拓扑结构:
要求:
1、两个协议间进行多点双向重发布
2、R7的环回没有宣告在OSPF协议中,而是在后期重发布进入的
3、解决环路,所有路径选择最优,且存在备份
4、R2的环回要在RIP中宣告,R3的环回要在OSPF中宣告
使用的设备:7台
路由器
解决网络拓扑:
1、确定广播域的个数
2、分配网段
3、配置IP地址 (优先配置路由器)
确定广播域的个数
根据拓扑结构图以及要求可知,本拓扑结构一共拥有9个网段,包括4个给定网段,一个环回网段和四个内网网段
分配网段
自主分配网段
| 接口网段 | 环回网段 |
| 10.1.1.0/30 | 10.1.1.128/25 |
| 20.1.1.0/30 | 20.1.1.128/25 |
| 30.1.1.0/30 | 30.1.1.128/25 |
| 40.1.1.0/30 | 40.1.1.128/25 |
| 50.1.1.0/30 | 50.1.1.128/25 |
| 60.1.1.0/30 | 60.1.1.128/25 |
| 70.1.1.0/30 | 70.1.1.128/25 |
配置路由器IP地址
AR1:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r1
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 10.1.1.1 30
[r1-GigabitEthernet0/0/0]
May 13 2023 21:09:09-08:00 r1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r1-GigabitEthernet0/0/0]q
[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]ip address 20.1.1.1 30
May 13 2023 21:09:33-08:00 r1 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r1-GigabitEthernet0/0/1]q
[r1]interface LoopBack 0
[r1-LoopBack0]ip address 10.1.1.129 25
[r1-LoopBack0]q
[r1]AR2:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r2
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ip address 10.1.1.2 30
[r2-GigabitEthernet0/0/0]
May 13 2023 21:14:37-08:00 r2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r2-GigabitEthernet0/0/0]q
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]ip address 30.1.1.1 30
May 13 2023 21:14:49-08:00 r2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r2-GigabitEthernet0/0/1]q
[r2]interface LoopBack 0
[r2-LoopBack0]ip address 20.1.1.129 25
[r2-LoopBack0]q
[r2]AR3:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r3
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]ip address 20.1.1.2 30
[r3-GigabitEthernet0/0/0]
May 13 2023 21:16:22-08:00 r3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r3-GigabitEthernet0/0/0]q
[r3]interface GigabitEthernet 0/0/1
[r3-GigabitEthernet0/0/1]ip address 40.1.1.1 30
[r3-GigabitEthernet0/0/1]
May 13 2023 21:16:37-08:00 r3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r3-GigabitEthernet0/0/1]q
[r3]interface LoopBack 0
[r3-LoopBack0]ip address 30.1.1.129 25
[r3-LoopBack0]q
[r3]AR4:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r4
[r4]interface GigabitEthernet 0/0/0
[r4-GigabitEthernet0/0/0]ip address 40.1.1.2 30
[r4-GigabitEthernet0/0/0]
May 13 2023 21:18:12-08:00 r4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r4-GigabitEthernet0/0/0]q
[r4]interface GigabitEthernet 0/0/1
[r4-GigabitEthernet0/0/1]ip address 30.1.1.2 30
May 13 2023 21:18:23-08:00 r4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r4-GigabitEthernet0/0/1]q
[r4]interface GigabitEthernet 0/0/2
[r4-GigabitEthernet0/0/2]ip address 50.1.1.1 30
May 13 2023 21:18:37-08:00 r4 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol IP on the interface GigabitEthernet0/0/2 has entered the UP state.
[r4-GigabitEthernet0/0/2]q
[r4]interface LoopBack 0
[r4-LoopBack0]ip address 40.1.1.129 25
[r4-LoopBack0]q
[r4]AR5:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r5
[r5]interface GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ip address 50.1.1.2 30
[r5-GigabitEthernet0/0/0]
May 13 2023 21:19:46-08:00 r5 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r5-GigabitEthernet0/0/0]q
[r5]interface GigabitEthernet 0/0/1
[r5-GigabitEthernet0/0/1]ip address 60.1.1.1 30
May 13 2023 21:20:00-08:00 r5 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r5-GigabitEthernet0/0/1]q
[r5]interface LoopBack 0
[r5-LoopBack0]ip address 50.1.1.129 25
[r5-LoopBack0]q
[r5]AR6:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r6
[r6]interface GigabitEthernet 0/0/0
[r6-GigabitEthernet0/0/0]ip address 60.1.1.2 30
[r6-GigabitEthernet0/0/0]
May 13 2023 21:21:05-08:00 r6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r6-GigabitEthernet0/0/0]q
[r6]interface GigabitEthernet 0/0/1
[r6-GigabitEthernet0/0/1]ip address 70.1.1.1 30
[r6-GigabitEthernet0/0/1]
May 13 2023 21:21:24-08:00 r6 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/1 has entered the UP state.
[r6-GigabitEthernet0/0/1]q
[r6]interface LoopBack 0
[r6-LoopBack0]ip address 60.1.1.129 25
[r6-LoopBack0]q
[r6]AR7:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r7
[r7]interface GigabitEthernet 0/0/0
[r7-GigabitEthernet0/0/0]ip address 70.1.1.2 30
May 13 2023 21:23:13-08:00 r7 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the UP state.
[r7-GigabitEthernet0/0/0]q
[r7]interface LoopBack 0
[r7-LoopBack0]ip address 70.1.1.129 25
[r7-LoopBack0]q
[r7]配置RIP动态路由协议
AR1:
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 10.0.0.0
[r1-rip-1]network 20.0.0.0
[r1-rip-1]q
[r1]AR2:
[r2]rip 1
[r2-rip-1]version 2
[r2-rip-1]network 10.0.0.0
[r2-rip-1]network 20.0.0.0
[r2-rip-1]q
[r2]AR3:
[r3]rip 1
[r3-rip-1]version 2
[r3-rip-1]network 20.0.0.0
[r3-rip-1]q
[r3]配置OSPF动态路由协议
AR2:
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[r2-ospf-1-area-0.0.0.0]q
[r2-ospf-1]q
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
[r2-GigabitEthernet0/0/1]q
[r2]AR3:
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 30.1.1.128 0.0.0.127
[r3-ospf-1-area-0.0.0.0]network 40.1.1.0 0.0.0.3
[r3-ospf-1-area-0.0.0.0]q
[r3-ospf-1]q
[r3]interface GigabitEthernet 0/0/1
[r3-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
[r3-GigabitEthernet0/0/1]q
[r3]AR4:
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[r4-ospf-1-area-0.0.0.0]network 40.1.1.0 0.0.0.3
[r4-ospf-1-area-0.0.0.0]network 40.1.1.128 0.0.0.127
[r4-ospf-1-area-0.0.0.0]network 50.1.1.0 0.0.0.3
[r4-ospf-1-area-0.0.0.0]q
[r4-ospf-1]q
[r4]interface GigabitEthernet 0/0/0
[r4-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r4-GigabitEthernet0/0/0]q
[r4]interface GigabitEthernet 0/0/1
[r4-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
[r4-GigabitEthernet0/0/1]q
[r4]interface GigabitEthernet 0/0/2
[r4-GigabitEthernet0/0/2]ospf authentication-mode md5 1 cipher 123456
[r4-GigabitEthernet0/0/2]q
[r4]AR5:
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 50.1.1.0 0.0.0.3
[r5-ospf-1-area-0.0.0.0]network 50.1.1.128 0.0.0.127
[r5-ospf-1-area-0.0.0.0]network 60.1.1.0 0.0.0.3
[r5-ospf-1-area-0.0.0.0]q
[r5-ospf-1]q
[r5]interface GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r5-GigabitEthernet0/0/0]q
[r5]interface GigabitEthernet 0/0/1
[r5-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
[r5-GigabitEthernet0/0/1]q
[r5]AR6:
[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]area 0
[r6-ospf-1-area-0.0.0.0]network 60.1.1.0 0.0.0.3
[r6-ospf-1-area-0.0.0.0]network 60.1.1.128 0.0.0.127
[r6-ospf-1-area-0.0.0.0]network 70.1.1.0 0.0.0.3
[r6-ospf-1-area-0.0.0.0]q
[r6-ospf-1]q
[r6]interface GigabitEthernet 0/0/0
[r6-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r6-GigabitEthernet0/0/0]q
[r6]interface GigabitEthernet 0/0/1
[r6-GigabitEthernet0/0/1]ospf authentication-mode md5 1 cipher 123456
[r6-GigabitEthernet0/0/1]q
[r6]AR7:
[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]network 70.1.1.0 0.0.0.3
[r7-ospf-1-area-0.0.0.0]q
[r7-ospf-1]q
[r7]interface GigabitEthernet 0/0/0
[r7-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
[r7-GigabitEthernet0/0/0]q
[r7]配置OSPF动态路由协议,在接口配置认证,保证更新安全
重发布
配置完RIP动态路由协议与OSPF动态路由协议之后,双方协议并没有对方的路由条目,所以要正常通信就要进行双向重发布操作
注:先在R7上重发布环回,然后在R2、R3上重发布
AR7:
[r7]ospf 1
[r7-ospf-1]import-route direct
[r7-ospf-1]q
[r7]AR2:
[r2]rip 1
[r2-rip-1]import-route ospf 1
[r2-rip-1]q
[r2]ospf 1
[r2-ospf-1]import-route rip 1
[r2-ospf-1]q
[r2]AR3:
[r3]rip 1
[r3-rip-1]import-route ospf 1
[r3-rip-1]q
[r3]ospf 1
[r3-ospf-1]import-route rip 1
[r3-ospf-1]q
[r3]环路
做完多点双向重发布之后,要保证R2、R3上路由表不发生变化,否则就会出现环路
R2的路由表上有一些问题:R2去R3的环回有两条路径(1)走左边RIP,路由条目掩码是25位,(2)走右边OSPF,路由条目掩码是32位(华为模拟器认为环回地址是32位掩码)
修改方案:(1)把环回接口地址掩码修改为32位(2)修改环回接口类型
#第一种方案
[r3]interface LoopBack 0
[r3-LoopBack0]undo ip address 30.1.1.129 25
[r3-LoopBack0]ip address 30.1.1.129 32
[r3-LoopBack0]q
[r3]
#第二种方案
[r3]interface LoopBack 0
[r3-LoopBack0]ospf network-type broadcast
[r3-LoopBack0]q
[r3]
修改成功,解决问题。
此时R3上的路由已经出现问题,R3认为去R7的环回要走RIP,然后绕到R2(这里是因为R7的环回是重发布进OSPF的,起初R3加表的重发布的R7环回,优先级为150,但是经过R2重发布进RIP,经过R1通过RIP的学习,然后再传给R3,这条经RIP学习到的路由,优先级为100,经过对比,R3就会将从RIP学到的R7环回加入路由表中,这样就会导致选路不佳,并且有可能出现环路)
可以用wireshark来抓包查看,这个ICMP(ping70.1.1.129)包在R1~R4之间传递,每次TTL值减4。此时已经成功出现环路,但是由于timeout时间只有2s,并且有ttl值限制,并未显现出来
解决方案:路由策略修改优先级
[r3]ip ip-prefix a permit 70.1.1.128 25
[r3]route-policy q permit node 10
Info: New Sequence of this List.
[r3-route-policy]if-match ip-prefix a
[r3-route-policy]apply preference 151
[r3-route-policy]q
[r3]rip 1
[r3-rip-1]preference route-policy q
[r3-rip-1]q
[r3]最后是选路问题
1、R1去R2(包括环回)可以走两条路径,但并没有负载均衡
解决方案:在R2上做路由策略,修改开销值(开销值加2)
AR2:
[r2]ip ip-prefix qq permit 30.1.1.128 25
[r2]ip ip-prefix qq permit 40.1.1.0 30
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]rip metricout ip-prefix qq 2
[r2-GigabitEthernet0/0/0]q
[r2]2、R1去R3(包括环回)也可以走两条路径,但并没有负载均衡,
解决方案:在R2上做路由策略,修改开销值(开销值加2)
AR3:
[r3]ip ip-prefix qq permit 30.1.1.0 30
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]rip metricout ip-prefix qq 2
[r3-GigabitEthernet0/0/0]q
[r3]3、R4也是一样,去R2(包括环回)可以走两条路径,但并没有负载均衡
解决方案:在R2上做路由策略,修改类型(重发布为类型2,修改为类型1)
AR2:
#匹配流量
[r2]ip ip-prefix qqq permit 10.1.1.0 30
[r2]ip ip-prefix qqq permit 20.1.1.128 25
#配置策略
[r2]route-policy z permit node 10
Info: New Sequence of this List.
[r2-route-policy]if-match ip-prefix z
[r2-route-policy]apply cost-type type-1
[r2-route-policy]q
#做一个空表放过其他流量
[r2]route-policy z permit node 20
Info: New Sequence of this List.
[r2-route-policy]q
#重发布时调用策略
[r2]ospf 1
[r2-ospf-1]import-route rip 1 route-policy z
[r2-ospf-1]q
[r2]4、R4也是一样,去R3(包括环回)可以走两条路径,但并没有负载均衡
解决方案:在R2上做路由策略,修改类型即可
AR3:
#捕捉流量
[r3]ip ip-prefix z permit 20.1.1.0 30
#配置策略
[r3]route-policy z permit node 10
Info: New Sequence of this List.
[r3-route-policy]if-match ip-prefix z
[r3-route-policy]apply cost-type type-1
[r3-route-policy]q
#建立空表放过流量
[r3]route-policy z permit node 20
Info: New Sequence of this List.
[r3-route-policy]q
#调用策略
[r3]ospf 1
[r3-ospf-1]import-route rip 1 route-policy z
[r3-ospf-1]q
[r3]
R1和R7的环回可以正常通信 ,实验到此为止,环路和选路不佳解决,要求也是全部完成。
