OSPF综合实验:
拓扑:
实验需求:
1、配置AR1,AR2,AR3,AR11 OSPF区域0,要求最快收敛
2、将R2的环回口LO 10引入OSPF区域,R10的环回口LO10宣告进RIP,
3、将R7,R8的环回口的10网段引入进OSPF,其他非Area 40区域不能看到10网段的明细路由,Area40不能有2,3 ,4,5类LSA,(默认路由除外),但是可以访问100.100.100.100
答:
total nssa没有3,4,5类LSA,不能有2类LSA将链路类型改为P2MP
4、Area 0做MD5认证,密码为Huawei@123
答:
在AR1,AR2.AR3,AR6.AR9上执行如下命令
ospf 10
a 0
authentication-mode md5 1 cipher Huawei@123
5、R5将RIP引入OSPF路由,其他各站点都可以访问100.100.100.100
6、R2的环回口LO10通过串行路访问100.100.100.100网络,串行链路出现故障后要通过R4-R9-R1访问
答:
通过area20和area50访问100.100.100.100,当串行链路没断开时,两条路径改开销值让其走串口链路
7、全网互通
备注:每个设备都配置Lo 0接口为router-id,Lo 0接口的地址为x.x.x.x/32,例如R1的地址为1.1.1.1/32
步骤:
如上图,先把各自ip配置好
[AR1]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 5
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 5
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 15.1.1.1/24 up up
GigabitEthernet0/0/1 19.1.1.1/24 up up
LoopBack0 1.1.1.1/32 up up(s)
Serial1/0/0 172.16.10.1/24 up up
[ARR10]display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 51.1.1.10/24 up up
LoopBack0 10.10.10.10/32 up up(s)
LoopBack10 100.100.100.100/32 up up(s)
<AR7>display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 192.168.10.2/24 up up
LoopBack0 7.7.7.7/32 up up(s)
LoopBack10 10.1.0.1/24 up up(s)
LoopBack11 10.1.1.1/24 up up(s)
配置RIP
配置AR5和AR10
[AR5]dis current configuration rip
[V200R003C00]
#
rip 1
undo summary
version 2
network 51.0.0.0
import-route ospf 10
#
return
[AR5]dis current configuration ospf
[V200R003C00]
#
ospf 1
#
ospf 10 router-id 5.5.5.5
import-route rip 1
area 0.0.0.10
network 5.5.5.5 0.0.0.0
network 15.1.1.5 0.0.0.0
#
return
[ARR10]dis current configuration rip
[V200R003C00]
#
rip 1
undo summary
version 2
network 51.0.0.0
network 100.0.0.0
network 10.0.0.0
#
return
配置AR6和AR7,AR8
[AR6-GigabitEthernet0/0/1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1
ip address 192.168.10.1 255.255.255.0
ospf network-type p2mp #使得area40区域没有2类lsa
#
return
[AR6]dis current configuration ospf
[V200R003C00]
#
ospf 10 router-id 6.6.6.6
asbr-summary 10.1.0.0 255.255.252.0 #汇总路由,非Area 40区域不能看到10网段的明细路由
area 0.0.0.0
authentication-mode md5 1 cipher %$%$%GE7!5={*6q9`c'/je~TZ)_s%$%$ #Area 0做MD5认证
area 0.0.0.30
network 6.6.6.6 0.0.0.0
network 36.1.1.6 0.0.0.0
vlink-peer 3.3.3.3 #和AR3建立虚连接,使得有4类LSA,即拥有拓扑信息。使得AR6也称为ABR以便下放默认路由
area 0.0.0.40
network 192.168.10.0 0.0.0.255
nssa no-summary #使得area40区域没有3,4,5类LSA
#
return
[AR7-GigabitEthernet0/0/0]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0
ip address 192.168.10.2 255.255.255.0
ospf network-type p2mp #使得area40区域没有2类lsa
#
return
[AR7]dis current configuration acl
[V200R003C00]
#
acl number 2001
rule 5 permit source 10.1.0.0 0.0.3.255
#
return
[AR7]dis current configuration route-policy
[V200R003C00]
#
route-policy Import-dir permit node 10
if-match acl 2001
#
return
[AR7]dis current configuration ospf
[V200R003C00]
#
ospf 10 router-id 7.7.7.7
import-route direct route-policy Import-dir #引入10网路的路由信息
area 0.0.0.10
area 0.0.0.40
network 7.7.7.7 0.0.0.0
network 192.168.10.0 0.0.0.255
nssa
#
return
[AR8-GigabitEthernet0/0/0]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0
ip address 192.168.10.3 255.255.255.0
ospf network-type p2mp #使得area40区域没有2类lsa
#
return
[AR8]dis current configuration acl
[V200R003C00]
#
acl number 2001
rule 5 permit source 10.1.0.0 0.0.3.255
#
return
[AR8]dis current configuration route-policy
[V200R003C00]
#
route-policy Import-dir permit node 10
if-match acl 2001
#
return
[AR8]dis current configuration ospf
[V200R003C00]
#
ospf 10 router-id 8.8.8.8
import-route direct route-policy Import-dir
area 0.0.0.40
network 8.8.8.8 0.0.0.0
network 192.168.10.0 0.0.0.255
nssa
#
return
第6个问题:
1、区域50中AR1 和AR9建立虚连接,区域20中 AR9和 AR2建立虚连接
2、更改开销值,使得当串口(默认开销值48)路由没有故障时,以便走串口访问100.100.100.100
[AR1-ospf-10-area-0.0.0.50]dis th
[V200R003C00]
#
area 0.0.0.50
network 19.1.1.1 0.0.0.0
vlink-peer 9.9.9.9
#
return
[AR9-ospf-10-area-0.0.0.50]dis th
[V200R003C00]
#
area 0.0.0.50
network 9.9.9.9 0.0.0.0
network 19.1.1.9 0.0.0.0
vlink-peer 1.1.1.1
#
return
[AR9-ospf-10-area-0.0.0.20]dis th
[V200R003C00]
#
area 0.0.0.20
network 49.1.1.9 0.0.0.0
vlink-peer 2.2.2.2
#
return
[AR2-ospf-10-area-0.0.0.20]dis th
[V200R003C00]
#
area 0.0.0.20
network 24.1.1.2 0.0.0.0
vlink-peer 9.9.9.9
#
return
[AR2-GigabitEthernet0/0/0]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/0
ip address 24.1.1.2 255.255.255.0
ospf cost 100
#
return
[AR1-GigabitEthernet0/0/1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1
ip address 19.1.1.1 255.255.255.0
ospf cost 100
#
return