IP-OSPF域外路由引入实验

张

张建站

2026/6/1 11:06:19

10分钟阅读

实验拓扑一、配置IP地址R1R2R3R4R5R6R7R8R9R10R11R12二、配置缺省路由使全网通R3:[R3]IP route-static 0.0.0.0 0 34.0.0.4R5:[R5]IP route-static 0.0.0.0 0 45.0.0.4R6:[R6]ip route-static 0.0.0.0 0 46.0.0.4R7:[R7]ip route-static 0.0.0.0 0 47.0.0.4公网通测试三、配置OSPFarea3使用进程1area4使用进程2[r9-ospf-1]import-route ospf 2[r9-ospf-2]import-route ospf 1将RIP引入area2[r12-ospf-1]import-route rip 1四、配置MGRE[r3-Tunnel0/0/1]interface Tunnel0/0/0[r3-Tunnel0/0/1] ip address 172.16.6.3 255.255.255.0[r3-Tunnel0/0/1] tunnel-protocol gre p2mp[r3-Tunnel0/0/1] source 34.0.0.3[r3-Tunnel0/0/1]nhrp network-id 1000[r5-Tunnel0/0/1]interface Tunnel0/0/0[r5-Tunnel0/0/1] ip address 172.16.6.5 255.255.255.0[r5-Tunnel0/0/1] tunnel-protocol gre p2mp[r5-Tunnel0/0/1]source Serial4/0/0[r5-Tunnel0/0/1] nhrp network-id 1000[r5-Tunnel0/0/1]nhrp entry 172.16.6.3 34.0.0.3 register[r6-Tunnel0/0/1]interface Tunnel0/0/0[r6-Tunnel0/0/1] ip address 172.16.6.6 255.255.255.0[r6-Tunnel0/0/1] tunnel-protocol gre p2mp[r6-Tunnel0/0/1] source Serial4/0/0[r6-Tunnel0/0/1] nhrp network-id 1000[r6-Tunnel0/0/1] nhrp entry 172.16.6.3 34.0.0.3 register[r7-Tunnel0/0/1]interface Tunnel0/0/0[r7-Tunnel0/0/1] ip address 172.16.6.7 255.255.255.0[r7-Tunnel0/0/1] tunnel-protocol gre p2mp[r7-Tunnel0/0/1]source GigabitEthernet0/0/0[r7-Tunnel0/0/1] nhrp network-id 1000[r7-Tunnel0/0/1] nhrp entry 172.16.6.3 34.0.0.3 register1、在中心站点开启伪广播[r3-Tunnel0/0/1]nhrp entry multicast dynamic2、将隧道接口修改成广播型[r3-Tunnel0/0/1]ospf network-type broadcast[r5-Tunnel0/0/1]ospf network-type broadcast[r6-Tunnel0/0/1]ospf network-type broadcast[r7-Tunnel0/0/1]ospf network-type broadcast3、修改DR的选举[r5-Tunnel0/0/1]ospf dr-priority 0[r6-Tunnel0/0/1]ospf dr-priority 0[r7-Tunnel0/0/1]ospf dr-priority 05.内网出口配置nat抓取流量[r3]acl number 2000[r3-acl-basic -2000]rule 5 permit source 172.16.0.0 0.0.0.255[r3-Serial4/0/0]nat outbound 2000[r5]acl number 2000[r5-acl-basic -2000]rule 5 permit source 172.16.0.0 0.0.255.255[r5-Serial4/0/0]nat outbound 2000[r6]acl number 2000[r6-acl-basic-2000]rule 5 permit source 172.16.0.0 0.0.0.255[r6-Serial4/0/0]nat outbound 2000[r7]acl number 2000[r7-acl-basic-2000]rule 5 permit source 172.16.0.0 0.0.255.255[r7-GigabitEthernet4/0/0]nat outbound 2000在ABR上下放缺省路由[r3-ospf-1]default-route-advertise[r5-ospf-1]default-route-advertise[r6-ospf-1]default-route-advertise[r7-ospf-1]default-route-advertiseping通测6.路由汇总和特殊区域[r3-ospf-1-area-0.0.0.1]abr-summary 172.16.32.0 255.255.224.0[r3-ospf-1-area-0.0.0.1]stub no-summary[r1-ospf-1-area-0.0.0.1]stub no-summary[r2-ospf-1-area-0.0.0.1]stub no-summary[r6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0[r6-ospf-1-area-0.0.0.2]nssa no-summary[r7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0[r7-ospf-1-area-0.0.0.3]nssa no-summary[r8-ospf-1-area-0.0.0.3]nssa no-summary[r9-ospf-1-area-0.0.0.3]nssa no-summary[r11-ospf-1-area-0.0.0.2]nssa no-summary[r12-ospf-1-area-0.0.0.2]nssa no-summary此时area 4没法访问外网给area 4下发缺省路由[r9-ospf-2]default-route-advertiseping通测试7、减少LSA的更新量加快收敛保障更新安全[r1-GigabitEthernet0/0/0]ospf timer hello 1[r2-GigabitEthernet0/0/0]ospf timer hello 1[r3-GigabitEthernet0/0/0]ospf timer hello 1[r3-Tunnel0/0/1]ospf timer hello 1[r5-Tunnel0/0/1]ospf timer hello 1[r6-Tunnel0/0/1]ospf timer hello 1[r6-GigabitEthernet0/0/1]ospf timer hello 1[r7-Tunnel0/0/1]ospf timer hello 1[r7-GigabitEthernet0/0/1]ospf timer hello 1[r8-GigabitEthernet0/0/0]ospf timer hello 1[r8-GigabitEthernet0/0/1]ospf timer hello 1[r9-GigabitEthernet0/0/0]ospf timer hello 1[r9-GigabitEthernet0/0/1]ospf timer hello 1[r10-GigabitEthernet0/0/0]ospf timer hello 1[r11-GigabitEthernet0/0/0]ospf timer hello 1[r11-GigabitEthernet0/0/1]ospf timer hello 1[r12-GigabitEthernet0/0/0]ospf timer hello 18、进行OSPF认证[r1-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 12345[r2-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 12345[r3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 12345[r3-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 12345[r5-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 12345[r6-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher 12345[r6-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 12345[r7-ospf-1-area-0.0.0.0]authentication-mode md5 1 cipher 12345[r7-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher 12345[r8-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher 12345[r9-ospf-1-area-0.0.0.3]authentication-mode md5 1 cipher 12345[r9-ospf-2-area-0.0.0.4]authentication-mode md5 1 cipher 12345[r10-ospf-2-area-0.0.0.4]authentication-mode md5 1 cipher 12345[r11-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher 12345[r12-ospf-1-area-0.0.0.2]authentication-mode md5 1 cipher 12345全网通测试

【LangChain】RunnableWithMessageHistory 完全指南（上）：基础与存储实战

RunnableWithMessageHistory 完全指南（上）：基础与存储实战本文是 LangChain Expression Language (LCEL) 系列的开篇。我们从「为什么需要对话历史」出发，拆解 RunnableWithMessageHistory 的设计哲学、核心机制与生产级存储方案…...

2026/6/1 11:05:39 阅读更多 →

从Input.GetAxis到手感调优：详解Unity中移动与旋转的平滑处理与参数配置

从Input.GetAxis到手感调优：Unity中移动与旋转的平滑处理实战指南当玩家抱怨"角色移动像溜冰"或"瞄准手感像在拖拽重物"时，问题往往出在输入系统的参数配置上。Unity的Input.GetAxis远不止是获取-1到1之间的数值那么简单&#xff0c…...

2026/6/1 11:04:57 阅读更多 →

快速掌握DHCP与DNS服务器配置

DHCP 服务器 DHCP服务介绍动态主机配置协议（DHCP-Dynamic Host Configuration Protocol），自动给设备配置网络参数用于IPv4网络的 DHCPv4。用于IPv6网络的 DHCPv6。客户端使用DHCPv4配置网络接口时，网卡将 DHCPDISCOVER 数据包发…...

2026/6/1 11:03:00 阅读更多 →