IP第四次作业

实验拓扑及要求如下所示：
1、R4为ISP，其上只配置IP地址；R4与其他所直连设备间均使用公有IP；
2、R3-R5、R6、R7为MGRE环境，R3为中心站点；
3、整个OSPF环境IP基于172.16.0.0/16划分；除了R12有两个环回，其他路由器均有一个环回IP
4、所有设备均可访问R4的环回；
5、减少LSA的更新量，加快收敛，保障更新安全；
6、全网可达；

分析:
要完成这种大型实验，最需要的是心平气和一步步来。

实验:
1.配置IP：

最左侧R１：
 

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<R1>
<R1>
<R1>
<R1>
<R1>sys
Enter system view, return user view with Ctrl+Z.
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 172.16.33.1 24
Apr 16 2024 18:31:21-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 172.16.34.1 24

R2:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<R2>
<R2>
<R2>sys
Enter system view, return user view with Ctrl+Z.
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 172.16.33.2 24
Apr 16 2024 18:33:36-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R2-GigabitEthernet0/0/0]int l0
[R2-LoopBack0]ip add 172.16.35.1 24
R3:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.33.3 24
Apr 16 2024 18:42:57-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R3-GigabitEthernet0/0/0]int l0
[R3-LoopBack0]ip add 172.16.36.1 24
[R3-LoopBack0]int s4/0/0
[R3-Serial4/0/0]ip ad 34.0.0.1 24
区域0:
​​​​​R4:
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R4
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 47.0.0.1 24
Apr 16 2024 18:46:28-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R4-GigabitEthernet0/0/0]int l0
[R4-LoopBack0]ip add 172.16.2.1 24
[R4-LoopBack0]int s4/0/0
[R4-Serial4/0/0]ip add 34.0.0.2 24
[R4-Serial4/0/0]
Apr 16 2024 18:47:21-08:00 R4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R4-Serial4/0/0]int s4/0/1
[R4-Serial4/0/1]ip add 45.0.0.1 24
[R4-Serial4/0/1]int s3/0/0
[R4-Serial3/0/0]ip add 46.0.0.1 24
R5:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R5
[R5]

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<R5>sys
Enter system view, return user view with Ctrl+Z.
[R5]int s4/0/0
[R5-Serial4/0/0]ip add 45.0.0.2 24
[R5-Serial4/0/0]
Apr 16 2024 18:49:35-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R5-Serial4/0/0]int l0
[R5-LoopBack0]ip add 172.16.3.1 24
R6:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R6

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R6
[R6]int s4/0/0
[R6-Serial4/0/0]ip add 46.0.0.2 24
[R6-Serial4/0/0]
Apr 16 2024 18:51:43-08:00 R6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R6-Serial4/0/0]int g0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.65.1 30
Apr 16 2024 18:52:07-08:00 R6 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R6-GigabitEthernet0/0/0]int l0
[R6-LoopBack0]ip add 172.16.4.1 24
R7:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R7
[R7]

  Please check whether system data has been changed, and save data in time

  Configuration console time out, please press any key to log on

<R7>sys
Enter system view, return user view with Ctrl+Z.
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ip add 47.0.0.2 24
Apr 16 2024 18:54:37-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R7-GigabitEthernet0/0/0]int g0/0/1
[R7-GigabitEthernet0/0/1]ip ad 172.16.97.1 30
Apr 16 2024 18:56:25-08:00 R7 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R7-GigabitEthernet0/0/1]intl0
                         ^
Error: Unrecognized command found at '^' position.
[R7-GigabitEthernet0/0/1]int l0
[R7-LoopBack0]ip add 172.16.5.1 24
区域3:

R8:
[R8-GigabitEthernet0/0/1]ip add 172.16.97.5 30
Info: A similar IP subnet already exists. Please verify the current IP subnet de
sign.
[R8-GigabitEthernet0/0/1]
Apr 16 2024 19:09:36-08:00 R8 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R8-GigabitEthernet0/0/1]int g0/0/0
[R8-GigabitEthernet0/0/0]ip add 172.16.97.2 30
[R8-GigabitEthernet0/0/0]int l0
[R8-LoopBack0]ip add 172.16.98.1 24
R9:

<R9>sys
Enter system view, return user view with Ctrl+Z.
[R9]int g0/0/0
[R9-GigabitEthernet0/0/0]ip add 172.16.97.6 30
Apr 16 2024 19:16:30-08:00 R9 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R9-GigabitEthernet0/0/0]
Apr 16 2024 19:16:30-08:00 R9 ARP/4/ARP_IPCONFLICT_TRAP:OID 16777216.50331648.10
0663296.16777216.67108864.16777216.3674669056.83886080.419430400.2063597568.3355
4432.100663296 ARP detects IP conflict. (IP address=5.97.16.172, Local interface
=GigabitEthernet0/0/0, Local MAC=00e0-fc95-3db6, Local vlan=0, Local CE vlan=0, 
Receive interface=GigabitEthernet0/0/0, Receive MAC=00e0-fc0e-2499, Receive vlan
=0, Receive CE vlan=0, IP conflict type=Local IP conflict). 
[R9-GigabitEthernet0/0/0]
Apr 16 2024 19:16:30-08:00 R9 %%01ARP/4/ARP_DUPLICATE_IPADDR(l)[1]:Received an A
RP packet with a duplicate IP address from the interface. (IpAddress=5.97.16.172
, InterfaceName=GigabitEthernet0/0/0, MacAddress=00e0-fc0e-2499) 
[R9-GigabitEthernet0/0/0]int g0/0/1
[R9-GigabitEthernet0/0/1]ip add 172.16.129.1 30
Apr 16 2024 19:17:11-08:00 R9 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R9-GigabitEthernet0/0/1]int l0
[R9-LoopBack0]ip add 171.16.130.1 24
区域4:

R10:
<R10>sys
Enter system view, return user view with Ctrl+Z.
[R10]int g0/0/0
[R10-GigabitEthernet0/0/0]ip add 172.16.129.2 30
Apr 16 2024 19:19:46-08:00 R10 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R10-GigabitEthernet0/0/0]int l0
[R10-LoopBack0]ip add 172.16.131.1 24
区域2:
R11:
<R11>sys
Enter system view, return user view with Ctrl+Z.
[R11]int g0/0/0
[R11-GigabitEthernet0/0/0]ip add 172.16.65.2 30
Apr 16 2024 19:21:10-08:00 R11 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R11-GigabitEthernet0/0/0]int g0/0/1
[R11-GigabitEthernet0/0/1]ip add 172.16.65.5 30
Apr 16 2024 19:21:24-08:00 R11 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R11-GigabitEthernet0/0/1]int l0
[R11-LoopBack0]ip add 172.16.66.1 24
R12:

<R12>sys
Enter system view, return user view with Ctrl+Z.
[R12]int g0/0/0
[R12-GigabitEthernet0/0/0]ip add 172.16.65.6 30
Apr 16 2024 19:22:32-08:00 R12 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R12-GigabitEthernet0/0/0]int l0
[R12-LoopBack0]ip add 172.16.160.1 24
[R12-LoopBack0]int l1
[R12-LoopBack1]ip add 172.16.161.1 24
地址到此为止,接下来需要让公私网通,观察由于公网设备极少,故公网通快,先配置公网通:
1.公网通(静态缺省):

R3:[R3]ip route-static 0.0.0.0 0 34.0.0.2

R5:[R5]ip route-static 0.0.0.0 0 45.0.0.1

R6:[R6]ip route-static 0.0.0.0 0 46.0.0.1

R7:[R7]ip route-static 0.0.0.0 0 47.0.0.1

2.私网通(ospf协议):

R1:
[R1]ospf 1 rou    
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]a 1
[R1-ospf-1-area-0.0.0.1]net 172.16.32.0 0.0.31.255

R2:

[R2]ospf 1 rou    
[R2]ospf 1 router-id 2.2.2.2
Info: The configuration succeeded. You need to restart the OSPF process to valid
ate the new router ID.
[R2-ospf-1]a 1
[R2-ospf-1-area-0.0.0.1]net 172.16.32.0 0.0.31.255
 

R3:

[R3]ospf 1 rou    
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]net 172.16.32.0 0.0.31.255
R5:

[R5]ospf 1 rou    
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]net 172.16.0.0 0.0.31.255

R6:

[R6]ospf 1  rou    
[R6]ospf 1  router-id 6.6.6.6
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]net 172.16.0.0 0.0.31.255
[R6-ospf-1-area-0.0.0.0]q
[R6-ospf-1]q
[R6]ospf 1 rou    
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]net 172.16.64.0 0.0.31.255
 

R7:

[R7]ospf 1 rou     
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]a 0
[R7-ospf-1-area-0.0.0.0]net 172.16.0.0 0.0.31.255
[R7]ospf 1
[R7-ospf-1]a 3
[R7-ospf-1-area-0.0.0.3]net 172.16.96.0 0.0.31.255
 

R8:

[R8]ospf 1 rou    
[R8]ospf 1 router-id 8.8.8.8
[R8-ospf-1]a 3
[R8-ospf-1-area-0.0.0.3]net 172.16.96.0 0.0.31.255
 

R9:

[R9]ospf 1 rou    
[R9]ospf 1 router-id 9.9.9.9
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]net 172.16.96.0 0.0.31.255
(由于area 4不规则,所以用多线程引入)

[R9]ospf 2 rou    
[R9]ospf 2 router-id 9.9.9.9
[R9-ospf-2]a 4
[R9-ospf-2-area-0.0.0.4]net 172.16.128.0 0.0.31.255
 

R10:

[R10]ospf 2 rou    
[R10]ospf 2 router-id 10.10.10.10
[R10-ospf-2]a 4
[R10-ospf-2-area-0.0.0.4]net 172.16.128.0 0.0.31.255
 

R11:

[R11]ospf 1 rou    
[R11]ospf 1 router-id 11.11.11.11
[R11-ospf-1]a 2
[R11-ospf-1-area-0.0.0.2]net 172.16.64.0 0.0.31.255

R12:

[R12]ospf 1 rou    
[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]a 2
[R12-ospf-1-area-0.0.0.2]net 172.16.64.0 0.0.31.255
[R12-ospf-1]q
[R12]rip 1
[R12-rip-1]v 2
[R12-rip-1]undo s    
[R12-rip-1]undo silent-interface
[R12-rip-1]undo summary
[R12-rip-1]net 172.16.0.0
(注意,rip宣告只宣告网络位)

[R12]ospf 1
[R12-ospf-1]imp    
[R12-ospf-1]import-route rip
(做路由引入)

这里就已经达成成就--私网区域内通了,让我们选出各私网区域内的一个代表:

area 1-->R1:

area 2-->R11:

 area 3-->R8:

 area 4-->R10:

可以看到,在各个小区域内已然完成了通路,那么如何实现全网通呢

接下来就要请MGRE隧道登场了，以R３作为中心站点，其它作为分支站点：

Ｒ３：

[R3]int t    
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 172.16.6.1 24
[R3-Tunnel0/0/0]tu    
[R3-Tunnel0/0/0]tunnel-protocol gre p    
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R3-Tunnel0/0/0]sou    
[R3-Tunnel0/0/0]source s4/0/0
Apr 19 2024 18:45:09-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R3-Tunnel0/0/0]nhrp n    
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nhrp ent    
[R3-Tunnel0/0/0]nhrp entry m    
[R3-Tunnel0/0/0]nhrp entry multicast d    
[R3-Tunnel0/0/0]nhrp entry multicast dynamic 
R5:

[R5]int t0/0/0
[R5-Tunnel0/0/0]ip add 172.16.6.2 24
[R5-Tunnel0/0/0]tu    
[R5-Tunnel0/0/0]tunnel-protocol g    
[R5-Tunnel0/0/0]tunnel-protocol gre p    
[R5-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R5-Tunnel0/0/0]sou    
[R5-Tunnel0/0/0]source s4/0/0
Apr 19 2024 18:47:00-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R5-Tunnel0/0/0]  
[R5-Tunnel0/0/0]nhrp network-id 100
[R5-Tunnel0/0/0]nhrp e    
[R5-Tunnel0/0/0]nhrp entry 172.16.6.1 34.0.0.1 r    
[R5-Tunnel0/0/0]nhrp entry 172.16.6.1 34.0.0.1 register 
R6:

[R6]int t0/0/0
[R6-Tunnel0/0/0]ip add 172.16.6.3 24
[R6-Tunnel0/0/0]tunnel-protocol gre p    
[R6-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R6-Tunnel0/0/0]source s4/0/0
Apr 19 2024 18:51:41-08:00 R6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R6-Tunnel0/0/0]
[R6-Tunnel0/0/0]nhrp n    
[R6-Tunnel0/0/0]nhrp network-id 100
[R6-Tunnel0/0/0]nhrp en    
[R6-Tunnel0/0/0]nhrp entry 172.16.6.1 34.0.0.1 r
R7:

[R7]int t0/0/0
[R7-Tunnel0/0/0]ip add 172.16.6.4 24
[R7-Tunnel0/0/0]tu    
[R7-Tunnel0/0/0]tunnel-protocol gre p    
[R7-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R7-Tunnel0/0/0]s    
[R7-Tunnel0/0/0]set
[R7-Tunnel0/0/0]shutdown
[R7-Tunnel0/0/0]source g0/0/0
Apr 19 2024 18:55:07-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R7-Tunnel0/0/0]
[R7-Tunnel0/0/0]nhrp n    
[R7-Tunnel0/0/0]nhrp network-id 100
[R7-Tunnel0/0/0]nhrp e                          
[R7-Tunnel0/0/0]nhrp entry 172.16.6.1 34.0.0.1 r    
[R7-Tunnel0/0/0]nhrp entry 172.16.6.1 34.0.0.1 register 
隧道搭建完毕,接下来应该启动路由协议--------ospf:

R3:

[R3]ospf 1
[R3-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 3.3.3.3 
 area 0.0.0.1 
  network 172.16.32.0 0.0.31.255 
#
return
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
R5:

[R5]ospf 1
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]

R6:
[R6]ospf 1
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R6-ospf-1-area-0.0.0.0]

R7:

[R7]ospf 1
[R7-ospf-1]a 0 
[R7-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R7-ospf-1-area-0.0.0.0]

然而,由于dr和bdr选举和p2p模式等一系列问题,导致私网之间仍不能相互通信,所以我们需要解决这些个问题:

首先是p2p模式:
将Tunnel接口ospf模式 改为broadcast

R3:

[R3-Tunnel0/0/0]ospf 
Apr 19 2024 19:05:44-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[3]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.6.16.172, Neighbo
rEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full) 
[R3-Tunnel0/0/0]ospf n    
[R3-Tunnel0/0/0]ospf network-type b    
[R3-Tunnel0/0/0]ospf network-type broadcast

R5:

[R5]int t0/0/0
[R5-Tunnel0/0/0]ospf n    
[R5-Tunnel0/0/0]ospf network-type b    
[R5-Tunnel0/0/0]ospf network-type broadcast 
R6:

[R6]int t0/0/0
[R6-Tunnel0/0/0]ospf n    
[R6-Tunnel0/0/0]ospf network-type b    
[R6-Tunnel0/0/0]ospf network-type broadcast 
R7:

[R7]int t0/0/0
[R7-Tunnel0/0/0]ospf n b
于是我们发现,刚才还静悄悄的界面突然被消息轰炸:

下面是dr和bdr选举混乱:

取消一些站点(分支站点)的选举资格:

[R5]int t0/0/0
[R5-Tunnel0/0/0]ospf dr    
[R5-Tunnel0/0/0]ospf dr-priority 0
对R5,R6,R7都像这样配置即可:

观察一下邻居表(R3):

R5(只会和中心站点建联):

观察一下路由表情况(以R1为例):

可以看到,基本学习完毕.

但经过观察,我们发现部分路由似乎并未被学习到,这是因为我们并未做路由引入:
在R9上:

[R9]ospf 1
[R9-ospf-1]im    
[R9-ospf-1]import-route ospf 2
[R9-ospf-1]q
[R9]ospf 2
[R9-ospf-2]im    
[R9-ospf-2]import-route ospf 1

将进程1和进程2互相引入,再次查看:
R1:

R10:

随机ping也可以实现:

接下来是所有设备均可访问R4的环回:

R3:

[R3]acl 2000
[R3-acl-basic-2000]rule pe    
[R3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R3-acl-basic-2000]q
[R3]
[R3]int s4/0/0
[R3-Serial4/0/0]nat out    
[R3-Serial4/0/0]nat outbound 2000
[R3-Serial4/0/0]q
R5:

[R5]acl 2000
[R5-acl-basic-2000]rule p    
[R5-acl-basic-2000]rule permit s    
[R5-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R5-acl-basic-2000]q
[R5]int s4/0/0
[R5-Serial4/0/0]nat o    
[R5-Serial4/0/0]nat outbound 2000
R6:

[R6]acl 2000
[R6-acl-basic-2000]r    
[R6-acl-basic-2000]rule p    
[R6-acl-basic-2000]rule permit s    
[R6-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R6-acl-basic-2000]q
[R6]nat o    
[R6]nat overlap-address 
[R6]int s4/0/0
[R6-Serial4/0/0]nat o    
[R6-Serial4/0/0]nat outbound 2000
R7:

[R7]acl 2000
[R7-acl-basic-2000]rule p    
[R7-acl-basic-2000]rule permit s    
[R7-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R7-acl-basic-2000]q
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]nat o    
[R7-GigabitEthernet0/0/0]nat outbound 2000
[R7-GigabitEthernet0/0/0]

接下来配置一个缺省,但我们先完成后面的内容
 

接下来是减少LSA的更新量,做路由聚合:
先做abr聚合:
R3:

[R3]ospf 1
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]abr-su    
[R3-ospf-1-area-0.0.0.1]abr-summary 172.16.32.0 255.255.224.0
R6:

[R6]ospf 1
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]abr-su    
[R6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0
R7:

[R7]ospf 1
[R7-ospf-1]a 3
[R7-ospf-1-area-0.0.0.3]abr-su    
[R7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0
接下来是域外路由聚合:
R9:

[R9]ospf 1
[R9-ospf-1]asbr-su    
[R9-ospf-1]asbr-summary 172.16.128.0 255.255.224.0
R12:

[R12]ospf 1
[R12-ospf-1]asbr-s    
[R12-ospf-1]asbr-summary 172.16.160.0 255.255.224.0
接下来观察新的路由表(R2):

缩减了一部分了,但是不够,接下来我们需要将它们设置成特殊区域:
area 1:

[R3]ospf 1
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]stu    
[R3-ospf-1-area-0.0.0.1]stub no-s    
[R3-ospf-1-area-0.0.0.1]stub no-summary

还有R1和R2也这样配,每个区域中所有路由器都像我写的例子一样

area 2:

[R11]ospf 1
[R11-ospf-1]a 2
[R11-ospf-1-area-0.0.0.2]nssa no-s
 

area 3:

[R9]ospf 1
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]nssa no-s
来观察R1的路由情况:

可以观察到表极度精简,它被改编成了一个缺省路由,而前面提过我们仅差一个缺省路由,故让我们ping一下R4环回:

完美解决,但还有一个问题,让我们观察R10:

由于没有相关明细,所以没有其他网段路由,让我们为他配置一条缺省:
[R9]ospf 2
[R9-ospf-2]d    
[R9-ospf-2]default-r       
[R9-ospf-2]default-route-advertise

再次观察R10:

接下来是加快网络收敛:
缩短hello时间:
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ospf tim    
[R1-GigabitEthernet0/0/0]ospf timer hello 5

像这样

让我们看看全网通情况(用R1去ping其它的):

最后保障更新安全(做区域认证):

[R6]ospf 1
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]au    
[R6-ospf-1-area-0.0.0.2]authentication-mode  md5 1 c    
[R6-ospf-1-area-0.0.0.2]authentication-mode  md5 1 cipher 123
 

问题被解决,实验结束.