Introduction :

Démontrer l'utilisation du wildcard mask au travers de 2 exemples :

  • La commande network de l'IGP EIGRP
  • L'ACL

Topologie pour le test :

Topologie de tests

Configuration :

R1 :

 1 interface Loopback0
 2  ip address 1.1.1.1 255.255.255.255
 3 !
 4 interface Loopback1
 5  ip address 10.1.0.1 255.255.255.255
 6 !
 7 interface Loopback2
 8  ip address 10.2.0.1 255.255.255.255
 9 !
10 interface Loopback3
11  ip address 10.3.0.1 255.255.255.255
12 !
13 interface Loopback4
14  ip address 10.4.0.1 255.255.255.255
15 !
16 interface Loopback5
17  ip address 10.5.0.1 255.255.255.255
18 !
19 interface Loopback6
20  ip address 10.6.0.1 255.255.255.255
21 !
22 interface Loopback7
23  ip address 10.7.0.1 255.255.255.255
24 !
25 interface Loopback8
26  ip address 10.8.0.1 255.255.255.255
27 !
28 interface Loopback9
29  ip address 10.9.0.1 255.255.255.255
30 !
31 interface FastEthernet0/0
32  description To_R2
33  ip address 12.12.12.1 255.255.255.0
34  duplex auto
35  speed auto
36 !
37 !
38 interface FastEthernet0/0
39  description To_R2
40  ip address 12.12.12.1 255.255.255.0
41  duplex auto
42  speed auto
43 !
44 interface FastEthernet0/1
45  description To_R3
46  ip address 13.13.13.1 255.255.255.0
47  duplex auto
48  speed auto
49 !
50 router eigrp 100
51  redistribute connected route-map FILTER_CONNECTED_REDISTRIBUTE
52  network 10.0.0.0 0.1.255.255
53  network 10.4.0.0 0.1.255.255
54  network 12.12.12.0 0.0.0.255
55  network 13.13.13.0 0.0.0.255
56  no auto-summary
57  eigrp router-id 1.1.1.1
58 !
59 !
60 !
61 ip access-list standard FILTER_CONNECTED
62  permit 10.6.0.0 0.1.0.1
63  deny   any
64 !
65 no cdp log mismatch duplex
66 !
67 route-map FILTER_CONNECTED_REDISTRIBUTE permit 10
68  match ip address FILTER_CONNECTED
69 !

R2 :

 1 interface Loopback0
 2  ip address 2.2.2.2 255.255.255.255
 3 !
 4 interface FastEthernet0/0
 5  description To_R1
 6  ip address 12.12.12.2 255.255.255.0
 7  duplex auto
 8  speed auto
 9 !
10 interface FastEthernet0/1
11  no ip address
12  shutdown
13  duplex auto
14  speed auto
15 !
16 router eigrp 100
17  network 2.2.2.2 0.0.0.0
18  network 12.12.12.0 0.0.0.255
19  no auto-summary
20  eigrp router-id 2.2.2.2
21 !

R3 :

 1 interface Loopback0
 2  ip address 3.3.3.3 255.255.255.255
 3 !
 4 interface FastEthernet0/0
 5  no ip address
 6  shutdown
 7  duplex auto
 8  speed auto
 9 !
10 interface FastEthernet0/1
11  description To_R1
12  ip address 13.13.13.3 255.255.255.0
13  duplex auto
14  speed auto
15 !
16 router eigrp 100
17  network 3.3.3.3 0.0.0.0
18  network 13.13.13.3 0.0.0.0
19  no auto-summary
20  eigrp router-id 3.3.3.3
21 !

Tables de routage :

R1 :

 1 R1#sh ip route
 2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 3        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 4        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 5        E1 - OSPF external type 1, E2 - OSPF external type 2
 6        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 7        ia - IS-IS inter area, * - candidate default, U - per-user static route
 8        o - ODR, P - periodic downloaded static route
 9 
10 Gateway of last resort is not set
11 
12      1.0.0.0/32 is subnetted, 1 subnets
13 C       1.1.1.1 is directly connected, Loopback0
14      2.0.0.0/32 is subnetted, 1 subnets
15 D       2.2.2.2 [90/409600] via 12.12.12.2, 00:14:56, FastEthernet0/0
16      3.0.0.0/32 is subnetted, 1 subnets
17 D       3.3.3.3 [90/409600] via 13.13.13.3, 00:16:02, FastEthernet0/1
18      10.0.0.0/32 is subnetted, 9 subnets
19 C       10.9.0.1 is directly connected, Loopback9
20 C       10.8.0.1 is directly connected, Loopback8
21 C       10.3.0.1 is directly connected, Loopback3
22 C       10.2.0.1 is directly connected, Loopback2
23 C       10.1.0.1 is directly connected, Loopback1
24 C       10.7.0.1 is directly connected, Loopback7
25 C       10.6.0.1 is directly connected, Loopback6
26 C       10.5.0.1 is directly connected, Loopback5
27 C       10.4.0.1 is directly connected, Loopback4
28      12.0.0.0/24 is subnetted, 1 subnets
29 C       12.12.12.0 is directly connected, FastEthernet0/0
30      13.0.0.0/24 is subnetted, 1 subnets
31 C       13.13.13.0 is directly connected, FastEthernet0/1

R2 :

 1 R2#sh ip route
 2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 3        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 4        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 5        E1 - OSPF external type 1, E2 - OSPF external type 2
 6        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 7        ia - IS-IS inter area, * - candidate default, U - per-user static route
 8        o - ODR, P - periodic downloaded static route
 9 
10 Gateway of last resort is not set
11 
12      2.0.0.0/32 is subnetted, 1 subnets
13 C       2.2.2.2 is directly connected, Loopback0
14      3.0.0.0/32 is subnetted, 1 subnets
15 D       3.3.3.3 [90/435200] via 12.12.12.1, 00:14:33, FastEthernet0/0
16      10.0.0.0/32 is subnetted, 5 subnets
17 D       10.1.0.1 [90/409600] via 12.12.12.1, 00:14:33, FastEthernet0/0
18 D EX    10.7.0.1 [170/409600] via 12.12.12.1, 00:06:33, FastEthernet0/0
19 D EX    10.6.0.1 [170/409600] via 12.12.12.1, 00:06:33, FastEthernet0/0
20 D       10.5.0.1 [90/409600] via 12.12.12.1, 00:14:33, FastEthernet0/0
21 D       10.4.0.1 [90/409600] via 12.12.12.1, 00:14:35, FastEthernet0/0
22      12.0.0.0/24 is subnetted, 1 subnets
23 C       12.12.12.0 is directly connected, FastEthernet0/0
24      13.0.0.0/24 is subnetted, 1 subnets
25 D       13.13.13.0 [90/307200] via 12.12.12.1, 00:14:35, FastEthernet0/0

R3

 1 R3#sh ip route
 2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 3        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 4        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 5        E1 - OSPF external type 1, E2 - OSPF external type 2
 6        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 7        ia - IS-IS inter area, * - candidate default, U - per-user static route
 8        o - ODR, P - periodic downloaded static route
 9 
10 Gateway of last resort is not set
11 
12      2.0.0.0/32 is subnetted, 1 subnets
13 D       2.2.2.2 [90/435200] via 13.13.13.1, 00:14:42, FastEthernet0/1
14      3.0.0.0/32 is subnetted, 1 subnets
15 C       3.3.3.3 is directly connected, Loopback0
16      10.0.0.0/32 is subnetted, 5 subnets
17 D       10.1.0.1 [90/409600] via 13.13.13.1, 00:15:25, FastEthernet0/1
18 D EX    10.7.0.1 [170/409600] via 13.13.13.1, 00:06:48, FastEthernet0/1
19 D EX    10.6.0.1 [170/409600] via 13.13.13.1, 00:06:48, FastEthernet0/1
20 D       10.5.0.1 [90/409600] via 13.13.13.1, 00:15:28, FastEthernet0/1
21 D       10.4.0.1 [90/409600] via 13.13.13.1, 00:15:28, FastEthernet0/1
22      12.0.0.0/24 is subnetted, 1 subnets
23 D       12.12.12.0 [90/307200] via 13.13.13.1, 00:15:28, FastEthernet0/1
24      13.0.0.0/24 is subnetted, 1 subnets
25 C       13.13.13.0 is directly connected, FastEthernet0/1

Conclusion et Explications :

La configuration spécifique est faite sur R1.
Sur R1 :
l0 : 3.3.3.3/23 <— annoncé via la cmd network
l1 : 10.1.0.1/32 <— annoncé via la cmd network
l2 : 10.2.0.1/32
l3 : 10.3.0.1/32
l4 : 10.4.0.1/32 <— annoncé via la cmd network
l5 : 10.5.0.1/32 <— annoncé via la cmd network
l6 : 10.6.0.1/32
l7 : 10.7.0.1/32 <— annoncé via la redistribution avec filtrage
l8 : 10.8.0.1/32 <— annoncé via la redistribution avec filtrage
l9 : 10.9.0.1/32

network 10.0.0.0 0.1.255.255 : va faire participer à EIGRP les interfaces ayant pour @ 10.0.X.X et 10.1.X.X, ici on n’a que 10.1.0.1, le wildcard mask non contigu (0.1.0.1) ne fonctionne pas avec la cmd network. network 10.4.0.0 0.1.255.255 : va faire participer à EIGRP les interface avec @ 10.4.X.X et 10.5.X.X

Pour éviter de rentrer autant de cmd network que de réseau Loopback on a joué avec le wildcard, du fait de l’impossibilité de mettre un mask non contigu, on a été très ouvert sur les 2 derniers octets donc attention au plan d’adressage.

Autre point, redistribution des @ 10.7.0.1 et 10.8.0.1, via ACL/route-map et redistribution, là le wildcard mask non contigu a fonctionné !.

Seule petit bémol, avec la redistribution l’AD est de 170 eu lieu de 90.

Note :