IOS/Router
Router†
VLAN´ØÏ¢†
Switch¤ÎÀßÄê†
- Switch¤Ç
VLAN´Ö¥ë¡¼¥Æ¥£¥ó¥°†
- Switch¤«¤é¤Î¥È¥é¥ó¥¯¥ê¥ó¥¯Àè¥ë¡¼¥¿¤ÎÀßÄê
- VLAN¤´¤È¤Ë¥µ¥Ö¥¤¥ó¥¿¥Õ¥§¥¤¥¹¤ò³ä¤êÅö¤Æ¤ë
- ¥µ¥Ö¥¤¥ó¥¿¥Õ¥§¥¤¥¹¤ÎID¤ÈVLAN¤ÎID¤Ï°ìÃפµ¤»¤¿¤Û¤¦¤¬´ÉÍý¤¬³Ú
(config-if)#encapsulation dot1q <vlan-id>
OSPF†
´ðËÜÀßÄê†
- ¥¯¥é¥¹¥ì¥¹¤Î¥ê¥ó¥¯¥¹¥Æ¡¼¥È¥ë¡¼¥Æ¥£¥ó¥°¥×¥í¥È¥³¥ë
! ospf¤Î͸ú²½ (config)#router ospf <process-id> ! ospf¤òÆ°ºî¤µ¤»¤ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î»ØÄê (config-router)#network <address> <wildcard-mask> area <area-id> ! ³Îǧ #show ip protocols #show ip route #show ip ospf #show ip ospf [interface <interface>|neighbor <neighbor-id>] ! ¥Ç¥Ð¥Ã¥° #debug ip ospf events
- process-id¤Ï¥ë¡¼¥¿Æâ¤Ç¤Î¼±Ê̤ΤߤËÍѤ¤¤ë¡£Â¾¥ë¡¼¥¿¤È¤Î°ìÃפÏÉÔÌä
- area-id¤Ï¾¥ë¡¼¥¿¤È°ìÃפ·¤Ê¤¤¤È¥Í¥¤¥Ð¤¬³ÎΩ¤·¤Ê¤¤
¥ë¡¼¥¿ID†
- Ǥ°Õ¤Îʸ»úÎ󡢤ޤ¿¤Ï¥ë¡¼¥×¥Ð¥Ã¥¯¥¢¥É¥ì¥¹¡¢¥¤¥ó¥¿¥Õ¥§¥¤¥¹¤ÎIP¥¢¥É¥ì¥¹¤¬ºÎÍѤµ¤ì¤ë
! Ǥ°Õ¤Îʸ»úÎó¤òºÎÍÑ¡ÊÈó¿ä¾©¡Ë (config-router)#router-id <router-id> ! ¥ë¡¼¥×¥Ð¥Ã¥¯¥¢¥É¥ì¥¹¤òºÎÍѡʿ侩¡Ë !! ¥ë¡¼¥×¥Ð¥Ã¥¯¤Ä¤¯¤Ã¤Æ¥¢¥É¥ì¥¹ÀßÄꤹ¤ë¤À¤± (config)#interface loopback <loopback-id>
¥í¡¼¥É¥Ð¥é¥ó¥¹†
! Åù¥³¥¹¥È¥Ñ¥¹¤Î¾å¸Â (config-router)#maximum-paths <value> ! ¥³¥¹¥È¤Î¸ÇÄê (config-if)#ip ospf cost <value>
ǧ¾Ú†
- ¥×¥ì¡¼¥ó¥Æ¥¥¹¥Èǧ¾Ú¤ÈMD5ǧ¾Ú¤¬¥µ¥Ý¡¼¥È¤µ¤ì¤ë
! ¥¤¥ó¥¿¥Õ¥§¥¤¥¹Ã±°Ì¤Ç¥Ñ¥¹¥ï¡¼¥É¤ò³ä¤êÅö¤Æ (config-if)#ip ospf authentication-key <password> ! ¥¤¥ó¥¿¥Õ¥§¥¤¥¹Ã±°Ì¤Þ¤¿¤Ï¥¨¥ê¥¢Ã±°Ì¤Çǧ¾Ú¤ò͸ú²½¤¹¤ë¡Ê²¼µ¤Î¤É¤Á¤é¤«¤ò¼Â¹Ô¡Ë (config-if)#ip ospf authentication [message-digest|null] (config-router)#area <area-id> authentication [message-digest] ! ¥Ç¥Ð¥Ã¥° #debug ip ospf adj
EIGRP†
- ¥¯¥é¥¹¥ì¥¹³ÈÄ¥¥Ç¥£¥¹¥¿¥ó¥¹¥Ù¥¯¥¿¥ë¡¼¥Æ¥£¥ó¥°¥×¥í¥È¥³¥ë¡£¤¢¤ë¤¤¤Ï¥Ï¥¤¥Ö¥ê¥Ã¥É¥ë¡¼¥Æ¥£¥ó¥°¥×¥í¥È¥³¥ë
´ðË܆
! eigrp¤Î͸ú²½ (config)#router eigrp <as-number> ! eigrp¤òÆ°ºî¤µ¤»¤ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î»ØÄê (config-router)#network <address> ! ¼«Æ°½¸ÌóÀÚ¤ë¤Ê¤é¡ÊÉÔϢ³¥Í¥Ã¥È¥ï¡¼¥¯Âбþ¡Ë (config-router)#no auto-summary ! ³Îǧ #show ip route eigrp #show ip protocols #show ip eigrp [interfaces|neighbors [detail]|topology [all]|traffic] ! ¥Ç¥Ð¥Ã¥° #debug ip eigrp
- as-number¤ÏƱ¤¸eigrp¤òÆ°¤«¤·¤¿¤¤¥ë¡¼¥¿´Ö¤Ç°ìÃפµ¤»¤ë
- address°Ê²¼¤Ë¥Þ¥¹¥¯Æþ¤ì¤Æ¤â¤¤¤¤¡Ê¥ï¥¤¥ë¥É¥«¡¼¥É¡Ë
¥í¡¼¥É¥Ð¥é¥ó¥¹†
! Åù¥³¥¹¥È¥í¡¼¥É¥Ð¥é¥ó¥¹¤ÎÅù¥³¥¹¥È¥Ñ¥¹¤Î¾å¸Â (config-router)#maximum-paths <value> ! ÉÔÅù¥³¥¹¥È¥í¡¼¥É¥Ð¥é¥ó¥¹¤Î¥Ð¥ê¥¢¥ó¥¹¤ÎÀßÄê (config-router)#valiance <value>
ǧ¾Ú†
- MD5ǧ¾Ú¤Î¤ß¥µ¥Ý¡¼¥È
! ¥¡¼¥Á¥§¡¼¥ó¤ò¤Ä¤¯¤ë (config)#key chain <key-chain-name> ! ¥¡¼¥Á¥§¡¼¥ó¤Ë¥¡¼¤òÄɲ乤ë (config-keychain)#key <key-id> ! Äɲä·¤¿¥¡¼¤ÎÀßÄê¤ò¤¹¤ë !! ¥Ñ¥¹¥ï¡¼¥É¤ÎÀßÄê (config-keychain-key)#key-string <password> !! ɬÍפʤé»þ´ÖÀ©¸Â¤òÀߤ±¤ë (config-keychain-key)#accept-lifetime <hh:mm:ss month date year> {infinitie|<end-time>|duration <seconds>} (config-keychain-key)#send-lifetime <hh:mm:ss month date year> {infinitie|<end-time>|duration <seconds>} ! MD5ǧ¾Ú¤ò͸ú²½ (config-if)#ip authentication mode eigrp <as-number> md5 ! ǧ¾Ú¤Ç»È¤¦¥¡¼¥Á¥§¡¼¥ó¤Î»ØÄê (config-if)#ip authentication key-chain eigrp <as-number> <key-chain-name>
ACL†
ɸ½àACL†
! ¤Ä¤¯¤êÊý !! ÈÖ¹æ¤òƱ¤¸¤Ë¤¹¤ë¤ÈÈÖ¹æ¤Ë¤Ö¤é²¼¤¬¤ëÊ£¿ô¤Î¥¨¥ó¥È¥ê¤¬¤Ä¤¯¤ì¤ë (config)#access-list <access-list-number> {permit|deny|remark} <source-address> [wildcard-mask] ! ¾Ã¤·Êý !! ÈÖ¹æñ°Ì¤Ç¤Þ¤ë¤´¤È¾Ã¤¹ (config)#no access-list <access-list-number> !! ¥¨¥ó¥È¥ê¤´¤È¤Ë¾Ã¤¹ (config-std-nacl)#no <seq-number>
- access-list-number¤Ï1-99
³ÈÄ¥ACL†
! ¤Ä¤¯¤êÊý !! ÈÖ¹æ¤òƱ¤¸¤Ë¤¹¤ë¤ÈÈÖ¹æ¤Ë¤Ö¤é²¼¤¬¤ëÊ£¿ô¤Î¥¨¥ó¥È¥ê¤¬¤Ä¤¯¤ì¤ë (config)#access-list <access-list-number> {permit|deny} <protocol> <source-address> <wildcard-mask> [<operator> {<app-name>|<port-number>}] <destination-address> <wildcard-mask> [<operator> {<app-name>|<port-number>}] [established] [log] ! ¾Ã¤·Êý !! ÈÖ¹æñ°Ì¤Ç¤Þ¤ë¤´¤È¾Ã¤¹ (config)#no access-list <access-list-number> !! ¥¨¥ó¥È¥ê¤´¤È¤Ë¾Ã¤¹ (config-ext-nacl)#no <seq-number>
- protocol¤Ïip¡¢tcp¡¢udp¡¢icmp¤È¤«
- established¤ÏACK=1¤ÈRST=1¤Ê¥Ñ¥±¥Ã¥È¤À¤±Ä̤¹
- ÄÌ¿®¤ÎºÇ½é¤Î°ì¼ê¤ÏSYN=1¤Î¤ß¤À¤«¤é¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤ÇÊý¸þÀ©¸æ¤¬²Äǽ
̾Á°ÉÕ¤ACL†
- ÈÖ¹æ¤Ç¤Ï¤Ê¤¯Ì¾Á°¤Ç´ÉÍý¤¹¤ëACL¡£É¸½à¤â³ÈÄ¥¤â¤É¤Ã¤Á¤â¤Ä¤¯¤ì¤ë
- ̾Á°¤ÎÉôʬ¤òÈÖ¹æ¤Ë¤¹¤ì¤Ð´û¸ACL¥¨¥ó¥È¥ê¤òÊÔ½¸²Äǽ
! ¤Ä¤¯¤êÊý !! ¤Þ¤º¤Ï̾Á°¤ò³ÎÊÝ¡¢¤½¤Î¸å¶ñÂÎŪ¤Ê¥¨¥ó¥È¥ê¤òÄɲ乤ë (config)#ip access-list {standard|extended} <access-list-name> !! ɸ½àACL¤ò¤Ä¤¯¤ë¤È¤ (config-std-nacl)#[seq-number] {permit|deny} <source-address> [wildcard-mask] !! ³ÈÄ¥ACL¤ò¤Ä¤¯¤ë¤È¤ (config-ext-nacl)#[sec-number] {permit|deny} <protocol> <source-address> <wildcard-mask> <destination-address> <wildcard-mask> [precedence <precedence>] [tos <tos>] ! ¾Ã¤·Êý !! ̾Á°Ã±°Ì¤Ç¤Þ¤ë¤´¤È¾Ã¤¹ (config)#no access-list {standard|extended} <access-list-name> !! ¥¨¥ó¥È¥ê¤´¤È¤Ë¾Ã¤¹ (config-{std|ext}-nacl)#no <seq-number>
¥³¥á¥ó¥È¤ò¤Ä¤±¤ë†
! ÈÖ¹æÉÕ¤ACL¤Î¾ì¹ç (config)#access-list <access-list-number> remark <comment> ! ̾Á°ÉÕ¤ACL¤Î¾ì¹ç (config-{std|ext}-nacl)#remark <comment>
³Îǧ†
#show ip access-list
¥Ñ¥±¥Ã¥È¥Õ¥£¥ë¥¿†
- acl¤ò¥¤¥ó¥¿¥Õ¥§¥¤¥¹¤ËŬÍѤ¹¤ë
! ¥¤¥ó¥¿¥Õ¥§¥¤¥¹¤ËACL¤òŬÍѤ¹¤ë (config-if)#ip access-group <access-list-number> {in|out} ! vty¤Ø¤Î¥¢¥¯¥»¥¹¤òÀ©¸Â¤¹¤ë !! ɸ½àACL¤Î¤ß (config-line)#access-class <access-list-number> {in|out} ! ³Îǧ #show ip interface <interface>
- access-list-number¤Ï̾Á°ÉÕ¤ACL¤òŬÍѤ¹¤ë¾ì¹ç¤Ïaccess-list-name¤Ë¤¹¤ë
NAT¤ÈPAT†
IPv6†
PPP†
¥Õ¥ì¡¼¥à¥ê¥ì¡¼†
Last-modified: 2011-09-03 (ÅÚ) 21:51:36