温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

eNSP解决OSPF不规则区域几个方法和vlink-peer

发布时间:2020-07-26 18:00:18 来源:网络 阅读:850 作者:gjyonline 栏目:网络安全

因为刚学OSPF路由协议,下面只是个人实验结果,可能也有不准确的地方,请批评指正,谢谢


解决OSPF不规则区域

1、多进程双向重分布

2Tunnel隧道

3virtual-link

 

1、多进程双向重分布:

拓扑:

eNSP解决OSPF不规则区域几个方法和vlink-peer

R3上有两个OSPF进程,当R3双向多进程重分布时,可以看到两边的路由都能学到

关键配置:

 

[R1]dis cur

#

sysname R1

#

router id 91.1.1.1

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.1 255.255.255.0

#

interface LoopBack0

 ip address 1.1.1.1 255.255.255.0

#                                        

ospf 10

 area 0.0.0.0

 network 1.1.1.1 0.0.0.0

 network 12.1.1.1 0.0.0.0

#

 

[R2]dis cur

#

sysname R2

#

router id 92.2.2.2

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.2 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 23.1.1.2 255.255.255.0

#

interface LoopBack0

 ip address 2.2.2.2 255.255.255.0        

#

ospf 10

 area 0.0.0.0

 network 2.2.2.2 0.0.0.0

 network 12.1.1.2 0.0.0.0

 area 0.0.0.1

 network 23.1.1.2 0.0.0.0

#

 

[R3]dis cur

#

sysname R3

#

router id 93.3.3.3

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.3 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 23.1.1.3 255.255.255.0

#

interface LoopBack0

 ip address 3.3.3.3 255.255.255.0        

#

ospf 10

 import-route ospf 100

 area 0.0.0.1

 network 3.3.3.3 0.0.0.0

 network 23.1.1.3 0.0.0.0

#

ospf 100

 import-route ospf 10

 area 0.0.0.0

 network 34.1.1.3 0.0.0.0

#

 

[R4]dis cur

#

sysname R4

#

router id 94.4.4.4

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.4 255.255.255.0

#                                        

interface LoopBack0

 ip address 4.4.4.4 255.255.255.0

#                                        

ospf 100

 area 0.0.0.0

 network 4.4.4.4 0.0.0.0

 network 34.1.1.4 0.0.0.0

#

 

这样两边ospf能学到对方路由,但学到是LSA5类外部路由,额外提供LSA4类:

[R4]dis ip rou p os

Route Flags: R - relay, D - downloadto fib

------------------------------------------------------------------------------

Public routing table : OSPF

         Destinations : 5        Routes : 5       

 

OSPF routing table status :<Active>

         Destinations : 5        Routes : 5

 

Destination/Mask    Proto  Pre  Cost      Flags NextHop         Interface

 

        1.1.1.1/32  O_ASE  150  1           D  34.1.1.3        Serial0/0/0

        2.2.2.2/32  O_ASE  150  1           D  34.1.1.3        Serial0/0/0

        3.3.3.0/24  O_ASE  150  1           D  34.1.1.3        Serial0/0/0

       12.1.1.0/24  O_ASE  150  1           D  34.1.1.3        Serial0/0/0

       23.1.1.0/24  O_ASE  150  1           D  34.1.1.3        Serial0/0/0

 

 

2Tunnel隧道

拓扑:

eNSP解决OSPF不规则区域几个方法和vlink-peer

tunnel做在R2R3上,把tunnel宣告到Area0上,让Area2看上去好像挂在骨干区上

关键配置:

[R2]dis cur

#

sysname R2

#

router id 92.2.2.2

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.2 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 23.1.1.2 255.255.255.0

#

interface LoopBack0

 ip address 2.2.2.2 255.255.255.0        

#

interface Tunnel0/0/0

 ip address 100.1.1.2 255.255.255.0

 tunnel-protocol gre

 source 23.1.1.2

 destination 23.1.1.3

#

ospf 10

 area 0.0.0.0

 network 2.2.2.2 0.0.0.0

 network 12.1.1.2 0.0.0.0

 network 100.1.1.2 0.0.0.0

 area 0.0.0.1

 network 23.1.1.2 0.0.0.0

#

 

 

[R3]dis cur

#

sysname R3

#

router id 93.3.3.3

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.3 255.255.255.0

#                                        

interface LoopBack0

 ip address 3.3.3.3 255.255.255.0        

#

interface Tunnel0/0/0

 ip address 100.1.1.3 255.255.255.0

 tunnel-protocol gre

 source 23.1.1.3

 destination 23.1.1.2

#

ospf 10

 import-route ospf 100 cost 2 type 1 tag 100

 area 0.0.0.0

  network 100.1.1.3 0.0.0.0

 area 0.0.0.1

 network 3.3.3.3 0.0.0.0

 network 23.1.1.3 0.0.0.0

 area 0.0.0.2

 network 34.1.1.3 0.0.0.0

#

 

这有个很奇怪的问题,在R1上:

[R1]dis ospf abr-asbr

 

         OSPF Process 10 with Router ID91.1.1.1

                 Routing Table to ABR and ASBR

 

 RtType     Destination       Area       Cost Nexthop         Type

 Intra-area 92.2.2.2          0.0.0.0    1562 12.1.1.2        ABR

 Intra-area 93.3.3.3          0.0.0.0    3124 12.1.1.2        ABR/ASBR

 

[R1]dis ospf asbr   

 

         OSPF Process 10 with Router ID91.1.1.1

 

[R1]dis ospf lsdb

 

         OSPF Process 10 with Router ID91.1.1.1

                 Link State Database

 

                         Area: 0.0.0.0

 Type     LinkState ID    AdvRouter          Age Len   Sequence   Metric

 Router   92.2.2.2        92.2.2.2          1562 84    80000003    1562

 Router   91.1.1.1        91.1.1.1          1563 60    80000002       0

 Router   93.3.3.3        93.3.3.3          1563 48    80000002    1562

 Sum-Net  23.1.1.0        92.2.2.2          1573 28    80000001    1562

 Sum-Net  23.1.1.0        93.3.3.3          1572 28    80000001    1562

 Sum-Net  3.3.3.3         92.2.2.2          1563 28    80000001    1562

 Sum-Net  3.3.3.3         93.3.3.3          1572 28    80000001       0

 Sum-Net  4.4.4.4         93.3.3.3          1563 28    80000001    1562

 Sum-Net  34.1.1.0        93.3.3.3          1572 28    80000001    1562

 Sum-Asbr 93.3.3.3        92.2.2.2          1563 28    80000001    1562

R2居然通告R3ASBR,并且产生一条LSA4

[R1]dis ospf lsdb asbr

 

         OSPF Process 10 with Router ID91.1.1.1

                         Area: 0.0.0.0

                 Link State Database

 

 

 Type      : Sum-Asbr

 Ls id     : 93.3.3.3

 Adv rtr   : 92.2.2.2 

 Ls age    : 1648

 Len       : 28

 Options   :  E 

 seq#      : 80000001

 chksum    : 0xe65

 Tos 0  metric: 1562

重启OSPF进程也一样。也就是说,在华为路由器上,没有LSA5也可以产生LSA4,后来练习完下面的vlink-peer再返回来做这个练习,发现又正常了,R1上没有LSA4,只有LSA3的路由,这个可能是缓存当时没有得到彻底的清除所导致

 

利用tunnel的方法,可以看到R1上收到的Area2的路由是以LSA3类形式存在的,比用第一种双向多进程重分布要好点

 

 

3virtual-link专业工具

拓扑:

eNSP解决OSPF不规则区域几个方法和vlink-peer

vlink的方法在实际链路上仍然要传递hello报文,只不过由于组播不能超过一跳,单播报文

R2R3上配置vlink,关键配置:

[R2]dis cur config ospf

#

ospf 10

 area 0.0.0.0

 network 2.2.2.2 0.0.0.0

 network 12.1.1.2 0.0.0.0

 area 0.0.0.1

 network 23.1.1.2 0.0.0.0

 vlink-peer 93.3.3.3

#

 

[R3]dis cur config ospf

#

ospf 10

 area 0.0.0.1

 network 3.3.3.3 0.0.0.0

 network 23.1.1.3 0.0.0.0

 vlink-peer 92.2.2.2

 area 0.0.0.2

 network 34.1.1.3 0.0.0.0

#

看到

[R1]dis ospf lsdb summary 4.4.4.4

 

         OSPF Process 10 with Router ID91.1.1.1

                         Area: 0.0.0.0

                 Link State Database

 

 

 Type      : Sum-Net

 Ls id     : 4.4.4.4

 Adv rtr   : 93.3.3.3 

 Ls age    : 510

 Len       : 28

 Options   :  E 

 seq#      : 80000003

 chksum    : 0x6262

 Net mask  : 255.255.255.255

 Tos 0  metric: 1562

 Priority  : Medium

 

[R1]dis ip rou

Route Flags: R - relay, D - downloadto fib

------------------------------------------------------------------------------

Routing Tables: Public

         Destinations : 12       Routes : 12      

 

Destination/Mask    Proto  Pre  Cost      Flags NextHop         Interface

 

        1.1.1.0/24  Direct 0    0           D  1.1.1.1         LoopBack0

        1.1.1.1/32  Direct 0    0           D  127.0.0.1       LoopBack0

        2.2.2.2/32  OSPF   10   1562        D  12.1.1.2        Serial0/0/0

        3.3.3.3/32  OSPF   10   3124        D  12.1.1.2        Serial0/0/0

        4.4.4.4/32  OSPF   10   4686        D  12.1.1.2        Serial0/0/0

       12.1.1.0/24  Direct 0    0           D  12.1.1.1        Serial0/0/0

       12.1.1.1/32  Direct 0    0           D  127.0.0.1       Serial0/0/0

       12.1.1.2/32  Direct 0    0           D  12.1.1.2        Serial0/0/0

       23.1.1.0/24  OSPF   10   3124        D  12.1.1.2        Serial0/0/0

       34.1.1.0/24  OSPF   10   4686        D  12.1.1.2        Serial0/0/0

     127.0.0.0/8   Direct  0   0           D   127.0.0.1       InLoopBack0

     127.0.0.1/32  Direct  0   0           D   127.0.0.1       InLoopBack0

比较tunnelvlink-peer,发现两者都得到LSA3类路由,而且两者都是p2p链路

vlink仍然是p2p类型:

[R2]dis ospf vlink

 

         OSPF Process 10 with Router ID92.2.2.2

                 Virtual Links

 

 Virtual-link Neighbor-id  -> 93.3.3.3, Neighbor-State: Full

 

 Interface: 23.1.1.2 (Serial0/0/1)

 Cost: 1562 State: P-2-P  Type: Virtual

 Transit Area: 0.0.0.1

 Timers: Hello 10 , Dead 40 , Retransmit 5 ,Transmit Delay 1

 

tunnel也是p2p类型:

[R3]dis ospf int all

 

         OSPF Process 10 with Router ID93.3.3.3

                 Interfaces

 

 Area: 0.0.0.0          (MPLS TE not enabled)

 

 Interface: 100.1.1.3 (Tunnel0/0/0)--> 100.1.1.2

 Cost: 1562    State: P-2-P     Type: P2P       MTU: 1500 

 Timers: Hello 10 , Dead 40 , Poll  120 , Retransmit 5 , Transmit Delay 1

这两者其实很像

vlink一起的考试经常是说要在Area0上做区域认证,那么请把vlink认证补全,这种问题其实在华为路由器上特别简单,只要在vlink-peer后面接着做相同的认证就可以了

 

补全不规则区域: 

vlink-peer之贪吃蛇一

拓扑:

eNSP解决OSPF不规则区域几个方法和vlink-peer

关键配置:

重点在Area1Area2上配置vlink即可

[R1]dis cur

#

sysname R1

#

router id 91.1.1.1

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.1 255.255.255.0

#                                        

interface LoopBack0

 ip address 1.1.1.1 255.255.255.0

#                                        

ospf 10

 area 0.0.0.0

 network 1.1.1.1 0.0.0.0

 network 12.1.1.1 0.0.0.0

#

 

[R2]dis cur

#

sysname R2

#

router id 92.2.2.2

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.2 255.255.255.0

#                                        

interface Serial0/0/1                    

 link-protocol ppp

 ip address 23.1.1.2 255.255.255.0

#

interface LoopBack0

 ip address 2.2.2.2 255.255.255.0

#                                        

ospf 10

 area 0.0.0.0

 network 2.2.2.2 0.0.0.0

 network 12.1.1.2 0.0.0.0

 area 0.0.0.1

 network 23.1.1.2 0.0.0.0

  vlink-peer 93.3.3.3

#

 

[R3]dis cur  

#

sysname R3

#

router id 93.3.3.3

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.3 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 23.1.1.3 255.255.255.0

#

interface LoopBack0

 ip address 3.3.3.3 255.255.255.0        

#

ospf 10

 area 0.0.0.1

 network 3.3.3.3 0.0.0.0

 network 23.1.1.3 0.0.0.0

  vlink-peer 92.2.2.2

 area 0.0.0.2

 network 34.1.1.3 0.0.0.0

  vlink-peer 94.4.4.4

#

 

[R4]dis cur

#

sysname R4

#

router id 94.4.4.4

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.4 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 45.1.1.4 255.255.255.0

#

interface LoopBack0

 ip address 4.4.4.4 255.255.255.0        

#

ospf 10

 area 0.0.0.2

 network 4.4.4.4 0.0.0.0

 network 34.1.1.4 0.0.0.0

  vlink-peer 93.3.3.3

 area 0.0.0.3

 network 45.1.1.4 0.0.0.0

#

 

 

[R5]dis cur

#

sysname R5

#

router id 95.5.5.5

#

interface Serial0/0/1                    

 link-protocol ppp

 ip address 45.1.1.5 255.255.255.0

#

interface LoopBack0

 ip address 5.5.5.5 255.255.255.0

#                                        

ospf 10

 area 0.0.0.3

 network 5.5.5.5 0.0.0.0

 network 45.1.1.5 0.0.0.0

#

 

 

vlink-peer贪吃蛇二

拓扑:

eNSP解决OSPF不规则区域几个方法和vlink-peer

在Area 1、Area 2、Area 3上做vlink,关键配置:

 

[R1]dis cur

#

sysname R1

#

router id 91.1.1.1

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.1 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 13.1.1.1 255.255.255.0

#

interface LoopBack0

 ip address 1.1.1.1 255.255.255.0        

#

ospf 10

 area 0.0.0.0

 network 1.1.1.1 0.0.0.0

 network 13.1.1.1 0.0.0.0

 area 0.0.0.1

 network 12.1.1.1 0.0.0.0

 vlink-peer 92.2.2.2

#

 

 

[R2]dis cur

#

sysname R2

#

router id 92.2.2.2

#

interface Serial0/0/0

 link-protocol ppp

 ip address 12.1.1.2 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 24.1.1.2 255.255.255.0

#

interface LoopBack0

 ip address 2.2.2.2 255.255.255.0        

#

ospf 10

 area 0.0.0.1

 network 2.2.2.2 0.0.0.0

 network 12.1.1.2 0.0.0.0

 vlink-peer 91.1.1.1

 area 0.0.0.3

 network 24.1.1.2 0.0.0.0

 vlink-peer 94.4.4.4

#

 

 

[R3]dis cur

#

sysname R3

#

router id 93.3.3.3

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.3 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 13.1.1.3 255.255.255.0

#

interface LoopBack0

 ip address 3.3.3.3 255.255.255.0        

#

ospf 10

 area 0.0.0.0

 network 13.1.1.3 0.0.0.0

 area 0.0.0.2

 network 34.1.1.3 0.0.0.0

 network 3.3.3.3 0.0.0.0

 vlink-peer 94.4.4.4

#

 

 

[R4]dis cur

#

sysname R4

#

router id 94.4.4.4

#

interface Serial0/0/0

 link-protocol ppp

 ip address 34.1.1.4 255.255.255.0

#                                        

interface Serial0/0/1

 link-protocol ppp

 ip address 24.1.1.4 255.255.255.0

#

interface LoopBack0

 ip address 4.4.4.4 255.255.255.0        

#

ospf 10

 area 0.0.0.2

 network 34.1.1.4 0.0.0.0

 vlink-peer 93.3.3.3

 area 0.0.0.3

 network 4.4.4.4 0.0.0.0

 network 24.1.1.4 0.0.0.0

 vlink-peer 92.2.2.2

#

 

 

这里涉及到LSA3选路问题:

[R4]dis ip routing-table

Route Flags: R - relay, D - downloadto fib

------------------------------------------------------------------------------

Routing Tables: Public

         Destinations : 15       Routes : 15      

 

Destination/Mask    Proto  Pre  Cost      Flags NextHop         Interface

 

        1.1.1.1/32 OSPF    10   3124       D   24.1.1.2        Serial0/0/1

        2.2.2.2/32  OSPF   10   1562        D  24.1.1.2        Serial0/0/1

        3.3.3.3/32  OSPF   10   1562        D  34.1.1.3        Serial0/0/0

        4.4.4.0/24  Direct 0    0           D  4.4.4.4         LoopBack0

 以下略。

应该说R4关于1.1.1.1/32的路由从R2、R3收到,有两条做负载均衡才对,但这只有一条。

真实的情况如下:

[R4]dis ospf lsdb

 

         OSPF Process 10 with Router ID 94.4.4.4

                 Link State Database

 

                         Area: 0.0.0.0

                         Area: 0.0.0.2

 Type     LinkState ID    AdvRouter          Age Len   Sequence   Metric

Sum-Net   1.1.1.1         94.4.4.4           940 28    80000002    3124

 Sum-Net  1.1.1.1         93.3.3.3          1275 28    80000001    1562

 

                        Area: 0.0.0.3

 Type     LinkState ID    AdvRouter          Age Len   Sequence   Metric

Sum-Net   1.1.1.1         92.2.2.2           960 28    80000002    1562


可以看到,R4收到Area 2的两条,Area 3的一条关于1.1.1.1/32主机路由,由于Area 2中同一条LSA比较metric,最后两条是Area 2和Area 3的路由,它们的metric一样,只不过所在Area区域不同,由于OSPF规定这样的等价路由比较Area区域号,哪个大用哪个,所以ospf把92.2.2.2的1.1.1.1路由放入路由表中(区域零例外,因为区域零最小


向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI