实验拓扑:
实验思路:
1.规划IP,配置环回,接口IP
2.把R1,R2优先级改为0,让R1、R2放弃选举,
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ospf dr-priority 0
<r1>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
注:若参选接口的优先级为0,表示退出选举,无需重启进程;
[r2]interface Eth0/0/0
[r2-Ethernet0/0/0]ospf dr-priority 2
3.在R4边界路由器上的OSPF协议中设置缺省路由,完成全网可达
[r4]ospf 1
[r4-ospf-1]default-route-advertise always
4.在ABR路由器上设置区域汇总,空接口防环
[r3]ospf 1
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 255.255.255.128
在ABR路由器上做一个空行接口------目的:防止环路
[r3]ip route-static 192.168.1.0 25 NULL 0
ABR -- 区域边界路由器
5.保障更新安全,在R1R2R3骨干接口上设置认证
[r1]interface GigabitEthernet0/0/1
[r1-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
- 认证 --直连邻居的接口加密即可,两端需要一致
[r1]interface GigabitEthernet0/0/1
[r1-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
邻居间的秘钥编号与密码均需一致
R1:
[Huawei]sysname r1
[r1]interface LoopBack 0
[r1-LoopBack0]ip address 192.168.1.33 27
[r1-LoopBack0]q
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.1 27
Jun 3 2024 15:12:02-08:00 r1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[r1-GigabitEthernet0/0/0]
[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
Jun 3 2024 15:55:22-08:00 r1 %%01OSPF/4/NBR_CHANGE_E(l)[0]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.1.168.192, Neighb
orEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
[r1-ospf-1-area-0.0.0.0]
Jun 3 2024 15:55:26-08:00 r1 %%01OSPF/4/NBR_CHANGE_E(l)[1]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.1.168.192, Neighb
orEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=ExStart)
[r1-ospf-1-area-0.0.0.0]
Jun 3 2024 15:55:26-08:00 r1 %%01OSPF/4/NBR_CHANGE_E(l)[2]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.1.168.192, Neighb
orEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exc
hange)
[r1-ospf-1-area-0.0.0.0]
Jun 3 2024 15:55:26-08:00 r1 %%01OSPF/4/NBR_CHANGE_E(l)[3]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.1.168.192, Neighb
orEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loadi
ng)
[r1-ospf-1-area-0.0.0.0]
Jun 3 2024 15:55:26-08:00 r1 %%01OSPF/4/NBR_CHANGE_E(l)[4]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.1.168.192, Neighb
orEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
[r1-ospf-1-area-0.0.0.0]
放弃选举DR
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ospf dr-priority 0
在接口上进行加密
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456R2:
[r2]interface g0/0/0
[r2-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r2-GigabitEthernet0/0/0]
R3:
[r3]display ospf peer
OSPF Process 1 with Router ID 3.3.3.3
Neighbors
Area 0.0.0.0 interface 192.168.1.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1
State: Full Mode:Nbr is Slave Priority: 1
DR: 192.168.1.1 BDR: 192.168.1.2 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 0
Neighbor is up for 00:03:19
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2
State: Full Mode:Nbr is Slave Priority: 1
DR: 192.168.1.1 BDR: 192.168.1.2 MTU: 0
Dead timer due in 30 sec
Retrans timer interval: 5
Neighbor is up for 00:03:19
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 192.168.1.129(GigabitEthernet0/0/1)'s neighbors
Router ID: 4.4.4.4 Address: 192.168.1.130
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.1.129 BDR: 192.168.1.130 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:01:40
Authentication Sequence: [ 0 ]
[r3]display ospf peer brief
OSPF Process 1 with Router ID 3.3.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full
0.0.0.1 GigabitEthernet0/0/1 4.4.4.4 Full
----------------------------------------------------------------------------
手工汇总
[r3]ospf 1
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 255.255.255.128
[r3-ospf-1-area-0.0.0.0]display ospf peer
OSPF Process 1 with Router ID 3.3.3.3
Neighbors
Area 0.0.0.0 interface 192.168.1.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 37 sec
Retrans timer interval: 4
Neighbor is up for 00:14:45
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 29 sec
Retrans timer interval: 5
Neighbor is up for 00:14:17
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 192.168.1.129(GigabitEthernet0/0/1)'s neighbors
Router ID: 4.4.4.4 Address: 192.168.1.130
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.1.129 BDR: 192.168.1.130 MTU: 0
Dead timer due in 36 sec
Retrans timer interval: 5
Neighbor is up for 00:23:29
Authentication Sequence: [ 0 ]
[r3-ospf-1-area-0.0.0.0]display ospf peer brief
OSPF Process 1 with Router ID 3.3.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 1.1.1.1 Full
0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full
0.0.0.1 GigabitEthernet0/0/1 4.4.4.4 Full
----------------------------------------------------------------------------
[r3-ospf-1-area-0.0.0.0]
在ABR路由器上做一个空行接口------目的:防止环路
[r3]ip route-static 192.168.1.0 25 NULL 0
[r3]interface g0/0/0
[r3-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r3-GigabitEthernet0/0/0]
R4:
[Huawei]sysname r4
[r4]interface g0/0/0
[r4-GigabitEthernet0/0/0]ip address 192.168.1.130 25
[r4]interface LoopBack 0
[r4-LoopBack0]ip address 4.4.4.4 24
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 1
[r4-ospf-1-area-0.0.0.1]network 192.168.1.130 0.0.0.0
[r4-ospf-1-area-0.0.0.1]
[r4-ospf-1-area-0.0.0.1]ping 192.168.1.33
PING 192.168.1.33: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.33: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 192.168.1.33: bytes=56 Sequence=2 ttl=254 time=70 ms
Reply from 192.168.1.33: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 192.168.1.33: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 192.168.1.33: bytes=56 Sequence=5 ttl=254 time=30 ms
[r4]display ospf peer
OSPF Process 1 with Router ID 4.4.4.4
Neighbors
Area 0.0.0.1 interface 192.168.1.130(GigabitEthernet0/0/0)'s neighbors
Router ID: 3.3.3.3 Address: 192.168.1.129
State: Full Mode:Nbr is Slave Priority: 1
DR: 192.168.1.129 BDR: 192.168.1.130 MTU: 0
Dead timer due in 40 sec
Retrans timer interval: 5
Neighbor is up for 00:25:59
Authentication Sequence: [ 0 ]
[r4]display ospf peer b
[r4]display ospf peer brief
OSPF Process 1 with Router ID 4.4.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/0 3.3.3.3 Full
----------------------------------------------------------------------------
边界路由器设置缺省路由
[r4]ospf 1
[r4-ospf-1]default-route-advertise always
[r4-ospf-1]
