OSPF综合实验

OSPF综合实验

题目要求：

1、R4为ISP，其上只能配置IP地址；R4与其他所有直连设备间使用公有IP
2、R3-R5/6/7为MGRE环境，R3为中心站点
3、整个OSPF环境IP地址为172.16.0.0/16
4、所有设备均可访问R4的环回
5、减少LSA的更新量，加快收敛，保障更新安全
6、全网可达

一、IP地址规划

172.16.0.0/16

划分为8个网段，每个区域分配一个网段，所以子网掩码向后掩3位，即掩到19位。

1)  172.16.0.1 -- 172.16.31.254
2)  172.16.32.1 -- 172.16.63.254
3)  172.16.64.1 -- 172.16.95.254
4)  172.16.96.1 -- 172.16.127.254
5)  172.16.128.1 -- 172.16.159.254
6)  172.16.160.1 -- 172.16.191.254
7)  172.16.192.1 -- 172.16.223.254
8)  172.16.224.1 -- 172.16.255.254

网段分配

area0: 172.16.0.0/19
area1: 172.16.32.0/19
area2: 172.16.64.0/19
area3: 172.16.96.0/19
area4: 172.16.128.0/19

二、区域0 IP地址配置

作用：实现在区域0内全网可达

R3配置

sys
sys r3
int g0/0/0
ip add 34.1.1.1 24
q
ip route-static 0.0.0.0 0 34.1.1.2

R4配置

sys
sys r4
int g0/0/0
ip add 34.1.1.2 24
int g0/0/1
ip add 54.1.1.2 24
int g0/0/2
ip add 64.1.1.2 24
int g4/0/0
ip add 74.1.1.2 24
int lo0
ip add 4.4.4.4 24

R5配置

sys
sys r5
int g0/0/0
ip add 54.1.1.1 24
int lo0
ip add 172.16.1.1 25
q
ip route-static 0.0.0.0 0 54.1.1.2

R6配置

sys
sys r6
int g0/0/0
ip add 64.1.1.1 24
int lo0
ip add 172.16.1.129 25
q
ip route-static 0.0.0.0 0 64.1.1.2

R7配置

sys
sys r7
int g0/0/0
ip add 74.1.1.1 24
int lo0
ip add 172.16.2.1 25
q
ip route-static 0.0.0.0 0 74.1.1.2

三、R3/R4/R5/R6/R7 mgre配置

说明：结构为中心到站点结构，R3为中心站点。

R3为中心站点配置

sys
interface tunnel 0/0/0
ip add 172.16.0.129 29
tunnel-protocol gre p2mp
source 34.1.1.1
nhrp entry multicast dynamic
nhrp network-id 100

R5配置

sys
interface tunnel 0/0/0
ip add 172.16.0.130 29
tunnel-protocol gre p2mp
source g0/0/0
nhrp entry 172.16.0.129 34.1.1.1 register
nhrp network-id 100

R6配置

sys
interface tunnel 0/0/0
ip add 172.16.0.131 29
tunnel-protocol gre p2mp
source g0/0/0
nhrp entry 172.16.0.129 34.1.1.1 register
nhrp network-id 100

R7配置

sys
interface tunnel 0/0/0
ip add 172.16.0.132 29
tunnel-protocol gre p2mp
source g0/0/0
nhrp entry 172.16.0.129 34.1.1.1 register
nhrp network-id 100

查看分支站点注册结果

dis nhrp peer all

四、area1 IP地址配置

R1配置

sys
int g0/0/0
ip add 172.16.32.129 29
int lo0
ip add 172.16.33.1 25

R2配置

sys
int g0/0/0
ip add 172.16.32.130 29
int lo0
ip add 172.16.33.129 25

R3配置

sys
int g0/0/1
ip add 172.16.32.131 29
int lo0
ip add 172.16.34.1 25

五、area2 IP地址配置

R6配置

sys
sys r6
int g0/0/1
ip add 172.16.64.1 30
int lo1
ip add 172.16.65.1 25

R11配置

sys 
sys r11
int g0/0/0
ip add 172.16.64.2 30
int g0/0/1
ip add 172.16.64.5 30

R12配置

sys
sys r12
int g0/0/0
ip add 172.16.64.6 30

六、area3 IP地址配置

R7配置

sys
sys r7
int g0/0/1
ip add 172.16.96.1 30

R8配置

sys
sys r8
int g0/0/0
ip add 172.16.96.2 30
int g0/0/1
ip add 172.16.96.5 30
int lo0
ip add 172.16.97.1 25

R9配置

sys
sys r9
int g0/0/0
ip add 172.16.96.6 30

七、area4 IP地址配置

R9配置

sys
sys r9
int g0/0/1
ip add 172.16.128.1 30
int lo0
ip add 172.16.129.1 25

R10配置

sys
sys r10
int g0/0/0
ip add 172.16.128.2 30
int lo0
ip add 172.16.129.129 25

八、rip配置

R12配置

sys
sys r12
int lo0
ip add 172.16.160.1 20
int lo1
ip add 172.16.176.1 20
q
rip 1
ver 2
undo summary
network 172.16.0.0

九、OSPF配置(凑齐邻居表)

R1配置

sys
ospf 1 router-id 1.1.1.1
area 1
network 172.16.0.0 0.0.255.255

R2配置

sys
ospf 1 router-id 2.2.2.2
area 1
network 172.16.0.0 0.0.255.255

R3配置

sys
ospf 1 router-id 3.3.3.3
area 0
network 172.16.0.129 0.0.0.0
area 1
network 172.16.32.131 0.0.0.0
network 172.16.34.1 0.0.0.0

或者使用计算以后的地址 area1

area 1
network 172.16.32.0 0.0.3.255

R5配置

sys
ospf 1 router-id 5.5.5.5
area 0
network 172.16.0.0 0.0.255.255

R6配置

sys
ospf 1 router-id 6.6.6.6
area 0
network 172.16.0.0 0.0.1.255
area 2
network 172.16.64.1 0.0.0.0

R7配置

sys
ospf 1 router-id 7.7.7.7
area 0
network 172.16.0.0 0.0.3.255
area 3
network 172.16.96.1 0.0.0.0

R8配置

sys
ospf 1 router-id 8.8.8.8
area 3
network 172.16.0.0 0.0.255.255

R9配置

sys
ospf 1 router-id 9.9.9.9
area 3
network 172.16.96.6 0.0.0.0
area 4
network 172.16.128.0 0.0.1.255

R10配置

sys
ospf 1 router-id 10.10.10.10
area 4
network 172.16.0.0 0.0.255.255

R11配置

sys
ospf 1 router-id 11.11.11.11
area 2
network 172.16.0.0 0.0.255.255

R12配置

sys
ospf 1 router-id 12.12.12.12
area 2
network 172.16.64.6 0.0.0.0

十、修改area0的接口网络类型并选举出DR

MGRE中，R3/5/6/7是无法全部建邻的，tunnel口工作方式默认使用点到点，要修改工作方式为广播。

中心到站点结构要把DR控制在中心，要求R5/6/7放弃选举，为了让中心站点R3成功选举为DR，所以需要将R5、R6、R7三个路由器的优先级改为0

R3配置

int tunnel 0/0/0
ospf network-type broadcast

R5、R6、R7配置

int tunnel 0/0/0
ospf network-type broadcast
ospf dr-priority 0

十一、R12 对rip进行重发布

因为ospf区域学不到rip的路由，所以采取重发布的方式获取。

R12配置

sys
ospf 1
import-route rip

十二、解决不规则区域area4

方案：多进程双向重发布

area0/3/4共同构成不规则区域——远离了骨干的非骨干区域（最推荐重发布解决）

R9配置(多进程)

return
sys
ospf 1
area 4
undo network 172.16.128.0 0.0.1.255
q
q
ospf 2
area 4
network 172.16.128.0 0.0.1.255

R9配置(双向重发布)

return
sys
ospf 1
import ospf 2

十三、减少LSA的更新量

area1区域配置为末梢区域

R1、R2配置

return
sys
ospf 1
area 1 
stub

R3配置

return
sys
ospf 1
area 1 
stub no-summary

area2区域配置为nssa区域

R6配置

return
sys
ospf 1
area 2
nssa no-summary

R11、R12配置

return
sys
ospf 1
area 2
nssa

area3区域配置为nssa区域

R7配置

return
sys
ospf 1
area 3
nssa no-summary

R8、R9配置

return
sys
ospf 1
area 3
nssa

area4区域

R9可以给R10重发布一条缺省

R9配置

return
sys
ospf 2
default-route-advertise

区域area0进行汇总

R3配置汇总并防环

return
sys
ospf 1
area 1
asbr-summary 172.16.32.0 255.255.224.0
q
ip route-static 172.16.32.0 19 NULL 0

R6配置

return
sys
ospf 1
area 2
asbr-summary 172.16.64.0 255.255.224.0
q
ip route-static 172.16.64.0 19 NULL 0

R7配置

return
sys
ospf 1
area 3
asbr-summary 172.16.96.0 255.255.224.0
q
ip route-static 172.16.96.0 19 NULL 0

R9配置

return
sys
ospf 1
asbr-summary 172.16.96.0 255.255.224.0
ip route-static 172.16.96.0 19 NULL 0

R12配置

return
sys
ospf 1
asbr-summary 172.16.160.0 255.255.224.0
ip route-static 172.16.160.0 19 NULL 0

十四、访问外网(NAT)

R3、R6、R7配置

return
sys
acl 2000
rule permit source 172.16.0.0 0.0.255.255
int g0/0/0
nat outbound 2000