ospf综合实验

一，实验拓扑

实验要求：

1、R4为ISP，其上只配置IP地址；R4与其他所直连设备间均使用公有IP；
2、R3-R5、R6、R7为MGRE环境，R3为中心站点；
3、整个OSPF环境IP基于172.16.0.0/16划分；除了R12有两个环回，其他路由器均有一个环回IP
4、所有设备均可访问R4的环回；
5、减少LSA的更新量，加快收敛，保障更新安全；
6、全网可达；

实验配置

配置IP：

R1:

<Huawei>SYS
Enter system view, return user view with Ctrl+Z.
[Huawei]SYS R1
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 172.16.33.1 24
Apr 18 2024 18:12:35-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R1-GigabitEthernet0/0/0]
[R1-GigabitEthernet0/0/0]q
[R1]int l0
[R1-LoopBack0]ip add 172.34.1 24
                     ^
Error: Wrong parameter found at '^' position.
[R1-LoopBack0]ip add 172.16.34.1 24
[R1-LoopBack0]q
[R1]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.33.1/24       up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.34.1/24       up         up(s)     
NULL0                             unassigned           up         up(s)     
[R1]

R2:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 172.16.33.2 24
[R2-GigabitEthernet0/0/0]
Apr 18 2024 18:22:08-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R2-GigabitEthernet0/0/0]q
[R2]int l0
[R2-LoopBack0]ip add 172.16.35.2 24
[R2-LoopBack0]q
[R2]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.33.2/24       up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.35.2/24       up         up(s)     
NULL0                             unassigned           up         up(s)     
[R2]

R3:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.33.3 24
[R3-GigabitEthernet0/0/0]
Apr 18 2024 18:24:26-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R3-GigabitEthernet0/0/0]q
[R3]int s4/0/0
[R3-Serial4/0/0]ip add 34.0.0.3 24
[R3-Serial4/0/0]q
[R3]int l0
[R3-LoopBack0]ip add 172.16.36.3 24
[R3-LoopBack0]
[R3-LoopBack0]q
[R3]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 3

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.33.3/24       up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.36.3/24       up         up(s)     
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       34.0.0.3/24          up         up        
Serial4/0/1                       unassigned           down       down      
[R3]

R4:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname ISP
[ISP]int s4/0/0
[ISP-Serial4/0/0]ip add 34.0.0.4 24
[ISP-Serial4/0/0]
Apr 18 2024 18:26:59-08:00 ISP %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PP
P IPCP on the interface Serial4/0/0 has entered the UP state. 
[ISP-Serial4/0/0]q
[ISP]int s4/0/1
[ISP-Serial4/0/1]ip add 45.0.0.4 24
[ISP-Serial4/0/1]
[ISP-Serial4/0/1]q
[ISP]int s3/0/0
[ISP-Serial3/0/0]ip add 46.0.0.4 24
[ISP-Serial3/0/0]q
[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip add 47.0.0.4 24
Apr 18 2024 18:28:47-08:00 ISP %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[ISP-GigabitEthernet0/0/0]q
[ISP]int l0
[ISP-LoopBack0]ip add 172.16.2.4 24
[ISP-LoopBack0]q
[ISP]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 6
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 6
The number of interface that is DOWN in Protocol is 3

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              47.0.0.4/24          up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.2.4/24        up         up(s)     
NULL0                             unassigned           up         up(s)     
Serial3/0/0                       46.0.0.4/24          up         up        
Serial3/0/1                       unassigned           down       down      
Serial4/0/0                       34.0.0.4/24          up         up        
Serial4/0/1                       45.0.0.4/24          up         up        
[ISP]

R5:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R5
[R5]int s4/0/0
[R5-Serial4/0/0]ip add 45.0.0.5 24 
[R5-Serial4/0/0]
Apr 18 2024 18:31:14-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R5-Serial4/0/0]q
[R5]int l0
[R5-LoopBack0]ip add 172.16.3.5 24
[R5-LoopBack0]q
[R5]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 4
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 4

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              unassigned           down       down      
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.3.5/24        up         up(s)     
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       45.0.0.5/24          up         up        
Serial4/0/1                       unassigned           down       down      
[R5]

R6:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R6
[R6]int s4/0/0
[R6-Serial4/0/0]ip add 46.0.0.6 24
[R6-Serial4/0/0]
Apr 18 2024 18:33:25-08:00 R6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R6-Serial4/0/0]q
[R6]int g0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.65.1 30
Apr 18 2024 18:34:08-08:00 R6 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R6-GigabitEthernet0/0/0]q
[R6]int l0
[R6-LoopBack0]ip add 172.16.4.6 24
[R6-LoopBack0]q
[R6]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 3

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.65.1/30       up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.4.6/24        up         up(s)     
NULL0                             unassigned           up         up(s)     
Serial4/0/0                       46.0.0.6/24          up         up        
Serial4/0/1                       unassigned           down       down      
[R6]

R7:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R7
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ip add 47.0.0.7 24
Apr 18 2024 18:37:04-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R7-GigabitEthernet0/0/0]q
[R7]int g0/0/1
[R7-GigabitEthernet0/0/1]ip add 172.16.97.1 30
Apr 18 2024 18:37:36-08:00 R7 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R7-GigabitEthernet0/0/1]q
[R7]int l0
[R7-LoopBack0]ip add 172.16.5.7 24
[R7-LoopBack0]q
[R7]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              47.0.0.7/24          up         up        
GigabitEthernet0/0/1              172.16.97.1/30       up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.5.7/24        up         up(s)     
NULL0                             unassigned           up         up(s)     
[R7]

R8:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R8
[R8]int g0/0/0
[R8-GigabitEthernet0/0/0]ip add 172.16.97.2 30
[R8-GigabitEthernet0/0/0]
Apr 18 2024 18:39:41-08:00 R8 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R8-GigabitEthernet0/0/0]q
[R8]int g0/0/1
[R8-GigabitEthernet0/0/1]ip add 172.16.97.5 30
Apr 18 2024 18:40:02-08:00 R8 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R8-GigabitEthernet0/0/1]q
[R8]int l0
[R8-LoopBack0]ip add 172.16.98.8 24
[R8-LoopBack0]q
[R8]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.97.2/30       up         up        
GigabitEthernet0/0/1              172.16.97.5/30       up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.98.8/24       up         up(s)     
NULL0                             unassigned           up         up(s)     
[R8]

R9:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R9
[R9]int g0/0/0
[R9-GigabitEthernet0/0/0]ip addd 172.16.97.6 30
                            ^
Error: Unrecognized command found at '^' position.
[R9-GigabitEthernet0/0/0]ip add 172.16.97.6 30
[R9-GigabitEthernet0/0/0]
Apr 18 2024 18:41:49-08:00 R9 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R9-GigabitEthernet0/0/0]q
[R9]int g0/0/1
[R9-GigabitEthernet0/0/1]ip add 172.16.129.1  30
Apr 18 2024 18:42:17-08:00 R9 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R9-GigabitEthernet0/0/1]q
[R9]int l0
[R9-LoopBack0]ip add 172.16.130.9 24
[R9-LoopBack0]q
[R9]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.97.6/30       up         up        
GigabitEthernet0/0/1              172.16.129.1/30      up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.130.9/24      up         up(s)     
NULL0                             unassigned           up         up(s)     
[R9]

R10:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R10
[R10]int g0/0/0
[R10-GigabitEthernet0/0/0]ip add 172.16.129.2 30
[R10-GigabitEthernet0/0/0]
Apr 18 2024 18:44:09-08:00 R10 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R10-GigabitEthernet0/0/0]q
[R10]int l0
[R10-LoopBack0]ip add 172.16.131.10 24
[R10-LoopBack0]q
[R10]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.129.2/30      up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.131.10/24     up         up(s)     
NULL0                             unassigned           up         up(s)     
[R10]

R11:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R11
[R11]int g0/0/0
[R11-GigabitEthernet0/0/0]ip add 172.16.65.2 30
[R11-GigabitEthernet0/0/0]
Apr 18 2024 18:46:21-08:00 R11 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R11-GigabitEthernet0/0/0]q
[R11]int g0/0/1
[R11-GigabitEthernet0/0/1]ip add 172.16.65.5 30
Apr 18 2024 18:46:41-08:00 R11 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R11-GigabitEthernet0/0/1]q
[R11]int l0
[R11-LoopBack0]ip add 172.16.66.11 24
[R11-LoopBack0]q
[R11]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.65.2/30       up         up        
GigabitEthernet0/0/1              172.16.65.5/30       up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.66.11/24      up         up(s)     
NULL0                             unassigned           up         up(s)     
[R11]

R12:

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R12
[R12]int g0/0/0
[R12-GigabitEthernet0/0/0]ip add 172.16.65.6 30
Apr 18 2024 18:48:45-08:00 R12 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R12-GigabitEthernet0/0/0]q
[R12]int l0
[R12-LoopBack0]ip add 172.16.160.12 24
[R12-LoopBack0]q
[R12]int l1
[R12-LoopBack1]ip add 172.16.161.12 24
[R12-LoopBack1]q
[R12]dis ip int b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              172.16.65.6/30       up         up        
GigabitEthernet0/0/1              unassigned           down       down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         172.16.160.12/24     up         up(s)     
LoopBack1                         172.16.161.12/24     up         up(s)     
NULL0                             unassigned           up         up(s)     
[R12]

构建外部RIP协议用户组

R12:

[R12]rip 1
[R12-rip-1]v 2
[R12-rip-1]undo summary
[R12-rip-1]net 172.16.0.0
[R12-rip-1]

配置公网通

手动配置通向公网的缺省路由：

[R3]ip route-static 0.0.0.0 0 34.0.0.4

[R5]ip route-static 0.0.0.0 0 45.0.0.4

[R6]ip route-static 0.0.0.0 0 46.0.0.4

[R7]ip route-static 0.0.0.0 0 47.0.0.4

构建MGRE隧道

创建隧道

R3:

[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 172.16.6.3 24
[R3-Tunnel0/0/0]t	
[R3-Tunnel0/0/0]tcp
[R3-Tunnel0/0/0]test-aaa
[R3-Tunnel0/0/0]tracert
[R3-Tunnel0/0/0]traffic-filter
[R3-Tunnel0/0/0]traffic-policy
[R3-Tunnel0/0/0]trust
[R3-Tunnel0/0/0]tunnel-protocol g	
[R3-Tunnel0/0/0]tunnel-protocol gre p	
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R3-Tunnel0/0/0]so	
[R3-Tunnel0/0/0]source 34.0.0.3
Apr 18 2024 19:09:09-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]

R5

[R5]int Tunnel  0/0/0
[R5-Tunnel0/0/0]ip add 172.16.6.5 25
[R5-Tunnel0/0/0]tu	
[R5-Tunnel0/0/0]tunnel-protocol  g	
[R5-Tunnel0/0/0]tunnel-protocol  gre p	
[R5-Tunnel0/0/0]tunnel-protocol  gre p2mp 
[R5-Tunnel0/0/0]so	
[R5-Tunnel0/0/0]source s	
[R5-Tunnel0/0/0]source Serial 4	
[R5-Tunnel0/0/0]source Serial 4/0/0
Apr 18 2024 19:10:29-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R5-Tunnel0/0/0]

R6

[R6]int t	
[R6]int Tunnel 0/0/0
[R6-Tunnel0/0/0]ip add 172.16.6.6 24
[R6-Tunnel0/0/0]tu	
[R6-Tunnel0/0/0]tunnel-protocol g	
[R6-Tunnel0/0/0]tunnel-protocol gre p	
[R6-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R6-Tunnel0/0/0]so	
[R6-Tunnel0/0/0]source s	
[R6-Tunnel0/0/0]source Serial 4/0/0
Apr 18 2024 19:11:44-08:00 R6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R6-Tunnel0/0/0]
[R6-Tunnel0/0/0]

R7

[R7]int t	
[R7]int Tunnel 0/0/0
[R7-Tunnel0/0/0]ip add 172.16.6.7 24
[R7-Tunnel0/0/0]tu	
[R7-Tunnel0/0/0]tunnel-protocol g	
[R7-Tunnel0/0/0]tunnel-protocol gre p	
[R7-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R7-Tunnel0/0/0]so	
[R7-Tunnel0/0/0]source g0/0/0
Apr 18 2024 19:13:04-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 
[R7-Tunnel0/0/0]
[R7-Tunnel0/0/0]

配置下一跳解析协议（NHRP）

中心站点R3：

[R3]int t0/0/0
[R3-Tunnel0/0/0]nh	
[R3-Tunnel0/0/0]nhrp ne	
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nh	
[R3-Tunnel0/0/0]nhrp en	
[R3-Tunnel0/0/0]nhrp entry mu	
[R3-Tunnel0/0/0]nhrp entry multicast d	
[R3-Tunnel0/0/0]nhrp entry multicast dynamic 
[R3-Tunnel0/0/0]nhrp entry multicast dynamic 
[R3-Tunnel0/0/0]

R5:

[R5]int t0/0/0
[R5-Tunnel0/0/0]nh	
[R5-Tunnel0/0/0]nhrp n	
[R5-Tunnel0/0/0]nhrp network-id 100
[R5-Tunnel0/0/0]nh	
[R5-Tunnel0/0/0]nhrp e	
[R5-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 re	
[R5-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 register 
[R5-Tunnel0/0/0]

R6:

[R6]int t0/0/0
[R6-Tunnel0/0/0]nh	
[R6-Tunnel0/0/0]nhrp n	
[R6-Tunnel0/0/0]nhrp network-id 100
[R6-Tunnel0/0/0]nh	
[R6-Tunnel0/0/0]nhrp e	
[R6-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 r	
[R6-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 register 
[R6-Tunnel0/0/0]

R7:

[R7]int t0/0/0
[R7-Tunnel0/0/0]nh	
[R7-Tunnel0/0/0]nhrp n	
[R7-Tunnel0/0/0]nhrp network-id 100
[R7-Tunnel0/0/0]nh	
[R7-Tunnel0/0/0]nhrp e	
[R7-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 re	
[R7-Tunnel0/0/0]nhrp entry 172.16.6.3 34.0.0.3 register 
[R7-Tunnel0/0/0]

查看建邻情况：

OSPF私网通

are0(公网区域不宣告）

R3:

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]

R5:

[R5]ospf 1 ro	
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]net 172.16.3.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]netwo	
[R5-ospf-1-area-0.0.0.0]network  172.16.6.0 0.0.0255
                                            ^
Error: Wrong parameter found at '^' position.
[R5-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]

R6:

[R6]ospf 1 ro	
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]area 0
[R6-ospf-1-area-0.0.0.0]net 172.16.4.0 0.0.0.255
[R6-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R6-ospf-1-area-0.0.0.0]

R7:

[R7]ospf 1 ro	
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]are 0
[R7-ospf-1-area-0.0.0.0]net 172.16.5.0 0.0.0.255
[R7-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R7-ospf-1-area-0.0.0.0]

由于Tunnel口默认为点对点类型，故需要修改Tunnel口接口类型才能实现每个路由器建立连接

[R3]int t0/0/0
[R3-Tunnel0/0/0]ospf network-type broadcast 

[R5]int t0/0/0
[R5-Tunnel0/0/0]ospf network-type broadcast 

[R6]int t0/0/0
[R6-Tunnel0/0/0]ospf network-type broadcast 

[R7]int t0/0/0
[R7-Tunnel0/0/0]ospf network-type broadcast 

查看are0邻居情况：
R3:

R5

R6

R7

area 1：

R1:

[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 172.16.33.0 0.0.0.255
[R1-ospf-1-area-0.0.0.1]network 172.16.34.0 0.0.0.255

R2:

[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]net 172.16.33.0 0.0.0.255
[R2-ospf-1-area-0.0.0.1]net 172.16.35.0 0.0.0.255

R3:

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]net 172.16.33.0 0.0.0.255
[R3-ospf-1-area-0.0.0.1]net 172.16.36.0 0.0.0.255

查看area1邻居表：

area2：

R6：

[R6]ospf 1
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]net 172.16.65.1 0.0.0.0//精确宣告

R11：

R11]ospf 1 router-id 11.11.11.11
[R11-ospf-1]a 2
[R11-ospf-1-area-0.0.0.2]net 172.16.65.2 0.0.0.0
[R11-ospf-1-area-0.0.0.2]net 172.16.66.0 0.0.0.255
[R11-ospf-1-area-0.0.0.2]net 172.16.65.5 0.0.0.0

R12：

[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]a 2
[R12-ospf-1-area-0.0.0.2]net 172.16.65.6 0.0.0.0

引入RIP区域的路由：

R12：

[R12-ospf-1-area-0.0.0.2]q
[R12-ospf-1]im	
[R12-ospf-1]import-route rip

查看邻居表：
R6：

R11:

R12：

area 3：

R7：

[R7]ospf 1
[R7-ospf-1]a 3
[R7-ospf-1-area-0.0.0.3]net 172.16.97.1 0.0.0.0//精确宣告

R8：

[R8]ospf 1 router-id 8.8.8.8
[R8-ospf-1]a 3
[R8-ospf-1-area-0.0.0.3]net 172.16.97.2 0.0.0.0
[R8-ospf-1-area-0.0.0.3]net 172.16.97.5 0.0.0.0
[R8-ospf-1-area-0.0.0.3]net 172.16.98.0 0.0.0.255

R9：

[R9]ospf 1 router-id 9.9.9.9
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]net 172.16.97.6 0.0.0.0

查看邻居表：
R7:

R8:

R9:

area 4：

由于area4被area3和area0隔开，故这里将使用新建一个ospf进程重发布：
R9:

[R9]ospf 2
[R9-ospf-2]a 4
[R9-ospf-2-area-0.0.0.4]net 172.16.129.1 0.0.0.0
[R9-ospf-2-area-0.0.0.4]net 172.16.130.0 0.0.0.255
[R9-ospf-2-area-0.0.0.4]q
[R9-ospf-2]im	
[R9-ospf-2]import-route o	
[R9-ospf-2]import-route ospf 1
[R9-ospf-2]q
[R9]ospf 1
[R9-ospf-1]im	
[R9-ospf-1]import-route o	
[R9-ospf-1]import-route ospf 2
[R9-ospf-1]

R10:

[R10]ospf 2 ro	
[R10]ospf 2 router-id 10.10.10.10
[R10-ospf-2]a 4
[R10-ospf-2-area-0.0.0.4]net 172.16.131.0 0.0.0.255
[R10-ospf-2-area-0.0.0.4]net 172.16.129.2 0.0.0.0

查看邻居表：

取消R5,R6,R7的选举权利

利于更快选举DR

[R5]int t0/0/0
[R5-Tunnel0/0/0]ospf dr-priority 0

[R6]int t0/0/0
[R6-Tunnel0/0/0]ospf dr-priority 0

[R7]int t0/0/0
[R7-Tunnel0/0/0]ospf dr-priority 0

检测网络

R10pingR1：

R1ping R12:

R12ping R10:

由此私网可达！

配置easy ip

R3,R6,R7:

[R3]acl 2000
[R3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R3-acl-basic-2000]q
[R3]int s4/0/0
[R3-Serial4/0/0]nat outbound 2000

[R6]acl 2000
[R6-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R6-acl-basic-2000]q
[R6]int s4/0/0
[R6-Serial4/0/0]nat outbound 2000

[R7]acl 2000
[R7-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R7-acl-basic-2000]q
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]nat outbound 2000

做了Easy IP后，私网的ip还是不能够访问公网上R4的环回地址。公网口的地址并没有宣告进私网。

解决方法：在私网入口路由器下发一条默认缺省给公网，可以手动下发，也可以自动下发，在后面的实验步骤中我们会去配置ospf特殊区域，它会自动给我们下发缺省。

配置特殊区域：

这里需要尽可能的减少路由条目，故我们选用totally stub区域和totally NSSA区域来让路由条目达到最简状态，也可以使用路由聚合（精简的是area 0的路由条目）的方法减少路由条目，但因为rip宣告时包括了一个大的网段，而ospf选路比rip的优先级高，故area 2中R11-R12的网段不能被聚合，会多出来一个网段出现在聚合网段后的路由表里。
area 1：

[R1]ospf 1
[R1-ospf-1]a 1
[R1-ospf-1-area-0.0.0.1]stub no	
[R1-ospf-1-area-0.0.0.1]stub no-summary 

[R2]ospf 1
[R2-ospf-1]a 1
[R2-ospf-1-area-0.0.0.1]stub n	
[R2-ospf-1-area-0.0.0.1]stub no-summary 

[R3]ospf 1
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]stub	
[R3-ospf-1-area-0.0.0.1]stub n	
[R3-ospf-1-area-0.0.0.1]stub no-summary 

area 2：

[R6]ospf 1
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]ns	
[R6-ospf-1-area-0.0.0.2]nssa n	
[R6-ospf-1-area-0.0.0.2]nssa no-summary

[R11]ospf 1
[R11-ospf-1]a 2	
[R11-ospf-1-area-0.0.0.2]ns	
[R11-ospf-1-area-0.0.0.2]nssa n	
[R11-ospf-1-area-0.0.0.2]nssa no-summary

[R12]ospf 1
[R12-ospf-1]a 2
[R12-ospf-1-area-0.0.0.2]nss	
[R12-ospf-1-area-0.0.0.2]nssa no-summary

area 3：

[R7]ospf 1
[R7-ospf-1]a 3
[R7-ospf-1-area-0.0.0.3]nssa no-summary 

[R8]ospf 1
[R8-ospf-1]a 3
[R8-ospf-1-area-0.0.0.3]nssa no-summary 

[R9]ospf 1
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]nssa no-summary 

area 4：
由于在area 3成为otally NSSA区域后area 4被当作域外而无法默认下发缺省路由，所以需要向area 4的设备手动下发一条缺省路由。

因为R9上有一条R7下发的缺省所以不用在命令中写"always"：

[R9]ospf 2
[R9-ospf-2]default-route-advertise

检测：
随机查看几个路由器：




随机私有网络路由器能否ping通ISP的环回：
R10:

R2:

R8:

R11:

由此，全网可达！

加快收敛速度：

通过更改hello时间来解决（修改的速度尽快）：

在每一个需要建立邻居关系的接口下配置:

ospf timer hello 5
若两个接口hello时间不同，将不能建立邻接关系。

修改hello时间为5秒。达到加快收敛的作用。
area 0：

R1:
[R3]int s4/0/0
[R3-Serial4/0/0]ospf timer hello 5

R4:
[ISP]int s4/0/0
[ISP-Serial4/0/0]ospf timer hello 5
[ISP-Serial4/0/0]int s4/0/1
[ISP-Serial4/0/1]ospf timer hello 5
[ISP-Serial4/0/1]int s3/0/0
[ISP-Serial3/0/0]ospf timer hello 5
[ISP-Serial3/0/0]int g0/0/0
[ISP-GigabitEthernet0/0/0]ospf timer hello 5

R5:
[R5]int s4/0/0
[R5-Serial4/0/0]ospf timer hello 5

R6:
[R6]int s4/0/0
[R6-Serial4/0/0]ospf timer hello 5

R7:
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ospf timer hello 5

area 1:

R1:
 
[R1]int g0/0/0
 
[R1-GigabitEthernet0/0/0]ospf timer hello 5
 
 
 
R2:
 
[R2]int g 0/0/0
 
[R2-GigabitEthernet0/0/0]ospf timer hello 5
 
 
 
R3:
 
[R3]int g0/0/0
 
[R3-GigabitEthernet0/0/0]ospf timer hello 5

area 2:

R6:
 
[R6]int g 0/0/0
 
[R6-GigabitEthernet0/0/0]ospf timer hello 5
 
R11:
 
[R11]int g0/0/0
 
[R11-GigabitEthernet0/0/0]ospf timer hello 5
 
[R11-GigabitEthernet0/0/0]int g0/0/1
 
[R11-GigabitEthernet0/0/1]ospf timer hello 5
 
R12:
 
[R12]int g 0/0/0
 
[R12-GigabitEthernet0/0/0]ospf timer hello 5

area 3:

R7:
 
[R7]int g0/0/1
 
[R7-GigabitEthernet0/0/1]ospf timer hello 5
 
 
 
R8:
 
[R8]int g0/0/0
 
[R8-GigabitEthernet0/0/0]ospf timer hello 5
 
[R8-GigabitEthernet0/0/0]int g0/0/1
 
[R8-GigabitEthernet0/0/1]ospf timer hello 5
 
 
 
R9:
 
[R9]int g0/0/0
 
[R9-GigabitEthernet0/0/0]ospf timer hello 5

area4:

R9:
 
[R9]int g0/0/1
 
[R9-GigabitEthernet0/0/1]ospf timer hello 5
 
 
R10:
 
[R10]int g0/0/0
 
[R10-GigabitEthernet0/0/0]ospf timer hello 5

检测每个路由的邻居表是否全：

保障安全

使用ospf的区域认证
area 0：
R3：

[R3]ospf 1
[R3-ospf-1]a 0	
[R3-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 123456

R5：

[R5]ospf 1
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 123456

R6：

[R6]ospf 1
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 123456

R7:

[R7]ospf 1
[R7-ospf-1]a 0	
[R7-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 123456

area 1：
R1:

[R1]ospf 1
[R1-ospf-1]a 1	
[R1-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher a1234

R2:

[R2]ospf 1
[R2-ospf-1]a 1
[R2-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher a1234

R3:

[R3]ospf 1
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher a1234

area 2：
R6:

[R6]ospf 1
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher b1234

R11：

[R11]ospf 1
[R11-ospf-1]a 2
[R11-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher b1234

R12：

[R12]ospf 1
[R12-ospf-1]a 2	
[R12-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher b1234

area 3：
R7：

[R7]ospf 1
[R7-ospf-1]a 3	
[R7-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher c1234

R8：

[R8]ospf 1
[R8-ospf-1]a 3	
[R8-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher c1234

R9：

[R9]ospf 1
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher c1234

area 4：
R9:

[R9]ospf 2
[R9-ospf-2]a 4	
[R9-ospf-2-area-0.0.0.4]authentication-mode md5 1 cipher d1234

R10：

[R10]ospf 2
[R10-ospf-2]a 4
[R10-ospf-2-area-0.0.0.4]authentication-mode md5 1 cipher d1234

测试：

以R1的环回 ping R4 环回：

以R1的环回 ping R12 环回L0：

以R1的环回 ping R10 环回：

测试成功，实验完成！！