课题内容:OSPF虚链路研究
实验拓扑:
基本IP地址规划:
R3-R5之间使用 10.1.35.0/30 子网
R1、R3、R4之间使用 10.1.1.0/24子网
R1、R2、R4之间使用 10.1.124.0/24子网
每台设备的环回接口使用 10.1.6.X/32 X = 设备编号
帧中继配置:
R2:
default int s1/0
default int s1/1
default int s1/2
frame-relay switching
interface Serial1/0
no ip address
no shut
encapsulation frame-relay
frame-relay intf-type dce
frame-relay route 103 interface Serial1/2 301
!
interface Serial1/1
no ip address
no shut
encapsulation frame-relay
frame-relay intf-type dce
frame-relay route 403 interface Serial1/2 304
!
interface Serial1/2
no ip address
no shut
encapsulation frame-relay
frame-relay intf-type dce
frame-relay route 301 interface Serial1/0 103
frame-relay route 304 interface Serial1/1 403
R1:
interface Serial1/0
no shutdown
ip address 10.1.1.1 255.255.255.0
encapsulation frame-relay
R3:
interface Serial1/2
no shutdown
ip address 10.1.1.3 255.255.255.0
encapsulation frame-relay
R4:
interface Serial1/1
no shutdown
ip address 10.1.1.4 255.255.255.0
encapsulation frame-relay
按图所示配置OSPF
R1(config)#int lo0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#int s1/0
R1(config-if)#ip ospf 1 area 100
R1(config-if)#int e0/1
R1(config-if)#ip ospf 1 area 2
R1(config-if)#router ospf 1
R1(config-router)#area 2 stub no-summary
R2(config)#router ospf 1
R2(config-router)#net
R2(config-router)#network 10.0.0.0 0.255.255.255 area 2
R2(config-router)#area 2 stub
R4(config)#int s1/1
R4(config-if)#ip os 1 a 100
R4(config-if)#int l0
R4(config-if)#ip os 1 a 100
R4(config-if)#int e0/3
R4(config-if)#ip os 1 a 2
R4(config-if)#router ospf 1
R4(config-router)#area 2 stub no-summary
R3(config)#int s1/2
R3(config-if)#ip ospf 1 area 100
R3(config-if)#int e0/3
R3(config-if)#ip ospf 1 area 1
R3(config-if)#int loopback 0
R3(config-if)#ip ospf 1 area 100
R3(config-if)#end
R5(config)#int loopback 0
R5(config-if)#ip ospf 1 area 1
R5(config-if)#int e0/3
R5(config-if)#ip ospf 1 area 1
R1(config-if)#ip ospf network point-to-multipoint
R3(config-if)#ip ospf network point-to-multipoint
R4(config-if)#ip ospf network point-to-multipoint
验证:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.6.2 1 FULL/BDR 00:00:35 10.1.124.2 Ethernet0/1
10.1.6.4 1 FULL/DROTHER 00:00:38 10.1.124.4 Ethernet0/1
10.1.5.3 0 FULL/ - 00:01:48 10.1.1.3 Serial1/0
R1#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 1 0 10.1.6.1/32 1 LOOP 0/0
Et0/1 1 2 10.1.124.1/24 10 DR 2/2
Se1/0 1 100 10.1.1.1/24 64 P2MP 1/1
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.6.1 1 FULL/DR 00:00:39 10.1.124.1 Ethernet0/2
10.1.6.4 1 FULL/DROTHER 00:00:35 10.1.124.4 Ethernet0/2
R2#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 1 2 10.1.6.2/32 1 LOOP 0/0
Et0/2 1 2 10.1.124.2/24 10 BDR 2/2
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.6.5 1 FULL/BDR 00:00:30 10.1.35.2 Ethernet0/3
10.1.6.1 0 FULL/ - 00:01:49 10.1.1.1 Serial1/2
10.1.6.4 0 FULL/ - 00:01:58 10.1.1.4 Serial1/2
R3#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Et0/3 1 1 10.1.35.1/30 10 DR 1/1
Lo0 1 100 10.1.5.3/32 1 LOOP 0/0
Se1/2 1 100 10.1.1.3/24 64 P2MP 2/2
R4#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.6.1 1 FULL/DR 00:00:35 10.1.124.1 Ethernet0/3
10.1.6.2 1 FULL/BDR 00:00:38 10.1.124.2 Ethernet0/3
10.1.5.3 0 FULL/ - 00:01:55 10.1.1.3 Serial1/1
R4#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Et0/3 1 2 10.1.124.4/24 10 DROTH 2/2
Lo0 1 100 10.1.6.4/32 1 LOOP 0/0
Se1/1 1 100 10.1.1.4/24 64 P2MP 1/1
R5#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.5.3 1 FULL/DR 00:00:31 10.1.35.1 Ethernet0/3
R5#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 1 1 10.1.6.5/32 1 LOOP 0/0
Et0/3 1 1 10.1.35.2/30 10 BDR 1/1
检查路由:
R2#show ip route ospf | begin Gateway
Gateway of last resort is 10.1.124.1 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/11] via 10.1.124.1, 00:13:47, Ethernet0/2
// 位于完全末节区域的R2,仅仅收到了一条O IA的默认路由,那么,这是否是正常现象? //
R2#show ip ospf border-routers
OSPF Router with ID (10.1.6.2) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route
i 10.1.6.1 [10] via 10.1.124.1, Ethernet0/2, ABR, Area 2, SPF 3
注意: ABR的定义,必须至少有一个接口位于骨干区域,一个接口位于非骨干区域,这样的OSPF路由器才被称为ABR;
R4#show ip route ospf | begin Gateway
Gateway of last resort is 10.1.124.1 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/11] via 10.1.124.1, 00:20:19, Ethernet0/3
10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
O 10.1.1.1/32 [110/128] via 10.1.1.3, 00:13:48, Serial1/1
O 10.1.1.3/32 [110/64] via 10.1.1.3, 00:13:48, Serial1/1
O 10.1.5.3/32 [110/65] via 10.1.1.3, 00:13:48, Serial1/1
O IA 10.1.6.1/32 [110/129] via 10.1.1.3, 00:13:48, Serial1/1
O 10.1.6.2/32 [110/11] via 10.1.124.2, 00:20:19, Ethernet0/3
// R4没有收到 区域1的路由 //
原因是? 普通区域之间是不能直接传递路由的;
区域之间的路由传递,本质上是由ABR对LSA进行生成或重新生成的过程;
R3并不是ABR,因此无法在区域 1 和区域 100之间转换LSA;
R5#show ip route ospf | begin Gateway
Gateway of last resort is not set
// R5上一条OSPF路由都没收到 //
那么,观察链路状态数据库,查找原因;
R5#show ip ospf database
OSPF Router with ID (10.1.6.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
10.1.5.3 10.1.5.3 1269 0x80000002 0x00F6AD 1
10.1.6.5 10.1.6.5 1267 0x80000004 0x00EB88 2
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.35.1 10.1.5.3 1269 0x80000001 0x00834E
//R5的链路状态数据库中,仅仅存在Area 1的一类和二类LSA,没有来自ABR的用于计算区域间路由的三类LSA以及其它类型的LSA; //
R5#show ip ospf border-routers
OSPF Router with ID (10.1.6.5) (Process ID 1)
Base Topology (MTID 0)
Internal Router Routing Table
Codes: i - Intra-area route, I - Inter-area route //从R5上查看,本区域并不存在ABR //
在一些特殊场景或者历史遗留问题造成的特殊场景环境中,会造成OSPF区域规划不合理的现象,这也将给路由的传递和优化带来困难;
举例一:
例如本图中的 area 1,没有与骨干区域相邻 (非骨干区域远离骨干区域)
会造成无法与相邻区域交互路由信息;
举例二:
如图所示,骨干区域由于历史原因并不连续,将会造成如下问题:
按图部署四台路由器,OSPF的邻居和邻接没有问题,接口宣告也没有问题;
R1#show ip os neighbor
Neighbor ID Pri State Dead Time Address Interface
22.1.1.1 1 FULL/DR 00:00:34 12.1.1.2 Ethernet0/1
R1#show ip os int br
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 110 0 11.1.1.1/32 1 LOOP 0/0
Et0/1 110 0 12.1.1.1/24 10 BDR 1/1
R2#show ip os neighbor
Neighbor ID Pri State Dead Time Address Interface
11.1.1.1 1 FULL/BDR 00:00:31 12.1.1.1 Ethernet0/1
33.1.1.1 1 FULL/DR 00:00:35 23.1.1.3 Ethernet0/2
R2#show ip os int br
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 110 0 22.1.1.1/32 1 LOOP 0/0
Et0/1 110 0 12.1.1.2/24 10 DR 1/1
Et0/2 110 1 23.1.1.2/24 10 BDR 1/1
R3#show ip os neighbor
Neighbor ID Pri State Dead Time Address Interface
44.1.1.1 1 FULL/DR 00:00:39 34.1.1.4 Ethernet0/3
22.1.1.1 1 FULL/BDR 00:00:38 23.1.1.2 Ethernet0/2
R3#
R3#show ip os int br
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 110 0 33.1.1.1/32 1 LOOP 0/0
Et0/3 110 0 34.1.1.3/24 10 BDR 1/1
Et0/2 110 1 23.1.1.3/24 10 DR 1/1
R4#show ip os neighbor
Neighbor ID Pri State Dead Time Address Interface
33.1.1.1 1 FULL/BDR 00:00:35 34.1.1.3 Ethernet0/3
R4#show ip os int br
Interface PID Area IP Address/Mask Cost State Nbrs F/C
Lo0 110 0 44.1.1.1/32 1 LOOP 0/0
Et0/3 110 0 34.1.1.4/24 10 DR 1/1
查看路由:
R4#show ip route ospf | begin Gateway
Gateway of last resort is not set
23.0.0.0/24 is subnetted, 1 subnets
O IA 23.1.1.0 [110/20] via 34.1.1.3, 00:01:41, Ethernet0/3
33.0.0.0/32 is subnetted, 1 subnets
O 33.1.1.1 [110/11] via 34.1.1.3, 00:01:41, Ethernet0/3
//R4的路由表中,并没有左侧一个区域0的路由;//
检查LSDB,看是否有 LSA
OSPF ABR的水平分割规则: 从骨干区域传递到非骨干区域的三类LSA,不允许传递回骨干区域;
//也就意味着,举例二中这个场景,将会造成两个不连续的骨干区域之间无法交互路由 //
OSPF的虚链路主要用于解决以上两种场景。
在场景二种部署虚链路:
由area 1 承载虚链路;
Note : 规则:承载虚链路的区域必须是非特殊区域;
虚链路是属于骨干区域的一条链路;
配置:
在ABR上配置
R2(config-router)#area 1 virtual-link 33.1.1.1
R3(config-router)#area 1 virtual-link 22.1.1.1
// 注意,此处配置的对等体为对端的 router-id //
R3#
*Sep 5 12:17:18.983: %OSPF-5-ADJCHG: Process 110, Nbr 22.1.1.1 on OSPF_VL0 from LOADING to FULL, Loading Done
// 日志信息表示通过OSPF虚链路建立了一个完全邻接关系 //
R3#show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C
VL0 110 0 23.1.1.3/24 10 P2P 1/1
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
22.1.1.1 0 FULL/ - - 23.1.1.2 OSPF_VL0
通过检查命令,发现设备上多了一个虚链路的接口,以及一个虚链路的邻居;
值得注意的是,虚链路在部署时,如果不加参数,默认将不记老化时间;
R3#show ip ospf interface
OSPF_VL0 is up, line protocol is up
Internet Address 23.1.1.3/24, Area 0, Attached via Not Attached
Process ID 110, Router ID 33.1.1.1, Network Type VIRTUAL_LINK, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10 no no Base
Configured as demand circuit
Run as demand circuit
DoNotAge LSA allowed
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:02
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 3/4, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 22.1.1.1 (Hello suppressed)
Suppress hello for 1 neighbor(s)
// 通过虚链路建立的邻居,抑制hello报文,虚链路使用跟按需电路一样的工作方法 //
R3#show ip ospf database
OSPF Router with ID (33.1.1.1) (Process ID 110)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
11.1.1.1 11.1.1.1 1013 (DNA) 0x80000003 0x00527B 2
22.1.1.1 22.1.1.1 1 (DNA) 0x80000005 0x007AD3 3
33.1.1.1 33.1.1.1 430 0x80000005 0x0036D1 3
44.1.1.1 44.1.1.1 1351 0x80000003 0x007BBD 2
// 通过虚链路学习到的 LSA,不记老化时间 //
虚链路规则(补):
虚链路的一个端点必须在骨干区域上;
首先想清楚,部署虚链路的目的是?
我们要解决area 1 和area 100 没有ABR的问题,因此,通过在 area 100 部署一条虚链路,将R3连接到 骨干区域,使得R3成为 ABR;
配置:
R1(config)#router ospf 1
R1(config-router)#area 100 virtual-link 10.1.6.3
R3(config)#router ospf 1
R3(config-router)#area 100 virtual-link 10.1.6.1
验证:
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.6.1 0 FULL/ - - 10.1.1.1 OSPF_VL0
R5#show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 11 subnets, 3 masks
O IA 10.1.1.1/32 [110/74] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.1.3/32 [110/10] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.1.4/32 [110/74] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.6.1/32 [110/75] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.6.2/32 [110/85] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.6.3/32 [110/11] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.6.4/32 [110/75] via 10.1.35.1, 00:02:00, Ethernet0/3
O IA 10.1.124.0/24 [110/84] via 10.1.35.1, 00:02:00, Ethernet0/3
// R5上已经能够收取到所有的OSPF路由了 //
但是,R3上去往 area 2的路由,没有负载均衡,因为 R4并不是ABR;
尝试部署另一条虚链路,使得R4也成为ABR
在R1和R4之间部署虚链路:
R1(config)#router ospf 1
R1(config-router)#area 100 virtual-link 10.1.6.4
R4(config)#router ospf 1
R4(config-router)#area 100 virtual-link 10.1.6.1
R4#
*Sep 5 12:58:45.058: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.6.1 on OSPF_VL0 from LOADING to FULL, Loading Done // 日志显示邻接成功建立 //
验证:
R3#show ip route ospf | begin Gateway
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 12 subnets, 3 masks
O 10.1.1.1/32 [110/64] via 10.1.1.1, 00:07:30, Serial1/2
O 10.1.1.4/32 [110/64] via 10.1.1.4, 00:07:30, Serial1/2
O 10.1.6.1/32 [110/65] via 10.1.1.1, 00:07:20, Serial1/2
O IA 10.1.6.2/32 [110/75] via 10.1.1.4, 00:01:08, Serial1/2
[110/75] via 10.1.1.1, 00:07:20, Serial1/2
O 10.1.6.4/32 [110/65] via 10.1.1.4, 00:07:30, Serial1/2
O 10.1.6.5/32 [110/11] via 10.1.35.2, 00:06:47, Ethernet0/3
O IA 10.1.124.0/24 [110/74] via 10.1.1.4, 00:01:08, Serial1/2
[110/74] via 10.1.1.1, 00:07:20, Serial1/2
// 成功实现了路由的负载均衡 //
OSPF虚链路实用场景总结:
1,backbone区域被分割
2,非骨干区域与骨干区域不相邻
3, 骨干区域不可靠链路备份