最新消息:点击查看大S的省钱秘笈

OSPF综合实验配置思路及过程

网络相关 Slyar 166浏览 0评论

文章作者:姜南(Slyar) 文章来源:Slyar Home (www.slyar.com) 转载请注明,谢谢合作。

一个OSPF综合实验,包括9台路由器(其中一台模拟帧中继交换机),涉及OSPF多区域、OSPF虚链路、Stub区域、NSSA区域、OSPF手动汇总、OSPF接口认证、OSPF区域认证等技术。

GNS3拓扑与实验拓扑图完全一致,我把预配置文件也一起打包放到网盘上了(包括所有的接口配置以及帧中继交换机的配置),需要的可以直接下载专注于练习OSPF。

GNS3实验拓扑及预配置文件

实验拓扑图

实验过程:

1、帧中继交换机的配置,我简单写一下(预配置已经做好,跟OSPF关系不大)。

en
conf t
ho R9
frame-relay switching
int s1/0
encapsulation frame-relay
clock rate 64000
frame-relay intf-type dce
frame-relay route 203 interface s1/1 302
frame-relay route 204 interface s1/2 402
no sh
int s1/1
encapsulation frame-relay
clock rate 64000
frame-relay intf-type dce
frame-relay route 302 interface s1/0 203
no sh
int s1/2
encapsulation frame-relay
clock rate 64000
frame-relay intf-type dce
frame-relay route 402 interface s1/0 204
no sh
end

2、配置Area 0区域,不需要采用子接口,物理接口网络类型设置为broadcast即可。

R2(config)#router ospf 10
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 172.17.1.1 0.0.0.0 area 0
// 修改OSPF接口网络类型为广播
R2(config-router)#int s1/2
R2(config-if)#ip ospf network broadcast

R3(config)#router ospf 10
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 172.17.1.2 0.0.0.0 area 0
// 修改OSPF接口网络类型为广播
R3(config-router)#int s1/2
R3(config-if)#ip ospf network broadcast
// 设置ospf接口优先级为0,禁止R3成为DR/BDR
R3(config-if)#ip ospf priority 0

R4(config)#router ospf 10
R4(config-router)#router-id 4.4.4.4
R4(config-router)#network 172.17.1.3 0.0.0.0 area 0
// 修改OSPF接口网络类型为广播
R4(config-router)#int s1/2
R4(config-if)#ip ospf network broadcast
//设置ospf接口优先级为0,禁止R4成为DR/BDR
R4(config-if)#ip ospf priority 0

3、在R2上检查邻居关系,R3和R4均为DROTHER

R2#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
3.3.3.3           0   FULL/DROTHER    00:00:34    172.17.1.2      Serial1/2
4.4.4.4           0   FULL/DROTHER    00:00:33    172.17.1.3      Serial1/2

4、配置Area 1区域

R2(config)#router ospf 10
R2(config-router)#net 10.1.1.2 0.0.0.0 area 1

R1(config)#router ospf 10
R1(config-router)#router-id 1.1.1.1
R1(config-router)#net 172.16.0.0 0.0.3.255 area 1
R1(config-router)#net 10.1.1.1 0.0.0.0 area 1

5、配置Area 2区域

R4(config)#router ospf 10
R4(config-router)#net 10.1.3.1 0.0.0.0 area 2

R7(config)#router ospf 10
R7(config-router)#router-id 7.7.7.7
R7(config-router)#net 172.18.1.0 0.0.1.255 area 2
R7(config-router)#net 10.1.3.2 0.0.0.0 area 2

6、配置Area 3区域

R7(config)#router ospf 10
R7(config-router)#net 10.1.4.1 0.0.0.0 area 3

R8(config)#router ospf 10
R8(config-router)#router-id 8.8.8.8
R8(config-router)#net 172.20.0.0 0.0.3.255 area 3
R8(config-router)#net 10.1.4.2 0.0.0.0 area 3

7、配置Area 4区域

R3(config)#router ospf 10
R3(config-router)#net 10.1.2.1 0.0.0.0 area 4

R5(config)#router ospf 10
R5(config-router)#router-id 5.5.5.5
R5(config-router)#net 172.19.0.0 0.0.1.255 area 4
R5(config-router)#net 10.1.2.2 0.0.0.0 area 4

8、由于Area 3没有跟Area 0直接相连,因此需要在R4和R7上创建虚链路

//虚链路参数为对端路由器Router ID
R4(config)#router ospf 10
R4(config-router)#area 2 virtual-link 7.7.7.7

R7(config)#router ospf 10
R7(config-router)#area 2 virtual-link 4.4.4.4

9、配置ripv2路由协议,由于rip不支持掩码表示法,因此需要依次宣告每个C类网段

R5(config)#router rip
R5(config-router)#version 2
R5(config-router)#no auto-summary
R5(config-router)#net 192.168.255.0

R6(config)#router rip
R6(config-router)#version 2
R6(config-router)#no auto-summary
R6(config-router)#net 192.168.0.0
R6(config-router)#net 192.168.1.0
R6(config-router)#net 192.168.2.0
R6(config-router)#net 192.168.3.0
R6(config-router)#net 192.168.4.0
R6(config-router)#net 192.168.5.0
R6(config-router)#net 192.168.6.0
R6(config-router)#net 192.168.7.0
R6(config-router)#net 192.168.8.0
R6(config-router)#net 192.168.9.0
R6(config-router)#net 192.168.10.0
R6(config-router)#net 192.168.11.0
R6(config-router)#net 192.168.255.0

10、在R5上将rip重分布进ospf,开销使用E1类型,此时R5为ASBR

R5(config)#router ospf 10
R5(config-router)#redistribute rip subnets metric-type 1

11、检查R2的路由表,应可以学到192.168.0.0/24网段

R2#sh ip ro
O E1 192.168.8.0/24 [110/148] via 172.17.1.2, 00:00:58, Serial1/2
O E1 192.168.9.0/24 [110/148] via 172.17.1.2, 00:00:58, Serial1/2
O E1 192.168.10.0/24 [110/148] via 172.17.1.2, 00:00:58, Serial1/2
172.17.0.0/24 is subnetted, 1 subnets
C       172.17.1.0 is directly connected, Serial1/2
172.16.0.0/24 is subnetted, 4 subnets
O       172.16.0.0 [110/65] via 10.1.1.1, 00:10:09, Serial1/0
O       172.16.1.0 [110/65] via 10.1.1.1, 00:10:09, Serial1/0
O       172.16.2.0 [110/65] via 10.1.1.1, 00:10:12, Serial1/0
O       172.16.3.0 [110/65] via 10.1.1.1, 00:10:12, Serial1/0
172.19.0.0/24 is subnetted, 2 subnets
O IA    172.19.1.0 [110/129] via 172.17.1.2, 00:06:38, Serial1/2
O IA    172.19.0.0 [110/129] via 172.17.1.2, 00:06:38, Serial1/2
172.18.0.0/24 is subnetted, 2 subnets
O IA    172.18.0.0 [110/129] via 172.17.1.3, 00:06:41, Serial1/2
O IA    172.18.1.0 [110/129] via 172.17.1.3, 00:06:41, Serial1/2
172.20.0.0/24 is subnetted, 4 subnets
O IA    172.20.0.0 [110/193] via 172.17.1.3, 00:06:41, Serial1/2
O IA    172.20.1.0 [110/193] via 172.17.1.3, 00:06:41, Serial1/2
O IA    172.20.2.0 [110/193] via 172.17.1.3, 00:06:41, Serial1/2
O IA    172.20.3.0 [110/193] via 172.17.1.3, 00:06:41, Serial1/2
O E1 192.168.11.0/24 [110/148] via 172.17.1.2, 00:01:04, Serial1/2
O E1 192.168.4.0/24 [110/148] via 172.17.1.2, 00:01:04, Serial1/2
O E1 192.168.5.0/24 [110/148] via 172.17.1.2, 00:01:04, Serial1/2
10.0.0.0/24 is subnetted, 4 subnets
O IA    10.1.3.0 [110/128] via 172.17.1.3, 00:06:41, Serial1/2
O IA    10.1.2.0 [110/128] via 172.17.1.2, 00:06:41, Serial1/2
C       10.1.1.0 is directly connected, Serial1/0
O IA    10.1.4.0 [110/192] via 172.17.1.3, 00:06:41, Serial1/2
O E1 192.168.6.0/24 [110/148] via 172.17.1.2, 00:01:04, Serial1/2
O E1 192.168.7.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2
O E1 192.168.255.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2
O E1 192.168.0.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2
O E1 192.168.1.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2
O E1 192.168.2.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2
O E1 192.168.3.0/24 [110/148] via 172.17.1.2, 00:01:07, Serial1/2

12、为了减小R1路由表的体积,将Area 1配置为Totally Stub区域,阻止LSA TYPE 3/4/5,并且自动宣告一条默认路由

R1(config)#router ospf 10
R1(config-router)#area 1 stub

//no-summary参数仅需要在ABR上配置
R2(config)#router ospf 10
R2(config-router)#area 1 stub no-summary

13、检查R1的路由表,只有直连网段及一条默认路由

R1(config-router)#do sh ip ro
172.16.0.0/24 is subnetted, 4 subnets
C       172.16.0.0 is directly connected, Loopback0
C       172.16.1.0 is directly connected, Loopback1
C       172.16.2.0 is directly connected, Loopback2
C       172.16.3.0 is directly connected, Loopback3
10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 10.1.1.2, 00:00:26, Serial1/1

14、为了减小其他路由器的路由表体积,在R2上对Area 1进行区域路由汇总

R2(config)#router ospf 10
R2(config-router)#area 1 range 172.16.0.0 255.255.252.0

15、由于Area 4同样只有一条出口,并且Area 4还连接着外部AS,因此将Area 4配置为Totally NSSA区域

//参数只在7->5的ABR/ASBR上做,阻止LSA TYPE 3/4/5
R3(config)#router ospf 10
R3(config-router)#area 4 nssa no-redistribution no-summary

R5(config)#router ospf 10
R5(config-router)#area 4 nssa

16、在R5上对rip进行区域间路由汇总,减小其他路由器路由表体积

R5(config)#router ospf 10
R5(config-router)#summary-address 192.168.0.0 255.255.240.0

17、检查R5路由表,由于阻止了LSA TYPE 3/4/5,因此R5应只包含RIP路由条目、一条由R3产生的默认路由,以及配置路由汇总后自动产生的汇总路由

R5#sh ip ro
R    192.168.8.0/24 [120/1] via 192.168.255.2, 00:00:06, Serial1/1
R    192.168.9.0/24 [120/1] via 192.168.255.2, 00:00:06, Serial1/1
R    192.168.10.0/24 [120/1] via 192.168.255.2, 00:00:06, Serial1/1
172.19.0.0/24 is subnetted, 2 subnets
C       172.19.1.0 is directly connected, Loopback1
C       172.19.0.0 is directly connected, Loopback0
R    192.168.11.0/24 [120/1] via 192.168.255.2, 00:00:06, Serial1/1
R    192.168.4.0/24 [120/1] via 192.168.255.2, 00:00:06, Serial1/1
R    192.168.5.0/24 [120/1] via 192.168.255.2, 00:00:08, Serial1/1
10.0.0.0/24 is subnetted, 1 subnets
C       10.1.2.0 is directly connected, Serial1/0
R    192.168.6.0/24 [120/1] via 192.168.255.2, 00:00:08, Serial1/1
R    192.168.7.0/24 [120/1] via 192.168.255.2, 00:00:08, Serial1/1
C    192.168.255.0/24 is directly connected, Serial1/1
R    192.168.0.0/24 [120/1] via 192.168.255.2, 00:00:10, Serial1/1
R    192.168.1.0/24 [120/1] via 192.168.255.2, 00:00:10, Serial1/1
R    192.168.2.0/24 [120/1] via 192.168.255.2, 00:00:10, Serial1/1
R    192.168.3.0/24 [120/1] via 192.168.255.2, 00:00:10, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 10.1.2.1, 00:30:05, Serial1/0
O    192.168.0.0/20 is a summary, 00:18:58, Null0

18、同理,将Area 3配置为Totally Stub区域

R8(config)#router ospf 10
R8(config-router)#area 3 stub

R7(config)#router ospf 10
R7(config-router)#area 3 stub no-summary

19、检查R8路由表,结果类似R1

R8#sh ip ro
172.20.0.0/24 is subnetted, 4 subnets
C       172.20.0.0 is directly connected, Loopback0
C       172.20.1.0 is directly connected, Loopback1
C       172.20.2.0 is directly connected, Loopback2
C       172.20.3.0 is directly connected, Loopback3
10.0.0.0/24 is subnetted, 1 subnets
C       10.1.4.0 is directly connected, Serial1/0
O*IA 0.0.0.0/0 [110/65] via 10.1.4.1, 00:03:29, Serial1/0

20、同理,在R7上对Area 3进行区域路由汇总

R7(config-router)#area 3 range 172.20.0.0 255.255.252.0

21、由于R5是ASBR,R3宣告的默认路由无法到达RIP区域,因此需要在R5上为rip指定默认路由

R5(config)#router rip
R5(config-router)#default-information originate

22、指定默认路由后查看R6路由表

R6#sh ip ro
C    192.168.8.0/24 is directly connected, Loopback8
C    192.168.9.0/24 is directly connected, Loopback9
C    192.168.10.0/24 is directly connected, Loopback10
C    192.168.11.0/24 is directly connected, Loopback11
C    192.168.4.0/24 is directly connected, Loopback4
C    192.168.5.0/24 is directly connected, Loopback5
C    192.168.6.0/24 is directly connected, Loopback6
C    192.168.7.0/24 is directly connected, Loopback7
C    192.168.255.0/24 is directly connected, Serial1/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
C    192.168.2.0/24 is directly connected, Loopback2
C    192.168.3.0/24 is directly connected, Loopback3
R*   0.0.0.0/0 [120/1] via 192.168.255.1, 00:00:09, Serial1/0

23、为Area 3配置接口明文认证,均在接口上配置

R7(config)#int s1/1
R7(config-if)#ip ospf authentication-key slyar
R7(config-if)#ip ospf authentication

R8(config)#int s1/0
R8(config-if)#ip ospf authentication-key slyar
R8(config-if)#ip ospf authentication

24、为Area 0实现区域认证,密码在接口上配置,认证在OSPF进程中启用

R2(config)#int s1/2
R2(config-if)#ip ospf message-digest-key 1 md5 slyar
R2(config-if)#router ospf 10
R2(config-router)#area 0 authentication message-digest

R3(config)#int s1/2
R3(config-if)#ip ospf message-digest-key 1 md5 slyar
R3(config-if)#router ospf 10
R3(config-router)#area 0 authentication message-digest

R4(config)#int s1/2
R4(config-if)#ip ospf message-digest-key 1 md5 slyar
R4(config-if)#router ospf 10
R4(config-router)#area 0 authentication message-digest

25、由于virtual-link属于Area 0,因此在配置了Area 0的区域认证时,虚链路两端的ABR上都要配置认证

//由于之前虚链路已经建立,此时在R4上查看虚链路是UP的,但只要在R7上用clear ip ospf process命令刷新一下OSPF进程,就可以观察到virtual-link由于认证不匹配而DOWN掉了

R7(config)#router ospf 10
R7(config-router)#area 0 authentication message-digest

26、最后查看R2的路由表,由于R5及R7直连的网段只有2个,因此不需要配置路由汇总

R2#sh ip ro
172.17.0.0/24 is subnetted, 1 subnets
C       172.17.1.0 is directly connected, Serial1/2
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
O       172.16.0.0/24 [110/65] via 10.1.1.1, 00:00:10, Serial1/0
O       172.16.0.0/22 is a summary, 00:00:10, Null0
O       172.16.1.0/24 [110/65] via 10.1.1.1, 00:00:10, Serial1/0
O       172.16.2.0/24 [110/65] via 10.1.1.1, 00:00:10, Serial1/0
O       172.16.3.0/24 [110/65] via 10.1.1.1, 00:00:10, Serial1/0
172.19.0.0/24 is subnetted, 2 subnets
O IA    172.19.1.0 [110/129] via 172.17.1.2, 00:00:13, Serial1/2
O IA    172.19.0.0 [110/129] via 172.17.1.2, 00:00:13, Serial1/2
172.18.0.0/24 is subnetted, 2 subnets
O IA    172.18.0.0 [110/129] via 172.17.1.3, 00:00:13, Serial1/2
O IA    172.18.1.0 [110/129] via 172.17.1.3, 00:00:15, Serial1/2
172.20.0.0/22 is subnetted, 1 subnets
O IA    172.20.0.0 [110/193] via 172.17.1.3, 00:00:15, Serial1/2
10.0.0.0/24 is subnetted, 4 subnets
O IA    10.1.3.0 [110/128] via 172.17.1.3, 00:00:15, Serial1/2
O IA    10.1.2.0 [110/128] via 172.17.1.2, 00:00:15, Serial1/2
C       10.1.1.0 is directly connected, Serial1/0
O IA    10.1.4.0 [110/192] via 172.17.1.3, 00:00:15, Serial1/2
O E1 192.168.255.0/24 [110/149] via 172.17.1.2, 00:00:15, Serial1/2
O E1 192.168.0.0/20 [110/149] via 172.17.1.2, 00:00:15, Serial1/2

转载请注明:Slyar Home » OSPF综合实验配置思路及过程

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

网友最新评论 (4)

  1. 南哥,请问下那个直线是怎么画的啊,找不到按钮~
    Jessica4年前 (2013-02-20)回复
  2. R9为什么是帧中继交换机不是路由器呢?
    LiuXJ4年前 (2013-02-15)回复
  3. 谢谢博主的分享,很详细啊,让人眼前一亮
    比价网5年前 (2011-08-21)回复
  4. 过程做得很详细,不错。
    广东硅谷学院5年前 (2011-08-20)回复