OSPF综合实验

一.实验要求：

1、R4为ISP，其上只能配置IP地址；R4与其它所有直连设备间使用公有IP；
2、R3——R5/6/7为MGRE环境，R3为中心站点；
3、整个OSPF环境IP地址为172.16.0.0/16；
4、所有设备均可访问R4的环回；
5、减少LSA的更新量，加快收敛，保证更新安全；
6、全网可达。

二.拓扑图

三.IP规划

四、IP地址规划：
area1:
172.16.32.0/21
172.16.40.0/21
172.16.48.0/21
172.16.56.0/21
area 0:
172.16.64.0/21
172.16.72.0/21
172.16.80.0/21
172.16.88.0/21
area 2
172.16.96.0/21
172.16.104.0/21
172.16.112.0/21
area 3:
172.16.128.0/21
172.16.136.0/21
172.16.144.0/21
area 4:
172.16.160.0/21
172.16.168.0/21
172.16.176.0/21
eigrp :
172.16.192.0/20
172.16.208.0/20

四.配置

R1:

R2:

R3:

R4:

R5:

R6:

R7:

R8:

R9:

R10:

R11:

R12:

五.打隧道

R3作为中心站点，R5/6/7作为分支站点

R3:
interface Tunnel 0/0/0
ip address 172.16.64.1 255.255.248.0
tunnel-protocol gre p2mp
source 34.1.1.1
nhrp entry multicast dynamic
nhrp network-id 100

R5:
interface Tunnel 0/0/0
ip address 172.16.64.2 255.255.248.0
tunnel-protocol gre p2mp
source 45.1.1.1
nhrp entry 172.16.64.1 34.1.1.1 register
nhrp network-id 100
R6:
interface Tunnel 0/0/0
ip address 172.16.64.3 255.255.248.0
tunnel-protocol gre p2mp
source g0/0/2
nhrp entry 172.16.64.1 34.1.1.1 register
nhrp network-id 100
R7:
interface Tunnel 0/0/0
ip address 172.16.64.4 255.255.248.0
tunnel-protocol gre p2mp
source 47.1.1.1
nhrp entry 172.16.64.1 34.1.1.1 register
nhrp network-id 100

六.宣告OSPF

给各个网段宣告OSPF，并将ospf在MGRE环境下的工作模式设置成广播模式，然后人工干涉选举DR
R1:
ospf 1 router-id 1.1.1.1
area 1
network 172.16.0.0 0.0.255.255

R2:
ospf 1 router-id 2.2.2.2
area 1
network 172.16.0.0 0.0.255.255

R3:
ospf 1 router-id 3.3.3.3
area 1
network 172.16.40.3 0.0.0.0
network 172.16.56.1 0.0.0.0
area 0
network 172.16.64.1 0.0.0.0
interface Tunnel 0/0/0
ospf network-type broadcast

R5:
ospf 1 router-id 5.5.5.5
area 0
network 172.16.0.0 0.0.255.255
interface Tunnel 0/0/0
ospf network-type broadcast
ospf dr-priority 0

R6:
ospf 1 router-id 6.6.6.6
area 0
network 172.16.64.3 0.0.0.0
network 172.16.80.1 0.0.0.0
area 2
network 172.16.96.1 0.0.0.0
interface Tunnel 0/0/0
ospf network-type broadcast
ospf dr-priority 0

R7:
ospf 1 router-id 7.7.7.7
area 0
network 172.16.64.4 0.0.0.0
network 172.16.88.1 0.0.0.0
area 3
network 172.16.128.1 0.0.0.0
interface Tunnel 0/0/0
ospf network-type broadcast
ospf dr-priority 0

R8:
ospf 1 router-id 8.8.8.8
area 3
network 172.16.0.0 0.0.255.255

R9:
ospf 1 router-id 9.9.9.9
area 3
network 172.16.144.2 0.0.0.0
ospf 2
area 4
network 172.16.160.1 0.0.0.0
network 172.16.168.1 0.0.0.0

R10:
ospf 1 router-id 10.10.10.10
area 4
network 172.16.0.0 0.0.255.255

R11:
ospf 1 router-id 11.11.11.11
area 2
network 172.16.0.0 0.0.255.255

R12:
ospf 1 router-id 12.12.12.12
area 2
network 172.16.112.2 0.0.0.0
rip 1
ver 2
network 172.16.0.0
ospf 1
import-route rip 1

重发布将不规则区域打通：
r9
ospf 1
import-route ospf 2

七.手工汇总

尽量减少骨干区域0的LSA更新量
r3
ospf 1
area 1
abr-summary 172.16.32.0 255.255.224.0
r6
ospf 1
area 2
abr-summary 172.16.96.0 255.255.224.0
r7
ospf 1
area 3
abr-summary 172.16.128.0 255.255.224.0
r12
ospf 1
asbr-summary172.16.192.0 255.255.224.0
r9
ospf 1
abr-summary 172.16.160.0 255.255.224.0

八、设置末梢区域与NSSA

区域1
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]stub
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]stub
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]stub
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]stub no-summary
区域2
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.1]nssa
[r11-ospf-1]area 2
[r11-ospf-1-area-0.0.0.1]nssa
[r12-ospf-1]area 2
[r12-ospf-1-area-0.0.0.1]nssa
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.1]nssa no-summary
区域3
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.1]nssa
[r8-ospf-1]area 3
[r8-ospf-1-area-0.0.0.1]nssa
[r9-ospf-1]area 3
[r9-ospf-1-area-0.0.0.1]nssa
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.1]nssa no-summary

九.配置nat

在r3/6/7上配置，在和ISP相连的接口上进行调用，与公网之间全网可达
acl 2000
rule permit source 172.16.0.0 0.0.255.255
int g0/0/0
nat outbound 2000