OSPF综合实验

一.实验要求

1.R4为ISP，其上只能配置IP地址；R4其他所有直接连接设备间均使用公网IP
2.R3-R5/R6为MGRE环境，R3位中心站
3.整个OSPF环境IP基于172.16.0.0/16
4.减少LSA的更新量，加速收敛，保证更新安全
5.所有设备均可以访问R4的环回
6.全网可达

二.分析

注意要求为了减少LSA的信息，应该设置特殊区域，观察拓扑可知，area1可以设置为末梢区域；area2可以设置为完全非末梢区域；area3可以设置为末梢区域；area4可以利用隧道，也可以设置为末梢区域。进行子网划分考虑之后的汇总，进行如下划分

三.配置

1.重命名，以r1为例

[Huawei]sy r1
[r1]

2.配置ip，以r1为例

[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]undo ip ad	
[r1-GigabitEthernet0/0/0]undo ip address 172.16.0.1 20
[r1]interface  LoopBack 0
[r1-LoopBack0]ip address 172.16.16.1 20

3.搭建r3-r5/r6的MGRE环境

[r3]int t0/0/0
[r3-Tunnel0/0/0]ip address 192.168.1.1 24	
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source 15.0.0.1 
Jan 14 2022 21:33:36-08:00 r3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 	
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry multicast dynamic 

4.r5和r5类似，只列出r5

[r5]int t0/0/0
[r5-Tunnel0/0/0]ip address 192.168.1.2 24	
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r5-Tunnel0/0/0]source Serial 4/0/0
Jan 14 2022 21:36:25-08:00 r5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. t	
[r5-Tunnel0/0/0]nhrp network-id 100	
[r5-Tunnel0/0/0]nhrp entry 192.168.1.1 15.0.0.1 register

5.配置r3、r5、r6、r7的缺省指向r4

[r3]ip route-static 0.0.0.0 0 15.0.0.2
[r5]ip route-static 0.0.0.0 0 25.0.0.1
[r6]ip route-static 0.0.0.0 0 35.0.0.1
[r7]ip route-static 0.0.0.0 0 45.0.0.1

6.启用ospf，以r1为例

[r1]ospf 1 router-id 1.1.1.1	
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]network 172.16.0.0 0.0.255.255
[r1-ospf-1-area-0.0.0.1]network  172.16.16.0 0.0.0.255

7.在r3、r6、r7上做nat设置，以r3为例

[r3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r3]interface Serial 4/0/0
[r3-Serial4/0/0]nat outbound 2000

8.设置area1为末梢区域

[r1-ospf-1-area-0.0.0.1]stub
[r2-ospf-1-area-0.0.0.1]stub
[r3-ospf-1-area-0.0.0.1]stub

9.设置area3为NASS

[r9-ospf-1]area 3
[r9-ospf-1-area-0.0.0.1]nssa
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.1]nssa no-summary

四.测试

1.MGRE环境

[r3]display nhrp peer all 
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.1.2     32    25.0.0.2        192.168.1.2     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:03:31
Expire time     : 01:56:29
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.1.3     32    35.0.0.2        192.168.1.3     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:03:21
Expire time     : 01:56:39

Number of nhrp peers: 2

2.全网可达r1去ping  isp的环回

[r1]ping 4.4.4.1
  PING 4.4.4.1: 56  data bytes, press CTRL_C to break
    Reply from 4.4.4.1: bytes=56 Sequence=1 ttl=254 time=130 ms
    Reply from 4.4.4.1: bytes=56 Sequence=2 ttl=254 time=60 ms
    Reply from 4.4.4.1: bytes=56 Sequence=3 ttl=254 time=50 ms
    Reply from 4.4.4.1: bytes=56 Sequence=4 ttl=254 time=30 ms
    Reply from 4.4.4.1: bytes=56 Sequence=5 ttl=254 time=50 ms

  --- 4.4.4.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 30/64/130 ms