OSPF综合实验

 具体配置及思路如下：

分配网段：

172.16.0.0/16（主网段）

在一般网络中用户数量不宜过多，一般网络掩码为24 –-25-- 26 最为常见，否则网络会卡顿延迟较大

以下为每个区域网络具体划分：

172.16.0.0/19 --（A0）

172.16.0.0/24 --- P2P（点到点的网络环境）

172.16.0.0/30

172.16.0.4/30

172.16.1.0/24--- MA

172.16.2.0/24---（用户网段或环回）

…

172.16.31.0/24

以下划分与A0相似不做具体划分

172.16.32.0/19 -- （A1）

172.16.32.0/24

172.16.33.0/24

172.16.34.0/24

..

172.16.63.0/24

172.16.64.0/19 --（A2）

172.16.96.0/19 --（A3）

172.16.128.0/19 --（A4）

172.16.160.0/19 --（rip）

 

 

 

172.16.192.0/19（备用）

172.16.224.0/19（备用）

 

大概配置思路：

第一步配置所有路由器的IP地址,

第二步给a0区域内除ISP设备配置缺省保证其两两之间可以正常通信

第三步配置MGRE环境让r3做中心站点

第四步启动ospf进程和rip进程

第五步在r9和a12上做双向重发布导入外部路由信息并手工汇总

第六步在a1区域做stub区域在a2,a3区域做nssa区域减少LSA更新量

第七步加快收敛速度（因为在具体配置时把a0区域的接口类型改为了p2mp类型hello时间为30秒

所以需要加快收敛速度）

第八步保障更新安全，也就是做ospf接口认证

第九步做nat保证全网可达，又因为做了汇总所以还要在汇总路由器上配置空接口防止黑洞

每台路由器具体配置命令如下：

R1

interface GigabitEthernet0/0/0

 ip address 172.16.33.1 255.255.255.248

#

interface LoopBack0

 ip address 172.16.34.1 255.255.255.0

#

ospf 1 router-id 1.1.1.1

 area 0.0.0.1

  network 172.16.0.0 0.0.255.255

  stub

 

部分配置过程图片：

 

r2

interface GigabitEthernet0/0/0

 ip address 172.16.33.2 255.255.255.248

#

interface LoopBack0

 ip address 172.16.35.1 255.255.255.0

#

ospf 1 router-id 2.2.2.2

 area 0.0.0.1

  network 172.16.0.0 0.0.255.255

  stub

 

 

r3

acl number 2000  

 rule 5 permit source 172.16.0.0 0.0.255.255

#

interface Serial4/0/0

 link-protocol ppp

 ip address 34.0.0.1 255.255.255.0

 nat outbound 2000

#

interface GigabitEthernet0/0/0

 ip address 172.16.33.3 255.255.255.248

#

interface LoopBack0

 ip address 172.16.36.1 255.255.255.0

#

interface Tunnel0/0/0

 ip address 172.16.1.1 255.255.255.248

 tunnel-protocol gre p2mp

 source 34.0.0.1

 ospf network-type p2mp

 ospf timer hello 10

 nhrp entry multicast dynamic

 nhrp network-id 100

#

ospf 1 router-id 3.3.3.3

 area 0.0.0.0

  network 172.16.1.1 0.0.0.0

 area 0.0.0.1

  abr-summary 172.16.32.0 255.255.224.0

  network 172.16.33.3 0.0.0.0

  network 172.16.36.1 0.0.0.0

  stub no-summary

#

ip route-static 0.0.0.0 0.0.0.0 34.0.0.2

ip route-static 172.16.32.0 255.255.224.0 NULL0

 

 

r4

interface Serial3/0/0

 link-protocol ppp

 ip address 46.0.0.2 255.255.255.0

#

interface Serial4/0/0

 link-protocol ppp

 ip address 34.0.0.2 255.255.255.0

#

interface Serial4/0/1

 link-protocol ppp

 ip address 45.0.0.2 255.255.255.0

#

interface GigabitEthernet0/0/0

 ip address 47.0.0.2 255.255.255.0

#

interface LoopBack0

 ip address 4.4.4.4 255.255.255.0

 

r5

acl number 2000  

 rule 5 permit source 172.16.0.0 0.0.255.255

#

interface Serial4/0/0

 link-protocol ppp

 ip address 45.0.0.1 255.255.255.0

nat outbound 2000

#

interface LoopBack0

 ip address 172.16.2.1 255.255.255.0

#

interface Tunnel0/0/0

 ip address 172.16.1.2 255.255.255.248

 tunnel-protocol gre p2mp

 source Serial4/0/0

 ospf network-type p2mp

 ospf timer hello 10

 nhrp network-id 100

 nhrp entry 172.16.1.1 34.0.0.1 register

#

ospf 1 router-id 5.5.5.5

 area 0.0.0.0

  network 172.16.0.0 0.0.255.255

#

ip route-static 0.0.0.0 0.0.0.0 45.0.0.2

 

 

 

r6

acl number 2000  

 rule 5 permit source 172.16.0.0 0.0.255.255

#

interface Serial4/0/0

 link-protocol ppp

 ip address 46.0.0.1 255.255.255.0

 nat outbound 2000

#

interface GigabitEthernet0/0/0

 ip address 172.16.65.1 255.255.255.248

#

interface LoopBack0

 ip address 172.16.3.1 255.255.255.0

#

interface Tunnel0/0/0

 ip address 172.16.1.3 255.255.255.248

 tunnel-protocol gre p2mp

 source Serial4/0/0

 ospf network-type p2mp

 ospf timer hello 10

 nhrp network-id 100

 nhrp entry 172.16.1.1 34.0.0.1 register

#

ospf 1 router-id 6.6.6.6

 area 0.0.0.0

  network 172.16.0.0 0.0.3.255

 area 0.0.0.2

  abr-summary 172.16.64.0 255.255.224.0

  network 172.16.65.1 0.0.0.0

  nssa no-summary

#

ip route-static 0.0.0.0 0.0.0.0 46.0.0.2

ip route-static 172.16.64.0 255.255.224.0 NULL0

 

 

r7

 

[V200R003C00]

acl number 2000  

 rule 5 permit source 172.16.0.0 0.0.255.255

#

interface GigabitEthernet0/0/0

 ip address 47.0.0.1 255.255.255.0

 nat outbound 2000

#

interface GigabitEthernet0/0/1

 ip address 172.16.97.1 255.255.255.248

 ospf authentication-mode md5 1 cipher %$%$Hg}0+XMr\(#2PE2%aF&<tMQ`%$%$

#

interface LoopBack0

 ip address 172.16.4.1 255.255.255.0

#

interface Tunnel0/0/0

 ip address 172.16.1.4 255.255.255.248

 tunnel-protocol gre p2mp

 source GigabitEthernet0/0/0

 ospf network-type p2mp

 ospf timer hello 10

 nhrp network-id 100

 nhrp entry 172.16.1.1 34.0.0.1 register

#

ospf 1 router-id 7.7.7.7

 area 0.0.0.0

  network 172.16.0.0 0.0.7.255

 area 0.0.0.3

  abr-summary 172.16.96.0 255.255.224.0

  network 172.16.97.1 0.0.0.0

  nssa no-summary

#

ip route-static 0.0.0.0 0.0.0.0 47.0.0.2

ip route-static 172.16.96.0 255.255.224.0 NULL0

 

 

r8

interface GigabitEthernet0/0/0

 ip address 172.16.97.2 255.255.255.248

 ospf authentication-mode md5 1 cipher %$%$&ig99p3~;PTvg}EDs_e<tN#g%$%$

#

interface GigabitEthernet0/0/1

 ip address 172.16.97.9 255.255.255.248

#

interface LoopBack0

 ip address 172.16.98.1 255.255.255.0

#

ospf 1 router-id 8.8.8.8

 area 0.0.0.3

  network 172.16.0.0 0.0.255.255

  nssa

#

 

 

 

R9

interface GigabitEthernet0/0/0

 ip address 172.16.97.10 255.255.255.248

#

interface GigabitEthernet0/0/1

 ip address 172.16.129.1 255.255.255.248

#

interface LoopBack0

 ip address 172.16.130.1 255.255.255.0

#

ospf 1 router-id 9.9.9.9

 asbr-summary 172.16.128.0 255.255.224.0

 import-route ospf 2

 area 0.0.0.3

  network 172.16.97.10 0.0.0.0

  nssa

#

ospf 2 router-id 9.9.9.9

 area 0.0.0.4

  network 172.16.128.0 0.0.3.255

#

ip route-static 172.16.128.0 255.255.224.0 NULL0

 

 

r10

 

interface GigabitEthernet0/0/0

 ip address 172.16.129.2 255.255.255.248

#

interface LoopBack0

 ip address 176.16.131.1 255.255.255.0

#

ospf 1 router-id 10.10.10.10

 area 0.0.0.4

  network 172.16.0.0 0.0.255.255

#

ip route-static 0.0.0.0 0.0.0.0 172.16.129.1

 

 

r11

 

interface GigabitEthernet0/0/0

 ip address 172.16.65.2 255.255.255.248

#

interface GigabitEthernet0/0/1

 ip address 172.16.65.9 255.255.255.248

#

interface LoopBack0

 ip address 172.16.66.1 255.255.255.0

#

ospf 1 router-id 11.11.11.11

 area 0.0.0.2

  network 172.16.0.0 0.0.255.255

  nssa

 

 

r12

 

interface GigabitEthernet0/0/0

 ip address 172.16.65.10 255.255.255.248

#

interface LoopBack0

 ip address 172.16.160.1 255.255.240.0

#

interface LoopBack1

 ip address 172.16.176.1 255.255.240.0

#

ospf 1 router-id 12.12.12.12

 asbr-summary 172.16.160.0 255.255.224.0

 import-route rip 1

 area 0.0.0.2

  network 172.16.65.10 0.0.0.0

  nssa

#

rip 1

 version 2

 network 172.16.0.0

#

ip route-static 172.16.160.0 255.255.224.0 NULL0