OSPF扩展实验(综合实验)拓扑图
**
实验环境:GNS3+CRT
**
主要设备配置命令如下:
R1
interface Loopback0
ip address 172.16.1.0 255.255.255.255
!
interface Loopback1
ip address 172.16.2.0 255.255.255.255
!
interface Loopback2
ip address 172.16.3.0 255.255.255.255
!
interface Loopback3
ip address 172.16.4.0 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 172.16.20.2 255.255.255.0 secondary
ip address 192.168.4.2 255.255.255.0
duplex auto
speed auto
!
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 172.16.1.0 0.0.0.0 area 0
network 172.16.2.0 0.0.0.0 area 0
network 172.16.3.0 0.0.0.0 area 0
network 172.16.4.0 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 0
!
no ip http server
no ip http secure-server
R2
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
area 0 range 172.16.0.0 255.255.248.0
area 1 virtual-link 3.3.3.3
network 192.168.1.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 1
!
no ip http server
no ip http secure-server
R3
interface Loopback0
ip address 10.10.1.0 255.255.255.255
!
interface Loopback1
ip address 10.10.2.0 255.255.255.255
!
interface Loopback2
ip address 10.10.3.0 255.255.255.255
!
interface Loopback3
ip address 10.10.4.0 255.255.255.255
!
interface FastEthernet0/0
ip address 172.16.10.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.2.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet3/0
no ip address
shutdown
duplex auto
speed auto
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
area 1 virtual-link 2.2.2.2
summary-address 10.10.0.0 255.255.248.0
redistribute connected metric-type 1 subnets
network 192.168.2.2 0.0.0.0 area 1
network 192.168.3.1 0.0.0.0 area 2
default-information originate always
!
no ip http server
no ip http secure-server
show ip route命令查看路由表
OSPF路由器视辅助地址网络为末梢网络,且不与该网络下的其它路由器 建立邻接关系。
扩展命令
一、OSPF做默认路由发布的操作(ASBR)。
方法1:
RA(config-router)#default-information originate
RA(config)#ip route 0.0.0.0 0.0.0.0 null 0
方法2:
RA(config-router)#default-information originate always
===========================================
二、OSPF认证(明文认证/加密认证)
1、基于区域的明文认证
RB(config-if)#ip ospf authentication-key cisco
RB(config-router)#area 0 authentication
01:37:06: %OSPF-5-ADJCHG: Process 10, Nbr 8.8.8.8 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
以上信息是区域认证未通过,原来的邻接关系破坏。
2、基于区域的密文认证
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-router)#area 0 authentication message-digest
3、基于接口的明文认证
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#ip ospf authentication
01:37:06: %OSPF-5-ADJCHG: Process 10, Nbr 8.8.8.8 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
以上信息是区域认证未通过,原来的邻接关系破坏。
4、基于接口的密文认证
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication message-digest
PS:以上基于明文和密文的密码还是能够通过show run命令看到。
可以通过R2(config)#service password-encryption命令解决。
===================================================
三、OSPF路由汇总(区域间路由汇总和外部区域汇总)
1、区域间路由汇总命令(一般在ABR上操作):
RX(config-router)#area area-id range ip-address netmask
2、外部路由汇总命令(一般在ASBR上操作):
RX(config-router)#summary-address ip-address netmask
====================================================
四、OSPF配置辅助地址
R2(config-if)#ip add 192.168.1.1 255.255.255.0 \主地址
R2(config-if)#ip add 172.16.1.1 255.255.255.0 secondary \辅助地址
OSPF路由器视辅助地址网络为末梢网络,且不与该网络下的其它路由器
建立邻接关系。
=======================================================
五、OSPF配置虚链路
R2(config-router)#area area-id virtual-link router-id
这条命令必须在ABR上面配置。
