使用到的命令:show ip ospf database
今天做OSPF实验时发现一个奇怪的问题:在各自配置了认证的区域里做虚链路连接时,所有路由表都是不完整的。
先贴配置:
R1#show run
interface Loopback0
ip address 172.16.1.1 255.255.255.0
ip address 172.16.1.1 255.255.255.0
interface Serial1/1
description DCE,OSPF area 3,connected to R2's S1/0,ip 172.16.255.2/30
ip address 172.16.255.1 255.255.255.252
ip ospf authentication-key 7 12185628190E15
serial restart-delay 0
clock rate 9600
description DCE,OSPF area 3,connected to R2's S1/0,ip 172.16.255.2/30
ip address 172.16.255.1 255.255.255.252
ip ospf authentication-key 7 12185628190E15
serial restart-delay 0
clock rate 9600
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
area 3 authentication message-digest
network 172.16.0.0 0.0.255.255 area 3
router-id 1.1.1.1
log-adjacency-changes
area 3 authentication message-digest
network 172.16.0.0 0.0.255.255 area 3
//
R2#show run
interface Serial1/0
description DTE,OSPF area 3,connected to R1's S1/1,ip 172.16.255.1/30
ip address 172.16.255.2 255.255.255.252
ip ospf authentication-key 7 094D1D3612000E
serial restart-delay 0
interface Serial1/1
description DCE,OSPF area 2,connected to R3's S1/0,ip 172.16.255.6/30
ip address 172.16.255.5 255.255.255.252
ip ospf authentication-key 7 045A5939042455
serial restart-delay 0
clock rate 9600
description DTE,OSPF area 3,connected to R1's S1/1,ip 172.16.255.1/30
ip address 172.16.255.2 255.255.255.252
ip ospf authentication-key 7 094D1D3612000E
serial restart-delay 0
interface Serial1/1
description DCE,OSPF area 2,connected to R3's S1/0,ip 172.16.255.6/30
ip address 172.16.255.5 255.255.255.252
ip ospf authentication-key 7 045A5939042455
serial restart-delay 0
clock rate 9600
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
area 2 virtual-link 3.3.3.3
router-id 2.2.2.2
log-adjacency-changes
area 2 virtual-link 3.3.3.3
area 3 authentication message-digest
area 2 authentication message-digest
network 172.16.255.0 0.0.0.3 area 3
network 172.16.255.4 0.0.0.3 area 2
network 172.16.255.0 0.0.0.3 area 3
network 172.16.255.4 0.0.0.3 area 2
//
R3#show run
interface Serial1/0
description DTE,OSPF area 2,connected to R2's S1/1,ip 172.16.255.5/30
ip address 172.16.255.6 255.255.255.252
ip ospf authentication-key 7 045A5939042455
serial restart-delay 0
interface Serial1/1
description DCE,OSPF area 0,connected to R4's S1/0,ip 172.16.255.10/30
ip address 172.16.255.9 255.255.255.252
ip ospf authentication-key 7 1304472D00091D
serial restart-delay 0
clock rate 9600
description DTE,OSPF area 2,connected to R2's S1/1,ip 172.16.255.5/30
ip address 172.16.255.6 255.255.255.252
ip ospf authentication-key 7 045A5939042455
serial restart-delay 0
interface Serial1/1
description DCE,OSPF area 0,connected to R4's S1/0,ip 172.16.255.10/30
ip address 172.16.255.9 255.255.255.252
ip ospf authentication-key 7 1304472D00091D
serial restart-delay 0
clock rate 9600
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
area 2 virtual-link 2.2.2.2
router-id 3.3.3.3
log-adjacency-changes
area 2 virtual-link 2.2.2.2
area 2 authentication message-digest
area 0 authentication message-digest
network 172.16.255.4 0.0.0.3 area 2
network 172.16.255.8 0.0.0.3 area 0
network 172.16.255.4 0.0.0.3 area 2
network 172.16.255.8 0.0.0.3 area 0
//
R4#show run
interface Serial1/0
description DTE,OSPF area 0,connected to R3's S1/1,ip 172.16.255.9/30
ip address 172.16.255.10 255.255.255.252
ip ospf authentication-key 7 104F59260E120B
serial restart-delay 0
description DTE,OSPF area 0,connected to R3's S1/1,ip 172.16.255.9/30
ip address 172.16.255.10 255.255.255.252
ip ospf authentication-key 7 104F59260E120B
serial restart-delay 0
router ospf 100
router-id 4.4.4.4
log-adjacency-changes
router-id 4.4.4.4
log-adjacency-changes
area 0 authentication message-digest
network 172.16.16.0 0.0.0.255 area 1
network 172.16.255.8 0.0.0.3 area 0
network 172.16.16.0 0.0.0.255 area 1
network 172.16.255.8 0.0.0.3 area 0
//
路由表如下:
R1#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
C 172.16.255.0/30 is directly connected, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
R2#show ip route
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/0
C 172.16.255.4/30 is directly connected, Serial1/1
O IA 172.16.255.8/30 [110/128] via 172.16.255.6, 00:00:51, Serial1/1
O IA 172.16.16.1/32 [110/129] via 172.16.255.6, 00:00:51, Serial1/1
C 172.16.255.0/30 is directly connected, Serial1/0
C 172.16.255.4/30 is directly connected, Serial1/1
O IA 172.16.255.8/30 [110/128] via 172.16.255.6, 00:00:51, Serial1/1
O IA 172.16.16.1/32 [110/129] via 172.16.255.6, 00:00:51, Serial1/1
R3#show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.255.4/30 is directly connected, Serial1/0
C 172.16.255.8/30 is directly connected, Serial1/1
O IA 172.16.16.1/32 [110/65] via 172.16.255.10, 00:00:50, Serial1/1
C 172.16.255.4/30 is directly connected, Serial1/0
C 172.16.255.8/30 is directly connected, Serial1/1
O IA 172.16.16.1/32 [110/65] via 172.16.255.10, 00:00:50, Serial1/1
R4#show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O IA 172.16.255.4/30 [110/128] via 172.16.255.9, 00:01:12, Serial1/0
C 172.16.255.8/30 is directly connected, Serial1/0
C 172.16.16.0/24 is directly connected, Loopback0
O IA 172.16.255.4/30 [110/128] via 172.16.255.9, 00:01:12, Serial1/0
C 172.16.255.8/30 is directly connected, Serial1/0
C 172.16.16.0/24 is directly connected, Loopback0
实在没有想到有什么解决办法。先查看database。由于R1、R4没有参与到虚链路中,因此重点查看R2、R3的database。
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 313 0x80000007 0x00FB30 0
3.3.3.3 3.3.3.3 5 (DNA) 0x80000006 0x00F6DB 3
4.4.4.4 4.4.4.4 1758 (DNA) 0x80000004 0x00A546 2
2.2.2.2 2.2.2.2 313 0x80000007 0x00FB30 0
3.3.3.3 3.3.3.3 5 (DNA) 0x80000006 0x00F6DB 3
4.4.4.4 4.4.4.4 1758 (DNA) 0x80000004 0x00A546 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.16.1 4.4.4.4 1758 (DNA) 0x80000003 0x00D685
172.16.255.0 2.2.2.2 313 0x80000001 0x003803
172.16.255.4 2.2.2.2 313 0x80000001 0x001027
172.16.255.4 3.3.3.3 1806 (DNA) 0x80000003 0x00ED43
172.16.16.1 4.4.4.4 1758 (DNA) 0x80000003 0x00D685
172.16.255.0 2.2.2.2 313 0x80000001 0x003803
172.16.255.4 2.2.2.2 313 0x80000001 0x001027
172.16.255.4 3.3.3.3 1806 (DNA) 0x80000003 0x00ED43
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 313 0x80000013 0x008174 2
3.3.3.3 3.3.3.3 319 0x8000000E 0x002BCA 2
Summary Net Link States (Area 2)
2.2.2.2 2.2.2.2 313 0x80000013 0x008174 2
3.3.3.3 3.3.3.3 319 0x8000000E 0x002BCA 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
172.16.16.1 3.3.3.3 320 0x80000006 0x0071AB
172.16.255.0 2.2.2.2 309 0x80000006 0x002E08
172.16.255.8 3.3.3.3 321 0x80000006 0x00BF6A
172.16.16.1 3.3.3.3 320 0x80000006 0x0071AB
172.16.255.0 2.2.2.2 309 0x80000006 0x002E08
172.16.255.8 3.3.3.3 321 0x80000006 0x00BF6A
Router Link States (Area 3)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 2157 0x80000003 0x001239 3
2.2.2.2 2.2.2.2 313 0x8000000B 0x00D24B 1
1.1.1.1 1.1.1.1 2157 0x80000003 0x001239 3
2.2.2.2 2.2.2.2 313 0x8000000B 0x00D24B 1
Summary Net Link States (Area 3)
Link ID ADV Router Age Seq# Checksum
172.16.255.4 2.2.2.2 314 0x80000001 0x001027
172.16.255.4 2.2.2.2 314 0x80000001 0x001027
//
R3#show ip ospf database
OSPF Router with ID (3.3.3.3) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 5 (DNA) 0x80000003 0x00BB55 1
3.3.3.3 3.3.3.3 366 0x8000000E 0x00F1F4 2
4.4.4.4 4.4.4.4 901 0x80000007 0x009F49 2
2.2.2.2 2.2.2.2 5 (DNA) 0x80000003 0x00BB55 1
3.3.3.3 3.3.3.3 366 0x8000000E 0x00F1F4 2
4.4.4.4 4.4.4.4 901 0x80000007 0x009F49 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.1.1 2.2.2.2 275 (DNA) 0x80000002 0x003DF6
172.16.16.1 4.4.4.4 897 0x80000005 0x00D287
172.16.255.0 2.2.2.2 275 (DNA) 0x80000002 0x003604
172.16.255.4 2.2.2.2 275 (DNA) 0x80000002 0x000E28
172.16.255.4 3.3.3.3 361 0x80000001 0x00F141
172.16.1.1 2.2.2.2 275 (DNA) 0x80000002 0x003DF6
172.16.16.1 4.4.4.4 897 0x80000005 0x00D287
172.16.255.0 2.2.2.2 275 (DNA) 0x80000002 0x003604
172.16.255.4 2.2.2.2 275 (DNA) 0x80000002 0x000E28
172.16.255.4 3.3.3.3 361 0x80000001 0x00F141
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 351 0x80000013 0x008174 2
3.3.3.3 3.3.3.3 356 0x8000000E 0x002BCA 2
2.2.2.2 2.2.2.2 351 0x80000013 0x008174 2
3.3.3.3 3.3.3.3 356 0x8000000E 0x002BCA 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
172.16.16.1 3.3.3.3 357 0x80000006 0x0071AB
172.16.255.0 2.2.2.2 348 0x80000006 0x002E08
172.16.255.8 3.3.3.3 357 0x80000006 0x00BF6A
172.16.16.1 3.3.3.3 357 0x80000006 0x0071AB
172.16.255.0 2.2.2.2 348 0x80000006 0x002E08
172.16.255.8 3.3.3.3 357 0x80000006 0x00BF6A
明显所有路由都在数据库里(查看R1和R4的数据库,同样该有的LSA都在数据库里),因此排除了虚链路没有转发某一类LSA的可能。但又没有想到是什么导致LSA在数据库里却不能生成路由。
只好胡乱蒙了。由于之前配置了区域间的认证,而虚链路正好是跨区域的,会不会是由于lsa的认证信息与区域认证信息不符,没有被采纳呢?
no掉所有认证信息,重新查看路由表:
R1#show ip route
172.16.0.0/16 is variably subnetted, 5 subnets, 3 masks
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:00:33, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:00:13, Serial1/1
O IA 172.16.16.1/32 [110/193] via 172.16.255.2, 00:00:13, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:00:33, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:00:13, Serial1/1
O IA 172.16.16.1/32 [110/193] via 172.16.255.2, 00:00:13, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
其它的不用看了。
不过问题还没有解决,我相信区域认证与虚链路等跨区域传输lsa的方法应该没有冲突才对,都已经2点了,明天还要上班,还是先睡吧,等有时间了再作研究,呵呵。