OSPF综合实验(二)
实验要求:
1、0SPF区域使用192.168.1.0/24网段
2、所有设备的环回地址为自己设备号
3、R4为ISP设备
4、R7作为运营商设备,但并非互联网设备
5、R6、R8、R11、R17、R14、R18之前配置Hub-Spoke架构,中心为R6
6、Area3和Area5区域使用vlink解决不规则区域
7、Area1和Area4使用重发布解决不规则区域
8、R18进行七转五操作时,不允许携带FA值
9、R8不允许将ospf 200的路由通告进骨干区域
仅当R14和R18故障时才会通告0SPF200的路由信息
10、全图不允许有环路
11、减少LSDB太小
12、优化OSPF收敛速度
13、全网可达
第一步:地址规划
192.168.1.0/24
192.168.1.0/27 //ospf 10
192.168.1.32/27 //ospf 100 area 0
192.168.1.32/28
192.168.1.48/28
192.168.1.64/27 //a 1
192.168.1.96/27 //a 3
192.168.1.96/28
192.168.1.112/28
192.168.1.128/27 //a 4
192.168.1.128/28
192.168.1.144/28
192.168.1.160/27 //a 5
192.168.1.192/27 //ospf 200
192.168.1.192/29
192.168.1.200/29
192.168.1.208/29
192.168.1.216/29
192.168.1.224/27 //保留
这里的地址规划我们按照区域进行划分
地址配置:
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 192.168.1.1 27
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 1.1.1.1 32
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 192.168.1.2 27
[R2-GigabitEthernet0/0/0]int l0
[R2-LoopBack0]ip add 2.2.2.2 32
[R3]int l0
[R3-LoopBack0]ip add 3.3.3.3 32
[R3-LoopBack0]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 192.168.1.3 27
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 34.0.0.1 24
[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip add 34.0.0.2 24
[ISP-GigabitEthernet0/0/0]int g0/0/1
[ISP-GigabitEthernet0/0/1]ip add 45.0.0.1 24
[ISP-GigabitEthernet0/0/1]int l0
[ISP-LoopBack0]ip add 4.4.4.4 32
[R5]int l0
[R5-LoopBack0]ip add 5.5.5.5 32
[R5-LoopBack0]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 45.0.0.2 24
[R5-GigabitEthernet0/0/0]int g0/0/1
[R5-GigabitEthernet0/0/1]ip add 192.168.1.33 28
[R6]int l0
[R6-LoopBack0]ip add 6.6.6.6 32
[R6-LoopBack0]int g0/0/0
[R6-GigabitEthernet0/0/0]ip add 192.168.1.34 28
[R6-GigabitEthernet0/0/0]int g0/0/01
[R6-GigabitEthernet0/0/1]ip add 67.1.1.1 24
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ip add 67.1.1.2 24
[R7-GigabitEthernet0/0/0]int g0/0/1
[R7-GigabitEthernet0/0/1]ip add 117.1.1.2 24
[R7-GigabitEthernet0/0/1]int g0/0/2
[R7-GigabitEthernet0/0/2]ip add 187.1.1.2 24
[R7-GigabitEthernet0/0/2]int g1/0/0
[R7-GigabitEthernet1/0/0]ip add 78.1.1.2 24
[R7-GigabitEthernet1/0/0]int g2/0/0
[R7-GigabitEthernet2/0/0]ip add 177.1.1.2 24
[R7-GigabitEthernet2/0/0]int g3/0/0
[R7-GigabitEthernet3/0/0]ip add 147.1.1.2 24
[R7-GigabitEthernet3/0/0]int l0
[R7-LoopBack0]ip add 7.7.7.7 32
[R8]int g0/0/0
[R8-GigabitEthernet0/0/0]ip add 78.1.1.1 24
[R8-GigabitEthernet0/0/0]int g0/0/1
[R8-GigabitEthernet0/0/1]ip add 192.168.1.65 27
[R8-GigabitEthernet0/0/1]int l0
[R8-LoopBack0]ip add 8.8.8.8 32
[R9]int l0
[R9-LoopBack0]ip add 9.9.9.9 32
[R9-LoopBack0]int g0/0/0
[R9-GigabitEthernet0/0/0]ip add 192.168.1.66 27
[R9-GigabitEthernet0/0/0]int g0/0/1
[R9-GigabitEthernet0/0/1]ip add 192.168.1.193 29
[R10]int l0
[R10-LoopBack0]ip add 10.10.10.10 32
[R10-LoopBack0]int g0/0/0
[R10-GigabitEthernet0/0/0]ip add 192.168.1.194 29
[R10-GigabitEthernet0/0/0]int g0/0/1
[R10-GigabitEthernet0/0/1]ip add 192.168.1.201 29
[R11]int l0
[R11-LoopBack0]ip add 11.11.11.11 32
[R11-LoopBack0]int g0/0/0
[R11-GigabitEthernet0/0/0]ip add 117.1.1.1 24
[R11-GigabitEthernet0/0/0]int g0/0/1
[R11-GigabitEthernet0/0/1]ip add 192.168.1.97 28
[R12]int l0
[R12-LoopBack0]ip add 12.12.12.12 32
[R12-LoopBack0]int g0/0/0
[R12-GigabitEthernet0/0/0]ip add 192.168.1.114 28
[R12-GigabitEthernet0/0/0]int g0/0/1
[R12-GigabitEthernet0/0/1]ip add 192.168.1.162 27
[R13]int l0
[R13-LoopBack0]ip add 13.13.13.13 32
[R13-LoopBack0]int g0/0/0
[R13-GigabitEthernet0/0/0]ip add 192.168.1.161 27
[R14]int l0
[R14-LoopBack0]ip add 14.14.14.14 32
[R14-LoopBack0]int g0/0/0
[R14-GigabitEthernet0/0/0]ip add 147.1.1.1 24
[R14-GigabitEthernet0/0/0]int g0/0/1
[R14-GigabitEthernet0/0/1]ip add 192.168.1.145 28
[R14-GigabitEthernet0/0/1]int g0/0/2
[R14-GigabitEthernet0/0/2]ip add 192.168.1.129 28
[R15]int l0
[R15-LoopBack0]ip add 15.15.15.15 32
[R15-LoopBack0]int g0/0/0
[R15-GigabitEthernet0/0/0]ip add 192.168.1.146 28
[R15-GigabitEthernet0/0/0]int g0/0/1
[R15-GigabitEthernet0/0/1]ip add 192.168.1.209 29
[R16]int l0
[R16-LoopBack0]ip add 16.16.16.16 32
[R16-LoopBack0]int g0/0/0
[R16-GigabitEthernet0/0/0]ip add 192.168.1.210 29
[R16-GigabitEthernet0/0/0]int g0/0/1
[R16-GigabitEthernet0/0/1]ip add 192.168.1.202 29
[R17]int l0
[R17-LoopBack0]ip add 17.17.17.17 32
[R17-LoopBack0]int g0/0/0
[R17-GigabitEthernet0/0/0]ip add 177.1.1.1 24
[R17-GigabitEthernet0/0/0]int g0/0/1
[R17-GigabitEthernet0/0/1]ip add 192.168.1.98 28
[R17-GigabitEthernet0/0/1]int g0/0/2
[R17-GigabitEthernet0/0/2]ip add 192.168.1.114 28
[R18]int l0
[R18-LoopBack0]ip add 18.18.18.18 32
[R18-LoopBack0]int g0/0/0
[R18-GigabitEthernet0/0/0]ip add 187.1.1.1 24
[R18-GigabitEthernet0/0/0]int g0/0/1
[R18-GigabitEthernet0/0/1]ip add 192.168.1.130 28
地址配置完成,需要进行测试,以防配置的地址有误
MGRE
[R6]int t0/0/0
[R6-Tunnel0/0/0]ip add 192.168.1.49 28
[R6-Tunnel0/0/0]tunnel-protocol gre p2mp
[R6-Tunnel0/0/0]source 67.1.1.1
[R6-Tunnel0/0/0]nhrp entry multicast dynamic
[R8]int t0/0/0
[R8-Tunnel0/0/0]ip add 192.168.1.50 28
[R8-Tunnel0/0/0]tunnel-protocol gre p2mp
[R8-Tunnel0/0/0]source g0/0/0
[R8-Tunnel0/0/0]nhrp entry 192.168.1.49 67.1.1.1 re
[R18]int t0/0/0
[R18-Tunnel0/0/0]ip add 192.168.1.51 28
[R18-Tunnel0/0/0]tunnel-protocol gre p2mp
[R18-Tunnel0/0/0]source g0/0/0
[R18-Tunnel0/0/0]nhrp entry 192.168.1.49 67.1.1.1 re
[R14]int t0/0/0
[R14-Tunnel0/0/0]ip add 192.168.1.52 28
[R14-Tunnel0/0/0]tunnel-protocol gre p2mp
[R14-Tunnel0/0/0]source g0/0/0
[R14-Tunnel0/0/0]nhrp entry 192.168.1.49 67.1.1.1 re
[R17]int t0/0/0
[R17-Tunnel0/0/0]ip add 192.168.1.53 28
[R17-Tunnel0/0/0]tunnel-protocol gre p2mp
[R17-Tunnel0/0/0]source g0/0/0
[R17-Tunnel0/0/0]nhrp entry 192.168.1.49 67.1.1.1 re
[R11]int t0/0/0
[R11-Tunnel0/0/0]ip add 192.168.1.54 28
[R11-Tunnel0/0/0]tunnel-protocol gre p2mp
[R11-Tunnel0/0/0]source g0/0/0
[R11-Tunnel0/0/0]nhrp entry 192.168.1.49 67.1.1.1 re第二步、公网配置,实现公网跑通
R3/4/5
[R3]rip 100
[R3-rip-100]v 2
[R3-rip-100]undo sum
[R3-rip-100]net 34.0.0.0
[ISP]rip 100
[ISP-rip-100]v 2
[ISP-rip-100]undo sum
[ISP-rip-100]net 4.0.0.0
[ISP-rip-100]net 34.0.0.0
[ISP-rip-100]net 45.0.0.0
[R5]rip 1
[R5-rip-1]v 2
[R5-rip-1]undo sum
[R5-rip-1]net 45.0.0.0
R6/7/8/18/14/17/11
[R6]rip 1
[R6-rip-1]v 2
[R6-rip-1]undo sum
[R6-rip-1]net 67.0.0.0
[R8]rip 1
[R8-rip-1]v 2
[R8-rip-1]undo sum
[R8-rip-1]net 78.0.0.0
[R18]rip 1
[R18-rip-1]v 2
[R18-rip-1]undo sum
[R18-rip-1]net 187.1.0.0
[R14]rip 1
[R14-rip-1]v 2
[R14-rip-1]undo sum
[R14-rip-1]net 147.1.0.0
[R17]rip 1
[R17-rip-1]v 2
[R17-rip-1]undo sum
[R17-rip-1]net 177.1.0.0
[R11]rip 1
[R11-rip-1]v 2
[R11-rip-1]undo sum
[R11-rip-1]net 117.0.0.0
[R7]rip 1
[R7-rip-1]v 2
[R7-rip-1]undo sum
[R7-rip-1]net 67.0.0.0
[R7-rip-1]net 78.0.0.0
[R7-rip-1]net 187.1.0.0
[R7-rip-1]net 147.1.0.0
[R7-rip-1]net 177.1.0.0
[R7-rip-1]net 117.0.0.0
[R7-rip-1]net 7.0.0.0
测试:当物理链路跑通那么,NHRP映射表将会去注册,查看R6NHRP映射表
第三步:ospf
ospf 10
[R1]ospf 1 rou 1.1.1.1
[R1-ospf-1]a 0
[R1-ospf-1-area-0.0.0.0]net 192.168.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0
[R2]ospf 10 rou 2.2.2.2
[R2-ospf-10]a 0
[R2-ospf-10-area-0.0.0.0]net 2.2.2.2 0.0.0.0
[R2-ospf-10-area-0.0.0.0]net 192.168.1.2 0.0.0.0
[R3]ospf 10 rou 3.3.3.3
[R3-ospf-10]a 0
[R3-ospf-10-area-0.0.0.0]net 3.3.3.3 0.0.0.0
[R3-ospf-10-area-0.0.0.0]net 192.168.1.3 0.0.0.0
ospf 100 area 0
[R5]ospf 100 rou 5.5.5.5
[R5-ospf-100]a 0
[R5-ospf-100-area-0.0.0.0]net 5.5.5.5 0.0.0.0
[R5-ospf-100-area-0.0.0.0]net 192.168.1.33 0.0.0.0
[R6]ospf 100 rou 6.6.6.6
[R6-ospf-100]a 0
[R6-ospf-100-area-0.0.0.0]net 6.6.6.6 0.0.0.0
[R6-ospf-100-area-0.0.0.0]net 192.168.1.49 0.0.0.0
[R6-ospf-100-area-0.0.0.0]net 192.168.1.34 0.0.0.0
[R8]ospf 100 rou 8.8.8.8
[R8-ospf-100]a 0
[R8-ospf-100-area-0.0.0.0]net 8.8.8.8 0.0.0.0
[R8-ospf-100-area-0.0.0.0]net 192.168.1.50 0.0.0.0
[R18]ospf 100 rou 18.18.18.18
[R18-ospf-100]a 0
[R18-ospf-100-area-0.0.0.0]net 18.18.18.18 0.0.0.0
[R18-ospf-100-area-0.0.0.0]net 192.168.1.51 0.0.0.0
[R14]ospf 100 rou 14.14.14.14
[R14-ospf-100]a 0
[R14-ospf-100-area-0.0.0.0]net 14.14.14.14 0.0.0.0
[R14-ospf-100-area-0.0.0.0]net 192.168.1.52 0.0.0.0
[R17]ospf 100 rou 17.17.17.17
[R17-ospf-100]a 0
[R17-ospf-100-area-0.0.0.0]net 17.17.17.17 0.0.0.0
[R17-ospf-100-area-0.0.0.0]net 192.168.1.53 0.0.0.0
[R11]ospf 100 rou 11.11.11.11
[R11-ospf-100]a 0
[R11-ospf-100-area-0.0.0.0]net 11.11.11.11 0.0.0.0
[R11-ospf-100-area-0.0.0.0]net 192.168.1.54 0.0.0.0针对MGRE,需要添加操作使得建邻成功
[R6]int t0/0/0
[R6-Tunnel0/0/0]ospf network-type broadcast
[R8]int t0/0/0
[R8-Tunnel0/0/0]ospf network-type broadcast
[R8-Tunnel0/0/0]ospf dr-priority 0
[R18]int t0/0/0
[R18-Tunnel0/0/0]ospf network-type broadcast
[R18-Tunnel0/0/0]ospf dr-priority 0
[R14]int t0/0/0
[R14-Tunnel0/0/0]ospf network-type broadcast
[R14-Tunnel0/0/0]ospf dr-priority 0
[R17]int t0/0/0
[R17-Tunnel0/0/0]ospf network-type broadcast
[R17-Tunnel0/0/0]ospf dr-priority 0
[R11]int t0/0/0
[R11-Tunnel0/0/0]ospf network-type broadcast
[R11-Tunnel0/0/0]ospf dr-priority 0ospf 100 area 1
[R8]ospf 100 rou 8.8.8.8
[R8-ospf-100]a 1
[R8-ospf-100-area-0.0.0.1]net 192.168.1.65 0.0.0.0
[R9]ospf 100 rou 9.9.9.9
[R9-ospf-100]a 1
[R9-ospf-100-area-0.0.0.1]net 192.168.1.66 0.0.0.0
[R9-ospf-100-area-0.0.0.1]net 9.9.9.9 0.0.0.0ospf 100 area 3
[R11]ospf 100 rou 11.11.11.11
[R11-ospf-100]a 3
[R11-ospf-100-area-0.0.0.3]net 192.168.1.97 0.0.0.0
[R17]ospf 100 rou 17.17.17.17
[R17-ospf-100]a 3
[R17-ospf-100-area-0.0.0.3]net 192.168.1.98 0.0.0.0
[R17-ospf-100-area-0.0.0.3]net 192.168.1.113 0.0.0.0
[R12]ospf 100 rou 12.12.12.12
[R12-ospf-100]a 3
[R12-ospf-100-area-0.0.0.3]net 12.12.12.12 0.0.0.0
[R12-ospf-100-area-0.0.0.3]net 192.168.1.114 0.0.0.0ospf 100 area 4
[R18]ospf 100 rou 18.18.18.18
[R18-ospf-100]a 4
[R18-ospf-100-area-0.0.0.4]net 192.168.1.130 0.0.0.0
[R14]ospf 100 rou 14.14.14.14
[R14-ospf-100]a 4
[R14-ospf-100-area-0.0.0.4]net 192.168.1.129 0.0.0.0
[R14-ospf-100-area-0.0.0.4]net 192.168.1.145 0.0.0.0
[R15]ospf 100 rou 15.15.15.15
[R15-ospf-100]a 4
[R15-ospf-100-area-0.0.0.4]net 15.15.15.15 0.0.0.0
[R15-ospf-100-area-0.0.0.4]net 192.168.1.146 0.0.0.0ospf 100 area 5
[R12]ospf 100 rou 12.12.12.12
[R12-ospf-100]a 5
[R12-ospf-100-area-0.0.0.5]net 192.168.1.162 0.0.0.0
[R13]ospf 100 rou 13.13.13.13
[R13-ospf-100]a 5
[R13-ospf-100-area-0.0.0.5]net 192.168.1.161 0.0.0.0
[R13-ospf-100-area-0.0.0.5]net 13.13.13.13 0.0.0.0ospf 200
[R15]ospf 200 rou 15.15.15.15
[R15-ospf-200]a 0
[R15-ospf-200-area-0.0.0.0]net 192.168.1.209 0.0.0.0
[R16]ospf 200 rou 16.16.16.16
[R16-ospf-200]a 0
[R16-ospf-200-area-0.0.0.0]net 16.16.16.16 0.0.0.0
[R16-ospf-200-area-0.0.0.0]net 192.168.1.210 0.0.0.0
[R16-ospf-200-area-0.0.0.0]net 192.168.1.202 0.0.0.0
[R10]ospf 200 rou 10.10.10.10
[R10-ospf-200]a 0
[R10-ospf-200-area-0.0.0.0]net 10.10.10.10 0.0.0.0
[R10-ospf-200-area-0.0.0.0]net 192.168.1.194 0.0.0.0
[R10-ospf-200-area-0.0.0.0]net 192.168.1.201 0.0.0.0
[R9]ospf 200 rou 9.9.9.9
[R9-ospf-200]a 0
[R9-ospf-200-area-0.0.0.0]net 192.168.1.193 0.0.0.0第四步、OSPF不规则区域
area 3和area 5使用虚链路
[R17]ospf 100
[R17-ospf-1]a 3
[R17-ospf-1-area-0.0.0.3]vlink-peer 12.12.12.12
[R12]ospf 100
[R12-ospf-1]a 3
[R12-ospf-1-area-0.0.0.3]vlink-peer 17.17.17.17
此处需要注意vlink环路问题
注意要进行测试
area 1和area 4使用重发布
[R9]ospf 100
[R9-ospf-100]import-route ospf 200 type 1
[R9-ospf-100]ospf 200
[R9-ospf-200]import-route ospf 100
[R15]ospf 100
[R15-ospf-100]import-route ospf 200 type 1
[R15-ospf-100]ospf 200
[R15-ospf-200]import-route ospf 100
修改cost值
[R14]int g0/0/1
[R14-GigabitEthernet0/0/1]ospf cost 2000
[R15]int g0/0/0
[R15-GigabitEthernet0/0/0]ospf cost 2000
[R8]int g0/0/1
[R8-GigabitEthernet0/0/1]ospf cost 5000
[R9]int g0/0/0
[R9-GigabitEthernet0/0/0]ospf cost 5000
第五步、特殊区域
[R18]ospf 100
[R18-ospf-100]a 4
[R18-ospf-100-area-0.0.0.4]nssa
[R14]ospf 100
[R14-ospf-100]a 4
[R14-ospf-100-area-0.0.0.4]nssa
[R15]ospf 100
[R15-ospf-100]a 4
[R15-ospf-100-area-0.0.0.4]nssa
关闭R18,7转5时的FA字段
[R18]ospf 100
[R18-ospf-100]a 4
[R18-ospf-100-area-0.0.0.4]nssa suppress-forwarding-address
为防止环路,开启R14的七转五操作
[R14]ospf 100
[R14-ospf-100]a 4
[R14-ospf-100-area-0.0.0.4]nssa translator-always
[R8]ospf 100
[R8-ospf-100]a 1
[R8-ospf-100-area-0.0.0.1]nssa
[R9]ospf 100
[R9-ospf-100]a 1
[R9-ospf-100-area-0.0.0.1]nssa
第六步:减少LSA更新量
完全nssa
[R8]ospf 100
[R8-ospf-100]a 1
[R8-ospf-100-area-0.0.0.1]nssa no-summary
[R9]ospf 100
[R9-ospf-100]a 1
[R9-ospf-100-area-0.0.0.1]nssa
[R18]ospf 100
[R18-ospf-100]a 4
[R18-ospf-100-area-0.0.0.4]nssa no-summary
[R14]ospf 100
[R14-ospf-100]a 4
[R14-ospf-100-area-0.0.0.4]nssa no-summary 第七步:nat
[R3]acl 2000
[R3-acl-basic-2000]rule permit source any
[R3-acl-basic-2000]q
[R3]int g0/0/1
[R3-GigabitEthernet0/0/1]nat outbound 2000
[R5]acl 2000
[R5-acl-basic-2000]rule permit source any
[R5-acl-basic-2000]q
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]nat outbound 2000
下发缺省
[R3]ospf 10
[R3-ospf-10]default-route-advertise always
[R5]ospf 100
[R5-ospf-100]default-route-advertise always 这里需要注意,针对重发布需要再次下发缺省
[R9]ospf 200
[R9-ospf-200]default-route-advertise
[R15]ospf 200
[R15-ospf-200]default-route-advertise
第八步、加快收敛
[R6]int t0/0/0
[R6-Tunnel0/0/0]ospf net p2mp
[R6-Tunnel0/0/0]ospf timer hello 5
[R11]int t0/0/0
[R11-Tunnel0/0/0]ospf network-type p2mp
[R11-Tunnel0/0/0]ospf timer hello 5
[R8]int t0/0/0
[R8-Tunnel0/0/0]ospf net p2mp
[R8-Tunnel0/0/0]ospf timer hello 5
[R18]int t0/0/0
[R18-Tunnel0/0/0]ospf net p2mp
[R18-Tunnel0/0/0]ospf timer hello 5
[R14]int t0/0/0
[R14-Tunnel0/0/0]ospf net p2mp
[R14-Tunnel0/0/0]ospf timer hello 5
[R17]int t0/0/0
[R17-Tunnel0/0/0]ospf net p2mp
[R17-Tunnel0/0/0]ospf timer hello 5第九步、全网可达
OSPF 10可以和OSPF 100中的部分区域进行访问
这里我们使用R1的环回和R8的环回
[R3]int t0/0/0
[R3-Tunnel0/0/0]ip add 10.1.1.1 24
[R3-Tunnel0/0/0]tunnel-protocol gre
[R3-Tunnel0/0/0]source 34.0.0.1
[R3-Tunnel0/0/0]destination 45.0.0.2
[R5]int t0/0/0
[R5-Tunnel0/0/0]ip add 10.1.1.2 24
[R5-Tunnel0/0/0]tunnel-protocol gre
[R5-Tunnel0/0/0]source 45.0.0.2
[R5-Tunnel0/0/0]desti 34.0.0.1
[R3]ip route-static 8.8.8.8 32 10.1.1.2
[R5]ip route-static 1.1.1.1 32 10.1.1.1
全网可达测试:
