OSPF综合实验

Posted 2021-12-15 养一只金毛呗

文章目录

• OSPF综合实验
• • 实验拓扑
  • 实验要求
  • 实验步骤
  • • 1.配置IP地址略
    • 2.配置OSPF和静默接口
    • 3.修改R2和R4之间的链路开销
    • 4.对到192.168.2.0的流量提供备份
    • 5.配置area100为stub区域
    • 6.聚合area10的业务网段
    • 7.修改cost值避免出现等价路由
    • 8.area0配置区域验证，密钥为123456
    • 9.R2配置默认路由并引入到OSPF
    • 10.R2配置easy ip

OSPF综合实验

实验拓扑

实验要求

1. 按图示配置IP地址
2. 除了R7，其余路由器配置OSPF，L0作为Router-id，R1和R6有两个业务网段，业务网段中不能出现协议报文
3. area10和area100业务流量默认走R3-R5，如果出现链路故障，则切换到R2-R4
4. R2和 R4之间的链路只对到192.168.2.0的流量提供备份
5. area100配置为stub区域
6. 其他区域不能出现area10的业务网段明细路由
7. 调整链路cost值，避免出现等价路由
8. area0配置区域验证，密钥为123456
9. R2配置默认路由指向R7，并将默认路由引入到OSPF
10. R2配置easy ip，只允许192.168.0.0/24和192.168.2.0/24访问互联网

实验步骤

1.配置IP地址略

2.配置OSPF和静默接口

R1
#业务网段中不能出现协议报文，所以要配置静默接口
ospf 1 router-id 1.1.1.1
 silent-interface LoopBack1 
 silent-interface LoopBack2
 area 0.0.0.10
  network 10.1.1.0 0.0.0.255
  network 10.2.2.0 0.0.0.255
  network 192.168.0.0 0.0.0.255
  network 192.168.1.0 0.0.0.255
#
--------------------------------------------------------
R2
#
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  network 10.3.3.0 0.0.0.255
  network 10.4.4.0 0.0.0.255
 area 0.0.0.10
  network 10.1.1.0 0.0.0.255
#
--------------------------------------------------------
R3
#
ospf 1 router-id 3.3.3.3
 area 0.0.0.0
  network 10.3.3.0 0.0.0.255
  network 10.5.5.0 0.0.0.255
 area 0.0.0.10
  network 10.2.2.0 0.0.0.255
#
--------------------------------------------------------
R4
#
ospf 1 router-id 4.4.4.4
 area 0.0.0.0
  network 10.4.4.0 0.0.0.255
 area 0.0.0.100
  network 10.6.6.0 0.0.0.255
  network 10.7.7.0 0.0.0.255
#
--------------------------------------------------------
R5
#
ospf 1 router-id 5.5.5.5
 area 0.0.0.0
  network 10.5.5.0 0.0.0.255
 area 0.0.0.100
  network 10.6.6.0 0.0.0.255
  network 10.8.8.0 0.0.0.255
#
--------------------------------------------------------
R6
#业务网段中不能出现协议报文，所以要配置静默接口
ospf 1 router-id 6.6.6.6
 silent-interface LoopBack1
 silent-interface LoopBack2
 area 0.0.0.100
  network 10.7.7.0 0.0.0.255
  network 10.8.8.0 0.0.0.255
  network 192.168.2.0 0.0.0.255
  network 192.168.3.0 0.0.0.255
#

配置完后查看邻居是否都起来了

R1有两个邻居
[R1]display ospf peer 

         OSPF Process 1 with Router ID 1.1.1.1
               Neighbor Brief Information

 Area: 0.0.0.10       
 Router ID       Address         Pri Dead-Time  State             Interface
 2.2.2.2         10.1.1.2        1   35         Full/DR           GE0/0
 3.3.3.3         10.2.2.3        1   34         Full/DR           GE0/1
 --------------------------------------------------------
 R2有三个邻居
 [R2]display ospf peer 

         OSPF Process 1 with Router ID 2.2.2.2
               Neighbor Brief Information

 Area: 0.0.0.0        
 Router ID       Address         Pri Dead-Time  State             Interface
 3.3.3.3         10.3.3.3        1   37         Full/DR           GE0/1
 4.4.4.4         10.4.4.4        1   33         Full/DR           GE0/2

 Area: 0.0.0.10       
 Router ID       Address         Pri Dead-Time  State             Interface
 1.1.1.1         10.1.1.1        1   34         Full/BDR          GE0/0
 --------------------------------------------------------
 R3有三个邻居
 [R3]display ospf peer 

         OSPF Process 1 with Router ID 3.3.3.3
               Neighbor Brief Information

 Area: 0.0.0.0        
 Router ID       Address         Pri Dead-Time  State             Interface
 2.2.2.2         10.3.3.2        1   35         Full/BDR          GE0/1
 5.5.5.5         10.5.5.5        1   36         Full/DR           GE0/2

 Area: 0.0.0.10       
 Router ID       Address         Pri Dead-Time  State             Interface
 1.1.1.1         10.2.2.1        1   40         Full/BDR          GE0/0
 --------------------------------------------------------
 R4有三个邻居
 [R4]display ospf peer

         OSPF Process 1 with Router ID 4.4.4.4
               Neighbor Brief Information

 Area: 0.0.0.0        
 Router ID       Address         Pri Dead-Time  State             Interface
 2.2.2.2         10.4.4.2        1   38         Full/BDR          GE0/1

 Area: 0.0.0.100      
 Router ID       Address         Pri Dead-Time  State             Interface
 6.6.6.6         10.7.7.6        1   39         Full/DR           GE0/0
 5.5.5.5         10.6.6.5        1   37         Full/DR           GE0/2
 --------------------------------------------------------
 R5有三个邻居
 [R5]display ospf peer

         OSPF Process 1 with Router ID 5.5.5.5
               Neighbor Brief Information

 Area: 0.0.0.0        
 Router ID       Address         Pri Dead-Time  State             Interface
 3.3.3.3         10.5.5.3        1   35         Full/BDR          GE0/1

 Area: 0.0.0.100      
 Router ID       Address         Pri Dead-Time  State             Interface
 6.6.6.6         10.8.8.6        1   35         Full/DR           GE0/0
 4.4.4.4         10.6.6.4        1   30         Full/BDR          GE0/2
 --------------------------------------------------------
 R6有两个邻居
 [R6]display ospf peer

         OSPF Process 1 with Router ID 6.6.6.6
               Neighbor Brief Information

 Area: 0.0.0.100      
 Router ID       Address         Pri Dead-Time  State             Interface
 4.4.4.4         10.7.7.4        1   36         Full/BDR          GE0/0
 5.5.5.5         10.8.8.5        1   38         Full/BDR          GE0/1

3.修改R2和R4之间的链路开销

R2
#增加R2R4之间的链路开销，使area10和area100业务流量默认走R3-R5
interface GigabitEthernet0/2
 ospf cost 1000
#
--------------------------------------------------------
R4
#
interface GigabitEthernet0/1
 ospf cost 1000
#

修改完后在R1查看路由表，发现去往192.168.2.0网段的路由下一跳为10.2.2.3，说明业务流量走R3-R5，在R6上查看去往192.168.0.0网段的路由也是如此

[R1]display ip routing-table 
Destinations : 29       Routes : 29
Destination/Mask   Proto   Pre Cost        NextHop         Interface
192.168.2.1/32     O_INTER 10  901         10.2.2.3        GE0/1

假如把R3的G0/0断掉，去往192.168.2.0网段的路由下一跳就会变成10.1.1.2

[R3]int g0/0
[R3-GigabitEthernet0/0]shutdown
--------------------------------------------------------
[R1]display ip routing-table 
Destinations : 26       Routes : 26
Destination/Mask   Proto   Pre Cost        NextHop         Interface
192.168.2.1/32     O_INTER 10  1301        10.1.1.2        GE0/0

4.对到192.168.2.0的流量提供备份

R4
#要求只对192.168.2.0的流量备份，所以可以把192.168.3.0的流量过滤掉
ospf 1 router-id 4.4.4.4
 area 0.0.0.100
  abr-summary 192.168.3.0 255.255.255.0 not-advertise
#

5.配置area100为stub区域

R4
#stub区域内的所有路由器都要配置成stub，否则邻居可能起不来
ospf 1 router-id 4.4.4.4
 area 0.0.0.100
  stub
#
--------------------------------------------------------
R5
#
ospf 1 router-id 5.5.5.5
 area 0.0.0.100
  stub
#
--------------------------------------------------------
R6
#
ospf 1 router-id 6.6.6.6
 area 0.0.0.100
  stub
#

6.聚合area10的业务网段

R2
#
ospf 1 router-id 2.2.2.2
 area 0.0.0.10
  abr-summary 192.168.0.0 255.255.254.0
#
--------------------------------------------------------
R3
#
ospf 1 router-id 3.3.3.3
 area 0.0.0.10
  abr-summary 192.168.0.0 255.255.254.0
#

7.修改cost值避免出现等价路由

R1
#
interface GigabitEthernet0/0
 ospf cost 300
interface GigabitEthernet0/1
 ospf cost 400
#
--------------------------------------------------------
R2
#
interface GigabitEthernet0/0
 ospf cost 300
interface GigabitEthernet0/1
 ospf cost 500
#
--------------------------------------------------------
R3
#
interface GigabitEthernet0/0
 ospf cost 400
interface GigabitEthernet0/1
 ospf cost 500
#
R4R5R6配置类似

8.area0配置区域验证，密钥为123456

R2
#密钥配错了，邻居也起不来
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  authentication-mode simple plain 123456
#
--------------------------------------------------------
R3
#
ospf 1 router-id 3.3.3.3
 area 0.0.0.0
  authentication-mode simple cipher plain 123456
#
--------------------------------------------------------
R4
#
ospf 1 router-id 4.4.4.4
 area 0.0.0.0
  authentication-mode simple cipher plain 123456
#
--------------------------------------------------------
R5
#
ospf 1 router-id 5.5.5.5
 area 0.0.0.0
  authentication-mode simple cipher plain 123456
#

9.R2配置默认路由并引入到OSPF

R2
#
 ip route-static 0.0.0.0 0 200.1.1.7
#
ospf 1 router-id 2.2.2.2
 default-route-advertise
#

10.R2配置easy ip

R2
#
acl basic 2000
 rule 0 permit source 192.168.0.0 0.0.0.255
 rule 5 permit source 192.168.2.0 0.0.0.255
#
interface GigabitEthernet5/0
 nat outbound 2000
#

配置完后只有192.168.0.0/24和192.168.2.0/24这两个网段可以ping通R7

[R1]ping -a 192.168.0.1 100.1.1.1
Ping 100.1.1.1 (100.1.1.1) from 192.168.0.1: 56 data bytes, press CTRL+C to break
56 bytes from 100.1.1.1: icmp_seq=0 ttl=254 time=1.000 ms
56 bytes from 100.1.1.1: icmp_seq=1 ttl=254 time=2.000 ms
56 bytes from 100.1.1.1: icmp_seq=2 ttl=254 time=2.000 ms
56 bytes from 100.1.1.1: icmp_seq=3 ttl=254 time=1.000 ms
56 bytes from 100.1.1.1: icmp_seq=4 ttl=254 time=2.000 ms

--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.000/1.600/2.000/0.490 ms
--------------------------------------------------------
[R1]ping -a 192.168.1.1 100.1.1.1
Ping 100.1.1.1 (100.1.1.1) from 192.168.1.1: 56 data bytes, press CTRL+C to break
Request time out
Request time out
Request time out
Request time out
Request time out

--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 0 packet(s) received, 100.0% packet loss
--------------------------------------------------------
[R6]ping -a 192.168.2.1 100.1.1.1
Ping 100.1.1.1 (100.1.1.1) from 192.168.2.1: 56 data bytes, press CTRL+C to break
56 bytes from 100.1.1.1: icmp_seq=0 ttl=252 time=4.000 ms
56 bytes from 100.1.1.1: icmp_seq=1 ttl=252 time=5.000 ms
56 bytes from 100.1.1.1: icmp_seq=2 ttl=252 time=6.000 ms
56 bytes from 100.1.1.1: icmp_seq=3 ttl=252 time=3.000 ms
56 bytes from 100.1.1.1: icmp_seq=4 ttl=252 time=6.000 ms

--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.000/4.800/6.000/1.166 ms
--------------------------------------------------------
[R6]ping -a 192.168.3.1 100.1.1.1
Ping 100.1.1.1 (100.1.1.1) from 192.168.3.1: 56 data bytes, press CTRL+C to break
Request time out
Request time out
Request time out
Request time out
Request time out

--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 0 packet(s) received, 100.0% packet loss