OSPF综合实验

小吃饱了2025-04-17 11:38

一、网络拓扑

二、实验要求

1,R5为ISP,其上只能配置IP地址;R4作为企业边界路由器;

2,整个0SPF环境IP基于172.16.0.8/16划分;

3,所有设备均可访问R5的环回;

4,减少LSA的更新量,加快收敛,保障更新安全;

5,全网可达

三、实验思路

1、IP 地址规划确认

已给定各区域基于 172.16.0.0/16 的子网划分,需明确各路由器接口 IP 地址分配,确保与拓扑标注一致 ,为后续配置做准备。

2、设备基础配置

R5(ISP 路由器):仅配置接口 IP 地址,如 Serial4/0/0 接口按要求设置 IP ,无需配置路由协议。

R4(企业边界路由器):配置各接口 IP 地址,包括与 ISP 连接的 Serial4/0/1 接口、与内部网络连接的 GE 接口等。启动 OSPF 进程,宣告所属区域及接口 IP 地址。

其他路由器:配置接口 IP 地址,启动 OSPF 进程,将接口宣告到所属 OSPF 区域 。

3、减少 LSA 更新量及保障安全

区域划分优化:利用 ABR进行合理的路由汇总,将区域内的子网汇总成一条或几条路由发布到其他区域,减少 LSA 泛洪。

认证设置:在 OSPF 区域内配置认证,可选择 MD5 认证方式,在区域内各路由器上设置相同认证密钥,保障路由更新安全。

4、实现全网可达

OSPF 内部:确保 OSPF 各区域内和区域间路由可达,通过合理的区域划分和 ABR 配置,使不同区域的路由信息能正确传递。

与 RIP 区域互联:存在 RIP 区域( 如AR12 连接的区域) ,在边界路由器(如 AR11)上进行 OSPF 与 RIP 的路由重分布,使 OSPF 区域和 RIP 区域的路由相互学习。

5、验证测试

使用 ping 命令从各路由器测试到 R5 环回地址的连通性;通过 display ip routing - table 等命令查看各路由器路由表,检查路由条目是否完整、正确,确保全网可达。

四、具体配置

1、配置IP地址

R1:

复制代码 
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 172.16.35.1 29
Apr 15 2025 17:51:09-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 172.16.32.1 24
[R1-LoopBack0]q

R2

复制代码 
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 172.16.35.2 29
Apr 15 2025 17:55:12-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R2-GigabitEthernet0/0/0]int l0
[R2-LoopBack0]ip add 172.16.33.1 24
[R2-LoopBack0]q

R3

复制代码 
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.35.3 29
Apr 15 2025 17:55:55-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 172.16.0.1 30
Apr 15 2025 17:56:12-08:00 R3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R3-GigabitEthernet0/0/1]int l0
[R3-LoopBack0]ip add 172.16.34.1 24
[R3-LoopBack0]q

R4

复制代码 
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 172.16.0.9 30
Apr 15 2025 17:56:55-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip add 172.16.0.2 30
Apr 15 2025 17:57:07-08:00 R4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R4-GigabitEthernet0/0/1]int g0/0/2
[R4-GigabitEthernet0/0/2]ip add 172.16.0.5 30
[R4-GigabitEthernet0/0/2]
Apr 15 2025 17:57:23-08:00 R4 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol IP 
on the interface GigabitEthernet0/0/2 has entered the UP state. 
[R4-GigabitEthernet0/0/2]int s 4/0/1
[R4-Serial4/0/1]ip add 45.0.0.1 30
[R4-Serial4/0/1]q

R5

复制代码 
[R5]int s 4/0/0
[R5-Serial4/0/0]ip add 45.0.0.2 30
[R5-Serial4/0/0]
Apr 15 2025 18:00:50-08:00 R5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[R5-Serial4/0/0]int l0
[R5-LoopBack0]ip add 200.1.1.1 24
[R5-LoopBack0]q

R6

复制代码 
[R6]int g0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.66.1 30
Apr 15 2025 18:02:27-08:00 R6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R6-GigabitEthernet0/0/0]int g0/0/1
[R6-GigabitEthernet0/0/1]ip add 172.16.0.6 30
Apr 15 2025 18:02:48-08:00 R6 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R6-GigabitEthernet0/0/1]int l0
[R6-LoopBack0]ip add 172.16.64.1 24
[R6-LoopBack0]q

R7

复制代码 
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ip add 172.16.0.10 30
Apr 15 2025 18:04:07-08:00 R7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R7-GigabitEthernet0/0/0]int g0/0/1
[R7-GigabitEthernet0/0/1]ip add 172.16.98.1 30
Apr 15 2025 18:04:22-08:00 R7 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R7-GigabitEthernet0/0/1]int l0
[R7-LoopBack0]ip add 172.16.96.1 24
[R7-LoopBack0]q

R8

复制代码 
[R8]int g0/0/0
[R8-GigabitEthernet0/0/0]ip add 172.16.98.2 30
Apr 15 2025 18:05:29-08:00 R8 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R8-GigabitEthernet0/0/0]int g0/0/1
[R8-GigabitEthernet0/0/1]ip add 172.16.98.5 30
Apr 15 2025 18:05:38-08:00 R8 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R8-GigabitEthernet0/0/1]int l0
[R8-LoopBack0]ip add 172.16.97.1 24
[R8-LoopBack0]q

R9

复制代码 
[R9]int g0/0/0
[R9-GigabitEthernet0/0/0]ip add 172.16.98.6 30
Apr 15 2025 18:06:25-08:00 R9 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R9-GigabitEthernet0/0/0]int g0/0/1
[R9-GigabitEthernet0/0/1]ip add 172.16.130.1 30
Apr 15 2025 18:06:36-08:00 R9 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R9-GigabitEthernet0/0/1]int l0
[R9-LoopBack0]ip add 172.16.128.1 24
[R9-LoopBack0]q

R10

复制代码 
[R10]int g0/0/0
[R10-GigabitEthernet0/0/0]ip add 172.16.130.2 30
Apr 15 2025 18:07:10-08:00 R10 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R10-GigabitEthernet0/0/0]int l0
[R10-LoopBack0]ip add 172.16.129.1 24
[R10-LoopBack0]q
[R10]

R11

复制代码 
[R11]int g0/0/0
[R11-GigabitEthernet0/0/0]ip add 172.16.66.2 30
Apr 15 2025 18:07:45-08:00 R11 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R11-GigabitEthernet0/0/0]int g0/0/1
[R11-GigabitEthernet0/0/1]ip add 172.16.66.5 30
Apr 15 2025 18:07:54-08:00 R11 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R11-GigabitEthernet0/0/1]int l0
[R11-LoopBack0]ip add 172.16.65.1 24
[R11-LoopBack0]q

R12

复制代码 
[R12]int g0/0/0
[R12-GigabitEthernet0/0/0]ip add 172.16.66.6 30
[R12-GigabitEthernet0/0/0]
Apr 15 2025 18:08:37-08:00 R12 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R12-GigabitEthernet0/0/0]int l0
[R12-LoopBack0]ip add 10.1.1.1 24
[R12-LoopBack0]int l1
[R12-LoopBack1]ip add 10.1.2.1 24
[R12-LoopBack1]q

2、ospf基本配置

R1

复制代码 
[R1]ospf router-id 1.1.1.1
[R1-ospf-1]a 1
[R1-ospf-1-area-0.0.0.1]network 172.16.32.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]network 172.16.35.1 0.0.0.0
[R1-ospf-1-area-0.0.0.1]q

R2

复制代码 
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a 1
[R2-ospf-1-area-0.0.0.1]netw	
[R2-ospf-1-area-0.0.0.1]network 172.16.33.1 0.0.0.0
[R2-ospf-1-area-0.0.0.1]network 172.16.35.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]q

R3

复制代码 
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 1	
[R3-ospf-1-area-0.0.0.1]network 172.16.35.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]q
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]network 172.16.0.1 0.0.0.0
[R3-ospf-1-area-0.0.0.0]q

R4

复制代码 
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a 0
[R4-ospf-1-area-0.0.0.0]network 172.16.0.2 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 172.16.0.5 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 172.16.0.9 0.0.0.0
[R4-ospf-1-area-0.0.0.0]

R6

复制代码 
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]network 172.16.0.6 0.0.0.0
[R6-ospf-1-area-0.0.0.0]q
[R6-ospf-1]a 2
[R6-ospf-1-area-0.0.0.2]netw	
[R6-ospf-1-area-0.0.0.2]network 172.16.66.1 0.0.0.0
[R6-ospf-1-area-0.0.0.2]network 172.16.64.1 0.0.0.0
[R6-ospf-1-area-0.0.0.2]q

R7

复制代码 
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]a 0
[R7-ospf-1-area-0.0.0.0]network 172.16.0.10 0.0.0.0
[R7-ospf-1-area-0.0.0.0]q
[R7-ospf-1]a 3
[R7-ospf-1-area-0.0.0.3]network 172.16.96.1 0.0.0.0
[R7-ospf-1-area-0.0.0.3]network 172.16.98.1 0.0.0.0

R8

复制代码 
[R8]ospf 1 router-id 8.8.8.8
[R8-ospf-1]a 3
[R8-ospf-1-area-0.0.0.3]netw	
[R8-ospf-1-area-0.0.0.3]network 172.16.98.2 0.0.0.0
[R8-ospf-1-area-0.0.0.3]network 172.16.97.1 0.0.0.0
[R8-ospf-1-area-0.0.0.3]network 172.16.98.5 0.0.0.0
[R8-ospf-1-area-0.0.0.3]q

R9

复制代码 
[R9]ospf 1 router-id 9.9.9.9
[R9-ospf-1]a 3
[R9-ospf-1-area-0.0.0.3]network 172.16.98.6 0.0.0.0
[R9-ospf-1-area-0.0.0.3]q
[R9-ospf-1]q	
[R9]ospf 2 router-id 9.9.9.9
[R9-ospf-2]a 4
[R9-ospf-2-area-0.0.0.4]network 172.16.128.1 0.0.0.0
[R9-ospf-2-area-0.0.0.4]network 172.16.130.1 0.0.0.0
[R9-ospf-2-area-0.0.0.4]q

R10

复制代码 
[R10]ospf 1 router-id 10.10.10.10
[R10-ospf-1]a 4
[R10-ospf-1-area-0.0.0.4]network 172.16.129.1 0.0.0.0
[R10-ospf-1-area-0.0.0.4]network 172.16.130.2 0.0.0.0

R11

复制代码 
[R11]ospf 1 router-id 11.11.11.11
[R11-ospf-1]a 2
[R11-ospf-1-area-0.0.0.2]network 172.16.66.2 0.0.0.0
[R11-ospf-1-area-0.0.0.2]network 172.16.65.1 0.0.0.0
[R11-ospf-1-area-0.0.0.2]network 172.16.66.5 0.0.0.0

R12

复制代码 
[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]a 2
[R12-ospf-1-area-0.0.0.2]network 172.16.66.6 0.0.0.0
[R12-ospf-1-area-0.0.0.2]q
[R12-ospf-1]q
[R12]rip 1
[R12-rip-1]version 2
[R12-rip-1]network 10.0.0.0
[R12-rip-1]q

各路由器邻居建立情况

R1

R2

R3

R4

R6

R7

R8

R9

R10

R11

R12

3、ospf优化

1)路由汇总

域间路由汇总(在ABR设备上)

R3

复制代码 
[r3]ospf 1
[r3-ospf-1]a 1
[r3-ospf-1-area-0.0.0.1]abr-summary 172.16.64.0 255.255.224.0

R6

复制代码 
[r6]ospf 1
[r6-ospf-1]a 2
[r6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0

R7

复制代码 
[r7]ospf 1
[r7-ospf-1]a 3
[r7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0
域外路由汇总(在ASBR设备上)

R12

复制代码 
[r12]ospf 1
[r12-ospf-1]asbr-summary 10.1.0.0 255.255.252.0

R9

复制代码 
[r9]ospf 1
[r9-ospf-1]asbr-summary 172.16.128.0 255.255.224.0

2)特殊区域

复制代码 
[r1]ospf 1
[r1-ospf-1]a 1
[r1-ospf-1-area-0.0.0.1]stub 
 

[r2]ospf 1
[r2-ospf-1]a 1
[r2-ospf-1-area-0.0.0.1]stub 
 

[r3]ospf 1
[r3-ospf-1]a 1
[r3-ospf-1-area-0.0.0.1]stub no-summary 

[r6]ospf 1
[r6-ospf-1]a 2
[r6-ospf-1-area-0.0.0.2]nssa no-summary
 

[r11]ospf 1
[r11-ospf-1]a 2
[r11-ospf-1-area-0.0.0.2]nssa
 

[r12]ospf 1
[r12-ospf-1]a 2
[r12-ospf-1-area-0.0.0.2]nssa

[r7]ospf 1
[r7-ospf-1]a 3
[r7-ospf-1-area-0.0.0.3]nssa  no-summary
 

[r8]ospf 1
[r8-ospf-1]a 3
[r8-ospf-1-area-0.0.0.3]nssa 
 

[r9]ospf 1
[r9-ospf-1]a 3
[r9-ospf-1-area-0.0.0.3]nssa

4、缺省、默认路由通告以及重发布

复制代码 
[R4]ip route-static 0.0.0.0 0 45.0.0.2

[r9]ospf 2
[r9-ospf-2]default-route-advertise

[r4]ospf 1    
[r4-ospf-1]default-route-advertise

[R9]ospf 1
[R9-ospf-1]import-route ospf 2
[R9-ospf-1]q
[R9]ospf 2
[R9-ospf-2]import-route ospf 1
[R9-ospf-2]

[R12]ospf 1
[R12-ospf-1]import-route rip
[R12-ospf-1]q

5、加快收敛(修改为p2p或者p2mp,无需进行DR和BDR选举从而达到加快收敛)

复制代码 
[r3]int g0/0/0    
[r3-GigabitEthernet0/0/0]ospf network-type p2mp
[r1]int g0/0/0    
[r1-GigabitEthernet0/0/0]ospf network-type p2mp
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ospf network-type p2mp
 

[r3]int g0/0/1
[r3-GigabitEthernet0/0/1]ospf network-type p2p
[r4]int g0/0/1
[r4-GigabitEthernet0/0/1]ospf network-type p2p
 

[r4]int g0/0/2
[r4-GigabitEthernet0/0/2]ospf network-type p2p
[r6]int g0/0/1
[r6-GigabitEthernet0/0/1]ospf network-type p2p
 

[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ospf network-type p2p
[r7]int g0/0/0
[r7-GigabitEthernet0/0/0]ospf network-type p2p
 

[r6]int g0/0/0
[r6-GigabitEthernet0/0/0]ospf network-type p2p
[r11]int g0/0/0
[r11-GigabitEthernet0/0/0]ospf network-type p2p
 

[r11-GigabitEthernet0/0/0]int g0/0/1
[r11-GigabitEthernet0/0/1]ospf network-type p2p
[r12]int g0/0/0
[r12-GigabitEthernet0/0/0]ospf network-type p2p
 

[r7]int g0/0/1
[r7-GigabitEthernet0/0/1]ospf network-type p2p
[r8]int g0/0/0
[r8-GigabitEthernet0/0/0]ospf network-type p2p
 

[r8-GigabitEthernet0/0/0]int g0/0/1
[r8-GigabitEthernet0/0/1]ospf network-type p2p
[r9]int g0/0/0
[r9-GigabitEthernet0/0/0]ospf network-type p2p
 

[r9]int g0/0/1
[r9-GigabitEthernet0/0/1]ospf network-type p2p
[r10]int g0/0/0
[r10-GigabitEthernet0/0/0]ospf network-type p2p

6、保证更新安全(做认证)

只需在区域0配置即可

复制代码 
[r4]ospf 1
[r4-ospf-1]a 0
[r4-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher  123456
 
[r3]ospf 1
[r3-ospf-1]a 0
[r3-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher  123456
 
[r6]ospf 1
[r6-ospf-1]a 0
[r6-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher  123456
 
[r7]ospf 1
[r7-ospf-1]a 0
[r7-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher  123456

7、配置NAT

复制代码 
[r4]acl 2000
[r4-acl-basic-2000]rule permit  source  172.16.0.0   0.0.255.255
 
[r4]int s4/0/1    
[r4-Serial4/0/1]nat outbound 2000

五、测试

所有设备均可访问R5的环回(因设备过多 这里展示R1 R10 R12)

全网可达

R1 ping R7 R8 R10环回

相关推荐
lisw053 小时前
网络化:DevOps 工程的必要基础(Networking: The Essential Foundation for DevOps Engineering)
网络·devops
驱动小百科5 小时前
WiFi出现感叹号上不了网怎么办 轻松恢复网络
网络·智能路由器·wifi出现感叹号怎么解决·wifi无法上网·电脑wifi
好多知识都想学5 小时前
协议路由与路由协议
网络·智能路由器
SZ1701102315 小时前
中继器的作用
服务器·网络·智能路由器
Huazzi.7 小时前
Ubuntu 22虚拟机【网络故障】快速解决指南
linux·网络·学习·ubuntu·bash·编程
熙曦Sakura7 小时前
【Linux网络】HTTP
linux·网络·http
毒果7 小时前
网络安全:账号密码与诈骗防范
网络·安全·web安全
八股文领域大手子7 小时前
SSL/TLS 证书与数字签名:构建互联网信任的详解
网络·网络协议·ssl
学渣676568 小时前
TCP/IP 模型每层的封装格式
网络
热门推荐
01【分布式】Hadoop完全分布式的搭建(零基础)02从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑03KGG转MP3工具|非KGM文件|解密音频04YOLOv8入门 | 重要性能衡量指标、训练结果评价及分析及影响mAP的因素【发论文关注的指标】05【SpeedAI科研小助手】2分钟极速解决知网维普重复率、AIGC率过高,一键全文降!文件格式不变,公式都保留的!06Coze扣子平台完整体验和实践(附国内和国际版对比)07DeepSeek各版本说明与优缺点分析08苍穹外卖面试总结09西电B测-计算机网络综合实验(含验收问题)10最新 Kubernetes 集群部署 + flannel 网络插件(保姆级教程,最新 K8S 版本)