实验拓
实验要求
1、R1-R3为区域0,R3-R4为区域1;其中R3在环回地址在区域0;
2、R1、R2各有一个环回口;
3、R1-R3中,R3为DR设备,没有BDR;
4、R4环回地址固定4.4.4.0/24 ,其他网段使用192.168.1.0/24进行合理分配;
5、R4环回不宣告,保证全网可达,保证更新安全,避免环路,减少路由条目
实验步骤
1.配IP地址
[R1]INT G0/0/0
[R1-GigabitEthernet0/0/0]IP ADD 192.168.1.1 29
[R1]INT LoopBack 0
[R1-LoopBack0]IP ADD 192.168.1.33 27
[R2]INT G0/0/0
[R2-GigabitEthernet0/0/0]IP ADD 192.168.1.2 29
[R2]INT LoopBack 0
[R2-LoopBack0]IP ADD 192.168.1.65 27
[R3]INT G0/0/0
[R3-GigabitEthernet0/0/0]IP ADD 192.168.1.3 29
[R3-GigabitEthernet0/0/0]INT G0/0/1
[R3-GigabitEthernet0/0/1]IP ADD 192.168.1.129 30
[R3]INT LoopBack 0
[R3-LoopBack0]IP ADD 192.168.1.97 27
[R4]INT G0/0/0
[R4-GigabitEthernet0/0/0]IP ADD 192.168.1.130 30
[R4]int LoopBack 0
[R4-LoopBack0]ip add 4.4.4.4 24
2.进入ospf的协议视图并配置router ID [R1]ospf 1 router-id
[R1]ospf 1 rou
[R1]ospf 1 router-id ?
IP_ADDR<X.X.X.X> OSPF Private router ID value
[R1]ospf 1 router-id 1.1.1.1
[R2]ospf 1 rou
[R2]ospf 1 router-id
[R2]ospf 1 router-id 2.2.2.2
[R3]ospf 1 rou
[R3]ospf 1 router-id 3.3.3.3
3.[R1-ospf-1]area 0.0.0.0 配置路由器的区域和网段宣告:(不精确宣告)
[R1]ospf 1 rou
[R1]ospf 1 router-id ?
IP_ADDR<X.X.X.X> OSPF Private router ID value
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]a
[R1-ospf-1]area ?
INTEGER<0-4294967295> OSPF area ID (Integer)
IP_ADDR<X.X.X.X> OSPF area ID (IP address)
[R1-ospf-1]area 0.0.0.0
[R1-ospf-1-area-0.0.0.0]net
[R1-ospf-1-area-0.0.0.0]network 192.168.1.0 ?
IP_ADDR<X.X.X.X> OSPF wild card bits
[R1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.7
[R1-ospf-1-area-0.0.0.0]net
[R1-ospf-1-area-0.0.0.0]network 192.168.1.33 ?
IP_ADDR<X.X.X.X> OSPF wild card bits
[R1-ospf-1-area-0.0.0.0]network 192.168.1.33 0.0.0.0
[R2]ospf 1 rou
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]net
[R2-ospf-1-area-0.0.0.0]network 192.168.1.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]
[R2-ospf-1-area-0.0.0.0]net
[R2-ospf-1-area-0.0.0.0]network 192.168.1.65 0.0.0.0
[R3]ospf 1
[R3-ospf-1]
[R3-ospf-1]a
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]net
[R3-ospf-1-area-0.0.0.0]network 192.168.1.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]net
[R3-ospf-1-area-0.0.0.0]network
[R3-ospf-1-area-0.0.0.0]network 192.168.1.97 0.0.0.0
[R3-ospf-1-area-0.0.0.0]quit
[R3-ospf-1]a
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]net
[R3-ospf-1-area-0.0.0.1]network 192.168.1.129 0.0.0.0
[R3-ospf-1-area-0.0.0.1]
[R3-ospf-1-area-0.0.0.1]quit
[R4]ospf 1 rou
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]net
[R4-ospf-1-area-0.0.0.1]network 192.168.1.130 0.0.0.0
dis ospf lsdb 查看本机链路状态数据库表
链路状态数据库表
display ospf peer brief 查看本机邻居简表
[R1]dis ospf p
[R1]dis ospf peer b
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full
0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
[R1]
[R2]dis ospf peer b
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
[R2]
[R3]dis ospf peer b
[R3]dis ospf peer brief
OSPF Process 1 with Router ID 3.3.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full
0.0.0.1 GigabitEthernet0/0/1 4.4.4.4 Full
----------------------------------------------------------------------------
[R3]
[R4]dis ospf peer b
[R4]dis ospf peer brief
OSPF Process 1 with Router ID 4.4.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
[R4]
此时,经检验可实现ping除4.4.4.4外的IP地址。
在 R4上输入default-route-advertise always通告一条默认路由给网络中运行OSPF的其他路由。(即强制性的给其他路由下发配置一条默认缺省)
[R4-ospf-1]de
[R4-ospf-1]default
[R4-ospf-1]default-route-advertise always
配置优先级 机选DR和BDR,降低R1,R2优先级;让R3成为DR.
[R1]INT G0/0/0
[R1-GigabitEthernet0/0/0]OSPF DR
^
Error:Incomplete command found at '^' position.
[R1-GigabitEthernet0/0/0]OSPF DR
[R1-GigabitEthernet0/0/0]OSPF dr-priority ?
INTEGER<0-255> Router priority value
[R1-GigabitEthernet0/0/0]OSPF dr-priority 0
[R2]INT G0/0/0
[R2-GigabitEthernet0/0/0]OSPF dr-priority 0
Ospf的安全认证方式:
方式1 :接口认证
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher wdy12345
方式2:区域认证
[R4-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 12345
area 0区域内:
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ospf au
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5 ?
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 ?
STRING<1-255>/<20-392> The password (key)
cipher Encryption type (Cryptogram)
plain Encryption type (Plain text)
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 ci
[R1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 12345
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 12345
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 12345
采用复制粘贴避免出现错误
area 2区域内:
[R3]ospf 1
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]au
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1?
INTEGER<1-255> Key ID
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1 ci
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher wdy12345
[R3-ospf-1-area-0.0.0.1]quit
[R3-ospf-1]
[R4]ospf 1
[R4-ospf-1]a 1
[R4-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher wdy12345
区域汇总,减少路由条目
[R3]ospf 1
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]ab
[R3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 ?
IP_ADDR<X.X.X.X> IP address mask
[R3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 255.255.255.128
[R3-ospf-1-area-0.0.0.0
汇总后进行防环
[R3]ip rou
[R3]ip route
[R3]ip route-static 192.168.1.0 25 NULL 0