某公司有两张园区网络,分别是A园区和B园区,由于业务需求,需要将两张园区网络整合到一起,实现互联互通。
因此管理员将AR2-AR4、AR3-AR5通过物理线缆相连,并且此互联链路运行在ospf 100中。
现在要求工程师在AR2和AR3上配置双点双向重分发,实现两张园区网络的互通,要求不能出现环路和断网现象。
步骤1:配置ip地址(拓扑已配)
步骤2:配置A园区路由
AR1:
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0001.00
interface GigabitEthernet0/0/0
isis enable 1
interface GigabitEthernet0/0/1
isis enable 1
AR2:
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0002.00
interface GigabitEthernet0/0/0
isis enable 1
interface GigabitEthernet0/0/2
isis enable 1
AR3:
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0003.00
interface GigabitEthernet0/0/0
isis enable 1
interface GigabitEthernet0/0/2
isis enable 1
步骤3:配置B园区路由
AR2:
ospf 100 router-id 2.2.2.2
area 0.0.0.0
network 10.0.24.0 0.0.0.255
AR3:
ospf 100 router-id 3.3.3.3
area 0.0.0.0
network 10.0.35.0 0.0.0.255
AR4:
ospf 100 router-id 4.4.4.4
area 0.0.0.0
network 10.0.24.0 0.0.0.255
network 10.0.45.0 0.0.0.255
network 10.0.46.0 0.0.0.255
AR5:
ospf 100 router-id 5.5.5.5
area 0.0.0.0
network 10.0.35.0 0.0.0.255
network 10.0.45.0 0.0.0.255
network 10.0.56.0 0.0.0.255
AR6:
ospf 100 router-id 6.6.6.6
area 0.0.0.0
network 10.0.46.0 0.0.0.255
network 10.0.56.0 0.0.0.255
步骤4:在AR6创建环回口6.6.6.6并引入进ospf ,cost为2 ,并且在AR2和AR3进行双向引入。
AR6:
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
ospf 100
import-route direct cost 2
AR2:
isis 1
import-route ospf 100
ospf 100
import isis
AR3:
isis 1
import-route ospf 100
ospf 100
import isis
测试:
<AR1>tracert 6.6.6.6
traceroute to 6.6.6.6(6.6.6.6), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.12.2 20 ms 20 ms 20 ms
2 10.0.24.4 30 ms 20 ms 20 ms
3 10.0.45.5 20 ms 30 ms 30 ms
4 10.0.35.3 20 ms 50 ms 30 ms
5 10.0.23.2 30 ms 30 ms 40 ms
6 10.0.24.4 30 ms 40 ms 40 ms
7 10.0.45.5 50 ms 50 ms 50 ms
8 10.0.35.3 50 ms 40 ms 40 ms
9 10.0.23.2 50 ms 60 ms 50 ms
10 10.0.24.4 60 ms 60 ms 60 ms
11 10.0.45.5 70 ms 50 ms 80 ms
12 10.0.35.3 50 ms 60 ms 70 ms
13 10.0.23.2 50 ms 60 ms 50 ms
14 10.0.24.4 70 ms 80 ms 70 ms
15 10.0.45.5 80 ms 70 ms 80 ms
16 10.0.35.3 70 ms 80 ms 70 ms
17 10.0.23.2 90 ms 70 ms 80 ms
18 10.0.24.4 70 ms 80 ms 80 ms
19 10.0.45.5 100 ms 90 ms 80 ms
20 10.0.35.3 90 ms 70 ms 100 ms
21 10.0.23.2 80 ms 90 ms 90 ms
22 10.0.24.4 90 ms 100 ms 80 ms
23 10.0.45.5 100 ms 90 ms 110 ms
24 10.0.35.3 120 ms 110 ms 80 ms
25 10.0.23.2 110 ms 90 ms 110 ms
26 10.0.24.4 130 ms 100 ms 110 ms
27 10.0.45.5 110 ms 90 ms 110 ms
28 10.0.35.3 120 ms 120 ms 110 ms
29 10.0.23.2 110 ms 120 ms 120 ms
30 10.0.24.4 130 ms 120 ms 120 ms
发现出现路由环路,其原因是由于路由回灌导致的。
步骤5:配置路由策略
AR2:
route-policy isistoospf deny node 10
if-match tag 200
route-policy isistoospf permit node 20
apply tag 100
route-policy ospftoisis deny node 10
if-match tag 400
route-policy ospftoisis permit node 20
apply tag 300
AR3:
route-policy ospftoisis deny node 10
if-match tag 100
route-policy ospftoisis permit node 20
apply tag 200
route-policy isistoospf deny node 10
if-match tag 300
route-policy isistoospf permit node 20
apply tag 400
步骤6:调用路由策略
AR2:
ospf 100
import-route isis route-policy isistoospf
isis
import-route ospf 100 route-policy ospftoisis
AR3:
ospf 100
import-route isis route-policy isistoospf
isis
import-route ospf 100 route-policy ospftoisis
此时使用R1测试:
[AR1]tracert 6.6.6.6
traceroute to 6.6.6.6(6.6.6.6), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.12.2 20 ms 20 ms 20 ms
2 10.0.24.4 20 ms 20 ms 30 ms
3 10.0.46.6 20 ms 30 ms 30 ms
环路解决,但此时网络还存在次优路径
查看R3的路由表:
[AR3]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 19 Routes : 20
Destination/Mask Proto Pre Cost Flags NextHop Interface
6.6.6.6/32 ISIS-L2 15 10 D 10.0.23.2 GigabitEthernet0/0/2
10.0.12.0/24 ISIS-L2 15 20 D 10.0.13.1 GigabitEthernet0/0/0
ISIS-L2 15 20 D 10.0.23.2 GigabitEthernet0/0/2
10.0.13.0/24 Direct 0 0 D 10.0.13.3 GigabitEthernet0/0/0
10.0.13.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.13.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
10.0.23.0/24 Direct 0 0 D 10.0.23.3 GigabitEthernet0/0/2
10.0.23.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/2
10.0.23.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/2
10.0.24.0/24 OSPF 10 3 D 10.0.35.5 GigabitEthernet0/0/1
10.0.35.0/24 Direct 0 0 D 10.0.35.3 GigabitEthernet0/0/1
10.0.35.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.35.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
10.0.45.0/24 OSPF 10 2 D 10.0.35.5 GigabitEthernet0/0/1
10.0.46.0/24 OSPF 10 3 D 10.0.35.5 GigabitEthernet0/0/1
10.0.56.0/24 OSPF 10 2 D 10.0.35.5 GigabitEthernet0/0/1
通过以上输出可知,R3去往6.6.6.6的路径为次优路径,最优路径下一跳应该为R5。
可以将通过R6学习到的6.6.6.6的外部路由优先级调整为14(比isis小即可),而从isis网络学习到的外部路由,优先级应该保持不变,避免出现另外的次优路径。(此次优路径可能出现在R3,也可能出现在R2随机出现),因此R2、R3两台设备都需要修改从ospf引入的外部路由优先级为14。
[AR2]display ospf routing
OSPF Process 100 with Router ID 2.2.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.0.24.0/24 1 Transit 10.0.24.2 2.2.2.2 0.0.0.0
10.0.35.0/24 3 Transit 10.0.24.4 5.5.5.5 0.0.0.0
10.0.45.0/24 2 Transit 10.0.24.4 5.5.5.5 0.0.0.0
10.0.46.0/24 2 Transit 10.0.24.4 6.6.6.6 0.0.0.0
10.0.56.0/24 3 Transit 10.0.24.4 6.6.6.6 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
6.6.6.6/32 2 Type2 1 10.0.24.4 6.6.6.6
10.0.12.0/24 1 Type2 400 10.0.24.4 3.3.3.3
10.0.13.0/24 1 Type2 400 10.0.24.4 3.3.3.3
10.0.23.0/24 1 Type2 400 10.0.24.4 3.3.3.3
[AR3]display ospf routing
OSPF Process 100 with Router ID 3.3.3.3
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.0.35.0/24 1 Transit 10.0.35.3 3.3.3.3 0.0.0.0
10.0.24.0/24 3 Transit 10.0.35.5 4.4.4.4 0.0.0.0
10.0.45.0/24 2 Transit 10.0.35.5 5.5.5.5 0.0.0.0
10.0.46.0/24 3 Transit 10.0.35.5 6.6.6.6 0.0.0.0
10.0.56.0/24 2 Transit 10.0.35.5 6.6.6.6 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
6.6.6.6/32 2 Type2 1 10.0.35.5 6.6.6.6
10.0.12.0/24 1 Type2 100 10.0.35.5 2.2.2.2
10.0.13.0/24 1 Type2 100 10.0.35.5 2.2.2.2
10.0.23.0/24 1 Type2 100 10.0.35.5 2.2.2.2
通过以上输出可知,R2学习到的ISIS路由标签为400 ,此路由优先级应该保持不变。(路由的发布过程为 R1-R3-R5-R4-R2)。R2学习到的ISIS路由标签为100,此路由优先级也应该保持不变。
通过路由策略修改路由优先级
R2:
route-policy 1 permit node 10
if-match tag 400
apply preference 150
ospf 100
preference ase route-policy 1 14 //将标签400的路由优先级保持不变为150,其他的由ospf内部引入的路由优先级改为14
R3:
route-policy 1 permit node 10
if-match tag 100
apply preference 150
ospf 100
preference ase route-policy 1 14
测试:
[AR2]tracert 6.6.6.6
traceroute to 6.6.6.6(6.6.6.6), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.24.4 20 ms 10 ms 10 ms
2 10.0.46.6 30 ms 20 ms 30 ms
[AR3]tracert 6.6.6.6
traceroute to 6.6.6.6(6.6.6.6), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.35.5 20 ms 10 ms 10 ms
2 10.0.56.6 20 ms 20 ms 20 ms
此时R2 R3都无次优路径。
