MGRE环境的ospf实验

实验要求:

实验步骤:

搭建拓扑

配置ip

因为题目没有要求，ip地址就随意，不起冲突即可

全网可达

配置路由器的接口ip

r1的配置：

<Huawei>sys
[Huawei]sys r1
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 22.0.0.1 8
[r1-GigabitEthernet0/0/0]int g0/0/1
[r1-GigabitEthernet0/0/1]ip add 12.0.0.1 8
[r1-GigabitEthernet0/0/1]int l0
[r1-LoopBack0]ip add 192.168.1.1 24

r2的配置：

<Huawei>sys
[Huawei]sys r2
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 32.0.0.1 8
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ip add 192.168.2.1 24

r3的配置：

<Huawei>sys
[Huawei]sys r2
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 32.0.0.1 8
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ip add 192.168.2.1 24

r4的配置:

<Huawei>sys
[Huawei]sysname r4
[r4]int g0/0/0 
[r4-GigabitEthernet0/0/0]ip address 52.0.0.1 8
[r4-GigabitEthernet0/0/0]int l0
[r4-LoopBack0]ip address 192.168.4.1 24
[r4-LoopBack0]display ip interface brief

r5的配置:

<Huawei>sys
[Huawei]sysname r5
[r5]int g
[r5]int GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ip address 62.0.0.1 8
[r5-GigabitEthernet0/0/0]int l0
[r5-LoopBack0]ip address 192.168.5.1 24
[r5-LoopBack0]disp ip interface brief 

r6的配置:

<Huawei>sys
[Huawei]sysname r5
[r5]int g
[r5]int GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ip address 62.0.0.1 8
[r5-GigabitEthernet0/0/0]int l0
[r5-LoopBack0]ip address 192.168.5.1 24
[r5-LoopBack0]disp ip interface brief 

检查是否配置正确:

配置接口nat

r1的路由出口:

<Huawei>sys
[Huawei]sysname r5
[r5]int g
[r5]int GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ip address 62.0.0.1 8
[r5-GigabitEthernet0/0/0]int l0
[r5-LoopBack0]ip address 192.168.5.1 24
[r5-LoopBack0]disp ip interface brief 

r2的路由出口:

[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[r2-acl-basic-2000]int g0/0/0
[r2-GigabitEthernet0/0/0]nat outbound 2000

r3的路由出口:

[r3]acl 2000
[r3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[r3-acl-basic-2000]int g0/0/0
[r3-GigabitEthernet0/0/0]nat outbound 2000

r4的路由出口:

[r4]acl 2000
[r4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255
[r4-acl-basic-2000]int g0/0/0 
[r4-GigabitEthernet0/0/0]nat outbound 2000

r5的路由出口:

[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.5.0 0.0.0.255
[r5-acl-basic-2000]int g0/0/0
[r5-GigabitEthernet0/0/0]nat outbound 2000

配置缺省路由

r1的配置:

[r1]ip route-static 0.0.0.0 0 12.0.0.2
[r1]ip route-static 0.0.0.0 0 22.0.0.2
[r1]display ip routing-table protocol static

r2的配置:

[r2]ip route-static 0.0.0.0 0 32.0.0.2 

[r2]display ip routing-table protocol static

r3的配置:

[r3]ip route-static 0.0.0.0 0 42.0.0.2
[r3]display ip routing-table protocol static

r4的配置:

[r4]ip route-static 0.0.0.0 0 52.0.0.2
[r4]display ip routing-table protocol static

r5的配置:

[r5]ip route-static 0.0.0.0 0 62.0.0.2
[r5]display ip routing-table protocol static

配置r1、r4和r5的全连MGRE环境

创建tunnel接口，选择点到多点协议，网络ID，开启伪广播

network-id： 网络ID，以区分不同的NHRP网络

因为r1、r4和r5是全连MGRE环境，所以它们的公有ip都是固定的，这样的话，它们的源地址（source 62.0.0.1）选择是公有ip。

因为r1、r4和r5是全连MGRE环境，它们三个都需要直接知道彼此的目标地址，不经过中间方。它们都开启了伪广播。

r1的配置：

[r1-LoopBack0]int t0/0/1
[r1-Tunnel0/0/1]ip address 192.168.7.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/1]source 12.0.0.1
[r1-Tunnel0/0/1]nhrp network-id 100
[r1-Tunnel0/0/1]nhrp entry multicast dynamic 

r4的配置：

[r1-LoopBack0]int t0/0/1
[r1-Tunnel0/0/1]ip address 192.168.7.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/1]source 12.0.0.1
[r1-Tunnel0/0/1]nhrp network-id 100
[r1-Tunnel0/0/1]nhrp entry multicast dynamic 

r5的配置：

[r1-LoopBack0]int t0/0/1
[r1-Tunnel0/0/1]ip address 192.168.7.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/1]source 12.0.0.1
[r1-Tunnel0/0/1]nhrp network-id 100
[r1-Tunnel0/0/1]nhrp entry multicast dynamic 

配置r1、r2和r3的星型结构

创建tunnel接口，选择点到多点协议，网络ID，开启伪广播

network-id： 网络ID，以区分不同的NHRP网络

因为r1、r2和r3是星型结构，所以除了中心之外，其它的公有ip不固定，它的source选择的连接公网接口（source GigabitEthernet 0/0/0）。

因为r1、r2和r3是星型结构，所以就中心开启（nhrp entry multicast dynamic ），其它就向中心注册（nhrp entry 192.168.6.1 22.0.0.1 register ），由中心告诉其它的路由

r1的配置：

[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.6.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/0]source 22.0.0.1
[r1-Tunnel0/0/0]nhrp network-id 200
[r1-Tunnel0/0/0]nhrp entry multicast dynamic 
[r1-Tunnel0/0/0]display this 

r2的配置：

[r2]int Tunnel 0/0/0
[r2-Tunnel0/0/0]ip address 192.168.6.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r2-Tunnel0/0/0]source GigabitEthernet 0/0/0
[r2-Tunnel0/0/0]nhrp network-id 200
[r2-Tunnel0/0/0]nhrp entry 192.168.6.1 22.0.0.1 register 
[r2-Tunnel0/0/0]display this

r3的配置：

[r3]int t0/0/0
[r3-Tunnel0/0/0]ip address 192.168.6.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source GigabitEthernet 0/0/0
[r3-Tunnel0/0/0]nhrp network-id 200
[r3-Tunnel0/0/0]nhrp entry 192.168.6.1 22.0.0.1 register 
[r3-Tunnel0/0/0]display this 

通过ospf动态协议配置路由表（标题说法不太对）

可以将r1、r2、r3、r4、r5划分成两个区域，r1、r4、r5为区域0（area 0），r1、r2、r3为区域1(area 1)。先将他们的接口网络类型修改成（broadcast ），因为r1、r4、r5是全连的MGRE，它们互相都能伪广播，不需要修改接口优先级，正常进行DR/BDR的选举即可。而r1、r2、r3为星型结构，r2和r3之间不能正常通信，导致不能正常进行DR/BDR选举，需要修改2和r3的接口优先级为0，使其丧失选举权。然后正常配置ospf的区域和宣告即可。

r1的配置：

[r3]int t0/0/0
[r3-Tunnel0/0/0]ip address 192.168.6.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source GigabitEthernet 0/0/0
[r3-Tunnel0/0/0]nhrp network-id 200
[r3-Tunnel0/0/0]nhrp entry 192.168.6.1 22.0.0.1 register 
[r3-Tunnel0/0/0]display this 

r2的配置:

[r2]int t0/0/0
[r2-Tunnel0/0/0]ospf network-type broadcast 
[r2-Tunnel0/0/0]ospf dr-priority 0
[r2-Tunnel0/0/0]ospf
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]network 192.168.2.0 0.0.0.255
[r2-ospf-1-area-0.0.0.1]network 192.168.6.0 0.0.0.255

r3的配置:

[r3]int t0/0/0
[r3-Tunnel0/0/0]ospf network-type broadcast 
[r3-Tunnel0/0/0]ospf dr-priority 0
[r3-Tunnel0/0/0]ospf
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]network 192.168.3.0 0.0.0.255
[r3-ospf-1-area-0.0.0.1]network 192.168.6.0 0.0.0.255

r4的配置:

[r4]int t0/0/0
[r4-Tunnel0/0/0]ospf network-type broadcast 
[r4-Tunnel0/0/0]ospf 
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255
[r4-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255

r5的配置:

[r5]int t0/0/0
[r5-Tunnel0/0/0]ospf network-type broadcast 
[r5-Tunnel0/0/0]ospf
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[r5-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255

检测