当前位置：网站首页>HCIP第七次实验

HCIP第七次实验

2022-07-28 20:26:00 【未曾浅尝楼外的蒹葭】

第一步:地址划分

172.16.0.0/16
172.16.0.0/19(area0)
172.16.0.0/24(P2P骨干)
172.16.0.0/30
172.16.0.4/30
172.16.0.8/30
172.16.1.0/24(MA骨干)
172.16.1.0/29
172.16.1.8/29
172.16.1.16/29
172.16.2.0/24 --- 用户网段
172.16.3.0/24 --- 用户网段
172.16.4.0/24 --- 用户网段
172.16.32.0/19(area1)
172.16.32.0/24(P2P骨干)
172.16.32.0/30
172.16.32.4/30
172.16.32.8/30
172.16.33.0/24(MA骨干)
172.16.33.0/29
172.16.33.8/29
172.16.33.16/29
172.16.34.0/24 ---r1环回
172.16.35.0/24 ---r2环回
172.16.36.0/24 ---r3环回
172.16.64.0/19(area2)
172.16.64.0/24(P2P骨干)
172.16.64.0/30
172.16.64.4/30
172.16.64.8/30
172.16.65.0/24(MA骨干)
172.16.65.0/29
172.16.65.8/29
172.16.65.16/29
172.16.66.0/24 ---r11环回
172.16.67.0/24
172.16.68.0/24
172.16.96.0/19(area3)
172.16.96.0/24(P2P骨干)
172.16.96.0/30
172.16.96.4/30
172.16.96.8/30
172.16.97.0/24(MA骨干)
172.16.97.0/29
172.16.97.8/29
172.16.97.16/29
172.16.98.0/24 ---r8环回
172.16.99.0/24
172.16.100.0/24
172.16.128.0/19(area4)
172.16.128.0/24(P2P骨干)
172.16.128.0/30
172.16.128.4/30
172.16.128.8/30
172.16.129.0/24(MA骨干)
172.16.129.0/29
172.16.129.8/29
172.16.129.16/29
172.16.130.0/24 ---r9环回
172.16.131.0/24 ---r10环回
172.16.132.0/24
172.16.160.0/19(rip)
172.16.160.0/20 ---环回
172.16.176.0/20 ---环回
172.16.192.0/19
172.16.224.0/19
配置area1

[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip add 172.16.33.1 29
[r1-GigabitEthernet0/0/0]int l0
[r1-LoopBack0]ip add 172.16.34.1 24

[Huawei]sys r2
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip add 172.16.33.2 29
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ip add 172.16.35.1 24
[r2-LoopBack0]

[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip add 172.16.33.3 29
[r3-GigabitEthernet0/0/0]int l0
[r3-LoopBack0]ip add 172.16.36.1 24
[r3-LoopBack0]
配置area0

R4

[Huawei]sys r4
[r4]int s 4/0/0
[r4-Serial4/0/0]ip add 34.0.0.2 24
[r4-Serial4/0/0]int s 4/0/1
[r4-Serial4/0/1]ip add 45.0.0.2 24
[r4-Serial4/0/1]int s 3/0/0
[r4-Serial3/0/0]ip add 46.0.0.2 24
[r4-Serial3/0/0]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip add 47.0.0.2 24
[r4-GigabitEthernet0/0/0]int l0
[r4-LoopBack0]ip add 4.4.4.4 24
[r4-LoopBack0]q
[r4]

R3

[r3]int s 4/0/0
[r3-Serial4/0/0]ip add 34.0.0.1 24
[r3-Serial4/0/0]q
[r3]ip route-static 0.0.0.0 0 34.0.0.2
[r3]int t 0/0/0
[r3-Tunnel0/0/0]ip add 172.16.1.1 29
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source 34.0.0.1
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry multicast dynamic

R5

[r5]int s 4/0/0
[r5-Serial4/0/0]ip add 45.0.0.1 24
[r5-Serial4/0/0]q
[r5]int LoopBack 0
[r5-LoopBack0]ip add 172.16.2.1 24
[r5-LoopBack0]q
[r5]ip route-static 0.0.0.0 0 45.0.0.2 ---配置缺省路由
[r5]int t 0/0/0
[r5-Tunnel0/0/0]ip add 172.16.1.2 29
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp
[r5-Tunnel0/0/0]source s 4/0/0
[r5-Tunnel0/0/0]nhrp network-id 100
[r5-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register
[r5-Tunnel0/0/0]

R6

[r6]int s 4/0/0
[r6-Serial4/0/0]ip add 46.0.0.1 24
[r6-Serial4/0/0]q
[r6]int l0
[r6-LoopBack0]ip add 172.16.3.1 24
[r6-LoopBack0]q
[r6]ip route-static 0.0.0.0 0 46.0.0.2 ---配置缺省路由
[r6]int t 0/0/0
[r6-Tunnel0/0/0]tunnel-protocol gre p2mp
[r6-Tunnel0/0/0]source s4/0/0
[r6-Tunnel0/0/0]nhrp network-id 100
[r6-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register

R7

[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]ip add 47.0.0.1 24
[r7-GigabitEthernet0/0/0]int l0
[r7-LoopBack0]ip add 172.16.4.1 24
[r7-LoopBack0]q
[r7]ip route-static 0.0.0.0 0 47.0.0.2 ---配置缺省路由
[r7]int t 0/0/0
[r7-Tunnel0/0/0]ip add 172.16.1.4 29
[r7-Tunnel0/0/0]tunnel-protocol gre p2mp
[r7-Tunnel0/0/0]source GigabitEthernet 0/0/0
[r7-Tunnel0/0/0]nhrp network-id 100
[r7-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register
[r7-Tunnel0/0/0]
配置area2

R6

[r6]int g 0/0/0
[r6-GigabitEthernet0/0/0]ip add 172.16.65.1 29

R11

[r11]int g 0/0/0
[r11-GigabitEthernet0/0/0]ip add 172.16.65.2 29
[r11-GigabitEthernet0/0/0]int g 0/0/1
[r11-GigabitEthernet0/0/1]ip add 172.16.65.9 29
[r11-GigabitEthernet0/0/1]int l0
[r11-LoopBack0]ip add 172.16.66.1 24
[r11-LoopBack0]

R12

[Huawei]sys r12
[r12]int g 0/0/0
[r12-GigabitEthernet0/0/0]ip add 172.16.65.10 29
[r12-GigabitEthernet0/0/0]
配置area3

R7

[r7]int g 0/0/1
[r7-GigabitEthernet0/0/1]ip add 172.16.97.1 29
[r7-GigabitEthernet0/0/1]

R8

[Huawei]int g 0/0/0
[Huawei-GigabitEthernet0/0/0]i add 172.16.97.2 29
[Huawei-GigabitEthernet0/0/0]int g 0/0/1
[Huawei-GigabitEthernet0/0/1]ip add 172.16.97.9 29
[Huawei-GigabitEthernet0/0/1]int l0
[Huawei-LoopBack0]
[Huawei-LoopBack0]ip add 172.16.98.1 24
[Huawei-LoopBack0]

R9

[r9]int g 0/0/0
[r9-GigabitEthernet0/0/0]ip add 172.16.97.10 29
[r9-GigabitEthernet0/0/0]
配置area4

R9
[r9-GigabitEthernet0/0/0]int g 0/0/1
[r9-GigabitEthernet0/0/1]ip add 172.16.129.1 29
[r9-LoopBack0]ip add 172.16.130.1 24

R10
[r10]int g 0/0/0
[r10-GigabitEthernet0/0/0]ip add 172.16.129.2 29
[r10-GigabitEthernet0/0/0]int l0
[r10-LoopBack0]ip add 172.16.131.1 24
[r10-LoopBack0]
配置RIP

[r12]int l0

[r12-LoopBack0]ip add 172.16.160.1 20

[r12-LoopBack0]int l1

[r12-LoopBack1]ip add 172.16.176.1 20

[r12-LoopBack1]

第二步：配置OSPF

area1中，r1,r2汇总宣告，r3取相同去不同宣告。
R1
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 172.16.0.0 0.0.255.255 ---r1汇总宣告，

R2
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]network 172.16.0.0 0.0.255.255 ---r2汇总宣告

R3
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 172.16.32.0 0.0.7.255 ---r3取相同去不同宣告
[R3-ospf-1-area-0.0.0.1]q
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 172.16.1.1 0.0.0.0

R5
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

R6
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]area 0
[R6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.3.255
[R6-ospf-1-area-0.0.0.0]q
[R6-ospf-1]area 2
[R6-ospf-1-area-0.0.0.2]network 172.16.65.1 0.0.0.0

R7
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]area 0
[R7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.7.255
[R7-ospf-1-area-0.0.0.0]q
[R7-ospf-1]area 3
[R7-ospf-1-area-0.0.0.3]network 172.16.97.1 0.0.0.0

R8
[R8]ospf 1 router-id 8.8.8.8
[R8-ospf-1]area 3
[R8-ospf-1-area-0.0.0.3]network 172.16.0.0 0.0.255.255

R9
[R9]ospf 1 router-id 9.9.9.9
[R9-ospf-1]area 3
[R9-ospf-1-area-0.0.0.3]network 172.16.97.10 0.0.0.0
[R9-ospf-1-area-0.0.0.3]q
[R9-ospf-1]q
[R9]ospf 2 router-id 9.9.9.9
[R9-ospf-2]area 4
[R9-ospf-2-area-0.0.0.4]network 172.16.128.0 0.0.3.255

R10
[R10]ospf 1 router-id 10.10.10.10
[R10-ospf-1]area 4
[R10-ospf-1-area-0.0.0.4]network 172.16.0.0 0.0.255.255

R11
[R11]ospf 1 router-id 11.11.11.11
[R11-ospf-1]area 2
[R11-ospf-1-area-0.0.0.2]network 172.16.0.0 0.0.255.255

R12
[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]area 2
[R12-ospf-1-area-0.0.0.2]network 172.16.65.10 0.0.0.0
[R12]rip 1
[R12-rip-1]version 2
[R12-rip-1]network 172.16.0.0 --- 汇总宣告

第三步：由于P2P类型是无法与其他路由之间建立邻居关系,则需更改MGRE类型 --- P2MP类型。

R3
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ospf network-type p2m

R5
[R5]int Tunnel 0/0/0
[R5-Tunnel0/0/0]ospf network-type p2mp

R6
[R6]int Tunnel 0/0/0
[R6-Tunnel0/0/0]ospf network-type p2mp

R7
[R7]int Tunnel 0/0/0
[R7-Tunnel0/0/0]ospf network-type p2mp
area4区域和rip区域间缺失的路由信息，需要我们手工使用重发布的方式导入rip路由和area4的路由信息

[R12]ospf 1
[R12-ospf-1]import-route rip 1
[R9]ospf 1
[R9-ospf-1]import-route ospf 2

R10里面会发现没有其他的路由信息，这时我们可以下发一条缺省路由指向我们的R9

[R9]ospf 2
[R9-ospf-2]default-route-advertise

第四步：为了减少LSA的更新量，我们需要做汇总与特殊区域
注意：在汇总时为了避免环路我们还需要配置空接口路由。

R3
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]abr-summary 172.16.32.0 255.255.224.0
[r3]ip route-static 172.16.32.0 19 NULL 0

R6
[r6]ospf 1
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0
[r6]ip route-static 172.16.64.0 19 NULL 0

R7
[r7]ospf 1
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0
[r7]ip route-static 172.16.96.0 19 NULL 0

R9
[r9]ospf 1
[r9-ospf-1]asbr-summary 172.16.128.0 255.255.224.0
[r9]ip route-static 172.16.128.0 19 NULL 0

R12
[r12]ospf 1
[r12-ospf-1]asbr-summary 172.16.160.0 255.255.224.0
[r12]ip route-static 172.16.160.0 19 NULL 0
特殊区域：

area0

[r1]ospf 1
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]stub
[r2]ospf 1
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]stub
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]stub no-summary

area3
[r7]ospf 1
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.3]nssa no-summary
[r8]ospf 1
[r8-ospf-1]area 3
[r8-ospf-1-area-0.0.0.3]nssa
[r9]ospf 1
[r9-ospf-1]area 3
[r9-ospf-1-area-0.0.0.3]nssa

area2
[r6]ospf 1
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.2]nssa no-summary
[r11]ospf 1
[r11-ospf-1]area 2
[r11-ospf-1-area-0.0.0.2]nssa
[r12]ospf 1
[r12-ospf-1]area 2
[r12-ospf-1-area-0.0.0.2]nssa
第五步：配置NET,使其均可访问R4环回。

R3
[r3]acl 2000
[r3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r3-acl-basic-2000]q
[r3]int Serial 4/0/0
[r3-Serial4/0/0]nat outbound 2000

R7
[r7]acl 2000
[r7-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r7-acl-basic-2000]q
[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]nat outbound 2000

R6
[r6]acl 2000
[r6-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r6-acl-basic-2000]q
[r6]int s 4/0/0
[r6-Serial4/0/0]nat outbound 2000
第六步：加快收敛，需改HELLO时间，更改了hello时间死亡时间也会自动改变。

为了建立邻居关系，将hello时间区域内的其他路由器均改为一致的。

[r3]int t 0/0/0
[r3-Tunnel0/0/0]ospf timer hello 5
[r5]int t 0/0/0
[r5-Tunnel0/0/0]ospf timer hello 5
[r6]int t 0/0/0
[r6-Tunnel0/0/0]ospf timer hello 5
[r7]int t 0/0/0
[r7-Tunnel0/0/0]ospf timer hello 5
第七步：进行手工认证，区域认证（实际上也是接口认证），目的是为了更新安全。

[r1]ospf 1
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]authentication-mode md5 1 000000
[r2]ospf 1
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 000000
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 000000

原网站

版权声明
本文为[未曾浅尝楼外的蒹葭]所创，转载请带上原文链接，感谢
https://blog.csdn.net/shadow_mark/article/details/125824192

当前位置：网站首页>HCIP第七次实验

HCIP第七次实验

边栏推荐

猜你喜欢

随机推荐