网络拓扑图及 IP 地址表:
1.网络拓扑图
2.网络设备 IP 地址分配表
设备名称 设备接口 IP 地址 所属接口
SW1 Loopback1 10.4.1.1/32
SW1 Loopback2 10.4.11.1/24
SW1 Vlan1019 10.4.255.14/30 e0/2
SW1 Vlan1020 10.4.255.5/30 e2/2
SW1 Vlan1023 10.4.255.1/30 e2/1
SW2 Loopback1 10.4.2.1/32
SW2 Loopback2 10.4.21.1/24
SW2 Vlan1019 10.4.255.22/30 e0/2
SW2 Vlan1020 10.4.255.9/30 e2/3
SW2 Vlan1023 10.4.255.2/30 e2/1
SW3 Loopback1 10.4.3.1/32
SW3 Loopback2 10.4.31.1/24
SW3 Vlan1019 10.4.255.6/30 e2/2
SW3 Vlan1020 10.4.255.10/30 e2/3
RT1 Loopback1 10.4.5.1/32
RT1 e0/0 10.4.255.33/30 e0/0
RT1 e0/1 10.4.255.18/30 e0/1
RT1 e0/2 10.4.255.21/30 e0/2
RT2 Loopback1 10.4.6.1/32
RT2 e0/0 10.4.255.34/30 e0/0
FW1 Loopback1 10.4.7.1/32
FW1 e0/1trust 10.4.255.17/30 e0/1
FW1 e0/2trust 10.4.255.13/30 e0/2
1.基础配置
SW1
Switch>enable
Switch#configure terminal
Switch(config)#hostname SW1
SW1(config)#interface loopback 1
SW1(config-if)#ip address 10.4.1.1 255.255.255.255
SW1(config-if)#exit
SW1(config)#interface loopback 2
SW1(config-if)#ip address 10.4.11.1 255.255.255.0
SW1(config-if)#exit
SW1(config)#vlan 1019-1020,1023
SW2(config-vlan)#exit
SW1(config)#interface vlan 1019
SW1(config-if)#ip address 10.4.255.14 255.255.255.252
SW1(config-if)#no shutdown
SW1(config-if)#interface vlan 1020
SW1(config-if)#ip address 10.4.255.5 255.255.255.252
SW1(config-if)#no shutdown
SW1(config-if)#interface vlan 1023
SW1(config-if)#ip address 10.4.255.1 255.255.255.252
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#interface ethernet 0/2
SW1(config-if)#switchport access vlan 1019
SW1(config-if)#interface ethernet 2/2
SW1(config-if)#switchport access vlan 1020
SW1(config-if)#interface ethernet 2/1
SW1(config-if)#switchport access vlan 1023
SW1(config-if)#exit
SW2
Switch>enable
Switch#configure terminal
Switch(config)#hostname SW2
SW2(config)#interface loopback 1
SW2(config-if)#ip address 10.4.2.1 255.255.255.255
SW2(config-if)#exit
SW2(config)#interface loopback 2
SW2(config-if)#ip address 10.4.21.1 255.255.255.0
SW2(config-if)#exit
SW2(config)#vlan 1019-1020,1023
SW2(config-vlan)#exit
SW2(config)#interface vlan 1019
SW2(config-if)#ip address 10.4.255.22 255.255.255.252
SW2(config-if)#no shutdown
SW2(config-if)#interface vlan 1020
SW2(config-if)#ip address 10.4.255.9 255.255.255.252
SW2(config-if)#no shutdown
SW2(config-if)#interface vlan 1023
SW2(config-if)#ip address 10.4.255.2 255.255.255.252
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface ethernet 0/2
SW2(config-if)#switchport access vlan 1019
SW2(config-if)#interface ethernet 2/3
SW2(config-if)#switchport access vlan 1020
SW2(config-if)#interface ethernet 2/1
SW2(config-if)#switchport access vlan 1023
SW2(config-if)#exit
SW3
Switch>enable
Switch#configure terminal
Switch(config)#hostname SW3
SW3(config)#interface loopback 1
SW3(config-if)#ip address 10.4.3.1 255.255.255.255
SW3(config-if)#exit
SW3(config)#interface loopback 2
SW3(config-if)#ip address 10.4.31.1 255.255.255.0
SW3(config-if)#exit
SW3(config)#vlan 1019-1020
SW3(config-vlan)#exit
SW3(config)#interface vlan 1019
SW3(config-if)#ip address 10.4.255.6 255.255.255.252
SW3(config-if)#no shutdown
SW3(config-if)#interface vlan 1020
SW3(config-if)#ip address 10.4.255.10 255.255.255.252
SW3(config-if)#no shutdown
SW3(config-if)#exit
SW3(config)#interface ethernet 2/2
SW3(config-if)#switchport access vlan 1019
SW3(config-if)#interface ethernet 2/3
SW3(config-if)#switchport access vlan 1020
SW3(config-if)#exit
RT1
Router>enable
Router#configure terminal
Router(config)#hostname RT1
RT1(config)#interface loopback 1
RT1(config-if)#ip address 10.4.5.1 255.255.255.255
RT1(config-if)#exit
RT1(config)#interface ethernet 0/0
RT1(config-if)#ip address 10.4.255.33 255.255.255.252
RT1(config-if)#no shutdown
RT1(config-if)#interface ethernet 0/1
RT1(config-if)#ip address 10.4.255.18 255.255.255.252
RT1(config-if)#no shutdown
RT1(config-if)#interface ethernet 0/2
RT1(config-if)#ip address 10.4.255.21 255.255.255.252
RT1(config-if)#no shutdown
RT1(config-if)#exit
RT2
Router>enable
Router#configure terminal
Router(config)#hostname RT2
RT2(config)#interface loopback 1
RT2(config-if)#ip address 10.4.6.1 255.255.255.255
RT2(config-if)#exit
RT2(config)#interface ethernet 0/0
RT2(config-if)#ip address 10.4.255.34 255.255.255.252
RT2(config-if)#no shutdown
RT2(config-if)#exit
FW1
login: hillstone
password:
SG-6000# configure
SG-6000(config)# hostname FW1
FW1(config)# interface loopback1
FW1(config-if-loo1)# ip address 10.4.7.1 255.255.255.255
FW1(config-if-loo1)# exit
FW1(config)# interface ethernet0/1
FW1(config-if-eth0/1)# zone trust
FW1(config-if-eth0/1)# ip address 10.4.255.17 255.255.255.252
FW1(config-if-eth0/1)# interface ethernet0/2
FW1(config-if-eth0/2)# zone trust
FW1(config-if-eth0/2)# ip address 10.4.255.13 255.255.255.252
FW1(config-if-eth0/2)# exit
2.OSPF配置
SW1、SW2、SW3、RT1、RT2、FW1 之间 OSPFv2 协议,process 1,area 0,分别发布 Loopback1 地址路由和产品路由,FW1 通告 type1 默认路由。(本次不包含)
SW1
SW1>enable
SW1#configure terminal
SW1(config)#router ospf 1
SW1(config-router)#router-id 10.4.1.1
SW1(config-router)#network 10.4.1.1 0.0.0.0 area 0
SW1(config-router)#network 10.4.11.1 0.0.0.255 area 0
SW1(config-router)#network 10.4.255.14 0.0.0.3 area 0
SW1(config-router)#network 10.4.255.5 0.0.0.3 area 0
SW1(config-router)#network 10.4.255.1 0.0.0.3 area 0
SW1(config-router)#exit
SW2
SW2>enable
SW2#configure terminal
SW2(config)#router ospf 1
SW2(config-router)#router-id 10.4.2.1
SW2(config-router)#network 10.4.2.1 0.0.0.0 area 0
SW2(config-router)#network 10.4.21.1 0.0.0.0 area 0
SW2(config-router)#network 10.4.255.22 0.0.0.3 area 0
SW2(config-router)#network 10.4.255.9 0.0.0.3 area 0
SW2(config-router)#network 10.4.255.3 0.0.0.3 area 0
SW2(config-router)#exit
SW3
SW3>enable
SW3#configure terminal
SW3(config)#router ospf 1
SW3(config-router)#router-id 10.4.3.1
SW3(config-router)#network 10.4.3.1 0.0.0.0 area 0
SW3(config-router)#network 10.4.31.1 0.0.0.255 area 0
SW3(config-router)#network 10.4.255.6 0.0.0.3 area 0
SW3(config-router)#network 10.4.255.10 0.0.0.3 area 0
SW3(config-router)#exit
RT1
RT1>enable
RT1#configure terminal
RT1(config)#router ospf 1
RT1(config-router)#router-id 10.4.5.1
RT1(config-router)#network 10.4.5.1 0.0.0.0 area 0
RT1(config-router)#network 10.4.255.33 0.0.0.0 area 0
RT1(config-router)#network 10.4.255.18 0.0.0.0 area 0
RT1(config-router)#network 10.4.255.21 0.0.0.0 area 0
RT1(config-router)#exit
RT2
RT2>enable
RT2#configure terminal
RT2(config)#router ospf 1
RT2(config-router)#router-id 10.4.6.1
RT2(config-router)#network 10.4.6.1 0.0.0.0 area 0
RT2(config-router)#network 10.4.255.34 0.0.0.0 area 0
RT2(config-router)#exit
FW1
login: hillstone
password:
FW1# configure
FW1(config)# ip vrouter trust-vr
FW1(config-vrouter)# router ospf 1
FW1(config-router)# router-id 10.4.7.1
FW1(config-router)# network 10.4.7.1/32 area 0
FW1(config-router)# network 10.4.255.17/30 area 0
FW1(config-router)# network 10.4.255.13/30 area 0
FW1(config-router)# exit
FW1(config-vrouter)# exit
3.验证OSPF和路由
SW1
SW1>enable
SW1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.4.2.1 1 FULL/BDR 00:00:37 10.4.255.2 Vlan1023
10.4.3.1 1 FULL/BDR 00:00:39 10.4.255.6 Vlan1020
10.4.7.1 1 FULL/BDR 00:00:37 10.4.255.13 Vlan1019
SW1#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 19 subnets, 3 masks
O 10.4.2.1/32 [110/2] via 10.4.255.2, 00:15:26, Vlan1023
O 10.4.3.1/32 [110/2] via 10.4.255.6, 00:14:05, Vlan1020
O 10.4.5.1/32 [110/3] via 10.4.255.13, 00:03:10, Vlan1019
[110/3] via 10.4.255.2, 00:10:04, Vlan1023
O 10.4.6.1/32 [110/13] via 10.4.255.13, 00:03:10, Vlan1019
[110/13] via 10.4.255.2, 00:05:02, Vlan1023
O 10.4.21.1/32 [110/2] via 10.4.255.2, 00:15:26, Vlan1023
O 10.4.31.1/32 [110/2] via 10.4.255.6, 00:14:05, Vlan1020
O 10.4.255.8/30 [110/2] via 10.4.255.6, 00:13:54, Vlan1020
[110/2] via 10.4.255.2, 00:15:26, Vlan1023
O 10.4.255.16/30 [110/2] via 10.4.255.13, 00:03:10, Vlan1019
O 10.4.255.20/30 [110/2] via 10.4.255.2, 00:15:26, Vlan1023
O 10.4.255.32/30 [110/12] via 10.4.255.13, 00:03:10, Vlan1019
[110/12] via 10.4.255.2, 00:05:02, Vlan1023
SW2
SW2>enable
SW2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.4.1.1 1 FULL/DR 00:00:36 10.4.255.1 Vlan1023
10.4.3.1 1 FULL/BDR 00:00:33 10.4.255.10 Vlan1020
10.4.5.1 1 FULL/BDR 00:00:35 10.4.255.21 Vlan1019
SW2#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 19 subnets, 3 masks
O 10.4.1.1/32 [110/2] via 10.4.255.1, 00:18:53, Vlan1023
O 10.4.3.1/32 [110/2] via 10.4.255.10, 00:17:22, Vlan1020
O 10.4.5.1/32 [110/2] via 10.4.255.21, 00:13:42, Vlan1019
O 10.4.6.1/32 [110/12] via 10.4.255.21, 00:08:30, Vlan1019
O 10.4.11.1/32 [110/2] via 10.4.255.1, 00:18:53, Vlan1023
O 10.4.31.1/32 [110/2] via 10.4.255.10, 00:17:22, Vlan1020
O 10.4.255.4/30 [110/2] via 10.4.255.10, 00:17:22, Vlan1020
[110/2] via 10.4.255.1, 00:18:53, Vlan1023
O 10.4.255.12/30 [110/2] via 10.4.255.1, 00:18:53, Vlan1023
O 10.4.255.16/30 [110/3] via 10.4.255.1, 00:06:38, Vlan1023
O 10.4.255.32/30 [110/11] via 10.4.255.21, 00:08:30, Vlan1019
SW3
SW3>enable
SW3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.4.2.1 1 FULL/DR 00:00:38 10.4.255.9 Vlan1020
10.4.1.1 1 FULL/DR 00:00:32 10.4.255.5 Vlan1019
SW3#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 18 subnets, 3 masks
O 10.4.1.1/32 [110/2] via 10.4.255.5, 00:18:50, Vlan1019
O 10.4.2.1/32 [110/2] via 10.4.255.9, 00:18:39, Vlan1020
O 10.4.5.1/32 [110/3] via 10.4.255.9, 00:14:48, Vlan1020
O 10.4.6.1/32 [110/13] via 10.4.255.9, 00:09:46, Vlan1020
O 10.4.11.1/32 [110/2] via 10.4.255.5, 00:18:50, Vlan1019
O 10.4.21.1/32 [110/2] via 10.4.255.9, 00:18:39, Vlan1020
O 10.4.255.0/30 [110/2] via 10.4.255.9, 00:18:39, Vlan1020
[110/2] via 10.4.255.5, 00:18:50, Vlan1019
O 10.4.255.12/30 [110/2] via 10.4.255.5, 00:18:50, Vlan1019
O 10.4.255.16/30 [110/3] via 10.4.255.5, 00:07:54, Vlan1019
O 10.4.255.20/30 [110/2] via 10.4.255.9, 00:18:39, Vlan1020
O 10.4.255.32/30 [110/12] via 10.4.255.9, 00:09:46, Vlan1020
RT1
RT1>ebable
RT1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.4.6.1 1 FULL/DR 00:00:34 10.4.255.34 Ethernet0/0
10.4.2.1 1 FULL/DR 00:00:39 10.4.255.22 Ethernet0/2
10.4.7.1 1 FULL/BDR 00:00:34 10.4.255.17 Ethernet0/1
RT1#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 18 subnets, 2 masks
O 10.4.1.1/32 [110/12] via 10.4.255.22, 00:15:44, Ethernet0/2
[110/12] via 10.4.255.17, 00:08:38, Ethernet0/1
O 10.4.2.1/32 [110/11] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.3.1/32 [110/12] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.6.1/32 [110/11] via 10.4.255.34, 00:10:30, Ethernet0/0
O 10.4.11.1/32 [110/12] via 10.4.255.22, 00:15:44, Ethernet0/2
[110/12] via 10.4.255.17, 00:08:38, Ethernet0/1
O 10.4.21.1/32 [110/11] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.31.1/32 [110/12] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.255.0/30 [110/11] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.255.4/30 [110/12] via 10.4.255.22, 00:15:44, Ethernet0/2
[110/12] via 10.4.255.17, 00:08:38, Ethernet0/1
O 10.4.255.8/30 [110/11] via 10.4.255.22, 00:15:44, Ethernet0/2
O 10.4.255.12/30 [110/11] via 10.4.255.17, 00:08:38, Ethernet0/1
RT2
RT2>ebable
RT2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.4.5.1 1 FULL/BDR 00:00:32 10.4.255.33 Ethernet0/0
RT2#show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 16 subnets, 2 masks
O 10.4.1.1/32 [110/22] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.2.1/32 [110/21] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.3.1/32 [110/22] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.5.1/32 [110/11] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.11.1/32 [110/22] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.21.1/32 [110/21] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.31.1/32 [110/22] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.255.0/30 [110/21] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.255.4/30 [110/22] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.255.8/30 [110/21] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.255.12/30 [110/21] via 10.4.255.33, 00:09:48, Ethernet0/0
O 10.4.255.16/30 [110/20] via 10.4.255.33, 00:11:43, Ethernet0/0
O 10.4.255.20/30 [110/20] via 10.4.255.33, 00:11:43, Ethernet0/0
FW1
login: hillstone
password:
FW1# show ip ospf neighbor
OSPF Router with ID 10.4.7.1, OSPF Process ID 1
Neighbor ID Pri State Dead Time Address Interface
10.4.5.1 1 Full/DR 00:00:38 10.4.255.18 ethernet0/1
10.4.1.1 1 Full/DR 00:00:34 10.4.255.14 ethernet0/2
FW1# show ip ospf route
OSPF Router with ID 10.4.7.1, OSPF Process ID 1
Codes: N - network route, D - discard route, R - router route, IA - inter router
E1 - external type-1 route, E2 - external type-2 route
================= OSPF network routing table =================
N 10.4.1.1/32 [2] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.2.1/32 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.3.1/32 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.5.1/32 [2] area: 0.0.0.0
directly attached to ethernet0/1
via 10.4.255.18, ethernet0/1
N 10.4.6.1/32 [12] area: 0.0.0.0
directly attached to ethernet0/1
via 10.4.255.18, ethernet0/1
N 10.4.11.1/32 [2] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.21.1/32 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.31.1/32 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.255.0/30 [2] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.255.4/30 [2] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.255.8/30 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.255.12/30 [1] area: 0.0.0.0
directly attached to ethernet0/2
N 10.4.255.16/30 [1] area: 0.0.0.0
directly attached to ethernet0/1
N 10.4.255.20/30 [3] area: 0.0.0.0
directly attached to ethernet0/2
via 10.4.255.14, ethernet0/2
N 10.4.255.32/30 [11] area: 0.0.0.0
directly attached to ethernet0/1
via 10.4.255.18, ethernet0/1