多区域OSPF和路由再发布

原创

天涯悠客 2014-04-12 21:42:49 博主文章分类：华为网络 ©著作权

文章标签 交换机防火墙路由器通信拓扑图 文章分类 网络安全

©著作权归作者所有：来自51CTO博客作者天涯悠客的原创作品，请联系作者获取转载授权，否则将追究法律责任

多区域OSPF的配置

1、要求：

现有两台路由器，一台交换机和四台防火墙，要求模拟多区域OSPF的配置。其中有三个区域配置的路由协议为OSPF，另一个区域配置的路由协议时RIP，并且每个区域都在不同的网段，要求所有区域的不同网段能够实现相互通信。

2、网络拓扑图：

用亿图绘制出网络逻辑拓扑图如图1所示：

3、设备中OSPF的配置：

（1）R1的配置

[Router]sysname R1

[R1]int s0

[R1-Serial0]ip add 192.168.2.1 24

[R1-Serial0]

%01:16:08: Line protocol ip on the interface Serial0 is UP

[R1-Serial0]shut

% Interface Serial0 is down

[R1-Serial0]

%01:16:14: Interface Serial0 is DOWN

[R1-Serial0]undo shut

% Interface Serial0 is reset

[R1-Serial0]

%01:16:26: Interface Serial0 is UP

[R1-Serial0]int et0

[R1-Ethernet0]ip add 192.168.1.1 24

[R1-Ethernet0]loop

Ethernet0 running on loopback mode

[R1]ospf enable

Start OSPF task...

OSPF enabled

[R1-ospf]int et0

[R1-Ethernet0]ospf enable area 1

[R1-Ethernet0]int s0

[R1-Serial0]ospf enable area 1

（2）R2的配置

Router]sysname R2

[R2]int s?

Serial

[R2]int s10

No such interface

[R2]int s0

[R2-Serial0]ip add 192.168.2.2 255.255.255.0

[R2-Serial0]

%01:10:18: Line protocol ip on the interface Serial0 is UP

[R2-Serial0]shut

% Interface Serial0 is shut down

[R2-Serial0]

%01:10:30: Interface Serial0 is DOWN

[R2-Serial0]undo shut

% Interface Serial0 is reset

[R2-Serial0]

%01:10:53: Interface Serial0 is UP

[R2-Serial0]int et0

[R2-Ethernet0]ip add 192.168.3.1 24

[R2-Ethernet0]

%01:11:37: Line protocol ip on the interface Ethernet0 is UP

[R2-Ethernet0]int et1

[R2-Ethernet1]ip add 192.168.7.1 24

[R2-Ethernet1]

%01:12:00: Line protocol ip on the interface Ethernet1 is UP

[R2]ospf enable

Start OSPF task...

OSPF enabled

[R2-ospf]int s0

[R2-Serial0]ospf enable area 1

[R2-Serial0]int et0

[R2-Ethernet0]ospf enable area 0

[R2]rip

waiting...

RIP is running

[R2-rip]net 192.168.2.0

[R2-rip]net 192.168.3.0

[R2-rip]net 192.168.7.0

（3）R3的配置

<Quidway>system-view

Enter system view , return user view with Ctrl+Z.

[Quidway]sysname R3

[R3]vlan 10

[R3-vlan10]port et0/24

[R3-vlan10]vlan 20

[R3-vlan20]port et0/22R4的配置

[R3]int vlan 10

[R3-Vlan-interface10]

%Apr 9 18:10:23 2014 R3 L2INF/5/VLANIF LINK STATUS CHANGE:Slot=1;

Vlan-interface10: turns into UP state

[R3-Vlan-interface10]ip address 192.168.3.2 255.255.255.0

[R3-Vlan-interface10]

%Apr 9 18:11:22 2014 R3 IFNET/5/UPDOWN:Slot=1;Line protocol on the interface Vlan-interface10 turns into UP state

[R3-Vlan-interface10]int vlan 20

[R3-Vlan-interface20]

%Apr 9 18:11:32 2014 R3 L2INF/5/VLANIF LINK STATUS CHANGE:Slot=1;

Vlan-interface20: turns into UP state

[R3-Vlan-interface20]ip add

[R3-Vlan-interface20]ip address 192.168.4.1 255.255.255.0

[R3-Vlan-interface20]

%Apr 9 18:12:05 2014 R3 IFNET/5/UPDOWN:Slot=1;Line protocol on the interface Vlan-interface20 turns into UP state

R3-Vlan-interface20]quit

[R3]router id 3.3.3.3

[R3]ospf enable

% Too many parameters found at '^' position.

[R3]ospf

[R3-ospf]area 0

[R3-ospf-area-0.0.0.0]net

[R3-ospf-area-0.0.0.0]network 192.168.3.2 0.0.0.0 ?

<cr>

[R3-ospf-area-0.0.0.0]network 192.168.3.2 0.0.0.0

[R3-ospf-area-0.0.0.0]network 192.168.4.1 0.0.0.0

（4）R4的配置

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C]sysname R4

[R4]int et0/0

[R4-Ethernet0/0]undo ip add

[R4-Ethernet0/0]undo ip address

[R4-Ethernet0/0]ip address 192.168.4.2 24

[R4-Ethernet0/0]

%Apr 10 07:57:47:047 2013 R4 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is UP

[R4-Ethernet0/0]int et0/1

[R4-Ethernet0/1]ip add

[R4-Ethernet0/1]ip address 192.168.5.1 24

[R4-Ethernet0/1]

%Apr 10 07:58:34:061 2013 R4 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/1 is UP

[R4-Ethernet0/1]quit

[R4]firewall zone trust

[R4-zone-trust]add interface ?

Ethernet Ethernet interface

[R4-zone-trust]add interface et

[R4-zone-trust]add interface Ethernet0/1

[R4]router ip 4.4.4.4

[R4]ospf

[R4-ospf-1]area 0

[R4-ospf-1-area-0.0.0.0]net

[R4-ospf-1-area-0.0.0.0]network 192.168.4.2 0.0.0.0

[R4-ospf-1-area-0.0.0.0]quit

[R4-ospf-1]area 2

[R4-ospf-1-area-0.0.0.2]net

[R4-ospf-1-area-0.0.0.2]network 192.168.5.1 0.0.0.0

（5）R5的配置

H3C>system-view

System View: return to User View with Ctrl+Z.

[H3C]sysname R5

[R5]int et0/0

[R5-Ethernet0/0]undo ip add

[R5-Ethernet0/0]

%Apr 10 02:41:41:654 2014 R5 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is DOWN

[R5-Ethernet0/0]ip add

[R5-Ethernet0/0]ip address 192.168.5.2 24

[R5-Ethernet0/0]

%Apr 10 02:41:58:624 2014 R5 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is UP

[R5-Ethernet0/0]int et0/1

[R5-Ethernet0/1]ip add

[R5-Ethernet0/1]ip address 192.168.6.1 24

[R5-Ethernet0/1]loo

[R5-Ethernet0/1]loopback

[R5-Ethernet0/1]quit

[R5]firewall zone t

[R5]firewall zone trust

[R5-zone-trust]add int

[R5-zone-trust]add interface et0/1

//OSPF的配置

[R5]router id 5.5.5.5

[R5]ospf

[R5-ospf-1]area 2

[R5-ospf-1-area-0.0.0.2]net

[R5-ospf-1-area-0.0.0.2]network 192.168.5.2 0.0.0.0

[R5-ospf-1-area-0.0.0.2]network 192.168.6.1 0.0.0.0

（6）R6的配置

<H3C>system-view

System View: return to User View with Ctrl+Z.

[H3C]sysname R6

[R6]int et0/0

[R6-Ethernet0/0]undo ip address

[R6-Ethernet0/0]

%Apr 11 15:33:55:255 2014 R6 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is DOWN

[R6-Ethernet0/0]ip add

[R6-Ethernet0/0]ip address 192.168.7.2 24

[R6-Ethernet0/0]

%Apr 11 15:34:13:683 2014 R6 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is UP

[R6-Ethernet0/0]int et0/1

[R6-Ethernet0/1]ip add

[R6-Ethernet0/1]ip address 192.168.8.1 24

%Apr 11 15:35:12:544 2014 R6 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/1 is UP

[R6-Ethernet0/1]quit

[R6]firewall zone trust

[R6-zone-trust]add int

[R6-zone-trust]add interface et0/1

//RIP的配置

[R6-zone-trust]quit

[R6]rip

[R6-rip]net

[R6-rip]network 192.168.7.0

[R6-rip]network 192.168.8.0

[R6-rip]quit

（7）R7的配置

<H3C>system-view

System View: return to User View with Ctrl+Z.

[H3C]sysname R7

[R7]int et0/0

[R7-Ethernet0/0]ip add

[R7-Ethernet0/0]ip address 192.168.8.2 24

[R7-Ethernet0/0]

%Apr 11 16:22:22:724 2014 R7 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/0 is UP

[R7-Ethernet0/0]int et0/1

[R7-Ethernet0/1]ip add

[R7-Ethernet0/1]ip address 192.168.9.1 24

[R7-Ethernet0/1]loopback

[R7-Ethernet0/1]

%Apr 11 16:23:40:045 2014 R7 PHY/1/PHY: Ethernet0/1: change status to up

%Apr 11 16:23:40:046 2014 R7 IFNET/4/UPDOWN:Line protocol on the interface Ethernet0/1 is UP

[R7-Ethernet0/1]quit

[R7] firewall packet-filter default permit

[R7]fir

[R7]firewall zone trust

[R7-zone-trust]add int et0/0

[R7-zone-trust]add int et0/1

[R7-zone-trust]quit

//RIP的配置

[R7]rip

[R7-rip]net

[R7-rip]network 192.168.8.0

[R7-rip]network 192.168.9.0

4、验证：

（1）查看R1的路由表：

[R1]dis ip rout

Routing Tables:

Destination/Mask Proto Pref Metric Nexthop Interface

127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0

127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.1.0/24 Direct 0 0 192.168.1.1 Ethernet0

192.168.1.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.2.0/24 Direct 0 0 192.168.2.2 Serial0

192.168.2.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.2.2/32 Direct 0 0 192.168.2.2 Serial0

192.168.3.0/24 OSPF 10 1572 192.168.2.2 Serial0

192.168.4.0/24 OSPF 10 1582 192.168.2.2 Serial0

192.168.5.0/24 OSPF 10 1583 192.168.2.2 Serial0

192.168.6.0/24 OSPF 10 1584 192.168.2.2 Serial0

（2）查看R2的路由表：

[R2]dis ip routing

Routing Tables:

Destination/Mask Proto Pref Metric Nexthop Interface

127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0

27.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.1.0/24 OSPF 10 1572 192.168.2.1 Serial0

192.168.2.0/24 Direct 0 0 192.168.2.1 Serial0

192.168.2.1/32 Direct 0 0 192.168.2.1 Serial0

192.168.2.2/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.3.0/24 Direct 0 0 192.168.3. 1 Ethernet0

192.168.3.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.4.0/24 OSPF 10 20 192.168.3.2 Ethernet0

192.168.5.0/24 OSPF 10 21 192.168.3.2 Ethernet0

192.168.6.0/24 OSPF 10 22 192.168.3.2 Ethernet0

192.168.7.0/24 Direct 0 0 192.168.7.1 Ethernet1

192.168.7.1/32 Direct 0 0 127.0.0.1 LoopBack0

（3）查看R3的路由表：

<R3>dis ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.1.0/24 OSPF 10 1582 192.168.3.1 Vlan-interface10

192.168.2.0/24 OSPF 10 1572 192.168.3.1 Vlan-interface10

192.168.3.0/24 DIRECT 0 0 192.168.3.2 Vlan-interface10

192.168.3.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.4.0/24 DIRECT 0 0 192.168.4.1 Vlan-interface20

192.168.4.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.5.0/24 OSPF 10 11 192.168.4.2 Vlan-interface20

192.168.6.0/24 OSPF 10 12 192.168.4.2 Vlan-interface20

（4）查看R4的路由表：

[R4]dis ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.1.0/24 OSPF 10 1583 192.168.4.1 Ethernet0/0

192.168.2.0/24 OSPF 10 1573 192.168.4.1 Ethernet0/0

192.168.3.0/24 OSPF 10 11 192.168.4.1 Ethernet0/0

192.168.4.0/24 DIRECT 0 0 192.168.4.2 Ethernet0/0

192.168.4.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.5.0/24 DIRECT 0 0 192.168.5.1 Ethernet0/1

192.168.5.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.6.0/24 OSPF 10 2 192.168.5.2 Ethernet0/1

（5）查看R5的路由表：

[R5]dis ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.1.0/24 OSPF 10 1584 192.168.5.1 Ethernet0/0

192.168.2.0/24 OSPF 10 1574 192.168.5.1 Ethernet0/0

192.168.3.0/24 OSPF 10 12 192.168.5.1 Ethernet0/0

192.168.4.0/24 OSPF 10 2 192.168.5.1 Ethernet0/0

192.168.5.0/24 DIRECT 0 0 192.168.5.2 Ethernet0/0

192.168.5.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.6.0/24 DIRECT 0 0 192.168.6.1 Ethernet0/1

192.168.6.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

（6）查看R6的路由表：

<R6>dis ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.7.0/24 DIRECT 0 0 192.168.7.2 Ethernet0/0

192.168.7.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.8.0/24 DIRECT 0 0 192.168.8.1 Ethernet0/1

192.168.8.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.9.0/24 RIP 100 1 192.168.8.2 Ethernet0/1

5、路由再发布的配置和验证：

从上面的路由表可以OSPF区域的路由器的路由表中没有RIP区域的网段，RIP区域的路由器的路由表里没有OSPF区域的网段，所以RIP区域和其他OSPF区域是不能相通的，如果要实现相通这就需要配置路由再发布。

（1）路由再发布的配置：

[R2]ospf

//在OSPF上注入RIP（不包括直连的）协议

[R2-ospf]import-route ?

bgp Border Gateway Protocol(BGP)

direct Routes on directly-connected segments

rip Routing Information Protocol(RIP)

static Static routes

[R2-ospf]import-route rip ?

cost cost of import route

route-policy Specify a route-policy

tag Set tag for routes imported into OSPF

type Ospf exterior cost type for imported routes

<cr>

[R2-ospf]import-route rip cost ?

INTEGER<1-4294967295> cost value

[R2-ospf]import-route rip cost 50

//在OSPF上注入RIP（直连的）协议

[R2-ospf]import-route direct ?

cost cost of import route

route-policy Specify a route-policy

tag Set tag for routes imported into OSPF

type Ospf exterior cost type for imported routes

<cr>

[R2-ospf]import-route direct

//配置默认路由协议，并把静态有注入到RIP协议中使其R7、R6能够与外界OSPF区域相通：

[R2]int null ?

INTEGER<0-0> Null interface number

[R2]int null 0

[R2-Null0]quit

[R2]ip route-static 0.0.0.0 0.0.0.0 ?

X.X.X.X NextHop IP address

Async Async interface

Aux Aux interface

Ethernet IEEE802.3

Null Null interface

Serial Serial

[R2]ip route-static 0.0.0.0 0.0.0.0 null ?

INTEGER<0-0> Null interface number

[R2]ip route-static 0.0.0.0 0.0.0.0 null 0

//向RIP中注入默认路由

[R2]rip

[R2-rip]

[R2-rip]import-route ?

bgp Border Gateway Protocol(BGP)

direct Routes on directly-connected segments

ospf Open Shortest Path First(OSPF)

ospf-ase OSPF external route

static Static routes

[R2-rip]import-route static

（2）验证：

1）查看R2的路由表：

[R2]dis ip rout

Routing Tables:

Destination/Mask Proto Pref Metric Nexthop Interface

127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0

127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.1.0/24 OSPF 10 1572 192.168.2.1 Serial0

192.168.2.0/24 Direct 0 0 192.168.2.1 Serial0

192.168.2.1/32 Direct 0 0 192.168.2.1 Serial0

192.168.2.2/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.3.0/24 Direct 0 0 192.168.3.1 Ethernet0

192.168.3.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.4.0/24 OSPF 10 20 192.168.3.2 Ethernet0

192.168.5.0/24 OSPF 10 21 192.168.3.2 Ethernet0

192.168.6.0/24 OSPF 10 22 192.168.3.2 Ethernet0

192.168.7.0/24 Direct 0 0 192.168.7.1 Ethernet1

192.168.7.1/32 Direct 0 0 127.0.0.1 LoopBack0

192.168.8.0/24 RIP 100 1 192.168.7.2 Ethernet1

192.168.9.0/24 RIP 100 2 192.168.7.2 Ethernet1

2）查看R5的路由表：

<R5>dis ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.1.0/24 OSPF 10 1584 192.168.5.1 Ethernet0/0

192.168.2.0/24 OSPF 10 1574 192.168.5.1 Ethernet0/0

192.168.2.1/32 O_ASE 150 1 192.168.5.1 Ethernet0/0

192.168.3.0/24 OSPF 10 12 192.168.5.1 Ethernet0/0

192.168.4.0/24 OSPF 10 2 192.168.5.1 Ethernet0/0

192.168.5.0/24 DIRECT 0 0 192.168.5.2 Ethernet0/0

192.168.5.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.6.0/24 DIRECT 0 0 192.168.6.1 Ethernet0/1

192.168.6.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.7.0/24 O_ASE 150 1 192.168.5.1 Ethernet0/0

192.168.8.0/24 O_ASE 150 50 192.168.5.1 Ethernet0/0

192.168.9.0/24 O_ASE 150 50 192.168.5.1 Ethernet0/0

3）查看R7的路由表：

<R7>display ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

0.0.0.0/0 RIP 100 2 192.168.8.1 Ethernet0/0

127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0

127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.7.0/24 RIP 100 1 192.168.8.1 Ethernet0/0

192.168.8.0/24 DIRECT 0 0 192.168.8.2 Ethernet0/0

192.168.8.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

192.168.9.0/24 DIRECT 0 0 192.168.9.1 Ethernet0/1

192.168.9.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0

4）在R7上ping192.168.1.1

<R7>ping 192.168.1.1

PING 192.168.1.1: 56 data bytes, press CTRL_C to break

Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=253 time=40 ms

Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=253 time=31 ms

Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=253 time=29 ms

Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=253 time=35 ms

Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=253 time=29 ms

--- 192.168.1.1 ping statistics ---

5 packet(s) transmitted

5 packet(s) received

0.00% packet loss

round-trip min/avg/max = 29/32/40 ms

5）在R7上ping192.168.6.1

<R7>ping 192.168.6.1

PING 192.168.6.1: 56 data bytes, press CTRL_C to break

Reply from 192.168.6.1: bytes=56 Sequence=1 ttl=251 time=26 ms

Reply from 192.168.6.1: bytes=56 Sequence=2 ttl=251 time=8 ms

Reply from 192.168.6.1: bytes=56 Sequence=3 ttl=251 time=8 ms

Reply from 192.168.6.1: bytes=56 Sequence=4 ttl=251 time=11 ms

Reply from 192.168.6.1: bytes=56 Sequence=5 ttl=251 time=8 ms

--- 192.168.6.1 ping statistics ---

5 packet(s) transmitted

5 packet(s) received

0.00% packet loss

round-trip min/avg/max = 8/12/26 ms

上一篇：静态路由的配置

下一篇：Linux下无线网卡的安装

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯