MGRE环境下的OSPF实验

题目

分析

1、r1-r5每个路由器要配置环回网段；
2、r1、r4、r5要做全连的mgre结构，即这三台设备每台设备即做中心，也要做分支，两两之间互相注册，三个设备都要开启伪广播；
3、r1、r2、r3也需要构建隧道，在OSPF下的操作，r1为中心，其余两台设备为分支；
4、是OSPF的协议下，注意其出现问题的解决。

配置

1、公网ip、环回和缺省的配置

r1

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r1
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 15.0.0.1 24
[r1-GigabitEthernet0/0/0]q
[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]ip address 25.0.0.1 24
[r1-GigabitEthernet0/0/1]q
[r1]interface LoopBack 0	
[r1-LoopBack0]ip address 192.168.1.1 32

[r1]ip route-static 0.0.0.0 0 15.0.0.2
[r1]ip route-static 0.0.0.0 0 25.0.0.2

r2

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r2
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ip address 35.0.0.1 24
[r2-GigabitEthernet0/0/0]q
[r2]interface LoopBack 0	
[r2-LoopBack0]ip address 192.168.2.1 32

[r2]ip route-static 0.0.0.0 0 35.0.0.2

r3

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r3
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]ip address 45.0.0.1 24
[r3-GigabitEthernet0/0/0]q
[r3]interface LoopBack 0
[r3-LoopBack0]ip address 192.168.3.1 32

[r3]ip route-static 0.0.0.0 0 45.0.0.2

r4

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r4
[r4]interface GigabitEthernet 0/0/0
[r4-GigabitEthernet0/0/0]ip address 55.0.0.1 24
[r4-GigabitEthernet0/0/0]q
[r4]interface LoopBack 0
[r4-LoopBack0]ip address 192.168.4.1 32

[r4]ip route-static 0.0.0.0 0 55.0.0.2

r5

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r5
[r5]interface GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ip address 65.0.0.1 24
[r5-GigabitEthernet0/0/0]q
[r5]interface LoopBack 0
[r5-LoopBack0]ip address 192.168.5.1 32

[r5]ip route-static 0.0.0.0 0 65.0.0.2

r6

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys r6
[r6]interface GigabitEthernet 0/0/0
[r6-GigabitEthernet0/0/0]ip address 15.0.0.2 24

[r6-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[r6-GigabitEthernet0/0/1]ip address 25.0.0.2 24

[r6-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[r6-GigabitEthernet0/0/2]ip address 65.0.0.2 24

[r6-GigabitEthernet0/0/2]q

[r6]interface GigabitEthernet 6/0/0
[r6-GigabitEthernet6/0/0]ip address 35.0.0.2 24

[r6-GigabitEthernet6/0/0]interface GigabitEthernet 6/0/1
[r6-GigabitEthernet6/0/1]ip address 45.0.0.2 24

[r6-GigabitEthernet6/0/1]interface GigabitEthernet 6/0/2
[r6-GigabitEthernet6/0/2]ip address 55.0.0.2 24

检查公网是否ping通

2、配置私网

r1作为中心时，r4、r5为分支

[r1]interface t	
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.6.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 15.0.0.1
[r1-Tunnel0/0/0]nhrp network-id 1

//分支
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]ip address 192.168.6.2 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp
[r4-Tunnel0/0/0]source 55.0.0.1
[r4-Tunnel0/0/0]nhrp network-id 1
[r4-Tunnel0/0/0]nhrp entry 192.168.6.1 15.0.0.1 register 

[r5]interface Tunnel 0/0/0
[r5-Tunnel0/0/0]ip address 192.168.6.3 24
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp
[r5-Tunnel0/0/0]source 65.0.0.1
[r5-Tunnel0/0/0]nhrp network-id 1	
[r5-Tunnel0/0/0]nhrp entry 192.168.6.1 15.0.0.1 register

r4作为中心时，r1、r5为分支

[r1-Tunnel0/0/0]nhrp entry 192.168.6.2 55.0.0.1 register
Info: This peer protocol address conflicts with hub register peer protocol addre
ss. 

[r5-Tunnel0/0/0]nhrp entry 192.168.6.2 55.0.0.1 register 

r5作为中心时，r1、r4为分支

[r1-Tunnel0/0/0]nhrp entry 192.168.6.3 65.0.0.1 register
Info: This peer protocol address conflicts with hub register peer protocol addre
ss. 

[r4-Tunnel0/0/0]nhrp entry 192.168.6.3 65.0.0.1 register
Info: This peer protocol address conflicts with hub register peer protocol addre
ss.

若删除r5中的nhrp network-id 1，则上面两条注册指令会配置成功。

检查r1、r4、r5私网是否ping通

r1与r4

r1与r5

r1为中心，r2、r3为分支时

[r1]interface Tunnel 0/0/1
[r1-Tunnel0/0/1]ip address 192.168.7.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp
[r1-Tunnel0/0/1]source 25.0.0.1
[r1-Tunnel0/0/1]nhrp network-id 2

//分支
[r2]interface Tunnel 0/0/0	
[r2-Tunnel0/0/0]ip address 192.168.7.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r2-Tunnel0/0/0]source 35.0.0.1
[r2-Tunnel0/0/0]nhrp network-id 2
[r2-Tunnel0/0/0]nhrp entry 192.168.7.1 25.0.0.1 register 

[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 192.168.7.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source 45.0.0.1
[r3-Tunnel0/0/0]nhrp network-id 2
[r3-Tunnel0/0/0]nhrp entry 192.168.7.1 25.0.0.1 register 

检查r1、r2、r3私网是否ping通

//r1与r2

//r1与r3

3. MGER环境下的OSPF配置

3.1 OSPF下的宣告

//r1、r4、r5
[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 192.168.6.0 0.0.0.255-----宣告6.0隧道
[r1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255-----宣告环回网段
[r1-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255-----宣告7.0隧道

[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 192.168.6.0 0.0.0.255-----宣告6.0隧道
[r4-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255-----宣告环回网段
	
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 192.168.6.0 0.0.0.255-----宣告6.0隧道
[r5-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255-----宣告该路由器环回

//r2、r3
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255-----宣告7.0隧道
[r2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255-----宣告环回
	
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255-----宣告7.0网段
[r3-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255-----宣告环回

3.2 中心开启伪广播

//r1、r4、r5全连，都分别是中心、分支，三个设备都要开启伪广播
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/1]nhrp entry multicast dynamic-----r1的两个接口（0/0/0接口和0/0/1接口）

[r4-Tunnel0/0/0]nhrp entry multicast dynamic-----r4开启
[r5-Tunnel0/0/0]nhrp entry multicast dynamic-----r5开启

3.3 中心和分支都修改网络类型

//r1、r4、r5
[r1-Tunnel0/0/0]ospf network-type broadcast
[r4-Tunnel0/0/0]ospf network-type broadcast
[r5-Tunnel0/0/0]ospf network-type broadcast

//r1、r2、r3
[r1-Tunnel0/0/1]ospf network-type broadcast
[r2-Tunnel0/0/0]ospf network-type broadcast
[r3-Tunnel0/0/0]ospf network-type broadcast

全连接建议修改网络类型为broadcast

r1、r4、r5邻接表

3.4 设置中心设备r1优先级最高（r1、r4、r5隧道）

[r1-Tunnel0/0/0]ospf dr-priority 10

3.5设置分支放弃选举（r2、r3、r4、r5隧道）

[r2-Tunnel0/0/0]ospf dr-priority 0
[r3-Tunnel0/0/0]ospf dr-priority 0
[r4-Tunnel0/0/0]ospf dr-priority 0
[r5-Tunnel0/0/0]ospf dr-priority 0

3.6除了设置优先级，让分支放弃选举外还有种方法（此办法针对r1、r2、r3，因为r1、r4、r5全连接更适合开启broadcast）

  中心开启伪广播之后，中心和一个分支建立了邻接关系，但是分支之间没有信息，其次有一个分支只和中心保持init状态。
  建议直接更改隧道接口的接口网络类型为P2MP，直接让中心和分支不进行DR和BDR的选举，就不会造成认知不统一的问题。

[r1-Tunnel0/0/1]ospf network-type p2mp
//p2mp环境下，hello时间为30s，死亡时间为120s，点到点网络hello时间10s，死亡时间40s
[r2-Tunnel0/0/0]ospf network-type p2mp
[r3-Tunnel0/0/0]ospf network-type p2mp

开启p2mp，放弃选举DR、BDR，加快收敛

3.7 查看r1的邻接关系、路由表

//邻接关系

[r1]display ospf peer brief 

//路由表

[r1]display ip routing-table protocol ospf

3.8 查看是否全网通