目录
第一章 OSPF协议特性与配置
实验 1-5 OSPF 虚电路和区域路由过滤
学习目的
·掌握使用OSPF虚电路来连接不连续的区域0的配置方法
·掌握使用OSPF虚电路将非骨干区域连接到区域0的配置方法
·掌握区域之间进行路由过滤和路由控制的方法
拓扑图
图1-5 OSPF虚电路和区域路由过滤
场景
你是公司的网络管理员。公司最近收购了两家小公司,他们的路由器是R4和R5。为了尽快合并网络,你决定先不去重新规划网络,而是使用虚电路实现网络互联。
网络直接相连后,你发现存在不连续的区域0,另外区域3与区域0没有直接连接。所以你决定在R1和R2之间建立虚电路,实现区域3与区域0的直接连接。另外在R3和R5之间建立虚电路,将不连续的区域0连接到一块。
同时为了明确设备的Router-ID,你配置设备使用固定的地址作为Router-ID。
学习任务
步骤一.基础配置与IP编址
给所有路由器配置IP地址和掩码。配置时注意所有的Loopback接口配置掩码均为24位,模拟成一个单独的网段。
<R1>system-view
Enter system view, return user view with Ctrl+Z.
[R1]interface Serial 3/0/0
[R1-Serial3/0/0]ip address 10.0.14.1 24
[R1-Serial3/0/0]quit
[R1]interface Serial 1/0/0
[R1-Serial1/0/0]ip address 10.0.12.1 24
[R1-Serial1/0/0]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
[R1-LoopBack0]quit
<R2>system-view
Enter system view, return user view with Ctrl+Z.
[R2]interface Serial 1/0/0
[R2-Serial1/0/0]ip address 10.0.12.2 24
[R2-Serial1/0/0]quit
[R2]interface Serial 2/0/0
[R2-Serial2/0/0]ip address 10.0.23.2 24
[R2-Serial2/0/0]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 24
[R2-LoopBack0]quit
<R3>system-view
Enter system view, return user view with Ctrl+Z.
[R3]interface Serial 2/0/0
[R3-Serial2/0/0]ip address 10.0.23.3 24
[R3-Serial2/0/0]quit
[R3]interface Serial 3/0/0
[R3-Serial3/0/0]ip address 10.0.35.3 24
[R3-Serial3/0/0]quit
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
[R3-LoopBack0]quit
<R4>system-view
Enter system view, return user view with Ctrl+Z.
[R4]interface Serial 1/0/0
[R4-Serial1/0/0]ip address 10.0.14.4 24
[R4-Serial1/0/0]quit
[R4]interface LoopBack 0
[R4-LoopBack0]ip address 10.0.4.4 24
[R4-LoopBack0]quit
<R5>system-view
Enter system view, return user view with Ctrl+Z.
[R5]interface Serial 1/0/0
[R5-Serial1/0/0]ip address 10.0.35.5 24
[R5-Serial1/0/0]quit
[R5]interface LoopBack 0
[R5-LoopBack0]ip address 10.0.5.5 24
[R5-LoopBack0]quit
配置完成后,测试直连链路的连通性。
[R1]ping -c 1 10.0.14.4
PING 10.0.14.4: 56 data bytes, press CTRL_C to break
Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=39 ms
--- 10.0.14.4 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 39/39/39 ms
[R1]ping -c 1 10.0.12.2
PING 10.0.12.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=29 ms
--- 10.0.12.2 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 29/29/29 ms
[R3]ping -c 1 10.0.23.2
PING 10.0.23.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.2: bytes=56 Sequence=1 ttl=255 time=45 ms
--- 10.0.23.2 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 45/45/45 ms
[R3]ping -c 1 10.0.35.5
PING 10.0.35.5: 56 data bytes, press CTRL_C to break
Reply from 10.0.35.5: bytes=56 Sequence=1 ttl=255 time=32 ms
--- 10.0.35.5 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 32/32/32 ms
步骤二.配置多区域OSPF
在R1上配置Serial 1/0/0及Loopback 0属于区域2,Serial 3/0/0属于区域3。并对所有OSPF区域的Loopback接口,修改其OSPF网络类型为Broadcast类型,以便于OSPF发布Loopback口的真实掩码信息。所有的路由器使用Loopback 0的IP地址作为Router ID。
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]quit
[R1-ospf-1]area 3
[R1-ospf-1-area-0.0.0.3]network 10.0.14.1 0.0.0.0
[R1-ospf-1-area-0.0.0.3]quit
[R1-ospf-1]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ospf network-type broadcast
[R1-LoopBack0]quit
在R2上配置Serial 2/0/0及Loopback 0属于区域0,Serial 1/0/0属于区域2。
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 2
[R2-ospf-1-area-0.0.0.2]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.2]quit
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]quit
[R2-ospf-1]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ospf network-type broadcast
[R2-LoopBack0]quit
在R3上配置Serial 2/0/0及Loopback 0属于区域0,Serial 3/0/0属于区域1。
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]quit
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 10.0.35.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]quit
[R3-ospf-1]quit
[R3]interface LoopBack 0
[R3-LoopBack0]ospf network-type broadcast
[R3-LoopBack0]quit
在R4上配置Serial 1/0/0及Loopback 0属于区域3
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 3
[R4-ospf-1-area-0.0.0.3]network 10.0.14.4 0.0.0.0
[R4-ospf-1-area-0.0.0.3]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.3]quit
[R4-ospf-1]quit
[R4]interface LoopBack 0
[R4-LoopBack0]ospf network-type broadcast
[R4-LoopBack0]quit
在R5上配置Serial 1/0/0属于区域1,Loopback 0属于区域0。
[R5]ospf 1 router-id 10.0.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]quit
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.35.5 0.0.0.0
[R5-ospf-1-area-0.0.0.3]quit
[R5-ospf-1]quit
[R5]interface LoopBack 0
[R5-LoopBack0]ospf network-type broadcast
[R5-LoopBack0]quit
步骤三.查看每个路由器的路由表
查看R4的路由表,R4虽然与R1建立了邻接关系,没有学习到任何OSPF路由。
[R4]display ip routing-table protocol ospf
[R4]display ospf peer
OSPF Process 1 with Router ID 10.0.4.4
Neighbors
Area 0.0.0.3 interface 10.0.14.4(Serial1/0/0)'s neighbors
Router ID: 10.0.1.1 Address: 10.0.14.1
State: Full Mode:Nbr is Slave Priority: 1
DR: None BDR: None MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 4
Neighbor is up for 00:21:33
Authentication Sequence: [ 0 ]
再查看R4的LSDB发现仅存在第一类LSA,也就是说R1没有将其他区域的路由通告进区域3。
[R4]display ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.3
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.4.4 10.0.4.4 571 60 80000005 0
Router 10.0.1.1 10.0.1.1 616 48 80000003 1562
查看R1的路由表,缺失了10.0.5.0/24。至于缺少这条路由的原因,我们分析完R3的LSDB就明白了。
[R1]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5
OSPF routing table status : <Active>
Destinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.2.0/24 OSPF 10 1562 D 10.0.12.2 Serial1/0/0
10.0.3.0/24 OSPF 10 3124 D 10.0.12.2 Serial1/0/0
10.0.4.0/24 OSPF 10 1562 D 10.0.14.4 Serial3/0/0
10.0.23.0/24 OSPF 10 3124 D 10.0.12.2 Serial1/0/0
10.0.35.0/24 OSPF 10 4686 D 10.0.12.2 Serial1/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
下面我们先来看一下R1的LSDB。为了避免区域间的环路,OSPF规定不允许直接在两个非骨干区域之间发布路由信息。从LSDB的角度来看,可以发现,ABR不会转发从非骨干区域收到的第三类LSA。
在R1上我们可以看到,在区域2的LSDB中有4条区域间路由,该路由是从R2(10.0.2.2)上学习到的,R1并没有将这些LSA转发到区域3里,所以R4学习不到非本区域的路由。
ABR也不会将从非骨干区域中学习到的路由转发给另一个非骨干区域,这里R1从R4这里学习到的路由不会以第三类LSA的形式通告进区域2,所以R2、R3、R5均学习不到区域3内的路由。
[R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 1251 48 80000023 1562
Router 10.0.1.1 10.0.1.1 1266 60 80000024 0
Sum-Net 10.0.35.0 10.0.2.2 1178 28 8000001B 3124
Sum-Net 10.0.3.0 10.0.2.2 1178 28 8000001B 1562
Sum-Net 10.0.2.0 10.0.2.2 1228 28 80000021 0
Sum-Net 10.0.23.0 10.0.2.2 1189 28 8000001B 1562
Area: 0.0.0.3
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.4.4 10.0.4.4 855 60 80000024 0
Router 10.0.1.1 10.0.1.1 898 48 80000022 1562
查看R2的路由表,在R2的路由表中缺失了到达网络10.0.4.0/24、10.0.5.0/24、10.0.14.0/24的三条路由。
[R2]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 3 Routes : 3
OSPF routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 1562 D 10.0.12.1 Serial1/0/0
10.0.3.0/24 OSPF 10 1562 D 10.0.23.3 Serial2/0/0
10.0.35.0/24 OSPF 10 3124 D 10.0.23.3 Serial2/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
查看R2的LSDB,可以发现R1没有将区域3的路由通告给R2。
R2上会缺失到达网络10.0.4.0/24、10.0.14.0/24的路由。
在区域0中,R3也没有将10.0.5.0网络的路由通告给R2。
[R2]display ospf lsdb
OSPF Process 1 with Router ID 10.0.2.2
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 973 60 80000027 0
Router 10.0.2.2 10.0.2.2 972 60 80000028 0
Sum-Net 10.0.35.0 10.0.3.3 984 28 8000001D 1562
Sum-Net 10.0.12.0 10.0.2.2 1035 28 80000022 1562
Sum-Net 10.0.1.0 10.0.2.2 1035 28 80000022 1562
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 1046 48 80000024 1562
Router 10.0.1.1 10.0.1.1 1063 60 80000025 0
Sum-Net 10.0.35.0 10.0.2.2 973 28 8000001C 3124
Sum-Net 10.0.3.0 10.0.2.2 973 28 8000001C 1562
Sum-Net 10.0.2.0 10.0.2.2 1023 28 80000022 0
Sum-Net 10.0.23.0 10.0.2.2 984 28 8000001C 1562
查看R3的路由表,缺失了到达网络10.0.4.0/24、10.0.5.0/24、10.0.14.0/24的路由。
[R3]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 3 Routes : 3
OSPF routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 3124 D 10.0.23.2 Serial2/0/0
10.0.2.0/24 OSPF 10 1562 D 10.0.23.2 Serial2/0/0
10.0.12.0/24 OSPF 10 3124 D 10.0.23.2 Serial2/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
查看R3的LSDB,我们可以发现,R3从区域1中收到了R5发来的第三类10.0.5.0。根据前面的原则,从非骨干区域收到的第三类LSA不会被转发。
R3没有将这条LSA再次发送到区域0中,这也正是R1和R2中没有10.0.5.0/24这条路由的原因。
[R3]display ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 111 60 80000028 0
Router 10.0.2.2 10.0.2.2 112 60 80000029 0
Sum-Net 10.0.35.0 10.0.3.3 122 28 8000001E 1562
Sum-Net 10.0.12.0 10.0.2.2 175 28 80000023 1562
Sum-Net 10.0.1.0 10.0.2.2 175 28 80000023 1562
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 117 48 8000001E 1562
Router 10.0.3.3 10.0.3.3 117 48 80000020 1562
Sum-Net 10.0.12.0 10.0.3.3 107 28 8000001D 3124
Sum-Net 10.0.3.0 10.0.3.3 128 28 8000001D 0
Sum-Net 10.0.2.0 10.0.3.3 107 28 8000001D 1562
Sum-Net 10.0.1.0 10.0.3.3 108 28 8000001D 3124
Sum-Net 10.0.5.0 10.0.5.5 128 28 8000001D 0
Sum-Net 10.0.23.0 10.0.3.3 124 28 8000001D 1562
在这里我们注意到,R3的LSDB中已经有了R5发来的用于描述10.0.5.0/24的第三类LSA,但在R3的路由表上并没有出现这条路由。
查看R5的路由表。
[R5]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5
OSPF routing table status : <Active>
Destinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 4686 D 10.0.35.3 Serial1/0/0
10.0.2.0/24 OSPF 10 3124 D 10.0.35.3 Serial1/0/0
10.0.3.0/24 OSPF 10 1562 D 10.0.35.3 Serial1/0/0
10.0.12.0/24 OSPF 10 4686 D 10.0.35.3 Serial1/0/0
10.0.23.0/24 OSPF 10 3124 D 10.0.35.3 Serial1/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
[R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 820 36 80000002 0
Sum-Net 10.0.35.0 10.0.5.5 861 28 80000001 1562
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 1096 48 80000003 1562
Router 10.0.3.3 10.0.3.3 1097 48 80000002 1562
Sum-Net 10.0.12.0 10.0.3.3 1129 28 80000001 3124
Sum-Net 10.0.3.0 10.0.3.3 1129 28 80000001 0
Sum-Net 10.0.2.0 10.0.3.3 1129 28 80000001 1562
Sum-Net 10.0.1.0 10.0.3.3 1129 28 80000001 3124
Sum-Net 10.0.5.0 10.0.5.5 861 28 80000001 0
Sum-Net 10.0.23.0 10.0.3.3 1129 28 80000001 1562
R5缺失了到达网络10.0.4.0/24、10.0.14.0/24的路由。
同时可以看到,R5上存在到达R3 Loopback 0的路由。
分析原因可知,R3存在连接到区域0的物理接口,即可以与区域0中其他的路由器交互路由信息,这时在R3上不会将非骨干区域发来的第三类LSA学习到的路由加到路由表里。R5虽然有接口在区域0中,但该接口为Loopback接口,Loopback接口在OSPF进行路由计算时为StubNet的链路类型。
查看R3的产生的类型一的LSA(此处已略去其他输出信息):
[R3]display ospf lsdb router 10.0.3.3
OSPF Process 1 with Router ID 10.0.3.3
Area: 0.0.0.0
Link State Database
Type : Router
Ls id : 10.0.3.3
Adv rtr : 10.0.3.3
Ls age : 732
Len : 60
Options : ABR E
seq# : 80000158
chksum : 0xde39
Link count: 3
* Link ID: 10.0.3.3
Data : 255.255.255.255
Link Type: StubNet
Metric : 0
Priority : Medium
* Link ID: 10.0.2.2
Data : 10.0.23.3
Link Type: P-2-P
Metric : 1562
* Link ID: 10.0.23.0
Data : 255.255.255.0
Link Type: StubNet
Metric : 1562
Priority : Low
从上面的输出中可以看到,R3与R2相连的链路的类型为P-2-P。类型为P-2-P、TransNet和Virtual类型的链路,路由器均认为该接口与其他路由器会交互路由信息。对于存在这三类链路连接到骨干区域的路由器不会将非骨干区域发来的第三类LSA加到路由表中。
[R5]display ospf lsdb router 10.0.5.5
OSPF Process 1 with Router ID 10.0.5.5
Area: 0.0.0.0
Link State Database
Type : Router
Ls id : 10.0.5.5
Adv rtr : 10.0.5.5
Ls age : 583
Len : 36
Options : ABR E
seq# : 80000040
chksum : 0x6d69
Link count: 1
* Link ID: 10.0.5.5
Data : 255.255.255.255
Link Type: StubNet
Metric : 0
Priority : Medium
在R5上,骨干区域中仅有一个Loopback 0,在描述这个接口的LSA中,链路的类型是StubNet,即末节网络,表示该接口不会再连接其他路由器,这时,路由器就会采用从非骨干区域发来的第三类LSA。
步骤四.将不连续的区域0连在一块
在R3和R5上配置虚电路,注意在配置虚电路的时候在vlink-peer中配置的是对端ABR的Router ID。
[R3]ospf 1
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]vlink-peer 10.0.5.5
[R3-ospf-1-area-0.0.0.1]quit
[R3-ospf-1]quit
[R5]ospf
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]vlink-peer 10.0.3.3
[R5-ospf-1-area-0.0.0.1]quit
[R5-ospf-1]quit
然后检查虚电路邻居的状态是否为Full。
[R3]display ospf vlink
OSPF Process 1 with Router ID 10.0.3.3
Virtual Links
Virtual-link Neighbor-id -> 10.0.5.5, Neighbor-State: Full
Interface: 10.0.35.3 (Serial3/0/0)
Cost: 1562 State: P-2-P Type: Virtual
Transit Area: 0.0.0.1
Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1
GR State: Normal
观察路由信息发生的变化。
[R3]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 4 Routes : 4
OSPF routing table status : <Active>
Destinations : 4 Routes : 4
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 3124 D 10.0.23.2 Serial2/0/0
10.0.2.0/24 OSPF 10 1562 D 10.0.23.2 Serial2/0/0
10.0.5.0/24 OSPF 10 1562 D 10.0.35.5 Serial3/0/0
10.0.12.0/24 OSPF 10 3124 D 10.0.23.2 Serial2/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
在R3上查看路由表发现已经学习到了10.0.5.0/24这条路由。
测试网络的连通性,R3可以与R5的Loopback 0连接的网段通讯。
[R3]ping -c 1 10.0.5.5
PING 10.0.5.5: 56 data bytes, press CTRL_C to break
Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=255 time=34 ms
--- 10.0.5.5 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 34/34/34 ms
查看R3的LSDB。
<R3>display ospf lsdb
OSPF Process 1 with Router ID 10.0.3.3
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 1098 48 80000005 0
Router 10.0.3.3 10.0.3.3 1096 72 80000008 0
Router 10.0.2.2 10.0.2.2 920 60 80000006 0
Sum-Net 10.0.35.0 10.0.3.3 830 28 80000002 1562
Sum-Net 10.0.35.0 10.0.5.5 565 28 80000002 1562
Sum-Net 10.0.12.0 10.0.2.2 1124 28 80000002 1562
Sum-Net 10.0.1.0 10.0.2.2 1110 28 80000002 1562
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 1098 48 80000004 1562
Router 10.0.3.3 10.0.3.3 1096 48 80000003 1562
Sum-Net 10.0.12.0 10.0.3.3 830 28 80000002 3124
Sum-Net 10.0.3.0 10.0.3.3 831 28 80000002 0
Sum-Net 10.0.2.0 10.0.3.3 831 28 80000002 1562
Sum-Net 10.0.1.0 10.0.3.3 831 28 80000002 3124
Sum-Net 10.0.5.0 10.0.5.5 566 28 80000002 0
Sum-Net 10.0.23.0 10.0.3.3 831 28 80000002 1562
看到在R3上共收到了2条来自R5的第一类LSA。第一条是在区域0中收到的,虚电路属于区域0,所以该LSA实际上是通过虚电路学习到的。另一条第一类LSA是在区域1中学习到的,这条LSA刚才没建虚电路的时候就有。路由表中的10.0.5.0/24路由是通过区域0学习到的LSA计算出的。
查看R3的LSDB中关于10.0.5.5这条第一类LSA的详细信息。
[R3]display ospf lsdb router 10.0.5.5
OSPF Process 1 with Router ID 10.0.3.3
Area: 0.0.0.0
Link State Database
Type : Router
Ls id : 10.0.5.5
Adv rtr : 10.0.5.5
Ls age : 621
Len : 48
Options : ABR E
seq# : 80000005
chksum : 0x1291
Link count: 2
* Link ID: 10.0.5.0
Data : 255.255.255.0
Link Type: StubNet
Metric : 0
Priority : Low
* Link ID: 10.0.3.3
Data : 10.0.35.5
Link Type: Virtual
Metric : 1562
Area: 0.0.0.1
Link State Database
Type : Router
Ls id : 10.0.5.5
Adv rtr : 10.0.5.5
Ls age : 621
Len : 48
Options : ABR VIRTUAL E
seq# : 80000004
chksum : 0x3530
Link count: 2
* Link ID: 10.0.3.3
Data : 10.0.35.5
Link Type: P-2-P
Metric : 1562
* Link ID: 10.0.35.0
Data : 255.255.255.0
Link Type: StubNet
Metric : 1562
Priority : Low
可以看到这条LSA中描述了网络10.0.5.0/24,所以在R3上就有了这条路由。而从区域1中学习到的这条第一类LSA仅描述了R3和R5的互联网段。
查看R5的LSDB。
[R5]display ospf lsdb
OSPF Process 1 with Router ID 10.0.5.5
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 577 48 80000005 0
Router 10.0.3.3 10.0.3.3 577 72 80000008 0
Router 10.0.2.2 10.0.2.2 401 60 80000006 0
Sum-Net 10.0.35.0 10.0.5.5 45 28 80000002 1562
Sum-Net 10.0.35.0 10.0.3.3 312 28 80000002 1562
Sum-Net 10.0.12.0 10.0.2.2 606 28 80000002 1562
Sum-Net 10.0.1.0 10.0.2.2 593 28 80000002 1562
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 578 48 80000004 1562
Router 10.0.3.3 10.0.3.3 578 48 80000003 1562
Sum-Net 10.0.12.0 10.0.3.3 313 28 80000002 3124
Sum-Net 10.0.3.0 10.0.3.3 313 28 80000002 0
Sum-Net 10.0.2.0 10.0.3.3 313 28 80000002 1562
Sum-Net 10.0.1.0 10.0.3.3 313 28 80000002 3124
Sum-Net 10.0.5.0 10.0.5.5 46 28 80000002 0
Sum-Net 10.0.23.0 10.0.3.3 313 28 80000002 1562
可以发现和R3的LSDB是一样的。建立的虚电路以后,R3和R5均有接口属于区域0了,所以LSDB是同步的。
步骤五.区域3通过虚电路连接到区域0
在R1和R2上配置虚电路。
[R1]ospf 1
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]vlink-peer 10.0.2.2
[R1-ospf-1-area-0.0.0.2]quit
[R1-ospf-1]quit
[R2]ospf
[R2-ospf-1]area 2
[R2-ospf-1-area-0.0.0.2]vlink-peer 10.0.1.1
[R2-ospf-1-area-0.0.0.2]quit
[R2-ospf-1]quit
查看R4的OSPF路由表。
[R4]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 7 Routes : 7
OSPF routing table status : <Active>
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 1562 D 10.0.14.1 Serial1/0/0
10.0.2.0/24 OSPF 10 3124 D 10.0.14.1 Serial1/0/0
10.0.3.0/24 OSPF 10 4686 D 10.0.14.1 Serial1/0/0
10.0.5.0/24 OSPF 10 6248 D 10.0.14.1 Serial1/0/0
10.0.12.0/24 OSPF 10 3124 D 10.0.14.1 Serial1/0/0
10.0.23.0/24 OSPF 10 4686 D 10.0.14.1 Serial1/0/0
10.0.35.0/24 OSPF 10 6248 D 10.0.14.1 Serial1/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
发现该路由器已拥有了全网路由。
测试网络的连通性。
[R4]ping -c 1 10.0.5.5
PING 10.0.5.5: 56 data bytes, press CTRL_C to break
Reply from 10.0.5.5: bytes=56 Sequence=1 ttl=252 time=132 ms
--- 10.0.5.5 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 132/132/132 ms
查看R1的LSDB。
[R1]display ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.5.5 10.0.5.5 419 48 80000006 0
Router 10.0.3.3 10.0.3.3 418 72 80000009 0
Router 10.0.2.2 10.0.2.2 232 72 8000000A 0
Router 10.0.1.1 10.0.1.1 233 36 80000001 1562
Sum-Net 10.0.35.0 10.0.3.3 151 28 80000003 1562
Sum-Net 10.0.35.0 10.0.5.5 1687 28 80000002 1562
Sum-Net 10.0.14.0 10.0.1.1 291 28 80000001 1562
Sum-Net 10.0.12.0 10.0.1.1 291 28 80000001 1562
Sum-Net 10.0.12.0 10.0.2.2 444 28 80000003 1562
Sum-Net 10.0.1.0 10.0.1.1 291 28 80000001 0
Sum-Net 10.0.1.0 10.0.2.2 430 28 80000003 1562
Sum-Net 10.0.4.0 10.0.1.1 291 28 80000001 1562
Area: 0.0.0.2
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 235 48 80000005 1562
Router 10.0.1.1 10.0.1.1 234 60 80000009 0
Sum-Net 10.0.35.0 10.0.2.2 151 28 80000003 3124
Sum-Net 10.0.14.0 10.0.1.1 291 28 80000001 1562
Sum-Net 10.0.3.0 10.0.2.2 234 28 80000003 1562
Sum-Net 10.0.2.0 10.0.2.2 443 28 80000003 0
Sum-Net 10.0.5.0 10.0.2.2 402 28 80000002 3124
Sum-Net 10.0.4.0 10.0.1.1 292 28 80000001 1562
Sum-Net 10.0.23.0 10.0.2.2 286 28 80000003 1562
Area: 0.0.0.3
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.4.4 10.0.4.4 1193 60 80000005 0
Router 10.0.1.1 10.0.1.1 292 48 80000004 1562
Sum-Net 10.0.35.0 10.0.1.1 292 28 80000001 4686
Sum-Net 10.0.12.0 10.0.1.1 294 28 80000001 1562
Sum-Net 10.0.3.0 10.0.1.1 294 28 80000001 3124
Sum-Net 10.0.2.0 10.0.1.1 294 28 80000001 1562
Sum-Net 10.0.1.0 10.0.1.1 294 28 80000001 0
Sum-Net 10.0.5.0 10.0.1.1 294 28 80000001 4686
Sum-Net 10.0.23.0 10.0.1.1 294 28 80000001 3124
由于创建了虚电路,R1中有了区域0的LSA,这样区域0和区域3就可以直接交互路由信息了。R1把区域0中的路由信息以第三类LSA的形式通告进了区域3。
查看R4的LSDB。
[R4]display ospf lsdb
OSPF Process 1 with Router ID 10.0.4.4
Link State Database
Area: 0.0.0.3
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.4.4 10.0.4.4 1303 60 80000005 0
Router 10.0.1.1 10.0.1.1 404 48 80000004 1562
Sum-Net 10.0.35.0 10.0.1.1 404 28 80000001 4686
Sum-Net 10.0.12.0 10.0.1.1 404 28 80000001 1562
Sum-Net 10.0.3.0 10.0.1.1 404 28 80000001 3124
Sum-Net 10.0.2.0 10.0.1.1 404 28 80000001 1562
Sum-Net 10.0.1.0 10.0.1.1 405 28 80000001 0
Sum-Net 10.0.5.0 10.0.1.1 405 28 80000001 4686
Sum-Net 10.0.23.0 10.0.1.1 405 28 80000001 3124
可以看到该路由器学习到了R1发布的第三类LSA。
R4有其他区域的路由。
步骤六.配置区域之间的路由过滤
控制10.0.4.0/24网段的路由信息的发布。使R1可以学到该路由,但R2、R3、R5学不到这条路由。
设置一个访问控制列表。
[R1]acl number 2000
[R1-acl-basic-2000]rule deny source 10.0.4.0 0.0.0.255
[R1-acl-basic-2000]rule permit
[R1-acl-basic-2000]permit
R1配置针对类型3的LSA的过滤,配置在区域3向其他区域发送更新时进行过滤。
[R1]ospf 1
[R1-ospf-1]area 3
[R1-ospf-1-area-0.0.0.3]filter 2000 export
[R1-ospf-1-area-0.0.0.3]quit
[R1-ospf-1]quit
在R2上查看路由信息过滤的情况。
[R2]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5
OSPF routing table status : <Active>
Destinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 OSPF 10 1562 D 10.0.12.1 Serial1/0/0
10.0.3.0/24 OSPF 10 1562 D 10.0.23.3 Serial2/0/0
10.0.5.0/24 OSPF 10 3124 D 10.0.23.3 Serial2/0/0
10.0.14.0/24 OSPF 10 3124 D 10.0.12.1 Serial1/0/0
10.0.35.0/24 OSPF 10 3124 D 10.0.23.3 Serial2/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
R2已经学习不到路由10.0.4.0/24了。
此时R1的路由表中仍然有该条目。因为R1和R4是同一个区域的,R4通过第一类LSA把该路由通告给R1。
[R1]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 6 Routes : 6
OSPF routing table status : <Active>
Destinations : 6 Routes : 6
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.2.0/24 OSPF 10 1562 D 10.0.12.2 Serial1/0/0
10.0.3.0/24 OSPF 10 3124 D 10.0.12.2 Serial1/0/0
10.0.4.0/24 OSPF 10 1562 D 10.0.14.4 Serial3/0/0
10.0.5.0/24 OSPF 10 4686 D 10.0.12.2 Serial1/0/0
10.0.23.0/24 OSPF 10 3124 D 10.0.12.2 Serial1/0/0
10.0.35.0/24 OSPF 10 4686 D 10.0.12.2 Serial1/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
附加实验: 思考并验证
OSPF协议中为什么区域0必须连续?从当前的OSPF设计的角度来看,是否可以对类型1和类型2的LSA进行过滤?
最终设备配置
<R1>display current-configuration
[V200R007C00SPC600]
#
sysname R1
#
acl number 2000
rule 5 deny source 10.0.4.0 0.0.0.255
rule 10 permit
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.12.1 255.255.255.0
#
interface Serial3/0/0
link-protocol ppp
ip address 10.0.14.1 255.255.255.0
#
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.1.1
area 0.0.0.0
area 0.0.0.2
network 10.0.1.1 0.0.0.0
network 10.0.12.1 0.0.0.0
vlink-peer 10.0.2.2
area 0.0.0.3
filter 2000 export
network 10.0.14.1 0.0.0.0
#
return
<R2>display current-configuration
[V200R007C00SPC600]
#
sysname R2
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.12.2 255.255.255.0
#
interface Serial2/0/0
link-protocol ppp
ip address 10.0.23.2 255.255.255.0
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.2.2
area 0.0.0.0
network 10.0.23.2 0.0.0.0
network 10.0.2.2 0.0.0.0
area 0.0.0.2
network 10.0.12.2 0.0.0.0
vlink-peer 10.0.1.1
#
return
<R3>display current-configuration
[V200R007C00SPC600]
#
sysname R3
#
interface Serial2/0/0
link-protocol ppp
ip address 10.0.23.3 255.255.255.0
#
interface Serial3/0/0
link-protocol ppp
ip address 10.0.35.3 255.255.255.0
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.3.3
area 0.0.0.0
network 10.0.3.3 0.0.0.0
network 10.0.23.3 0.0.0.0
area 0.0.0.1
network 10.0.35.3 0.0.0.0
vlink-peer 10.0.5.5
#
return
<R4>display current-configuration
[V200R007C00SPC600]
#
sysname R4
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.14.4 255.255.255.0
#
interface LoopBack0
ip address 10.0.4.4 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.4.4
area 0.0.0.3
network 10.0.14.4 0.0.0.0
network 10.0.4.4 0.0.0.0
#
return
<R5>display current-configuration
[V200R007C00SPC600]
#
sysname R5
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.35.5 255.255.255.0
#
interface LoopBack0
ip address 10.0.5.5 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.5.5
area 0.0.0.0
network 10.0.5.5 0.0.0.0
area 0.0.0.1
network 10.0.35.5 0.0.0.0
vlink-peer 10.0.3.3
#
return