09、OSPF
9.1 OSPF单区域配置
9.1.1 原理概述
为了弥补距离矢量路由协议的不足,IETF组织开发了一种基于链路状态的内部网关协议------OSPF(Open Shortest Path First,开放式最短路径优先)。
OSPF作为基于链路状态的协议,具有收敛快、路由无环、扩展性好等优点,被快速接受并广泛使用。链路状态算法路由协议互相通告的是链路状态信息,每台路由器都将自己的链路状态信息(包含接口的IP地址和子网掩码、网络类型、该链路的开销等)发送给其他路由器,并在网络中泛洪,当每台路由器收集到网络内所有链路状态信息后,就能拥有整个网络的拓扑情况,然后根据整网拓扑情况运行SPF算法,得出所有网段的最短路径。
OSPF支持区域的划分,区域是从逻辑上将路由器划分为不同的组,每个组用区域号(Area ID)来标识。一个网段(链路)只能属于一个区域,或者说每个运行OSPF的接口必须指明属于哪一个区域。区域0为骨干区域,骨干区域负责在非骨干区域之间发布区域间的路由信息。在一个OSPF区域中有且只有一个骨干区域。
9.1.2 实验内容
本实验模拟企业网络场景。该公司有三大办公区,每个办公区放置了台路由器,R1放在办公区A,A区经理的PC-1直接连接R1;R2放在办公B区经区理的PC-2直接连接到R2;R3放在办公区C,C区经理的PC-3直接连接到R3. 3台路由器都互相直连,为了能使整个公司网络互相通信,需要在所有路由器上部署路由协议。考虑到公司未来的发展(部门的增加和分公司的成立),为了适应不断扩展的网络的需求,公司在所有路由器上部署OSPF协议,且现在所有路由器都属于骨干区域。
9.1.3 实验拓扑图
9.1.4 实验编址表
设备 | 接口 | IP地址 | 子网掩码 | 默认网关 |
---|---|---|---|---|
PC1 | Ethernet 0/0/1 | 192.168.10.1 | 255.255.255.0 | 192.168.10.254 |
AR1(AR2220) | GE 0/0/2 | 192.168.10.254 | 255.255.255.0 | N/A |
AR1(AR2220) | GE 0/0/0 | 172.16.10.1 | 255.255.255.0 | N/A |
AR1(AR2220) | GE 0/0/1 | 172.16.30.1 | 255.255.255.0 | N/A |
PC2 | Ethernet 0/0/1 | 192.168.20.1 | 255.255.255.0 | 192.168.20.254 |
AR2(AR2220) | GE 0/0/2 | 192.168.20.254 | 255.255.255.0 | N/A |
AR2(AR2220) | GE 0/0/0 | 172.16.10.2 | 255.255.255.0 | N/A |
AR2(AR2220) | GE 0/0/1 | 172.16.20.1 | 255.255.255.0 | N/A |
PC3 | Ethernet 0/0/1 | 192.168.30.1 | 255.255.255.0 | 192.168.30.254 |
AR3(AR2220) | GE 0/0/2 | 192.168.30.254 | 255.255.255.0 | N/A |
AR3(AR2220) | GE 0/0/0 | 172.16.30.2 | 255.255.255.0 | N/A |
AR3(AR2220) | GE 0/0/1 | 172.16.20.2 | 255.255.255.0 | N/A |
9.1.5 实验步骤
1、基本配置
根据实验编址表进行基本配置,并测试直连链路的连通性。
erlang
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 172.16.10.1 24
[AR1-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR1-GigabitEthernet0/0/1]ip address 172.16.30.1 24
[AR1-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[AR1-GigabitEthernet0/0/2]ip address 192.168.10.254 24
[AR2]interface GigabitEthernet 0/0/0
[AR2-GigabitEthernet0/0/0]ip address 172.16.10.2 24
[AR2-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR2-GigabitEthernet0/0/1]ip address 172.16.20.1 24
[AR2-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[AR2-GigabitEthernet0/0/2]ip address 192.168.20.254 24
[AR3]interface GigabitEthernet 0/0/0
[AR3-GigabitEthernet0/0/0]ip address 172.16.30.2 24
[AR3-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR3-GigabitEthernet0/0/1]ip address 172.16.20.2 24
[AR3-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[AR3-GigabitEthernet0/0/2]ip address 192.168.30.254 24
erlang
[AR3]ping 172.16.30.1
PING 172.16.30.1: 56 data bytes, press CTRL_C to break
Reply from 172.16.30.1: bytes=56 Sequence=1 ttl=255 time=100 ms
Reply from 172.16.30.1: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 172.16.30.1: bytes=56 Sequence=3 ttl=255 time=20 ms
2、部署单区域OSPF网络
erlang
[AR1]ospf 1 # 1代表进程号,如果没有写进程号,默认是1
[AR1-ospf-1]area 0 # 进入OSPF区域视图,0代表要创建的ID,0代表骨干网络
[AR1-ospf-1-area-0.0.0.0]network 172.16.10.0 0.0.0.255 # 指定接口所属的区域,尽量精确匹配所通告的网段
[AR1-ospf-1-area-0.0.0.0]network 172.16.30.0 0.0.0.255
[AR1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[AR2]ospf 1
[AR2-ospf-1]area 0
[AR2-ospf-1-area-0.0.0.0]network 172.16.10.0 0.0.0.255
[AR2-ospf-1-area-0.0.0.0]network 172.16.20.0 0.0.0.255
[AR2-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[AR3]ospf 1
[AR3-ospf-1]area 0
[AR3-ospf-1-area-0.0.0.0]network 172.16.20.0 0.0.0.255
[AR3-ospf-1-area-0.0.0.0]network 172.16.30.0 0.0.0.255
[AR3-ospf-1-area-0.0.0.0]network 192.168.30.0 0.0.0.255
配置完成后使用display ospf interface
命令检查OSPF接口通告是否正确。
erlang
[AR1]display ospf interface
OSPF Process 1 with Router ID 172.16.10.1
Interfaces
Area: 0.0.0.0 (MPLS TE not enabled)
IP Address Type State Cost Pri DR BDR
172.16.10.1 Broadcast DR 1 1 172.16.10.1 172.16.10.2
172.16.30.1 Broadcast DR 1 1 172.16.30.1 172.16.30.2
192.168.10.254 Broadcast DR 1 1 192.168.10.254 0.0.0.0
3、检查OSPF单区域的配置结果
使用display ospf peer
命令查看OSPF邻居状态。通过Router-ID可以查看邻居的路由器标识,通过Address可以查看邻居的OSPF接口IP地址,通过State可以查看目前与该路由器的OSPF邻居状态,通过Priority可以查看当前邻居OSPF接口的DR优先级等。
erlang
[AR1]display ospf peer
OSPF Process 1 with Router ID 172.16.10.1
Neighbors
Area 0.0.0.0 interface 172.16.10.1(GigabitEthernet0/0/0)'s neighbors
Router ID: 172.16.10.2 Address: 172.16.10.2
State: Full Mode:Nbr is Master Priority: 1
DR: 172.16.10.1 BDR: 172.16.10.2 MTU: 0
Dead timer due in 38 sec
Retrans timer interval: 5
Neighbor is up for 00:14:41
Authentication Sequence: [ 0 ]
Neighbors
Area 0.0.0.0 interface 172.16.30.1(GigabitEthernet0/0/1)'s neighbors
Router ID: 172.16.30.2 Address: 172.16.30.2
State: Full Mode:Nbr is Master Priority: 1
DR: 172.16.30.1 BDR: 172.16.30.2 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:12:30
Authentication Sequence: [ 0 ]
使用display ip routing-table Protocol ospf
命令查看R1上的OSPF路由表。
erlang
[AR1]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 3 Routes : 4
OSPF routing table status : <Active>
Destinations : 3 Routes : 4
Destination/Mask Proto Pre Cost Flags NextHop Interface
172.16.20.0/24 OSPF 10 2 D 172.16.10.2 GigabitEthernet0/0/0
OSPF 10 2 D 172.16.30.2 GigabitEthernet0/0/1
192.168.20.0/24 OSPF 10 2 D 172.16.10.2 GigabitEthernet0/0/0
192.168.30.0/24 OSPF 10 2 D 172.16.30.2 GigabitEthernet0/0/1
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
通过此路由表可以观察到,Destination/Mask 标识了目的网络的前缀及掩码,proto 标识了此路由信息是通过OSPF协议获取的,pre 标识了路由优先级,cost 标识了开销值,nexthop 标识了下一跳地址,interface 标识了此前缀的出接口。
此时R1的路由表中已经拥有了去往网络中所有其他网段的路由条目。测试各个部门的连通性正常。
erlang
PC>ping 192.168.20.1
Ping 192.168.20.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.20.1: bytes=32 seq=2 ttl=126 time=16 ms
From 192.168.20.1: bytes=32 seq=3 ttl=126 time=15 ms
From 192.168.20.1: bytes=32 seq=4 ttl=126 time=16 ms
From 192.168.20.1: bytes=32 seq=5 ttl=126 time=15 ms
--- 192.168.20.1 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/15/16 ms