首先先介绍一下 OSPF要点:
路由器在所有启用 ospf进程的接口发送 hello包 OSPF报头是固定的(24字节),LSA也有自己的报头,封装在 OSPF包中
HELLO协议的功能:
建立邻居关系保持邻居关系确定和邻居的双向关系用于 DR和 BDR的选举
路由器建立邻居关系的条件:
Area ID区域号必须相同 Authentication密码必须相同 Hello 和 Dead intervals计时器必须相同 Stub area如果配置成 stub那么 2台邻居路由器必须都要两端都要设置成 Stub
Hello包内包含的字段
发送 Hello包的源路由器 ID 发送 Hello包源路由器接口的地址和掩码路由器优先级,用于 DR选举(默认为 1,0表示不进行 DR选举) DR和 BDR 标记位,stub就是标记在这里对端路由器的 ID,就是 neighbor seen那个字段
网络类型:
Point—to—Point
点对点类型,不进行 dr和 bdr的选举,所有 ospf包的目标地址都是 224.0.0.5(所有 ospf路由器组播地址)
Broardcast
广播网络,如以太网,令牌环网还有 FDDI. 因为是多路访问,一台路由器的发的包能被所有路由器接收。在广播类型网络,要进行 dr和 bdr选举,hello包的目的地址是 224.0.0.5 DR和 BDR的所有数据包也用 224.0.0.5发送 Drother用 224.0.0.6将数据包发给 DR和 BDR
NBMA
NBMA不支持广播,例如,ATM,Fr,X.25 一台路由器发送的一个包不能同时被所有的路由器接收到在这种类型上要进行 DR和 BDR选举
Point—to—multipoint
和点对点类型相似不进行 dr和 bdr选举,数据包用组播传送,因为和点对点类型类似 cisco推荐此种配置
下面介绍一下各种类型的 LSA
| Type Code | LSA | Link-State ID(LSID) |
|---|---|---|
| 1 | Router LSA | 路由器的 ID,每个 ospf路由器都会产生 |
| 2 | Network LSA | DR的接口地址,由 DR和 BDR发送 |
| 3 | Network summary LSA | 目的网络号,由 ABR产生 |
| 4 | ASBR summary LSA | ASBR的路由器 ID |
| 5 | AS external LSA | 外部网络号 |
| 7 | NSSA external LSA | 外部网络号 |
以下用例子和图示表示这几种类型的 LSA:
Router_B#show ip ospf database此命令查看 ospf链路数据库 OSPF Router with ID (170.170.3.2) (Process ID 7) Router Link States (Area 0)区域 0表示此路由器为主干 ,这是 type1的 lsa Link ID ADV Router Age Seq# Checksum Link count
170.170.3.2 170.170.3.2 17 0x80000002 0x8B6 1
170.170.8.4 170.170.8.4 217 0x80000003 0xAA02 1
170.170.13.3 170.170.13.3 218 0x80000002 0x5156 1
Net Link States (Area 0)表示 type 2的 LSA 由 DR传送过来的 Link ID ADV Router Age Seq# Checksum
170.170.3.3 170.170.13.3 18 0x80000002 0xA0B2
Summary Net Link States (Area 0)表示 type 3的 LSA,域间路由 Link ID ADV Router Age Seq# Checksum
170.170.7.0 170.170.8.4 240 0x80000001 0x6ED0
Summary ASB Link States (Area 0) 表示 type 4的 LSA,由 ASBR发过来 Link ID ADV Router Age Seq# Checksum
170.170.11.6 170.170.8.4 129 0x80000001 0xF73C
Type-5 AS External Link States表示 type 5的 LSA,ASBR产生 Link ID ADV Router Age Seq# Checksum Tag
200.200.200.0 170.170.11.6 135 0x80000001 0xE4FA 0
Router_B#
下面用图例来表示几种 LSA:
Router LSA:就是 Type 1,所有路由器都能产生
Network LSA:Type 2 LSA,由 DR产生发给所有的 Drother
Network Summary LSA:Type 3 由 ABR产生,此类用距离向量方法传送路由,一条 lsa传送一条路由
ASBR Summary LSA:LSA 4,由 ABR产生,下一跳为 ABR
AS External LSA:Type 5,下一跳为 ASBR,此类路由优先级低,为了防止环路,因为外部路由有可能是不可靠的。
下面介绍一下 ospf的配置命令:
首先在全局配置下配置
| Step | Command | 描述 |
| 1. | router ospf process-id | 启用路由进程 |
| 2. | network address wildcard-mask area area-id | 定义启用路由进程的接口和区域 ID |
Router_D:路由器 D为 ABR
interface ethernet 0
ip address 170.170.3.4 255.255.255.0
interface serial 0
ip address 170.170.7.4 255.255.255.0
router ospf 7
network 170.170.3.0 0.0.0.255 area 0 E0启用 ospf并加入主干
network 170.170.7.0 0.0.0.255 area 51 S0启用 ospf加入域 51
配置 OSPF接口参数,下面的参数都是在 ospf的接口模式下输入的:
| Command | 描述 |
|---|---|
| ip ospf hello-interval seconds | 指定 hello间隔 |
| ip ospf dead-interval seconds | 设定 hello的 holdtimer时间 |
OSPF环境 Hello 间隔 Down机判定间隔广播 10秒 40秒点对点 10秒 40秒 NBMA 30秒 120秒
如果两端的间隔配置不对就不会形成邻接。
| Command | 描述 |
| ip ospf priority number | 设置路由器优先级,用来进行 DR选举,默认为 1,0表示不参加选举 |
Ospf邻接的时候要选举 DR和 BDR,那么首先要在 hello包种查看优先级,如果都相同的话再看最高的 RouterID,上面这条命令就是设置优先级的
| Command | 描述 |
| ip ospf cost cost | 设定接口成本 |
上面这条命令表示设置接口成本,用来进行路由计算。
下面看一下实例:
Router_D#show ip ospf interface ethernet 0
Ethernet0 is up, line protocol is up
Internet Address 170.170.3.4/24, Area 0
Process ID 7, Router ID 170.170.8.4, Network Type BROADCAST,
Cost: 10
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 170.170.13.3, Interface address
170.170.3.3 Backup Designated router (ID) 170.170.8.4, Interface address 170.170.3.4 Timer intervals configured, Hello 10, Dead 40, Wait 40,
Retransmit 5 Hello due in 00:00:08 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 3 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 170.170.3.2 Adjacent with neighbor 170.170.13.3 (Designated Router) Suppress hello for 0 neighbor(s)
Router_D#
在不同的网络类型上配置 ospf:
第一种是 NBMA:
| Command | 描述 |
| neighbor ip-address [priority number] [poll-interval seconds] | 手工指定邻居 |
如果网络类型为 NBMA,因为不支持广播,那么需要用此命令手工指定邻居。在现在的 IOS支持将帧中继配置为点对点和点对多点类型,所以这条命令很少用了。
第二种是点对点字接口类型:
这种类型是将一个物理端口配置成多个子接口模式,每个子接口是一个单独的子网,每个子接口都为点对点模式,这样就不会进行 DR的选举。
Router_F:
interface Serial2 no ip address encapsulation frame-relay frame-relay lmi-type ansi
!
interface Serial2.7 point-to-point ip address 170.170.11.6 255.255.255.0 frame-relay interface-dlci 101
! interface Serial2.8 point-to-point ip address 170.170.10.6 255.255.255.0
frame-relay interface-dlci 103
router ospf 7 network 170.170.11.0 0.0.0.255 area 0 network 170.170.10.0 0.0.0.255 area 0
Router_G:
interface Serial0 no ip address encapsulation frame-relay frame-relay lmi-type ANSI
!
interface Serial0.6 point-to-point ip address 170.170.11.7 255.255.255.0 frame-relay interface-dlci 110
router ospf 7 network 170.170.11.0 0.0.0.255 area 0
| Command | 描述 |
| ip ospf network {broadcast | non-broadcast | {point-to-multipoint [non-broadcast] }} | 改变网络类型 |
这条命令是用来改变 ospf接口类型的
第三种是点对多点类型:
特点是邻居在一个子网内,不进行 DR和 BDR的选举
Router_E:
interface Serial1 ip address 170.170.9.5 255.255.255.0 no ip mroute-cache encapsulation frame-relay
ip ospf network point-to-multipoint
frame-relay map ip 170.170.9.7 121 broadcast frame-relay map ip 170.170.9.8 123 broadcast router ospf 7 network 170.170.9.0 0.0.0.255 area 0
Router_G:
interface Serial0
no ip address
encapsulation frame-relay
frame-relay lmi-type ANSI
!
interface Serial0.5 multipoint
ip address 170.170.9.7 255.255.255.0
ip ospf network point-to-multipoint
frame-relay map ip 170.170.9.5 112 broadcast router ospf 7 network 170.170.9.0 0.0.0.255 area 0
点对多点还有个特点是,所有的邻居都会产生一条邻居的主机路由:
Router_E#show ip route
Codes: C -connected, S -static, I -IGRP, R -RIP, M -mobile,
B - BGP
D -EIGRP, EX -EIGRP external, O -OSPF, IA -OSPF inter
area
N1 -OSPF NSSA external type 1, N2 -OSPF NSSA external type
2
E1 -OSPF external type 1, E2 -OSPF external type 2, E -
EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * -
candidate default
U - per-user static route, o - ODR
Gateway of last resort is not set 170.170.0.0/16 is variably subnetted, 5 subnets, 2 masks
O 170.170.9.8/32 [110/64] via 170.170.9.8, 00:07:01, Serial1
C 170.170.9.0/24 is directly connected, Serial1
O 170.170.9.7/32 [110/64] via 170.170.9.7, 00:07:01, Serial1
Router_E#
这样邻居间就不用做 Frame Relay map
下面是检查 DR情况:
Router_E#show ip ospf interface serial 1
Serial1 is up, line protocol is up
Internet Address 170.170.9.5/24, Area 0
Process ID 7, Router ID 170.170.9.5, Network Type
POINT_TO_MULTIPOINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
Timer intervals configured, Hello 30, Dead 120, Wait 120,
Retransmit 5
Hello due in 00:00:04
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 170.170.12.8
Adjacent with neighbor 170.170.12.7
Suppress hello for 0 neighbor(s) Router_E# 可以看出,没有 DR和 BDR
配置路由聚合:
聚合是在 ABR和 ASBR上做的,聚合可以减小路由表,可以降低路由抖动路由聚合有 2种: l 域间路由聚合 l 外部路由聚合
首先看域间路由聚合:
| Command | 描述 |
| area area-id range address mask | 指定聚合的地址范围 area-id是要聚合的那个区域 id |
看例子:
路由器 B和路由器 D是 ABR,中间是 area0主干在路由器 B上可以完成聚合
router ospf 7 network 170.170.1.0 0.0.0.255 area 51 network 170.170.3.0 0.0.0.255 area 0
area 1 range 172.16.128.0 255.255.224.0聚合 area 1的路由,发往 area0
外部路由聚合:External route
| Command | 描述 |
| summary-address address mask | 指定要聚合的外部地址和掩码 |
路由 A是 ASBR,要将外部路由 172.16.128.0/24 – 172.16.159.0/24聚合发往 area 0主干,需要配置:
router ospf 7
summary-address 172.16.128.0 255.255.224.0
redistribute static subnets
network 170.170.1.0 0.0.0.255 area 51
聚合外部路由要用 summary-address不能用 area range聚合
配置 Stub Areas和 Toally Stubby Areas
stub域不接收 Type 5类型的 Lsa,也就是外部路由,接收其他的 Lsa Toally只接收缺省路由和域内路由,不接收域间和外部路由
| Command | 描述 |
| area area-id stub [no-summary] | 定义为 stub或者 Toally stub域 |
还是看这幅图:路由器 A发外部路由到主干,那么如果把 Router F配置成 Stub域,看看还能不能收到那些外部路由呢?
Router_D:
router ospf 7 network 170.170.3.0 0.0.0.255 area 0 network 170.170.7.0 0.0.0.255 area 1
area 1 stub
Router_F:
router ospf 7 network 170.170.7.0 0.0.0.255 area 1
area 1 stub
我们来看一下路由器 F的路由表:
Router_F#sh ip route
Codes: C -connected, S -static, I -IGRP, R -RIP, M -mobile,
B - BGP
D -EIGRP, EX -EIGRP external, O -OSPF, IA -OSPF inter
area
N1 -OSPF NSSA external type 1, N2 -OSPF NSSA external type
2
E1 -OSPF external type 1, E2 -OSPF external type 2, E -
EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * -
candidate default
U - per-user static route, o - ODR
Gateway of last resort is 170.170.7.4 to network 0.0.0.0 170.170.0.0/24 is subnetted, 3 subnets OIA170.170.1.0[110/138]via170.170.7.4, 00:02:42,Serial0
O IA 170.170.3.0 [110/74] via 170.170.7.4, 00:02:42, Serial0
C 170.170.7.0 is directly connected, Serial0
O*IA 0.0.0.0/0 [110/65] via 170.170.7.4, 00:02:42, Serial0
Router_F#
除了域间和缺省路由之外,没有外部路由
接下来把 area 1在配置成 Toally Stub看看
Router_D:
router ospf 7 network 170.170.3.0 0.0.0.255 area 0 network 170.170.7.0 0.0.0.255 area 1
area 1 stub no-summary
Router_F:
router ospf 7 network 170.170.7.0 0.0.0.255 area 1
area 1 stub no-summary
在看看路由器 F的路由表:
Router_F#sh ip route
Codes: C -connected, S -static, I -IGRP, R -RIP, M -mobile,
B - BGP
D -EIGRP, EX -EIGRP external, O -OSPF, IA -OSPF inter
area
N1 -OSPF NSSA external type 1, N2 -OSPF NSSA external type
2
E1 -OSPF external type 1, E2 -OSPF external type 2, E -
EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * -
candidate default
U - per-user static route, o - ODR
Gateway of last resort is 170.170.7.4 to network 0.0.0.0
170.170.0.0/24 is subnetted, 1 subnets
C 170.170.7.0 is directly connected, Serial0
O*IA 0.0.0.0/0 [110/65] via 170.170.7.4, 00:00:00, Serial0 Router_F# 只有一条缺省路由了,连 LSA Type 3的也没有了
配置 NSSA Area Not-So Stubby Area
| Command | 描述 |
| area area-id nssa [no-redistribution] [default-information-originate] | 配置为 NSSA 域 |
Area 51配置成 NSSA模式,路由器 A将把外部路由用 Lsa Type 7发往主干,路由器 B在把 Type 7转为 Type 5
Router_A:
router ospf 7 redistribute static subnets network 170.170.1.0 0.0.0.255 area 51
area 51 nssa
! ip route 172.16.128.0 255.255.255.0 Serial1 ip route 172.16.129.0 255.255.255.0 Serial1 ip route 172.16.130.0 255.255.255.0 Serial1
Router_B:
router ospf 7 network 170.170.1.0 0.0.0.255 area 51 network 170.170.3.0 0.0.0.255 area 0
area 51 nssa
看看路由器 B的路由表,能看到类型 7的路由
Router_B# sh ip route Codes: C -connected, S -static, I -IGRP, R -RIP, M -mobile, B - BGP
D -EIGRP, EX -EIGRP external, O -OSPF, IA -OSPF inter
area
N1 -OSPF NSSA external type 1, N2 -OSPF NSSA external type
2
E1 -OSPF external type 1, E2 -OSPF external type 2, E -
EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * -
candidate default
U -per-user static route, o -ODR, P -periodic downloaded
static route
T - traffic engineered route
Gateway of last resort is not set
170.170.0.0/24 is subnetted, 3 subnets
C 170.170.1.0 is directly connected, Serial0
C 170.170.3.0 is directly connected, Ethernet0
O IA 170.170.7.0 [110/74] via 170.170.3.4, Ethernet0
172.16.0.0/24 is subnetted, 3 subnets
O N2 172.16.128.0 [110/20] via 170.170.1.1, Serial0 O N2 172.16.129.0 [110/20] via 170.170.1.1, Serial0 O N2 172.16.130.0 [110/20] via 170.170.1.1, Serial0
Router_B#
看看路由器 B链路数据库中的 Type 7 LSA
Router_B#show ip ospf database OSPF Router with ID (170.170.3.2) (Process ID 7)
Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count
170.170.3.2 170.170.3.2 1395 0x8000002A 0xB6DD 1
170.170.8.4 170.170.8.4 973 0x80000029 0x5433 1
Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum
170.170.3.2 170.170.3.2 1773 0x80000027 0x2281
Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum
170.170.1.0 170.170.3.2 1773 0x80000027 0x9392
170.170.7.0 170.170.8.4 974 0x80000027 0x22F6
Router Link States (Area 51) Link ID ADV Router Age Seq# Checksum Link count
170.170.3.2 170.170.3.2 1378 0x8000002A 0x5F4C 2
170.170.13.1 170.170.13.1 1381 0x80000038 0x3D59 2
Summary Net Link States (Area 51) Link ID ADV Router Age Seq# Checksum
170.170.3.0 170.170.3.2 1398 0x8000002A 0xFE52
170.170.7.0 170.170.3.2 1398 0x80000028 0x59B5
Type-7 AS External Link States (Area 51)
Link ID ADV Router Age Seq# Checksum Tag
172.16.128.0 170.170.13.1 124 0x80000002 0xFF9D 0
172.16.129.0 170.170.13.1 125 0x80000002 0xF4A7 0
172.16.130.0 170.170.13.1 125 0x80000002 0xE9B1 0
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
172.16.128.0 170.170.3.2 1367 0x80000001 0xD6DA 0
172.16.129.0 170.170.3.2 1367 0x80000001 0xCBE4 0
172.16.130.0 170.170.3.2 1367 0x80000001 0xC0EE 0
Router_B#
