HCIP--OSPF实验1

1、合理规划IP地址，启用ospf单区域
2、R1-R2之间启用ppp的单向认证
3、R2-R3之间启用ppp的chap认证
4、R3-R5-F6之间使用MGRE，R3为hub端，R5,R6为spoke端；
要求MGRE接口网络型为BMA，spoke之间通信必须经过hub端
5、全网可达

配置路由，启用R1-R3的ospf，并划分为区域0

[R1]INT s 4/0/0
[R1-Serial4/0/0]ip add 12.1.1.1 24
[R1-Serial4/0/0]int lo 0
[R1-LoopBack0]ip add 1.1.1.1 24
[R1-LoopBack0]q
[R1]ospf 100 ro	
[R1]ospf 100 router-id 91.1.1.1
[R1-ospf-100]area 0
[R1-ospf-100-area-0.0.0.0]net	
[R1-ospf-100-area-0.0.0.0]network 12.1.1.1 0.0.0.0
[R1-ospf-100-area-0.0.0.0]net	
[R1-ospf-100-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-100-area-0.0.0.0]q
[R1-ospf-100]dis this
[V200R003C00]
#
ospf 100 router-id 91.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 12.1.1.1 0.0.0.0 
#
return
[R1-ospf-100]

[R2]INT S 4/0/0
[R2-Serial4/0/0]ip add 12.1.1.2 24
[R2-Serial4/0/0]
[R2-Serial4/0/0]int s 4/0/1
[R2-Serial4/0/1]ip add 23.1.1.2 24
[R2-Serial4/0/1]int lo 0 
[R2-LoopBack0]ip add 2.2.2.1 24
[R2-LoopBack0]q
[R2]ospf 100 
[R2-ospf-100]q
[R2]undo ospf 100
Warning: The OSPF process will be deleted. Continue? [Y/N]:y
[R2]ospf 100 ne	
[R2]ospf 100 ro	
[R2]ospf 100 router-id 92.2.2.2
[R2-ospf-100]area 0
[R2-ospf-100-area-0.0.0.0]net	
[R2-ospf-100-area-0.0.0.0]network 12.1.1.2 0.0.0.0
[R2-ospf-100-area-0.0.0.0]ne	
[R2-ospf-100-area-0.0.0.0]network 23.1.1.1 0.0.0.0
[R2-ospf-100-area-0.0.0.0]net	
[R2-ospf-100-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-100-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
  network 23.1.1.1 0.0.0.0 
#
return
[R2-ospf-100-area-0.0.0.0]

[Huawei] sys R3
[R3]int s 4/0/1
[R3-Serial4/0/1]ip add 23.1.1.2 24
[R3-Serial4/0/1]
[R3-Serial4/0/1]int g 0/0/0
[R3-GigabitEthernet0/0/0]ip add 34.1.1.1 24
[R3-LoopBack0]ip add 3.3.3.3 24
[R3-LoopBack0]q
[R3]ospf 100 ro	
[R3]ospf 100 router-id 93.3.3.3 
[R3-ospf-100]area 0
[R3-ospf-100-area-0.0.0.0]ne	
[R3-ospf-100-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-100-area-0.0.0.0]net	
[R3-ospf-100-area-0.0.0.0]network 23.1.1.2 0.0.0.0
[R3-ospf-100-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
#
return
[R3-ospf-100-area-0.0.0.0]

R1-R2进行ppp认证

[R1]aaa
[R1-aaa]lo	
[R1-aaa]local-user huawei pa	
[R1-aaa]local-user huawei password ci	
[R1-aaa]local-user huawei password cipher 123
Info: Add a new user.
[R1-aaa]lo	
[R1-aaa]local-user huawei ser	
[R1-aaa]local-user huawei service-type ppp
[R1-aaa]int s 4/0/0
[R1-Serial4/0/0]ppp au	
[R1-Serial4/0/0]ppp authentication-mode pa	
[R1-Serial4/0/0]ppp authentication-mode pap 
[R1-Serial4/0/0]dis this
[V200R003C00]
#
interface Serial4/0/0
 link-protocol ppp
 ppp authentication-mode pap 
 ip address 12.1.1.1 255.255.255.0 
#
return
[R1-Serial4/0/0]

[R2]int s 4/0/0
[R2-Serial4/0/0]ppp pa	
[R2-Serial4/0/0]ppp pap lo	
[R2-Serial4/0/0]ppp pap local-user huawei pa	
[R2-Serial4/0/0]ppp pap local-user huawei password ci	
[R2-Serial4/0/0]ppp pap local-user huawei password cipher 123
[R2-Serial4/0/0]dis this
[V200R003C00]
#
interface Serial4/0/0
 link-protocol ppp
 ppp pap local-user huawei password cipher %$%$OSK`1FCGt6/f.:6VD+f:,.6R%$%$
 ip address 12.1.1.2 255.255.255.0 
#
return

R2-R3进行chap认证

[R2]aaa
[R2-aaa]lo	
[R2-aaa]local-user air pa	
[R2-aaa]local-user air password ci	
[R2-aaa]local-user air password cipher 123
Info: Add a new user.
[R2-aaa]lo
[R2-aaa]lo		
[R2-aaa]local-user air ser	
[R2-aaa]local-user air service-type ppp
[R2-aaa]int s 4/0/1
[R2-Serial4/0/1]lin	
[R2-Serial4/0/1]link-protocol p	
[R2-Serial4/0/1]link-protocol ppp 
[R2-Serial4/0/1]ppp	
[R2-Serial4/0/1]ppp au	
[R2-Serial4/0/1]ppp authentication-mode 
[R2-Serial4/0/1]ppp authentication-mode chap
[R2-Serial4/0/1]dis this
[V200R003C00]
#
interface Serial4/0/1
 link-protocol ppp
 ppp authentication-mode chap 
 ip address 23.1.1.2 255.255.255.0 
#
return

[R3]int s 4/0/1
[R3-Serial4/0/1]ppp 	
[R3-Serial4/0/1]ppp ch	
[R3-Serial4/0/1]ppp chap u	
[R3-Serial4/0/1]ppp chap user air
[R3-Serial4/0/1]ppp c	
[R3-Serial4/0/1]ppp chap pas
[R3-Serial4/0/1]ppp chap pas	
[R3-Serial4/0/1]ppp chap password ci	
[R3-Serial4/0/1]ppp chap password cipher 123
[R3-Serial4/0/1]dis this
[V200R003C00]
#
interface Serial4/0/1
 link-protocol ppp
 ppp chap user air
 ppp chap password cipher %$%$.Ax[IOjo63I;E9C#|Ag@,/]l%$%$
 ip address 23.1.1.2 255.255.255.0 
#
return

R3-R5-R6之间使用MGRE，R3为hub端，R5 R6为spoke端;要求MGRE接口网络类型为

BMA,spoke之间通信必须经过hub端

首先需要配置R3,R5,R6到达R4的缺省路由

[R3]ip route-static 0.0.0.0 0 34.1.1.2
[R3]dis ip ro pr s
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : Static
         Destinations : 1        Routes : 1        Configured Routes : 1

Static routing table status : <Active>
         Destinations : 1        Routes : 1

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        0.0.0.0/0   Static  60   0          RD   34.1.1.2        GigabitEthernet
0/0/0

Static routing table status : <Inactive>
         Destinations : 0        Routes : 0

[R5]ip ro	
[R5]ip route-	
[R5]ip route-static 0.0.0.0 0 45.1.1.3
[R5]dis ip p	
[R5]dis ip ro	
[R5]dis ip routing-table pr	
[R5]dis ip routing-table protocol s	
[R5]dis ip routing-table protocol static 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : Static
         Destinations : 1        Routes : 1        Configured Routes : 1

Static routing table status : <Active>
         Destinations : 0        Routes : 0

Static routing table status : <Inactive>
         Destinations : 1        Routes : 1

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        0.0.0.0/0   Static  60   0               45.1.1.3        Unknown

[R5]

[R6]ip ro	
[R6]ip route-	
[R6]ip route-static 0.0.0.0 0 46.1.1.3
[R6]dis ip ro p s
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : Static
         Destinations : 1        Routes : 1        Configured Routes : 1

Static routing table status : <Active>
         Destinations : 0        Routes : 0

Static routing table status : <Inactive>
         Destinations : 1        Routes : 1

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        0.0.0.0/0   Static  60   0               46.1.1.3        Unknown

[R6]

配置R3接口隧道，选择点对多点接口模式，以及配置动态的接口映射。同时配置R5-R6的接口隧道，模式同样为点对多点接口模式

[R3]int t 0/0/0
[R3-Tunnel0/0/0]ip add 100.1.1.1 24
[R3-Tunnel0/0/0]tu	
[R3-Tunnel0/0/0]tunnel-protocol gr	
[R3-Tunnel0/0/0]tunnel-protocol gre p	
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R3-Tunnel0/0/0]so	
[R3-Tunnel0/0/0]source 34.1.1.1
[R3-Tunnel0/0/0]
[R3-Tunnel0/0/0]nh	
[R3-Tunnel0/0/0]nhrp ne	
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nh	
[R3-Tunnel0/0/0]nhrp en	
[R3-Tunnel0/0/0]nhrp entry m	
[R3-Tunnel0/0/0]nhrp entry multicast d	
[R3-Tunnel0/0/0]nhrp entry multicast dynamic 
[R3-Tunnel0/0/0]nhrp entry multicast dynamic 
[R3-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0
 ip address 100.1.1.1 255.255.255.0 
 tunnel-protocol gre p2mp
 source 34.1.1.1
 nhrp entry multicast dynamic
 nhrp network-id 100
#
return
[R3-Tunnel0/0/0]

[R5]int t 0/0/0
[R5-Tunnel0/0/0]ip add 100.1.1.2 24
[R5-Tunnel0/0/0]tu	
[R5-Tunnel0/0/0]tunnel-protocol g	
[R5-Tunnel0/0/0]tunnel-protocol gre p	
[R5-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R5-Tunnel0/0/0]s	
[R5-Tunnel0/0/0]so	
[R5-Tunnel0/0/0]source g0/0/1
[R5-Tunnel0/0/0]nh	
[R5-Tunnel0/0/0]nhrp en	
[R5-Tunnel0/0/0]nhrp entry 100.1.1.1 34.1.1.1 re
[R5-Tunnel0/0/0]nh	
[R5-Tunnel0/0/0]nhrp ne	
[R5-Tunnel0/0/0]nhrp network-id 100
[R5-Tunnel0/0/0] dis this
[V200R003C00]
#
interface Tunnel0/0/0
 ip address 100.1.1.2 255.255.255.0 
 tunnel-protocol gre p2mp
 source GigabitEthernet0/0/1
 nhrp network-id 100
 nhrp entry 100.1.1.1 34.1.1.1 register
#
return

[R6]int t 0/0/0
[R6-Tunnel0/0/0]ip add 120.1.1.1 24
[R6-Tunnel0/0/0]tu	
[R6-Tunnel0/0/0]tunnel-protocol gr	
[R6-Tunnel0/0/0]tunnel-protocol gre p	
[R6-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R6-Tunnel0/0/0]s	
[R6-Tunnel0/0/0]so	
[R6-Tunnel0/0/0]source 46.1.1.2
[R6-Tunnel0/0/0]nh	
[R6-Tunnel0/0/0]nhrp ne	
[R6-Tunnel0/0/0]nhrp network-id 100
[R6-Tunnel0/0/0]nh	
[R6-Tunnel0/0/0]nhrp en	
[R6-Tunnel0/0/0]nhrp entry 100.1.1.1 34.1.1.1 re
[R6-Tunnel0/0/0]undo  nhrp entry 100.1.1.1 46.1.1.1 register
Info: This peer doesn't exist.
[R6-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0
 ip address 100.1.1.3 255.255.255.0 
 tunnel-protocol gre p2mp
 source GigabitEthernet0/0/2
 nhrp network-id 100
 nhrp entry 100.1.1.1 34.1.1.1 register
#
return

启动ospf

[R3]ospf 100
[R3-ospf-100]area 0
[R3-ospf-100-area-0.0.0.0]net	
[R3-ospf-100-area-0.0.0.0]network 100.1.1.1 0.0.0.0
[R3-ospf-100-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
  network 100.1.1.1 0.0.0.0 
#
return
[R3-ospf-100-area-0.0.0.0]

[R5-Tunnel0/0/0]ospf 100 
[R5-ospf-100]area 0
[R5-ospf-100-area-0.0.0.0]net	
[R5-ospf-100-area-0.0.0.0]network 100.1.1.2 0.0.0.0
[R5-ospf-100-area-0.0.0.0]net	
[R5-ospf-100-area-0.0.0.0]net	
[R5-ospf-100-area-0.0.0.0]network 5.5.5.1 0.0.0.0
[R5-ospf-100-area-0.0.0.0] dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 5.5.5.1 0.0.0.0 
  network 100.1.1.2 0.0.0.0 
#
return
[R5-ospf-100-area-0.0.0.0]

[R6-Tunnel0/0/0]ospf 100
[R6-ospf-100]area 0
[R6-ospf-100-area-0.0.0.0]net	
[R6-ospf-100-area-0.0.0.0]network 100.1.1.3 0.0.0.0
[R6-ospf-100-area-0.0.0.0]ne	
[R6-ospf-100-area-0.0.0.0]network 6.6.6.1 0.0.0.0
[R6-ospf-100-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 6.6.6.1 0.0.0.0 
  network 100.1.1.3 0.0.0.0 
#
return
[R6-ospf-100-area-0.0.0.0]

修改为BMA

[R5-Tunnel0/0/0]ospf ne	
[R5-Tunnel0/0/0]ospf network-type b	
[R5-Tunnel0/0/0]ospf network-type broadcast

[R3-Tunnel0/0/0]ospf	
[R3-Tunnel0/0/0]ospf ne	
[R3-Tunnel0/0/0]ospf network-type b	
[R3-Tunnel0/0/0]ospf network-type broadcast

[R6-Tunnel0/0/0]ospf n	
[R6-Tunnel0/0/0]ospf network-type b	
[R6-Tunnel0/0/0]ospf network-type broadcast

修改dr优先级

[R5-Tunnel0/0/0]ospf dr	
[R5-Tunnel0/0/0]ospf dr-priority 0
[R5-Tunnel0/0/0]

[R6-Tunnel0/0/0]ospf dr	
[R6-Tunnel0/0/0]ospf dr-priority 0
[R6-Tunnel0/0/0]

[R3-Tunnel0/0/0]dis ospf int t 0/0/0

	 OSPF Process 100 with Router ID 93.3.3.3
		 Interfaces 


 Interface: 100.1.1.1 (Tunnel0/0/0)
 Cost: 1562    State:Dr    Type: Broadcast    MTU: 1500  
 Priority: 1
 Designated Router: 100.1.1.1
 Backup Designated Router: 0.0.0.0
 Timers: Hello 10 , Dead 40 , Poll  120 , Retransmit 5 , Transmit Delay 1 
[R3-Tunnel0/0/0]

测试全网可达

[R6-Tunnel0/0/0]ping -a 6.6.6.1 3.3.3.1
  PING3.3.3.1: 56  data bytes, press CTRL_C to break
   Reply from 3.3.3.1: bytes=56 Sequence=1 ttl=255 time=30 ms
    Reply from 3.3.3.1: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 3.3.3.1: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 3.3.3.1: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 3.3.3.1: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 3.3.3.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/22/30 ms

[R6-Tunnel0/0/0]ping -a 6.6.6.1 5.5.5.1
  PING 5.5.5.1: 56  data bytes, press CTRL_C to break
      Reply from 5.5.5.1: bytes=56 Sequence=1 ttl=255 time=20 ms
    Reply from 5.5.5.1: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 5.5.5.1: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 5.5.5.1: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 5.5.5.1: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 5.5.5.1ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/20/20 ms

[R6-Tunnel0/0/0]