OSPF协议项目实战
1、要求按照下列标准配置一个OSPF网络
2、配置一个IP网络,实验逻辑图如图,IP地址见拓扑图
3、路由协议采用OSPF,进程ID为1 ,RID为loopback0地址
4、R1/R2/R3相连的三个站点链路OSPF网络类型配置成广播型,其中R1路由器做为永久性DR
5、按照图示配置OSPF区域,其中R2/R3/R4之间的区域要配置成完全末梢区域
6、R6为新并入的站点,由于来不及布线施工而暂时并到R5这个站点上,所在区域为AREA 56,配置使得所有网络可达(采用ping测试)
7、OSPF内部的网络希望通过R1路由器访问Internet,配置R1使其能够满足需求,只考虑内部路由器上路由的实现,不考虑NAT(下发默认路由)
8、AREA 0基于安全的原因配置上MD5认证,Key-ID为1,密码:Huawei
9、于R3与R4之间的链路质量较好,适当配置使得R4优先选取R3访问自身区域除外的外部网络
10、为了减少网络流量,R1只能学习到R6环回口的路由条目汇总条目(172.16.0.0/16)
1、要求按照下列标准配置一个OSPF网络
搭建拓扑图如下
2、配置一个IP网络,实验逻辑图如图,IP地址见拓扑图
R1的IP地址配置
sysname R1 # interface GigabitEthernet0/0/0 ip address 192.168.123.1 255.255.255.0 # interface LoopBack0 ip address 1.1.1.1 255.255.255.255
R2的IP地址配置
sysname R2 # interface GigabitEthernet0/0/0 ip address 192.168.123.2 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.24.2 255.255.255.0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 #
R3的IP地址配置
sysname R3 # interface GigabitEthernet0/0/0 ip address 192.168.123.3 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.34.3 255.255.255.0 # interface GigabitEthernet0/0/2 ip address 192.168.35.3 255.255.255.0 # interface LoopBack0 ip address 3.3.3.3 255.255.255.255
R4的IP地址配置
sysname R4 # interface GigabitEthernet0/0/0 ip address 192.168.24.4 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.34.4 255.255.255.0 # interface LoopBack0 ip address 4.4.4.4 255.255.255.255 #
R5的IP地址配置
sysname R5 # interface GigabitEthernet0/0/0 ip address 192.168.35.5 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.56.5 255.255.255.0 # interface LoopBack0 ip address 5.5.5.5 255.255.255.255 #
R6的IP地址配置
sysname R6 # interface GigabitEthernet0/0/0 ip address 192.168.56.6 255.255.255.0 # interface LoopBack0 ip address 192.168.3.1 255.255.255.0 # interface LoopBack1 ip address 172.16.1.1 255.255.255.0 # interface LoopBack2 ip address 172.16.2.1 255.255.255.0 # interface LoopBack3 ip address 172.16.3.1 255.255.255.0 # interface LoopBack4 ip address 172.16.4.1 255.255.255.0
做完基本的IP地址配置后,大家可以自行ping通各自的直连网段
3、路由协议采用OSPF,进程ID为1 ,RID为loopback0地址
R1的OSPF配置
ospf 1 router-id 1.1.1.1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 192.168.123.0 0.0.0.255
R2的OSPF配置
ospf 1 router-id 2.2.2.2 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 192.168.123.0 0.0.0.255 area 0.0.0.234 network 192.168.24.0 0.0.0.255
R3的OSPF配置
ospf 1 router-id 3.3.3.3 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 192.168.123.0 0.0.0.255 area 0.0.0.234 network 192.168.34.0 0.0.0.255 area 0.0.0.35 network 192.168.35.0 0.0.0.255
R4的OSPF配置
ospf 1 router-id 4.4.4.4 area 0.0.0.234 network 4.4.4.4 0.0.0.0 network 192.168.24.0 0.0.0.255 network 192.168.34.0 0.0.0.255
R5的OSPF配置
ospf 1 router-id 5.5.5.5 area 0.0.0.35 network 5.5.5.5 0.0.0.0 network 192.168.35.0 0.0.0.255 area 0.0.0.56 network 192.168.56.0 0.0.0.255
R6的OSPF配置
ospf 1 router-id 6.6.6.6 area 0.0.0.56 network 6.6.6.6 0.0.0.0 network 172.16.1.0 0.0.0.255 network 172.16.2.0 0.0.0.255 network 172.16.3.0 0.0.0.255 network 172.16.4.0 0.0.0.255 network 192.168.56.0 0.0.0.255
检查
在各路由器上面检查如下
<R1>display ospf peer brief OSPF Process 1 with Router ID 1.1.1.1 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full 0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full ---------------------------------------------------------------------------- <R1>
<R2>dis ospf peer brief OSPF Process 1 with Router ID 2.2.2.2 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full 0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full 0.0.0.234 GigabitEthernet0/0/1 4.4.4.4 Full ---------------------------------------------------------------------------- <R2>
[R3]display ospf peer brief OSPF Process 1 with Router ID 3.3.3.3 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full 0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full 0.0.0.35 GigabitEthernet0/0/2 5.5.5.5 Full 0.0.0.234 GigabitEthernet0/0/1 4.4.4.4 Full ---------------------------------------------------------------------------- [R3]
[R4]display ospf peer brief OSPF Process 1 with Router ID 4.4.4.4 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.234 GigabitEthernet0/0/0 2.2.2.2 Full 0.0.0.234 GigabitEthernet0/0/1 3.3.3.3 Full ---------------------------------------------------------------------------- [R4]
[R5]display ospf peer brief OSPF Process 1 with Router ID 5.5.5.5 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.35 GigabitEthernet0/0/0 3.3.3.3 Full 0.0.0.56 GigabitEthernet0/0/1 6.6.6.6 Full ---------------------------------------------------------------------------- [R5]
[R6]display ospf peer brief OSPF Process 1 with Router ID 6.6.6.6 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.56 GigabitEthernet0/0/0 5.5.5.5 Full ---------------------------------------------------------------------------- [R6]
此时发现R1 R2 R3 R4 R5之间都能够学习到各自的OSPF路由条目,R6由于没有按照正确的OSPF拓扑区域结构进行划分,导致R6不能够学习到任何其他设备的路由条目
4、R1/R2/R3相连的三个站点链路OSPF网络类型配置成广播型,其中R1路由器做为永久性DR
思路就是把R2和R3的接口优先级设置为0 OSPF的接口优先级的取值范围是0~255 当优先级为0的时候 代表本接口OSPF路由器不参与DR的选举,优先级为255就只代表优先级为255 这个和VRRP那个优先级要区分开来
interface GigabitEthernet0/0/0 ospf dr-priority 0
在R1上面查看DR
<R1>display ospf interface GigabitEthernet 0/0/0 OSPF Process 1 with Router ID 1.1.1.1 Interfaces Interface: 192.168.123.1 (GigabitEthernet0/0/0) Cost: 1 State: DR Type: Broadcast MTU: 1500 Priority: 1 Designated Router: 192.168.123.1 Backup Designated Router: 0.0.0.0 Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1 <R1>
5、按照图示配置OSPF区域,其中R2/R3/R4之间的区域要配置成完全末梢区域
R2的配置
ospf 1 router-id 2.2.2.2 area 0.0.0.234 stub no-summary
R3的配置
ospf 1 router-id 3.3.3.3 area 0.0.0.234 stub no-summary
R4的配置
ospf 1 router-id 4.4.4.4 area 0.0.0.234 stub no-summary
检查:
[R4]display ospf lsdb OSPF Process 1 with Router ID 4.4.4.4 Link State Database Area: 0.0.0.234 Type LinkState ID AdvRouter Age Len Sequence Metric Router 4.4.4.4 4.4.4.4 51 60 80000006 1 Router 2.2.2.2 2.2.2.2 53 36 80000005 1 Router 3.3.3.3 3.3.3.3 58 36 80000005 1 Network 192.168.24.4 4.4.4.4 51 32 80000002 0 Network 192.168.34.4 4.4.4.4 55 32 80000002 0 Sum-Net 0.0.0.0 3.3.3.3 111 28 80000001 1 Sum-Net 0.0.0.0 2.2.2.2 122 28 80000001 1 [R4]display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 12 Routes : 13 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 OSPF 10 2 D 192.168.34.3 GigabitEthernet 0/0/1 OSPF 10 2 D 192.168.24.2 GigabitEthernet 0/0/0 4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 192.168.24.0/24 Direct 0 0 D 192.168.24.4 GigabitEthernet 0/0/0 192.168.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 192.168.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 192.168.34.0/24 Direct 0 0 D 192.168.34.4 GigabitEthernet 0/0/1 192.168.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1 192.168.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 [R4]
6、R6为新并入的站点,由于来不及布线施工而暂时并到R5这个站点上,所在区域为AREA 56,配置使得所有网络可达(采用ping测试)
R3的配置如下
ospf 1 router-id 3.3.3.3 area 0.0.0.35 network 192.168.35.0 0.0.0.255 vlink-peer 5.5.5.5
R5的配置如下
ospf 1 router-id 5.5.5.5 area 0.0.0.35 network 192.168.35.0 0.0.0.255 vlink-peer 3.3.3.3
检查
[R3]display ospf vlink OSPF Process 1 with Router ID 3.3.3.3 Virtual Links Virtual-link Neighbor-id -> 5.5.5.5, Neighbor-State: Full Interface: 192.168.35.3 (GigabitEthernet0/0/2) Cost: 1 State: P-2-P Type: Virtual Transit Area: 0.0.0.35 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal [R3]
[R5]display ospf vlink OSPF Process 1 with Router ID 5.5.5.5 Virtual Links Virtual-link Neighbor-id -> 3.3.3.3, Neighbor-State: Full Interface: 192.168.35.5 (GigabitEthernet0/0/0) Cost: 1 State: P-2-P Type: Virtual Transit Area: 0.0.0.35 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1 GR State: Normal [R5]
检查一下路由情况
在R1这边查看172网段的路由情况
<R1>display ospf lsdb OSPF Process 1 with Router ID 1.1.1.1 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Age Len Sequence Metric Router 2.2.2.2 2.2.2.2 468 48 8000000E 1 Router 1.1.1.1 1.1.1.1 472 48 8000000E 1 Router 5.5.5.5 5.5.5.5 104 36 80000001 1 Router 3.3.3.3 3.3.3.3 103 60 80000010 1 Network 192.168.123.1 1.1.1.1 474 36 80000009 0 Sum-Net 192.168.56.0 5.5.5.5 115 28 80000001 1 Sum-Net 5.5.5.5 3.3.3.3 850 28 80000001 1 Sum-Net 5.5.5.5 5.5.5.5 115 28 80000001 0 Sum-Net 192.168.35.0 3.3.3.3 921 28 80000001 1 Sum-Net 192.168.35.0 5.5.5.5 115 28 80000001 1 Sum-Net 172.16.3.1 5.5.5.5 115 28 80000001 1 Sum-Net 192.168.34.0 3.3.3.3 352 28 80000002 1 Sum-Net 192.168.34.0 2.2.2.2 292 28 80000001 2 Sum-Net 172.16.2.1 5.5.5.5 115 28 80000001 1 Sum-Net 192.168.24.0 2.2.2.2 363 28 80000002 1 Sum-Net 192.168.24.0 3.3.3.3 287 28 80000002 2 Sum-Net 172.16.1.1 5.5.5.5 115 28 80000001 1 Sum-Net 4.4.4.4 3.3.3.3 299 28 80000001 1 Sum-Net 4.4.4.4 2.2.2.2 292 28 80000001 1 Sum-Net 172.16.4.1 5.5.5.5 115 28 80000001 1
[R3]display ospf lsdb OSPF Process 1 with Router ID 3.3.3.3 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Age Len Sequence Metric Router 2.2.2.2 2.2.2.2 538 48 8000000E 1 Router 1.1.1.1 1.1.1.1 543 48 8000000E 1 Router 5.5.5.5 5.5.5.5 173 36 80000001 1 Router 3.3.3.3 3.3.3.3 172 60 80000010 1 Network 192.168.123.1 1.1.1.1 545 36 80000009 0 Sum-Net 192.168.56.0 5.5.5.5 184 28 80000001 1 Sum-Net 5.5.5.5 3.3.3.3 919 28 80000001 1 Sum-Net 5.5.5.5 5.5.5.5 184 28 80000001 0 Sum-Net 192.168.35.0 3.3.3.3 990 28 80000001 1 Sum-Net 192.168.35.0 5.5.5.5 184 28 80000001 1 Sum-Net 172.16.3.1 5.5.5.5 184 28 80000001 1 Sum-Net 192.168.34.0 3.3.3.3 421 28 80000002 1 Sum-Net 192.168.34.0 2.2.2.2 363 28 80000001 2 Sum-Net 172.16.2.1 5.5.5.5 184 28 80000001 1 Sum-Net 192.168.24.0 2.2.2.2 434 28 80000002 1 Sum-Net 192.168.24.0 3.3.3.3 356 28 80000002 2 Sum-Net 172.16.1.1 5.5.5.5 184 28 80000001 1 Sum-Net 4.4.4.4 3.3.3.3 368 28 80000001 1 Sum-Net 4.4.4.4 2.2.2.2 363 28 80000001 1 Sum-Net 172.16.4.1 5.5.5.5 184 28 80000001 1 Area: 0.0.0.35 Type LinkState ID AdvRouter Age Len Sequence Metric Router 5.5.5.5 5.5.5.5 173 48 80000006 1 Router 3.3.3.3 3.3.3.3 172 36 80000006 1 Network 192.168.35.3 3.3.3.3 919 32 80000002 0 Sum-Net 192.168.56.0 5.5.5.5 183 28 80000001 1 Sum-Net 192.168.123.0 3.3.3.3 990 28 80000001 1 Sum-Net 3.3.3.3 3.3.3.3 990 28 80000001 0 Sum-Net 172.16.3.1 5.5.5.5 184 28 80000001 1 Sum-Net 192.168.34.0 3.3.3.3 424 28 80000002 1 Sum-Net 172.16.2.1 5.5.5.5 186 28 80000001 1 Sum-Net 192.168.24.0 3.3.3.3 424 28 80000002 2 Sum-Net 172.16.1.1 5.5.5.5 186 28 80000001 1 Sum-Net 4.4.4.4 3.3.3.3 371 28 80000001 1 Sum-Net 2.2.2.2 3.3.3.3 543 28 80000002 1 Sum-Net 172.16.4.1 5.5.5.5 186 28 80000001 1 Sum-Net 1.1.1.1 3.3.3.3 543 28 80000002 1 Area: 0.0.0.234 Type LinkState ID AdvRouter Age Len Sequence Metric Router 4.4.4.4 4.4.4.4 366 60 80000006 1 Router 2.2.2.2 2.2.2.2 368 36 80000005 1 Router 3.3.3.3 3.3.3.3 371 36 80000005 1 Network 192.168.24.4 4.4.4.4 366 32 80000002 0 Network 192.168.34.4 4.4.4.4 371 32 80000002 0 Sum-Net 0.0.0.0 3.3.3.3 424 28 80000001 1 Sum-Net 0.0.0.0 2.2.2.2 437 28 80000001 1
7、OSPF内部的网络希望通过R1路由器访问Internet,配置R1使其能够满足需求,只考虑内部路由器上路由的实现,不考虑NAT(下发默认路由)
在R1上面配置静态路由 然后下发其静态路由
ip route-static 0.0.0.0 0.0.0.0 192.168.60.1
ospf 1 router-id 1.1.1.1 default-route-advertise area 0.0.0.0
在R2 R3 R5 R6上面查看路由表
<R2>display ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Public routing table : OSPF Destinations : 12 Routes : 12 OSPF routing table status : <Active> Destinations : 12 Routes : 12 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 O_ASE 150 1 D 192.168.123.1 GigabitEthernet 0/0/0 1.1.1.1/32 OSPF 10 1 D 192.168.123.1 GigabitEthernet 0/0/0 3.3.3.3/32 OSPF 10 1 D 192.168.123.3 GigabitEthernet 0/0/0 4.4.4.4/32 OSPF 10 1 D 192.168.24.4 GigabitEthernet 0/0/1 5.5.5.5/32 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 172.16.1.1/32 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 172.16.2.1/32 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 172.16.3.1/32 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 172.16.4.1/32 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 192.168.34.0/24 OSPF 10 2 D 192.168.24.4 GigabitEthernet 0/0/1 192.168.35.0/24 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 192.168.56.0/24 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 OSPF routing table status : <Inactive> Destinations : 0 Routes : 0
8、AREA 0基于安全的原因配置上MD5认证,Key-ID为1,密码:Huawei
在R1的区域0中配置区域0的认证
# ospf 1 router-id 1.1.1.1 area 0.0.0.0 authentication-mode md5 1 plain Huawei #
在R2的区域0中配置区域0的认证
# ospf 1 router-id 2.2.2.2 area 0.0.0.0 authentication-mode md5 1 plain Huawei #
在R3的区域0中配置区域0的认证
# ospf 1 router-id 3.3.3.3 area 0.0.0.0 authentication-mode md5 1 plain Huawei #
在R5的区域0中配置区域0的认证
# ospf 1 router-id 5.5.5.5 area 0.0.0.0 authentication-mode md5 1 plain Huawei
或者第二种方法:
# ospf 1 router-id 5.5.5.5 area 0.0.0.0 area 0.0.0.35 network 5.5.5.5 0.0.0.0 network 192.168.35.0 0.0.0.255 vlink-peer 3.3.3.3 md5 1 plain Huawei 直接在后面接上认证的参数也是可以的 area 0.0.0.56 network 192.168.56.0 0.0.0.255 #
检查 看下 R5和R3之间的FULL关系是否正常
9、于R3与R4之间的链路质量较好,适当配置使得R4优先选取R3访问自身区域除外的外部网络
在R4的G0/0/0接口修改OSPF的开销值
[R4-GigabitEthernet0/0/0]dis this [V200R003C00] # interface GigabitEthernet0/0/0 ip address 192.168.24.4 255.255.255.0 ospf cost 2 #
检查
[R4]display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 12 Routes : 12 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 OSPF 10 2 D 192.168.34.3 GigabitEthernet 0/0/1 4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 192.168.24.0/24 Direct 0 0 D 192.168.24.4 GigabitEthernet 0/0/0 192.168.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 192.168.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0 192.168.34.0/24 Direct 0 0 D 192.168.34.4 GigabitEthernet 0/0/1 192.168.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1 192.168.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
10、为了减少网络流量,R1只能学习到R6环回口的路由条目汇总条目(172.16.0.0/16)
在R5的区域56当中进行路由汇总
# ospf 1 router-id 5.5.5.5 area 0.0.0.56 abr-summary 172.16.0.0 255.255.0.0 # return
检查如下
[R1]dis ip routing-table protocol ospf Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Public routing table : OSPF Destinations : 9 Routes : 10 OSPF routing table status : <Active> Destinations : 9 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 2.2.2.2/32 OSPF 10 1 D 192.168.123.2 GigabitEthernet 0/0/0 3.3.3.3/32 OSPF 10 1 D 192.168.123.3 GigabitEthernet 0/0/0 4.4.4.4/32 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 OSPF 10 2 D 192.168.123.2 GigabitEthernet 0/0/0 5.5.5.5/32 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 172.16.0.0/16 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 192.168.24.0/24 OSPF 10 2 D 192.168.123.2 GigabitEthernet 0/0/0 192.168.34.0/24 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 192.168.35.0/24 OSPF 10 2 D 192.168.123.3 GigabitEthernet 0/0/0 192.168.56.0/24 OSPF 10 3 D 192.168.123.3 GigabitEthernet 0/0/0 OSPF routing table status : <Inactive> Destinations : 0 Routes : 0
