一、简介¶
本章聚集于OSPF相关的各个知识点,具体包括OSPF基本配置,OSPF邻居邻接关系,OSPF链路状态数据库,Sub区域,NSSA区域,虚链路,OSPF网络类型,OSPF路由聚合,OSPF缺省路由,OSPF网络的监测、调试和排障。
二、OSPF基本配置¶
2.1 原理概述¶
OSPF是一种应用非常广泛的基于链路状态的动态路由协议,它具有区域(Area)化的层次结构,扩展性好,收敛速度快,适合部署在各种规模的网络上。 在OSPF中,每台路由器都必须有一个Router-ID来标识自己。为了使OSPF网络更加稳定可靠,路由器通常会启用LoopBack接口,并配置特定的IP地址,且将此地址作为自己的Router-ID。 OSPF协议定义了4种不同的网络类型,分别为广播网络(也被称为Broadcast网络)、NBMA(Non-Broadcast Multi-Access)网络、点到点网络(也被称为Point-to-Point网络)。在广播网络和NBMA网络种,需要选举出DR(Designated Router)和BDR(Backup Designated Router)。DR和BDR是通过路由器接口的DR优先级来决定的,优先级最高的路由器将当选为DR,次之者当选为BDR;如果接口的DR优先级相同,则具有最高Router-ID的路由器将当选为DR,次之者当选为BDR。 LoopBack接口所在网段默认为点到点网络,观察到,在点到点网络上是没有选举DR/BDR的。以太网段默认是广播网络,所以需要选举DR/BDR。
2.2 OSPF基本配置配置实验¶
2.2.1 实验目的¶
1、掌握OSPF的基本配置 2、观察并理解DR/BDR的选举过程 3、掌握OSPF接口开销的修改方法 4、理解OSPF被动接口的作用 5、掌握OSPF认证功能的配置
2.2.2 实验内容¶
本实验模拟一个企业网络场景。R1为企业总部的路由器,R2为地区总部A的路由器,R3为地区总部B的路由器,R4和R5分别为分支机构1和分支机构2的路由器。整个网络都运行OSPF,其中R1与R2和R3之间的链路位于区域0中,R2和R3之间的链路作为一条备份链路也位于区域0中,R2和R4之间的链路位于区域1中,R3和R5之间的链路位于区域2中。R4、R5、R1的LoopBack1接口模拟了不同分支机构内以及企业总部内的网络。通过正确的OSPF配置后,不同分支机构的网络之间以及分支机构与企业总部的网络之间都应实现正常通信。
2.2.3 实验拓扑¶
2.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/1 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/2 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | Loopback0 | 1.1.1.1 | 255.255.255.255 | N/A |
| R1(AR2220) | Loopback1 | 11.11.11.11 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | E1/0/0 | 10.0.24.2 | 255.255.255.0 | N/A |
| R2(AR2220) | S2/0/0 | 10.0.23.2 | 255.255.255.0 | N/A |
| R2(AR2220) | Loopback0 | 2.2.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | E1/0/0 | 10.0.35.3 | 255.255.255.0 | N/A |
| R3(AR2220) | S2/0/0 | 10.0.23.3 | 255.255.255.0 | N/A |
| R3(AR2220) | Loopback0 | 3.3.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | E1/0/0 | 10.0.24.4 | 255.255.255.0 | N/A |
| R4(AR2220) | Loopback0 | 4.4.4.4 | 255.255.255.255 | N/A |
| R4(AR2220) | Loopback1 | 44.44.44.44 | 255.255.255.0 | N/A |
| R5(AR2220) | E1/0/0 | 10.0.35.5 | 255.255.255.0 | N/A |
| R5(AR2220) | Loopback0 | 5.5.5.5 | 255.255.255.255 | N/A |
| R5(AR2220) | Loopback1 | 55.55.55.55 | 255.255.255.0 | N/A |
| ### 2.2.5 实验步骤 | ||||
| #### 2.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 | ||||
| #### 2.2.5.2 配置OSPF路由协议 | ||||
| 1、R1、R2、R3之间的链路位于区域0,R2与R4之间的链路位于区域1,R3与R5之间的链路位于区域2,每台路由器使用LoopBack0接口的IP地址作为自己的Router-ID。 |
[R1]router id 1.1.1.1
[R1]ospf
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 11.11.11.11 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R2]router id 2.2.2.2
[R2]ospf
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.24.2 0.0.0.0
[R3]router id 3.3.3.3
[R3]ospf
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 2
[R3-ospf-1-area-0.0.0.2]network 10.0.35.3 0.0.0.0
[R4]router id 4.4.4.4
[R4]ospf
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 44.44.44.44 0.0.0.
[R4-ospf-1-area-0.0.0.1]network 10.0.24.4 0.0.0.0
[R5]router id 5.5.5.5
[R5]ospf
[R5-ospf-1]area 2
[R5-ospf-1-area-0.0.0.2]network 5.5.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.2]network 55.55.55.55 0.0.0.0
[R5-ospf-1-area-0.0.0.2]network 10.0.35.5 0.0.0.0
2、配置完成后,查看R1、R2、R3上的OSPF邻居的建立情况。观察到,OSPF邻居状态都为Full,表明各邻居关系都已成功建立。
[R1]dis ospf peer bri
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 2.2.2.2 Full
0.0.0.0 GigabitEthernet0/0/2 3.3.3.3 Full
----------------------------------------------------------------------------
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 Serial2/0/0 3.3.3.3 Full
0.0.0.1 Ethernet1/0/0 4.4.4.4 Full
----------------------------------------------------------------------------
[R3]dis ospf peer brief
OSPF Process 1 with Router ID 3.3.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 Serial2/0/0 2.2.2.2 Full
0.0.0.2 Ethernet1/0/0 5.5.5.5 Full
----------------------------------------------------------------------------
3、查看R1、R4、R5的IP路由表,观察到,已经获得其他路由器的接口所在网段的路由。
[R1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 23 Routes : 24
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
2.2.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
3.3.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
4.4.4.4/32 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
5.5.5.5/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.23.0/24 OSPF 10 49 D 10.0.12.2 GigabitEthernet
0/0/1
OSPF 10 49 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.35.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
11.11.11.0/24 Direct 0 0 D 11.11.11.11 LoopBack1
11.11.11.11/32 Direct 0 0 D 127.0.0.1 LoopBack1
11.11.11.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
44.44.44.44/32 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
55.55.55.55/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 21
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 2 D 10.0.24.2 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.24.2 Ethernet1/0/0
3.3.3.3/32 OSPF 10 3 D 10.0.24.2 Ethernet1/0/0
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
5.5.5.5/32 OSPF 10 4 D 10.0.24.2 Ethernet1/0/0
10.0.12.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/0
10.0.13.0/24 OSPF 10 3 D 10.0.24.2 Ethernet1/0/0
10.0.23.0/24 OSPF 10 49 D 10.0.24.2 Ethernet1/0/0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/0
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.35.0/24 OSPF 10 4 D 10.0.24.2 Ethernet1/0/0
11.11.11.11/32 OSPF 10 2 D 10.0.24.2 Ethernet1/0/0
44.44.44.0/24 Direct 0 0 D 44.44.44.44 LoopBack1
44.44.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
44.44.44.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
55.55.55.55/32 OSPF 10 4 D 10.0.24.2 Ethernet1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R5>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 21
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 2 D 10.0.35.3 Ethernet1/0/0
2.2.2.2/32 OSPF 10 3 D 10.0.35.3 Ethernet1/0/0
3.3.3.3/32 OSPF 10 1 D 10.0.35.3 Ethernet1/0/0
4.4.4.4/32 OSPF 10 4 D 10.0.35.3 Ethernet1/0/0
5.5.5.5/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 OSPF 10 3 D 10.0.35.3 Ethernet1/0/0
10.0.13.0/24 OSPF 10 2 D 10.0.35.3 Ethernet1/0/0
10.0.23.0/24 OSPF 10 49 D 10.0.35.3 Ethernet1/0/0
10.0.24.0/24 OSPF 10 4 D 10.0.35.3 Ethernet1/0/0
10.0.35.0/24 Direct 0 0 D 10.0.35.5 Ethernet1/0/0
10.0.35.5/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.35.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
11.11.11.11/32 OSPF 10 2 D 10.0.35.3 Ethernet1/0/0
44.44.44.44/32 OSPF 10 4 D 10.0.35.3 Ethernet1/0/0
55.55.55.0/24 Direct 0 0 D 55.55.55.55 LoopBack1
55.55.55.55/32 Direct 0 0 D 127.0.0.1 LoopBack1
55.55.55.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
2.2.5.3 查看DR/BDR选举情况¶
1、在R1、R2上查看DR/BDR的选举情况。观察到,R2当选为10.0.12.0/24网段上的DR,R1则为BDR。这是因为由于采用默认配置,R1的GE0/0/1和R2的GE0/0/0接口的DR优先级的值都为1,所以比较Router-ID。R2因为其Router-ID较大而当选为10.0.12.0/24网段上的DR。
[R1]dis ospf interface
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
1.1.1.1 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
11.11.11.11 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
10.0.12.1 Broadcast BDR 1 1 10.0.12.2 10.0.12.1
10.0.13.1 Broadcast BDR 1 1 10.0.13.3 10.0.13.1
[R2]dis ospf interface
OSPF Process 1 with Router ID 2.2.2.2
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
2.2.2.2 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
10.0.12.2 Broadcast DR 1 1 10.0.12.2 10.0.12.1
10.0.23.2 P2P P-2-P 48 1 0.0.0.0 0.0.0.0
Area: 0.0.0.1 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
10.0.24.2 Broadcast BDR 1 1 10.0.24.4 10.0.24.2
2、修改R1的GE0/0/1的DR优先级值为2,使R1成为10.0.12.0/24网段的DR,R2成为BDR。
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ospf dr-priority 2
3、将R1的GE0/0/1关闭并重启,在R1上重新查看DR/BDR的选举情况。观察到R1当选为10.0.12.0/24网段上的DR。
[R1]dis ospf interface
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
1.1.1.1 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
11.11.11.11 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
10.0.12.1 Broadcast DR 1 2 10.0.12.1 10.0.12.2
10.0.13.1 Broadcast BDR 1 1 10.0.13.3 10.0.13.1
2.2.5.4 配置OSPF的接口开销值¶
1、在R2上使用tracert命令来测试报文从R2到目的地址55.55.55.55所经过的路径。观察到报文经R1(10.0.12.1)再到R3(10.0.13.3),然后到达R5。
<R2>tracert 55.55.55.55
traceroute to 55.55.55.55(55.55.55.55), max hops: 30 ,packet length: 40,press
CTRL_C to break
1 10.0.12.1 30 ms 20 ms 20 ms
2 10.0.13.3 30 ms 30 ms 20 ms
3 10.0.35.5 40 ms 20 ms 30 ms
2、在R2上查看接口的OSPF开销值。观察到R2的S2/0/0接口下的Cost值为48,而R2的G0/0/0接口下的Cost值为1。
<R2>dis ospf interface
OSPF Process 1 with Router ID 2.2.2.2
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
2.2.2.2 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
10.0.12.2 Broadcast BDR 1 1 10.0.12.1 10.0.12.2
10.0.23.2 P2P P-2-P 48 1 0.0.0.0 0.0.0.0
Area: 0.0.0.1 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
10.0.24.2 Broadcast BDR 1 1 10.0.24.4 10.0.24.2
3、将R2的G0/0/0接口下的Cost值修改为100,同时也将R3的GE0/0/0接口下的Cost值修改为100.
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf cost 100
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ospf cost 100
4、在R2上再次使用tracert命令来测试报文从R2到目的地址55.55.55.55所经过的路径。观察到报文直接经过R3(10.0.23.3)到达R5。验证了Cost值越小,路由越优的原则。
<R2>tracert 55.55.55.55
traceroute to 55.55.55.55(55.55.55.55), max hops: 30 ,packet length: 40,press
CTRL_C to break
1 10.0.23.3 30 ms 20 ms 20 ms
2 10.0.35.5 20 ms 20 ms 30 ms
2.2.5.5 配置OSPF被动接口¶
1、首先恢复R2和R3的G0/0/0接口的开销值,修改成默认。
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf cost 1
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ospf cost 1
2、将R2的E1/0/0接口配置为被动接口,此接口将不会发送和接收OSPF报文。
[R2]ospf
[R2-ospf-1]silent-interface e1/0/0
3、配置完成后,使用display ospf peer brirf命令查看R2邻居关系,观察到,R2与R4的邻居关系断开,但仍与R1和R3建立邻居关系。
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 Serial2/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
4、在R2、R4上查看路由表,观察到R2没有到分支机构1的路由。同时R4除了直连路由,没有其他路由。
[R2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 22 Routes : 22
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/0
2.2.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
3.3.3.3/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/0
5.5.5.5/32 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/0
10.0.23.0/24 Direct 0 0 D 10.0.23.2 Serial2/0/0
10.0.23.2/32 Direct 0 0 D 127.0.0.1 Serial2/0/0
10.0.23.3/32 Direct 0 0 D 10.0.23.3 Serial2/0/0
10.0.23.255/32 Direct 0 0 D 127.0.0.1 Serial2/0/0
10.0.24.0/24 Direct 0 0 D 10.0.24.2 Ethernet1/0/0
10.0.24.2/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.35.0/24 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/0
11.11.11.11/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/0
55.55.55.55/32 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/0
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
44.44.44.0/24 Direct 0 0 D 44.44.44.44 LoopBack1
44.44.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
44.44.44.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
2.2.5.6 配置OSPF认证功能¶
OSPF认证功能的配置可以是基于区域的,也可以是基于接口的。
2.2.5.6.1 基于区域认证¶
1、在R1上配置基于区域0的认证功能,采用明文认证的方式。其中密码为huawei
[R1]ospf
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
2、配置完成后,在R1上查看OSPF邻居关系。观察到,R1没有任何邻居。这是因为R2和R3上没有做对应的认证配置。
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
----------------------------------------------------------------------------
3、在R2和R3上做对应的认证配置。
[R2]ospf
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R3]ospf
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
4、配置完成后,继续在R1上查看邻居关系,观察到,邻居关系都恢复正常。
<R1>dis ospf peer brief
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 2.2.2.2 Full
0.0.0.0 GigabitEthernet0/0/2 3.3.3.3 Full
----------------------------------------------------------------------------
2.2.5.6.2 基于接口认证¶
1、在R2上配置基于E1/0/0接口的认证,并采用MD5密文方式。密码设置为huawei。
[R2]int e1/0/0
[R2-Ethernet1/0/0]ospf authentication-mode md5 24 cipher huawei
2、配置完成后,在R2上查看OSPF邻居信息。观察到R2与R4没有建立起邻居关系。这是因为R4上相应的接口上没有做对应的接口配置。
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 Serial2/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
3、在R4上进行相应的认证功能的配置。
[R4]int e1/0/0
[R4-Ethernet1/0/0]ospf authentication-mode md5 24 cipher huawei
4、配置完成后,重新在R2上查看OSPF邻居关系。
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 Serial2/0/0 3.3.3.3 Full
0.0.0.1 Ethernet1/0/0 4.4.4.4 Full
----------------------------------------------------------------------------
2.3 思考¶
按照OSPF的网络设计要求,不同普通区域(Area)之间的通信必须经由骨干区域(Area0)中转才能实现。这种要求的出发点是什么? 答:由于区域间的OSPF是距离矢量的,是容易产生路由回环的。为了避免回环,所以区域间的流量必须经由骨干区域来传递。
三、OSPF邻居邻接关系¶
3.1 原理概述¶
OSPF网络种,路由器在发送任何链路状态信息之前,必须先建立起正确的OSPF邻居、邻接关系。 OSPF路由器是使用Hello报文来建立邻居关系的。OSPF路由器会检查所收到的Hello报中的各种参数,如Router-ID、Area-ID、认证信息、网络掩码、Hello时间间隔等。如果这些参数和接收接口上配置的对应参数都一一保持一致,则邻居关系就会建立起来,否则就无法建立起来邻居关系。 OSPF路由器的邻居关系建立完成之后,下一步才是建立邻接关系。并不是所有的OSPF邻居之间都可以建立邻接关系,这要取决于OSPF邻居之间的网络类型。如在点到点网络上,有效的OSPF邻居关系都可以进一步形成邻接关系。在广播型网络上,会选举DR和BDR;DR和BDR会与所有其他路由器都建立起邻接关系,其他路由器都只与DR和BDR建立邻居关系。
3.2 OSPF邻居邻接关系配置实验¶
3.2.1 实验目的¶
1、理解OSPF邻居关系和邻接关系的含义及差别。 2、观察OSPF邻居邻接关系的建立过程。 3、观察OSPF链路状态数据库的同步过程。
3.2.2 实验内容¶
本实验模拟了一个跨国企业网络场景,国内集团总部的路由器R1、R2、R3组成了一个广播型网络,国外分公司1的路由器R4与国内集团总部核心路由器R1组成了一个点到点网络,国外分公司2的路由器R5与国内集团总部核心路由器R1组成了另一个点到点网络。
3.2.3 实验拓扑¶
3.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.123.1 | 255.255.255.0 | N/A |
| R1(AR2220) | S1/0/0 | 10.0.14.1 | 255.255.255.0 | N/A |
| R1(AR2220) | S1/0/1 | 10.0.15.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack 0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.123.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack 0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.123.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack 0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | S1/0/0 | 10.0.14.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack 0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R5(AR2220) | S1/0/1 | 10.0.15.5 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack 0 | 10.0.5.5 | 255.255.255.255 | N/A |
| ### 3.2.5 实验步骤 | ||||
| #### 3.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 |
3.2.5.2 配置OSPF路由协议¶
1、在每台路由器上进行OSPF协议配置,其中R1、R2、R3之间的链路属于区域0,R1和R4之间的链路属于区域1,R1和R5之间的链路属于区域2。
[R1]ospf router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.123.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]area 1
[R1-ospf-1-area-0.0.0.1]network 10.0.14.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.15.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R2]ospf router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.123.2 0.0.0.0
[R3]ospf router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.123.3 0.0.0.0
[R4]ospf router-id 10.0.4.4
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.14.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 10.0.4.4 0.0.0.0
[R5]ospf router-id 10.0.5.5
[R5-ospf-1]area 2
[R5-ospf-1-area-0.0.0.2]network 10.0.15.5 0.0.0.0
[R5-ospf-1-area-0.0.0.2]network 10.0.5.5 0.0.0.0
2、配置完成后,在R1上查看OSPF邻居关系。观察到R1的OSPF邻居状态都为Full,说明邻居关系已经成功建立。
<R1>dis ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 10.0.2.2 Full
0.0.0.0 GigabitEthernet0/0/0 10.0.3.3 Full
0.0.0.1 Serial1/0/0 10.0.4.4 Full
0.0.0.2 Serial1/0/1 10.0.5.5 Full
----------------------------------------------------------------------------
3、在R1上使用dis ospf peer 命令查看OSPF邻居状态的详细信息。R1、R2、R3的广播型网络都已经完成了DR/BDR的选举,选举结果为10.0.123.3(R3)为DR,10.0.123.2(R2)为BDR。R1与R4、R1与R5之间没有进行DR/BDR的选举。
<R1>dis ospf peer
OSPF Process 1 with Router ID 10.0.1.1
Neighbors
Area 0.0.0.0 interface 10.0.123.1(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.2.2 Address: 10.0.123.2
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.123.3 BDR: 10.0.123.2 MTU: 0
Dead timer due in 33 sec
Retrans timer interval: 5
Neighbor is up for 00:00:03
Authentication Sequence: [ 0 ]
Router ID: 10.0.3.3 Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.123.3 BDR: 10.0.123.2 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:00:01
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 10.0.14.1(Serial1/0/0)'s neighbors
Router ID: 10.0.4.4 Address: 10.0.14.4
State: Full Mode:Nbr is Master Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 5
Neighbor is up for 00:02:11
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.2 interface 10.0.15.1(Serial1/0/1)'s neighbors
Router ID: 10.0.5.5 Address: 10.0.15.5
State: Full Mode:Nbr is Master Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 36 sec
Retrans timer interval: 5
Neighbor is up for 00:01:59
Authentication Sequence: [ 0 ]
4、在R1上查看广播型网络的接口GE0/0/0和点到点网络的接口S1/0/0的详细情况。观察到,广播型网络接口和点到点网络接口默认的Hello时间间隔都是10s,失效时间为40s。
[R1]dis ospf interface g0/0/0
OSPF Process 1 with Router ID 10.0.1.1
Interfaces
Interface: 10.0.123.1 (GigabitEthernet0/0/0)
Cost: 1 State: DROther Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.123.2
Backup Designated Router: 10.0.123.3
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
[R1]dis ospf interface S1/0/0
OSPF Process 1 with Router ID 10.0.1.1
Interfaces
Interface: 10.0.14.1 (Serial1/0/0) --> 10.0.14.4
Cost: 48 State: P-2-P Type: P2P MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
3.2.5.3 观察OSPF邻居邻接关系的建立过程¶
1、关闭R1的S1/0/0和S1/0/1接口,只观察广播网络上的OSPF邻居和邻接关系的建立过程。
[R1]int s1/0/0
[R1-Serial1/0/0]shutdown
[R1-Serial1/0/0]int s1/0/1
[R1-Serial1/0/1]shutdown
2、配置完成后,在R1上查看OSPF的邻居状态。观察到R1和R2、R3的邻居状态都是Full,说明已经建立好了邻接关系。
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 10.0.2.2 Full
0.0.0.0 GigabitEthernet0/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
3、在R1上重启OSPF进程,通过Debugging调试观察R1与R2之间的OSPF邻接关系的建立过程。观察到,重启OSPF进程后,R1与R2的邻居关系由Full状态转为Down状态。R1从R2收到Hello报文后,邻居关系由Down状态转变为了初始状态(Init)。Hello报文的参数协商后,R1与R2的邻居关系进入到了2-Way状态,2-Way状态表明双方已经成功建立了邻居关系。邻居关系建立之后,R1与R2进入到信息交换初始状态(Exstart)、信息交换状态(Exchange)以及信息加载状态(Loading),最终进入到Full状态。Full状态表明双方已经建立了邻接关系。
<R1>debugging ospf packet
<R1>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
<R1>
Feb 23 2022 20:20:05-08:00 R1 %%01OSPF/3/NBR_DOWN_REASON(l)[13]:Neighbor state l
eaves full or changed to Down. (ProcessId=256, NeighborRouterId=2.2.0.10, Neighb
orAreaId=0, NeighborInterface=GigabitEthernet0/0/0,NeighborDownImmediate reason=
Neighbor Down Due to Kill Neighbor, NeighborDownPrimeReason=OSPF Process Reset,
NeighborChangeTime=2022-02-23 20:20:05-08:00)
<R1>
Feb 23 2022 20:20:05-08:00 R1 %%01OSPF/3/NBR_CHG_DOWN(l)[14]:Neighbor event:neig
hbor state changed to Down. (ProcessId=256, NeighborAddress=3.3.0.10, NeighborEv
ent=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down)
<R1>
Feb 23 2022 20:20:05-08:00 R1 %%01OSPF/3/NBR_DOWN_REASON(l)[15]:Neighbor state l
eaves full or changed to Down. (ProcessId=256, NeighborRouterId=3.3.0.10, Neighb
orAreaId=0, NeighborInterface=GigabitEthernet0/0/0,NeighborDownImmediate reason=
Neighbor Down Due to Kill Neighbor, NeighborDownPrimeReason=OSPF Process Reset,
NeighborChangeTime=2022-02-23 20:20:05-08:00)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[16]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[17]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=2Way)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[18]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=AdjOk?, NeighborPreviousState=2Way, NeighborCurrentState=ExStart)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[19]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exc
hange)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[20]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loadi
ng)
<R1>
Feb 23 2022 20:20:09-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[21]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=3.123.0.10, Neighb
orEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[22]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[23]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=2Way)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[24]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=AdjOk?, NeighborPreviousState=2Way, NeighborCurrentState=ExStart)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[25]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exc
hange)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[26]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loadi
ng)
<R1>
Feb 23 2022 20:20:11-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[27]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=2.123.0.10, Neighb
orEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
注意:OSPF路由器之间的邻居关系并不等于邻接关系。邻居关系建立后,还需完成链路状态信息的交换,然后才能建立起邻接关系。
4、将R1的GE0/0/0和R2的GE0/0/0接口优先级的值改为0,不参与DR的选举。
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ospf dr-priority 0
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf dr-priority 0
5、重启R1与R2的OSPF进程,在R1和R3上分别查看OSPF邻居建立情况。观察到R3分别与R1和R2建立邻接关系,R1与R2只建立起邻居关系。
[R3]dis ospf peer
OSPF Process 1 with Router ID 10.0.3.3
Neighbors
Area 0.0.0.0 interface 10.0.123.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.1.1 Address: 10.0.123.1
State: Full Mode:Nbr is Slave Priority: 0
DR: 10.0.123.3 BDR: None MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:00:24
Authentication Sequence: [ 0 ]
Router ID: 10.0.2.2 Address: 10.0.123.2
State: Full Mode:Nbr is Slave Priority: 0
DR: 10.0.123.3 BDR: None MTU: 0
Dead timer due in 37 sec
Retrans timer interval: 5
Neighbor is up for 00:00:14
Authentication Sequence: [ 0 ]
<R1>dis ospf peer
OSPF Process 1 with Router ID 10.0.1.1
Neighbors
Area 0.0.0.0 interface 10.0.123.1(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.2.2 Address: 10.0.123.2
State: 2-Way Mode:Nbr is Master Priority: 0
DR: 10.0.123.3 BDR: None MTU: 0
Dead timer due in 38 sec
Retrans timer interval: 0
Neighbor is up for 00:00:00
Authentication Sequence: [ 0 ]
Router ID: 10.0.3.3 Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.123.3 BDR: None MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 0
Neighbor is up for 00:00:54
Authentication Sequence: [ 0 ]
6、观察点到点网络中OSPF的邻居关系建立情况。开启R1上的两个串口,然后关闭广播接口GE0/0/0。(关闭广播接口的目的是突出所要关注的实验现象)
[R1]int s1/0/0
[R1-Serial1/0/0]undo shutdown
[R1-Serial1/0/0]int s1/0/1
[R1-Serial1/0/1]undo shutdown
7、在R1上查看OSPF邻居建立情况。观察到R1与R4和R5分别建立了邻接关系,邻居状态为Full。
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.4.4 Full
0.0.0.0 Serial1/0/1 10.0.5.5 Full
----------------------------------------------------------------------------
8、在R1重启OSPF进程,通过Debugging调试观察R1与R4之间的OSPF邻居邻接关系的建立过程。观察到,重启OSPF进程后,R1与R4的邻居关系由Down状态转变为初始状态(Init)。接着,R1与R4便直接进入信息交换初始状态(ExStart)、信息交换状态(Exchange),以及信息加载状态(Loading),最终成功建立了邻接关系,进入了Full状态。
<R1>
Feb 24 2022 17:34:21-08:00 R1 %%01OSPF/3/NBR_DOWN_REASON(l)[34]:Neighbor state l
eaves full or changed to Down. (ProcessId=256, NeighborRouterId=4.4.0.10, Neighb
orAreaId=0, NeighborInterface=Serial1/0/0,NeighborDownImmediate reason=Neighbor
Down Due to Kill Neighbor, NeighborDownPrimeReason=OSPF Process Reset, NeighborC
hangeTime=2022-02-24 17:34:21-08:00)
<R1>
Feb 24 2022 17:34:21-08:00 R1 %%01OSPF/3/NBR_CHG_DOWN(l)[35]:Neighbor event:neig
hbor state changed to Down. (ProcessId=256, NeighborAddress=5.5.0.10, NeighborEv
ent=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down)
<R1>
Feb 24 2022 17:34:21-08:00 R1 %%01OSPF/3/NBR_DOWN_REASON(l)[36]:Neighbor state l
eaves full or changed to Down. (ProcessId=256, NeighborRouterId=5.5.0.10, Neighb
orAreaId=0, NeighborInterface=Serial1/0/1,NeighborDownImmediate reason=Neighbor
Down Due to Kill Neighbor, NeighborDownPrimeReason=OSPF Process Reset, NeighborC
hangeTime=2022-02-24 17:34:21-08:00)
<R1>
Feb 24 2022 17:34:27-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[37]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=4.14.0.10, Neighbo
rEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
<R1>
Feb 24 2022 17:34:27-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[38]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=4.14.0.10, Neighbo
rEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=ExStart)
<R1>
Feb 24 2022 17:34:27-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[39]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=4.14.0.10, Neighbo
rEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exch
ange)
<R1>
Feb 24 2022 17:34:28-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[40]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=4.14.0.10, Neighbo
rEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loadin
g)
<R1>
Feb 24 2022 17:34:28-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[41]:Neighbor changes ev
ent: neighbor status changed. (ProcessId=256, NeighborAddress=4.14.0.10, Neighbo
rEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
注意:点到点网络没有经过2-Way状态,并且不存在2-Way状态。
3.2.5.4 观察OSPF链路状态数据库的同步过程¶
1、在R1的S1/0/0接口上查看报文,重启R1的OSPF进程。观察到OSFP协议的各种数据报文,反映了LSDB的同步过程,也反映了OSPF邻居邻接关系建立的过程:首先,R1和R4通过Hello报文进行协商,然后通过数据库描述(DD:Database Description)报文、链路状态请求(LSR:Link State Request)报文、链路状态更新报文(LSU:Link State Update)报文等,最终实现了LSDB的同步,并建立起OSPF邻接关系。
<R1>debugging ospf packet
<R1>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
2、分析R1和R4上的Hello报文。观察到,Hello报文中包含了许多基本信息,如网络掩码、Hello间隔时间、路由器死亡时间以及指出自己的活跃邻居。
3、分析R1和R4上的DD报文。观察到,其中I位、M位、MS位都设置为1。R1和R4都宣称自己是主路由器。DD报文是不包含数据库摘要信息的。首次DD报文后,便可选举Router-ID较大的R4作为主路由器。
3.3 思考¶
在OSPF广播型网络中的DR和BDR之间需要建立OSPF邻接关系吗?为什么? 答:(1)需要(2)BDR实际上是对DR的一个备份,在选举DR的同时也选举出BDR,BDR也和本网段内的所有路由器建立邻接关系并交换路由信息。当DR失效后,BDR会立即成为DR。由于不需要重新选举,并且邻接关系事先已建立,所以这个过程是非常短暂的。
四、OSPF链路状态数据库¶
4.1 原理概述¶
OSPF是一种基于链路状态的动态路由协议,每台OSPF路由器都会生成相关的LSA,并将这些LSA通告出去。路由器收到LSA后,会将它们存放在链路状态数据库LSDB中。 LSA有多种不同的类型,不同类型的LSA的功能和作用是不同的。 (1)Type-1 LSA(Router LSA):每台路由器都会产生,用来描述路由器的直连链路状态和开销值。Type-1 LSA只能在所属区域内部泛洪,不能泛洪到其他区域。 (2)Type-2 LSA(Network LSA):它由DR产生的,主要用来描述该DR所在网段的网络掩码以及该网段内有哪些路由器。Type-2 LSA只能在所属区域内泛洪,不能泛洪到其他区域。 (3)Type-3 LSA(Network Summary LSA):它是由ABR(Area Boundary Router)产生,ABR路由器将所连区域的)Type-1 LSA和Type-2 LSA转换为Type-3 LSA,用来描述区域间的路由信息。Type-3 LSA可以泛洪到整个AS(Autonomous System,自治域)内部,但不能泛洪到Stub区域、Totally Stub区域、NSSA区域、以及Totally NSSA区域中。 (4)Type-4 LSA(ASBR Summary LSA):由ASBR(Autonomous System Boundary Router)所在区域中的ABR产生,用来描述到ASBR的路由。Type-4 LSA可以泛洪到整个AS内部,但不能泛洪到Stub区域、Totally Stub区域、NSSA区域、以及Totally NSSA区域中。 (5)Type-5 LSA(AS External LSA):它是由ASBR产生的,用来描述到AS外部网络的路由。Type-5 LSA可以泛洪到整个AS内部,但不能泛洪到Stub区域、Totally Stub区域、NSSA区域、以及Totally NSSA区域中。 (6)Type-6 LSA(Group Membership LSA):在MOSPF中用于标识组播组成员使用的用户组播路由。 (7)Type-7 LSA(NSSA LSA):它是由NSSA区域或Totally NSSA区域中的NSSA ASBR产生的,用来描述到AS外部的路由。Type-7 LSA只能出现在NSSA区域或Totally NSSA区域中。
4.2 OSPF基本配置配置实验¶
4.2.1 实验目的¶
1、理解OSPF中不同类型的LSA的应用。 2、熟悉OSPF中不同类型的LSA的泛洪范围。 3、熟悉LSA中重要字段的含义。
4.2.2 实验内容¶
本实验模拟一个企业总部与两个分支机构的网络场景。R2、R3、R5之间的链路属于区域0,R1与R2之间的链路属于区域1,R3与R4之间的链路属于区域2,R1和R4的LoopBack1接口用来表示以后有合作伙伴加入的网络。区域1为普通区域,区域2为NSSA区域。在区域0中,R5为DR,R2为BDR,R3为DRother。
4.2.3 实验拓扑¶
4.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R1(AR2220) | LoopBack1 | 192.168.1.1 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.235.2 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.235.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/0 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R4(AR2220) | LoopBack1 | 172.16.1.1 | 255.255.255.0 | N/A |
| R5(AR2220) | GE0/0/0 | 10.0.235.5 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack0 | 10.0.5.5 | 255.255.255.255 | N/A |
4.2.5 实验步骤¶
4.2.5.1 基本配置¶
根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。
4.2.5.2 配置OSPF路由协议¶
1、在每台路由器上配置OSPF协议,R1与R2之间的链路属于区域1,R3与R4之间的链路属于区域2,R2、R3、R5之间属于区域0,区域2是NSSA区域。
[R1]router id 10.0.1.1
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]network 10.0.12.1 0.0.0.0
[R2]router id 10.0.2.2
[R2]ospf
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.235.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]network 10.0.12.2 0.0.0.0
[R3]router id 10.0.3.3
[R3]ospf
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.235.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 2
[R3-ospf-1-area-0.0.0.2]nssa
[R3-ospf-1-area-0.0.0.2]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.2]network 10.0.34.3 0.0.0.0
[R4]router id 10.0.4.4
[R4]ospf
[R4-ospf-1]area 2
[R4-ospf-1-area-0.0.0.2]nssa
[R4-ospf-1-area-0.0.0.2]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.2]network 10.0.34.4 0.0.0.0
[R5]router id 10.0.5.5
[R5]ospf
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 10.0.235.5 0.0.0.0
2、配置完成后,修改R2、R5的G0/0/0接口优先级的值,使R5成为DR,R2成为BDR。
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf dr-priority 50
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ospf dr-priority 100
3、在R2、R3、R5上重启OSPF进程
<R2>reset ospf process
<R3>reset ospf process
<R4>reset ospf process
4、在R3上查看OSPF的DR与BDR的选举情况。观察到,在R2、R3、R5组成的广播型网络中,R5为DR,R2为BDR。
<R3>dis ospf peer
OSPF Process 1 with Router ID 10.0.3.3
Neighbors
Area 0.0.0.0 interface 10.0.235.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.2.2 Address: 10.0.235.2
State: Full Mode:Nbr is Slave Priority: 50
DR: 10.0.235.5 BDR: 10.0.235.2 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:00:50
Authentication Sequence: [ 0 ]
Router ID: 10.0.5.5 Address: 10.0.235.5
State: Full Mode:Nbr is Master Priority: 100
DR: 10.0.235.5 BDR: 10.0.235.2 MTU: 0
Dead timer due in 31 sec
Retrans timer interval: 0
Neighbor is up for 00:00:50
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.2 interface 10.0.34.3(GigabitEthernet0/0/1)'s neighbors
Router ID: 10.0.4.4 Address: 10.0.34.4
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.34.4 BDR: 10.0.34.3 MTU: 0
Dead timer due in 38 sec
Retrans timer interval: 5
Neighbor is up for 00:01:28
Authentication Sequence: [ 0 ]
5、查看每台路由器的路由表。观察到,每台路由器都获得了非直连网络的路由条目。
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 17 Routes : 17
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.3.3/32 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.4.4/32 OSPF 10 3 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.5.5/32 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.0/24 OSPF 10 3 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.235.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.1.0/24 Direct 0 0 D 192.168.1.1 LoopBack1
192.168.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1
192.168.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R2>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 1 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.4.4/32 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.5.5/32 OSPF 10 1 D 10.0.235.5 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.0/24 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.235.0/24 Direct 0 0 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.235.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.235.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.2.2/32 OSPF 10 1 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.4.4/32 OSPF 10 1 D 10.0.34.4 GigabitEthernet
0/0/1
10.0.5.5/32 OSPF 10 1 D 10.0.235.5 GigabitEthernet
0/0/0
10.0.12.0/24 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.34.0/24 Direct 0 0 D 10.0.34.3 GigabitEthernet
0/0/1
10.0.34.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.235.0/24 Direct 0 0 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.235.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.235.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 17 Routes : 17
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 3 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.2.2/32 OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.3.3/32 OSPF 10 1 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.5.5/32 OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.12.0/24 OSPF 10 3 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.34.0/24 Direct 0 0 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.235.0/24 OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.1.0/24 Direct 0 0 D 172.16.1.1 LoopBack1
172.16.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1
172.16.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R5>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 14 Routes : 14
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.2.2/32 OSPF 10 1 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.3.3/32 OSPF 10 1 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.4.4/32 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.5.5/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.34.0/24 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.235.0/24 Direct 0 0 D 10.0.235.5 GigabitEthernet
0/0/0
10.0.235.5/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.235.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6、现在需要将R1和R4的LoopBack1接口所连接的外部网络路由。在R1和R4上使用Route-Policy精确匹配LoopBack1接口的直连路由并引入OSPF进程。
[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R1]route-policy R1 permit node 10
Info: New Sequence of this List.
[R1-route-policy]if-match acl 2000
[R1]ospf 1
[R1-ospf-1]import-route direct route-policy R1
[R4]acl 2000
[R4-acl-basic-2000]rule permit source 172.16.1.0 0.0.0.255
[R4]route-policy R4 permit node 10
Info: New Sequence of this List.
[R4-route-policy]if-match acl 2000
[R4-route-policy]ospf 1
[R4-ospf-1]import-route direct route-policy R4
注意:这里ACL规则必须是匹配整个段,具体地址不可以!!! 7、配置完成后,在R5上查看由R1和R4引入的两条路由。观察到,在R5的路由表上,这两条路由都显示为O_ASE,且优先级和开销值一样。仅仅下一跳地址不同。
<R5>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.2.2/32 OSPF 10 1 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.3.3/32 OSPF 10 1 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.4.4/32 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.5.5/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
10.0.34.0/24 OSPF 10 2 D 10.0.235.3 GigabitEthernet
0/0/0
10.0.235.0/24 Direct 0 0 D 10.0.235.5 GigabitEthernet
0/0/0
10.0.235.5/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.235.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.1.0/24 O_ASE 150 1 D 10.0.235.3 GigabitEthernet
0/0/0
192.168.1.0/24 O_ASE 150 1 D 10.0.235.2 GigabitEthernet
0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
4.2.5.3 查看Type-1 LSA,Type-2 LSA,Type-3 LSA¶
1、在区域0的R5上查看OSPF的LSDB,观察到R5的LSDB中共有5种LSA,分别是Router LSA(或称Type-1 LSA)、Network LSA(或称Type-2 LSA)、Sum-Net LSA(或称Type-3 LSA、Network Summary LSA)、Sum-Asbr LSA(或称Type-4 LSA、ASBR Summary LSA)、External LSA(AS External或称Type-5 LSA)
[R5]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 388 48 80000006 0
Router 10.0.3.3 10.0.3.3 389 36 80000007 1
Router 10.0.2.2 10.0.2.2 396 36 80000006 1
Network 10.0.235.5 10.0.5.5 388 36 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 441 28 80000002 1
Sum-Net 10.0.12.0 10.0.2.2 443 28 80000002 1
Sum-Net 10.0.3.3 10.0.3.3 441 28 80000002 0
Sum-Net 10.0.2.2 10.0.2.2 443 28 80000002 0
Sum-Net 10.0.1.1 10.0.2.2 438 28 80000002 1
Sum-Net 10.0.4.4 10.0.3.3 435 28 80000002 1
Sum-Asbr 10.0.4.4 10.0.3.3 1242 28 80000001 1
Sum-Asbr 10.0.1.1 10.0.2.2 1376 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 765 36 80000001 1
External 172.16.1.0 10.0.4.4 854 36 80000001 1
2、在R5上查看Router-ID为10.0.2.2产生的Router LSA的详细信息,观察到,R2的Router LSA描述了自己连接到了某个TransNet网络,网络的DR接口的IP地址为10.0.235.5(R5),自己使用10.0.235.2连接到该网络中,且到达这个网络的Cost值为1。
<R5>dis ospf lsdb router 10.0.2.2
OSPF Process 1 with Router ID 10.0.5.5
Area: 0.0.0.0
Link State Database
Type : Router
Ls id : 10.0.2.2
Adv rtr : 10.0.2.2
Ls age : 489
Len : 36
Options : ABR E
seq# : 80000004
chksum : 0xf24d
Link count: 1
* Link ID: 10.0.235.5
Data : 10.0.235.2
Link Type: TransNet
Metric : 1
3、解释显示信息的部分参数的含义 (1)Type:表示LSA的类型,这里表示的是Router LSA。不同类型的LSA的作用和泛洪范围是不相同的。Router LSA描述了路由器的直连链路或接口,泛洪范围为所在区域的内部,以使本区域的其他路由器了解其直连链路或接口的状态信息。 (2)Ls id:对于Router LSA,Ls id就是产生该Router LSA的路由器的Router-ID。 (3)Adv rtr:Adv rtr描述了LSA是由哪台路由器产生的。对于Router LSA来说,Adv rtr就是产生该Router LSA的路由器的Router-ID。 (4)seq#:每一条LSA都会维护一个Seq#(序列号),产生这条LSA的路由器默认会以30s的周期泛洪这条LSA,每条泛洪时,序列号就+1。LSA的序列号越大,表明这条LSA越新。 (5)chksum:chksum(校验和)用来校验LSA的完整性。所有LSA都保存在路由器的LSDB中,每5min会计算一次。如果路由器收到了同一条LSA,且序列号相同,则会比较它们的校验和,校验和越大就被认为相应的LSA越新。 (6)Ls age:Ls age是指LSA的老化时间,用来表示LSA已经存活了多长时间,最大值为3600s。当一台路由器产生一条LSA的时候,路由器会将LSA的老化时间设置为0。LSA在产生后,无论是停留在路由器的LSDB内,还是在传递过程中,老化时间都会不断增加。为了防止因LSA的过期而导致路由回馈,路由器会每隔30min泛洪自己产生的LSA。若序列号与校验和的比较都不能确定出最新的LSA时,则会比较老化时间。在LSDB中,如果老化时间相差大于15min以上,则Ls age的值越小,说明LSA越新;如果相差在15min内,则认为两条LSA是一样的。 (7)Link count:Link count以上的参数信息通常被称为LSA头部信息,Link count以下的参数信息称为具体的链路状态描述信息。Link count标识了这条LSA描述的链路信息的数量。 (8)Link ID:对于P-2-P链路类型,Link ID是指链路上邻居接口的IP地址;对于TransNet链路类型,Link ID是指DR接口的IP地址。 (9)Data:指自身接口的IP地址 (10)Link Type:指接口的链路类型,OSPF协议会把Broadcast和NBMA这两种具有多路访问能力的网络都认为是TransNet网络。 (11)Metric:指路由器到达这条链路的Cost值 4、R5是TransNet网络的DR,在R5上查看它产生和发送的Network LSA的详细信息。这条Network LSA说明了TransNet网络掩码为255.255.255.0,连接到这个TransNet网络的路由器有10.0.5.5(R5)、10.0.2.2(R2)、10.0.3.3(R3)。Network LSA中没有携带路径的开销,原因是因为Router LSA已经描述了自己到TransNet网络的Cost值。
<R5>display ospf lsdb network 10.0.235.5
OSPF Process 1 with Router ID 10.0.5.5
Area: 0.0.0.0
Link State Database
Type : Network
Ls id : 10.0.235.5
Adv rtr : 10.0.5.5
Ls age : 448
Len : 36
Options : E
seq# : 80000004
chksum : 0x5ab7
Net mask : 255.255.255.0
Priority : Low
Attached Router 10.0.5.5
Attached Router 10.0.2.2
Attached Router 10.0.3.3
5、在R2、R3、R5上查看区域0的LSDB。观察到,R2、R3、R5的LSDB中区域0的Router LSA和Network LSA是完全一样的。
<R2>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 810 48 80000007 0
Router 10.0.3.3 10.0.3.3 810 36 80000007 1
Router 10.0.2.2 10.0.2.2 809 36 80000006 1
Network 10.0.235.5 10.0.5.5 810 36 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 852 28 80000003 1
Sum-Net 10.0.12.0 10.0.2.2 849 28 80000003 1
Sum-Net 10.0.3.3 10.0.3.3 852 28 80000003 0
Sum-Net 10.0.2.2 10.0.2.2 849 28 80000003 0
Sum-Net 10.0.1.1 10.0.2.2 842 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 848 28 80000003 1
Sum-Asbr 10.0.4.4 10.0.3.3 630 28 80000003 1
Sum-Asbr 10.0.1.1 10.0.2.2 673 28 80000003 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 841 48 8000000A 1
Router 10.0.1.1 10.0.1.1 674 48 80000013 0
Network 10.0.12.1 10.0.1.1 840 32 80000004 0
Sum-Net 10.0.34.0 10.0.2.2 809 28 80000003 2
Sum-Net 10.0.235.0 10.0.2.2 849 28 80000003 1
Sum-Net 10.0.3.3 10.0.2.2 809 28 80000003 1
Sum-Net 10.0.5.5 10.0.2.2 809 28 80000003 1
Sum-Net 10.0.4.4 10.0.2.2 809 28 80000003 2
Sum-Asbr 10.0.4.4 10.0.2.2 629 28 80000003 2
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 674 36 80000003 1
External 172.16.1.0 10.0.4.4 559 36 80000003 1
<R3>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 832 48 80000007 0
Router 10.0.3.3 10.0.3.3 831 36 80000007 1
Router 10.0.2.2 10.0.2.2 832 36 80000006 1
Network 10.0.235.5 10.0.5.5 832 36 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 873 28 80000003 1
Sum-Net 10.0.12.0 10.0.2.2 872 28 80000003 1
Sum-Net 10.0.3.3 10.0.3.3 873 28 80000003 0
Sum-Net 10.0.2.2 10.0.2.2 872 28 80000003 0
Sum-Net 10.0.1.1 10.0.2.2 865 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 869 28 80000003 1
Sum-Asbr 10.0.4.4 10.0.3.3 651 28 80000003 1
Sum-Asbr 10.0.1.1 10.0.2.2 696 28 80000003 1
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 867 48 8000000C 0
Router 10.0.4.4 10.0.4.4 653 48 80000011 0
Network 10.0.34.4 10.0.4.4 864 32 80000004 0
Sum-Net 10.0.12.0 10.0.3.3 830 28 80000003 2
Sum-Net 10.0.235.0 10.0.3.3 873 28 80000003 1
Sum-Net 10.0.2.2 10.0.3.3 830 28 80000003 1
Sum-Net 10.0.1.1 10.0.3.3 830 28 80000003 2
Sum-Net 10.0.5.5 10.0.3.3 831 28 80000003 1
Sum-Asbr 10.0.1.1 10.0.3.3 695 28 80000003 2
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 697 36 80000003 1
External 172.16.1.0 10.0.4.4 580 36 80000003 1
<R5>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 865 48 80000007 0
Router 10.0.3.3 10.0.3.3 866 36 80000007 1
Router 10.0.2.2 10.0.2.2 866 36 80000006 1
Network 10.0.235.5 10.0.5.5 865 36 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 908 28 80000003 1
Sum-Net 10.0.12.0 10.0.2.2 906 28 80000003 1
Sum-Net 10.0.3.3 10.0.3.3 908 28 80000003 0
Sum-Net 10.0.2.2 10.0.2.2 906 28 80000003 0
Sum-Net 10.0.1.1 10.0.2.2 899 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 904 28 80000003 1
Sum-Asbr 10.0.4.4 10.0.3.3 686 28 80000003 1
Sum-Asbr 10.0.1.1 10.0.2.2 730 28 80000003 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 731 36 80000003 1
External 172.16.1.0 10.0.4.4 615 36 80000003 1
6、R2同时连接了区域0和区域1,所以是一台ABR路由器。查看R2的LSDB。观察到,R2的区域0中有一条LinkState ID为10.0.12.0网络的Sum-Net LSA,它的AdvRouter为10.0.2.2。网段10.0.12.0/24本属于区域1的网络,现在被ABR路由器R2转换为Sum-Net LSA并泛洪到了区域0中。10.0.235.0/24本是属于区域0的网络,现在被ABR路由器R2转为Sum-Net LSA并泛洪到区域1中。实际上,Sum-Net LSA是被ABR利用自己相连区域的Router LSA和Network LSA来计算得到的路由信息的。
<R2>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 1106 48 80000007 0
Router 10.0.3.3 10.0.3.3 1106 36 80000007 1
Router 10.0.2.2 10.0.2.2 1105 36 80000006 1
Network 10.0.235.5 10.0.5.5 1106 36 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 1148 28 80000003 1
Sum-Net 10.0.12.0 10.0.2.2 1145 28 80000003 1
Sum-Net 10.0.3.3 10.0.3.3 1148 28 80000003 0
Sum-Net 10.0.2.2 10.0.2.2 1145 28 80000003 0
Sum-Net 10.0.1.1 10.0.2.2 1138 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 1144 28 80000003 1
Sum-Asbr 10.0.4.4 10.0.3.3 926 28 80000003 1
Sum-Asbr 10.0.1.1 10.0.2.2 969 28 80000003 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 1137 48 8000000A 1
Router 10.0.1.1 10.0.1.1 970 48 80000013 0
Network 10.0.12.1 10.0.1.1 1136 32 80000004 0
Sum-Net 10.0.34.0 10.0.2.2 1105 28 80000003 2
Sum-Net 10.0.235.0 10.0.2.2 1145 28 80000003 1
Sum-Net 10.0.3.3 10.0.2.2 1105 28 80000003 1
Sum-Net 10.0.5.5 10.0.2.2 1105 28 80000003 1
Sum-Net 10.0.4.4 10.0.2.2 1105 28 80000003 2
Sum-Asbr 10.0.4.4 10.0.2.2 925 28 80000003 2
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 970 36 80000003 1
External 172.16.1.0 10.0.4.4 855 36 80000003 1
7、在R2上查看LinkState ID为10.0.12.0的这条Sum-Net LSA的详细信息。观察到,LSA的Type为Sum-Net,Ls id表明了目的网络地址为10.0.12.0,Net mask表明了目的网络的掩码为255.255.255.0,Metric表明了ABR路由器R2去往目的网络的Cost值为1。
<R2>dis ospf lsdb summary 10.0.12.0
OSPF Process 1 with Router ID 10.0.2.2
Area: 0.0.0.0
Link State Database
Type : Sum-Net
Ls id : 10.0.12.0
Adv rtr : 10.0.2.2
Ls age : 1747
Len : 28
Options : E
seq# : 80000003
chksum : 0xf540
Net mask : 255.255.255.0
Tos 0 metric: 1
Priority : Low
Area: 0.0.0.1
Link State Database
8、在R5上查看LSDB,并查看路由表中关于10.0.12.0/24的路由信息。观察到,R5的LSDB中存在10.0.12.0这条Sum-Net LSA,R5的路由表中关于10.0.12.0/24的这条路由信息表明R5去往10.0.12.0/24的Cost值为2。R5通过这条Sum-Net LSA得知网络中存在10.0.12.0/24网段,这个网段的AdvRouter为10.0.2.2
<R5>dis ospf lsdb summary 10.0.12.0
OSPF Process 1 with Router ID 10.0.5.5
Area: 0.0.0.0
Link State Database
Type : Sum-Net
Ls id : 10.0.12.0
Adv rtr : 10.0.2.2
Ls age : 370
Len : 28
Options : E
seq# : 80000004
chksum : 0xf341
Net mask : 255.255.255.0
Tos 0 metric: 1
Priority : Low
<R5>dis ip routing-table 10.0.12.0
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Table : Public
Summary Count : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.12.0/24 OSPF 10 2 D 10.0.235.2 GigabitEthernet
0/0/0
说明:区域间的路由是根据Sum-Net LSA并结合Router LSA及Network-LSA计算出来的。计算区域间路由时,采用的不再是链路状态算法,而是距离矢量算法!!!
9、在R2上查看LinkState ID为10.0.34.0/24这条LSA的信息。观察到,10.0.34.0/24是属于区域2的网络,ABR路由器R3将关于10.0.34.0/24的路由信息以Sum-Net LSA的方式通告进区域 0,Cost为1。然后,ABR路由器R2将关于10.0.34.0/24的路由信息以Sum-Net LSA的方式通告进区域 0。
<R2>dis ospf lsdb summary 10.0.34.0
OSPF Process 1 with Router ID 10.0.2.2
Area: 0.0.0.0
Link State Database
Type : Sum-Net
Ls id : 10.0.34.0
Adv rtr : 10.0.3.3
Ls age : 915
Len : 28
Options : E
seq# : 80000001
chksum : 0xf926
Net mask : 255.255.255.0
Tos 0 metric: 1
Priority : Low
Area: 0.0.0.1
Link State Database
Type : Sum-Net
Ls id : 10.0.34.0
Adv rtr : 10.0.2.2
Ls age : 869
Len : 28
Options : E
seq# : 80000001
chksum : 0x1110
Net mask : 255.255.255.0
Tos 0 metric: 2
Priority : Low
说明:对于ABR来说,如果在自己相连的某个区域的LSDB中存在某条Sum-Net LSA,并且该Sum-Net LSA的AdvRouter不是自己的Router-ID,就会将这条Sum-Net LSA的AdvRouter修改为自己的Router-ID, 并重新计算自己到达这条Sum-Net LSA的Cost值,然后将之泛洪到自己相连的其他区域中。
4.2.5.4 查看Type-4 LSA和Type-5 LSA¶
1、R1的Loop1是外部路由,被ASBR路由器R1引入到了OSPF网络中。查看R1的LSDB。观察到,R1的LSDB中存在一条Type为External,LinkState ID为192.168.1.0,AdvRouter为10.0.1.1的LSA。
<R1>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 1774 48 80000006 0
Router 10.0.1.1 10.0.1.1 1574 48 80000009 0
Network 10.0.12.1 10.0.1.1 1772 32 80000002 0
Sum-Net 10.0.34.0 10.0.2.2 1740 28 80000001 2
Sum-Net 10.0.235.0 10.0.2.2 1927 28 80000001 1
Sum-Net 10.0.3.3 10.0.2.2 1740 28 80000001 1
Sum-Net 10.0.5.5 10.0.2.2 1740 28 80000001 1
Sum-Net 10.0.4.4 10.0.2.2 1740 28 80000001 2
Sum-Asbr 10.0.4.4 10.0.2.2 1517 28 80000001 2
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 192.168.1.0 10.0.1.1 1574 36 80000001 1
External 172.16.1.0 10.0.4.4 1519 36 80000001 1
路由器可以通过Router LSA和Network计算区域内的路由,可以通过Sum-Net LSA并结合Router LSA和Network LSA计算区域间的路由,可以通过Sum-Asbr LSA和External LSA计算AS外部的路由。 2、在R1上查看这条LinkState ID为192.168.1.0,AdvRouter为10.0.1.1的LSA的具体信息.观察到,这条LSA的Type是External,AdvRouter为10.0.1.1(R1),这条LSA实际上是一条目的网络为192.168.1.0/24的AS外部路由,显示信息中的E Type(External Type)的值为2。
<R1>dis ospf lsdb ase 192.168.1.0
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Type : External
Ls id : 192.168.1.0
Adv rtr : 10.0.1.1
Ls age : 30
Len : 36
Options : E
seq# : 80000002
chksum : 0xd880
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
3、查看R2、R3、R4、R5的LSDB是否也存在LinkState ID为192.168.1.0,AdvRouter为10.0.1.1的LSA,观察到,R2、R3、R5的LSDB存在上述LSA,而且参数信息没有发生变化。R4因为处于NSSA区域中,而External LSA是不允许进入NSSA区域的。
<R2>dis ospf lsdb ase 192.168.1.0
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Type : External
Ls id : 192.168.1.0
Adv rtr : 10.0.1.1
Ls age : 968
Len : 36
Options : E
seq# : 80000002
chksum : 0xd880
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
<R3>dis ospf lsdb ase 192.168.1.0
OSPF Process 1 with Router ID 10.0.3.3
Link State Database
Type : External
Ls id : 192.168.1.0
Adv rtr : 10.0.1.1
Ls age : 972
Len : 36
Options : E
seq# : 80000002
chksum : 0xd880
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
<R4>dis ospf lsdb ase 192.168.1.0
OSPF Process 1 with Router ID 10.0.4.4
<R5>dis ospf lsdb ase 192.168.1.0
OSPF Process 1 with Router ID 10.0.5.5
Link State Database
Type : External
Ls id : 192.168.1.0
Adv rtr : 10.0.1.1
Ls age : 981
Len : 36
Options : E
seq# : 80000002
chksum : 0xd880
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
External LSA可以在整个AS内部泛洪,但不能泛洪到Stub区域、Totally Stub区域、NSSA区域和Totally NSSA区域。在泛洪过程中各个参数不会被改变。 4、R5通过Link id为192.168.1.0的External LSA得知,从自己去往192.168.1.0/24是可以通过10.0.1.1(R1)到达的,并且知道从R1去往192.168.1.0/24的Cost值为1。R5并不知道从自己去往ASBR路由器R1的路由及Cost,所以R5还无法计算出从自己到达外部网络192.168.1.0/24的路由及Cost。在OSPF协议中,Sum-Asbr LSA是用来描述去往ASBR路由信息的。查看R5的LSDB中Link ID为10.0.1.1的Sum-Asbr LSA的具体信息。观察到ABR路由器R2到ASBR路由器R1(10.0.1.1)的Cost值为1。
<R5>dis ospf lsdb asbr 10.0.1.1
OSPF Process 1 with Router ID 10.0.5.5
Area: 0.0.0.0
Link State Database
Type : Sum-Asbr
Ls id : 10.0.1.1
Adv rtr : 10.0.2.2
Ls age : 400
Len : 28
Options : E
seq# : 80000003
chksum : 0x57e7
Tos 0 metric: 1
5、在R5上使用dis ospf abr-asbr命令查看到ABR和ASBR的Cost值。观察到,从R5上到达ABR路由器R2的Cost值为1,从R5到达ASBR路由器R1的Cost值为2。R5其实是通过Router LSA和Network LSA先计算出到达ABR路由器R2的Cost值,然后加上ABR路由器R2到达ASBR路由器R1的Cost值,最终得出从自己到达ASBR路由器R1的Cost值。
<R5>dis ospf abr-asbr
OSPF Process 1 with Router ID 10.0.5.5
Routing Table to ABR and ASBR
RtType Destination Area Cost Nexthop Type
Intra-area 10.0.2.2 0.0.0.0 1 10.0.235.2 ABR
Intra-area 10.0.3.3 0.0.0.0 1 10.0.235.3 ABR/ASBR
Inter-area 10.0.1.1 0.0.0.0 2 10.0.235.2 ASBR
说明:Sum-Net LSA和Sum-Asbr LSA的相同点是它们都由ABR产生,并且其AdvRouter在泛洪过程中会作相应的改变,不同点在于Sum-Net LSA是用来计算区域间的路由的,而Sum-Asbr LSA是用来计算到达ASBR路由的。如果网络中不存在ASBR,那就不会产生Sum-Asbr LSA,说明有External LSA存在时,才会有Sum-Asbr LSA。 6、在R1上使用undo import-route取消路由的引入。
[R1]ospf
[R1-ospf-1]undo import-route direct
7、在R5上查看LSDB,观察到LinkState ID为192.168.1.0 的External LSA消失了,Adv为10.0.1.1的Sum-Asbr LSA随之消失了。
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 1796 48 80000008 0
Router 10.0.1.1 10.0.1.1 88 48 8000000C 0
Network 10.0.12.1 10.0.1.1 1794 32 80000004 0
Sum-Net 10.0.34.0 10.0.2.2 1344 28 80000004 2
Sum-Net 10.0.235.0 10.0.2.2 6 28 80000004 1
Sum-Net 10.0.3.3 10.0.2.2 1344 28 80000004 1
Sum-Net 10.0.5.5 10.0.2.2 1763 28 80000003 1
Sum-Net 10.0.4.4 10.0.2.2 1285 28 80000002 2
Sum-Asbr 10.0.3.3 10.0.2.2 1344 28 80000002 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 172.16.1.0 10.0.4.4 3341 36 80000002 1
External 172.16.1.0 10.0.3.3 1286 36 80000002 1
4.2.5.5 查看Type-7 LSA¶
1、R4为NSSA区域的ASBR,查看R4的LSDB。观察到,R4为外部路由172.16.1.0产生了相应的NSSA LSA。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1551 48 80000006 0
Router 10.0.4.4 10.0.4.4 1544 48 80000006 0
Network 10.0.34.4 10.0.4.4 1544 32 80000003 0
Sum-Net 10.0.12.0 10.0.3.3 1610 28 80000002 2
Sum-Net 10.0.235.0 10.0.3.3 1610 28 80000002 1
Sum-Net 10.0.2.2 10.0.3.3 1610 28 80000002 1
Sum-Net 10.0.1.1 10.0.3.3 1610 28 80000002 2
Sum-Net 10.0.5.5 10.0.3.3 1610 28 80000002 1
NSSA 172.16.1.0 10.0.4.4 1590 36 80000002 1
NSSA 0.0.0.0 10.0.3.3 1610 36 80000002 1
说明:NSSA区域引入的外部路由不能以External LSA的形式出现,取而代之的是使用NSSA LSA来描述NSSA区域中的AS外部路由,且NSSA LSA只能出现在NSSA区域中。NSSA LSA由NSSA区域中的NSSA ASBR产生。 2、在R4上查看这条LSA的详细信息。观察到NSSA LSA的参数信息基本上和External LSA相同。
<R4>dis ospf lsdb nssa 172.16.1.0
OSPF Process 1 with Router ID 10.0.4.4
Area: 0.0.0.2
Link State Database
Type : NSSA
Ls id : 172.16.1.0
Adv rtr : 10.0.4.4
Ls age : 1743
Len : 36
Options : NP
seq# : 80000002
chksum : 0x42a3
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 10.0.4.4
Tag : 1
Priority : Low
3、R3为NSSA区域的ABR路由器,在R3上查看LSDB信息。观察到,由10.0.4.4产生的NSSA LSA被R3转换为External LSA,并泛洪到其他区域。
<R3>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 644 48 80000008 0
Router 10.0.3.3 10.0.3.3 225 36 80000009 1
Router 10.0.2.2 10.0.2.2 644 36 80000007 1
Network 10.0.235.5 10.0.5.5 645 36 80000006 0
Sum-Net 10.0.34.0 10.0.3.3 225 28 80000005 1
Sum-Net 10.0.12.0 10.0.2.2 688 28 80000004 1
Sum-Net 10.0.3.3 10.0.3.3 225 28 80000005 0
Sum-Net 10.0.2.2 10.0.2.2 688 28 80000004 0
Sum-Net 10.0.1.1 10.0.2.2 679 28 80000004 1
Sum-Net 10.0.4.4 10.0.3.3 166 28 80000003 1
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 166 48 80000007 0
Router 10.0.4.4 10.0.4.4 160 48 80000007 0
Network 10.0.34.4 10.0.4.4 160 32 80000004 0
Sum-Net 10.0.12.0 10.0.3.3 225 28 80000003 2
Sum-Net 10.0.235.0 10.0.3.3 225 28 80000003 1
Sum-Net 10.0.2.2 10.0.3.3 225 28 80000003 1
Sum-Net 10.0.1.1 10.0.3.3 225 28 80000003 2
Sum-Net 10.0.5.5 10.0.3.3 225 28 80000003 1
NSSA 0.0.0.0 10.0.3.3 225 36 80000003 1
NSSA 172.16.1.0 10.0.4.4 206 36 80000003 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 172.16.1.0 10.0.3.3 166 36 80000003 1
说明:NSSA LSA是特殊类型的LSA,只会出现NSSA区域中,不能泛洪到其他区域。NSSA区域的ABR会将NSSA LSA转换为External LSA,并泛洪到其他区域。
4.3 思考¶
NSSA区域的ABR路由器是否会为NSSA LSA生成Network Summary LSA? 答:不会,NSSA区域的ABR路由器会为NSSA LSA生成External LSA,并泛洪到其他区域。
五、OSPF Stub区域¶
5.1 原理概述¶
OSPF定义了多种区域类型,其中比较常见的有Stub区域和Totally区域。区域的类型决定了在这个区域当中所存在的LSA类型。 Stub区域不允许Type-4和Type-5 LSA进入,该区域会通过Type-3 LSA所表示的缺省路由访问AS外部目的地。Totally Stub区域不仅不允许Type-4和Type-5 LSA进入,同时也不允许Type-3 LSA进入,只允许表示缺省的Type-3 LSA进入,并根据缺省路由来访问该区域以外的任何目的地。 Stub区域和Tolly Stub区域的功能就是减少该区域中LSA的数量,从而缩小LSDB的规模,进而减少路由表中路由条目的数量,实现降低设备负担、增强网络稳定性、优化网络性能的目的。 配置Stub和Totally Stub区域的时候需要注意以下几点:骨干区域不能被配置成为Stub区域或者Totally Stub区域,Virtual-link不能通过Stub区域或者Totally Stub区域,Stub区域或者Totally Stub区域中不允许包含有ASBR路由器。
5.2 OSPF Stub区域配置实验¶
5.2.1 实验目的¶
1、理解Stub和Totally Stub区域的作用与区别 2、掌握Stub和Totally Stub区域的配置方法
5.2.2 实验内容¶
本实验模拟了一个企业网络场景,R1、R2、R3为公司总部网络的路由器,R4、R5分别为企业分支机构1和分支机构2的路由器,并且采用双上行方式与企业总部相连。整个网络都运行OSPF协议,R1、R2、R3之间的链路位于区域0,R4与R1、R4与R2之间的两条链路位于区域1,R5与R1、R5与R2之间的两条链路位于区域2,R3的LoopBack1接口用来模拟企业外部网络。网络的最终需求是:不同分支机构通过不同的总部路由器访问总部网络及外网,并实现主备备份,即R4与R1间为分支机构1的主用链路,R4与R2之间为其备用链路;R5与R2之间为分支机构2的主用链路,R5与R1之间为分支机构2的备用链路。另外,R4和R5的LSDB及路由表的规模应尽量小。
5.2.3 实验拓扑¶
5.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | G0/0/0 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | G0/0/1 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | E1/0/0 | 10.0.14.1 | 255.255.255.0 | N/A |
| R1(AR2220) | E1/0/1 | 10.0.15.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack 0 | 1.1.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | G0/0/0 | 10.0.23.2 | 255.255.255.0 | N/A |
| R2(AR2220) | G0/0/1 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | E1/0/0 | 10.0.24.2 | 255.255.255.0 | N/A |
| R2(AR2220) | E1/0/1 | 10.0.25.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack 0 | 2.2.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | G0/0/0 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | G0/0/1 | 10.0.23.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack 0 | 3.3.3.3 | 255.255.255.255 | N/A |
| R3(AR2220) | LoopBack 1 | 20.0.0.1 | 255.255.255.0 | N/A |
| R4(AR2220) | E1/0/0 | 10.0.14.4 | 255.255.255.0 | N/A |
| R4(AR2220) | E1/0/1 | 10.0.24.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack 0 | 4.4.4.4 | 255.255.255.255 | N/A |
| R5(AR2220) | E1/0/0 | 10.0.15.5 | 255.255.255.0 | N/A |
| R5(AR2220) | E1/0/1 | 10.0.25.5 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack 0 | 5.5.5.5 | 255.255.255.255 | N/A |
| ### 5.2.5 实验步骤 | ||||
| #### 5.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 | ||||
| #### 5.2.5.2 配置OSPF及路由引入 | ||||
| 1、在每台路由器上配置OSPF协议,R1、R2、R3之间的链路位于区域0,R4与R1、R4与R2之间的两条链路位于区域1,R5与R1、R5与R2之间的两条链路位于区域2。 |
[R1]router id 1.1.1.1
[R1]ospf
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]area 1
[R1-ospf-1-area-0.0.0.1]network 10.0.14.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.15.1 0.0.0.0
[R2]router id 2.2.2.2
[R2]ospf
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.24.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]area 2
[R2-ospf-1-area-0.0.0.2]network 10.0.25.2 0.0.0.0
[R3]router id 3.3.3.3
[R3]ospf
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0
[R4]router id 4.4.4.4
[R4]ospf
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 10.0.14.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 10.0.24.4 0.0.0.0
[R5]router id 5.5.5.5
[R5]ospf
[R5-ospf-1]area 2
[R5-ospf-1-area-0.0.0.2]network 10.0.25.5 0.0.0.0
[R5-ospf-1-area-0.0.0.2]network 10.0.15.5 0.0.0.0
[R5-ospf-1-area-0.0.0.2]network 5.5.5.5 0.0.0.0
2、配置完成后,查看R1、R2上的OSPF邻居建立情况。观察到邻居状态都是Full,说明邻居关系已经成功建立。
<R1>dis ospf peer brief
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full
0.0.0.0 GigabitEthernet0/0/1 2.2.2.2 Full
0.0.0.1 Ethernet1/0/0 4.4.4.4 Full
0.0.0.2 Ethernet1/0/1 5.5.5.5 Full
----------------------------------------------------------------------------
<R2>dis ospf peer brief
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full
0.0.0.0 GigabitEthernet0/0/1 1.1.1.1 Full
0.0.0.1 Ethernet1/0/0 4.4.4.4 Full
0.0.0.2 Ethernet1/0/1 5.5.5.5 Full
----------------------------------------------------------------------------
3、在R4上查看路由表,观察到R4获得了所以其他网段的路由。由于R4采用了双出口设计,其中部分路由条目同时有两个下一跳,即通过R1或者R2都可以访问,处于负载均衡状态。
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 20 Routes : 23
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 10.0.14.1 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.24.2 Ethernet1/0/1
3.3.3.3/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
5.5.5.5/32 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.12.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.14.0/24 Direct 0 0 D 10.0.14.4 Ethernet1/0/0
10.0.14.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.14.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.15.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.23.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.25.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
4、在R3上配置路由引入,采用引入直连路由的方式将LoopBack1接口所在网段引入到OSPF进程中,用它来模拟企业外部网络。
[R3]ospf
[R3-ospf-1]import-route direct
5、在R4上查看其路由表,观察到R4已经获得了该企业外部网络的路由,并且也是负载均衡方式。这里OSPF外部路由在路由表中显示O_ASE,其优先级值为150,远远大于普通OSPF内部路由优先级的值为10。
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 25
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 10.0.14.1 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.24.2 Ethernet1/0/1
3.3.3.3/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
5.5.5.5/32 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.12.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.14.0/24 Direct 0 0 D 10.0.14.4 Ethernet1/0/0
10.0.14.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.14.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.15.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.23.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.25.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
20.0.0.0/24 O_ASE 150 1 D 10.0.24.2 Ethernet1/0/1
O_ASE 150 1 D 10.0.14.1 Ethernet1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6、查看R4的LSDB,观察到在External LSA(即Type-5 LSA)中,存在一条LinkState ID为20.0.0.0的LSA,通告路由器为R3。同时,在LSDB中还包含了两条LinkState ID为3.3.3.3的Type-4 LSA(Sum-Asbr LSA),通告路由器分别为R1和R2,表示了两条去往ASBR R3的路由。另外,在External LSA(即Type-5 LSA)中,除了存在一条LinkState ID为20.0.0.0的LSA外,还存在其他三条路由,这是因为此前采取了直接银日直连路由的方式引入外部路由,所以将R3上所有直连网段的路由全部引入了进来。又因为OSPF内部路由优先级优先于外部路由优先级,所以选择从内部获得这三条路由。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 4.4.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 4.4.4.4 4.4.4.4 941 60 80000006 0
Router 2.2.2.2 2.2.2.2 937 36 80000006 1
Router 1.1.1.1 1.1.1.1 943 36 80000006 1
Network 10.0.14.1 1.1.1.1 943 32 80000002 0
Network 10.0.24.2 2.2.2.2 937 32 80000002 0
Sum-Net 10.0.15.0 1.1.1.1 1340 28 80000001 1
Sum-Net 10.0.15.0 2.2.2.2 1190 28 80000001 2
Sum-Net 10.0.25.0 1.1.1.1 1180 28 80000001 2
Sum-Net 10.0.25.0 2.2.2.2 1179 28 80000001 1
Sum-Net 10.0.13.0 1.1.1.1 1356 28 80000001 1
Sum-Net 10.0.13.0 2.2.2.2 1190 28 80000001 2
Sum-Net 10.0.12.0 1.1.1.1 1356 28 80000001 1
Sum-Net 10.0.12.0 2.2.2.2 1190 28 80000001 1
Sum-Net 5.5.5.5 2.2.2.2 843 28 80000001 1
Sum-Net 5.5.5.5 1.1.1.1 843 28 80000001 1
Sum-Net 3.3.3.3 1.1.1.1 1049 28 80000001 1
Sum-Net 3.3.3.3 2.2.2.2 1045 28 80000002 1
Sum-Net 2.2.2.2 1.1.1.1 1220 28 80000001 1
Sum-Net 2.2.2.2 2.2.2.2 1190 28 80000001 0
Sum-Net 1.1.1.1 1.1.1.1 1356 28 80000001 0
Sum-Net 1.1.1.1 2.2.2.2 1190 28 80000001 1
Sum-Net 10.0.23.0 1.1.1.1 1220 28 80000001 2
Sum-Net 10.0.23.0 2.2.2.2 1190 28 80000001 1
Sum-Asbr 3.3.3.3 2.2.2.2 247 28 80000001 1
Sum-Asbr 3.3.3.3 1.1.1.1 247 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 10.0.13.0 3.3.3.3 249 36 80000001 1
External 20.0.0.0 3.3.3.3 249 36 80000001 1
External 10.0.23.0 3.3.3.3 249 36 80000001 1
External 3.3.3.3 3.3.3.3 249 36 80000001 1
7、在R4上测试去往外部路由的连通性。观察到,连通性正常。
<R4>ping 20.0.0.1
PING 20.0.0.1: 56 data bytes, press CTRL_C to break
Reply from 20.0.0.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 20.0.0.1: bytes=56 Sequence=2 ttl=254 time=40 ms
Reply from 20.0.0.1: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 20.0.0.1: bytes=56 Sequence=4 ttl=254 time=30 ms
Reply from 20.0.0.1: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 20.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/34/40 ms
5.2.5.3 配置Stub区域¶
1、R4和R5作为企业分支机构的路由器,没有必要获取或维护外网的明细路由。将R4和R5各自所在区域配置成为Stub区域。(配置成Stub区域后,该区域内的路由器将不会接收区域外部路由,且ABR会在该区域中通告一条缺省路由,以供其访问区域外部网络)
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]stub
[R1-ospf-1-area-0.0.0.1]area 2
[R1-ospf-1-area-0.0.0.2]stub
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]stub
[R2-ospf-1-area-0.0.0.1]area 2
[R2-ospf-1-area-0.0.0.2]stub
[R4]ospf
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]stub
[R5]ospf
[R5-ospf-1]area 2
[R5-ospf-1-area-0.0.0.2]stub
注意:配置Stub区域,区域内所有路由器都要配置stub命令,否则邻居关系无法建立!!! 2、配置完成后,查看R4的路由表以及LSDB。观察到,R4路由表上的外部路由条目已经消失了,取而代之是一条缺省路由。同样,在R4的LSDB上,已经没有任何Type-5 LSA以及Type-4 LSA条目,多了两条Type-3 LSA。
[R4]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 25
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
1.1.1.1/32 OSPF 10 1 D 10.0.14.1 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.24.2 Ethernet1/0/1
3.3.3.3/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
5.5.5.5/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.12.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.14.0/24 Direct 0 0 D 10.0.14.4 Ethernet1/0/0
10.0.14.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.14.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.15.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.23.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.25.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 4.4.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 4.4.4.4 4.4.4.4 513 60 80000007 0
Router 2.2.2.2 2.2.2.2 519 36 80000005 1
Router 1.1.1.1 1.1.1.1 547 36 80000006 1
Network 10.0.14.1 1.1.1.1 547 32 80000002 0
Network 10.0.24.4 4.4.4.4 513 32 80000002 0
Sum-Net 0.0.0.0 1.1.1.1 622 28 80000001 1
Sum-Net 0.0.0.0 2.2.2.2 587 28 80000001 1
Sum-Net 10.0.15.0 1.1.1.1 614 28 80000003 1
Sum-Net 10.0.15.0 2.2.2.2 575 28 80000002 2
Sum-Net 10.0.25.0 1.1.1.1 575 28 80000003 2
Sum-Net 10.0.25.0 2.2.2.2 575 28 80000002 1
Sum-Net 10.0.13.0 1.1.1.1 622 28 80000001 1
Sum-Net 10.0.13.0 2.2.2.2 587 28 80000001 2
Sum-Net 10.0.12.0 1.1.1.1 622 28 80000001 1
Sum-Net 10.0.12.0 2.2.2.2 587 28 80000001 1
Sum-Net 5.5.5.5 1.1.1.1 520 28 80000002 1
Sum-Net 5.5.5.5 2.2.2.2 523 28 80000001 1
Sum-Net 3.3.3.3 1.1.1.1 622 28 80000001 1
Sum-Net 3.3.3.3 2.2.2.2 587 28 80000001 1
Sum-Net 2.2.2.2 1.1.1.1 622 28 80000001 1
Sum-Net 2.2.2.2 2.2.2.2 587 28 80000001 0
Sum-Net 1.1.1.1 1.1.1.1 622 28 80000001 0
Sum-Net 1.1.1.1 2.2.2.2 587 28 80000001 1
Sum-Net 10.0.23.0 1.1.1.1 622 28 80000001 2
Sum-Net 10.0.23.0 2.2.2.2 587 28 80000001 1
3、调整ABR路由器所通告的缺省路由的开销值来实现主备备份。在R2的区域1中,配置命令default-cost 10表示将发送到Stub区域的Type-3 LSA的缺省路由开销值设为10。在R1的区域2中,也配置命令default-cost 10。
[R1]ospf
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]default-cost 10
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]default-cost 10
4、配置完成后,查看R4、R5的LSDB。观察到,其LSDB中对应的Type-3 LSA的开销值已经得到了修改。
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 4.4.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 4.4.4.4 4.4.4.4 1276 60 80000007 0
Router 2.2.2.2 2.2.2.2 1282 36 80000005 1
Router 1.1.1.1 1.1.1.1 1310 36 80000006 1
Network 10.0.14.1 1.1.1.1 1310 32 80000002 0
Network 10.0.24.4 4.4.4.4 1276 32 80000002 0
Sum-Net 0.0.0.0 1.1.1.1 1385 28 80000001 1
Sum-Net 0.0.0.0 2.2.2.2 375 28 80000002 10
Sum-Net 10.0.15.0 1.1.1.1 1377 28 80000003 1
Sum-Net 10.0.15.0 2.2.2.2 1338 28 80000002 2
Sum-Net 10.0.25.0 1.1.1.1 1338 28 80000003 2
Sum-Net 10.0.25.0 2.2.2.2 1338 28 80000002 1
Sum-Net 10.0.13.0 1.1.1.1 1385 28 80000001 1
Sum-Net 10.0.13.0 2.2.2.2 1350 28 80000001 2
Sum-Net 10.0.12.0 1.1.1.1 1385 28 80000001 1
Sum-Net 10.0.12.0 2.2.2.2 1350 28 80000001 1
Sum-Net 5.5.5.5 1.1.1.1 1283 28 80000002 1
Sum-Net 5.5.5.5 2.2.2.2 1286 28 80000001 1
Sum-Net 3.3.3.3 1.1.1.1 1385 28 80000001 1
Sum-Net 3.3.3.3 2.2.2.2 1350 28 80000001 1
Sum-Net 2.2.2.2 1.1.1.1 1385 28 80000001 1
Sum-Net 2.2.2.2 2.2.2.2 1350 28 80000001 0
Sum-Net 1.1.1.1 1.1.1.1 1385 28 80000001 0
Sum-Net 1.1.1.1 2.2.2.2 1350 28 80000001 1
Sum-Net 10.0.23.0 1.1.1.1 1385 28 80000001 2
Sum-Net 10.0.23.0 2.2.2.2 1350 28 80000001 1
<R5>dis ospf lsdb
OSPF Process 1 with Router ID 5.5.5.5
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 2.2.2.2 2.2.2.2 1323 36 80000006 1
Router 1.1.1.1 1.1.1.1 1324 36 80000006 1
Router 5.5.5.5 5.5.5.5 1325 60 80000005 0
Network 10.0.15.1 1.1.1.1 1324 32 80000002 0
Network 10.0.25.2 2.2.2.2 1323 32 80000002 0
Sum-Net 0.0.0.0 2.2.2.2 1380 28 80000001 1
Sum-Net 0.0.0.0 1.1.1.1 317 28 80000002 10
Sum-Net 10.0.14.0 2.2.2.2 1380 28 80000001 2
Sum-Net 10.0.14.0 1.1.1.1 1421 28 80000001 1
Sum-Net 10.0.13.0 2.2.2.2 1380 28 80000001 2
Sum-Net 10.0.13.0 1.1.1.1 1421 28 80000001 1
Sum-Net 10.0.24.0 2.2.2.2 1380 28 80000001 1
Sum-Net 10.0.24.0 1.1.1.1 1393 28 80000002 2
Sum-Net 10.0.12.0 2.2.2.2 1380 28 80000001 1
Sum-Net 10.0.12.0 1.1.1.1 1421 28 80000001 1
Sum-Net 3.3.3.3 2.2.2.2 1380 28 80000001 1
Sum-Net 3.3.3.3 1.1.1.1 1421 28 80000001 1
Sum-Net 4.4.4.4 2.2.2.2 1325 28 80000002 1
Sum-Net 4.4.4.4 1.1.1.1 1357 28 80000001 1
Sum-Net 2.2.2.2 2.2.2.2 1380 28 80000001 0
Sum-Net 2.2.2.2 1.1.1.1 1421 28 80000001 1
Sum-Net 1.1.1.1 2.2.2.2 1380 28 80000001 1
Sum-Net 1.1.1.1 1.1.1.1 1421 28 80000001 0
Sum-Net 10.0.23.0 2.2.2.2 1380 28 80000001 1
Sum-Net 10.0.23.0 1.1.1.1 1421 28 80000001 2
5、再查看R4、R5的路由表。观察到,R4路由表中的缺省路由的下一跳为R1,R5路由表中的缺省路由的下一跳为R2。
[R4]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 24
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
1.1.1.1/32 OSPF 10 1 D 10.0.14.1 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.24.2 Ethernet1/0/1
3.3.3.3/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
5.5.5.5/32 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.12.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.14.0/24 Direct 0 0 D 10.0.14.4 Ethernet1/0/0
10.0.14.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.14.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.15.0/24 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
10.0.23.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.25.0/24 OSPF 10 2 D 10.0.24.2 Ethernet1/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R5>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 21 Routes : 24
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
1.1.1.1/32 OSPF 10 1 D 10.0.15.1 Ethernet1/0/0
2.2.2.2/32 OSPF 10 1 D 10.0.25.2 Ethernet1/0/1
3.3.3.3/32 OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
OSPF 10 2 D 10.0.15.1 Ethernet1/0/0
4.4.4.4/32 OSPF 10 2 D 10.0.15.1 Ethernet1/0/0
OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
5.5.5.5/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
OSPF 10 2 D 10.0.15.1 Ethernet1/0/0
10.0.13.0/24 OSPF 10 2 D 10.0.15.1 Ethernet1/0/0
10.0.14.0/24 OSPF 10 2 D 10.0.15.1 Ethernet1/0/0
10.0.15.0/24 Direct 0 0 D 10.0.15.5 Ethernet1/0/0
10.0.15.5/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.15.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.23.0/24 OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
10.0.24.0/24 OSPF 10 2 D 10.0.25.2 Ethernet1/0/1
10.0.25.0/24 Direct 0 0 D 10.0.25.5 Ethernet1/0/1
10.0.25.5/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.25.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6、在R4、R5上分别使用tracert 20.0.0.1命令测试去往外网20.0.0.1的路径,观察到R4、R5都选择了主用链路去访问外网。
[R4]tracert 20.0.0.1
traceroute to 20.0.0.1(20.0.0.1), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.14.1 20 ms 20 ms 20 ms
2 10.0.13.3 30 ms 30 ms 30 ms
<R5>tracert 20.0.0.1
traceroute to 20.0.0.1(20.0.0.1), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.25.2 30 ms 40 ms 10 ms
2 10.0.23.3 30 ms 30 ms 30 ms
7、接下来验证主备切换,将R1的E1/0/0和R2的E1/0/1关掉,再在R4、R5上使用tracert 20.0.0.1命令测试去往外网20.0.0.1的路径。观察到,R4和R5都选择了备用链路去访问外网,验证了主备切换。
[R1]int e1/0/0
[R1-Ethernet1/0/0]shutdown
[R2]int e1/0/1
[R2-Ethernet1/0/1]shutdown
<R4>tracert 20.0.0.1
traceroute to 20.0.0.1(20.0.0.1), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.24.2 20 ms 20 ms 10 ms
2 10.0.23.3 20 ms 20 ms 30 ms
<R5>tracert 20.0.0.1
traceroute to 20.0.0.1(20.0.0.1), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.15.1 20 ms 20 ms 10 ms
2 10.0.13.3 30 ms 20 ms 20 ms
5.2.5.4 配置Tolluy Stub区域¶
1、观察发现R4和R5的LSDB后,发现LSDB存在一些Type-3 LSA。防止日后Type-3 LSA数量大量增加,但实质上没有什么用途。为减轻负担,配置Totally区域,Totally区域是在Stub区域的基础之上进一步拒绝接收除缺省路由之外的域间路由信息,即禁止Type-3 lsa进入该区域。
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]stub no-summary
[R1-ospf-1-area-0.0.0.1]area 2
[R1-ospf-1-area-0.0.0.2]stub no-summary
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]stub no-summary
[R2-ospf-1-area-0.0.0.1]area 2
[R2-ospf-1-area-0.0.0.2]stub no-summary
注意:由于分支路由器R4和R5与总部之间是双出口设计,所有每个区域中都存在两台ASR!!! 2、配置完成后,查看R4的LSDB和路由表。观察到,R4的LSDB中只有两条表示缺省路由的Type-3 LSA,没有任何其他Type-3 LSA,路由表中也不存在任何域间路由,只有一条缺省路由。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 4.4.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 4.4.4.4 4.4.4.4 161 60 80000017 0
Router 2.2.2.2 2.2.2.2 166 36 80000007 1
Router 1.1.1.1 1.1.1.1 262 36 8000000A 1
Network 10.0.14.4 4.4.4.4 255 32 80000002 0
Network 10.0.24.4 4.4.4.4 161 32 80000002 0
Sum-Net 0.0.0.0 1.1.1.1 264 28 80000003 1
Sum-Net 0.0.0.0 2.2.2.2 168 28 80000004 10
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.14.1 Ethernet1/0/0
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.14.0/24 Direct 0 0 D 10.0.14.4 Ethernet1/0/0
10.0.14.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.14.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 Ethernet1/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 Ethernet1/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
3、测试企业分支机构与总部R1的环回接口所在网段的连通性,以及与外部网络的连通性。观察到,连通性正常。
<R4>ping 1.1.1.1
PING 1.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=255 time=40 ms
Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 1.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/24/40 ms
<R4>ping 20.0.0.1
PING 20.0.0.1: 56 data bytes, press CTRL_C to break
Reply from 20.0.0.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 20.0.0.1: bytes=56 Sequence=2 ttl=254 time=50 ms
Reply from 20.0.0.1: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 20.0.0.1: bytes=56 Sequence=4 ttl=254 time=30 ms
Reply from 20.0.0.1: bytes=56 Sequence=5 ttl=254 time=40 ms
--- 20.0.0.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/38/50 ms
5.3 思考¶
OSPF网络中,ASBR能够配置在Stub区域中吗?骨干区域能配置成Stub区域?为什么? 答:(1)ASBR不能够配置在Stub区域,ASBR产生Type-5,用来描述到AS外部网络中的路由。而Stub区域禁止Type-4、Type-5进入自己区域。 (2)骨干区域不能配置成Stub区域。如果骨干区域配置成Stub区域,自身路由不能扩散到其他区域。
六、OSPF NSSA区域¶
6.1 原理概述¶
OSPF协议定义了Stub区域和Tolly Stub区域这两种特性的非骨干区域,为的是精简LSDB的LSA数量,同时也精简路由表中的路由条目数量,实现优化设备和网络性能的目的。根据定义,Stub区域或Totally Stub区域中是不允许存在ASBR路由器的。 在实际环境中,由于某种需要,希望在Stub区域或Totally Stub区域引入外部路由。OSPF定义了NSSA区域和Totally NSSA区域,以此来进一步增强OSPF协议的适应和扩展能力。 NSSA区域或Totally NSSA区域可以将外部路由以Type-7 LSA(NSSA LSA)的方式引进本区域,这些Type-7 LSA将在本区域的ABR路由器上被转换为Type-5 LSA并泛洪到其他OSPF区域中。Type-7 LSA只会出现在NSSA区域或Totallay NSSA区域中。 在其他方面,NSSA区域和Totally NSSA区域是与Stub区域和Totally Stub区域是完全一样的。NSSA区域不允许Type-4 LSA和Type-5 LSA进入,该区域会通过Type-3 LSA所表示的缺省路由访问AS外部目的地。Totally NSSA区域不仅不允许Type-4 LSA和Type-5 LSA进入,同时不允许Type-3 LSA进入,只允许表示缺省路由的Type-3 LSA进入,并根据缺省路由来访问该区域外的任何目的地。
6.2 OSPF NSSA区域配置实验¶
6.2.1 实验目的¶
1、理解NSSA区域和Totally NSSA区域的作用与区别 2、掌握NSSA区域和Totally NSSA区域的配置方法 3、掌握修改NSSA区域缺省路由开销值的方法
6.2.2 实验内容¶
本实验模拟了一个企业网络场景,路由器R1、R2、R3为企业总部网络路由器,R4为企业的分支机构的路由器。R1与R2、R1与R3之间的链路位于区域0,R4与R2、R4与R3之间的链路位于区域1。R1的所有LoopBack接口用于模拟企业总部的非OSPF网络,R4的所有LoopBack接口用于模拟企业分支机构的非OSPF网络。网络需求:全网互通,且分支机构在访问总部网络时,优先使用经由R2的路径,并尽量精简LSDB和路由表。
6.2.3 实验拓扑¶
6.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/1 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R1(AR2220) | LoopBack1 | 10.0.11.11 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.24.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/0 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | GE0/0/1 | 10.0.24.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R4(AR2220) | LoopBack1 | 10.0.44.44 | 255.255.255.255 | N/A |
| ### 6.2.5 实验步骤 | ||||
| #### 6.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 | ||||
| #### 6.2.5.2 配置OSPF及路由引入 | ||||
| 1、在每台路由器上配置OSPF协议,R1与R2、R1与R3之间的链路位于区域0,R4与R2、R4与R3之间的链路位于区域1。并在R1和R4路由器上利用Route-Policy将LoopBack 0和LoopBack 1接口引入到OSPF中。 |
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]net
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R1]acl 2000
[R1-acl-basic-2000]rule permit source 10.0.1.1 0.0.0.0
[R1-acl-basic-2000]rule permit source 10.0.11.11 0.0.0.0
[R1-acl-basic-2000]qu
[R1]route-policy 10 permit node 10
Info: New Sequence of this List.
[R1-route-policy]if-match acl 2000
[R1-route-policy]qu
[R1]ospf
[R1-ospf-1]import-route direct route-policy 10
[R2]ospf router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.24.2 0.0.0.0
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.34.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.24.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 10.0.34.4 0.0.0.0
[R4]acl 2000
[R4-acl-basic-2000]rule permit source 10.0.4.4 0.0.0.0
[R4-acl-basic-2000]rule permit source 10.0.44.44 0.0.0.0
[R4-acl-basic-2000]qu
[R4]route-policy 10 permit node 10
Info: New Sequence of this List.
[R4-route-policy]if-match acl 2000
[R4-route-policy]qu
[R4]ospf
[R4-ospf-1]import-route direct route-policy 10
2、配置完成后,查看R1的LSDB。观察到,有4条Type-5 LSA,同时还有两条LinkState ID为10.0.4.4、通告路由器分别为R2和R3的Type-4 LSA。
<R1>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 701 36 80000004 1
Router 10.0.2.2 10.0.2.2 786 36 80000004 1
Router 10.0.1.1 10.0.1.1 448 48 8000000B 1
Network 10.0.13.1 10.0.1.1 698 32 80000002 0
Network 10.0.12.1 10.0.1.1 799 32 80000002 0
Sum-Net 10.0.34.0 10.0.3.3 687 28 80000001 1
Sum-Net 10.0.34.0 10.0.2.2 604 28 80000001 2
Sum-Net 10.0.24.0 10.0.2.2 775 28 80000001 1
Sum-Net 10.0.24.0 10.0.3.3 599 28 80000001 2
Sum-Asbr 10.0.4.4 10.0.2.2 317 28 80000001 1
Sum-Asbr 10.0.4.4 10.0.3.3 317 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 10.0.1.1 10.0.1.1 448 36 80000001 1
External 10.0.11.11 10.0.1.1 448 36 80000001 1
External 10.0.4.4 10.0.4.4 318 36 80000001 1
External 10.0.44.44 10.0.4.4 318 36 80000001 1
3、查看R4的LSDB,观察到,有4条Type-5 LSA,同时还有两条LinkState ID为10.0.1.1、通告路由器分别为R2和R3的Type-4 LSA。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 872 36 80000005 1
Router 10.0.4.4 10.0.4.4 593 48 80000007 1
Router 10.0.2.2 10.0.2.2 879 36 80000005 1
Network 10.0.24.2 10.0.2.2 879 32 80000002 0
Network 10.0.34.3 10.0.3.3 872 32 80000002 0
Sum-Net 10.0.13.0 10.0.2.2 1052 28 80000001 2
Sum-Net 10.0.13.0 10.0.3.3 964 28 80000001 1
Sum-Net 10.0.12.0 10.0.2.2 1052 28 80000001 1
Sum-Net 10.0.12.0 10.0.3.3 964 28 80000001 2
Sum-Asbr 10.0.1.1 10.0.3.3 727 28 80000001 1
Sum-Asbr 10.0.1.1 10.0.2.2 727 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 10.0.4.4 10.0.4.4 593 36 80000001 1
External 10.0.44.44 10.0.4.4 593 36 80000001 1
External 10.0.1.1 10.0.1.1 728 36 80000001 1
External 10.0.11.11 10.0.1.1 728 36 80000001 1
4、查看R1的路由表,观察到,R1已经接收到了外部路由10.0.4.4/32和10.0.44.44/32。
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 18
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.4.4/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/0
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/1
10.0.11.11/32 Direct 0 0 D 127.0.0.1 LoopBack1
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/0
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/1
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/0
10.0.34.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/1
10.0.44.44/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/0
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
5、查看R4的路由表,观察到,R4已经接收到了外部路由10.0.1.1/32和10.0.11.11/32。
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 18
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 O_ASE 150 1 D 10.0.34.3 GigabitEthernet
0/0/0
O_ASE 150 1 D 10.0.24.2 GigabitEthernet
0/0/1
10.0.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.11.11/32 O_ASE 150 1 D 10.0.34.3 GigabitEthernet
0/0/0
O_ASE 150 1 D 10.0.24.2 GigabitEthernet
0/0/1
10.0.12.0/24 OSPF 10 2 D 10.0.24.2 GigabitEthernet
0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 GigabitEthernet
0/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.0/24 Direct 0 0 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6.2.5.3 配置NSSA和Totally NSSA区域¶
1、将区域1配置成OSPF的特殊区域,由于区域1存在ASBR(R4),如果配置为Stub区域,则将导致与外部网络无法正常通信,因此决定配置为NSSA区域。
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]nssa
[R4]ospf
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]nssa
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]nssa
注意:在配置NSSA区域时,需要将区域中所有路由器都配置为NSSA区域路由器,否则路由器之间将无法形成邻居关系!!! 2、配置完成后,查看R4的LSDB。观察到,R4的LSDB已经没有任何Type-4 LSA以及Type-5 LSA,出现了两条 LinkState ID为0.0.0.0的Type-7 LSA。R4自己引入的外部路由也生成了两条LinkState I分别为10.0.4.4和10.0.44.44的Type -7 LSA.
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 165 36 80000004 1
Router 10.0.4.4 10.0.4.4 159 48 80000008 1
Router 10.0.2.2 10.0.2.2 175 36 80000005 1
Network 10.0.24.4 10.0.4.4 172 32 80000002 0
Network 10.0.34.4 10.0.4.4 159 32 80000002 0
Sum-Net 10.0.13.0 10.0.2.2 247 28 80000001 2
Sum-Net 10.0.13.0 10.0.3.3 171 28 80000001 1
Sum-Net 10.0.12.0 10.0.2.2 247 28 80000001 1
Sum-Net 10.0.12.0 10.0.3.3 171 28 80000001 2
NSSA 10.0.4.4 10.0.4.4 218 36 80000001 1
NSSA 10.0.44.44 10.0.4.4 218 36 80000001 1
NSSA 0.0.0.0 10.0.2.2 247 36 80000001 1
NSSA 0.0.0.0 10.0.3.3 171 36 80000001 1
3、查看R4的路由表。观察到,类型为O_NSSA 的缺省路由,它代替了去往10.0.1.1/32和10.0.11.11/32的明细路由,且有两个下一跳,处于负载均衡状态。
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 O_NSSA 150 1 D 10.0.24.2 GigabitEthernet
0/0/1
O_NSSA 150 1 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.12.0/24 OSPF 10 2 D 10.0.24.2 GigabitEthernet
0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 GigabitEthernet
0/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.0/24 Direct 0 0 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
4、使用nssa no-summary命令进一步阻止Type-3 LSA泛洪到NSSA区域1,使其成为Totally NSSA区域。
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]nssa no-summary
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]nssa no-summary
5、配置完成后,查看R4的LSDB。观察到,R4的LSDB中的Type-3 LSA已经替换成表缺省路由的、分别由R2和R3通告的、LinkState ID为0.0.0.0的Type-3 LSA。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 43 36 80000005 1
Router 10.0.4.4 10.0.4.4 40 48 80000017 1
Router 10.0.2.2 10.0.2.2 76 36 80000009 1
Network 10.0.24.4 10.0.4.4 77 32 80000001 0
Network 10.0.34.4 10.0.4.4 40 32 80000002 0
Sum-Net 0.0.0.0 10.0.2.2 123 28 80000001 1
Sum-Net 0.0.0.0 10.0.3.3 51 28 80000001 1
NSSA 10.0.4.4 10.0.4.4 985 36 80000001 1
NSSA 10.0.44.44 10.0.4.4 985 36 80000001 1
NSSA 0.0.0.0 10.0.2.2 1014 36 80000001 1
NSSA 0.0.0.0 10.0.3.3 938 36 80000001 1
6、查看R4的路由表。观察到,R4路由表中原来两条由Type-7 LSA生成的类型为O_NSSA的缺省路由被两条由Type-3 LSA生成的OSPF缺省路由代替了。(说明Type-3 LSA优先于Type-7 LSA)
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 14
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.24.2 GigabitEthernet
0/0/1
OSPF 10 2 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 GigabitEthernet
0/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.0/24 Direct 0 0 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6.2.5.4 修改NSSA区域缺省路由开销值¶
1、目前R4的路由表中拥有两条开销值为2的、下一跳分别为R2和R3的缺省路由。现要求R4应优先使用经由R2的路径,同时以经由R3的路径作为备份。增大R3对区域1通告的LinkState ID为0.0.0.0的Type-3 LSA的开销值。
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]default-cost 10
2、配置完成后,查看R4的LSDB。观察到,由R3通告的、LinkState ID为0.0.0.0的Type-3 LSA的开销值变成了10。R3通告的、LinkState ID为0.0.0.0的Type-7 LSA的开销值未发生变化。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 933 36 80000005 1
Router 10.0.4.4 10.0.4.4 930 48 80000017 1
Router 10.0.2.2 10.0.2.2 966 36 80000009 1
Network 10.0.24.4 10.0.4.4 967 32 80000001 0
Network 10.0.34.4 10.0.4.4 930 32 80000002 0
Sum-Net 0.0.0.0 10.0.2.2 1013 28 80000001 1
Sum-Net 0.0.0.0 10.0.3.3 76 28 80000002 10
NSSA 10.0.4.4 10.0.4.4 76 36 80000002 1
NSSA 10.0.44.44 10.0.4.4 76 36 80000002 1
NSSA 0.0.0.0 10.0.2.2 1904 36 80000001 1
NSSA 0.0.0.0 10.0.3.3 1828 36 80000001 1
3、查看R4的路由表。观察到,路由表现在只有一条下一跳指向了R2的缺省路由。
<R4>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.0.24.2 GigabitEthernet
0/0/1
10.0.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.24.0/24 Direct 0 0 D 10.0.24.4 GigabitEthernet
0/0/1
10.0.24.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.34.0/24 Direct 0 0 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.34.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.44.44/32 Direct 0 0 D 127.0.0.1 LoopBack1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6.3 思考¶
在OSPF网络中,对于非骨干区域,如果能够将之合理地配置成Stub区域或NSSA区域,则可以缩减区域中路由器的路由表的规模。那么如何才能缩减骨干路由器的路由表规模呢? 答:骨干区域必须要有整网全部的路由,如果想减少路由条目的数量,可以在ABR和ASBR上做好路由汇总,最好能在网络设计阶段就规划好IP地址段,避免在汇总时出现路由黑洞.
七、OSPF 虚链路¶
7.1 原理概述¶
通常情况下,一个OSPF网络的每个非骨干区域都必须与骨干区域通过ABR路由器直接连接,非骨干区域之间通信都需要通过骨干区域进行中转。但在现实环境中,可能因为各种条件限制,导致非骨干区域与骨干区域无法直接连接,在这种情形下,可以使用OSPF虚链路(Virtual Link)来实现非骨干区域与骨干区域在逻辑上直接相连。 OSPF协议还要求骨干区域必须是唯一且连续的,然而,由于发生故障等原因,骨干区域有可能出现被分割的情况。此时可以虚链路来实现物理上被分割的骨干区域能够逻辑相连。 虚链路在网络中会穿越其他区域,因此可能会带来安全隐患,所以通常都会对虚链路进行认证功能的配置。虚链路认证其实是OSPF接口认证的一种,支持MD5、HMAC-MD5、明文及Keychain等特性。
7.2 OSPF NSSA区域配置实验¶
7.2.1 实验目的¶
1、掌握OSPF 虚链路的应用场景 2、掌握OSPF 虚链路的配置方法 3、掌握OSPF虚链路认证功能的配置方法
7.2.2 实验内容¶
本实验模拟了一个企业网络场景,全网运行OSPF,路由器R1、R2为公司总部路由器,R3为新建分公司的接入路由器,R4为分公司下面分支机构的接入路由器。由于网络升级未完成,所以目前的区域化分是:R1与R2之间的链路位于区域0,R3与R1、R3与R2之间的链路位于区域1,R3和R4之间的链路位于区域2。网络需求:使用虚链路技术,使得分支机构所属的区域2能够访问公司总部网络,且优先使用路径R4-R3-R1,并以R4-R3-R2路径作为备份路径。同时,总部路由器R1和R2之间的通信需要采用R1-R3-R2路径作为冗余备份。另外,为了提高安全性,对于所使用的虚链路应进行认证功能的配置。
7.2.3 实验拓扑¶
7.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/1 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.23.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/2 | 10.0.23.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/0 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack0 | 10.0.4.4 | 255.255.255.255 | N/A |
| ### 7.2.5 实验步骤 | ||||
| #### 7.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 | ||||
| #### 7.2.5.2 搭建OSPF网络 | ||||
| 1、在每台路由器上配置OSPF协议,其中R1与R2之间的链路位于区域0,R3与R1、R3与R2之间的链路位于区域1,R3和R4之间的链路位于区域2。 |
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]area 1
[R1-ospf-1-area-0.0.0.1]network 10.0.13.1 0.0.0.0
[R2]ospf router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.23.2 0.0.0.0
[R3]ospf router-id 10.0.3.3
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]network 10.0.23.3 0.0.0.0
[R3-ospf-1]area 2
[R3-ospf-1-area-0.0.0.2]network 10.0.34.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 2
[R4-ospf-1-area-0.0.0.2]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.2]network 10.0.34.4 0.0.0.0
2、配置完成后,在R3上查看OSPF邻居关系。观察到,其邻居关系都为Full状态。
[R3]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/1 10.0.1.1 Full
0.0.0.1 GigabitEthernet0/0/2 10.0.2.2 Full
0.0.0.2 GigabitEthernet0/0/0 10.0.4.4 Full
----------------------------------------------------------------------------
3、查看R4的LSDB。观察发现没有10.0.1.1/32和10.0.2.2/32的LSA,也没有其他区域的LSA,仅仅只有本区域的Type-1 LSA和Type-2 LSA,说明区域2中并没有ABR存在,即区域2未与区域0相连。
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 230 36 80000005 1
Router 10.0.4.4 10.0.4.4 230 48 80000004 0
Network 10.0.34.3 10.0.3.3 230 32 80000002 0
7.2.5.3 使用虚链路使区域2和区域0逻辑相连¶
1、在R3的区域1视图下,使用vlink-peer 10.0.1.1命令建立与R1的虚链路。
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.1.1
2、在R1的区域1视图下,使用vlink-peer 10.0.3.3命令建立与R3的虚链路。
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
3、配置完成后,在R1上使用dis ospf vlink命令查看虚链路信息。观察到,R1与R3已经成功建立了虚链路,虚链路状态为Full。
[R1]dis ospf vlink
OSPF Process 1 with Router ID 10.0.1.1
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
4、查看R4的LSDB,观察到R4的LSDB中出现了由R3通告的、关于区域0和区域1的Type-3 LSA,说明此时R4已经将R3作为连接区域2至区域0的ABR了。
<R4>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 307 36 80000006 1
Router 10.0.4.4 10.0.4.4 842 48 80000004 0
Network 10.0.34.3 10.0.3.3 842 32 80000002 0
Sum-Net 10.0.13.0 10.0.3.3 307 28 80000001 1
Sum-Net 10.0.12.0 10.0.3.3 307 28 80000001 2
Sum-Net 10.0.3.3 10.0.3.3 307 28 80000001 0
Sum-Net 10.0.2.2 10.0.3.3 307 28 80000001 1
Sum-Net 10.0.1.1 10.0.3.3 307 28 80000001 1
Sum-Net 10.0.23.0 10.0.3.3 307 28 80000001 1
5、测试R4与R1和R2的连通性。观察到连通性正常。
<R4>ping -a 10.0.4.4 10.0.1.1
PING 10.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 10.0.1.1: bytes=56 Sequence=3 ttl=254 time=30 ms
Reply from 10.0.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 10.0.1.1: bytes=56 Sequence=5 ttl=254 time=20 ms
--- 10.0.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/26/30 ms
7.2.5.4 修改虚链路的开销值¶
1、因为区域0到区域1之间的ABR除了R1之外,还有R2。在R2和R3之间建一条虚链路。
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.2.2
2、配置完成后,在R3上查看虚链路信息。观察到R3现在拥有两条虚链路,一条是R1与R3,另一条是R2与R3。开销值都为1。
[R3]dis ospf vlink
OSPF Process 1 with Router ID 10.0.3.3
Virtual Links
Virtual-link Neighbor-id -> 10.0.1.1, Neighbor-State: Full
Interface: 10.0.13.3 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
Virtual Links
Virtual-link Neighbor-id -> 10.0.2.2, Neighbor-State: Full
Interface: 10.0.23.3 (GigabitEthernet0/0/2)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
3、查看R3的路由表,观察到去往10.0.12.0/24有不同的下一跳,形成负载均衡状态。
[R3]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 18 Routes : 19
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 10.0.13.1 GigabitEthernet
0/0/1
10.0.2.2/32 OSPF 10 1 D 10.0.23.2 GigabitEthernet
0/0/2
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.4.4/32 OSPF 10 1 D 10.0.34.4 GigabitEthernet
0/0/0
10.0.12.0/24 OSPF 10 2 D 10.0.13.1 GigabitEthernet
0/0/1
OSPF 10 2 D 10.0.23.2 GigabitEthernet
0/0/2
10.0.13.0/24 Direct 0 0 D 10.0.13.3 GigabitEthernet
0/0/1
10.0.13.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.23.0/24 Direct 0 0 D 10.0.23.3 GigabitEthernet
0/0/2
10.0.23.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.34.0/24 Direct 0 0 D 10.0.34.3 GigabitEthernet
0/0/0
10.0.34.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.34.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
4、现需要R4与区域0通信时,优先选用经由R1的路径,并经由R2的路径作为备份。修改R2和R3的GE0/0/2接口上OSPF协议开销值。
[R3]int g0/0/2
[R3-GigabitEthernet0/0/2]ospf cost 10
[R2]int g0/0/2
[R2-GigabitEthernet0/0/2]ospf cost 10
5、配置完成后,在R3上查看虚链路信息。观察到,R2和R3虚链路的开销值变为了10这样,R4或R3都将通过经由R1的路径访问区域0,并以经由R2的路径作为备份。
[R3]dis ospf vlink
OSPF Process 1 with Router ID 10.0.3.3
Virtual Links
Virtual-link Neighbor-id -> 10.0.1.1, Neighbor-State: Full
Interface: 10.0.13.3 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
Virtual Links
Virtual-link Neighbor-id -> 10.0.2.2, Neighbor-State: Full
Interface: 10.0.23.3 (GigabitEthernet0/0/2)
Cost: 10 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
7.2.5.5 使用虚链路作为区域0链路的冗余备份¶
1、为防止R1与R2出现链路故障,从而导致区域0被分割。以区域1为传输区域,在R1与R2之间建立一条虚链路作为冗余备份。
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]vlink-peer 10.0.2.2
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]vlink-peer 10.0.1.1
2、配置完成后,在R1上查看虚链路信息。观察到R1与R2之间的虚链路的开销值为11。
[R1]dis ospf vlink
OSPF Process 1 with Router ID 10.0.1.1
Virtual Links
Virtual-link Neighbor-id -> 10.0.2.2, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 11 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
3、在R1上使用tracert命令测试访问10.0.2.2/32的路径。
[R1]tracert 10.0.2.2
traceroute to 10.0.2.2(10.0.2.2), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.12.2 30 ms 1 ms 20 ms
4、关闭R1的G0/0/0模拟链路出现故障。
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]shutdown
5、再次用tracert命令测试访问10.0.2.2/32的路径。观察到R1与R2使用了虚链路进行通信。
[R1]tracert 10.0.2.2
traceroute to 10.0.2.2(10.0.2.2), max hops: 30 ,packet length: 40,press CTRL_C
to break
1 10.0.13.3 20 ms 20 ms 10 ms
2 10.0.23.2 20 ms 30 ms 30 ms
7.2.5.6 配置虚链路的认证功能¶
1、R1上使用vlink-peer 10.0.2.2 hmac-md5 1 plain huawei命令配置R1与R2之间虚链路认证功能。
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]vlink-peer 10.0.2.2 hmac-md5 1 plain huawei
2、配置完成后,在R1上查看虚链路信息。观察到,其链路状态变为Down。原因是因为R2没有配置认证。
[R1]dis ospf vlink
OSPF Process 1 with Router ID 10.0.1.1
Virtual Links
Virtual-link Neighbor-id -> 10.0.2.2, Neighbor-State: Down
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 11 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
3、在R2上配置虚链路认证功能。
[R2]ospf
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]vlink-peer 10.0.2.2 hmac-md5 1 plain huawei
4、配置完成后,再在R1上查看虚链路信息。观察到R1与R2之间的虚链路状态已恢复。
[R1]dis ospf vlink
OSPF Process 1 with Router ID 10.0.1.1
Virtual Links
Virtual-link Neighbor-id -> 10.0.2.2, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 11 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
7.3 思考¶
本实验中,如何利用GRE Tunnel实现区域2与区域0在逻辑上直接相连? 答:配置之前把虚链路相关配置删除后再进行以下操作。
[R2]int Tunnel 0/0/1
[R2-Tunnel0/0/1]ip address 1.1.1.1 255.255.255.0
[R2-Tunnel0/0/1]tunnel-protocol gre
[R2-Tunnel0/0/1]source 10.0.23.2
[R2-Tunnel0/0/1]destination 10.0.23.3
[R2]ospf
[R2-ospf-1-area-0.0.0.1]area 0
[R2-ospf-1-area-0.0.0.0]network 1.1.1.0 0.0.0.255
[R3]int Tunnel 0/0/1
[R3-Tunnel0/0/1]ip address 1.1.1.2 255.255.255.0
[R3-Tunnel0/0/1]tunnel-protocol gre
[R3-Tunnel0/0/1]source 10.0.23.3
[R3-Tunnel0/0/1]destination 10.0.23.2
[R3]ospf
[R3-ospf-1-area-0.0.0.1]area 0
[R3-ospf-1-area-0.0.0.0]network 1.1.1.0 0.0.0.255
八、OSPF 网络类型¶
8.1 原理概述¶
OSPF协议定义了4种不同的网络类型,分别为广播网络(也被称为Broadcast网络)、NBMA(Non-Broadcast Multi-Access网络)、点到点网络(也被称为Point-to-Point网络或P2P网络)和点到多点网络(也被称为Point-to-Multipoint网络,或P2MP网络)。不同类型的网络上OSPF协议的工作机制会存在一些差别。 默认情况下,OSPF协议会根据接口的链路层协议去自动设定接口的网络类型,以太网接口的默认网络类型为Broadcast,串行接口如果链路层封装协议是PPP协议(Point-to-Point Protocol)或HDLC(High-level Data Link Control Protocol)协议,则默认网络类型为点到点类型,ATM或帧中继(Frame-Relay)接口的默认网络类型为NBMA。接口网络类型是可以根据需要人工修改的。
8.2 OSPF NSSA区域配置实验¶
8.2.1 实验目的¶
1、理解OSPF不同网络类型的差别 2、掌握OSPF不同网络类型的配置方法
8.2.2 实验内容¶
本实验模拟了一个简单的企业网络场景,R1为公司总部的路由器,R2为分支机构的路由器,R1与R2通过帧中继交换机FRSW连接。R1与R2使用的PVC(Permanment Virtual Circuit)的DLCI(Data Link Connection Identifier )是102,R1到R1使用的PVC的DLCI是201。R1和R2运行OSPF协议,使用的OSPF网络类型为P2P。然后,公司新增了一个分支机构,R3为新分支机构的路由器,并与FRSW相连。R1到R3使用的PVC的DLCI是103,R3到R1使用的PVC的DLCI是301.原来运行的OSPF协议需要扩展到R3上,以实现公司全网互通。
8.2.3 实验拓扑¶
8.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | S1/0/0 | 10.0.123.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | S1/0/0 | 10.0.123.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | S1/0/0 | 10.0.123.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
8.2.5 实验步骤¶
8.2.5.1 配置帧中继交换机¶
8.2.5.2 基本配置¶
1、路由器进行基本配置,为了在帧中继网种支持组播及广播报文,必须在配置帧中继映射时添加关键字Broadcast。(如果不添加关键字Broadcast,则帧中继接口无法封装组播及广播报文)
[R1]int loop 0
[R1-LoopBack0]ip add 10.0.1.1 32
[R1-LoopBack0]int s1/0/0
[R1-Serial1/0/0]ip add 10.0.123.1 24
[R1-Serial1/0/0]link-protocol fr
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
[R1-Serial1/0/0]fr interface-type dte (默认类型,可不配)
[R1-Serial1/0/0]fr map ip 10.0.123.2 102 broadcast
[R2]int loop 0
[R2-LoopBack0]ip add 10.0.2.2 32
[R2-LoopBack0]int s1/0/0
[R2-Serial1/0/0]ip add 10.0.123.2 24
[R2-Serial1/0/0]link-protocol fr
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
[R2-Serial1/0/0]fr interface-type dte (默认类型,可不配)
[R2-Serial1/0/0]fr map ip 10.0.123.1 201 broadcast
2、配置完成后,在R1上使用Ping命令检测R1和R2的连通性。
[R1]ping 10.0.123.2
PING 10.0.123.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.123.2: bytes=56 Sequence=1 ttl=255 time=80 ms
Reply from 10.0.123.2: bytes=56 Sequence=2 ttl=255 time=40 ms
Reply from 10.0.123.2: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 10.0.123.2: bytes=56 Sequence=4 ttl=255 time=30 ms
Reply from 10.0.123.2: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 10.0.123.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/38/80 ms
8.2.5.3 配置OSPF点到点网络类型¶
1、在R1和R2上配置OSPF协议。
[R1]ospf
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.123.1 0.0.0.0
[R2]ospf
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.123.2 0.0.0
2、配置完成后,查看R1的串行接口S1/0/0在OSPF协议中的默认网络类型。观察到,帧中继接口在OSPF协议中的OSPF协议中默认网络类型为NBMA,并且需要选举DR和BDR,默认的Hello报文间隔为30s,Dead Timer的时间是Hello报文间隔的时间的4倍。
[R1]dis ospf interface s1/0/0
OSPF Process 1 with Router ID 10.0.123.1
Interfaces
Interface: 10.0.123.1 (Serial1/0/0)
Cost: 48 State: Waiting Type: NBMA MTU: 1500
Priority: 1
Designated Router: 0.0.0.0
Backup Designated Router: 0.0.0.0
Timers: Hello 30 , Dead 120 , Poll 120 , Retransmit 5 , Transmit Delay 1
3、由于目前企业总部只需要与一个分支机构进行通信,所以在R1和R2上将S1/0/0接口的网络类型修改为点到点类型。
[R1]int s1/0/0
[R1-Serial1/0/0]ospf network-type p2p
[R2]int s1/0/0
[R2-Serial1/0/0]ospf network-type p2p
4、配置完成后,在R1上查看OSPF邻居状态和路由表。观察到,R1和R2自动建立OSPF邻居关系。
<R1>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.123.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.123.2 10.0.123.2 100 60 8000000C 48
Router 10.0.123.1 10.0.123.1 99 60 8000000F 48
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 48 D 10.0.123.2 Serial1/0/0
10.0.123.0/24 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
5、在R1上使用dis ospf interface s1/0/0命令查看S1/0/0接口上的OSPF信息。观察到,R1的S1/0/0接口的网络类型已经修改为点到点类型。
<R1>dis ospf interface s1/0/0
OSPF Process 1 with Router ID 10.0.123.1
Interfaces
Interface: 10.0.123.1 (Serial1/0/0) --> 10.0.123.2
Cost: 48 State: P-2-P Type: P2P MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
6、在R1上使用debugging ospf packet命令对OSPF Hello报文的情况进行调试。(需要提前打开terminal debugging)观察到,Hello报文的目的IP地址是组播地址224.0.0.5,无需进行DR和BDR的选举。
Feb 28 2022 19:26:34.427.2-08:00 R1 RM/6/RMDEBUG: Source Address: 10.0.123.1
<R1>undo debugging ospf packet
Feb 28 2022 19:26:34.427.3-08:00 R1 RM/6/RMDEBUG: Destination Address: 224.0.0.
5
Feb 28 2022 19:26:34.427.4-08:00 R1 RM/6/RMDEBUG: Ver# 2, Type: 1 (Hello)
<R1>undo debugging ospf packet
Feb 28 2022 19:26:34.427.5-08:00 R1 RM/6/RMDEBUG: Length: 48, Router: 10.0.123.
1
Feb 28 2022 19:26:34.427.6-08:00 R1 RM/6/RMDEBUG: Area: 0.0.0.0, Chksum: f296
Feb 28 2022 19:26:34.427.7-08:00 R1 RM/6/RMDEBUG: AuType: 00
Feb 28 2022 19:26:34.427.8-08:00 R1 RM/6/RMDEBUG: Key(ascii): * * * * * * * *
Feb 28 2022 19:26:34.427.9-08:00 R1 RM/6/RMDEBUG: Net Mask: 255.255.255.0
Feb 28 2022 19:26:34.427.10-08:00 R1 RM/6/RMDEBUG: Hello Int: 10, Option: _E_
Feb 28 2022 19:26:34.427.11-08:00 R1 RM/6/RMDEBUG: Rtr Priority: 1, Dead Int: 4
0
Feb 28 2022 19:26:34.427.12-08:00 R1 RM/6/RMDEBUG: DR: 0.0.0.0
Feb 28 2022 19:26:34.427.13-08:00 R1 RM/6/RMDEBUG: BDR: 0.0.0.0
Feb 28 2022 19:26:34.427.14-08:00 R1 RM/6/RMDEBUG: # Attached Neighbors: 1
Feb 28 2022 19:26:34.427.15-08:00 R1 RM/6/RMDEBUG: Neighbor: 10.0.123.2
7、现增添新的分支机构R3,为了使R3能够加入到原来的OSPF网络,在R1和R3之间建立一条帧中继PVC,并将其OSPF网络类型配置为点到点网络。
[R1-Serial1/0/0]fr map ip 10.0.123.3 103 broadcast
[R3]int s1/0/0
[R3-Serial1/0/0]link-protocol fr
[R3-Serial1/0/0]ip add 10.0.123.3 24
[R3-Serial1/0/0]fr interface-type dte (默认类型,可不配)
[R3-Serial1/0/0]fr map ip 10.0.123.1 301 broadcast
[R3-Serial1/0/0]ospf network-type p2p
[R3-Serial1/0/0]ospf 1
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.123.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
8、配置完成后,在R1上查看OSPF邻居信息。观察到R1只与R2建立邻居关系,与R3没有建立邻居关系。这是因为点到点网络的端口只能允许各有一个专门的接口。想要R1既对应R3又对应R2,是不可能的。处理方法一:在R1上再增加一个物理口,一个接口对应R1到R2的这个点到点网络,另一个接口对应R1到R3的这个点到点网络;方法二:在R1的S1/0/0接口下配置两个子接口,两个字节口使用不同网段的IP地址,并分别用来与R2和R3建立点到点网络。方法三:采用NBMA网络类型,具体如下:
[R1]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.123.2 Full
----------------------------------------------------------------------------
8.2.5.4 配置OSPF的NBMA及Broadcast网络类型¶
1、配置R1、R2、R3的S1/0/0接口为NBMA类型。NBMA类型是帧中继串行接口运行OSPF时默认网络类型。NB表示非广播,其含义是指NBMA接口不支持广播或组播报文;MA表示多路访问,在多路访问的网络中,OSPF是需要进行DR和BDR的选举的。
[R1]int s1/0/0
[R1-Serial1/0/0]ospf network-type nbma
[R2]int s1/0/0
[R2-Serial1/0/0]ospf network-type nbma
[R3]int s1/0/0
[R3-Serial1/0/0]ospf network-type nbma
2、为验证NBMA网络特点,在R1、R2、R3上配置帧中继映射时不添加关键字broadcast,观察发现OSPF因为无法对组播Hello报文进行封装,导致无法建立邻接关系。
[R1-Serial1/0/0]fr map ip 10.0.123.2 102
[R1-Serial1/0/0]fr map ip 10.0.123.3 103
[R2-Serial1/0/0]fr map ip 10.0.123.1 201
[R3-Serial1/0/0]fr map ip 10.0.123.1 301
3、配置完成后,在R1上查看OSPF邻居信息。观察到R1无法与R3、R2建立邻居。这是因为此时每个接口都无法发送组播OSPF Hello报文。NBMA网络类型不支持通过组播方式自动发现邻居,需要通过手动配置来指定邻居。
<R1>dis ospf peer bri
OSPF Process 1 with Router ID 10.0.123.1
Peer Statistic Information
----------------------------------------------------------------------------
4、在R1、R2、R3上使用peer命令指定OSPF邻居。
[R1]ospf
[R1-ospf-1]peer 10.0.123.2
[R1-ospf-1]peer 10.0.123.3
[R2]ospf
[R2-ospf-1]peer 10.0.123.1
[R3]ospf
[R3-ospf-1]peer 10.0.123.1
5、配置完成后,查看R1的OSPF邻居信息。观察到R1和R2、R3成功建立起邻居关系。
<R1>dis ospf peer brief
OSPF Process 1 with Router ID 10.0.123.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.123.2 Full
0.0.0.0 Serial1/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
6、查看R1、R2、R3的路由表。观察到R1和R2都收到了对方LoopBack 0的路由,但是R1没有去往R3的LoopBack 0的路由,R2的路由表中没有去往R3的LoopBack 0的路由,R3的路由表中没有去往R1、R2的LoopBack 0的路由.
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 48 D 10.0.123.3 Serial1/0/0
10.0.123.0/24 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.123.0/24 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R3]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 48 D 10.0.123.1 Serial1/0/0
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.123.0/24 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
7、查看R1的OSPF邻居的详细信息。观察到,R1在S1/0/0接口上存在两个邻居,但是也有两个不同的DR。在多路访问网络中,DR只能有一个,这说明网络中存在故障。
<R1>dis ospf peer
OSPF Process 1 with Router ID 10.0.123.1
Neighbors
Area 0.0.0.0 interface 10.0.123.1(Serial1/0/0)'s neighbors
Router ID: 10.0.123.2 Address: 10.0.123.2
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.123.2 BDR: 10.0.123.1 MTU: 0
Dead timer due in 100 sec
Retrans timer interval: 5
Neighbor is up for 00:02:12
Authentication Sequence: [ 0 ]
Router ID: 10.0.123.3 Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1
DR: 10.0.123.3 BDR: 10.0.123.1 MTU: 0
Dead timer due in 100 sec
Retrans timer interval: 5
Neighbor is up for 00:02:15
Authentication Sequence: [ 0 ]
说明:在选举DR和BDR时,R1、R2、R3的S1/0/0接口的DR优先级的值都是1,因此Router-ID最大的路由器将被选举为DR。由于R2与R3之间缺少了PVC,导致R2和R3都认为各自的OSPF网络中只存在邻居R1,所以R2和R3都认为自己是DR,而R1为BDR。 8、在R1上使用命令display ospf interface s1/0/0查看S1/0/0接口下的OSPF详细信息。观察到此时R1认为R3是DR,自己是BDR。导致R1和R3之间路由信息可以正常传递,但R1与R2之间的路由信息传递却出现了问题。
<R1>dis ospf interface s1/0/0
OSPF Process 1 with Router ID 10.0.123.1
Interfaces
Interface: 10.0.123.1 (Serial1/0/0)
Cost: 48 State: BDR Type: NBMA MTU: 1500
Priority: 1
Designated Router: 10.0.123.3
Backup Designated Router: 10.0.123.1
Timers: Hello 30 , Dead 120 , Poll 120 , Retransmit 5 , Transmit Delay 1
9、解决上面问题必须确保DR有且仅有一个。针对目前Hub-Spoke结构的网络,保证Hub端R1成为DR路由器,Spoke端R2和R3成为DRother路由器。
[R1]int s1/0/0
[R1-Serial1/0/0]ospf dr-priority 10
[R2]int s1/0/0
[R2-Serial1/0/0]ospf dr-priority 0
[R3]int s1/0/0
[R3-Serial1/0/0]ospf dr-priority 0
10、配置完成后,在R1上使用命令dis ospf interface s1/0/0查看S1/0/0接口的OSPF详细情况。观察到R1变为DR。
[R1]dis ospf interface s1/0/0
OSPF Process 1 with Router ID 10.0.123.1
Interfaces
Interface: 10.0.123.1 (Serial1/0/0)
Cost: 48 State: DR Type: NBMA MTU: 1500
Priority: 10
Designated Router: 10.0.123.1
Backup Designated Router: 0.0.0.0
Timers: Hello 30 , Dead 120 , Poll 120 , Retransmit 5 , Transmit Delay 1
11、查看R1、R2、R3的路由表,此时每台路由器都获得了其他路由器的LoopBack 0的路由。
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 48 D 10.0.123.2 Serial1/0/0
10.0.3.3/32 OSPF 10 48 D 10.0.123.3 Serial1/0/0
10.0.123.0/24 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 48 D 10.0.123.1 Serial1/0/0
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 48 D 10.0.123.3 Serial1/0/0
10.0.123.0/24 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<R3>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 11 Routes : 11
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 48 D 10.0.123.1 Serial1/0/0
10.0.2.2/32 OSPF 10 48 D 10.0.123.2 Serial1/0/0
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.123.0/24 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
12、测试R2和R3的LoopBack 0 接口之间的连通性。观察到,连通性异常。
<R3>ping -a 10.0.3.3 10.0.2.2
PING 10.0.2.2: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
Request time out
--- 10.0.2.2 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
13、在R2上查看是否存在去往10.0.123.3的映射,在R3上查看是否存在去往10.0.123.2的映射。观察到,R2的映射表中缺少了去往10.0.123.3的映射,R3的映射表中缺少了去往10.0.123.2的映射。
[R2]dis fr map-info
Map Statistics for interface Serial1/0/0 (DTE)
DLCI = 201, IP 10.0.123.1, Serial1/0/0
create time = 2022/03/07 19:04:44, status = ACTIVE
encapsulation = ietf, vlink = 3
<R3>dis fr map-info
Map Statistics for interface Serial1/0/0 (DTE)
DLCI = 301, IP 10.0.123.1, Serial1/0/0
create time = 2022/03/07 19:12:32, status = ACTIVE
encapsulation = ietf, vlink = 2
14、为解决R2和R3不互通的问题,在R2和R3上分别配置去往10.0.123.3和10.0.123.2的帧中继映射条目。
[R2]int s1/0/0
[R2-Serial1/0/0]fr map ip 10.0.123.3 201
[R3]int s1/0/0
[R3-Serial1/0/0]fr map ip 10.0.123.2 301
15、配置完成后,再次测试R2和R3的LoopBack0接口之间的连通性。观察到,R2和R3实现了互通。
[R2]ping -a 10.0.2.2 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=50 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=50 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=30 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=20 ms
--- 10.0.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/38/50 ms
16、还可以把R1、R2、R3组成的网络修改为OSPF Broadcast类型的网络。前提是网络的PVC必须支持广播。
[R1]int s1/0/0
[R1-Serial1/0/0]ospf network-type broadcast
[R1-Serial1/0/0]fr map ip 10.0.123.2 102 broadcast
[R1-Serial1/0/0]fr map ip 10.0.123.3 103 broadcast
[R1-Serial1/0/0]ospf 1
[R1-ospf-1]undo peer 10.0.123.2
[R1-ospf-1]undo peer 10.0.123.3
[R2]int s1/0/0
[R2-Serial1/0/0]ospf network-type broadcast
[R2-Serial1/0/0]fr map ip 10.0.123.1 201 broadcast
[R2-Serial1/0/0]fr map ip 10.0.123.3 201 broadcast
[R2-Serial1/0/0]ospf 1
[R2-ospf-1]undo peer 10.0.123.1
[R3]int s1/0/0
[R3-Serial1/0/0]ospf network-type broadcast
[R3-Serial1/0/0]fr map ip 10.0.123.1 301 broadcast
[R3-Serial1/0/0]fr map ip 10.0.123.2 301 broadcast
[R3-Serial1/0/0]ospf 1
[R3-ospf-1]undo peer 10.0.123.1
17、配置完成后,在R1上使用display ospf peer 查看OSPF邻居信息。观察到R1为DR。
<R1>dis ospf peer
OSPF Process 1 with Router ID 10.0.123.1
Neighbors
Area 0.0.0.0 interface 10.0.123.1(Serial1/0/0)'s neighbors
Router ID: 10.0.123.2 Address: 10.0.123.2
State: Full Mode:Nbr is Master Priority: 0
DR: 10.0.123.1 BDR: None MTU: 0
Dead timer due in 34 sec
Retrans timer interval: 5
Neighbor is up for 00:04:31
Authentication Sequence: [ 0 ]
Router ID: 10.0.123.3 Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 0
DR: 10.0.123.1 BDR: None MTU: 0
Dead timer due in 34 sec
Retrans timer interval: 5
Neighbor is up for 00:01:15
Authentication Sequence: [ 0 ]
18、测试R2和R3的LoopBack口的连通性。观察到可以正常通信。R1、R2、R3已构成了一个OSPF Broadcast网络,它通过组播OSPF Hello报文自动发现邻居并建立邻接关系,并且需要进行DR和BDR的选举。
<R2>ping -a 10.0.2.2 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=40 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=50 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 10.0.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/38/50 ms
8.2.5.5 配置OSPF的点到多点网络类型¶
1、将现在的网络类型修改为点到多点网络,通过组播OSPF Hello报文自动发现邻居并建立邻接关系,不选举也不存在DR和BDR。
[R1]int s1/0/0
[R1-Serial1/0/0]ospf network-type p2mp
[R1-Serial1/0/0]fr map ip 10.0.123.2 102 broadcast
[R1-Serial1/0/0]fr map ip 10.0.123.3 103 broadcast
[R2]int s1/0/0
[R2-Serial1/0/0]ospf network-type p2mp
[R2-Serial1/0/0]undo ospf dr-priority
[R2-Serial1/0/0]fr map ip 10.0.123.1 201 broadcast
[R2-Serial1/0/0]undo fr map ip 10.0.123.3 201 broadcast
[R3]int s1/0/0
[R3-Serial1/0/0]ospf network-type p2mp
[R3-Serial1/0/0]undo ospf dr-priority
[R3-Serial1/0/0]fr map ip 10.0.123.1 201 broadcast
[R3-Serial1/0/0]undo fr map ip 10.0.123.2 301 broadcast
2、配置完成后,在R1上查看OSPF邻居信息和路由表
[R1]dis ospf peer
OSPF Process 1 with Router ID 10.0.123.1
Neighbors
Area 0.0.0.0 interface 10.0.123.1(Serial1/0/0)'s neighbors
Router ID: 10.0.123.2 Address: 10.0.123.2
State: Full Mode:Nbr is Master Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 103 sec
Retrans timer interval: 5
Neighbor is up for 00:04:46
Authentication Sequence: [ 0 ]
Router ID: 10.0.123.3 Address: 10.0.123.3
State: Full Mode:Nbr is Master Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 98 sec
Retrans timer interval: 5
Neighbor is up for 00:02:30
Authentication Sequence: [ 0 ]
[R1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 48 D 10.0.123.2 Serial1/0/0
10.0.3.3/32 OSPF 10 48 D 10.0.123.3 Serial1/0/0
10.0.123.0/24 Direct 0 0 D 10.0.123.1 Serial1/0/0
10.0.123.1/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
10.0.123.2/32 Direct 0 0 D 10.0.123.2 Serial1/0/0
10.0.123.3/32 Direct 0 0 D 10.0.123.3 Serial1/0/0
10.0.123.255/32 Direct 0 0 D 127.0.0.1 Serial1/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
3、测试R2和R3的LoopBack 0接口之间的连通性。观察到,连通性正常。此时,R1、R2、R3构成了一个OSPF点到多点网络。在Hub-Spoke的网络结构上应用点到多点网络类型最为合适的。
<R2>ping -a 10.0.2.2 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=30 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=10 ms
--- 10.0.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/24/30 ms
8.3 思考¶
在Hub-Spoke的网络结构中,如果Hub端路由器的接口类型为点到多点类型,Spoke端路由器的接口类型为点到点类型,那么它们可以建立起邻接关系吗?为什么? 答:不能,P2MP的HELLO时间是30S,P2P的HELLO时间是10S。二者Hello时间不同,导致它们之间邻接关系无法建立。
九、OSPF 路由聚合¶
9.1 原理概述¶
与RIP不同,OSPF不支持自动路由聚合,仅支持手动路由聚合。OSPF的路由聚合有两种机制:区域间路由聚合和外部路由聚合。区域间路由聚合必须配置在ABR路由器上,指的是ABR在把与自己相连区域(Area)中的Type-1和Type-2 LSA转换成Type-3 LSA时,对生成的Type-3 LSA进行聚合。外部路由聚合必须配置在ASBR路由器上,指的是ASBR对Type-5 LSA进行聚合。 区域间路由聚合是ABR对与自己直接相连区域内的路由进行聚合,从而减少传播至与自己直接相连的其他区域的Type-3 LSA的数量。需要特别强调的是,区域间路由只能聚合由Type-1 LSA或Type-2 LSA产生的路由;如果路由是由外部或其他区域传到本区域的(或者说路由是由Type-5 LSA或Type-3 LSA生成的),则对于这样的路由ABR是不能进行聚合的。 外部路由聚合是指在ASBR路由器上针对引入OSPF网络的外部路由进行聚合,目的是减少在OSPF网络中的Type-5 LSA的数量。外部路由聚合必须在外部路由进入OSPF网络的ASBR上进行;外部路由进入OSPF网络后,在ABR上是无法对相应的Type-5 LSA进行聚合的。 对于NSSA区域,当该区域的ABR将Type-7 LSA转换为Type-5 LSA时,该ABR可以充当ASBR的角色,并对Type-5 LSA进行聚合。需要注意的是,当NSSA区域存在多台ABR时,必须由Router-ID最大的ABR进行Type-7 LSA到Type-5 LSA的转换操作。NSSA区域的外部路由聚合有两种方式,一种是在NSSA区域的ASBR上直接对外部路由进行聚合,另一种是在NSSA区域中Router-ID最大的、负责将Type-7 LSA转换为Type-5 LSA的ABR上进行聚合的。
9.1.1 实验目的¶
1、理解OSPF区域间路由聚合和外部路由聚合的概念和过程 2、掌握配置OSPF区域间路由聚合和外部路由聚合的方法
9.1.2 实验内容¶
本实验模拟了一个企业网络场景,R1、R2、R3为公司总部网络路由器,R4为分支机构路由器,R5为非OSPF网络的路由器,SW1为公司总部内部的交换机,R1、R2、R3、R4与SW1运行OSPF协议。PC-1、PC-2、PC-3分别属于VLAN2、VLAN3、VLAN4;SW1与R1之间的链路属于VLAN5,且属于区域1.R1与R2、R1与R3之间的链路属于区域0,R2与R4、R3与R4之间的链路属于区域2.区域2是一个NSSA区域,R4使用静态路由去往R5的LoopBack接口所模拟的外部网络。网络管理员需要在实现全网互通的前提下,尽可能地精简LSDB和优化路由表。
9.1.3 实验拓扑¶
9.1.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.16.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/1 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/2 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/2 | 10.0.24.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/2 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/1 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | GE0/0/2 | 10.0.24.4 | 255.255.255.0 | N/A |
| R4(AR2220) | S1/0/0 | 10.0.45.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R5(AR2220) | S1/0/0 | 10.0.45.5 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack1 | 20.0.5.1 | 255.255.255.255 | N/A |
| R5(AR2220) | LoopBack2 | 20.0.5.2 | 255.255.255.255 | N/A |
| R5(AR2220) | LoopBack3 | 20.0.5.3 | 255.255.255.255 | N/A |
| SW1(S3700) | VLANIF2 | 20.0.1.100 | 255.255.255.0 | N/A |
| SW1(S3700) | VLANIF3 | 20.0.2.100 | 255.255.255.0 | N/A |
| SW1(S3700) | VLANIF4 | 20.0.3.100 | 255.255.255.0 | N/A |
| SW1(S3700) | VLANIF5 | 10.0.16.6 | 255.255.255.0 | N/A |
| SW1(S3700) | LoopBack0 | 10.0.6.6 | 255.255.255.255 | N/A |
| PC-1 | E0/0/1 | 20.0.1.1 | 255.255.255.0 | 20.0.1.100 |
| PC-2 | E0/0/1 | 20.0.2.1 | 255.255.255.0 | 20.0.2.100 |
| PC-3 | E0/0/1 | 20.0.3.1 | 255.255.255.0 | 20.0.3.100 |
| ### 9.1.5 实验步骤 | ||||
| #### 9.1.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性。 | ||||
| #### 9.1.5.2 配置OSPF及路由引入 | ||||
| 1、分别在R1、R2、R3、R4、R5、SW1上做相应的配置。 |
[SW1]int e0/0/1
[SW1-Ethernet0/0/1]port link-type access
[SW1-Ethernet0/0/1]port default vlan 2
[SW1-Ethernet0/0/1]int e0/0/2
[SW1-Ethernet0/0/2]port link-type access
[SW1-Ethernet0/0/2]port default vlan 3
[SW1-Ethernet0/0/2]int e0/0/3
[SW1-Ethernet0/0/3]port link-type access
[SW1-Ethernet0/0/3]port default vlan 4
[SW1-Ethernet0/0/3]int e0/0/4
[SW1-Ethernet0/0/4]port link-type access
[SW1-Ethernet0/0/4]port default vlan 5
[SW1]ospf 1 router-id 10.0.6.6
[SW1-ospf-1]area 1
[SW1-ospf-1-area-0.0.0.1]network 10.0.6.6 0.0.0.0
[SW1-ospf-1-area-0.0.0.1]network 20.0.1.100 0.0.0.0
[SW1-ospf-1-area-0.0.0.1]network 20.0.2.100 0.0.0.0
[SW1-ospf-1-area-0.0.0.1]network 20.0.3.100 0.0.0.0
[SW1-ospf-1-area-0.0.0.1]network 10.0.16.6 0.0.0.0
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 10.0.16.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]area 2
[R2-ospf-1-area-0.0.0.2]network 10.0.24.2 0.0.0.0
[R2-ospf-1-area-0.0.0.2]nssa
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 2
[R3-ospf-1-area-0.0.0.2]network 10.0.34.3 0.0.0.0
[R4-ospf-1-area-0.0.0.2]nssa
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 2
[R4-ospf-1-area-0.0.0.2]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.2]network 10.0.24.4 0.0.0.0
[R4-ospf-1-area-0.0.0.2]network 10.0.34.4 0.0.0.0
[R4-ospf-1-area-0.0.0.2]nssa
[R4]ip route-static 20.0.5.1 32 10.0.45.5
[R4]ip route-static 20.0.5.2 32 10.0.45.5
[R4]ip route-static 20.0.5.3 32 10.0.45.5
[R4]ospf 1
[R4-ospf-1]import-route static
[R5]ip route-static 0.0.0.0 0 10.0.45.4
2、配置完成后,在R1上查看邻居状态。观察到R1与R2、R3、SW1的邻居关系都是Full.
<R1>dis ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
0.0.0.0 GigabitEthernet0/0/2 10.0.3.3 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.6.6 Full
----------------------------------------------------------------------------
3、查看R1的路由表,观察到R1已经收到了所有的非直连路由。观察到,R1已经接收到了所有的非直连路由,全网已经实现了互通。
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 26 Routes : 30
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.4.4/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.6.6/32 OSPF 10 1 D 10.0.16.6 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.16.0/24 Direct 0 0 D 10.0.16.1 GigabitEthernet
0/0/0
10.0.16.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.16.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.34.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.1.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.2.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.3.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.5.1/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.5.2/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.5.3/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
9.1.5.3 配置区域间路由聚合¶
1、在R2上查看LSDB。观察到,R2为每台PC所属网络都单独维护了Type-3 LSA(Sum-Net).
<R2>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1154 48 80000006 0
Router 10.0.2.2 10.0.2.2 1113 48 80000007 0
Router 10.0.1.1 10.0.1.1 1416 60 8000000B 0
Network 10.0.13.1 10.0.1.1 1416 32 80000002 0
Network 10.0.12.1 10.0.1.1 1580 32 80000002 0
Sum-Net 20.0.3.0 10.0.1.1 1695 28 80000001 2
Sum-Net 20.0.2.0 10.0.1.1 1695 28 80000001 2
Sum-Net 10.0.34.0 10.0.3.3 1154 28 80000002 1
Sum-Net 10.0.34.0 10.0.2.2 1112 28 80000001 2
Sum-Net 20.0.1.0 10.0.1.1 1695 28 80000001 2
Sum-Net 10.0.24.0 10.0.2.2 1113 28 80000002 1
Sum-Net 10.0.24.0 10.0.3.3 1114 28 80000002 2
Sum-Net 10.0.6.6 10.0.1.1 1695 28 80000001 1
Sum-Net 10.0.16.0 10.0.1.1 1695 28 80000001 1
Sum-Net 10.0.4.4 10.0.3.3 1148 28 80000001 1
Sum-Net 10.0.4.4 10.0.2.2 1112 28 80000001 1
Area: 0.0.0.1
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1148 36 80000004 1
Router 10.0.4.4 10.0.4.4 959 60 8000000A 0
Router 10.0.2.2 10.0.2.2 1110 36 80000004 1
Network 10.0.24.4 10.0.4.4 1104 32 80000002 0
Network 10.0.34.4 10.0.4.4 1143 32 80000002 0
Sum-Net 20.0.3.0 10.0.2.2 1113 28 80000001 3
Sum-Net 20.0.3.0 10.0.3.3 1154 28 80000001 3
Sum-Net 20.0.2.0 10.0.2.2 1113 28 80000001 3
Sum-Net 20.0.2.0 10.0.3.3 1154 28 80000001 3
Sum-Net 20.0.1.0 10.0.2.2 1114 28 80000001 3
Sum-Net 20.0.1.0 10.0.3.3 1155 28 80000001 3
Sum-Net 10.0.13.0 10.0.2.2 1114 28 80000001 2
Sum-Net 10.0.13.0 10.0.3.3 1155 28 80000001 1
Sum-Net 10.0.12.0 10.0.2.2 1114 28 80000001 1
Sum-Net 10.0.12.0 10.0.3.3 1155 28 80000001 2
Sum-Net 10.0.3.3 10.0.2.2 1114 28 80000001 2
Sum-Net 10.0.3.3 10.0.3.3 1155 28 80000001 0
Sum-Net 10.0.2.2 10.0.2.2 1114 28 80000001 0
Sum-Net 10.0.2.2 10.0.3.3 1155 28 80000001 2
Sum-Net 10.0.1.1 10.0.2.2 1114 28 80000001 1
Sum-Net 10.0.1.1 10.0.3.3 1155 28 80000001 1
Sum-Net 10.0.6.6 10.0.2.2 1114 28 80000001 2
Sum-Net 10.0.6.6 10.0.3.3 1155 28 80000001 2
Sum-Net 10.0.16.0 10.0.2.2 1114 28 80000001 2
Sum-Net 10.0.16.0 10.0.3.3 1155 28 80000001 2
NSSA 0.0.0.0 10.0.2.2 1114 36 80000001 1
NSSA 0.0.0.0 10.0.3.3 1155 36 80000001 1
NSSA 20.0.5.1 10.0.4.4 960 36 80000001 1
NSSA 20.0.5.3 10.0.4.4 960 36 80000001 1
NSSA 20.0.5.2 10.0.4.4 960 36 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.1 10.0.3.3 961 36 80000001 1
External 20.0.5.3 10.0.3.3 961 36 80000001 1
External 20.0.5.2 10.0.3.3 961 36 80000001 1
2、查看R2的路由表。观察到,R2路由表中拥有每一台PC所属网络的路由。
[R2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 24 Routes : 24
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.4.4/32 OSPF 10 1 D 10.0.24.4 GigabitEthernet
0/0/2
10.0.6.6/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.16.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.2 GigabitEthernet
0/0/2
10.0.24.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.34.0/24 OSPF 10 2 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.1.0/24 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/1
20.0.2.0/24 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/1
20.0.3.0/24 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/1
20.0.5.1/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.5.2/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.5.3/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
3、为了减少LSDB中Type-3 LSA的数量以及路由表中路由条目的数量,进行区域间路由聚合。在SW1
[R1]ospf
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]abr-summary 20.0.0.0 255.255.252.0
4、配置完成后,查看R2的LSDB及路由表。观察到,R2的LSDB中没有为每一台PC所属的网络单独维护Type-3 LSA,维护的是聚合后的Type-3 LSA;R2的路由表中去往每一台PC所属的网络的明细路由也被聚合后的路由取代了。
[R2]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1037 48 80000007 0
Router 10.0.2.2 10.0.2.2 997 48 80000008 0
Router 10.0.1.1 10.0.1.1 1298 60 8000000C 0
Network 10.0.13.1 10.0.1.1 1298 32 80000003 0
Network 10.0.12.1 10.0.1.1 1463 32 80000003 0
Sum-Net 10.0.34.0 10.0.3.3 1037 28 80000003 1
Sum-Net 10.0.34.0 10.0.2.2 996 28 80000002 2
Sum-Net 10.0.24.0 10.0.2.2 997 28 80000003 1
Sum-Net 10.0.24.0 10.0.3.3 997 28 80000003 2
Sum-Net 20.0.0.0 10.0.1.1 14 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 1578 28 80000002 1
Sum-Net 10.0.16.0 10.0.1.1 1578 28 80000002 1
Sum-Net 10.0.4.4 10.0.3.3 1031 28 80000002 1
Sum-Net 10.0.4.4 10.0.2.2 996 28 80000002 1
Area: 0.0.0.1
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1031 36 80000005 1
Router 10.0.4.4 10.0.4.4 843 60 8000000B 0
Router 10.0.2.2 10.0.2.2 994 36 80000005 1
Network 10.0.24.4 10.0.4.4 987 32 80000003 0
Network 10.0.34.4 10.0.4.4 1026 32 80000003 0
Sum-Net 10.0.13.0 10.0.2.2 997 28 80000002 2
Sum-Net 10.0.13.0 10.0.3.3 1037 28 80000002 1
Sum-Net 20.0.0.0 10.0.2.2 13 28 80000001 3
Sum-Net 20.0.0.0 10.0.3.3 15 28 80000001 3
Sum-Net 10.0.12.0 10.0.2.2 997 28 80000002 1
Sum-Net 10.0.12.0 10.0.3.3 1037 28 80000002 2
Sum-Net 10.0.3.3 10.0.2.2 1003 28 80000002 2
Sum-Net 10.0.3.3 10.0.3.3 1043 28 80000002 0
Sum-Net 10.0.2.2 10.0.2.2 1003 28 80000002 0
Sum-Net 10.0.2.2 10.0.3.3 1043 28 80000002 2
Sum-Net 10.0.1.1 10.0.2.2 1003 28 80000002 1
Sum-Net 10.0.1.1 10.0.3.3 1043 28 80000002 1
Sum-Net 10.0.6.6 10.0.2.2 1003 28 80000002 2
Sum-Net 10.0.6.6 10.0.3.3 1043 28 80000002 2
Sum-Net 10.0.16.0 10.0.2.2 1003 28 80000002 2
Sum-Net 10.0.16.0 10.0.3.3 1043 28 80000002 2
NSSA 0.0.0.0 10.0.2.2 1003 36 80000002 1
NSSA 0.0.0.0 10.0.3.3 1043 36 80000002 1
NSSA 20.0.5.1 10.0.4.4 849 36 80000002 1
NSSA 20.0.5.3 10.0.4.4 849 36 80000002 1
NSSA 20.0.5.2 10.0.4.4 849 36 80000002 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.1 10.0.3.3 850 36 80000002 1
External 20.0.5.3 10.0.3.3 850 36 80000002 1
External 20.0.5.2 10.0.3.3 850 36 80000002 1
[R2]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 22 Routes : 22
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.4.4/32 OSPF 10 1 D 10.0.24.4 GigabitEthernet
0/0/2
10.0.6.6/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.16.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.2 GigabitEthernet
0/0/2
10.0.24.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.34.0/24 OSPF 10 2 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.0.0/22 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/1
20.0.5.1/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.5.2/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.5.3/32 O_NSSA 150 1 D 10.0.24.4 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
9.1.5.4 配置外部路由聚合¶
1、在R4上使用命令asbr-summary配置外部路由聚合。
[R4]ospf
[R4-ospf-1]asbr-summary 20.0.5.0 255.255.255.252
2、配置完成后,查看R1的LSDB及路由表。观察到,R1的LSDB没有明细Type-5 LSA,只有聚合了的Type-5 LSA。R1的路由表中没有外部网络的明细路由,而只有聚合后的路由。
<R1>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 113 48 80000008 0
Router 10.0.2.2 10.0.2.2 75 48 80000009 0
Router 10.0.1.1 10.0.1.1 375 60 8000000D 0
Network 10.0.13.1 10.0.1.1 375 32 80000004 0
Network 10.0.12.1 10.0.1.1 540 32 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 113 28 80000004 1
Sum-Net 10.0.34.0 10.0.2.2 74 28 80000003 2
Sum-Net 10.0.24.0 10.0.2.2 75 28 80000004 1
Sum-Net 10.0.24.0 10.0.3.3 73 28 80000004 2
Sum-Net 20.0.0.0 10.0.1.1 891 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 655 28 80000003 1
Sum-Net 10.0.16.0 10.0.1.1 655 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 107 28 80000003 1
Sum-Net 10.0.4.4 10.0.2.2 74 28 80000003 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.6.6 10.0.6.6 688 84 8000000E 1
Router 10.0.1.1 10.0.1.1 672 36 80000006 1
Network 10.0.16.6 10.0.6.6 688 32 80000004 0
Sum-Net 10.0.34.0 10.0.1.1 278 28 80000003 2
Sum-Net 10.0.13.0 10.0.1.1 639 28 80000003 1
Sum-Net 10.0.24.0 10.0.1.1 73 28 80000005 2
Sum-Net 10.0.12.0 10.0.1.1 642 28 80000003 1
Sum-Net 10.0.3.3 10.0.1.1 380 28 80000003 1
Sum-Net 10.0.2.2 10.0.1.1 545 28 80000003 1
Sum-Net 10.0.1.1 10.0.1.1 655 28 80000003 0
Sum-Net 10.0.4.4 10.0.1.1 106 28 80000003 2
Sum-Asbr 10.0.2.2 10.0.1.1 74 28 80000003 1
Sum-Asbr 10.0.3.3 10.0.1.1 112 28 80000003 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.0 10.0.3.3 30 36 80000001 2
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 24 Routes : 26
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.4.4/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.6.6/32 OSPF 10 1 D 10.0.16.6 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.16.0/24 Direct 0 0 D 10.0.16.1 GigabitEthernet
0/0/0
10.0.16.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.16.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.34.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.1.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.2.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.3.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.5.0/30 O_ASE 150 2 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 2 D 10.0.13.3 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
3、查看R2的LSDB及路由表。观察到,R2的LSDB中没有明细Type-5 LSA和Type-7 LSA,只有聚合后的Type-5 LSA和Type-7 LSA,R2的路由表中没有外部网络的明细路由,而只有聚合后的路由。
<R2>dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 429 48 80000008 0
Router 10.0.2.2 10.0.2.2 389 48 80000009 0
Router 10.0.1.1 10.0.1.1 690 60 8000000D 0
Network 10.0.13.1 10.0.1.1 690 32 80000004 0
Network 10.0.12.1 10.0.1.1 855 32 80000004 0
Sum-Net 10.0.34.0 10.0.3.3 429 28 80000004 1
Sum-Net 10.0.34.0 10.0.2.2 388 28 80000003 2
Sum-Net 10.0.24.0 10.0.2.2 389 28 80000004 1
Sum-Net 10.0.24.0 10.0.3.3 389 28 80000004 2
Sum-Net 20.0.0.0 10.0.1.1 1206 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 970 28 80000003 1
Sum-Net 10.0.16.0 10.0.1.1 970 28 80000003 1
Sum-Net 10.0.4.4 10.0.3.3 423 28 80000003 1
Sum-Net 10.0.4.4 10.0.2.2 388 28 80000003 1
Area: 0.0.0.1
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 423 36 80000006 1
Router 10.0.4.4 10.0.4.4 235 60 8000000C 0
Router 10.0.2.2 10.0.2.2 386 36 80000006 1
Network 10.0.24.4 10.0.4.4 378 32 80000004 0
Network 10.0.34.4 10.0.4.4 417 32 80000004 0
Sum-Net 10.0.13.0 10.0.2.2 389 28 80000003 2
Sum-Net 10.0.13.0 10.0.3.3 429 28 80000003 1
Sum-Net 20.0.0.0 10.0.2.2 1205 28 80000001 3
Sum-Net 20.0.0.0 10.0.3.3 1207 28 80000001 3
Sum-Net 10.0.12.0 10.0.2.2 389 28 80000003 1
Sum-Net 10.0.12.0 10.0.3.3 429 28 80000003 2
Sum-Net 10.0.3.3 10.0.2.2 390 28 80000003 2
Sum-Net 10.0.3.3 10.0.3.3 430 28 80000003 0
Sum-Net 10.0.2.2 10.0.2.2 390 28 80000003 0
Sum-Net 10.0.2.2 10.0.3.3 430 28 80000003 2
Sum-Net 10.0.1.1 10.0.2.2 390 28 80000003 1
Sum-Net 10.0.1.1 10.0.3.3 430 28 80000003 1
Sum-Net 10.0.6.6 10.0.2.2 390 28 80000003 2
Sum-Net 10.0.6.6 10.0.3.3 430 28 80000003 2
Sum-Net 10.0.16.0 10.0.2.2 390 28 80000003 2
Sum-Net 10.0.16.0 10.0.3.3 430 28 80000003 2
NSSA 0.0.0.0 10.0.2.2 390 36 80000003 1
NSSA 0.0.0.0 10.0.3.3 430 36 80000003 1
NSSA 20.0.5.0 10.0.4.4 344 36 80000001 2
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.0 10.0.3.3 345 36 80000001 2
<R2>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 20 Routes : 20
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.4.4/32 OSPF 10 1 D 10.0.24.4 GigabitEthernet
0/0/2
10.0.6.6/32 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.0/24 Direct 0 0 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.16.0/24 OSPF 10 2 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.24.0/24 Direct 0 0 D 10.0.24.2 GigabitEthernet
0/0/2
10.0.24.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.24.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.34.0/24 OSPF 10 2 D 10.0.24.4 GigabitEthernet
0/0/2
20.0.0.0/22 OSPF 10 3 D 10.0.12.1 GigabitEthernet
0/0/1
20.0.5.0/30 O_NSSA 150 2 D 10.0.24.4 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
9.1.5.5 在NSSA区域的ABR上配置外部路由聚合¶
1、由于区域2是NSSA区域,该区域的ABR路由器会将Type-7 LSA转换为Type-5 LSA,并泛洪到区域0.先删除R4上的路由聚合配置,然后在区域2的ABR路由器R2上配置外部路由聚合。
[R4-ospf-1]undo asbr-summary 20.0.5.0 255.255.255.252
[R2-ospf-1]asbr-summary 20.0.5.0 255.255.255.252
2、配置完成后,查看R1的LSDB。观察到,R1的LSDB中针对每一条外部明细路由都有一条相应的Type-5 LSA,这说明在ABR路由器R2上进行的外部路由聚合配置并未生效。(将Type-7 LSA转换为Type-5 LSA的是Router ID较大的ABR路由器R3,所以,在R2上进行的外部路由聚合配置不能生效)
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 887 48 80000006 1
Router 10.0.2.2 10.0.2.2 926 48 80000006 0
Router 10.0.1.1 10.0.1.1 890 60 8000000B 0
Network 10.0.13.1 10.0.1.1 890 32 80000002 0
Network 10.0.12.1 10.0.1.1 930 32 80000002 0
Sum-Net 10.0.34.0 10.0.3.3 887 28 80000002 1
Sum-Net 10.0.34.0 10.0.2.2 838 28 80000001 2
Sum-Net 10.0.24.0 10.0.2.2 926 28 80000002 1
Sum-Net 10.0.24.0 10.0.3.3 838 28 80000002 2
Sum-Net 20.0.0.0 10.0.1.1 610 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 1040 28 80000001 1
Sum-Net 10.0.16.0 10.0.1.1 1188 28 80000001 1
Sum-Net 10.0.4.4 10.0.3.3 842 28 80000001 1
Sum-Net 10.0.4.4 10.0.2.2 838 28 80000001 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.6.6 10.0.6.6 1005 84 8000000A 1
Router 10.0.1.1 10.0.1.1 1032 36 80000006 1
Network 10.0.16.1 10.0.1.1 1032 32 80000002 0
Sum-Net 10.0.34.0 10.0.1.1 886 28 80000002 2
Sum-Net 10.0.13.0 10.0.1.1 1176 28 80000001 1
Sum-Net 10.0.24.0 10.0.1.1 929 28 80000001 2
Sum-Net 10.0.12.0 10.0.1.1 1181 28 80000001 1
Sum-Net 10.0.3.3 10.0.1.1 897 28 80000001 1
Sum-Net 10.0.2.2 10.0.1.1 933 28 80000001 1
Sum-Net 10.0.1.1 10.0.1.1 1188 28 80000001 0
Sum-Net 10.0.4.4 10.0.1.1 841 28 80000001 2
Sum-Asbr 10.0.2.2 10.0.1.1 926 28 80000001 1
Sum-Asbr 10.0.3.3 10.0.1.1 887 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.1 10.0.3.3 111 36 80000001 1
External 20.0.5.3 10.0.3.3 111 36 80000001 1
External 20.0.5.2 10.0.3.3 111 36 80000001 1
3、查看R1的路由表,观察到R1上外部网络的路由全部是明细路由。
[R1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 26 Routes : 30
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.4.4/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.6.6/32 OSPF 10 1 D 10.0.16.6 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.16.0/24 Direct 0 0 D 10.0.16.1 GigabitEthernet
0/0/0
10.0.16.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.16.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.34.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.1.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.2.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.3.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.5.1/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.5.2/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.5.3/32 O_ASE 150 1 D 10.0.12.2 GigabitEthernet
0/0/1
O_ASE 150 1 D 10.0.13.3 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
4、保留R2上的外部路由聚合配置,,并在R3上配置外部路由聚合。
[R3-ospf-1]asbr-summary 20.0.5.0 255.255.255.252
5、配置完成后,继续查看R1的LSDB及路由表。观察到,R1的LSDB中没有明细的Type-5 LSA,路由表中没有外部网络的明细路由,只有外部网络的聚合路由,下一跳为R3(10.0.13.3),这说明R3上外部路由聚合配置已经生效。
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1360 48 80000006 1
Router 10.0.2.2 10.0.2.2 1399 48 80000006 0
Router 10.0.1.1 10.0.1.1 1363 60 8000000B 0
Network 10.0.13.1 10.0.1.1 1363 32 80000002 0
Network 10.0.12.1 10.0.1.1 1403 32 80000002 0
Sum-Net 10.0.34.0 10.0.3.3 1360 28 80000002 1
Sum-Net 10.0.34.0 10.0.2.2 1311 28 80000001 2
Sum-Net 10.0.24.0 10.0.2.2 1399 28 80000002 1
Sum-Net 10.0.24.0 10.0.3.3 1311 28 80000002 2
Sum-Net 20.0.0.0 10.0.1.1 1083 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 1513 28 80000001 1
Sum-Net 10.0.16.0 10.0.1.1 1661 28 80000001 1
Sum-Net 10.0.4.4 10.0.3.3 1315 28 80000001 1
Sum-Net 10.0.4.4 10.0.2.2 1311 28 80000001 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.6.6 10.0.6.6 1478 84 8000000A 1
Router 10.0.1.1 10.0.1.1 1505 36 80000006 1
Network 10.0.16.1 10.0.1.1 1505 32 80000002 0
Sum-Net 10.0.34.0 10.0.1.1 1359 28 80000002 2
Sum-Net 10.0.13.0 10.0.1.1 1649 28 80000001 1
Sum-Net 10.0.24.0 10.0.1.1 1402 28 80000001 2
Sum-Net 10.0.12.0 10.0.1.1 1654 28 80000001 1
Sum-Net 10.0.3.3 10.0.1.1 1370 28 80000001 1
Sum-Net 10.0.2.2 10.0.1.1 1406 28 80000001 1
Sum-Net 10.0.1.1 10.0.1.1 1661 28 80000001 0
Sum-Net 10.0.4.4 10.0.1.1 1314 28 80000001 2
Sum-Asbr 10.0.2.2 10.0.1.1 1399 28 80000001 1
Sum-Asbr 10.0.3.3 10.0.1.1 1360 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.0 10.0.3.3 70 36 80000001 2
[R1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 24 Routes : 25
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.4.4/32 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.6.6/32 OSPF 10 1 D 10.0.16.6 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.16.0/24 Direct 0 0 D 10.0.16.1 GigabitEthernet
0/0/0
10.0.16.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.16.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.34.0/24 OSPF 10 2 D 10.0.13.3 GigabitEthernet
0/0/2
20.0.1.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.2.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.3.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.5.0/30 O_ASE 150 2 D 10.0.13.3 GigabitEthernet
0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
6、关闭R3的GE0/0/1接口,模拟R3发生故障。
[R3]int g0/0/1
[R3-GigabitEthernet0/0/1]shutdown
7、再次查看R1的LSDB,观察到,R1上聚合后的Type-5 LSA的AdvRouter变成了R2(10.0.2.2).
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1732 48 80000006 1
Router 10.0.2.2 10.0.2.2 1771 48 80000006 0
Router 10.0.1.1 10.0.1.1 1735 60 8000000B 0
Network 10.0.13.1 10.0.1.1 1735 32 80000002 0
Network 10.0.12.1 10.0.1.1 1775 32 80000002 0
Sum-Net 10.0.24.0 10.0.2.2 1771 28 80000002 1
Sum-Net 20.0.0.0 10.0.1.1 1455 28 80000001 2
Sum-Net 10.0.6.6 10.0.1.1 86 28 80000002 1
Sum-Net 10.0.16.0 10.0.1.1 234 28 80000002 1
Sum-Net 10.0.4.4 10.0.2.2 1683 28 80000001 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.6.6 10.0.6.6 52 84 8000000B 1
Router 10.0.1.1 10.0.1.1 78 36 80000007 1
Network 10.0.16.1 10.0.1.1 78 32 80000003 0
Sum-Net 10.0.13.0 10.0.1.1 222 28 80000002 1
Sum-Net 10.0.24.0 10.0.1.1 1774 28 80000001 2
Sum-Net 10.0.12.0 10.0.1.1 227 28 80000002 1
Sum-Net 10.0.3.3 10.0.1.1 1742 28 80000001 1
Sum-Net 10.0.2.2 10.0.1.1 1778 28 80000001 1
Sum-Net 10.0.1.1 10.0.1.1 234 28 80000002 0
Sum-Net 10.0.4.4 10.0.1.1 1686 28 80000001 2
Sum-Asbr 10.0.2.2 10.0.1.1 1770 28 80000001 1
Sum-Asbr 10.0.3.3 10.0.1.1 1731 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 20.0.5.0 10.0.2.2 43 36 80000001 2
8、再次查看R1的路由表。观察到,R1去往外部网络的聚合路由的下一跳变成了R2(10.0.12.2).此时说明,ABR路由器R2上的外部路由聚合配置是对ABR路由器R3上的外部路由聚合配置的一个冗余备份。
[R1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 23 Routes : 23
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.3.3/32 OSPF 10 1 D 10.0.13.3 GigabitEthernet
0/0/2
10.0.4.4/32 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
10.0.6.6/32 OSPF 10 1 D 10.0.16.6 GigabitEthernet
0/0/0
10.0.12.0/24 Direct 0 0 D 10.0.12.1 GigabitEthernet
0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.12.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.0.13.0/24 Direct 0 0 D 10.0.13.1 GigabitEthernet
0/0/2
10.0.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
10.0.16.0/24 Direct 0 0 D 10.0.16.1 GigabitEthernet
0/0/0
10.0.16.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.16.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
10.0.24.0/24 OSPF 10 2 D 10.0.12.2 GigabitEthernet
0/0/1
20.0.1.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.2.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.3.0/24 OSPF 10 2 D 10.0.16.6 GigabitEthernet
0/0/0
20.0.5.0/30 O_ASE 150 2 D 10.0.12.2 GigabitEthernet
0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
9.2 在OSPF Stub区域的ABR上能不能配置区域间路由聚合呢?¶
答:ABR向其它区域发送路由信息时,以网段为单位生成Type3 LSA。当区域中存在连续的网段(具有相同前缀的路由信息)时,可以通过abr-summary命令将这些网段聚合成一个网段,ABR向其他区域只发送一条聚合后的LSA,所有指定的聚合网段范围的LSA将不会再被单独发送。从而减小路由表的规模,提高路由器的性能。stub区域里可以。 totally stub区域中没有type 3 lsa 所以不行。
十、OSPF 监测和调试¶
10.1 原理概述¶
为了监测OSPF协议的工作状态,VRP系统提供了一系列的查询命令。
10.2 OSPF 监测和调试实验¶
10.2.1 实验目的¶
1、掌握监测OSPF工作状态的方法 2、掌握调试OSPF工作过程的方法
10.2.2 实验内容¶
本实验模拟了一个企业网络场景,R1和R2为公司总部网络的路由器,R3为分支机构的路由器,R1、R2、R3上都运行OSPF协议,R4为公司外部网络的路由器,使用缺省路由访问公司网络。R3使用静态路由访问R4的所有LoopBack接口所模拟的外部网络,这些静态路由被引入到公司的OSPF网络s时需要被聚合。R1与R2、R2与R3之间的接口需要启用HMAC-MD5认证功能。
10.2.3 实验拓扑¶
10.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack 0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220 | S1/0/0 | 10.0.23.2 | 255.255.255.0 | N/A |
| R2(AR2220 | LoopBack 0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220 | S1/0/0 | 10.0.23.3 | 255.255.255.0 | N/A |
| R3(AR2220 | S1/0/1 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220 | LoopBack 0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220 | S1/0/1 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220 | LoopBack 0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R4(AR2220 | LoopBack 1 | 10.0.100.1 | 255.255.255.255 | N/A |
| R4(AR2220 | LoopBack 2 | 10.0.100.2 | 255.255.255.255 | N/A |
| R4(AR2220 | LoopBack 3 | 10.0.100.3 | 255.255.255.255 | N/A |
| ### 10.2.5 实验步骤 | ||||
| #### 10.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性 | ||||
| #### 10.2.5.2 配置协议 | ||||
| 1、在R1、R2、R3上配置OSPF协议,配置静态路由,引入外部路由,配置外部路由聚合,并在相应的接口上配置认证功能。 |
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]int g0/0/0
[R1-GigabitEthernet0/0/0]ospf authentication-mode hmac-md5 1 plain huawei
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 10.0.23.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]int g0/0/0
[R2-GigabitEthernet0/0/0]ospf authentication-mode hmac-md5 1 plain huawei
[R2-GigabitEthernet0/0/0]int s1/0/0
[R2-Serial1/0/0]ospf authentication-mode hmac-md5 1 plain huawei
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]network 10.0.23.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]qu
[R3-ospf-1]import-route static
[R3-ospf-1]asbr-summary 10.0.100.0 255.255.255.252
[R3-ospf-1]int s1/0/0
[R3-Serial1/0/0]ospf authentication-mode hmac-md5 1 plain huawei
[R3]ip route-static 10.0.100.1 32 10.0.34.4
[R3]ip route-static 10.0.100.2 32 10.0.34.4
[R3]ip route-static 10.0.100.3 32 10.0.34.4
10.2.5.3 监测OSPF的基本状态¶
1、在R2使用display ospf peer命令查看OSPF邻居的相关信息。表明R2已经与区域0的R1以及区域1的R3建立了邻接关系,状态为Full。回显信息还出现了邻居的接口地址,邻居的DR优先级,邻居在LSDB同步的主从角色等参数。
[R2]dis ospf peer
OSPF Process 1 with Router ID 10.0.2.2
Neighbors
Area 0.0.0.0 interface 10.0.12.2(GigabitEthernet0/0/0)'s neighbors
Router ID: 10.0.1.1 Address: 10.0.12.1
State: Full Mode:Nbr is Slave Priority: 1
DR: 10.0.12.2 BDR: 10.0.12.1 MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 5
Neighbor is up for 00:02:47
Authentication Sequence: [ 1301]
Neighbors
Area 0.0.0.1 interface 10.0.23.2(Serial1/0/0)'s neighbors
Router ID: 10.0.3.3 Address: 10.0.23.3
State: Full Mode:Nbr is Master Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 34 sec
Retrans timer interval: 5
Neighbor is up for 00:07:51
Authentication Sequence: [ 1286]
2、在R2上使用dis ospf peer brief 查看邻居的摘要信息。回显信息中包含了邻居所在的区域,邻居的连接接口,邻居的Route-ID和邻居关系的当前状态。
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 10.0.1.1 Full
0.0.0.1 Serial1/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
3、在R2上使用dis ospf interface 查看运行OSPF协议的接口信息。回显信息中包含了接口IP地址,接口类型,接口的开销值,接口的DR优先级等参数。
[R2]dis ospf interface
OSPF Process 1 with Router ID 10.0.2.2
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
10.0.2.2 P2P P-2-P 0 1 0.0.0.0 0.0.0.0
10.0.12.2 Broadcast DR 1 1 10.0.12.2 10.0.12.1
Area: 0.0.0.1 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
10.0.23.2 P2P P-2-P 48 1 0.0.0.0 0.0.0.0
4、在R2上使用dis ospf interface g0/0/0查看接口G0/0/0的详细信息。回显信息包含了G0/0/0接口所连网段的DR、BDR、MTU、Hello时间间隔等参数。
[R2]dis ospf interface g0/0/0
OSPF Process 1 with Router ID 10.0.2.2
Interfaces
Interface: 10.0.12.2 (GigabitEthernet0/0/0)
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.12.2
Backup Designated Router: 10.0.12.1
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
5、在R2上使用dis ospf lsdb查看LSDB。观察到,R2的LSDB成功接收到了所以的LSA。
[R2]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 865 48 80000007 0
Router 10.0.1.1 10.0.1.1 875 48 80000005 0
Network 10.0.12.2 10.0.2.2 865 32 80000002 0
Sum-Net 10.0.3.3 10.0.2.2 1177 28 80000001 48
Sum-Net 10.0.23.0 10.0.2.2 1447 28 80000001 48
Sum-Asbr 10.0.3.3 10.0.2.2 1177 28 80000001 48
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1179 60 80000004 0
Router 10.0.2.2 10.0.2.2 1178 48 80000002 48
Sum-Net 10.0.12.0 10.0.2.2 1447 28 80000001 1
Sum-Net 10.0.2.2 10.0.2.2 1447 28 80000001 0
Sum-Net 10.0.1.1 10.0.2.2 874 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 10.0.100.0 10.0.3.3 1088 36 80000001 2
6、在R2上使用dis ospf lsdb ase查看LSDB的Type-5 LSA的详细信息。回显内容包含了Type-5 LSA的详细参数
[R2]dis ospf lsdb ase
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Type : External
Ls id : 10.0.100.0
Adv rtr : 10.0.3.3
Ls age : 1256
Len : 36
Options : E
seq# : 80000001
chksum : 0xa2b1
Net mask : 255.255.255.252
TOS 0 Metric: 2
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
7、在R2上使用dis ospf routing查看OSPF路由表。回显信息包含了所有OSOF路由条目的相关信息。
[R2]dis ospf routing
OSPF Process 1 with Router ID 10.0.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.0.2.2/32 0 Stub 10.0.2.2 10.0.2.2 0.0.0.0
10.0.12.0/24 1 Transit 10.0.12.2 10.0.2.2 0.0.0.0
10.0.23.0/24 48 Stub 10.0.23.2 10.0.2.2 0.0.0.1
10.0.1.1/32 1 Stub 10.0.12.1 10.0.1.1 0.0.0.0
10.0.3.3/32 48 Stub 10.0.23.3 10.0.3.3 0.0.0.1
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
10.0.100.0/30 2 Type2 1 10.0.23.3 10.0.3.3
Total Nets: 6
Intra Area: 5 Inter Area: 0 ASE: 1 NSSA: 0
10.2.5.4 调试OSPF的工作过程¶
1、在R1上使用terminal debugging 命令开启debug功能。
<R1>terminal debugging
Info: Current terminal debugging is on.
2、在R1上使用debugging ospf event 命令查看OSPF协议工作过程中的所有事件。观察到,没有任何的输出信息,这是因为OSPF此时工作在常态,并没有发生变化。
<R1>debugging ospf event
3、在R1上使用reset ospf process命令重启OSPF进程来观察OSPF邻居关系建立的过程。观察到,显示信息反映了R1和R2建立邻接关系的每一步过程。
<R1>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
<R1>
Mar 14 2022 20:45:59.651.9-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 2755 Level: 0x20
OSPF 1: Intf 10.0.1.1 Rcv InterfaceDown State Point-to-Point -> Down.
<R1>
Mar 14 2022 20:45:59.651.10-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 2755 Level: 0x20
OSPF 1: Intf 10.0.12.1 Rcv InterfaceDown State BackupDR -> Down.
<R1>
Mar 14 2022 20:45:59.651.11-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 3360 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv KillNbr State Full -> Down.
<R1>
Mar 14 2022 20:45:59.651.12-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 1295 Level: 0x20
OSPF 1: Intf 10.0.1.1 Rcv InterfaceUp State Down -> Point-to-Point.
<R1>
Mar 14 2022 20:45:59.651.13-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 1409 Level: 0x20
OSPF 1 Send Hello Interface Up on 10.0.1.1
<R1>
Mar 14 2022 20:45:59.651.14-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 1295 Level: 0x20
OSPF 1: Intf 10.0.12.1 Rcv InterfaceUp State Down -> Waiting.
<R1>
Mar 14 2022 20:45:59.651.15-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 1409 Level: 0x20
OSPF 1 Send Hello Interface Up on 10.0.12.1
<R1>
Mar 14 2022 20:46:05-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.12.0.10, Neighbor
Event=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Excha
nge)
<R1>
Mar 14 2022 20:46:05-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[6]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.12.0.10, Neighbor
Event=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loading
)
<R1>
Mar 14 2022 20:46:05-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[7]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.12.0.10, Neighbor
Event=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
<R1>
Mar 14 2022 20:46:05.391.1-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 1136 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv HelloReceived State Down -> Init.
<R1>
Mar 14 2022 20:46:05.391.2-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 1732 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv 2WayReceived State Init -> 2Way.
<R1>
Mar 14 2022 20:46:05.391.3-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 1732 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv AdjOk? State 2Way -> ExStart.
<R1>
Mar 14 2022 20:46:05.391.4-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802c Line: 2107 Level: 0x20
OSPF 1: Intf 10.0.12.1 Rcv BackupSeen State Waiting -> BackupDR.
<R1>
Mar 14 2022 20:46:05.421.1-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 1845 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv NegotiationDone State ExStart -> Exchange.
<R1>
Mar 14 2022 20:46:05.441.1-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 1957 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv ExchangeDone State Exchange -> Loading.
<R1>
Mar 14 2022 20:46:05.461.1-08:00 R1 RM/6/RMDEBUG:
FileID: 0xd017802d Line: 2356 Level: 0x20
OSPF 1: Nbr 10.0.12.2 Rcv LoadingDone State Loading -> Full.
4、在获取了所需的调试输出信息后,尽快使用undo debugging all命令关闭所有的调试功能
<R1>undo debugging all
Info: All possible debugging has been turned off
注意:在华为AR路由器上可以使用ctrl+o快捷执行undo debugging all命令! 5、另一个常用的调试命令是debugging ospf packet hello命令查看OSPF协议的Hello数据包。
<R1>debugging ospf packet
注意:在获取了所需的调试输出信息后,尽快执行undo debugging all命令!
10.3 思考¶
导致OSPF邻居邻接关系不能正常建立的原因通常有哪些? 答: 1、Roter-ID相同 两台设备进行ospf邻居建立,当设备Router-ID一致时,会认为对方为自己发送的报文,不接受ospf邻居建立。 2、区域ID不一致 两台设备的相连接口如果处于不同区域内,会导致ospf邻居建立失败。 3、认证不一致 如果在两台设备接口上配置不同的ospf认证,由于认证失败,会导致ospf邻居建立不起来。 4、掩码不一致(MA网络中) MA网络中需要选DR,BDR,当掩码不一致时,无法选出DR,BDR,从而导致ospf邻居建立失败。 5、hello和dead不一致 两台设备配置hello/dead时间不一致,会导致ospf邻居建立失败。 6、silent-interface(静默端口,端口不收不发) 在端口上配置静默端口命令,端口对于报文,不收不发,没有报文的交流,自然也就无法建立ospf邻居关系。 7、priority(在MA网络中) 在MA网络中,需要选出DR,BDR,当设备优先级都为0时,说明所有设备不参加DR,BDR,的选举,也就导致ospf邻居建立失败 8、network不一致 在配置ospf时,我们会宣告端口地址,使能ospf。当两台设备在相连链路上宣告了完全不同的网段地址,也就导致了ospf邻居建立不起来。 9、MTU值不一致 华为设备默认不开启MTU值检测,但是在遇到华为与其他厂商设备对接建立ospf时,必须在两台设备上同时开始MTU检测,或同时关闭MTU检测,否则会导致ospf邻居建立失败。
十一、OSPF缺省路由¶
11.1 原理概述¶
在OSPF网络环境中,有两种方法可以动态地注入缺省路由。第一种方法是在ASBR上手动注入缺省路由,也就是ASBR向整个OSPF网络泛洪表示缺省路由的Type-5 LSA,其他路由器通过Type-5 LSA所表示的缺省路由来访问外部网络。第二种方法是在Stub区域或Totally Stub区域以及NSSA区域或Totally NSSA区域中,由ABR自动注入缺省路由,也就是ABR向该区域泛洪表示缺省路由的Type-3 LSA或Type-7 LSA,该区域内的路由器通过Type-3 LSA或Type-7 LSA所表示的缺省路由来访问该区域外的任何目的地。
11.2 OSPF 缺省路由配置实验¶
11.2.1 实验目的¶
1、理解和掌握向OSPF网络手动注入缺省路由的方法 2、理解和掌握向OSPF网络自动注入缺省路由的方法
11.2.2 实验内容¶
本实验模拟了一个企业网络场景。R1、R2、R3、R4为企业网络路由器,其中R3和R4为总部路由器,R1和R2分别为分支机构1和分支机构2的路由器。R1和R2的LoopBack 1接口用来模拟分支机构内部的网络,R5模拟了ISP的边界路由器,R5的所有LoopBack接口模拟了各种外部网络。R3和R4之间的链路属于区域0.R1与R3之间的链路属于区域2,R2和R3之间的链路属于区域1.网络需求是实现全网互通。
11.2.3 实验拓扑¶
11.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R1(AR2220) | LoopBack1 | 172.16.1.1 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.23.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R2(AR2220) | LoopBack1 | 172.16.2.1 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.23.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/2 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/0 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/1 | 202.103.68.2 | 255.255.255.252 | N/A |
| R5(AR2220) | GE0/0/0 | 202.103.68.1 | 255.255.255.252 | N/A |
| R5(AR2220) | LoopBack0 | 202.68.1.1 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack1 | 202.68.2.1 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack2 | 202.68.3.1 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack3 | 202.68.4.1 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack4 | 202.68.5.1 | 255.255.255.0 | N/A |
| ### 11.2.5 实验步骤 | ||||
| #### 11.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性 | ||||
| #### 11.2.5.2 配置OSPF路由协议 | ||||
| 1、在路由器R1、R2、R3、R4上完成OSPF协议的配置,每台路由器均使用自己的Loopback 0接口的IP地址作为自己的Router-ID,R3与R4之间的链路位于区域0,R1与R3之间的链路位于区域2,R2与R3之间的链路位于区域1. |
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]network 172.16.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]network 10.0.13.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]network 172.16.2.1 0.0.0.0
[R2-ospf-1-area-0.0.0.1]network 10.0.23.2 0.0.0.0
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 2
[R3-ospf-1-area-0.0.0.2]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.2]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.23.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.34.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.34.4 0.0.0.0
2、配置完成后,查看R4的LSDB。观察到,R4知道去往两个分支机构的内部网络的路由。
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 73 36 80000005 1
Router 10.0.4.4 10.0.4.4 74 36 80000003 1
Network 10.0.34.3 10.0.3.3 73 32 80000002 0
Sum-Net 10.0.13.0 10.0.3.3 465 28 80000001 1
Sum-Net 172.16.2.1 10.0.3.3 465 28 80000001 1
Sum-Net 172.16.1.1 10.0.3.3 465 28 80000001 1
Sum-Net 10.0.23.0 10.0.3.3 465 28 80000001 1
3、R5是ISP的边界路由器,R4是企业边界路由器。在R5上配置一条静态路由指向R4。
[R5]ip route-static 0.0.0.0 0.0.0.0 202.103.68.2
11.2.5.3 向普通区域注入缺省路由¶
1、在R4上使用default-route-advertise 命令注入一条缺省路由。
[R4-ospf-1]default-route-advertise
2、配置完成后,查看R4的LSDB。观察发现没有注入缺省路由。这是因为少了一条缺省静态路由
[R4-ospf-1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 488 36 80000005 1
Router 10.0.4.4 10.0.4.4 10 36 80000004 1
Network 10.0.34.3 10.0.3.3 488 32 80000002 0
Sum-Net 10.0.13.0 10.0.3.3 880 28 80000001 1
Sum-Net 172.16.2.1 10.0.3.3 880 28 80000001 1
Sum-Net 172.16.1.1 10.0.3.3 880 28 80000001 1
Sum-Net 10.0.23.0 10.0.3.3 880 28 80000001 1
3、在R4上配置一条静态缺省路由
[R4]ip route-static 0.0.0.0 0 202.103.68.1
4、配置完成后,继续查看R4的LSDB。观察发现多了一条LinkState ID为0.0.0.0的Type-5 LSA,表示去往外部网络的缺省路由。
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 809 36 80000005 1
Router 10.0.4.4 10.0.4.4 331 36 80000004 1
Network 10.0.34.3 10.0.3.3 809 32 80000002 0
Sum-Net 10.0.13.0 10.0.3.3 1201 28 80000001 1
Sum-Net 172.16.2.1 10.0.3.3 1201 28 80000001 1
Sum-Net 172.16.1.1 10.0.3.3 1201 28 80000001 1
Sum-Net 10.0.23.0 10.0.3.3 1201 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 0.0.0.0 10.0.4.4 20 36 80000001 1
5、测试R1的内网网络与外部网络的联通性。观察到,企业内部已经可以访问外部网络了。
[R1]ping -a 172.16.1.1 202.68.1.1
PING 202.68.1.1: 56 data bytes, press CTRL_C to break
Reply from 202.68.1.1: bytes=56 Sequence=1 ttl=253 time=30 ms
Reply from 202.68.1.1: bytes=56 Sequence=2 ttl=253 time=50 ms
Reply from 202.68.1.1: bytes=56 Sequence=3 ttl=253 time=30 ms
Reply from 202.68.1.1: bytes=56 Sequence=4 ttl=253 time=20 ms
Reply from 202.68.1.1: bytes=56 Sequence=5 ttl=253 time=30 ms
--- 202.68.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/32/50 ms
6、关闭R5的GE0/0/0接口,模拟R4和R5之间的链路出现了故障,导致R4的静态路由失效,R4的路由表中将失去这条缺省路由,导致通过default-route-advertise 发布的缺省路由也随之失效。
[R5-GigabitEthernet0/0/0]shutdown
7、配置完成后,查看R1的LSDB。观察到,表示缺省路由的那条Type-5 LSA已经消失了。
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 127 36 80000005 1
Router 10.0.1.1 10.0.1.1 164 48 80000007 0
Network 10.0.13.1 10.0.1.1 164 32 80000003 0
Sum-Net 10.0.34.0 10.0.3.3 106 28 80000002 1
Sum-Net 172.16.2.1 10.0.3.3 106 28 80000002 1
Sum-Net 10.0.23.0 10.0.3.3 106 28 80000002 1
Sum-Asbr 10.0.4.4 10.0.3.3 1037 28 80000001 1
8、将R5的GE0/0/0接口重新打开。并继续查看R1的LSDB。观察发现,表示缺省路由的LinkState ID为0.0.0.0的Type-5 LSA又出现在R1的LSDB中。可见,动态注入的缺省路由是会受到链路故障影响的。
[R5-GigabitEthernet0/0/0]undo shutdown
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 261 36 80000005 1
Router 10.0.1.1 10.0.1.1 298 48 80000007 0
Network 10.0.13.1 10.0.1.1 298 32 80000003 0
Sum-Net 10.0.34.0 10.0.3.3 240 28 80000002 1
Sum-Net 172.16.2.1 10.0.3.3 240 28 80000002 1
Sum-Net 10.0.23.0 10.0.3.3 240 28 80000002 1
Sum-Asbr 10.0.4.4 10.0.3.3 1171 28 80000001 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 0.0.0.0 10.0.4.4 42 36 80000001 1
9、为了避免链路不稳定所带来的影响,使用default-route-advertise 命令时,添加关键字always.
[R4]ospf
[R4-ospf-1]default-route-advertise always
10、配置完成后,删除静态缺省路由,并在删除之后查看R4的LSDB。观察到,即使删除缺省路由,LSDB中依然存在LinkState ID为0.0.0.0的Type-5 LSA.
[R4]undo ip route-static 0.0.0.0 0 202.103.68.1
[R4]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 276 36 80000006 1
Router 10.0.4.4 10.0.4.4 1598 36 80000004 1
Network 10.0.34.3 10.0.3.3 276 32 80000003 0
Sum-Net 10.0.13.0 10.0.3.3 668 28 80000002 1
Sum-Net 172.16.2.1 10.0.3.3 668 28 80000002 1
Sum-Net 172.16.1.1 10.0.3.3 668 28 80000002 1
Sum-Net 10.0.23.0 10.0.3.3 668 28 80000002 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 0.0.0.0 10.0.4.4 469 36 80000001 1
11.2.5.4 向stub区域或Totally-Stub区域注入缺省路由¶
1、配置区域1为Stub区域
[R3]ospf 1
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]stub
[R2]ospf 1
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]stub
2、配置完成后,查看R2的LSDB.观察到,在R2的LSDB中没有Type-5 LSA,取而代之的是一条表示缺省路由的LinkState ID为0.0.0.0的Type-3 LSA.
[R2]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 102 36 80000005 1
Router 10.0.2.2 10.0.2.2 101 48 80000004 0
Network 10.0.23.3 10.0.3.3 102 32 80000001 0
Sum-Net 0.0.0.0 10.0.3.3 160 28 80000001 1
Sum-Net 10.0.34.0 10.0.3.3 160 28 80000001 1
Sum-Net 10.0.13.0 10.0.3.3 160 28 80000001 1
Sum-Net 172.16.1.1 10.0.3.3 160 28 80000001 1
3、将区域1配置成Totally-Stub区域
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]stub no-summary
4、配置完成后,查看R2的LSDB。观察发现,表示缺省路由的LinkState ID为0.0.0.0的Type-3 LSA依然存在,但其他Type-3 LSA都消失了。
[R2]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 26 36 80000006 1
Router 10.0.2.2 10.0.2.2 20 48 80000009 0
Network 10.0.23.2 10.0.2.2 20 32 80000002 0
Sum-Net 0.0.0.0 10.0.3.3 421 28 80000001 1
11.2.5.5 向NSSA区域或Totally-NSSA区域注入缺省路由¶
1、配置区域2为NSSA区域。
[R1]ospf
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]nssa
[R3]ospf
[R3-ospf-1]area 2
[R3-ospf-1-area-0.0.0.2]nssa
2、配置完成后,查看R1的LSDB。观察发现,NSSA区域2拒绝了Type-5 LSA,取而代之是一条表示缺省路由的Type-7 LSA。
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 104 36 80000005 1
Router 10.0.1.1 10.0.1.1 106 48 80000005 0
Network 10.0.13.3 10.0.3.3 104 32 80000002 0
Sum-Net 10.0.34.0 10.0.3.3 145 28 80000001 1
Sum-Net 172.16.2.1 10.0.3.3 145 28 80000001 1
Sum-Net 10.0.23.0 10.0.3.3 145 28 80000001 1
NSSA 0.0.0.0 10.0.3.3 145 36 80000001 1
3、配置区域2为Totally NSSA区域。
[R3]ospf
[R3-ospf-1]area 2
[R3-ospf-1-area-0.0.0.2]nssa no-summary
4、配置完成后,查看R1的LSDB。观察到,和NSSA区域一样,进入Totally NSSA区域的是一条表示缺省路由的Type-7 LSA.
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 91 36 80000008 1
Router 10.0.1.1 10.0.1.1 87 48 8000000F 0
Network 10.0.13.1 10.0.1.1 87 32 80000002 0
Sum-Net 0.0.0.0 10.0.3.3 97 28 80000001 1
NSSA 0.0.0.0 10.0.3.3 516 36 80000001 1
11.3 思考¶
OSPF ASBR路由器发布的缺省路由能不能被Stub区域中的路由器接收到? 答:可以,Stub区域不允许Type-5 LSA进入,该区域是不可能获得注入的缺省路由。实际上,在配置OSPF的Stub区域时,Stub区域的ABR会自动生成表示缺省路由的Type-3 LSA,并将它泛洪进该区域。Totally Stub区域有着类似的特性,Totally Stub区域虽然不允许Type-3 LSA进入,但是允许表示缺省路由的Type-3 LSA进入。
十二、OSPF故障排除¶
12.1 原理概述¶
OSPF协议故障问题可以大致分为三类:第一类是涉及OSPF邻居关系的建立问题,第二类是涉及OSPF LSA的泛洪问题,第三类是涉及OSPF路由的计算问题。
12.2 OSPF 故障排除配置实验¶
12.2.1 实验目的¶
1、发现和解决区域号不匹配的问题 2、发现和解决Router-ID冲突的问题 3、发现和解决掩码不匹配的问题 4、发现和解决Hello Timer时间不匹配的问题 5、发现和解决认证类型不匹配的问题
12.2.2 实验内容¶
本实验模拟了一个企业的OSPF网络,其中R1与R2、R1与R3、R2与R4之间的链路属于区域0,R3与R4、R3与R5、R4与R6之间的链路属于区域1。显然,如果R1与R2之间的链路出现故障,则整个骨干区域会被分割,因此需要在R3与R4之间建立一条虚链路作为区域0的一条备份链路。实验过程中,会人为地制造一些故障点,然后一步一步地进行故障排除。
12.2.3 实验拓扑¶
12.2.4 实验编制表¶
| 设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
|---|---|---|---|---|
| R1(AR2220) | GE0/0/0 | 10.0.12.1 | 255.255.255.0 | N/A |
| R1(AR2220) | GE0/0/1 | 10.0.13.1 | 255.255.255.0 | N/A |
| R1(AR2220) | LoopBack 0 | 10.0.1.1 | 255.255.255.255 | N/A |
| R2(AR2220) | GE0/0/0 | 10.0.12.2 | 255.255.255.0 | N/A |
| R2(AR2220) | GE0/0/1 | 10.0.24.2 | 255.255.255.0 | N/A |
| R2(AR2220) | LoopBack 0 | 10.0.2.2 | 255.255.255.255 | N/A |
| R3(AR2220) | GE0/0/0 | 10.0.34.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/1 | 10.0.13.3 | 255.255.255.0 | N/A |
| R3(AR2220) | GE0/0/2 | 10.0.35.3 | 255.255.255.0 | N/A |
| R3(AR2220) | LoopBack 0 | 10.0.3.3 | 255.255.255.255 | N/A |
| R4(AR2220) | GE0/0/0 | 10.0.34.4 | 255.255.255.0 | N/A |
| R4(AR2220) | GE0/0/1 | 10.0.24.4 | 255.255.255.0 | N/A |
| R4(AR2220) | GE0/0/2 | 10.0.46.4 | 255.255.255.0 | N/A |
| R4(AR2220) | LoopBack 0 | 10.0.4.4 | 255.255.255.255 | N/A |
| R5(AR2220) | GE0/0/1 | 10.0.35.5 | 255.255.255.0 | N/A |
| R5(AR2220) | LoopBack 0 | 10.0.5.5 | 255.255.255.255 | N/A |
| R6(AR2220) | GE0/0/1 | 10.0.46.6 | 255.255.255.0 | N/A |
| R6(AR2220) | LoopBack 0 | 10.0.6.6 | 255.255.255.255 | N/A |
| ### 12.2.5 实验步骤 | ||||
| #### 12.2.5.1 基本配置 | ||||
| 根据实验编址表,并使用Ping命令检测R1与R2之间的连通性 | ||||
| #### 12.2.5.2 配置OSPF路由协议 | ||||
| 1、配置OSPF协议,其中R1与R2、R1与R3、R2与R4之间的链路属于区域0,R3和R4、R3和R5、R4和R6之间的链路属于区域1,R3和R4配置虚链路。 |
[R1]router id 10.0.1.1
Info: Router ID has been modified, please reset the relative protocols manually
to update the Router ID.
[R1]ospf 1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R2]router id 10.0.2.2
[R2]ospf 1
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.24.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R3]router id 10.0.3.3
Info: Router ID has been modified, please reset the relative protocols manually
to update the Router ID.
[R3]ospf 1
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]network 10.0.34.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.4.4
[R4]router id 10.0.4.4
R4]ospf
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 10.0.24.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.46.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 10.0.34.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
[R5]router id 10.0.5.5
[R5]ospf
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0
[R5-ospf-1-area-0.0.0.1]network 10.0.5.5 0.0.0.0
[R6]router id 10.0.6.6
[R6]ospf
[R6-ospf-1]area 1
[R6-ospf-1-area-0.0.0.1]network 10.0.6.6 0.0.0.0
[R6-ospf-1-area-0.0.0.1]network 10.0.46.6 0.0.0.0
2、配置完成后,在R2、R3、R4上查看OSPF邻居建立情况。观察到,邻居邻接关系都已成功建立。
[R2]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 10.0.1.1 Full
0.0.0.0 GigabitEthernet0/0/1 10.0.4.4 Full
----------------------------------------------------------------------------
[R3]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.1.1 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.4.4 Full
0.0.0.1 GigabitEthernet0/0/2 10.0.5.5 Full
----------------------------------------------------------------------------
[R4]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
0.0.0.1 GigabitEthernet0/0/2 10.0.6.6 Full
----------------------------------------------------------------------------
12.2.5.3 添加OSPF故障点¶
1、故障一:将路由器R5的GE0/0/1接口通告进区域2,此时R3和R5邻居关系无法建立。
[R5]ospf 1
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]undo network 10.0.35.5 0.0.0.0
[R5-ospf-1-area-0.0.0.1]area 2
[R5-ospf-1-area-0.0.0.2]network 10.0.35.5 0.0.0.0
2、故障二:将R2的Router-ID修改为10.0.1.1,并重启OSPF进程。此时R2与R1因Router-ID冲突,邻居关系无法建立。
[R2]router id 10.0.1.1
Info: Router ID has been modified, please reset the relative protocols manually
to update the Router ID.
[R2]qu
<R2>reset ospf process
3、故障三:将R2的GE0/0/0接口的IP地址掩码改成255.255.255.128.此时,Hello报文携带了掩码信息,因为链路两端接口的掩码不匹配,则邻居关系无法建立。
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.0.12.2 25
4、故障四:将R1的GE0/0/1接口的Hello Timer的时间修改为100s。此时,R1因和其他相邻路由器的Hello报文中的Hello Timer的时间不一致,导致无法建立邻居关系。
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ospf timer hello 100
5、故障五:将R4的GE0/0/2接口配置为简单明文认证类型,R6的GE0/0/1接口配置为MD5加密认证类型。此时因认证类型不同,无法建立邻居关系
[R4]int g0/0/2
[R4-GigabitEthernet0/0/2]ospf authentication-mode simple
[R4-GigabitEthernet0/0/2]ospf authentication simple huawei
[R6]int g0/0/1
[R6-GigabitEthernet0/0/1]ospf authentication-mode md5
[R6-GigabitEthernet0/0/1]ospf authentication md5 1 huawei
6、故障六:配置R3与R4之间的虚链路时,使用不一致的认证类型。虚链路上的Hello报文(单播报文)的认证类型不匹配,双方不能建立虚链路关系。
[R3]ospf 1
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.4.4 simple huawei hello 10 dead 40
[R4]ospf
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3 md5 1 huawei hello 10 dead 40
12.2.5.4 排除OSPF的邻居关系故障¶
1、在R5上使用display ospf peer命令查看邻居关系,观察到无邻居。
[R5]dis ospf peer
OSPF Process 1 with Router ID 10.0.5.5
2、使用reset ospf counter命令清空OSPF计数器,然后使用dis ospf error 命令查看错误报文信息,观察到,在Bad area id处显示错误数据计数
<R5>reset ospf counter
<R5>dis ospf error
OSPF Process 1 with Router ID 10.0.5.5
OSPF error statistics
General packet errors:
0 : IP: received my own packet 0 : Bad packet
0 : Bad version 0 : Bad checksum
20 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 0 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 0 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
3、查看R5的OSPF配置情况。观察到R5的GE0/0/1接口(10.0.35.5)本应该属于区域1,现在却属于区域2.
[R5]ospf 1
[R5-ospf-1]dis th
[V200R003C00]
#
ospf 1
area 0.0.0.1
network 10.0.5.5 0.0.0.0
area 0.0.0.2
network 10.0.35.5 0.0.0.0
#
return
4、修改R5的GE0/0/1接口的区域配置。
[R5]ospf
[R5-ospf-1]area 2
[R5-ospf-1-area-0.0.0.2]undo network 10.0.35.5 0.0.0.0
[R5-ospf-1-area-0.0.0.2]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0
5、修改后,在R5上查看邻居关系建立情况。观察到R3是它的邻居,与实际情况相符。
[R5]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.5.5
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/1 10.0.3.3 Full
----------------------------------------------------------------------------
6、查看R3的邻居关系,观察发现R3与R4、R5建立邻居关系,但是未与R1建立邻居关系
[R3]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/0 10.0.4.4 Full
0.0.0.1 GigabitEthernet0/0/2 10.0.5.5 Full
----------------------------------------------------------------------------
7、查看R3收到的错数据包,观察到Hello timer mismatch处有错误数据包计数,说明hello timer时间不匹配。
[R3]dis ospf error
OSPF Process 1 with Router ID 10.0.3.3
OSPF error statistics
General packet errors:
0 : IP: received my own packet 126 : Bad packet
0 : Bad version 0 : Bad checksum
194 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 109 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 17 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 0 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
8、查看R1的GE0/0/1和R3的GE0/0/1接口的OSPF状态。观察到,两个接口配置的Hello Timer时间不匹配。
[R3]dis ospf interface g0/0/1
OSPF Process 1 with Router ID 10.0.3.3
Interfaces
Interface: 10.0.13.3 (GigabitEthernet0/0/1)
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.13.3
Backup Designated Router: 0.0.0.0
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1
[R1]dis ospf int g0/0/1
OSPF Process 1 with Router ID 10.0.13.1
Interfaces
Interface: 10.0.13.1 (GigabitEthernet0/0/1)
Cost: 1 State: DR Type: Broadcast MTU: 1500
Priority: 1
Designated Router: 10.0.13.1
Backup Designated Router: 0.0.0.0
Timers: Hello 100 , Dead 400 , Poll 120 , Retransmit 5 , Transmit Delay 1
9、修改R1的GE0/0/1接口的Hello Timer时间为10s,稍等片刻后,查看R1的邻居关系。观察到,邻居关系建立成功。但是只有R3。
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ospf timer hello 10
[R1]dis ospf peer bri
OSPF Process 1 with Router ID 10.0.13.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.3.3 Full
----------------------------------------------------------------------------
10、在R2上查看是否接收到错误数据包。观察到,在Netmask mismatch处有错误数据包计数。
[R2]dis ospf error
OSPF Process 1 with Router ID 10.0.2.2
OSPF error statistics
General packet errors:
0 : IP: received my own packet 221 : Bad packet
0 : Bad version 0 : Bad checksum
0 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 0 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
221 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 0 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
11、查看R2的接口信息,观察到,R2的GE0/0/0接口的子网掩码为255.255.255.128,导致了不能与R1建立邻居关系。
[R2]dis ip int br
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.0.12.2/25 up up
GigabitEthernet0/0/1 10.0.24.2/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 10.0.2.2/32 up up(s)
NULL0 unassigned up up(s)
12、修改R2的GE0/0/0接口的子网掩码,使链路两端接口的掩码一致。观察发现,未与R1建立起邻居关系。
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.0.12.2 24
13、在R2上查看OSPF错包,发现在Router id confusion处有错误数据包计数
<R2>dis ospf error
OSPF Process 1 with Router ID 10.0.1.1
OSPF error statistics
General packet errors:
0 : IP: received my own packet 0 : Bad packet
0 : Bad version 0 : Bad checksum
0 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 0 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
39 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 3 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
14、使用dis ospf routing router-id 命令查看R1和R2的Router id,观察到R2与R1具有相同的Router-ID,发生了冲突。
<R1>dis ospf routing router-id
OSPF Process 1 with Router ID 10.0.1.1
Router Type URT Routing Tables
RtType Destination Area Cost Nexthop Type
Intra-area 10.0.3.3 0.0.0.0 1 10.0.13.3 ABR
<R2>dis ospf routing router-id
OSPF Process 1 with Router ID 10.0.1.1
Router Type URT Routing Tables
RtType Destination Area Cost Nexthop Type
Intra-area 10.0.4.4 0.0.0.0 1 10.0.24.4 ABR
15、修改R2的Router-ID,重启R2的OSPF进程,然后查看R2上的邻居情况。
[R2]router id 10.0.2.2
Info: Router ID has been modified, please reset the relative protocols manually
to update the Router ID.
[R2]qu
<R2>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
<R2>dis ospf peer bri
OSPF Process 1 with Router ID 10.0.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 10.0.1.1 Full
0.0.0.0 GigabitEthernet0/0/1 10.0.4.4 Full
----------------------------------------------------------------------------
16、在R4上查看邻居情况,观察到,R4和R6没有建立起邻居关系
<R4>dis ospf peer brief
OSPF Process 1 with Router ID 10.0.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
17、查看R4是否接收到错误数据包,观察到,Bad authentication type处有错误数据包计数。
<R4>dis ospf error
OSPF Process 1 with Router ID 10.0.4.4
OSPF error statistics
General packet errors:
0 : IP: received my own packet 184 : Bad packet
0 : Bad version 0 : Bad checksum
1 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 184 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 11 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
18、在R4上查看G0/0/2接口下的认证配置以及R6上G0/0/1接口下的认证配置,观察发现认证类型配置不一致,导致无法建立邻居关系。
[R4-GigabitEthernet0/0/2]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/2
ip address 10.0.46.4 255.255.255.0
ospf authentication-mode simple cipher %$%$ZNR|QFoTBVmF]!-v|yB']hHj%$%$
#
return
[R6-GigabitEthernet0/0/1]dis th
[V200R003C00]
#
interface GigabitEthernet0/0/1
ip address 10.0.46.6 255.255.255.0
ospf authentication-mode md5 1 cipher %$%$6LjM,g4fVNRc'MCv(`K7]hF0%$%$
19、修改R4上的GE0/0/2接口的认证类型。
[R4-GigabitEthernet0/0/2]ospf authentication-mode md5
[R4-GigabitEthernet0/0/2]ospf authentication md5 1 huawei
20、在R4上查看邻居关系。观察到R4和R6建立起邻居关系。
[R4]dis ospf peer brief
OSPF Process 1 with Router ID 10.0.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/1 10.0.2.2 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
0.0.0.1 GigabitEthernet0/0/2 10.0.6.6 Full
----------------------------------------------------------------------------
21、测试R5与R6的LoopBack0接口间的连通性,观察发现连通性正常。至此,故障点1至故障点5得到了排除。
<R5>ping -a 10.0.5.5 10.0.6.6
PING 10.0.6.6: 56 data bytes, press CTRL_C to break
Reply from 10.0.6.6: bytes=56 Sequence=1 ttl=253 time=70 ms
Reply from 10.0.6.6: bytes=56 Sequence=2 ttl=253 time=40 ms
Reply from 10.0.6.6: bytes=56 Sequence=3 ttl=253 time=40 ms
Reply from 10.0.6.6: bytes=56 Sequence=4 ttl=253 time=50 ms
Reply from 10.0.6.6: bytes=56 Sequence=5 ttl=253 time=40 ms
--- 10.0.6.6 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/48/70 ms
12.2.5.5 排除OSPF的虚链路故障¶
1、在R3和R4上使用dis ospf vlink命令查看虚链路的建立情况。观察到,R3和R4之间虚链路的状态出现了问题。
<R3>dis ospf vlink
OSPF Process 1 with Router ID 10.0.3.3
Virtual Links
Virtual-link Neighbor-id -> 10.0.4.4, Neighbor-State: Down
Interface: 10.0.34.3 (GigabitEthernet0/0/0)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
[R4]dis ospf vlink
OSPF Process 1 with Router ID 10.0.4.4
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Down
Interface: 10.0.34.4 (GigabitEthernet0/0/0)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
2、使用dis ospf error命令在R3和R4上查看错误数据包信息。观察到Bad authentication type处有错误数据包计数。
<R3>dis ospf error
OSPF Process 1 with Router ID 10.0.3.3
OSPF error statistics
General packet errors:
0 : IP: received my own packet 160 : Bad packet
0 : Bad version 0 : Bad checksum
0 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 160 : Bad authentication type
0 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 0 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
[R4]dis ospf error
OSPF Process 1 with Router ID 10.0.4.4
OSPF error statistics
General packet errors:
0 : IP: received my own packet 285 : Bad packet
0 : Bad version 0 : Bad checksum
1 : Bad area id 0 : Drop on unnumbered interface
0 : Bad virtual link 283 : Bad authentication type
2 : Bad authentication key 0 : Packet too small
0 : Packet size > ip length 0 : Transmit error
0 : Interface down 0 : Unknown neighbor
0 : Bad net segment 0 : Extern option mismatch
0 : Router id confusion
HELLO packet errors:
0 : Netmask mismatch 0 : Hello timer mismatch
0 : Dead timer mismatch 0 : Virtual neighbor unknown
0 : NBMA neighbor unknown 0 : Invalid Source Address
DD packet errors:
0 : Neighbor state low 0 : Unknown LSA type
0 : MTU option mismatch
LS ACK packet errors:
0 : Neighbor state low 0 : Unknown LSA type
LS REQ packet errors:
0 : Neighbor state low 0 : Empty request
0 : Bad request
LS UPD packet errors:
0 : Neighbor state low 0 : Newer self-generate LSA
0 : LSA checksum bad 11 : Received less recent LSA
0 : Unknown LSA type
Opaque errors:
0 : 9-out of flooding scope 0 : 10-out of flooding scope
0 : 11-out of flooding scope 0 : Unkown TLV type
Retransmission for packet over Limitation errors:
0 : Number for DD Packet 0 : Number for Update Packet
0 : Number for Request Packet
Receive Grace LSA errors:
0 : Number of invalid LSAs 0 : Number of policy failed LSAs
0 : Number of wrong period LSAs
Configuration errors:
0 : Tunnel cost mistake
3、查看虚链路配置核实是否存在错误。观察到,虚链路上配置的认证类型不匹配。
[R3-ospf-1]dis th
[V200R003C00]
#
ospf 1
area 0.0.0.0
network 10.0.3.3 0.0.0.0
network 10.0.13.3 0.0.0.0
area 0.0.0.1
network 10.0.34.3 0.0.0.0
network 10.0.35.3 0.0.0.0
vlink-peer 10.0.4.4 simple cipher %$%$$-&u*9rg[#xaZ2V7BeyM]h`i%$%$
[R4-ospf-1]dis th
[V200R003C00]
#
ospf 1
area 0.0.0.0
network 10.0.4.4 0.0.0.0
network 10.0.24.4 0.0.0.0
area 0.0.0.1
network 10.0.34.4 0.0.0.0
network 10.0.46.4 0.0.0.0
vlink-peer 10.0.3.3 md5 1 cipher %$%$Jf:5FDDU3D'qsQ:(o=WU]i^6%$%$
4、修改R4的G0/0/0接口的认证类型
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3 simple huawei hello 10 dead 40
5、再次在R4上查看虚链路的状态。观察到R3和R4之间的虚链路邻居状态为Full,说明虚链路的邻居关系已经正常。
[R4]dis ospf vlink
OSPF Process 1 with Router ID 10.0.4.4
Virtual Links
Virtual-link Neighbor-id -> 10.0.3.3, Neighbor-State: Full
Interface: 10.0.34.4 (GigabitEthernet0/0/0)
Cost: 1 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
12.3 思考¶
在一个OSPF网络中,如果两台路由器的Router-ID相同,但它们是不同区域(Area)中的内部路由器,那么这种情况会对OSPF协议运行造成什么影响呢?如果它们是同一区域中的内部路由器,情况又如何? 答:无法建立邻居。