热门标签
热门文章
- 1VC6.0(SP6)编译xvid_#define uint64_t unsigned __int64_t
- 2-Caused by: com.rabbitmq.client.ShutdownSignalException: connection error; protocol method
- 3【Linux集群教程】09 集群监控 - 监控简介和Cacti搭建_cacti运维监控考核
- 4【GIT版本控制】--子模块_git 子仓库更新
- 5全流程零基础自制reid数据集做deepsort_通过darklabel构建deepsort标注格式和reid数据集
- 6Oracle Exists用法
- 7DPO数据保护官 &&CISP-DSG注册数据安全治理专业人员_国内的数据安全官和国外的dpo考哪个
- 8云计算与分布式技术-常见云的比较_分布式云横向评测
- 9Centos8安装Docker_centos8 安装docker
- 10信息网络安全设备_信息安全设备包括哪些
当前位置: article > 正文
OSPF 综合实验_ospf综合实验
作者:不正经 | 2024-04-26 14:30:08
赞
踩
ospf综合实验
目录
前言
如何根据需求完成本次实验?
实验要求
1.R4为ISP,其上只能配置IP地址;R4与其他所有直连设备使用公有IP
2.R3---R5/6/7为MGRE环境,R3为中心站点
3.整个OSPF环境IP地址为172.16.0.0/16
4.所有设备均可访问R4的环回
5.减少LSA的更新量,加快收敛,保障更新安全
6.全网可达
实验分析
1.地址规划
由于OSPF 基于区域汇总,图中有6个区域,因此我们先借三位划分为8个网段
又根据实际需求一个广播域50台主机左右,故子网掩码为25位
- 172.16.0.0 /19 ---area 0
-
- 172.16.0.0 /25 172.16.0.128 /25 172.16.1.0 /25 172.16.1.128/25....172.16.31.128
-
- 172.16.0.0 /25 p2p 骨干 172.16.0.0/30 172.16.0.4/30
-
- 172.16.0.128 /25 MA 骨干 172.16.0.128 /29 --MGRE 172.16.0.136/29
-
-
-
- 172.16.32.0 /19---area 1
-
- 172.16.64.0 /19--- area 2
-
- 172.16.96.0 /19--- area3
-
- 172.16.128.0 /19---area 4
-
- 172.16.160.0 /19---rip 172.16.160.0/20 172.16.176.0/20
-
-
- 172.16.192.0 /19
- -----备用
- 172.16.224.0 /19
2.在R3--R5/R6/R7配置MGRE
R3---R5/6/7为MGRE环境,R3为中心站点,其他为站点找R1注册,默认的接口为P2P,我们需要修改为广播,并在R5/R6/R7修改接口优先级使得DR为R3,并配置缺省
- R3:
- #
- interface LoopBack0
- ip address 172.16.34.1 255.255.255.128
- #
- interface GigabitEthernet0/0/2
- ip address 43.1.1.1 255.255.255.0
- #
- ip route-static 0.0.0.0 0.0.0.0 43.1.1.2 ----缺省
-
- #
- interface Tunnel0/0/0
- ip address 172.16.0.129 255.255.255.248
- tunnel-protocol gre p2mp
- source 43.1.1.1
- ospf network-type broadcast ---修改默认点到点类型为broadcast
- nhrp entry multicast dynamic
- nhrp network-id 100
-
- R4:
-
- #
- interface LoopBack0
- ip address 4.4.4.4 255.255.255.0
- #
- interface GigabitEthernet0/0/0
- ip address 43.1.1.2 255.255.255.0
- #
- interface GigabitEthernet0/0/1
- ip address 45.1.1.1 255.255.255.0
- #
- interface GigabitEthernet0/0/2
- ip address 46.1.1.1 255.255.255.0
- #
- interface GigabitEthernet4/0/0
- ip address 47.1.1.1 255.255.255.0
-
- R5:
-
- #
- interface LoopBack0
- ip address 172.16.1.1 255.255.255.128
- #
- interface GigabitEthernet0/0/0
- ip address 45.1.1.2 255.255.255.0
- #
- ip route-static 0.0.0.0 0.0.0.0 45.1.1.1
- #
- interface Tunnel0/0/0
- ip address 172.16.0.130 255.255.255.248
- tunnel-protocol gre p2mp
- source 45.1.1.2
- ospf network-type broadcast ---修改默认点到点类型为broadcast
- ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
- nhrp network-id 100
- nhrp entry 172.16.0.129 43.1.1.1 register
-
- R6:
-
- #
- interface LoopBack0
- ip address 172.16.1.129 255.255.255.128
- #
- interface GigabitEthernet0/0/0
- ip address 46.1.1.2 255.255.255.0
- #
- ip route-static 0.0.0.0 0.0.0.0 46.1.1.1
- #
- interface Tunnel0/0/0
- ip address 172.16.0.131 255.255.255.248
- tunnel-protocol gre p2mp
- source 46.1.1.2
- ospf network-type broadcast ---修改默认点到点类型为broadcast
- ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
- nhrp network-id 100
- nhrp entry 172.16.0.129 43.1.1.1 register
-
- R7:
-
- #
- interface LoopBack0
- ip address 172.16.2.1 255.255.255.128
- #
- interface GigabitEthernet0/0/0
- ip address 47.1.1.2 255.255.255.0
- #
- ip route-static 0.0.0.0 0.0.0.0 47.1.1.1
- #
- interface Tunnel0/0/0
- ip address 172.16.0.132 255.255.255.248
- tunnel-protocol gre p2mp
- source 47.1.1.2
- ospf network-type broadcast ---修改默认点到点类型为broadcast
- ospf dr-priority 0 -----修改DR优先级为0,不参与选举,使DR为R3
- nhrp network-id 100
- nhrp entry 172.16.0.129 43.1.1.1 register
配置完成后,我们可以从R3上测试R5/R6/R7
3.配置IP地址
根据上图和已做出的IP规划配置IP地址,配置完成后进行ping测试IP地址配置是否正确
4.配置OSPF和RIP
-
- R1:
-
- #
- ospf 1 router-id 1.1.1.1
- area 0.0.0.1
- network 172.16.0.0 0.0.255.255
-
- R2:
- #
- ospf 1 router-id 2.2.2.2
- area 0.0.0.1
- network 172.16.0.0 0.0.255.255
-
- R3:
-
- #
- ospf 1 router-id 3.3.3.3
- area 0.0.0.0
- network 172.16.0.129 0.0.0.0
- area 0.0.0.1
- network 172.16.32.0 0.0.3.255
-
- R5:
-
- #
- ospf 1 router-id 5.5.5.5
- area 0.0.0.0
- network 172.16.0.0 0.0.255.255
-
- R6:
-
- #
- ospf 1 router-id 6.6.6.6
- area 0.0.0.0
- network 172.16.0.0 0.0.1.255
- area 0.0.0.2
- network 172.16.64.1 0.0.0.0
-
- R7:
-
- ospf 1 router-id 7.7.7.7
- area 0.0.0.0
- network 172.16.0.0 0.0.3.255
- area 0.0.0.3
- network 172.16.96.1 0.0.0.0
-
-
- R8:
-
- #
- ospf 1 router-id 8.8.8.8
- area 0.0.0.3
- network 172.16.0.0 0.0.255.255
-
- R9:
-
- #
- ospf 1 router-id 9.9.9.9
- area 0.0.0.3
- network 172.16.96.6 0.0.0.0
- area 0.0.0.4
- network 172.16.128.0 0.0.1.255
-
- R10:
-
- #
- ospf 1 router-id 10.10.10.10
- area 0.0.0.4
- network 172.16.0.0 0.0.255.255
-
-
- R11:
-
- #
- ospf 1 router-id 11.11.11.11
- area 0.0.0.2
- network 172.16.0.0 0.0.255.255
-
-
- R12:
- #
- ospf 1 router-id 12.12.12.12
- area 0.0.0.2
- network 172.16.64.6 0.0.0.0
- #
- rip 1
- version 2
- network 172.16.0.0
配置完OSPF后,我们需要查看邻居表,查看邻居是否建立
5.重发布
通过查看路由表,发现还缺少area 4和rip 的 路由 ,根据拓扑我们需要在R12上对RIP进行重发布
在R9上对area 4进行多进程重发布
- R9:
-
- 首先我们需要删除之前在R9上配置的area 4的ospf1进程
-
- #
- ospf 2
- area 0.0.0.4
- network 172.16.128.0 0.0.1.255
-
- #
- ospf 1
-
- import-route ospf 2 ----将进程2宣告给进程1
-
-
- R12:
-
- 将RIP宣告进ospf 1 进程
-
- #
- ospf 1
-
- import-route rip 1
宣告完成后 ,此时路由表路由条目已经齐全,但我们还需要做减少LSA的更新量,加快收敛,保障更新安全
6.路由汇总
我们需要进行在R3 /R6/R7---区域间路由汇总,R12---rip路由汇总,R9----区域外路由汇总
- 区域间路由汇总
-
- R3:
-
- #
- ospf 1
- area 1
- abr-summary 172.16.32.0 255.255.224.0
-
-
- R6:
-
- #
- ospf 1
- area 2
- abr-summary 172.16.64.0 255.255.224.0
-
-
- R7:
-
- #
- ospf 1
- area 3
- abr-summary 172.16.96.0 255.255.224.0
-
-
- 区域外路由汇总
-
- R9:
-
- #
- ospf 1
- area 3
- asbr-summary 172.16.128.0 255.255.224.0
-
-
- rip路由汇总
-
- R12:
-
- ospf 1
- area 2
- asbr-summary 172.16.160.0 255.255.224.0
-
-
-
7.特殊区域
area 1 完全末梢 area 2 完全nssa area 3 完全nssa R9---OSPF 缺省指向R10
- area 1 完全末梢
-
- R1:
-
- #
- ospf 1 router-id 1.1.1.1
- area 0.0.0.1
- stub
-
-
- R2:
-
- #
- ospf 1 router-id 2.2.2.2
- area 0.0.0.1
- stub
-
- R3:
-
- #
- ospf 1 router-id 3.3.3.3
- area 0.0.0.1
- stub no-summary
-
-
- area 2 完全nssa
-
- R6:
-
- #
- ospf 1 router-id 6.6.6.6
- area 0.0.0.2
- nssa no-summary
-
- R11:
-
- #
- ospf 1 router-id 11.11.11.11
- area 0.0.0.2
- nssa
-
- r12:
-
- #
- ospf 1 router-id 12.12.12.12
- area 0.0.0.2
- nssa
-
-
- area 3 完全nssa
-
- R7:
- #
- ospf 1 router-id 7.7.7.7
- area 0.0.0.3
- nssa no-summary
-
- R8:
-
- #
- ospf 1 router-id 8.8.8.8
- area 0.0.0.3
- nssa
-
- R9:
-
- #
- ospf 1 router-id 9.9.9.9
- area 0.0.0.3
- nssa
-
-
- R9-OSPF 缺省指向R10
-
-
- R9:
- #
- ospf 2
- default-route-advertise
-
-
8.NAT
从局域网访问ISP需要进行地址转换,我们需要在R3、R6、R7做NAT
- R3:
- #
- acl number 2000
- rule 5 permit source 172.16.0.0 0.0.255.255
-
- #
- interface GigabitEthernet0/0/2
- nat outbound 2000
-
-
- R6:
-
- #
- acl number 2000
- rule 5 permit source 172.16.0.0 0.0.255.255
-
- #
- interface GigabitEthernet0/0/0
- nat outbound 2000
-
-
-
- R7:
-
- #
- acl number 2000
- rule 5 permit source 172.16.0.0 0.0.255.255
-
- #
- interface GigabitEthernet0/0/0
- nat outbound 2000
9.防环,空接口
由于存在缺省路由,在R9和R12上会出现环路,在R3、R6、R7上虽然不会出环,但会占用资源,所以我们需要设置空接口。
- 设置空接口
-
- R3:
-
- #
- ip route-static 172.16.32.0 255.255.224.0 NULL0
-
- R6:
-
- #
- ip route-static 172.16.64.0 255.255.224.0 NULL0
-
- R7:
-
- #
- ip route-static 172.16.96.0 255.255.224.0 NULL0
-
- R9:
-
- #
- ip route-static 172.16.128.0 255.255.224.0 NULL0
-
- R12:
-
- #
- ip route-static 172.16.160.0 255.255.224.0 NULL0
-
10.测试验证
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/不正经/article/detail/491480
推荐阅读
相关标签
