目录
[检测:输入[SW1]display vlan进行检查](#检测:输入[SW1]display vlan进行检查)
[检测:display ospf peer](#检测:display ospf peer)
题目
1.IP 地址的规划设计
0区域: 192.168.1.0/25
1区域: 192.168.1.128/30
其中0区域按要求需要进行再次划分,如下
192.168.1.0 28
192.168.1.16 28
192.168.1.32 28
192.168.1.64 28
192.168.1.80 28
192.168.1.96 28
192.168.1.109 28 保留地址
192.168.1.125 28
我们取前五,其余作为保留地址
则区域0 IP地址划分为:
R123的0/0/0接口: 192.168.1.0/28
R1的环回: 192.168.1.16/28
R2的环回: 192.168.1.32/28
vlan2: 192.168.1.64/28
vlan3: 192.168.1.80/28
2.搭建拓扑并进行基础IP配置
3. 配置虚拟局域网
1 **)**按子网划分要求配置PC1和PC2
同时配置提前规划好的网关192.168.1.65/28 192.168.1.81/28
在交换机中输入:
<Huawei>system-view
Huawei\]sys SW1 \[SW1\]vlan batch 2 3 \[SW1\]interface GigabitEthernet 0/0/2 \[SW1-GigabitEthernet0/0/2\]port link-type access \[SW1-GigabitEthernet0/0/2\]port default vlan 2 \[SW1-GigabitEthernet0/0/2\]q \[SW1\]interface GigabitEthernet 0/0/3 \[SW1-GigabitEthernet0/0/3\]port link-type access \[SW1-GigabitEthernet0/0/3\]port default vlan 3 \[SW1-GigabitEthernet0/0/3\]q
检测:输入[SW1]display vlan进行检查
SW1\]interface GigabitEthernet 0/0/1 \[SW1-GigabitEthernet0/0/1\]port link-type trunk \[SW1-GigabitEthernet0/0/1\]port trunk allow-pass vlan 2 3
配置路由器R3
<Huawei>system-view
Huawei\]sysname R3 \[R3\]interface GigabitEthernet 0/0/2.1 \[R3-GigabitEthernet0/0/2.1\]ip address 192.168.1.65 28 \[R3-GigabitEthernet0/0/2.1\]q \[R3\]interface GigabitEthernet 0/0/2.2 \[R3-GigabitEthernet0/0/2.2\]ip address 192.168.1.81 28 \[R3-GigabitEthernet0/0/2.2\]dot1q termination vid 3 \[R3-GigabitEthernet0/0/2.2\]arp broadcast enable \[R3-GigabitEthernet0/0/2.2\]q \[R3\]interface GigabitEthernet 0/0/2.1 \[R3-GigabitEthernet0/0/2.1\]dot1q termination vid 2 \[R3-GigabitEthernet0/0/2.1\]arp broadcast enable
检测:用PC1去访问PC2
2 **)**配置拓扑中其余路由器的网关以及回环
R1配置:
<Huawei>system-view
Huawei\]sysname R1 \[R1\]interface GigabitEthernet 0/0/0 \[R1-GigabitEthernet0/0/0\]ip address 192.168.1.1 28 \[R1-GigabitEthernet0/0/0\]q \[R1\]interface LoopBack 0 \[R1-LoopBack0\]ip address 192.168.1.17 28
R2配置:
<Huawei>system-view
Huawei\]sysname R2 \[R2\]interface GigabitEthernet 0/0/0 \[R2-GigabitEthernet0/0/0\]ip address 192.168.1.2 28 \[R2-GigabitEthernet0/0/0\]q \[R2\]interface LoopBack 0 \[R2-LoopBack0\]ip address 192.168.1.29 28
R3配置:
<R3>system-view
R3\]interface GigabitEthernet 0/0/0 \[R3-GigabitEthernet0/0/0\]ip address 192.168.1.3 28 \[R3-GigabitEthernet0/0/0\]q \[R3\]interface GigabitEthernet 0/0/1 \[R3-GigabitEthernet0/0/1\]ip address 192.168.1.129 30
R4配置:
<Huawei>system-view
Huawei\]sysname R4 \[R4\]interface GigabitEthernet 0/0/0 \[R4-GigabitEthernet0/0/0\]ip address 192.168.1.130 30 \[R4-GigabitEthernet0/0/0\]q \[R4\]interface LoopBack 0 \[R4-LoopBack0\]ip address 4.4.4.4 24
检测:依次输入display ip interface brief 进行检测
4. 配置动态路由
使用 OSPF 协议
1 ) 依次配置
R1配置:
R1\]ospf 1 router-id 1.1.1.1 \[R1-ospf-1\]area 0 \[R1-ospf-1-area-0.0.0.0\]network 192.168.1.16 0.0.0.15 \[R1-ospf-1-area-0.0.0.0\]network 192.168.1.0 0.0.0.15
R2配置:
R2\]ospf 1 router-id 2.2.2.2 \[R2-ospf-1\]area 0 \[R2-ospf-1-area-0.0.0.0\]network 192.168.1.32 0.0.0.15 \[R2-ospf-1-area-0.0.0.0\]network 192.168.1.0 0.0.0.15
R3配置:
R3\]ospf 1 router-id 3.3.3.3 \[R3-ospf-1\]a \[R3-ospf-1\]area 0 \[R3-ospf-1-area-0.0.0.0\]network 192.168.1.0 0.0.0.15 \[R3-ospf-1-area-0.0.0.0\]network 192.168.1.64 0.0.0.15 \[R3-ospf-1-area-0.0.0.0\]q \[R3-ospf-1\]area 1 \[R3-ospf-1-area-0.0.0.1\]network 192.168.1.129 0.0.0.0
R4配置:
R4\]ospf 1 router-id 4.4.4.4 \[R4-ospf-1\]area 1 \[R4-ospf-1-area-0.0.0.1\]network 192.168.1.130 0.0.0.0
2 ) 完成要求 2
.R1~R3 R3 为 DR 设备,没有 BDR
R1配置:
R1-GigabitEthernet0/0/0\]ospf dr-priority 0
R2配置:
R2-GigabitEthernet0/0/0\]ospf dr-priority 0
R3配置:
检测:<R3>display ospf peer
OSPF Process 1 with Router ID 3.3.3.3
Neighbors
Area 0.0.0.0 interface 192.168.1.3(GigabitEthernet0/0/0)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 39 sec
Retrans timer interval: 5
Neighbor is up for 00:02:15
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.3 BDR: None MTU: 0
Dead timer due in 32 sec
Retrans timer interval: 5
Neighbor is up for 00:01:32
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.1 interface 192.168.1.129(GigabitEthernet0/0/1)'s neighbors
Router ID: 4.4.4.4 Address: 192.168.1.130
State: Full Mode:Nbr is Master Priority: 1
DR: 192.168.1.130 BDR: 192.168.1.129 MTU: 0
Dead timer due in 29 sec
Retrans timer interval: 5
Neighbor is up for 00:13:43
Authentication Sequence: [ 0 ]
5. 完成要求 4
R4 回环不能宣告,全网可达,保障更新安全,避免环路,减少路由条目
1)R4 回环不能宣告
在R4 上配置 [R4-ospf-1]default-route-advertise always
检测:在R1上输入<R1>display ip routing-table 进行检查
Route Flags: R - relay, D - download to fib
Routing Tables: Public
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 O_ASE 150 1 D 192.168.1.3 GigabitEthernet
0/0/0
...............
2)保障更新安全
认证
在 R3 上区域认证
R3-ospf-1\]area 0 \[R3-ospf-1-area-0.0.0.0\]authentication-mode md5 1 plain 123456 \[R3-ospf-1\]area 1 \[R3-ospf-1-area-0.0.0.1\]authentication-mode md5 1 plain 123456
在 R4 上接口认证
R4\]interface GigabitEthernet0/0/0 \[R4-GigabitEthernet0/0/0\]ospf authentication-mode md5 1 plain 123456
检测:在R1上输入<R1>display ip routing-table 进行检查
3)避免环路
配置空接
R3\]ip route-static 0.0.0.0 0 NULL 0
4 **)减少路由条目
在** R3 上配置
[R3-ospf-1-area-0.0.0.0]abr-summary 192.168.1.0 255.255.255.224
检测:在R4上输入display ip routing-table protocol ospf 检查。
Route Flags: R - relay, D - download to fib
Public routing table : OSPF
Destinations : 2 Routes : 2
OSPF routing table status : <Active>
Destinations : 2 Routes : 2
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.1.0/27 OSPF 10 2 D 192.168.1.129 GigabitEthernet
0/0/0
192.168.1.64/28 OSPF 10 2 D 192.168.1.129 GigabitEthernet
0/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0