OSPF綜合實驗1

 

需求：
1、 R2、R4上做單點雙向重分佈，修改從RIP過來的外部路由metric爲30；
2、 區域0明文認證，對明文加密；區域1在接口上做密文認證；
3、 在R3上增加Lo1：10.3.3.3，R3向OSPF發佈默認路由，出接口爲lo 1，修改外部類型爲1，改metric爲33；再設置條件，僅當條目4.4.4.4/32存在時，纔對外發布默認路由；
4、 在R5上增加Lo1:172.16.1.5/24、Lo2:172.16.2.5/24、Lo3:172.16.3.5/24，宣告進EIGRP，然後在向OSPF區域重分佈時給這三個條目打上標記5，修改它們的metric爲50；
5、 R2上給RIP過來的路由條目打上標記11，且在將OSPF重分佈進RIP時，只重分佈打了標記5的路由條目；
6、 R5拒絕將192.168.12.0/24放入路由表。
======================================================
解決方案：
需求1：
R2(config)#router ospf 1
R2(config-router)#redistribute rip subnets metric 30
R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 5

R4(config)#router ospf 1
R4(config-router)#redistribute eigrp 100 subnets
R4(config)#router eigrp 100
R4(config-router)#redistribute ospf 1 metric 10000 100 255 1 1500
---------------------------------------------------------------------------------------
需求2：
R2(config)#router ospf 1
R2(config-router)#area 0 authentication
R2(config)#int s1/1
R2(config-if)#ip ospf authentication-key cisco
R2(config)#service password-encryption

R3(config)#router ospf 1
R3(config-router)#area 0 authentication
R3(config)#int s1/0
R3(config-if)#ip ospf authentication-key cisco
-->區域0做明文認證，但是全局加密。

R3(config)#int s1/1
R3(config-if)#ip ospf authentication message
R3(config-if)#ip ospf message-digest-key 1 md5 cisco1

R4(config)#int s1/0
R4(config-if)#ip ospf authentication message-digest
R4(config-if)#ip ospf message-digest-key 1 md5 cisco1
-->區域1接口上做密文認證。
------------------------------------------------------------------------------
需求3：
R3(config)#int lo 1
R3(config-if)#ip add 10.3.3.3 255.255.255.0
R3(config)#ip route 0.0.0.0 0.0.0.0 lo 1 -->僅當路由表中存在0.0.0.0的默認路由時
default-information originate纔有效
R3(config)#router ospf 1
R3(config-router)#default-information originate metric-type 1 metric 33

R4#show ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:01:01, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:01:01, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:01:01, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:01:01, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:01:01, Serial1/0
O*E2 0.0.0.0/0 [110/1] via 192.168.34.3, 00:01:01, Serial1/0
-->看到R4上有一條指向R3的默認路由。
--------------------------------------------------------------------------
R3(config)#access-list 1 permit 4.4.4.4
R3(config)#route-map ccna permit 10
R3(config-route-map)#match ip address 1
R3(config)#router ospf 1
R3(config-router)#default-information originate route-map ccna

R4(config)#router ospf 1
R4(config-router)#no network 4.4.4.4 0.0.0.0 area 1 -->關閉R4環回口的OSPF進程
R4#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:00:07, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:00:07, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:00:07, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:00:07, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:00:07, Serial1/0
-->這裏看到R3少缺少4.4.4.4/32的路由條目時，不再對外發布默認路由。
再把R4環回口的OSPF進程打開
R4(config-router)#network 4.4.4.4 0.0.0.0 area 1
R4#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:00:14, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:00:14, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:00:14, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:00:14, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:00:14, Serial1/0
O*E2 0.0.0.0/0 [110/1] via 192.168.34.3, 00:00:14, Serial1/0
-->可以看到默認路由出現了！
------------------------------------------------------------------------------------------
需求4：
R5(config)#int lo 1
R5(config-if)#ip add 172.16.1.5 255.255.255.0
R5(config)#int lo 2
R5(config-if)#ip add 172.16.2.5 255.255.255.0
R5(config)#int lo 3
R5(config-if)#ip add 172.16.3.5 255.255.255.0
R5(config)#rouetr eigrp 100
R5(config-router)#network 172.16.0.0 0.0.3.255

R4(config)#ip prefix-list ccnp permit 172.16.1.0/24
R4(config)#ip prefix-list ccnp permit 172.16.2.0/24
R4(config)#ip prefix-list ccnp permit 172.16.3.0/24
R4(config)#route-map ccna permit 10
R4(config-route-map)#match ip address prefix-list ccnp
R4(config-route-map)#set tag 5
R4(config)#route-map ccna permit 20
R4(config)#router ospf 1
R4(config-router)#redistribute eigrp 100 subnets route-map ccna metric 50

R3#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.23.2, 00:17:04, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.23.2, 00:17:04, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 192.168.23.2, 00:34:48, Serial1/0
O E2 192.168.45.0/24 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 192.168.34.4, 00:17:04, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
172.16.0.0/24 is subnetted, 3 subnets
O E2 172.16.1.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
O E2 172.16.2.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
O E2 172.16.3.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
-->可以看到R3路由表中出現了172.16.1.0到172.16.3.0網段的路由。它們的metric爲50，默認爲20.

R3#sh ip ospf data

OSPF Router with ID (3.3.3.3) (Process ID 1)
……
……
Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 3.3.3.3 832 0x80000001 0x00E0C5 1
1.1.1.1 2.2.2.2 670 0x80000002 0x00DFA9 0
5.5.5.5 4.4.4.4 197 0x80000001 0x0088F3 0
172.16.1.0 4.4.4.4 220 0x80000001 0x003994 5
172.16.2.0 4.4.4.4 220 0x80000001 0x002E9E 5
172.16.3.0 4.4.4.4 220 0x80000001 0x0023A8 5
192.168.12.0 2.2.2.2 670 0x80000003 0x00D541 0
192.168.45.0 4.4.4.4 197 0x80000001 0x00CC2D 0
-->R3上查看OSPF數據庫可以看到路由標記。
------------------------------------------------------------------------------------
需求5：
R2(config)#router ospf 1
R2(config-router)#redistribute rip subnets tag 11
-->給RIP過來的外部路由打標記11.

R2(config)#route-map ccna permit 10
R2(config-route-map)#match tag 5
R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 5 route-map ccna

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B -BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
172.16.0.0/24 is subnetted, 3 subnets
R 172.16.1.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
R 172.16.2.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
R 172.16.3.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
-->可以看到R1只學到了OSPF中打了標記5的路由條目。
---------------------------------------------------------------------------------------------
需求6：
首先看一下R5的路由表：
R5#sh ip route eigrp
D EX 192.168.12.0/24 [170/2195456] via 192.168.45.4, 00:00:22, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
D EX 1.1.1.1 [170/2195456] via 192.168.45.4, 00:00:12, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
D EX 2.2.2.2 [170/2195456] via 192.168.45.4, 00:07:31, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
D EX 3.3.3.3 [170/2195456] via 192.168.45.4, 00:56:28, Serial1/0
4.0.0.0/32 is subnetted, 1 subnets
D EX 4.4.4.4 [170/2195456] via 192.168.45.4, 00:32:12, Serial1/0
D EX 192.168.23.0/24 [170/2195456] via 192.168.45.4, 00:56:28, Serial1/0
D EX 192.168.34.0/24 [170/2195456] via 192.168.45.4, 01:00:45, Serial1/0
D*EX 0.0.0.0/0 [170/2195456] via 192.168.45.4, 00:32:06, Serial1/0
-->現在R5中有192.168.12.0/24的路由條目。下面要拒絕將它放入路由表。

R5(config)#ip prefix-list ccnp deny 192.168.12.0/24
R5(config)#ip prefix-list ccnp permit 0.0.0.0/0 le 32
R5(config)#router eigrp 100
R5(config-router)#distribute-list prefix ccnp in -->應用分發列表

R5#sh ip route ei
1.0.0.0/32 is subnetted, 1 subnets
D EX 1.1.1.1 [170/2195456] via 192.168.45.4, 00:06:24, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
D EX 2.2.2.2 [170/2195456] via 192.168.45.4, 00:13:42, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
D EX 3.3.3.3 [170/2195456] via 192.168.45.4, 01:02:39, Serial1/0
4.0.0.0/32 is subnetted, 1 subnets
D EX 4.4.4.4 [170/2195456] via 192.168.45.4, 00:38:23, Serial1/0
D EX 192.168.23.0/24 [170/2195456] via 192.168.45.4, 01:02:39, Serial1/0
D EX 192.168.34.0/24 [170/2195456] via 192.168.45.4, 01:06:56, Serial1/0
D*EX 0.0.0.0/0 [170/2195456] via 192.168.45.4, 00:38:17, Serial1/0
-->再次查看R5路由表，可以看到192.168.12.0/24這個條目已經沒有了。