华为HCIP实验--OSPF单区域
2024-09-07 07:50:14
场景:你是公司的网络管理员。现在公司的网络中有三台ARG3路由器,通过以太网实现相互的连通。在以太网这样的广播式多路访问网络上,可能存在安全隐患,所有你选择采用OSPF区域认证的方法来避免恶意的路由攻击。在部署网络的过程中,出现了网络连通性的问题,你通过使用display和debug命令进行了故障排除。
拓扑图:
第一步:配置好各个设备的IP地址,以及LOOPBACK 环回口的IP 用于测试
R1路由器配置
<HUAWEI>system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI]sysname R1
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.31.1 24
[R1-GigabitEthernet0/0/0]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 24
[R1-LoopBack0]quitR2路由器配置
<HUAWEI>system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI]sysname R2
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip address 192.168.31.2 24
[R2-GigabitEthernet0/0/0]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 24
[R2-LoopBack0]quitR3路由器配置
<HUAWEI>system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI]sysname R3
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ip address 192.168.31.3 24
[R3-GigabitEthernet0/0/0]quit
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 24
[R3-LoopBack0]quit检查各个路由之间的通断
第二步:配置OSPF
R1路由器配置
[R1-ospf-1]ospf 1 router-id 10.1.1.1
Info: The configuration succeeded. You need to restart the OSPF process to valid
ate the new router ID.
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 192.168.31.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R1-ospf-1-area-0.0.0.0]quitR2路由器配置
[R2-ospf-1]ospf 1 router-id 10.2.2.2
Info: The configuration succeeded. You need to restart the OSPF process to valid
ate the new router ID.
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 192.168.31.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R2-ospf-1-area-0.0.0.0]quitR3路由器配置
[R3-ospf-1]ospf 1 router-id 10.3.3.3
Info: The configuration succeeded. You need to restart the OSPF process to valid
ate the new router ID.
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 192.168.31.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R3-ospf-1-area-0.0.0.0]quit查看路由器的OSPF状况:
R1路由器配置
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.0/24 Direct 0 0 D 10.0.1.1 LoopBack0
10.0.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.1.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.2/32 OSPF 10 1 D 192.168.31.2 GigabitEthernet0/0/0
10.0.3.3/32 OSPF 10 1 D 192.168.31.3 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.31.0/24 Direct 0 0 D 192.168.31.1 GigabitEthernet0/0/0
192.168.31.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
192.168.31.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0R2路由器配置
<R2>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 192.168.31.1 GigabitEthernet0/0/0
10.0.2.0/24 Direct 0 0 D 10.0.2.2 LoopBack0
10.0.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.3/32 OSPF 10 1 D 192.168.31.3 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.31.0/24 Direct 0 0 D 192.168.31.2 GigabitEthernet0/0/0
192.168.31.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
192.168.31.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0R3路由器配置
<R3>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1 D 192.168.31.1 GigabitEthernet0/0/0
10.0.2.2/32 OSPF 10 1 D 192.168.31.2 GigabitEthernet0/0/0
10.0.3.0/24 Direct 0 0 D 10.0.3.3 LoopBack0
10.0.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.0.3.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.31.0/24 Direct 0 0 D 192.168.31.3 GigabitEthernet0/0/0
192.168.31.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
192.168.31.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1注意:OSPF的状态的重置命令: reset ospf process
步骤三:查看OSPF的建立过程
步骤四. 配置 OSPF 中 Loopback 接口的网络类型
[R1]interface LoopBack 0
[R1-LoopBack0]ospf network-type broadcast
步骤五. 修改接口的 OSPF 代价值
目前的开销值是1
修改R1的G0/0/0接口代价值为20,修改R3的G0/0/0接口代价值为10。
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ospf cost 20
[R1-GigabitEthernet0/0/0]quit
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ospf cost 10
[R3-GigabitEthernet0/0/0]quit重新查看R1到达R3的Loopback0接口路由的代价值,可以看到,开销值变化为设定的值
步骤六. 配置 OSPF 的 Silent-interface
静默接口:是被silent的接口依然可以接受别人发来的更新。即该端口不开启OSPF进程,只是将网段宣告,该端口不收发hello包
配置命令: silent-interface GigabitEthernet 0/0/0
不做演示
最后所有的配置:
<R1>display current-configuration
[V200R007C00SPC600]
#
sysname R1
#
interface GigabitEthernet0/0/0
ip address 10.0.123.1 255.255.255.0
ospf cost 20
#
interface LoopBack0
ip address 10.0.1.1 255.255.255.0
#
ospf 1 router-id 10.0.1.1
silent-interface LoopBack0
area 0.0.0.0
authentication-mode simple plain huawei
network 10.0.1.1 0.0.0.0
network 10.0.123.1 0.0.0.0
#
return
<R2>display current-configuration
[V200R007C00SPC600]
#
sysname R2
#
interface GigabitEthernet0/0/0
ip address 10.0.123.2 255.255.255.0
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.0
ospf network-type broadcast
#
ospf 1 router-id 10.0.2.2
silent-interface LoopBack0
area 0.0.0.0
authentication-mode simple plain huawei
network 10.0.2.2 0.0.0.0
network 10.0.123.2 0.0.0.0
#
return
<R3>display current-configuration
[V200R007C00SPC600]
#
sysname R3
#
interface GigabitEthernet0/0/0
ip address 10.0.123.3 255.255.255.0
ospf cost 10
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.0
#
ospf 1 router-id 10.0.3.3
silent-interface LoopBack0
area 0.0.0.0
authentication-mode simple plain huawei
network 10.0.3.3 0.0.0.0
network 10.0.123.3 0.0.0.0
#
return最新文章
- 阶段一:解析JSON
- web自动化工具-livereload
- ZZUOJ 1199 大小关系(拓扑排序,两种方法_判断入度和dfs回路判断)
- python--切片--6
- apache与tomcat负载集群的3种方法
- Spark RDD概念学习系列之为什么会引入RDD?(一)
- 原生js实现addClass,removeClass,hasClass方法
- Avoid The Lakes
- c#中的数据类型简介(枚举)
- scanf(),gets(),gechar()函数小结
- WRTnode 的 HTTP Web PWM 调光实验(2016-05-16)
- CEGUI添加自定义控件
- BDD敏捷开发入门与实战
- linu输出重定向
- CSS【05】:CSS三大特性
- localhost 和 127.0.0.1 有什么区别?
- JavaScript基础(三)
- 基于HAProxy+Keepalived高可用负载均衡web服务的搭建
- 借用HTML5 插入视频。音频
- Eclipse failed to get the required ADT version number from the sdk