OSPF综合实验报告册
ospf思维导图:
实验拓扑:
实验要求:
1.R4为ISP,其上只能配置IP地址;R4与其他所有直连设备使用公有IP
2.R3---R5、R6、R7为MGRE环境,R3为中心站点
3、整个OSPF环境IP基于172.16.0.0/16划分;除了R12有两个环回,其他路由器均有一个环回IP
4.所有设备均可访问R4的环回
5.减少LSA的更新量,加快收敛,保障更新安全
6.全网可达
实验分析:
1.地址规划
由于OSPF 基于区域汇总,图中有6个区域,因此我们先借三位划分为8个网段,又根据实际需求一个广播域50台主机左右,故子网掩码为25位。
172.16.0.0 /19 ---area 0
172.16.0.0 /25 172.16.0.128 /25 172.16.1.0 /25 172.16.1.128/25....172.16.31.128
172.16.0.0 /25 p2p 骨干 172.16.0.0/30 172.16.0.4/30
172.16.0.128 /25 MA 骨干 172.16.0.128 /29 --MGRE 172.16.0.136/29
172.16.32.0 /19---area 1
172.16.64.0 /19--- area 2
172.16.96.0 /19--- area3
172.16.128.0 /19---area 4
172.16.160.0 /19---rip 172.16.160.0/20 172.16.176.0/20
172.16.192.0 /19
-----备用
172.16.224.0 /19
2.在R3--R5/R6/R7配置MGRE
R3---R5/6/7为MGRE环境,R3为中心站点,其他为站点找R1注册,默认的接口为P2P,我们需要修改为广播,并在R5/R6/R7修改接口优先级使得DR为R3,并配置缺省
R3:
interface LoopBack0
ip address 172.16.34.1 255.255.255.128
interface GigabitEthernet0/0/2
ip address 43.1.1.1 255.255.255.0
ip route-static 0.0.0.0 0.0.0.0 43.1.1.2 ----缺省
interface Tunnel0/0/0
ip address 172.16.0.129 255.255.255.248
tunnel-protocol gre p2mp
source 43.1.1.1
ospf network-type broadcast ---修改默认点到点类型为broadcast
nhrp entry multicast dynamic
nhrp network-id 100
R4:
interface LoopBack0
ip address 4.4.4.4 255.255.255.0
interface GigabitEthernet0/0/0
ip address 43.1.1.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 45.1.1.1 255.255.255.0
interface GigabitEthernet0/0/2
ip address 46.1.1.1 255.255.255.0
interface GigabitEthernet4/0/0
ip address 47.1.1.1 255.255.255.0
R5:
interface LoopBack0
ip address 172.16.1.1 255.255.255.128
interface GigabitEthernet0/0/0
ip address 45.1.1.2 255.255.255.0
ip route-static 0.0.0.0 0.0.0.0 45.1.1.1
interface Tunnel0/0/0
ip address 172.16.0.130 255.255.255.248
tunnel-protocol gre p2mp
source 45.1.1.2
ospf network-type broadcast ---修改默认点到点类型为broadcast
ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
nhrp network-id 100
nhrp entry 172.16.0.129 43.1.1.1 register
R6:
interface LoopBack0
ip address 172.16.1.129 255.255.255.128
interface GigabitEthernet0/0/0
ip address 46.1.1.2 255.255.255.0
ip route-static 0.0.0.0 0.0.0.0 46.1.1.1
interface Tunnel0/0/0
ip address 172.16.0.131 255.255.255.248
tunnel-protocol gre p2mp
source 46.1.1.2
ospf network-type broadcast ---修改默认点到点类型为broadcast
ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
nhrp network-id 100
nhrp entry 172.16.0.129 43.1.1.1 register
R7:
interface LoopBack0
ip address 172.16.2.1 255.255.255.128
Interface GigabitEthernet0/0/0
ip address 47.1.1.2 255.255.255.0
ip route-static 0.0.0.0 0.0.0.0 47.1.1.1
interface Tunnel0/0/0
ip address 172.16.0.132 255.255.255.248
tunnel-protocol gre p2mp
source 47.1.1.2
ospf network-type broadcast ---修改默认点到点类型为broadcast
ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
nhrp network-id 100
nhrp entry 172.16.0.129 43.1.1.1 register
配置完成后,我们可以从R3上测试R5/R6/R7
3.配置IP地址
根据上图和已做出的IP规划配置IP地址,配置完成后进行ping测试IP地址配置是否正确
4.配置OSPF和RIP
R1:
ospf 1 router-id 1.1.1.1
area 0.0.0.1
network 172.16.0.0 0.0.255.255
R2:
ospf 1 router-id 2.2.2.2
area 0.0.0.1
network 172.16.0.0 0.0.255.255
R3:
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 172.16.0.129 0.0.0.0
area 0.0.0.1
network 172.16.32.0 0.0.3.255
R5:
ospf 1 router-id 5.5.5.5
area 0.0.0.0
network 172.16.0.0 0.0.255.255
R6:
ospf 1 router-id 6.6.6.6
area 0.0.0.0
network 172.16.0.0 0.0.1.255
area 0.0.0.2
network 172.16.64.1 0.0.0.0
R7:
ospf 1 router-id 7.7.7.7
area 0.0.0.0
network 172.16.0.0 0.0.3.255
area 0.0.0.3
network 172.16.96.1 0.0.0.0
R8:
ospf 1 router-id 8.8.8.8
area 0.0.0.3
network 172.16.0.0 0.0.255.255
R9:
ospf 1 router-id 9.9.9.9
area 0.0.0.3
network 172.16.96.6 0.0.0.0
area 0.0.0.4
network 172.16.128.0 0.0.1.255
R10:
ospf 1 router-id 10.10.10.10
area 0.0.0.4
network 172.16.0.0 0.0.255.255
R11:
ospf 1 router-id 11.11.11.11
area 0.0.0.2
network 172.16.0.0 0.0.255.255
R12:
ospf 1 router-id 12.12.12.12
area 0.0.0.2
network 172.16.64.6 0.0.0.0
rip 1
version 2
network 172.16.0.0
配置完OSPF后,我们需要查看邻居表,查看邻居是否建立
5.重发布
通过查看路由表,发现还缺少area 4和rip 的 路由 ,根据拓扑我们需要在R12上对RIP进行重发布
在R9上对area 4进行多进程重发布
R9:
首先我们需要删除之前在R9上配置的area 4的ospf1进程
ospf 2
area 0.0.0.4
network 172.16.128.0 0.0.1.255
ospf 1
import-route ospf 2 ----将进程2宣告给进程1
R12:
将RIP宣告进ospf 1 进程
ospf 1
import-route rip 1
宣告完成后 ,此时路由表路由条目已经齐全,但我们还需要做减少LSA的更新量,加快收敛,保障更新安全
6.路由汇总
我们需要进行在R3 /R6/R7---区域间路由汇总,R12---rip路由汇总,R9----区域外路由汇总
区域间路由汇总
R3:
ospf 1
area 1
abr-summary 172.16.32.0 255.255.224.0
R6:
ospf 1
area 2
abr-summary 172.16.64.0 255.255.224.0
R7:
ospf 1
area 3
abr-summary 172.16.96.0 255.255.224.0
区域外路由汇总
R9:
ospf 1
area 3
asbr-summary 172.16.128.0 255.255.224.0
rip路由汇总
R12:
ospf 1
area 2
asbr-summary 172.16.160.0 255.255.224.0
7.特殊区域
area 1 完全末梢 area 2 完全nssa area 3 完全nssa R9---OSPF 缺省指向R10
area 1 完全末梢
R1:
ospf 1 router-id 1.1.1.1
area 0.0.0.1
stub
R2:
ospf 1 router-id 2.2.2.2
area 0.0.0.1
stub
R3:
ospf 1 router-id 3.3.3.3
area 0.0.0.1
stub no-summary
area 2 完全nssa
R6:
ospf 1 router-id 6.6.6.6
area 0.0.0.2
nssa no-summary
R11:
ospf 1 router-id 11.11.11.11
area 0.0.0.2
nssa
R12:
ospf 1 router-id 12.12.12.12
area 0.0.0.2
nssa
area 3 完全nssa
R7:
ospf 1 router-id 7.7.7.7
area 0.0.0.3
nssa no-summary
R8:
ospf 1 router-id 8.8.8.8
area 0.0.0.3
nssa
R9:
ospf 1 router-id 9.9.9.9
area 0.0.0.3
nssa
R9-OSPF 缺省指向R10
R9:
ospf 2
default-route-advertise
8.NAT
从局域网访问ISP需要进行地址转换,我们需要在R3、R6、R7做NAT
R3:
acl number 2000
rule 5 permit source 172.16.0.0 0.0.255.255
interface GigabitEthernet0/0/2
nat outbound 2000
R6:
acl number 2000
rule 5 permit source 172.16.0.0 0.0.255.255
interface GigabitEthernet0/0/0
nat outbound 2000
R7:
acl number 2000
rule 5 permit source 172.16.0.0 0.0.255.255
interface GigabitEthernet0/0/0
nat outbound 2000
9.防环,空接口
由于存在缺省路由,在R9和R12上会出现环路,在R3、R6、R7上虽然不会出环,但会占用资源,所以我们需要设置空接口。
设置空接口
R3:
ip route-static 172.16.32.0 255.255.224.0 NULL0
R6:
ip route-static 172.16.64.0 255.255.224.0 NULL0
R7:
ip route-static 172.16.96.0 255.255.224.0 NULL0
R9:
ip route-static 172.16.128.0 255.255.224.0 NULL0
R12:
ip route-static 172.16.160.0 255.255.224.0 NULL0
10.测试验证
