首先划分区域,将ospf 110区域划分为六块 ,然后再往下分小网段,如图所示
配置ospf 100 区域(ip环回都已提前配置好),这里以r3为例
[r3]ospf 100 rou
[r3]ospf 100 router-id 3.3.3.3
[[3-ospf-100]area 0
[r3-ospf-100-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[r3-ospf-100-area-0.0.0.0]network 192.168.1.3 0.0.0.0
连接外网
[r3]ip route-static 0.0.0.0 0 34.1.1.2
[r3]ospf 100
[r3-ospf-100]default-route-advertise[r3]acl 2000
[r3-acl-basic-2000]rule permit source any[r3-GigabitEthernet0/0/1]nat outbound 2000
测试是否可通
配置ospf 110区域 (ip地址与环回已配置)
对r5, r8, r9, r12进行tunal口的隧道配置
这里以r8为例
[r8]interface Tunnel 0/0/0
[r8-Tunnel0/0/0]tunnel-protocol gre p2mp
[r8-Tunnel0/0/0]source 172.16.8.2
[r8-Tunnel0/0/0]nhrp entry 10.1.1.1 172.16.1.1 register
[r8-Tunnel0/0/0]nhrp network-id 100
[r8-Tunnel0/0/0]ip add 10.1.1.2 24
[r8]ip route-static 172.16.0.0 21 172.16.8.1
[r8]ip route-static 172.16.24.0 21 172.16.8.1
[r8]ip route-static 172.16.16.0 21 172.16.8.1
配置完之后,4个隧道互相通就可以了,我们测试一下
然后给ospf 110区域的路由配上ospf协议(这里以r5为例 )
[r5]ospf 110 router-id 5.5.5.5
[r5-ospf-110]area 0
[r5-ospf-110-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[r5-ospf-110-area-0.0.0.0]network 10.1.1.1 0.0.0.0
不规则区域
[r16]ospf 120 router-id 16.15.16.15
[r16-ospf-120]area 5
[r16-ospf-120-area-0.0.0.5]network 172.16.160.1 0.0.0.0
[r16-ospf-120-area-0.0.0.5]network 172.16.168.1 0.0.0.0
[r16-ospf-120-area-0.0.0.5][r16-ospf-120]import-route ospf 110
[r16-ospf-120]q
[r16]ospf 110
[r16-ospf-110]import-route ospf 120
[r8-ospf-110]area 1
[r8-ospf-110-area-0.0.0.1]nssa
Jan 2 2023 21:20:25-08:00 r8 %%01OSPF/3/NBR_CHG_DOWN(l)[0]:Neighbor event:neigh
bor state changed to Down. (ProcessId=28160, NeighborAddress=15.15.15.15, Neighb
orEvent=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down)
[r8-ospf-110-area-0.0.0.1]
Jan 2 2023 21:20:25-08:00 r8 %%01OSPF/3/NBR_DOWN_REASON(l)[1]:Neighbor state le
aves full or changed to Down. (ProcessId=28160, NeighborRouterId=15.15.15.15, Ne
ighborAreaId=16777216, NeighborInterface=GigabitEthernet0/0/1,NeighborDownImmedi
ate reason=Neighbor Down Due to Kill Neighbor, NeighborDownPrimeReason=Hello Not
Seen, NeighborChangeTime=2023-01-02 21:20:25-08:00)
[r8-ospf-110-area-0.0.0.1]
[r9-ospf-110-area-0.0.0.2]vlink-peer 10.10.10.10
[r10-ospf-110-area-0.0.0.2]vlink-peer 9.9.9.9
做nassa区域(这里以area1区域为例,其他区域同理)
[r8-ospf-110-area-0.0.0.1]nssa
[r16-ospf-110-area-0.0.0.1]nssa
[r15-ospf-110-area-0.0.0.1]nssa
[r8-ospf-110-area-0.0.0.1]nssa no-summary
在ABR骨干区域上做汇总,这里以r16为例
[r16-ospf-110]asbr-summary 172.16.160.0 255.255.224.0
做接口认证提高全安全性
[r13-ospf-110-area-0.0.0.3]authentication-mode simple cipher 123
连接外网
[r5]ospf 110
[r5-ospf-110]default-route-advertiser5]acl 2000
[r5-acl-basic-2000]rule permit source any
[r5-acl-basic-2000]q
[r5]int g0/0/0
[r5-GigabitEthernet0/0/0]nat outbound 2000
r3 r5建立隧道
r3]int
[r3]interface tun
[r3]interface Tunnel 0/0/1
[r3-Tunnel0/0/1]tun
[r3-Tunnel0/0/1]tunnel-protocol g
[r3-Tunnel0/0/1]tunnel-protocol gre
[r3-Tunnel0/0/1]source 34.1.1.1
[r3-Tunnel0/0/1]ip add 11.1.1.1 24
[r3-Tunnel0/0/1]description 56.1.1.2
[r5]interface Tunnel 0/0/1
[r5-Tunnel0/0/1]tunnel-protocol gre
[r5-Tunnel0/0/1]source 56.1.1.2
[r5-Tunnel0/0/1]description 34.1.1.1
[r5-Tunnel0/0/1]ip add 11.1.1.2 24