Configuring OSPF Special Area Types
Types of Areas
Stub and Totally Stub Area Rules
Hello 1,hello
2,area
3,atuh
4stub标识
作用 是否下放默认路由
Stub 过滤LSA4/5 是(LSA3)Seed cost =1
Totally Stub 过滤LSA3//4/5 是(LSA3)Seed cost =1
NSSA 过滤LSA4/5 否(default:LSA7)Cost 1
Totally NSSA 过滤LSA3/4/5 是 (no-summary)Cost=1
1,stub区域
R4#show ip ospf database
OSPF Router with ID (4.4.4.4) (Process ID 110)
Router Link States (Area 1)【LSA1】
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 1316 0x80000003 0x0066E4 2
4.4.4.4 4.4.4.4 1320 0x80000005 0x00BD61 3
Summary Net Link States (Area 1)【LSA3】
Link ID ADV Router Age Seq# Checksum
1.1.1.1 2.2.2.2 1240 0x80000001 0x00AB44
2.2.2.2 2.2.2.2 1388 0x80000001 0x00FA31
3.3.3.3 2.2.2.2 708 0x80000001 0x00D1D5
12.1.1.0 2.2.2.2 1398 0x80000001 0x001CCA
13.1.1.0 2.2.2.2 1250 0x80000001 0x009114
Summary ASB Link States (Area 1)【LSA4】
Link ID ADV Router Age Seq# Checksum
3.3.3.3 2.2.2.2 723 0x80000001 0x00B9ED
Type-5 AS External Link States【LSA5】
Link ID ADV Router Age Seq# Checksum Tag
5.0.0.0 3.3.3.3 730 0x80000001 0x004C43 0
35.1.1.0 3.3.3.3 730 0x80000001 0x00ADC1 0把area1配置成sub,区域中所有路由器都要起sub
R4(config)#router ospf 110
R4(config-router)#area 1 stub R2(config)#router ospf 110
R2(config-router)#area 1 stub
E2路由没有了,产生一条默认路由指向R2。
O*IA 0.0.0.0/0 [110/65] via 24.1.1.2, 00:01:03, Serial2/0
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 24.1.1.2, 00:01:03, Serial2/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 24.1.1.2, 00:01:03, Serial2/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/193] via 24.1.1.2, 00:01:03, Serial2/0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 24.1.1.2, 00:01:03, Serial2/0
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/192] via 24.1.1.2, 00:01:03, Serial2/0
LSA4 和LSA5都被过滤了
R4#show ip ospf database
OSPF Router with ID (4.4.4.4) (Process ID 110)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 41 0x80000006 0x007ECB 2
4.4.4.4 4.4.4.4 194 0x80000007 0x00D747 3
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 2.2.2.2 196 0x80000001 0x0075C0
1.1.1.1 2.2.2.2 196 0x80000002 0x00C729
2.2.2.2 2.2.2.2 41 0x80000003 0x001517
3.3.3.3 2.2.2.2 196 0x80000002 0x00EDBA
12.1.1.0 2.2.2.2 41 0x80000003 0x0036B0
13.1.1.0 2.2.2.2 196 0x80000002 0x00ADF8下放3类默认路由,
使用Stub区域
配置Stub区域
修改默认cost值
R2(config-router)#area 1 default-cost 5cost 值变为69,64+5
O*IA 0.0.0.0/0 [110/69] via 24.1.1.2, 00:00:06, Serial2/0
2,Totally Stub
只在ABR上配置
R2(config-router)#area 1 stub no-summary只剩下一条默认ospf路由
R4#show ip route ospf
O*IA 0.0.0.0/0 [110/69] via 24.1.1.2, 00:01:09, Serial2
使用完全末节区域
配置末节区域
3,NSSA(Not-So-Stubby Areas)完全非末节区域
NSSA过滤左边的LSA5,R1会把LSA7转来LSA5
R1 上的路由
R1#show ip route | i E2
E1 - OSPF external type 1, E2 - OSPF external type 2
O E2 5.0.0.0/8 [110/20] via 13.1.1.3, 00:28:33, Serial2/0
O E2 35.1.1.0 [110/20] via 13.1.1.3, 00:28:53, Serial2/0
O E2 44.4.4.0 [110/20] via 12.1.1.2, 00:00:09, Serial2/1
将area2配置成NSSA区域,R1和R2上都需要配置
R1(config-router)#area 2 nssa
R3(config-router)#area 2 nssa
R3上没有44.4.4.0/24的路由,必须手工配置 ,在R1上配置。
R3#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/65] via 13.1.1.1, 00:01:37, Serial2/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 13.1.1.1, 00:01:37, Serial2/1
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/193] via 13.1.1.1, 00:01:37, Serial2/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 13.1.1.1, 00:01:37, Serial2/1
24.0.0.0/24 is subnetted, 1 subnets
O IA 24.1.1.0 [110/192] via 13.1.1.1, 00:01:37, Serial2/1
在R1上配置,下放默认路由(nssa第一个选项)
R1(config-router)#area 2 nssa default-information-originate
R3上多了一条N2默认路由
R3#show ip route ospf
O*N2 0.0.0.0/0 [110/1] via 13.1.1.1, 00:01:59, Serial2/1
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/65] via 13.1.1.1, 00:05:44, Serial2/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 13.1.1.1, 00:05:44, Serial2/1
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/193] via 13.1.1.1, 00:05:44, Serial2/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 13.1.1.1, 00:05:44, Serial2/1
24.0.0.0/24 is subnetted, 1 subnets
O IA 24.1.1.0 [110/192] via 13.1.1.1, 00:05:44, Serial2/1
LSA7存在某个区域,LSA5不属于任何区域
R3#show ip ospf database
OSPF Router with ID (3.3.3.3) (Process ID 110)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 501 0x80000004 0x00E084 2
3.3.3.3 3.3.3.3 497 0x80000005 0x00D26B 3
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
1.1.1.1 1.1.1.1 526 0x80000003 0x00E843
2.2.2.2 1.1.1.1 526 0x80000003 0x003DAA
4.4.4.4 1.1.1.1 526 0x80000002 0x00653B
12.1.1.0 1.1.1.1 526 0x80000003 0x00DB07
24.1.1.0 1.1.1.1 526 0x80000003 0x00C1D4
Type-7 AS External Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 1.1.1.1 264 0x80000001 0x00EEBE 0
5.0.0.0 3.3.3.3 502 0x80000001 0x004E2B 0
35.1.1.0 3.3.3.3 502 0x80000001 0x00AFA9 0
R3能访问44.4.4.0/24网段
R3#ping 44.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 44.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 26/26/27 ms
R4上有ripRIP上所的的路由信息
R4#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 24.1.1.2, 00:19:00, Serial2/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 24.1.1.2, 00:19:00, Serial2/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/193] via 24.1.1.2, 00:12:38, Serial2/0
O E2 5.0.0.0/8 [110/20] via 24.1.1.2, 00:12:37, Serial2/0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 24.1.1.2, 00:19:00, Serial2/0
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/192] via 24.1.1.2, 00:19:00, Serial2/0
35.0.0.0/24 is subnetted, 1 subnets
O E2 35.1.1.0 [110/20] via 24.1.1.2, 00:12:37, Serial2/0
R1即是ABR,也是ASBR,
ASBR能够产生LSA5的路由器,就是ASBR。
R2#show ip ospf border-routers
i 4.4.4.4 [64] via 24.1.1.4, Serial2/1, ASBR, Area 1, SPF 7
i 1.1.1.1 [64] via 12.1.1.1, Serial2/0, ABR/ASBR, Area 0, SPF 64,Totally NSSA
(nssa第二个选项)
过滤LSA3/4/5,并产生3类默认路由
R1(config-router)#area 2 nssa no-summary
3类默认路由
R3#show ip route ospf
O*IA 0.0.0.0/0 [110/65] via 13.1.1.1, 00:01:32, Serial2/1
在R1上增加一个外部
R4有100.1.1.0/24的路由
R4#ping 100.1.1.1
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 24.1.1.2, 01:02:39, Serial2/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 24.1.1.2, 01:02:39, Serial2/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/193] via 24.1.1.2, 00:56:17, Serial2/0
O E2 5.0.0.0/8 [110/20] via 24.1.1.2, 00:56:16, Serial2/0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 24.1.1.2, 01:02:39, Serial2/0
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/192] via 24.1.1.2, 01:02:39, Serial2/0
35.0.0.0/24 is subnetted, 1 subnets
O E2 35.1.1.0 [110/20] via 24.1.1.2, 00:56:16, Serial2/0
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 24.1.1.2, 00:18:20, Serial2/0R3上有100.1.1.0/24的路由,可以过滤掉。
R3#show ip route ospf
O*IA 0.0.0.0/0 [110/65] via 13.1.1.1, 00:12:45, Serial2/1
100.0.0.0/24 is subnetted, 1 subnets
O N2 100.1.1.0 [110/20] via 13.1.1.1, 00:06:19, Serial2/11, 00:02:07, Serial2/1
过滤命令
nssa 第三个选项
area 2 nssa no-redistribution default-information-originate no-summary
redistribute rip subnets
R3#show ip route ospf
O*IA 0.0.0.0/0 [110/65] via 13.1.1.1, 00:01:17, Serial2/1最好的,no-redistribution no-summary
——————————————————————————————————————————————————————
虚链路,不规则区域
三种解决方案
1,多进程双向重分布
R3能否学到R5环回口的路由?可以学到。
R1能否学到R5环回口的路由?不能学到。
R3开两个ospf进程,把左右两边的路由重分布到各自的进行中。
R3#show run | b r o
router ospf 110
router-id 3.3.3.3
redistribute ospf 100 subnets
network 3.3.3.0 0.0.0.255 area 2
network 13.1.1.0 0.0.0.255 area 2
!
router ospf 100
router-id 3.3.3.33
redistribute ospf 110 subnets
network 35.1.1.0 0.0.0.255 area 3
!
ip forward-protocol ndR5#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/65] via 35.1.1.3, 00:01:18, Serial2/1
2.0.0.0/32 is subnetted, 1 subnets
O E2 2.2.2.2 [110/129] via 35.1.1.3, 00:01:18, Serial2/1
3.0.0.0/24 is subnetted, 1 subnets
O E2 3.3.3.0 [110/1] via 35.1.1.3, 00:01:18, Serial2/1
4.0.0.0/32 is subnetted, 1 subnets
O E2 4.4.4.4 [110/193] via 35.1.1.3, 00:01:18, Serial2/1
12.0.0.0/24 is subnetted, 1 subnets
O E2 12.1.1.0 [110/128] via 35.1.1.3, 00:01:18, Serial2/1
13.0.0.0/24 is subnetted, 1 subnets
O E2 13.1.1.0 [110/64] via 35.1.1.3, 00:01:18, Serial2/1
24.0.0.0/24 is subnetted, 1 subnets
O E2 24.1.1.0 [110/192] via 35.1.1.3, 00:01:18, Serial2/1
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 35.1.1.3, 00:01:18, Serial2/1
R4#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 24.1.1.2, 00:15:53, Serial2/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 24.1.1.2, 00:15:53, Serial2/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/193] via 24.1.1.2, 00:15:53, Serial2/0
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/65] via 24.1.1.2, 00:02:28, Serial2/0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 24.1.1.2, 00:15:53, Serial2/0
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/192] via 24.1.1.2, 00:15:53, Serial2/0
35.0.0.0/24 is subnetted, 1 subnets
O E2 35.1.1.0 [110/64] via 24.1.1.2, 00:02:28, Serial2/0
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 24.1.1.2, 00:15:53, Serial2/02.Tunnel
R1上启一个Tunnel1口
R1(config)#interface Tunnel 1
R1(config-if)#tunnel source 13.1.1.1
R1(config-if)#tunnel destination 13.1.1.3
R1(config-if)#ip address 172.16.1.1 255.255.255.0
R1上将172.16.1.0/24通告进area 0
R3上上启一个Tunnel1口
R3(config)#int Tunnel 3
R3(config-if)#tunnel source 13.1.1.3
R3(config-if)#tunnel destination 13.1.1.1
R3(config-if)#ip add 172.16.1.2 255.255.255.0R3上将172.16.1.0/24通告进area 0
R3(config-router)#network 172.16.1.0 0.0.0.255 area 0
查看R5上的路由
R5#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/1065] via 35.1.1.3, 01:52:28, Serial2/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/1129] via 35.1.1.3, 01:52:28, Serial2/1
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/1193] via 35.1.1.3, 01:52:28, Serial2/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/1128] via 35.1.1.3, 01:52:28, Serial2/1
24.0.0.0/24 is subnetted, 1 subnets
O IA 24.1.1.0 [110/1192] via 35.1.1.3, 01:52:28, Serial2/1
172.16.0.0/24 is subnetted, 1 subnets
O IA 172.16.1.0 [110/1064] via 35.1.1.3, 01:52:28, Serial2/1
查看R4上的路由
R4#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 24.1.1.2, 02:22:42, Serial2/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65] via 24.1.1.2, 02:22:42, Serial2/0
5.0.0.0/32 is subnetted, 1 subnets
O IA 5.5.5.5 [110/1193] via 24.1.1.2, 01:50:06, Serial2/0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/128] via 24.1.1.2, 02:22:42, Serial2/0
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/192] via 24.1.1.2, 02:22:42, Serial2/0
35.0.0.0/24 is subnetted, 1 subnets
O IA 35.1.1.0 [110/1192] via 24.1.1.2, 01:50:06, Serial2/0
172.16.0.0/24 is subnetted, 1 subnets
O IA 172.16.1.0 [110/1128] via 24.1.1.2, 01:53:05, Serial2/03 虚链路
配置
R1上在区域2配置虚链路
R1(config-router)#area 2 virtual-link 3.3.3.3R3上在区域2配置虚链路
R3(config-router)#area 2 virtual-link 1.1.1.1
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 0 FULL/ - - 13.1.1.1 OSPF_VL0
1.1.1.1 0 FULL/ - 00:00:38 13.1.1.1 Serial2/1
5.5.5.5 0 FULL/ - 00:00:35 35.1.1.5 Serial2/0
检查虚链路是否起来,关注 Adjacency State FULL (Hello suppressed)
R3#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 1.1.1.1 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 2, via interface Serial2/1
Topology-MTID Cost Disabled Shutdown Topology Name
0 64 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 1/3, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec查看路由表
R5#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/129] via 35.1.1.3, 00:06:23, Serial2/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/193] via 35.1.1.3, 00:06:23, Serial2/1
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/257] via 35.1.1.3, 00:06:23, Serial2/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/192] via 35.1.1.3, 00:06:23, Serial2/1
13.0.0.0/24 is subnetted, 1 subnets
O IA 13.1.1.0 [110/128] via 35.1.1.3, 00:06:33, Serial2/1
24.0.0.0/24 is subnetted, 1 subnets
O IA 24.1.1.0 [110/256] via 35.1.1.3, 00:06:23, Serial2/1
通过Router ID 找直连路由
OSPF Authentication
1,LInk 认证
a,明文
R2和R4
声明密钥
R4(config)#int s2/0
R4(config-if)#ip ospf authentication-key ?
<0-7> Encryption type (0 for not yet encrypted, 7 for proprietary)
LINE The OSPF password (key) (maximum 8 characters)
R4(config-if)#ip ospf authentication-key cisco
使密钥生效
R4(config-if)#ip ospf authentication明文
interface Serial2/0
ip address 24.1.1.4 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco密文
interface Serial2/0
ip address 24.1.1.4 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco2,区域认证
明文
密钥在接口下声明,生效在ospf进行下配置
R4配置
R4(config)#int s2/0
R4(config-if)#ip ospf authentication-key cisco
R4(config-if)#router ospf 110
R4(config-router)#area 1 authentication R2配置
R2(config-if)#int s2/1
R2(config-if)#ip ospf authentication-key cisco
R2(config-if)#router ospf 110
R2(config-router)#area 1 authentication密文
R4配置
R4(config)#int s2/0
R4(config-if)#ip ospf message-digest-key 1 md5 cisco
R4(config-if)#router ospf 110
R4(config-router)#area 1 authentication message-digestR2配置
R2(config)#int s2/1
R2(config-if)#ip ospf message-digest-key 1 md5 cisco
R2(config-if)#router ospf 110
R2(config-router)#area 1 authentication message-digest 3,虚链路认证
明文
R1(config)#router ospf 110
R1(config-router)#area 2 virtual-link 3.3.3.3 authentication-key cisco
R1(config-router)#area 2 virtual-link 3.3.3.3 authentication
密文
R1(config)#router ospf 110
R1(config-router)#area 2 virtual-link 3.3.3.3 message-digest-key 1 md5 cisco
R1(config-router)#area 2 virtual-link 3.3.3.3 authentication message-digestR3 虚链路后做起密钥。在区域0做认证
负载均衡:
R1(config-router)#maximum-paths ?
<1-32> Number of paths
被动接口,不收发OSPF报文
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
