance--终端用户授权协议).它的主要功能是远程或本地(已授权的)安全检查,客户端/服务器架构,GTK(Linux下的一种图形界面)图形界面,内置脚本语言编译器,可以用其编写自定义插件,或用来阅读别人

linux查看端口及端口详解

今天现场查看了TCP端口的占用情况,如下图 红色部分是IP,现场那边问我是不是我的程序占用了tcp的链接,,我远程登陆现场查看了一下,这种类型的tcp链接占用了400多个,,后边查了一下资料,说ESTABLISHED状态 ESTABLISHED的意思是建立连接.表示两台机器正在通信.      之后查找  ncube-lm  发现ncube-lm是一个端口,是nCube License Manager (即ncube管理的一个许可证明),意思是被允许,被认证开放的意思,,, 之后查看端口号 是1

HSRPv1和HSRPv2

简介:PC用户有一个路由器作为一个网关地址,当网关崩溃,那么用户就会断网,HSRP(思科私有)就是为了解决这类问题的2种网关冗余备份协议之一. HSRP:(Hot Standby Router Protocol):热备份路由协议 原理: 如上图: 概述: R1和R2建立一个邻接关系,并且加入一个组,形成虚拟的路由器,ip地址10.1.1.100 mac地址 aaaa:bbbb:cccc,这样PC可以指向这个虚拟的ip地址为网关. 其中R1和R2之间会选出一个活动路由器(Active Router

Cisco之中小企业网络(STP_HSRP)

STP(Spanning Tree Protocol),是生成树协议的缩写.在实际的网络环境中,通过物理链路备份可以实现链路的冗余,从而提高网络的可靠性.但是,交换网络会形成一个环路,根据交换机的转发原理(交换机向除接收端口之外的所有端口转发广播帧),会形成广播风暴,导致网络瘫痪.而STP协议正是用来解决二层环路的,STP协议通过一些特定的算法,在逻辑上阻塞一些端口,把一个环形的结构改变成一个逻辑上的树形结构,当正常通信的线路出现故障时,被阻塞的端口会被重新激活,使数据能够从这条线路上正常传输.

Kali Linux Web 渗透测试视频教程— 第十六课-拒绝服务攻击

Kali Linux Web 渗透测试视频教程— 第十六课-拒绝服务攻击 文/玄魂 目录 Kali Linux Web 渗透测试视频教程— 第十六课-拒绝服务攻击...................... 1 DoS............................................................................................................... 2 DDoS.......................