OSPF擴展實驗(綜合實驗)拓撲圖
**
實驗環境:GNS3+CRT
**
主要設備配置命令如下:
R1
interface Loopback0
ip address 172.16.1.0 255.255.255.255
!
interface Loopback1
ip address 172.16.2.0 255.255.255.255
!
interface Loopback2
ip address 172.16.3.0 255.255.255.255
!
interface Loopback3
ip address 172.16.4.0 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 172.16.20.2 255.255.255.0 secondary
ip address 192.168.4.2 255.255.255.0
duplex auto
speed auto
!
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 172.16.1.0 0.0.0.0 area 0
network 172.16.2.0 0.0.0.0 area 0
network 172.16.3.0 0.0.0.0 area 0
network 172.16.4.0 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 0
!
no ip http server
no ip http secure-server
R2
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
area 0 range 172.16.0.0 255.255.248.0
area 1 virtual-link 3.3.3.3
network 192.168.1.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 1
!
no ip http server
no ip http secure-server
R3
interface Loopback0
ip address 10.10.1.0 255.255.255.255
!
interface Loopback1
ip address 10.10.2.0 255.255.255.255
!
interface Loopback2
ip address 10.10.3.0 255.255.255.255
!
interface Loopback3
ip address 10.10.4.0 255.255.255.255
!
interface FastEthernet0/0
ip address 172.16.10.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.2.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
area 1 virtual-link 2.2.2.2
summary-address 10.10.0.0 255.255.248.0
redistribute connected metric-type 1 subnets
network 192.168.2.2 0.0.0.0 area 1
network 192.168.3.1 0.0.0.0 area 2
default-information originate always
!
no ip http server
no ip http secure-server
show ip route命令查看路由表
OSPF路由器視輔助地址網絡爲末梢網絡,且不與該網絡下的其它路由器 建立鄰接關係。
擴展命令
一、OSPF做默認路由發佈的操作(ASBR)。
方法1:
RA(config-router)#default-information originate
RA(config)#ip route 0.0.0.0 0.0.0.0 null 0
方法2:
RA(config-router)#default-information originate always
===========================================
二、OSPF認證(明文認證/加密認證)
1、基於區域的明文認證
RB(config-if)#ip ospf authentication-key cisco
RB(config-router)#area 0 authentication
01:37:06: %OSPF-5-ADJCHG: Process 10, Nbr 8.8.8.8 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
以上信息是區域認證未通過,原來的鄰接關係破壞。
2、基於區域的密文認證
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-router)#area 0 authentication message-digest
3、基於接口的明文認證
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#ip ospf authentication
01:37:06: %OSPF-5-ADJCHG: Process 10, Nbr 8.8.8.8 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
以上信息是區域認證未通過,原來的鄰接關係破壞。
4、基於接口的密文認證
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication message-digest
PS:以上基於明文和密文的密碼還是能夠通過show run命令看到。
可以通過R2(config)#service password-encryption命令解決。
===================================================
三、OSPF路由彙總(區域間路由彙總和外部區域彙總)
1、區域間路由彙總命令(一般在ABR上操作):
RX(config-router)#area area-id range ip-address netmask
2、外部路由彙總命令(一般在ASBR上操作):
RX(config-router)#summary-address ip-address netmask
====================================================
四、OSPF配置輔助地址
R2(config-if)#ip add 192.168.1.1 255.255.255.0 \主地址
R2(config-if)#ip add 172.16.1.1 255.255.255.0 secondary \輔助地址
OSPF路由器視輔助地址網絡爲末梢網絡,且不與該網絡下的其它路由器
建立鄰接關係。
=======================================================
五、OSPF配置虛鏈路
R2(config-router)#area area-id virtual-link router-id
這條命令必須在ABR上面配置。