思科路由部分11个实验项目全教程
www.net130.com     日期:2008-7-22    浏览次数:
出处:51cto
实验10 简单的路由重发布 末节区域 完全末节区域 NSSA区域 Virtual-Link

    SR1 - SR2配置为RipV2
    SR3 - SR4配置为EIGRP
    SW1 配置为 RIPv2和Area 0的ASBR
    SW2 配置为 EIGRP和Area 0的ASBR

    [简单的路由重发布]
    [SW1]
    router ospf 100
    redis rip sub
    [SW2]
    router ospf 100
    redis eigrp 100 sub

    然后再SR1-SR4上分别配置一条默认路由

    ip route 0.0.0.0 0.0.0.0 f0/0

    在SR1-SR4上 ping 随便一个IP

    SRX#ping 192.168.1.1
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 204/232/280 ms

    我们到P1区域的P1R4上面察看路由
    [验证结果]

    

[Copy to clipboard]
CODE:
O E2 102.0.0.0/8 [110/20] via 192.168.4.2, 00:11:15, FastEthernet0/0
O E2 103.0.0.0/8 [110/20] via 192.168.4.2, 00:11:15, FastEthernet0/0
O E2 101.0.0.0/8 [110/20] via 192.168.4.2, 00:11:15, FastEthernet0/0
O E2 104.0.0.0/8 [110/20] via 192.168.4.2, 00:11:16, FastEthernet0/0
O IA 172.17.0.0/16 [110/131] via 192.168.4.2, 04:03:35, FastEthernet0/0
O IA 172.16.0.0/16 [110/194] via 192.168.4.2, 04:17:13, FastEthernet0/0
O IA 172.19.0.0/16 [110/131] via 192.168.4.2, 04:17:03, FastEthernet0/0
O IA 172.18.0.0/16 [110/195] via 192.168.4.2, 04:17:03, FastEthernet0/0
O IA 219.146.241.0/24 [110/66] via 192.168.4.2, 04:17:43, FastEthernet0/0
C 192.168.4.0/24 is directly connected, FastEthernet0/0
O IA 219.146.243.0/24 [110/129] via 192.168.4.2, 04:17:43, FastEthernet0/0
10.0.0.0/32 is subnetted, 3 subnets
O 10.0.0.2 [110/65] via 192.168.4.2, 04:17:43, FastEthernet0/0
[110/65] via 192.168.3.1, 04:17:43, Serial1/0
O 10.0.0.3 [110/1] via 192.168.4.2, 04:17:44, FastEthernet0/0
O 10.0.0.1 [110/65] via 192.168.4.2, 04:17:44, FastEthernet0/0
O IA 219.146.242.0/24 [110/130] via 192.168.4.2, 04:17:44, FastEthernet0/0
11.0.0.0/32 is subnetted, 3 subnets
O IA 11.0.0.3 [110/130] via 192.168.4.2, 04:17:04, FastEthernet0/0
O IA 11.0.0.2 [110/130] via 192.168.4.2, 04:17:14, FastEthernet0/0
O IA 11.0.0.1 [110/66] via 192.168.4.2, 04:17:09, FastEthernet0/0
O IA 219.146.244.0/24 [110/130] via 192.168.4.2, 00:14:22, FastEthernet0/0
O 192.168.1.0/24 [110/65] via 192.168.4.2, 04:17:45, FastEthernet0/0
O 192.168.2.0/24 [110/65] via 192.168.3.1, 04:17:45, Serial1/0
C 192.168.3.0/24 is directly connected, Serial1/0

    可以看到其他区域和的外部路由都已经被学习到,默认学习到的外部路由为E2,以后将会进行相关配置和讲解

    [末节区域]

    把一个区域配置成末节区域,可以大大的减少该区域内的链路状态数据库的大小,降低了对路由器的内存要求,末节区域不接受类型5的LSA

    配置末节和完全末节区域之前需要注意以下几点

    1,该区域没有ASBR-不接收类型5的LSA
    2,只有一个出口
    3,不是BackBone
    4,不是Virturl-Link的过渡区域
    5,如果一个AREA配置成STUB AREA,则在与这个区域相连的所有路由器中都应将该区域配置成STUB AREA
    6,完全末节在ABR上配置就足够了,但是为了规划上的平衡,建议在此区的其他路游器上也配置
    7,邻居越多要求路由器资源越多,特别是LAN中的DR,建议通过手工配置(如priority)CPU和内存大的路由承担
    8,区域越多要求ABR性能越高,区域维护工作可让几台路由承担ABR功能;

    我们把Area 1 设置为末节区域

    [BBR2]
    router ospf 100
    area 1 stub
    [P1R1-P1R4]
    router ospf 100
    area 1 stub验证结果

   

 [Copy to clipboard]
CODE:
P1R4#sh ip route
O IA 172.17.0.0/16 [110/131] via 192.168.4.2, 00:00:41, FastEthernet0/0
O IA 172.16.0.0/16 [110/194] via 192.168.4.2, 00:00:41, FastEthernet0/0
O IA 172.19.0.0/16 [110/131] via 192.168.4.2, 00:00:41, FastEthernet0/0
O IA 172.18.0.0/16 [110/195] via 192.168.4.2, 00:00:41, FastEthernet0/0
O IA 219.146.241.0/24 [110/66] via 192.168.4.2, 00:00:41, FastEthernet0/0
C 192.168.4.0/24 is directly connected, FastEthernet0/0
O IA 219.146.243.0/24 [110/129] via 192.168.4.2, 00:00:41, FastEthernet0/0
10.0.0.0/32 is subnetted, 3 subnets
O 10.0.0.2 [110/65] via 192.168.4.2, 00:00:42, FastEthernet0/0
[110/65] via 192.168.3.1, 00:00:42, Serial1/0
O 10.0.0.3 [110/1] via 192.168.4.2, 00:00:42, FastEthernet0/0
O 10.0.0.1 [110/65] via 192.168.4.2, 00:00:42, FastEthernet0/0
O IA 219.146.242.0/24 [110/130] via 192.168.4.2, 00:00:42, FastEthernet0/0
11.0.0.0/32 is subnetted, 3 subnets
O IA 11.0.0.3 [110/130] via 192.168.4.2, 00:00:43, FastEthernet0/0
O IA 11.0.0.2 [110/130] via 192.168.4.2, 00:00:43, FastEthernet0/0
O IA 11.0.0.1 [110/66] via 192.168.4.2, 00:00:43, FastEthernet0/0
O IA 219.146.244.0/24 [110/130] via 192.168.4.2, 00:00:43, FastEthernet0/0
O 192.168.1.0/24 [110/65] via 192.168.4.2, 00:00:43, FastEthernet0/0
O 192.168.2.0/24 [110/65] via 192.168.3.1, 00:00:43, Serial1/0
C 192.168.3.0/24 is directly connected, Serial1/0
O*IA 0.0.0.0/0 [110/66] via 192.168.4.2, 00:00:43, FastEthernet0/0

    外部路由已经全部去除

    [完全末节区域]

    我们把Area 2 设置为完全末节区域

    [BBR1]
    router ospf 100
    area 2 stub no-summary
    [P2R1-P2R4]
    router ospf 100
    area 2 stub

    只有ABR才关心stub还是stub no-summ

    在完全末节区域非ABR上不应该打 no-summ -你都打上说明你没理解这命令的意思

    stub拒绝类型5, stub no-summ拒绝类型3-4-5,ABR上都拒绝了3-4-5了,内部路由器没有必要重复劳动

    验证结果

 

 [Copy to clipboard]
CODE:
P2R4#sh ip route
O 172.17.0.0/16 [110/65] via 172.18.1.1, 00:00:23, Serial1/0
O 172.16.0.0/16 [110/65] via 172.19.1.1, 00:00:23, FastEthernet0/0
C 172.19.0.0/16 is directly connected, FastEthernet0/0
C 172.18.0.0/16 is directly connected, Serial1/0
11.0.0.0/32 is subnetted, 3 subnets
O 11.0.0.3 [110/1] via 172.19.1.1, 00:00:23, FastEthernet0/0
O 11.0.0.2 [110/65] via 172.19.1.1, 00:00:23, FastEthernet0/0
[110/65] via 172.18.1.1, 00:00:23, Serial1/0
O 11.0.0.1 [110/65] via 172.19.1.1, 00:00:23, FastEthernet0/0
O*IA 0.0.0.0/0 [110/66] via 172.19.1.1, 00:00:23, FastEthernet0/0

    除本区域外路由都被去除

    [NSSA]

    为实现NSSA,这里我们把SW1-SW2配置为Area 3

   

 
[SW1]
router ospf 100
redis rip sub
network 219.146.242.0 0.0.0.255 area 3
network 219.146.244.0 0.0.0.255 area 3
area 3 nssa
[SW2]
router ospf 100
redi eigrp 100 sub
network 219.146.243.0 0.0.0.255 area 3
network 219.146.244.0 0.0.0.255 area 3
area 3 nssa
[BBR1]
router ospf 100
area 1 stub
area 3 nssa
network 10.0.0.0 0.255.255.255 area 1
network 219.146.241.0 0.0.0.255 area 0
network 219.146.243.0 0.0.0.255 area 3
[BBR2]
router ospf 100
area 2 stub no-summary
area 3 nssa
network 11.0.0.0 0.255.255.255 area 2
network 219.146.241.0 0.0.0.255 area 0
network 219.146.242.0 0.0.0.255 area 3

    根据上面的配置结果,SW1和SW2作为ASBR,BBR1和BBR2作为ABR,他们的操作步骤:

    Sw1和Sw2接收RIP和EIGRP的路由

    因为SW1和SW2连接到NSSA区域,所以将RIP和EIGRP路由作为LSA类型7发布到NSSA中

    BBR1和BBR2作为连接NSSA和Area0的ABR,接收LSA类型7

    在SPF计算转发数据库之后,RTB将LSA7转换为LSA5然后将其洪泛到Area0

    [验证结果]

    

[Copy to clipboard]
CODE:
BBR1#sh ip route
O N2 102.0.0.0/8 [110/20] via 219.146.243.2, 00:05:45, Serial1/1
O N2 103.0.0.0/8 [110/20] via 219.146.243.2, 00:08:22, Serial1/1
O N2 101.0.0.0/8 [110/20] via 219.146.243.2, 00:05:45, Serial1/1
O N2 104.0.0.0/8 [110/20] via 219.146.243.2, 00:08:22, Serial1/1
.....
[Copy to clipboard]
CODE:
BBR1#sh ip ospf data
Type-7 AS External Link States (Area 3)
Link ID ADV Router Age Seq# Checksum Tag
101.0.0.0 219.146.244.1 336 0x80000001 0x00E880 0
102.0.0.0 219.146.244.1 337 0x80000001 0x00DB8C 0
103.0.0.0 219.146.244.2 779 0x80000002 0x00D390 0
104.0.0.0 219.146.244.2 780 0x80000002 0x00C69C 0

    注意,考虑什么类型的LSA被阻止,要站在区域类型的角度上考虑,而不要站在ABR或ASBR的角度上考虑!

    [Virtual-Link]
    我们把SR1和SR2配置为OSPF的Area 4

    [SR1-SR2]
    no router rip
    router ospf 100
    network 101.0.0.0 0.255.255.255 area 4
    因为配置任何类型的末节区域的时候,该区域是不能存在Virtual-link的,所以要把SW1上Area 3的NSSA去掉!

    [SW1]
    router ospf 100
    no area 3 nssa
    no redi rip sub
    network 101.0.0.0 0.255.255.255 area 4
    network 102.0.0.0 0.255.255.255 area 4
    area 3 virtual-link 219.146.242.1
    [BBR2]
    router ospf 100
    area 3 virtual-link 219.146.244.1

    注意:
    RA--1--RB---2---RC--0--RD
    | |
    IP1 IP2
    Area1和Area0的Virtual-link,配置的是中间两个R之间的area 2 和 对方的IP(也就是Router ID,sh ip ospf查看)

    RB:area 2 vir IP2
    RC:area 2 vir IP1

    通过以上配置将Area2转换为转发区域

    [验证结果]

   

 
[Copy to clipboard]
CODE:
SW1#sh ip ospf vir
Virtual Link OSPF_VL4 to router 219.146.242.1 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 3, via interface Serial0/1, Cost of using 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:04
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
Virtual-link状态正常
[Copy to clipboard]
CODE:
SR1#sh ip route
O E2 104.0.0.0/8 [110/20] via 101.0.0.2, 00:15:00, FastEthernet0/0
O 102.0.0.0/8 [110/2] via 101.0.0.2, 00:15:00, FastEthernet0/0
O E2 103.0.0.0/8 [110/20] via 101.0.0.2, 00:15:00, FastEthernet0/0
.........
CODE:
BBR1#sh ip ospf data
Type-7 AS External Link States (Area 3)
Link ID ADV Router Age Seq# Checksum Tag
101.0.0.0 219.146.244.1 336 0x80000001 0x00E880 0
102.0.0.0 219.146.244.1 337 0x80000001 0x00DB8C 0
103.0.0.0 219.146.244.2 779 0x80000002 0x00D390 0
104.0.0.0 219.146.244.2 780 0x80000002 0x00C69C 0

    SR1已经通过virtual-link成功的学习到Area0的路由信息

    知识点

    LSA类型

    类型1:router LSA 由每个路由器产生,用来描述产生它的路由器,该路由器的直连链路和状态,以及该路由器的邻居。
    类型2:network LSA 由多点接入链路上的指定路由器(DR)产生,描述了该链路以及所由相连的邻居。
    类型3:network summary LSA 由区域边界路由器(ABR)产生,描述了区域间的目标网络。
    类型4:ASBR Summary LSA 由区域边界路由器(ABR)产生,描述了区域外的自主系统边界路由器
    类型5:AS External LSA 由自主系统边界路由器(ASBR)产生,描述OSPF域之外的目标网络。
    类型7:NSSA External LSA由末梢区域内的自主系统边界路由器(autonomous Router)产生。

    区域类型

    末节区域:不允许AS外部LSA通告在其内部进行泛洪的区域。阻止类型5的LSA。
    完全末节区域:具有末节区域的特性,另外还阻止了类型3和类型4的LSA(3-4-5)
    NSSA区域:具有末节区域的特性,不同的是在NSSA内部允许类型7的LSA泛洪,路由都标记为N2

本新闻共12页,当前在第11页  1  2  3  4  5  6  7  8  9  10  11  12  

相关新闻