OSPF综合实验

avatar
作者
筋斗云
阅读量:0

一、实验拓扑

二、实验需求

1、R4为ISP,其上只配置IP地址;R4与其他所直连设备间均使用公有IP;
2、R3-R5、R6、R7为MGRE环境,R3为中心站点;
3、整个OSPF环境IP基于172.16.0.0/16划分;除了R12有两个环回,其他路由器均有一个环回IP
4、所有设备均可访问R4的环回;
5、减少LSA的更新量,加快收敛,保障更新安全;
6、全网可达;

三、实验思路

1.搭建拓扑图,配置ip

根据ospf划分的区域来分配网段,将该网段划分为8个网段,去其中6个网段作为实验所使用的地址,剩下的两个网段作为备份网段,每个网段进行子网划分,分为P2P网络需要所使用的IP地址、MA网络所使用的IP地址及环回口所使用的IP地址。

网段划分图中实验拓扑所示

2.私网通第一个大区域,配置ospf协议

3.私网通第二个大区域,在RIP区域配置RIP协议

4.公网通,在公网口的路由器上下发静态缺省

5.公网通,搭建MGRE隧道,R3为中心站点

6.所有设备均可访问R4的环回,做NAT-easy ip(四个隧道上的路由器)

7.减少LSA的更新量,ospf路由聚合

8.减少LSA的更新量,特殊区域

9.加快收敛,进入到接口下更改hello时间

10.保障更新安全,做区域验证/接口验证

四、实验步骤

1.搭建拓扑图,配置IP

区域1

[R1]int g0/0/0 [R1-GigabitEthernet0/0/0]ip add 172.16.33.1 24 [R1-GigabitEthernet0/0/0]int l0 [R1-LoopBack0]ip add 172.16.34.1 24 [R1-LoopBack0]q [R1]dis ip int br	 [R1]dis ip int brief 
[R2-GigabitEthernet0/0/0]ip add 172.16.33.2 24 Jul 27 2024 10:00:36-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R2-GigabitEthernet0/0/0]int l0 [R2-LoopBack0]ip add 172.16.35.2 24 [R2-LoopBack0]q [R2]dis ip int brief 
[R3]int g0/0/0 [R3-GigabitEthernet0/0/0]ip add 172.16.33.3 24 Jul 27 2024 10:02:24-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R3-GigabitEthernet0/0/0]int l0 [R3-LoopBack0]ip add 172.16.36.3 24 [R3-LoopBack0]q [R3]dis ip int brief

区域0:

[R3]int s 4/0/0 [R3-Serial4/0/0]ip add 43.0.0.3 24 [R3-Serial4/0/0]q [R3]dis ip int brief
[R5]int s 4/0/0 [R5-Serial4/0/0]ip add 45.0.0.5 24 [R5-Serial4/0/0]q [R5]int l0 [R5-LoopBack0]ip add 172.16.3.5 24 [R5-LoopBack0]q [R5]dis ip int brief
[R6]int s 4/0/0 [R6-Serial4/0/0]ip add 46.0.0.6 24 [R6-Serial4/0/0]q [R6]int l0 [R6-LoopBack0]ip add 172.16.4.6 24 [R6-LoopBack0]q [R6]dis ip int brief
[R7]int g0/0/0 [R7-GigabitEthernet0/0/0]ip add 47.0.0.7 24 Jul 27 2024 10:08:47-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R7-GigabitEthernet0/0/0]int l0 [R7-LoopBack0]ip add 172.16.5.7 24 [R7-LoopBack0]q [R7]dis ip int brief
[R4]int s 4/0/0 [R4-Serial4/0/0]ip add 43.0.0.4 24 [R4-Serial4/0/0] Jul 27 2024 10:10:23-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP  IPCP on the interface Serial4/0/0 has entered the UP state.  [R4-Serial4/0/0]int s 4/0/1 [R4-Serial4/0/1]ip add 45.0.0.4 24 [R4-Serial4/0/1] Jul 27 2024 10:10:38-08:00 R4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol PPP  IPCP on the interface Serial4/0/1 has entered the UP state.  [R4-Serial4/0/1]int s 3/0/0 [R4-Serial3/0/0]ip add 46.0.0.4 24 [R4-Serial3/0/0] Jul 27 2024 10:11:04-08:00 R4 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol PPP  IPCP on the interface Serial3/0/0 has entered the UP state.  [R4-Serial3/0/0]int g0/0/0 [R4-GigabitEthernet0/0/0]ip add 47.0.0.4 24 Jul 27 2024 10:11:25-08:00 R4 %%01IFNET/4/LINK_STATE(l)[3]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R4-GigabitEthernet0/0/0]int l0 [R4-LoopBack0]ip add 172.16.2.4 24 [R4-LoopBack0]q [R4]dis ip int brief

区域2:

[R6]int g 0/0/0 [R6-GigabitEthernet0/0/0]ip add 172.16.65.1 30 [R6-GigabitEthernet0/0/0]q [R6]dis ip int brief
[R11]int g0/0/0 [R11-GigabitEthernet0/0/0]ip add 172.16.65.2 30 Jul 27 2024 10:14:29-08:00 R11 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R11-GigabitEthernet0/0/0]int g0/0/1 [R11-GigabitEthernet0/0/1]ip add 172.16.65.5 30 Jul 27 2024 10:14:47-08:00 R11 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP  on the interface GigabitEthernet0/0/1 has entered the UP state.  [R11-GigabitEthernet0/0/1]int l0 [R11-LoopBack0]ip add 172.16.66.11 24 [R11-LoopBack0]q [R11]dis ip int brief 
[R12]int g 0/0/0 [R12-GigabitEthernet0/0/0]ip add 172.16.65.6 30 Jul 27 2024 10:16:42-08:00 R12 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R12-GigabitEthernet0/0/0]

RIP区域

[R12-GigabitEthernet0/0/0]int l0 [R12-LoopBack0]ip add 172.16.160.12 24 [R12-LoopBack0]int l1 [R12-LoopBack1]ip add 172.16.161.12 24 [R12-LoopBack1]q [R12]dis ip int brief

区域3

[R7]int g0/0/1 [R7-GigabitEthernet0/0/1]ip add 172.16.97.1 30 Jul 27 2024 10:19:23-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/1 has entered the UP state.  [R7-GigabitEthernet0/0/1]q [R7]dis ip int brief
[R8]int g0/0/0 [R8-GigabitEthernet0/0/0]ip add 172.16.97.2 30 Jul 27 2024 10:20:31-08:00 R8 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R8-GigabitEthernet0/0/0]int g0/0/1 [R8-GigabitEthernet0/0/1]ip add 172.16.97.5 30 Jul 27 2024 10:20:50-08:00 R8 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP  on the interface GigabitEthernet0/0/1 has entered the UP state.  [R8-GigabitEthernet0/0/1]int l0 [R8-LoopBack0]ip add 172.16.98.8 24 [R8-LoopBack0]q [R8]dis ip int brief 
[R9]int g0/0/0 [R9-GigabitEthernet0/0/0]ip add 172.16.97.6 30 Jul 27 2024 10:22:18-08:00 R9 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP  on the interface GigabitEthernet0/0/0 has entered the UP state.  [R9-GigabitEthernet0/0/0]q [R9]dis ip int brief

区域4

[R9]int g0/0/1 [R9-GigabitEthernet0/0/1]ip add 172.16.129.1 30 Jul 27 2024 10:23:12-08:00 R9 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP  on the interface GigabitEthernet0/0/1 has entered the UP state.  [R9-GigabitEthernet0/0/1]int l0 [R9-LoopBack0]ip add 172.16.130.9 24 [R9-LoopBack0]q [R9]dis ip int brief 
[R10]int g0/0/1 [R10-GigabitEthernet0/0/1]ip add 172.16.129.2 30 [R10-GigabitEthernet0/0/1]int l0 [R10-LoopBack0]ip add 172.16.131.10 24 [R10-LoopBack0]q [R10]dis ip int brief

2.私网通第一个区域

[R1]ospf 1 router-id 1.1.1.1 [R1-ospf-1]area 1 [R1-ospf-1-area-0.0.0.1]network 172.16.33.0 0.0.0.255 [R1-ospf-1-area-0.0.0.1]network 172.16.34.0 0.0.0.255
[R2]ospf 1 router-id 2.2.2.2 [R2-ospf-1]area 1 [R2-ospf-1-area-0.0.0.1]network 172.16.33.0 0.0.0.255 [R2-ospf-1-area-0.0.0.1]network 172.16.34.0 0.0.0.255
[R3]ospf 1 router-id 3.3.3.3 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]network 172.16.33.0 0.0.0.255 [R3-ospf-1-area-0.0.0.1]network 172.16.36.0 0.0.0.255

查看邻居表:


区域0:

[R5]ospf 1 router-id 5.5.5.5 [R5-ospf-1]area 0 [R5-ospf-1-area-0.0.0.0]network 172.16.3.0 0.0.0.255
[R6]ospf 1 router-id 6.6.6.6 [R6-ospf-1]area 0 [R6-ospf-1-area-0.0.0.0]network 172.16.4.0 0.0.0.255 [R6-ospf-1-area-0.0.0.0]q
[R7]ospf 1 router-id 7.7.7.7 [R7-ospf-1]area 0 [R7-ospf-1-area-0.0.0.0]network 172.16.5.0 0.0.0.255 [R7-ospf-1-area-0.0.0.0]q

区域2

[R6-ospf-1]ospf 1 router-id 6.6.6.6 [R6-ospf-1]area 2 [R6-ospf-1-area-0.0.0.2]network 172.16.65.1 0.0.0.255 [R6-ospf-1-area-0.0.0.2]q [R6-ospf-1]q
[R11]ospf 1 router-id 11.11.11.11 [R11-ospf-1]area 2 [R11-ospf-1-area-0.0.0.2]network 172.16.65.5 0.0.0.0 [R11-ospf-1-area-0.0.0.2]network 172.16.65.2 0.0.0.0 [R11-ospf-1-area-0.0.0.2]network 172.16.66.0 0.0.0.255 [R11-ospf-1-area-0.0.0.2]q [R11-ospf-1]q
[R12]ospf 1 router-id 12.12.12.12 [R12-ospf-1]area 2 [R12-ospf-1-area-0.0.0.2]network 172.16.65.6 0.0.0.0 [R12-ospf-1-area-0.0.0.2]q [R12-ospf-1]q

区域3

[R7-ospf-1]ospf 1 router-id 7.7.7.7 [R7-ospf-1]area 3 [R7-ospf-1-area-0.0.0.3]network 172.16.97.1 0.0.0.0 [R7-ospf-1-area-0.0.0.3]q [R7-ospf-1]q
[R8]ospf 1 router-id 8.8.8.8 [R8-ospf-1]area 3 [R8-ospf-1-area-0.0.0.3]network 172.16.97.2 0.0.0.0 [R8-ospf-1-area-0.0.0.3]network 172.16.97.5 0.0.0.0 [R8-ospf-1-area-0.0.0.3]network 172.16.98.0 0.0.0.255 [R8-ospf-1-area-0.0.0.3]q [R8-ospf-1]q 

[R9]ospf 1 router-id 9.9.9.9 [R9-ospf-1]area 3 [R9-ospf-1-area-0.0.0.3]network 172.16.97.6 0.0.0.0 [R9-ospf-1-area-0.0.0.3]q [R9-ospf-1]q

区域4:

[R9]ospf 2 router-id 9.9.9.9 [R9-ospf-2]area 4 [R9-ospf-2-area-0.0.0.4]network 172.16.129.1 0.0.0.0 [R9-ospf-2-area-0.0.0.4]network 172.16.130.0 0.0.0.255 [R9-ospf-2-area-0.0.0.4]q 
[R10]ospf 2 router-id 10.10.10.10 [R10-ospf-2]area 4 [R10-ospf-2-area-0.0.0.4]network 172.16.129.2 0.0.0.0 [R10-ospf-2-area-0.0.0.4]network 172.16.131.0 0.0.0.255 [R10-ospf-2-area-0.0.0.4]q 

[R9]ospf 1 [R9-ospf-1]import-route ospf 2 [R9-ospf-1]quit [R9]ospf 2	 [R9-ospf-2]import-route ospf 1

3.私网通第二个区域

#进行rip宣告 [R12]rip 1 [R12-rip-1]v 2 [R12-rip-1]network 172.16.0.0

在R11上查看路由

[R12]ospf 1 [R12-ospf-1]import-route rip

4.通公网

[R3]ip route-static 0.0.0.0 0 43.0.0.4 [R5]ip route-static 0.0.0.0 0 45.0.0.4 [R6]ip route-static 0.0.0.0 0 46.0.0.4  [R7]ip route-static 0.0.0.0 0 47.0.0.4

测试一下是否通了

5.全网通

(1)配置MGRE

[R3]int tu 0/0/0 [R3-Tunnel0/0/0]ip add 172.16.6.3 24 [R3-Tunnel0/0/0]tunnel-protocol  gre p2mp [R3-Tunnel0/0/0]source s4/0/0 [R5]int tu 0/0/0 [R5-Tunnel0/0/0]ip add 172.16.6.5 24 [R5-Tunnel0/0/0]tunnel-protocol gre p2mp [R5-Tunnel0/0/0]source s4/0/0 [R6]int tu0/0/0 [R6-Tunnel0/0/0]ip add 172.16.6.6 24 [R6-Tunnel0/0/0]tunnel-protocol gre p2mp [R6-Tunnel0/0/0]source s4/0/0 [R7]int tu0/0/0 [R7-Tunnel0/0/0]ip add 172.16.6.7 24 [R7-Tunnel0/0/0]tunnel-protocol gre p2mp [R7-Tunnel0/0/0]source g0/0/0

2)配置NHRP

#总部R3 [R3]int tu 0/0/0 [R3-Tunnel0/0/0]nhrp network-id 100 [R3-Tunnel0/0/0]nhrp entry multicast dynamic #分支R5 [R5]int tu0/0/0 [R5-Tunnel0/0/0]nhrp network-id 100 [R5-Tunnel0/0/0]nhrp entry 172.16.6.3 43.0.0.3 register #分支R6 [R6]int tu0/0/0 [R6-Tunnel0/0/0]nhrp network-id 100 [R6-Tunnel0/0/0]nhrp entry 172.16.6.3 43.0.0.3 register

查看nhrp邻居表

(3)进入ospf协议视图下对隧道口进行宣告

[R3]ospf 1  [R3-ospf-1]area 0 [R3-ospf-1-area-0.0.0.0]net	 [R3-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255 [R5]ospf 1 [R5-ospf-1]area 0	 [R5-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255 [R6]ospf 1 [R6-ospf-1]area 0 [R6-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255 [R7]ospf 1 [R7-ospf-1]area 0 [R7-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255

[R3]int tu0/0/0 [R3-Tunnel0/0/0]ospf network-type broadcast  [R5]int tu0/0/0 [R5-Tunnel0/0/0]ospf network-type broadcast [R6]int Tunnel 0/0/0 [R6-Tunnel0/0/0]ospf network-type broadcast [R7]int tu0/0/0 [R7-Tunnel0/0/0]ospf network-type broadcast [R5]int tu0/0/0 [R5-Tunnel0/0/0]ospf dr-priority 0 [R6]int tu0/0/0	 [R6-Tunnel0/0/0]ospf dr-priority 0 [R7]int tu0/0/0 [R7-Tunnel0/0/0]ospf dr-priority 0

6、所有设备均可访问R4的环回

[R3]acl 2000	 [R3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255 [R3-acl-basic-2000]quit [R3]int s 4/0/0 [R3-Serial4/0/0]nat outbound 2000 [R5]acl 2000 [R5-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255 [R5-acl-basic-2000]quit [R5]int s 4/0/0 [R5-Serial4/0/0]nat outbound 2000 [R6]acl 2000 [R6-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255 [R6-acl-basic-2000]quit [R6]int s 4/0/0 [R6-Serial4/0/0]nat outbound 2000 [R7]acl 2000 [R7-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255 [R7-acl-basic-2000]quit [R7]int g0/0/0 [R7-GigabitEthernet0/0/0]nat outbound 2000

7、减少LSA的更新量

[R3]ospf 1 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]abr-summary 172.16.32.0 255.255.224.0 [R6]ospf 1 [R6-ospf-1]area 2 [R6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0 [R7]ospf 1 [R7-ospf-1]area 3	 [R7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0 [R12]ospf 1 [R12-ospf-1]asbr-summary 172.16.160.0 255.255.224.0 [R9]ospf 1 [R9-ospf-1]asbr	 [R9-ospf-1]asbr-summary 172.16.129.0 255.255.224.0

特殊区域

区域1

[R3]ospf 1 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]stub no-summary [R1]ospf 1 [R1-ospf-1]area 1	 [R1-ospf-1-area-0.0.0.1]stub no-summary [R2]ospf 1 [R2-ospf-1]area 1 [R2-ospf-1-area-0.0.0.1]stub no-summary

区域2

[R6]ospf 1 [R6-ospf-1]area 2 [R6-ospf-1-area-0.0.0.2]nssa no-summary [R11]ospf 1 [R11-ospf-1]area 2 [R11-ospf-1-area-0.0.0.2]nssa no-summary [R12]ospf 1 [R12-ospf-1]area 2 [R12-ospf-1-area-0.0.0.2]nssa no-summary

区域3

[R7]ospf 1 [R7-ospf-1]area 3	 [R7-ospf-1-area-0.0.0.3]nssa no-summary [R8]ospf 1 [R8-ospf-1]area 3 [R8-ospf-1-area-0.0.0.3]nssa no-summary [R9]ospf 1 [R9-ospf-1]area 3 [R9-ospf-1-area-0.0.0.3]nssa no-summary

ping 一下,看是否全网通

R10不通

在R9上下发缺省

[R9]ospf 1 [R9-ospf-1]default-route-advertise

9、加快收敛:进入到接口下更改hello时间

区域1

[R1]int g0/0/0	 [R1-GigabitEthernet0/0/0]ospf timer hello 5 [R2]int g0/0/0 [R2-GigabitEthernet0/0/0]ospf timer hello 5 [R3]int g0/0/0 [R3-GigabitEthernet0/0/0]ospf timer hello 5

区域0

[R3]int s4/0/0	 [R3-Serial4/0/0]ospf timer hello 5 [R5]int s 4/0/0 [R5-Serial4/0/0]ospf timer hello 5 [R6]int s 4/0/0 [R6-Serial4/0/0]ospf timer hello 5 [R7]int g0/0/0 [R7-GigabitEthernet0/0/0]ospf timer hello 5

区域2

[R6]int g0/0/0 [R6-GigabitEthernet0/0/0]ospf timer hello 5 [R11]int g0/0/0 [R11-GigabitEthernet0/0/0]ospf timer hello 5 [R11]int g0/0/1 [R11-GigabitEthernet0/0/1]ospf timer hello 5 [R12]int g0/0/0 [R12-GigabitEthernet0/0/0]ospf timer hello 5

区域3

[R7]int g0/0/1 [R7-GigabitEthernet0/0/1]ospf timer hello 5 [R8]int g0/0/0 [R8-GigabitEthernet0/0/0]ospf timer hello 5 [R8]int g0/0/1 [R8-GigabitEthernet0/0/1]ospf timer hello 5 [R9]int g0/0/0 [R9-GigabitEthernet0/0/0]ospf timer hello 5

区域4

[R9]int g0/0/1 [R9-GigabitEthernet0/0/1]ospf timer hello 5 [R10]int g0/0/0 [R10-GigabitEthernet0/0/0]ospf timer hello 5

10、保障更新安全:做区域验证/接口验证

区域1

[R1]ospf 1 [R1-ospf-1]area 1 [R1-ospf-1-area-0.0.0.1]authentication-mode zzj 1 cipher 123456 [R2]ospf 1 [R2-ospf-1]area 1 [R2-ospf-1-area-0.0.0.1]authentication-mode zzj 1 cipher 123456 [R3]ospf 1 [R3-ospf-1]area 1 [R3-ospf-1-area-0.0.0.1]authentication-mode zzj 1 cipher 123456

区域2

[R6-ospf-1]are 2 [R6-ospf-1-area-0.0.0.2]authentication-mode zzj 1 cipher 123456 [R11]ospf 1 [R11-ospf-1]area 2 [R11-ospf-1-area-0.0.0.2]authentication-mode zzj 1 cipher 123456 [R12]ospf 1 [R12-ospf-1]area 2 [R12-ospf-1-area-0.0.0.2]authentication-mode zzj 1 cipher 123456

区域3

[R7]ospf 1  [R7-ospf-1]area 0 [R7-ospf-1]area 3 [R7-ospf-1-area-0.0.0.3]authentication-mode zzj 1 cipher 123456 [R8]ospf 1 [R8-ospf-1]area 3 [R8-ospf-1-area-0.0.0.3]authentication-mode zzj 1 cipher 123456 [R9]ospf 1 [R9-ospf-1]area 3 [R9-ospf-1-area-0.0.0.3]authentication-mode zzj 1 cipher 123456

R10ping其它区域路由器

相关阅读
  1. 如何查看和设置我的Android N设备的权限?
  2. 如何在安卓手机上自定义应用图标?
  3. 如何在安卓微信中同时听语音和查看图片?
  4. 华为哪些设备将支持升级至安卓7.0?
  5. 微信安卓软件中Q10功能有哪些独特之处?
  6. 安卓用户如何挑选最佳视频播放器应用?
  7. 安卓系统中用户文件目录的确切位置是什么?
  8. 小米4用户如何安全升级到安卓8.0系统?
  9. 如何成功将魅蓝5升级至安卓原生7.0版本?
  10. 16GB存储的安卓手机是否能满足日常需求?

广告一刻

为您即时展示最新活动产品广告消息,让您随时掌握产品活动新动态!