Hcip seventh experiment

First step : Address partition

172.16.0.0/16
     172.16.0.0/19(area0)
    172.16.0.0/24(P2P The backbone )
           172.16.0.0/30
           172.16.0.4/30
           172.16.0.8/30
                172.16.1.0/24(MA The backbone )
           172.16.1.0/29
           172.16.1.8/29
           172.16.1.16/29
172.16.2.0/24 --- User network segment
172.16.3.0/24 --- User network segment
172.16.4.0/24 --- User network segment
    172.16.32.0/19(area1)
         172.16.32.0/24(P2P The backbone )
         172.16.32.0/30
         172.16.32.4/30
         172.16.32.8/30
         172.16.33.0/24(MA The backbone )
         172.16.33.0/29
         172.16.33.8/29
         172.16.33.16/29
         172.16.34.0/24 ---r1 Loopback
         172.16.35.0/24 ---r2 Loopback
         172.16.36.0/24 ---r3 Loopback         
    172.16.64.0/19(area2)
    172.16.64.0/24(P2P The backbone )
        172.16.64.0/30
        172.16.64.4/30
        172.16.64.8/30
    172.16.65.0/24(MA The backbone )
        172.16.65.0/29
        172.16.65.8/29
        172.16.65.16/29
    172.16.66.0/24 ---r11 Loopback
        172.16.67.0/24
        172.16.68.0/24
    172.16.96.0/19(area3)
    172.16.96.0/24(P2P The backbone )
                    172.16.96.0/30
        172.16.96.4/30
                                172.16.96.8/30
    172.16.97.0/24(MA The backbone )
        172.16.97.0/29 
        172.16.97.8/29
        172.16.97.16/29
                 172.16.98.0/24  ---r8 Loopback
        172.16.99.0/24
        172.16.100.0/24
     172.16.128.0/19(area4)
    172.16.128.0/24(P2P The backbone )
        172.16.128.0/30
        172.16.128.4/30
        172.16.128.8/30
    172.16.129.0/24(MA The backbone )
        172.16.129.0/29
                                172.16.129.8/29
        172.16.129.16/29
        172.16.130.0/24 ---r9 Loopback
        172.16.131.0/24 ---r10 Loopback
        172.16.132.0/24
    172.16.160.0/19(rip)
        172.16.160.0/20  --- Loopback
        172.16.176.0/20  --- Loopback
    172.16.192.0/19
    172.16.224.0/19
To configure area1

[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip add 172.16.33.1 29
[r1-GigabitEthernet0/0/0]int l0
[r1-LoopBack0]ip add 172.16.34.1 24
 
[Huawei]sys r2
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip add 172.16.33.2 29
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ip add 172.16.35.1 24
[r2-LoopBack0]
 
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip add 172.16.33.3 29
[r3-GigabitEthernet0/0/0]int l0
[r3-LoopBack0]ip add 172.16.36.1 24
[r3-LoopBack0]
To configure area0

R4
 
[Huawei]sys r4
[r4]int s 4/0/0
[r4-Serial4/0/0]ip add 34.0.0.2 24
[r4-Serial4/0/0]int s 4/0/1
[r4-Serial4/0/1]ip add 45.0.0.2 24
[r4-Serial4/0/1]int s 3/0/0
[r4-Serial3/0/0]ip add 46.0.0.2 24
[r4-Serial3/0/0]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip add 47.0.0.2 24
[r4-GigabitEthernet0/0/0]int l0
[r4-LoopBack0]ip add 4.4.4.4 24
[r4-LoopBack0]q
[r4]
 
R3
 
[r3]int s 4/0/0
[r3-Serial4/0/0]ip add 34.0.0.1 24
[r3-Serial4/0/0]q
[r3]ip route-static 0.0.0.0 0 34.0.0.2
[r3]int t 0/0/0
[r3-Tunnel0/0/0]ip add 172.16.1.1 29
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source 34.0.0.1
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry multicast dynamic 
 
R5
 
[r5]int s 4/0/0
[r5-Serial4/0/0]ip add 45.0.0.1 24
[r5-Serial4/0/0]q
[r5]int LoopBack 0
[r5-LoopBack0]ip add 172.16.2.1 24
[r5-LoopBack0]q    
[r5]ip route-static 0.0.0.0 0 45.0.0.2 --- Configure the default route
[r5]int t 0/0/0
[r5-Tunnel0/0/0]ip add 172.16.1.2 29
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp
[r5-Tunnel0/0/0]source s 4/0/0
[r5-Tunnel0/0/0]nhrp network-id 100    
[r5-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register 
[r5-Tunnel0/0/0]
 
R6
 
[r6]int s 4/0/0
[r6-Serial4/0/0]ip add 46.0.0.1 24
[r6-Serial4/0/0]q
[r6]int l0
[r6-LoopBack0]ip add 172.16.3.1 24
[r6-LoopBack0]q    
[r6]ip route-static 0.0.0.0 0 46.0.0.2 --- Configure the default route
[r6]int t 0/0/0
[r6-Tunnel0/0/0]tunnel-protocol gre p2mp
[r6-Tunnel0/0/0]source s4/0/0
[r6-Tunnel0/0/0]nhrp network-id 100
[r6-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register
 
R7
 
[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]ip add 47.0.0.1 24
[r7-GigabitEthernet0/0/0]int l0
[r7-LoopBack0]ip add 172.16.4.1 24
[r7-LoopBack0]q
[r7]ip route-static 0.0.0.0 0 47.0.0.2 --- Configure the default route
[r7]int t 0/0/0
[r7-Tunnel0/0/0]ip add 172.16.1.4 29
[r7-Tunnel0/0/0]tunnel-protocol gre p2mp    
[r7-Tunnel0/0/0]source GigabitEthernet 0/0/0
[r7-Tunnel0/0/0]nhrp network-id 100    
[r7-Tunnel0/0/0]nhrp entry 172.16.1.1 34.0.0.1 register 
[r7-Tunnel0/0/0]
To configure area2

R6
 
[r6]int g 0/0/0
[r6-GigabitEthernet0/0/0]ip add 172.16.65.1 29
 
R11
 
[r11]int g 0/0/0
[r11-GigabitEthernet0/0/0]ip add 172.16.65.2 29
[r11-GigabitEthernet0/0/0]int g 0/0/1
[r11-GigabitEthernet0/0/1]ip add 172.16.65.9 29
[r11-GigabitEthernet0/0/1]int l0
[r11-LoopBack0]ip add 172.16.66.1 24
[r11-LoopBack0]
 
R12
 
[Huawei]sys r12
[r12]int g 0/0/0
[r12-GigabitEthernet0/0/0]ip add 172.16.65.10 29
[r12-GigabitEthernet0/0/0]
To configure area3

R7
 
[r7]int g 0/0/1
[r7-GigabitEthernet0/0/1]ip add 172.16.97.1 29
[r7-GigabitEthernet0/0/1]
 
R8
 
[Huawei]int g 0/0/0
[Huawei-GigabitEthernet0/0/0]i add 172.16.97.2 29
[Huawei-GigabitEthernet0/0/0]int g 0/0/1
[Huawei-GigabitEthernet0/0/1]ip add 172.16.97.9 29
[Huawei-GigabitEthernet0/0/1]int l0
[Huawei-LoopBack0]
[Huawei-LoopBack0]ip add 172.16.98.1 24
[Huawei-LoopBack0]
 
R9
 
[r9]int g 0/0/0
[r9-GigabitEthernet0/0/0]ip add 172.16.97.10 29
[r9-GigabitEthernet0/0/0]
To configure area4

 R9    
[r9-GigabitEthernet0/0/0]int g 0/0/1
[r9-GigabitEthernet0/0/1]ip add 172.16.129.1 29
[r9-LoopBack0]ip add 172.16.130.1 24
  
  R10
[r10]int g 0/0/0
[r10-GigabitEthernet0/0/0]ip add 172.16.129.2 29
[r10-GigabitEthernet0/0/0]int l0
[r10-LoopBack0]ip add 172.16.131.1 24
[r10-LoopBack0]
To configure RIP

[r12]int l0

[r12-LoopBack0]ip add 172.16.160.1 20

[r12-LoopBack0]int l1

[r12-LoopBack1]ip add 172.16.176.1 20

[r12-LoopBack1] 

The second step ： To configure OSPF

area1 in ,r1,r2 Summary announcement ,r3 Take the same to different announcements .
R1
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 172.16.0.0 0.0.255.255 ---r1 Summary announcement ,
 
R2
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]network 172.16.0.0 0.0.255.255 ---r2 Summary announcement
 
R3
[R3]ospf 1 router-id 3.3.3.3 
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 172.16.32.0 0.0.7.255 ---r3 Take the same to different announcements
[R3-ospf-1-area-0.0.0.1]q
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 172.16.1.1 0.0.0.0
 
R5
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
 
R6
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]area 0
[R6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.3.255
[R6-ospf-1-area-0.0.0.0]q
[R6-ospf-1]area 2
[R6-ospf-1-area-0.0.0.2]network 172.16.65.1 0.0.0.0
 
R7
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]area 0
[R7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.7.255
[R7-ospf-1-area-0.0.0.0]q
[R7-ospf-1]area 3
[R7-ospf-1-area-0.0.0.3]network 172.16.97.1 0.0.0.0
 
R8
[R8]ospf 1 router-id 8.8.8.8 
[R8-ospf-1]area 3
[R8-ospf-1-area-0.0.0.3]network 172.16.0.0 0.0.255.255
 
R9
[R9]ospf 1 router-id 9.9.9.9
[R9-ospf-1]area 3
[R9-ospf-1-area-0.0.0.3]network 172.16.97.10 0.0.0.0
[R9-ospf-1-area-0.0.0.3]q
[R9-ospf-1]q
[R9]ospf 2 router-id 9.9.9.9
[R9-ospf-2]area 4
[R9-ospf-2-area-0.0.0.4]network 172.16.128.0 0.0.3.255
 
R10
[R10]ospf 1 router-id 10.10.10.10
[R10-ospf-1]area 4
[R10-ospf-1-area-0.0.0.4]network 172.16.0.0 0.0.255.255
 
R11
[R11]ospf 1 router-id 11.11.11.11
[R11-ospf-1]area 2
[R11-ospf-1-area-0.0.0.2]network 172.16.0.0 0.0.255.255
 
R12
[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]area 2
[R12-ospf-1-area-0.0.0.2]network 172.16.65.10 0.0.0.0
[R12]rip 1
[R12-rip-1]version 2
[R12-rip-1]network 172.16.0.0 --- Summary announcement

The third step ： because P2P Type is unable to establish neighbor relationship with other routes , You need to change MGRE type    --- P2MP type .

R3
[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ospf network-type p2m 
 
R5 
[R5]int Tunnel 0/0/0
[R5-Tunnel0/0/0]ospf network-type p2mp
 
R6
[R6]int Tunnel 0/0/0
[R6-Tunnel0/0/0]ospf network-type p2mp
 
R7
[R7]int Tunnel 0/0/0
[R7-Tunnel0/0/0]ospf network-type p2mp
area4 Areas and rip Missing routing information between regions , We need to import manually by republishing rip Routing and area4 Routing information for  

[R12]ospf 1
[R12-ospf-1]import-route rip 1
[R9]ospf 1
[R9-ospf-1]import-route ospf 2

R10 There will be no other routing information , At this time, we can send a default route to our R9

[R9]ospf 2
[R9-ospf-2]default-route-advertise

Step four ： In order to reduce the LSA Update quantity of , We need to do summary and special areas
Be careful ： In order to avoid loops, we also need to configure empty interface routes .

R3
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]abr-summary 172.16.32.0 255.255.224.0
[r3]ip route-static 172.16.32.0 19 NULL 0
 
R6
[r6]ospf 1
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.2]abr-summary 172.16.64.0 255.255.224.0
[r6]ip route-static 172.16.64.0 19 NULL 0
 
R7
[r7]ospf 1
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.3]abr-summary 172.16.96.0 255.255.224.0
[r7]ip route-static 172.16.96.0 19 NULL 0
 
R9
[r9]ospf 1
[r9-ospf-1]asbr-summary 172.16.128.0 255.255.224.0
[r9]ip route-static 172.16.128.0 19 NULL 0
 
R12
[r12]ospf 1
[r12-ospf-1]asbr-summary 172.16.160.0 255.255.224.0
[r12]ip route-static 172.16.160.0 19 NULL 0
Special area ：

area0
 
[r1]ospf 1
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]stub 
[r2]ospf 1
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]stub 
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]stub no-summary 
 
area3
[r7]ospf 1
[r7-ospf-1]area 3
[r7-ospf-1-area-0.0.0.3]nssa no-summary
[r8]ospf 1
[r8-ospf-1]area 3
[r8-ospf-1-area-0.0.0.3]nssa 
[r9]ospf 1
[r9-ospf-1]area 3
[r9-ospf-1-area-0.0.0.3]nssa
 
area2
[r6]ospf 1
[r6-ospf-1]area 2
[r6-ospf-1-area-0.0.0.2]nssa no-summary
[r11]ospf 1
[r11-ospf-1]area 2
[r11-ospf-1-area-0.0.0.2]nssa 
[r12]ospf 1
[r12-ospf-1]area 2
[r12-ospf-1-area-0.0.0.2]nssa 
Step five ： To configure NET, Make it accessible R4 Loopback .

R3
[r3]acl 2000
[r3-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r3-acl-basic-2000]q
[r3]int Serial 4/0/0
[r3-Serial4/0/0]nat outbound 2000
 
R7
[r7]acl 2000
[r7-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r7-acl-basic-2000]q
[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]nat outbound 2000
 
R6
[r6]acl 2000
[r6-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[r6-acl-basic-2000]q
[r6]int s 4/0/0
[r6-Serial4/0/0]nat outbound 2000
  Step six ： Speed up convergence , Need to change HELLO Time , To change the hello The time of death will also change automatically .

To build neighborhoods , take hello Other routers in the time zone are changed to consistent .
 
[r3]int t 0/0/0
[r3-Tunnel0/0/0]ospf timer hello 5
[r5]int t 0/0/0
[r5-Tunnel0/0/0]ospf timer hello 5
[r6]int t 0/0/0
[r6-Tunnel0/0/0]ospf timer hello 5
[r7]int t 0/0/0
[r7-Tunnel0/0/0]ospf timer hello 5
Step seven ： Conduct manual certification , Regional certification （ In fact, it is also interface authentication ）, The purpose is to update security .

[r1]ospf 1
[r1-ospf-1]area 1
[r1-ospf-1-area-0.0.0.1]authentication-mode md5 1 000000
[r2]ospf 1
[r2-ospf-1]area 1
[r2-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 000000
[r3]ospf 1
[r3-ospf-1]area 1
[r3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher 000000