OSPF综合实验1

原创

ligang636 2011-03-19 17:18:41 ©著作权

©著作权归作者所有：来自51CTO博客作者ligang636的原创作品，请联系作者获取转载授权，否则将追究法律责任

需求：
1、 R2、R4上做单点双向重分布，修改从RIP过来的外部路由metric为30；
2、区域0明文认证，对明文加密；区域1在接口上做密文认证；
3、在R3上增加Lo1：10.3.3.3，R3向OSPF发布默认路由，出接口为lo 1，修改外部类型为1，改metric为33；再设置条件，仅当条目4.4.4.4/32存在时，才对外发布默认路由；
4、在R5上增加Lo1:172.16.1.5/24、Lo2:172.16.2.5/24、Lo3:172.16.3.5/24，宣告进EIGRP，然后在向OSPF区域重分布时给这三个条目打上标记5，修改它们的metric为50；
5、 R2上给RIP过来的路由条目打上标记11，且在将OSPF重分布进RIP时，只重分布打了标记5的路由条目；
6、 R5拒绝将192.168.12.0/24放入路由表。
======================================================
解决方案：
需求1：
R2(config)#router ospf 1
R2(config-router)#redistribute rip subnets metric 30
R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 5

R4(config)#router ospf 1
R4(config-router)#redistribute eigrp 100 subnets
R4(config)#router eigrp 100
R4(config-router)#redistribute ospf 1 metric 10000 100 255 1 1500
---------------------------------------------------------------------------------------
需求2：
R2(config)#router ospf 1
R2(config-router)#area 0 authentication
R2(config)#int s1/1
R2(config-if)#ip ospf authentication-key cisco
R2(config)#service password-encryption

R3(config)#router ospf 1
R3(config-router)#area 0 authentication
R3(config)#int s1/0
R3(config-if)#ip ospf authentication-key cisco
-->区域0做明文认证，但是全局加密。

R3(config)#int s1/1
R3(config-if)#ip ospf authentication message
R3(config-if)#ip ospf message-digest-key 1 md5 cisco1

R4(config)#int s1/0
R4(config-if)#ip ospf authentication message-digest
R4(config-if)#ip ospf message-digest-key 1 md5 cisco1
-->区域1接口上做密文认证。
------------------------------------------------------------------------------
需求3：
R3(config)#int lo 1
R3(config-if)#ip add 10.3.3.3 255.255.255.0
R3(config)#ip route 0.0.0.0 0.0.0.0 lo 1 -->仅当路由表中存在0.0.0.0的默认路由时
default-information originate才有效
R3(config)#router ospf 1
R3(config-router)#default-information originate metric-type 1 metric 33

R4#show ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:01:01, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:01:01, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:01:01, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:01:01, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:01:01, Serial1/0
O*E2 0.0.0.0/0 [110/1] via 192.168.34.3, 00:01:01, Serial1/0
-->看到R4上有一条指向R3的默认路由。
--------------------------------------------------------------------------
R3(config)#access-list 1 permit 4.4.4.4
R3(config)#route-map ccna permit 10
R3(config-route-map)#match ip address 1
R3(config)#router ospf 1
R3(config-router)#default-information originate route-map ccna

R4(config)#router ospf 1
R4(config-router)#no network 4.4.4.4 0.0.0.0 area 1 -->关闭R4环回口的OSPF进程
R4#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:00:07, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:00:07, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:00:07, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:00:07, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:00:07, Serial1/0
-->这里看到R3少缺少4.4.4.4/32的路由条目时，不再对外发布默认路由。
再把R4环回口的OSPF进程打开
R4(config-router)#network 4.4.4.4 0.0.0.0 area 1
R4#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.34.3, 00:00:14, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.34.3, 00:00:14, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/129] via 192.168.34.3, 00:00:14, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/65] via 192.168.34.3, 00:00:14, Serial1/0
O IA 192.168.23.0/24 [110/128] via 192.168.34.3, 00:00:14, Serial1/0
O*E2 0.0.0.0/0 [110/1] via 192.168.34.3, 00:00:14, Serial1/0
-->可以看到默认路由出现了！
------------------------------------------------------------------------------------------
需求4：
R5(config)#int lo 1
R5(config-if)#ip add 172.16.1.5 255.255.255.0
R5(config)#int lo 2
R5(config-if)#ip add 172.16.2.5 255.255.255.0
R5(config)#int lo 3
R5(config-if)#ip add 172.16.3.5 255.255.255.0
R5(config)#rouetr eigrp 100
R5(config-router)#network 172.16.0.0 0.0.3.255

R4(config)#ip prefix-list ccnp permit 172.16.1.0/24
R4(config)#ip prefix-list ccnp permit 172.16.2.0/24
R4(config)#ip prefix-list ccnp permit 172.16.3.0/24
R4(config)#route-map ccna permit 10
R4(config-route-map)#match ip address prefix-list ccnp
R4(config-route-map)#set tag 5
R4(config)#route-map ccna permit 20
R4(config)#router ospf 1
R4(config-router)#redistribute eigrp 100 subnets route-map ccna metric 50

R3#sh ip route ospf
O E2 192.168.12.0/24 [110/30] via 192.168.23.2, 00:17:04, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/30] via 192.168.23.2, 00:17:04, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 192.168.23.2, 00:34:48, Serial1/0
O E2 192.168.45.0/24 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 192.168.34.4, 00:17:04, Serial1/1
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
172.16.0.0/24 is subnetted, 3 subnets
O E2 172.16.1.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
O E2 172.16.2.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
O E2 172.16.3.0 [110/50] via 192.168.34.4, 00:00:26, Serial1/1
-->可以看到R3路由表中出现了172.16.1.0到172.16.3.0网段的路由。它们的metric为50，默认为20.

R3#sh ip ospf data

OSPF Router with ID (3.3.3.3) (Process ID 1)
……
……
Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 3.3.3.3 832 0x80000001 0x00E0C5 1
1.1.1.1 2.2.2.2 670 0x80000002 0x00DFA9 0
5.5.5.5 4.4.4.4 197 0x80000001 0x0088F3 0
172.16.1.0 4.4.4.4 220 0x80000001 0x003994 5
172.16.2.0 4.4.4.4 220 0x80000001 0x002E9E 5
172.16.3.0 4.4.4.4 220 0x80000001 0x0023A8 5
192.168.12.0 2.2.2.2 670 0x80000003 0x00D541 0
192.168.45.0 4.4.4.4 197 0x80000001 0x00CC2D 0
-->R3上查看OSPF数据库可以看到路由标记。
------------------------------------------------------------------------------------
需求5：
R2(config)#router ospf 1
R2(config-router)#redistribute rip subnets tag 11
-->给RIP过来的外部路由打标记11.

R2(config)#route-map ccna permit 10
R2(config-route-map)#match tag 5
R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 5 route-map ccna

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B -BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
172.16.0.0/24 is subnetted, 3 subnets
R 172.16.1.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
R 172.16.2.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
R 172.16.3.0 [120/5] via 192.168.12.2, 00:00:05, Serial1/0
-->可以看到R1只学到了OSPF中打了标记5的路由条目。
---------------------------------------------------------------------------------------------
需求6：
首先看一下R5的路由表：
R5#sh ip route eigrp
D EX 192.168.12.0/24 [170/2195456] via 192.168.45.4, 00:00:22, Serial1/0
1.0.0.0/32 is subnetted, 1 subnets
D EX 1.1.1.1 [170/2195456] via 192.168.45.4, 00:00:12, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
D EX 2.2.2.2 [170/2195456] via 192.168.45.4, 00:07:31, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
D EX 3.3.3.3 [170/2195456] via 192.168.45.4, 00:56:28, Serial1/0
4.0.0.0/32 is subnetted, 1 subnets
D EX 4.4.4.4 [170/2195456] via 192.168.45.4, 00:32:12, Serial1/0
D EX 192.168.23.0/24 [170/2195456] via 192.168.45.4, 00:56:28, Serial1/0
D EX 192.168.34.0/24 [170/2195456] via 192.168.45.4, 01:00:45, Serial1/0
D*EX 0.0.0.0/0 [170/2195456] via 192.168.45.4, 00:32:06, Serial1/0
-->现在R5中有192.168.12.0/24的路由条目。下面要拒绝将它放入路由表。

R5(config)#ip prefix-list ccnp deny 192.168.12.0/24
R5(config)#ip prefix-list ccnp permit 0.0.0.0/0 le 32
R5(config)#router eigrp 100
R5(config-router)#distribute-list prefix ccnp in -->应用分发列表

R5#sh ip route ei
1.0.0.0/32 is subnetted, 1 subnets
D EX 1.1.1.1 [170/2195456] via 192.168.45.4, 00:06:24, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
D EX 2.2.2.2 [170/2195456] via 192.168.45.4, 00:13:42, Serial1/0
3.0.0.0/32 is subnetted, 1 subnets
D EX 3.3.3.3 [170/2195456] via 192.168.45.4, 01:02:39, Serial1/0
4.0.0.0/32 is subnetted, 1 subnets
D EX 4.4.4.4 [170/2195456] via 192.168.45.4, 00:38:23, Serial1/0
D EX 192.168.23.0/24 [170/2195456] via 192.168.45.4, 01:02:39, Serial1/0
D EX 192.168.34.0/24 [170/2195456] via 192.168.45.4, 01:06:56, Serial1/0
D*EX 0.0.0.0/0 [170/2195456] via 192.168.45.4, 00:38:17, Serial1/0
-->再次查看R5路由表，可以看到192.168.12.0/24这个条目已经没有了。