Router configuration application instance

When deploying a network, we usually use a router to connect to different networks. The preferred device is of course a hardware router such as Cisco or Huawei. However, in a small network, we can also use Window Server 2008 to play the role of a router.
We take the following topology diagram as an example to see how the following three PCs access the leftmost WEB server. In the illustration, all three routers are built by Windows2008. Don't be mistaken for it. Cisco, Figure: 1 Let's take a quick look at how the three PCs access the Web server. When PC1 accesses the Web, first ask Router1 for the Web address. At this time, Router1 forwards the PC1 request to the Web; but PC2 accesses the Web. What should I do? At this time, PC2 sends the request to Router2. Router2 forwards the request from PC2 to Router1, and Router1 forwards it to the Web. This is also the case when PC3 accesses the Web. Each router maintains a specific route. Table
, used to forward requests from different networks. Section 1: Installing the Router
We first let PC1 access the Web server normally, add two NICs on Router1, and take a name that is easy to identify, one for connecting to the Web server and one for connecting. Router2, as shown below: 2 After adding the network card, we add the router in the Server Manager with the Add Role Wizard. Step1. Add Role Figure: 3 Step2. Select Route Figure: 4 Step3. Finish the installation, add it is still very simple. Figure: 5 Step4. After the installation is complete, we enter the “Server Management” interface to open “Route and Remote Access”, right click on the first item will pop up a “Routing and Remote Access Server Installation Wizard” ; Figure: 6 Step5. Select Custom Configuration Figure: 7 Step6. Select LAN Routing Figure: 8 Step7. Start the server and complete the installation. Figure: 9 The most basic installation is done here. At this time, PC1 can access the Web server normally. We can also check the test with the Ping command, but we must first shut down the firewalls of Router1 and PC1. Figure: 10 Section 2: Adding Static Routes
We have implemented a request for PC1 to access the Web server. How do I implement a request for PC2 to access the Web server as well? When PC2 sends an access request, it will forward its default gateway 192.168.20.1 first. However, for Router2, the Web server belongs to another network segment 192.168.16.0, but Router2 does not know how to send this packet after receiving the request. Forwarded to Router1, there is no such record recorded in the routing table of Router2, so Router2 sends the request back to PC2, telling PC2 that it cannot find its web server. So how to solve this problem? We solved this problem by adding static routes. First we add a router on Router2, see above. After the addition is complete, we expand the “Route and Remote Access” navigation window in the “Server Manager” navigation window to find the “Static Routing” option, right click and select “New Static Route” to pop up a static route. window. “Interface” We choose the network card connected to Router1, fill in the network ID where the web server is located: 192.168.16.0, and the gateway is the IP address of PC2's web request to the network segment of 192.168.16.0 (this place must be carefully determined) Its logical relationship). Figure: 11 The following figure is the routing table of Router2. The blue background is the newly created path. The number of hops is: Gateway hops + interface hops = 256+10 (1000 Mbps network default) = 256 12 In the hardware router, it is possible to filter some data packets according to the access requirements. The Windows Server 2008 router also supports packet filtering. In Figure 1, we realized the mutual trust between PC1 and Web server. At this time, we need to shield the ping command because of security. At this time, we need to do the filtering on Router1. In Figure 13, there are two network cards, VM2 is used to connect to PC2, and NAT is the network interface used to connect to the Web server. We right click on VM2 to open its properties, then select “Inbound Filter> Figure: 13 In the “Inbound Filter”, we select the “New” button to pop up a “Add IP Filter” “ window, we take ICMP as an example, all ICMP packets from the "source network" will be rejected, ICMP type is 8, the code is 0. Figure: 14 “outbound filter” settings are similar to inbound, we just select the appropriate interface, and then do the settings, I will not demonstrate one by one. Third: Adding Dynamic Routes
As we mentioned in the previous article, each router has a routing table that records the forwarding path from neighboring routers, as shown in Figure 1, on Router1. The forwarding routing table between Router 2 and Router 2. Router 2 records the forwarding routing table with Router 3. However, if Router 1 and Router 3 need to forward access requests, the administrator needs to manually add a forwarding routing command. b>Static Route, using this method of manually managing the routing table will inevitably increase the workload of the administrator, but even more terrible is that if a router fails, the entire network will not be able to access normally. So is there a way for the router to automatically record these routing forwarding information and tell the neighboring routers the routing information in its routing table? This is the Dynamic Route>RIP (Routing Information Protocol). Compared with the previous configuration of static routes, configuring RIP is much simpler. We still use Figure 1 as an example. First, we enable RIP routing on Router3. Step1: Add RIP protocol, expand IPv4 in the interface shown below, right click on the regular, select “Add Routing Protocol”, select “RIP Version 2 for Internet Protocol” and click OK. Figure: 15 Step2: After adding the RIP protocol, there will be an additional RIP option under the IPV4 on the left. Right click on it, select “Add Interface”, and select the interface we use to provide RIP. In this figure, we provide RIP function through VM3, but after clicking OK, a window of RIP attribute will pop up (as shown in Figure 14), click OK to complete the addition. Figure: 16
Figure: 17 Step3: Then we enable RIP on Router1 and Router2 respectively. We can delete the static route to the configuration first, but you can also try to configure static route + dynamic route. After the configuration is complete, we can access the web server from PC3 (192.168.30.254/24) (192.168.16.131/24). RIP routers are simple to configure and easy to manage. However, large networks or very large networks cannot be configured as RIP routes because RIP routers can send packets of up to 15 routers, and it is broadcast or multicast. If the announcement is initiated, this will inevitably increase the burden on the network. Therefore, in the network, we generally configure static routes plus dynamic routes according to specific conditions. Section 4: Reading the Routing Table
At the beginning, we mentioned that each router maintains a routing table that records the path of routing packets. Then the routing table is What does it look like? We can see the legendary routing table by running the route print command at the command prompt, but it looks a bit awkward. I am used to the Windows window. It is not customary to read this. Let's take a look at the routing table for each row and row. After reading the data, it is very easy to manage RIP routing or static routing. Figure: 18 A. The first line command default path
, but when the computer under the router sends a packet, if the forwarding path is not found in the routing table, the request will be sent through the default path. B. This line is the path of the loop. C. The routing path of the direct connection, that is, the data packet sent from the network ID 192.168.10.0 is directly forwarded from the interface 192.168.10.2, and the gateway happens to be “on the link”, indicating that the data packet is directly directed to the target. , no need to forward. D. The subnet broadcast path indicates that when the computer under the router sends a broadcast packet to 192.168.10.255 (sends the broadcast to the network segment 192.168.10.0), the packet is forwarded through the interface 192.168.10.2. E. This is a path to the RIP route, which indicates that the target is 192.168.16.0 and learned by RIP. The number of hops is 13. F. 240.0.0 indicates the multicast path. If the computer under the router sends a multicast packet, it will be sent directly to the target (such as 192.168.10.2, 192.168.20.1). Earlier we repeatedly mentioned a noun: hops
, hops are used to indicate the cost of sending packets, which is what we often say hops (that is, the number of routers passed), hops can Manual setting, the lower the number of hops, the better the path, the router will first select the path with the lowest number of hops to forward the data packet. The Windows system has the function of automatically calculating the number of hops. In the Server2008 version, the calculation formula is as follows: Number of hops = Interface hops + gateway hops
where interface hop counts are calculated at the speed of the network interface. For example, the default value of 100Mbps NIC is 20, 10Gbps is 10, and 10Gbps is 5. The default number of gateway hops is 256. If we specify the default gateway on a 1 Gbps NIC, the default route hop count in the routing table is 10+256=266. We can also use the command netsh interface ip show address at the command prompt to view the number of gateway hops and interface hops of the NIC.