OSPF综合实验
题目要求:
1、R4为ISP,其上只能配置IP地址;R4与其他所有直连设备间使用公有IP 2、R3-R5/6/7为MGRE环境,R3为中心站点 3、整个OSPF环境IP地址为172.16.0.0/16 4、所有设备均可访问R4的环回 5、减少LSA的更新量,加快收敛,保障更新安全 6、全网可达一、IP地址规划
172.16.0.0/16
划分为8个网段,每个区域分配一个网段,所以子网掩码向后掩3位,即掩到19位。
1) 172.16.0.1 -- 172.16.31.254 2) 172.16.32.1 -- 172.16.63.254 3) 172.16.64.1 -- 172.16.95.254 4) 172.16.96.1 -- 172.16.127.254 5) 172.16.128.1 -- 172.16.159.254 6) 172.16.160.1 -- 172.16.191.254 7) 172.16.192.1 -- 172.16.223.254 8) 172.16.224.1 -- 172.16.255.254
网段分配
area0: 172.16.0.0/19 area1: 172.16.32.0/19 area2: 172.16.64.0/19 area3: 172.16.96.0/19 area4: 172.16.128.0/19二、区域0 IP地址配置
作用:实现在区域0内全网可达
R3配置sys sys r3 int g0/0/0 ip add 34.1.1.1 24 q ip route-static 0.0.0.0 0 34.1.1.2R4配置
sys sys r4 int g0/0/0 ip add 34.1.1.2 24 int g0/0/1 ip add 54.1.1.2 24 int g0/0/2 ip add 64.1.1.2 24 int g4/0/0 ip add 74.1.1.2 24 int lo0 ip add 4.4.4.4 24R5配置
sys sys r5 int g0/0/0 ip add 54.1.1.1 24 int lo0 ip add 172.16.1.1 25 q ip route-static 0.0.0.0 0 54.1.1.2R6配置
sys sys r6 int g0/0/0 ip add 64.1.1.1 24 int lo0 ip add 172.16.1.129 25 q ip route-static 0.0.0.0 0 64.1.1.2R7配置
sys sys r7 int g0/0/0 ip add 74.1.1.1 24 int lo0 ip add 172.16.2.1 25 q ip route-static 0.0.0.0 0 74.1.1.2三、R3/R4/R5/R6/R7 mgre配置
说明:结构为中心到站点结构,R3为中心站点。
R3为中心站点配置sys interface tunnel 0/0/0 ip add 172.16.0.129 29 tunnel-protocol gre p2mp source 34.1.1.1 nhrp entry multicast dynamic nhrp network-id 100R5配置
sys interface tunnel 0/0/0 ip add 172.16.0.130 29 tunnel-protocol gre p2mp source g0/0/0 nhrp entry 172.16.0.129 34.1.1.1 register nhrp network-id 100R6配置
sys interface tunnel 0/0/0 ip add 172.16.0.131 29 tunnel-protocol gre p2mp source g0/0/0 nhrp entry 172.16.0.129 34.1.1.1 register nhrp network-id 100R7配置
sys interface tunnel 0/0/0 ip add 172.16.0.132 29 tunnel-protocol gre p2mp source g0/0/0 nhrp entry 172.16.0.129 34.1.1.1 register nhrp network-id 100查看分支站点注册结果
dis nhrp peer all四、area1 IP地址配置 R1配置
sys int g0/0/0 ip add 172.16.32.129 29 int lo0 ip add 172.16.33.1 25R2配置
sys int g0/0/0 ip add 172.16.32.130 29 int lo0 ip add 172.16.33.129 25R3配置
sys int g0/0/1 ip add 172.16.32.131 29 int lo0 ip add 172.16.34.1 25五、area2 IP地址配置 R6配置
sys sys r6 int g0/0/1 ip add 172.16.64.1 30 int lo1 ip add 172.16.65.1 25R11配置
sys sys r11 int g0/0/0 ip add 172.16.64.2 30 int g0/0/1 ip add 172.16.64.5 30R12配置
sys sys r12 int g0/0/0 ip add 172.16.64.6 30六、area3 IP地址配置 R7配置
sys sys r7 int g0/0/1 ip add 172.16.96.1 30R8配置
sys sys r8 int g0/0/0 ip add 172.16.96.2 30 int g0/0/1 ip add 172.16.96.5 30 int lo0 ip add 172.16.97.1 25R9配置
sys sys r9 int g0/0/0 ip add 172.16.96.6 30七、area4 IP地址配置 R9配置
sys sys r9 int g0/0/1 ip add 172.16.128.1 30 int lo0 ip add 172.16.129.1 25R10配置
sys sys r10 int g0/0/0 ip add 172.16.128.2 30 int lo0 ip add 172.16.129.129 25八、rip配置 R12配置
sys sys r12 int lo0 ip add 172.16.160.1 20 int lo1 ip add 172.16.176.1 20 q rip 1 ver 2 undo summary network 172.16.0.0九、OSPF配置(凑齐邻居表) R1配置
sys ospf 1 router-id 1.1.1.1 area 1 network 172.16.0.0 0.0.255.255R2配置
sys ospf 1 router-id 2.2.2.2 area 1 network 172.16.0.0 0.0.255.255R3配置
sys ospf 1 router-id 3.3.3.3 area 0 network 172.16.0.129 0.0.0.0 area 1 network 172.16.32.131 0.0.0.0 network 172.16.34.1 0.0.0.0
或者使用计算以后的地址 area1
area 1 network 172.16.32.0 0.0.3.255R5配置
sys ospf 1 router-id 5.5.5.5 area 0 network 172.16.0.0 0.0.255.255R6配置
sys ospf 1 router-id 6.6.6.6 area 0 network 172.16.0.0 0.0.1.255 area 2 network 172.16.64.1 0.0.0.0R7配置
sys ospf 1 router-id 7.7.7.7 area 0 network 172.16.0.0 0.0.3.255 area 3 network 172.16.96.1 0.0.0.0R8配置
sys ospf 1 router-id 8.8.8.8 area 3 network 172.16.0.0 0.0.255.255R9配置
sys ospf 1 router-id 9.9.9.9 area 3 network 172.16.96.6 0.0.0.0 area 4 network 172.16.128.0 0.0.1.255R10配置
sys ospf 1 router-id 10.10.10.10 area 4 network 172.16.0.0 0.0.255.255R11配置
sys ospf 1 router-id 11.11.11.11 area 2 network 172.16.0.0 0.0.255.255R12配置
sys ospf 1 router-id 12.12.12.12 area 2 network 172.16.64.6 0.0.0.0十、修改area0的接口网络类型并选举出DR
MGRE中,R3/5/6/7是无法全部建邻的,tunnel口工作方式默认使用点到点,要修改工作方式为广播。
中心到站点结构要把DR控制在中心,要求R5/6/7放弃选举,为了让中心站点R3成功选举为DR,所以需要将R5、R6、R7三个路由器的优先级改为0
R3配置int tunnel 0/0/0 ospf network-type broadcastR5、R6、R7配置
int tunnel 0/0/0 ospf network-type broadcast ospf dr-priority 0十一、R12 对rip进行重发布
因为ospf区域学不到rip的路由,所以采取重发布的方式获取。
R12配置sys ospf 1 import-route rip十二、解决不规则区域area4 方案:多进程双向重发布
area0/3/4共同构成不规则区域——远离了骨干的非骨干区域(最推荐重发布解决)
R9配置(多进程)return sys ospf 1 area 4 undo network 172.16.128.0 0.0.1.255 q q ospf 2 area 4 network 172.16.128.0 0.0.1.255R9配置(双向重发布)
return sys ospf 1 import ospf 2十三、减少LSA的更新量 area1区域配置为末梢区域 R1、R2配置
return sys ospf 1 area 1 stubR3配置
return sys ospf 1 area 1 stub no-summaryarea2区域配置为nssa区域 R6配置
return sys ospf 1 area 2 nssa no-summaryR11、R12配置
return sys ospf 1 area 2 nssaarea3区域配置为nssa区域 R7配置
return sys ospf 1 area 3 nssa no-summaryR8、R9配置
return sys ospf 1 area 3 nssaarea4区域
R9可以给R10重发布一条缺省
R9配置return sys ospf 2 default-route-advertise区域area0进行汇总 R3配置汇总并防环
return sys ospf 1 area 1 asbr-summary 172.16.32.0 255.255.224.0 q ip route-static 172.16.32.0 19 NULL 0R6配置
return sys ospf 1 area 2 asbr-summary 172.16.64.0 255.255.224.0 q ip route-static 172.16.64.0 19 NULL 0R7配置
return sys ospf 1 area 3 asbr-summary 172.16.96.0 255.255.224.0 q ip route-static 172.16.96.0 19 NULL 0R9配置
return sys ospf 1 asbr-summary 172.16.96.0 255.255.224.0 ip route-static 172.16.96.0 19 NULL 0R12配置
return sys ospf 1 asbr-summary 172.16.160.0 255.255.224.0 ip route-static 172.16.160.0 19 NULL 0十四、访问外网(NAT) R3、R6、R7配置
return sys acl 2000 rule permit source 172.16.0.0 0.0.255.255 int g0/0/0 nat outbound 2000
