OSPF路由重分发
一、OSPF路由重分发
1.路由重分发的需要注意的方面
- 度量值
- 管理距离 (优先级)
直连路由优先级为0
静态路由优先级为60
ospf优先级为10
bgp优先级为255
2.路由重分发的路径类型
区域内路径、区域外路径、类型1的外部路径和类型2的外部路径
类型一(E1):内外综合考量
类型二(E2):只注重外部路径开销
——主要用于当有2个或以上的ASBR通向同一外部网络时进行选路
- 类型1(type1或者E1),考虑的是源地点到目的地点的代价。
例如上图中AR1到AR4,可以经过AR2或AR3;AR1—AR2—AR4的代价为25(5+20),AR1—AR3—AR4代价为48(30+18),所以选择从AR2走。 - 类型2(type2或E2),只考虑外部路由的代价,思科和华为默认。
例如上图,AR1—AR2—AR4代价为20,AR1—AR3—AR4代价为18,优先从AR3走。
二、NSSA区域
1、区域内允许泛洪的LSA类型
区域类型 | 1&2 | 3 | 4&5 | 7 |
---|---|---|---|---|
骨干区域(区域0) | 允许 | 允许 | 允许 | 不允许 |
非骨干区域、非末梢区域 | 允许 | 允许 | 允许 | 不允许 |
末梢区域 | 允许 | 允许 | 不允许 | 不允许 |
完全末梢区域 | 允许 | 不允许(有一条默认路由) | 不允许 | 不允许 |
NSSA | 允许 | 允许 | 不允许 | 允许 |
2、OSPF路径和地址汇总
- 路径类型
优先级:1表示最高的优先级,4表示最低的优先级
路由表添加路由条目时,如果目的网段相同,会选择优先级高的路由条目添加到路由表中
区域内路径:优先级1
区域外路径:优先级2
类型1的外部路径:优先级3
类型2的外部路径:优先级4 - 地址汇总
优点:通过以下作用来节省资源
减少了泛洪的LSA数量
屏蔽一些网络不稳定的细节
减少路由表中的路由条目
三、OSPF的虚链路
-
虚链路
指一条通过一个非骨干区域连接到骨干区域的链路 -
虚链路的目的
通过一个非骨干区域连接一个区域到骨干区域
通过一个非骨干区域连接一个分段的骨干区域两边的部分区域
非骨干区域必须和骨干区域直接相连,若不与骨干区域直接相连,则需要在穿越一个非骨干区域的两台ABR之间配置虚链路。
虚链路的建立,是需要依靠底层的真实链路所在的区域来传输OSPF报文。所以如果底层的穿越传输区域不稳定的话,则导致上层的虚链路不稳定,影响整个网络的骨干区域的稳定性。所以,一般不建议用这种方式。如果不得不使用,那么也仅仅是临时的解决方案。
1.配置虚链路的规则及特点
- 虚链路必须配置在两台ABR路由器之间
- 传送区域不能是一个末梢区域
- 虚链路的稳定性取决于其经过的区域的稳定性
- 虚链路有助于提供逻辑冗余
四、OSPF路由重分发配置命令
[R1]rip 1
[R1-rip-1]version 2
[R1-rip-1]undo summary
[R1-rip-1]network X.X.X.X
[R1-rip-1]import-route ospf 1 cost 3
##把ospf协议注入到rip进行路由重分发,路径类型缺省为路径类型2(外部开销),成本开销为3(对于rip的度量值是跳数),rip中重分发把ospf要指定cost的值
[R1-ospf-1]ospf 1
[R1-ospf-1]import-route rip 1 type 1 cost 1
##把外部rip协议注入到ospf进行路由重分发,使用路径类型1(内部开销+外部开销),成本开销为1(cost=100M/BW)
[R1-ospf-1]defaule-route-advertise always ——# ospf重分发默认路由
[R2-ospf-1]import-route direct ——# ospf重分发直连路由
[R2-ospf-1]import-route static ——# ospf重分发静态路由
五、OSPF综合实验–静态、默认和动态(OSPF和RIP)
// R1的配置命令
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.10.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.10.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
// R2的配置命令
sysname R2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.10.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.20.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1
import-route direct
import-route static
area 0.0.0.1
network 2.2.2.2 0.0.0.0
network 192.168.20.0 0.0.0.255
#
ip route-static 1.1.1.1 255.255.255.255 192.168.10.1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
// R3的配置命令
sysname R3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.30.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.20.3 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 192.168.40.3 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
ospf 1
default-route-advertise always
import-route direct
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 192.168.30.0 0.0.0.255
area 0.0.0.1
network 192.168.20.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.40.5
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
// R4的配置命令
sysname R4
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.30.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.50.4 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
ospf 1
import-route rip 1 cost 1 type 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 192.168.30.0 0.0.0.255
#
rip 1
undo summary
default-route originate
version 2
network 192.168.50.0
import-route ospf 1 cost 5
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
// R5的配置命令
sysname R5
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.40.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.40.3
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
// R6的配置命令
sysname R6
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
undo info-center enable
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.50.6 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
#
rip 1
undo summary
version 2
network 192.168.50.0
network 6.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
实验结果: