目录
[检测:输入[SW1]display vlan进行检查](#检测:输入[SW1]display vlan进行检查)
[检测:display ospf peer](#检测:display ospf peer)
题目
1.IP 地址的规划设计
0区域: 192.168.1.0/25
1区域: 192.168.1.128/30
其中0区域按要求需要进行再次划分,如下
192.168.1.0 28
192.168.1.16 28
192.168.1.32 28
192.168.1.64 28
192.168.1.80 28
192.168.1.96 28
192.168.1.109 28 保留地址
192.168.1.125 28
我们取前五,其余作为保留地址
则区域0 IP地址划分为:
R123的0/0/0接口: 192.168.1.0/28
R1的环回: 192.168.1.16/28
R2的环回: 192.168.1.32/28
vlan2: 192.168.1.64/28
vlan3: 192.168.1.80/28
2.搭建拓扑并进行基础IP配置
3. 配置虚拟局域网
1 **)**按子网划分要求配置PC1和PC2
同时配置提前规划好的网关192.168.1.65/28 192.168.1.81/28
在交换机中输入:
<Huawei>system-view
[Huawei]sys SW1
[SW1]vlan batch 2 3
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 2
[SW1-GigabitEthernet0/0/2]q
[SW1]interface GigabitEthernet 0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access
[SW1-GigabitEthernet0/0/3]port default vlan 3
[SW1-GigabitEthernet0/0/3]q
检测:输入[SW1]display vlan进行检查
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type trunk
[SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 3
配置路由器R3
<Huawei>system-view
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/2.1
[R3-GigabitEthernet0/0/2.1]ip address 192.168.1.65 28
[R3-GigabitEthernet0/0/2.1]q
[R3]interface GigabitEthernet 0/0/2.2
[R3-GigabitEthernet0/0/2.2]ip address 192.168.1.81 28
[R3-GigabitEthernet0/0/2.2]dot1q termination vid 3
[R3-GigabitEthernet0/0/2.2]arp broadcast enable
[R3-GigabitEthernet0/0/2.2]q
[R3]interface GigabitEthernet 0/0/2.1
[R3-GigabitEthernet0/0/2.1]dot1q termination vid 2
[R3-GigabitEthernet0/0/2.1]arp broadcast enable
检测:用PC1去访问PC2
2 **)**配置拓扑中其余路由器的网关以及回环
R1配置:
<Huawei>system-view
[Huawei]sysname R1
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 28
[R1-GigabitEthernet0/0/0]q
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 192.168.1.17 28
R2配置:
<Huawei>system-view
[Huawei]sysname R2
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip address 192.168.1.2 28
[R2-GigabitEthernet0/0/0]q
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 192.168.1.29 28
R3配置:
<R3>system-view
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ip address 192.168.1.3 28
[R3-GigabitEthernet0/0/0]q
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]ip address 192.168.1.129 30
R4配置:
<Huawei>system-view
[Huawei]sysname R4
[R4]interface GigabitEthernet 0/0/0
[R4-GigabitEthernet0/0/0]ip address 192.168.1.130 30
[R4-GigabitEthernet0/0/0]q
[R4]interface LoopBack 0
[R4-LoopBack0]ip address 4.4.4.4 24
检测:依次输入display ip interface brief 进行检测
4. 配置动态路由
使用 OSPF 协议
1 ) 依次配置
R1配置:
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 192.168.1.16 0.0.0.15
[R1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.15
R2配置:
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 192.168.1.32 0.0.0.15
[R2-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.15
R3配置:
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.15
[R3-ospf-1-area-0.0.0.0]network 192.168.1.64 0.0.0.15
[R3-ospf-1-area-0.0.0.0]q
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 192.168.1.129 0.0.0.0
R4配置:
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 192.168.1.130 0.0.0.0
2 ) 完成要求 2
.R1~R3 R3 为 DR 设备,没有 BDR
R1配置:
[R1-GigabitEthernet0/0/0]ospf dr-priority 0
R2配置:
[R2-GigabitEthernet0/0/0]ospf dr-priority 0
R3配置:
检测:<R3>display ospf peer
OSPF Process 1 with Router ID 3.3.3.3
Neighbors
Area 0.0.0.0 interface 192.168.1.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 5
Neighbor is up for 00:02:15
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 32 sec
Retrans timer interval: 5
Neighbor is up for 00:01:32
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 192.168.1.129(GigabitEthernet0/0/1)'s neighbors
Router ID: 4.4.4.4 Address: 192.168.1.130
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.1.130 BDR: 192.168.1.129 MTU: 0
Dead timer due in 29 sec
Retrans timer interval: 5
Neighbor is up for 00:13:43
Authentication Sequence: [ 0 ]
5. 完成要求 4
R4 回环不能宣告,全网可达,保障更新安全,避免环路,减少路由条目
1)R4 回环不能宣告
在R4 上配置 [R4-ospf-1]default-route-advertise always
检测:在R1上输入<R1>display ip routing-table 进行检查
Route Flags: R - relay, D - download to fib
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 O_ASE 150 1 D 192.168.1.3 GigabitEthernet
0/0/0
...............
2)保障更新安全
认证
在 R3 上区域认证
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]authentication-mode md5 1 plain 123456
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1 plain 123456
在 R4 上接口认证
[R4]interface GigabitEthernet0/0/0
[R4-GigabitEthernet0/0/0]ospf authentication-mode md5 1 plain 123456
检测:在R1上输入<R1>display ip routing-table 进行检查
3)避免环路
配置空接
[R3]ip route-static 0.0.0.0 0 NULL 0
4 **)减少路由条目
在** R3 上配置
[R3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 255.255.255.224
检测:在R4上输入display ip routing-table protocol ospf 检查。
Route Flags: R - relay, D - download to fib
Public routing table : OSPF
Destinations : 2 Routes : 2
OSPF routing table status : <Active>
Destinations : 2 Routes : 2
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.1.0/27 OSPF 10 2 D 192.168.1.129 GigabitEthernet
0/0/0
192.168.1.64/28 OSPF 10 2 D 192.168.1.129 GigabitEthernet
0/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0