OSPF
{Back to Index}
Table of Contents
- 1. 原理
- 2. 实验
1 原理
1.1 优点
- 在第一次更新后,每个路由器之间只有在发生拓扑变化时才会发送更新
- 从算法上保证了 不会产生路由环路
- 不限制网络规模,更新效率高,收敛速度快
1.2 三张表
- 邻居表
- 拓扑表(LSDB)
- 路由表
1.3 Router ID 规则
- 如有手工指定的,则使用 手工指定 的 Router ID
- 如没有手工指定,则使用 环回接口 中 IP 地址最高的作为 Router ID
- 如没有环回地址,则使用 物理接口 中 IP 地址最高的作为 Router ID
1.4 邻居建立前提
- MTU 相等 (如不相等,则处于 Exstart 状态) ,可以选择 ignore mtu 检查:
ip ospf mtu-ignore - Area ID 一致
- Hello 一致
- Dead Interval 一致
- Authtication Password
- Mask (MA 网络中要求掩码一致)
- stub area tag
- Router-ID 保持唯一
1.5 路由条目类型
O
区域内路由信息,由 LSA1 和 LSA2 (点对点网络不产生 LSA2) 产生。
IA
区域间路由信息,由 LSA3 产生, 需跨越 ABR 。
E1/E2
外部 AS 路由信息,由 LSA5 产生, 需跨越 ASBR 。
E1 和 E2 的区别是,OE2 只计算外部 AS 的 cost 值,OE1 计算外部以及内部的 cost 值。
1.6 LSA
每个路由器都会产生链路状态通告 LSA ,LSA 中包含以下内容:
- 直连网络的链路状态信息
- 邻居路由器的链路状态信息
LSA 被封装在链路状态更新分组 LSU 中,并采用 洪泛法 发送 LSU 。每个路由器都有一个链路状态数据库 LSDB ,用于存储 LSA ,通过各路由器洪泛发送封装有自己 LSA 的 LSU 分组, 各路由器的 LSDB 最终将达到一致 。
每个 LSA 最长存活时间是 1 小时,如果 1 小时内该 LSA 未被更新过,则会被 flush 掉,为了防止 LSA 老化,OSPF 每 30 分钟会泛洪一次 LSA 。(这其实是一种设计缺陷,因为泛洪 LSA 对网络压力较大)
LSA 的新旧程度由序列号来标识,每泛洪一次 LSA 序列号就 +1 。
Figure 1: 收到 LSA 执行逻辑
Figure 2: LSA 内容
Figure 3: 基于 LSDB 进行 SPF 计算
使用 show ip ospf database 来查看 LSDB 的 简要 信息,详细信息需使用具体子命令(参见实验部分):
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0) # LSA1
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 1722 0x80000005 0x00E0FE 1
3.3.3.3 3.3.3.3 1717 0x80000006 0x00284C 2
4.4.4.4 4.4.4.4 1718 0x80000006 0x0017A0 1
Net Link States (Area 0) # LSA2
Link ID ADV Router Age Seq# Checksum
23.1.1.1 3.3.3.3 1729 0x80000001 0x00B052
34.1.1.2 4.4.4.4 1730 0x80000001 0x004D9D
Summary Net Link States (Area 0) # LSA3
Link ID ADV Router Age Seq# Checksum
1.1.0.0 2.2.2.2 1717 0x80000001 0x009397
4.1.0.0 4.4.4.4 1765 0x80000001 0x00CB5E
12.1.1.0 2.2.2.2 1764 0x80000001 0x00EB34
| Type 1 | Type 2 | Type 3 | Type 4 | Type 5 | Type7 | |
|---|---|---|---|---|---|---|
| 发出源 | 所有路由器 | DR (只在 MA/NBMA 网络中) | ABR | 起始区域(ASBR 所在区域) ABR | ASBR | ASBR |
| 接收者 | 同一 Area 内其他Router | 同一 Area 内的 Non-DR | 同一 Area 内的其他 Router | 同一 Area 内的其他 Router | OSPF 内所有 Router | NSSA 内的 Router |
| 作用范围 | Area 内 | Area 内 | 整个 AS | 整个 AS | 整个 AS (除 Stub) | NSSA 内 |
| 包含内容 | 直连网络信息 | MA 网络子网掩码 | Type 1 和 Type 2 的汇总信息 | ASBR 信息(用于找到 ASBR) | 外部网络信息 | 外部网络信息 |
1.7 ABR 对 LSA3 的传递规则
- ABR 会转换
Area 0的 LSA1, LSA2 到非 Area 0的 LSA3 - ABR 会转换
非 Area 0的 LSA1, LSA2 到Area 0的 LSA3 - ABR 会转换
Area 0的 LSA3 到非 Area 0的 LSA3 (如果将被转入的 ABR 已经有了该区域的 LSA1/LSA2 ,则 Area0 的 LSA3 不会被转入,因为有 LSA1/LSA2 已经足够了,LSA3 只是 LSA1/LSA2 的汇总) - ABR 不会 把
非 Area 0的 LSA3 再 转进Area 0的 LSA3
1.8 各类 LSA 中 Link ID 与 ADV Router 的意义
| LSA Type | Link ID | ADV Router |
|---|---|---|
| LSA 1 | Router ID | Router ID |
| LSA 2 | DR's IP | DR's Router ID |
| LSA 3 | 域间路由前缀 | ABR's Router ID |
| LSA 4 | ASBR's Router ID | ABR's Router ID |
| LSA 5 | 外部路由前缀 | ASBR's Router ID |
1.9 选路规则
1.9.1 O 路由
- 依次比较 AD,Metric,越小越优先
- 当收到来自不同 Area 的 LSA1,LSA2,若 AD 和 Metric 相同,先到者优先,不会负载
- 当收到来自相同 Area 的 LSA1,LSA2,若 AD 和 Metric 相同,负载
1.9.2 OIA 路由
- O 路由优先于 OIA 路由, 不考虑 AD,Metric
- 如收到来自 Area 0 的 LSA3 时,不考虑其他区域的 LSA3 , 优选 Area 0 的 ,且不考虑 AD,Metric 。如均来自 Area 0 ,则依次比较 AD,Metric,如仍相同,则负载
- 当收到来自非 Area0 的 LSA3 时,依次比较 AD,Metric ,小的优先,如相同,则负载
1.9.3 OE 路由
- OIA > OE ,不考虑 AD,Metric
- OE1 > OE2 ,不考虑 AD,Metric
- OE1 路由之间,比较 AD,Metric,如果相同则负载
- OE2 路由之间,先比较 AD ,小的优先;再比较种子 Metric ,小的优先;再比较 Forward Metric ,小的优先;若完全一致,则负载
1.10 OE1 与 OE2 的区别
- 当
Metric Type = 2时,路由表中呈现 OE2 路由,路由的 Metric 值为 种子metric (默认20) - 当
Metric Type = 1时,路由表中呈现 OE1 路由,路由的 Metric 值为 种子metric + Forward_Metric
当 FA 为 0.0.0.0 时,Forward Metric 为 本路由器到 ASBR 的 Metric 。
Figure 4: 查看种子 Metric 与 Forward Metric
1.11 自治系统(AS)
为了使 OSPF 用于很大规模的网络,OSPF 支持划分区域的机制,区域是 面向接口 而不是面向路由器。
如下图所示的网络拓扑,图中路由器都属于同一个自治系统。在该自治系统内,所有路由器执行基于 OSPF 的内部网关协议。
OSPF 可以将该自治系统划分为四个更小的区域,每个区域都有一个 32 位的 区域标识符 (可用点分十进制表示)。
主干区域的标识符必须为 0 (0.0.0.0) ,用于连通其他区域。划分区域的好处在于将洪泛控制在一个较小的范围,而不是整个自治系统,以减少网络上的通信量。
- 如果路由器的所有接口都在同一区域内,该路由器称为 区域内路由器(IR) 。
- 为了使本区域和其他区域连通,每个区域都会有一个 区域边界路由器(ABR) ,它的一个接口连接自身区域,另一个接口 连接主干区域 (ABR 的压力其实非常大)。
- 主干区域内的路由器称为 主干路由器(BBR) ,在主干区域内,要有一个路由器用于与其他自治系统(可能使用不同的路由协议)交换路由信息,这个路由器称为 自治系统边界路由器(ASBR) 。 主干区域维护全网的路由信息,不同内部区域的路由信息交换要先发给主干区域,再由主干区域进行转发。
以下图中的路由器 R3 为例,它会向本自治系统发送区域 0, 2, 3 的 LSA ,向主干区域发送区域 1 的 LSA 。
Figure 5: OSPF 划分区域
1.12 多路访问网络(Multi Access)
通过路由器的一个接口,通过二层设备可以直接到达多台其他设备的网络叫做多路访问网络(MA), 以太网属于 MA ,使用串口的点对点网络不属于 MA 。
由于 MA 网络自身特性会导致建立大量邻接关系,LSA 流量也会增大,未解决这个问题,OSPF 在 MA 网络中定义了 DR/BDR 的概念。
在 MA 网络中,DR 和 BDR 的选举是 必须的 。一个 MA 中 必须要有 DR 但不一定要有 BDR (优先级设为0)。 所有的非 DR/BDR 只与 DR/BDR 建立邻居关系。非 DR/BDR 之间通过 DR/BDR 交换信息
发送给 DR/BDR 的数据包使用组播地址 224.0.0.6 ,DR 发送给其他路由器的数据包使用组播地址 224.0.0.5 。
Figure 7: 多路访问网络中路由器邻居关系的优化
1.13 OSPF 数据包
Figure 8: 数据包类型及作用
1.13.1 Hello
OSPF 路由器之间通过 Hello 分组发现和维护邻居关系。
- Hello 分组发往组播地址 224.0.0.5
- 每 10 秒发送一个 Hello 数据包用以维持邻居关系
- \(4*Hello\) 周期内未收到来自邻居路由器的 Hello 分组,则认为该邻居路由器不可达
Figure 9: 邻居表
1.13.2 Database Description
只是 LSDB 的描述信息(非详细),可以理解为简短摘要(目录)。
1.13.3 Link State Request (可靠传输)
1.13.4 Link State Update (可靠传输)
1.13.5 Link State Acknowledgment
1.14 特殊区域
| 特殊区域类型 | 作用 | 是否下放默认路由 |
|---|---|---|
| Stub | 过滤 LSA 4/5 | 是(通过 LSA 3 下放) |
| Totally Stub | 过滤 LSA 3/4/5 | 是(通过 LSA 3 下放) |
| NSSA | 过滤 LSA 4/5 | 否,需要手动下放(通过 LSA7) |
| Totally NSSA | 过滤 LSA 3/4/5 | 是(通过 LSA3) |
1.14.1 Stub
不接收外部 LSA 信息(LSA4, LSA5),只接收 LSA1, LSA2, LSA3 ,且 ABR自动下发一条 OIA 默认路由 。
一个区域能设置为 stub 或 totally stub 的条件是:
- 区域内所有路由器均配置为 stub 路由器
- 区域内没有 ASBR
- 区域不能是
area 0 - 没有 Virual Links 穿越该区域
1.14.2 Totally Stub
相比 stub ,totally stub 连 LSA3 都不接收,目的是使 LSDB 最小化。但仍然会有 LSA3 的默认路由。
即 Totally stub 阻止3,4,5类 LSA,允许1,2,3* (默认路由) 类LSA ,且 ABR 自动下发 OIA 默认路由。
1.14.3 NSSA
阻止 4,5 类 LSA ,允许 1,2,3,7 类 LSA ,且 ABR 不会自动下发 OIA 默认路由 。
能引入外部链路信息的 stub 区域。外部链路信息不能用 LSA5 传递,而是要用 LSA7 来传递。
NSSA 区域没有默认路由,但可以以一个 7 类 LSA 手动 发布一条默认路由:
area <id> nssa default-information-originate
NSSA ABR ,某种程度上可以理解为 ASBR , 由于 NSSA ABR 承担了 7 转 5 ,它负责生产了 5 ,其他区域没必要知道真正的 ASBR(产生 7 的路由器), 因此 NSSA ABR 也就没必要在 area0 等常规区域产生 4 指向真正的 ASBR 。 其他区域只需要将 NSSA ABR 当做 ASBR 即可。
1.14.4 完全 NSSA
与 NSSA 的区别在于不接收 LSA3 ,但会以 3 类 LSA 自动发布一条默认路由。
即 Totally NSSA 阻止 3,4,5 类 LSA ,允许 1,2,3*,7 类 LSA , 且 ABR 自动下发 OIA 默认路由。
1.15 FA (Forward Address)
FA 作用主要是在告诉域内路由器在特定场合下访问域外路由不要找 ASBR ,要找 FA 这个转发地址。以免路由器以 ASBR 为下一跳,再由 ASBR 自己转发到正确的下一跳,而产生额外的路由,即解决次优路径问题。
如传来的 LSA5 中包含 FA (不为0) ,则路由条目的下一跳参考 FA 的下一跳,否则下一跳即为 ASBR 。
只有 当 FA 地址所在网段为 O 或 IA 时, 才可以 把此 E2 条目放入路由表, 即 FA 地址一定要让 OSPF 进程所认识。 \\h
这是因为 OSPF 是一个无环的链路状态协议, 区域内的无环是依靠最短路径树来保证,而区域间的无环是依靠非骨干区域和骨干区域连接来实现 ,
这些方法保证了 AS 内部路由计算的可靠性。
而 FA 本身就是用于转发到达外部网络的地址,如果去往这个地址的路由不是 OSPF 计算得出的,那么很可能会导致路由问题。
当下列所有条件均满足的情况下,TYPE 5 LSA 中 FA 字段设置为非 0 :
- 在 ASBR 上,与引入外部路由下一跳关联的接口启动了 OSPF ,即位于 network 命令范围内
- 在 ASBR 上,与引入外部路由下一跳关联的接口不能配置被动接口 (前两个规则是确保LSA能够被通告)
- 在 ASBR 上,与引入外部路由下一跳关联的接口配置的 OSPF 网络类型不能是 P2P 或 P2MP (因为 FA 只有在 MA,NBMA 场景下才有必要存在,p2p 不需要)
1.15.1 FA 取值
1.15.1.1 NSSA 区域,重分布直连的场景
FA 的值为:
- 最新 加入 OSPF 的环回口地址
- 如果没有环回口,则为 最新 激活的 OSPF 接口地址
1.15.1.2 NSSA 区域,MA 网络,重分布外部路由的场景
FA 的值为:
- 如外部接口没有运行 OSPF ,则 FA 取值规律同上
- 如外部接口运行了 OSPF ,则 FA 为外部路由的下一跳地址
1.15.1.3 非 NSSA 区域,MA 网络,重分布外部路由的场景
FA 的值为:
- 如果外部接口没有运行 OSPF ,FA 为
0.0.0.0 - 如果外部接口运行了 OSPF ,FA 为外部路由的下一跳地址
1.16 建立邻接关系的过程(经历7个状态)
1.16.1 DOWN
1.16.2 INIT
发出 Hello 即进入 INIT 状态 。
1.16.3 TWO-WAY
互相收到 Hello (即某个接口发出以及收到 Hello)则进入 TWO-WAY 状态。阻塞在该状态通常是在选举 DR/BDR 。
1.16.4 Ex-Start
使用 DB Description 数据报来选举并确立邻居间的主从关系,主从选举的目的在于确定在传输 DBD 报文时,使用哪个设备的序列号进行编号。
该序列号用于 DBD 报文的确认,发出的序列号对端回复时 +1 即可。
1.16.5 Exchange
使用 DBD 数据报交换 LSA 头部信息,这一阶段是真正交换数据库描述信息。
1.16.6 Loading
该阶段交互 LSR 与 LSU 报文。
1.16.7 Full
1.17 防环设计 1
1.17.1 LSA1/LSA2 防环
通过 Type-1 及 Type-2 ,路由器能够描绘出区域内的拓扑及网段信息,从而运行 SPF 算法,计算出到达每个网段的最优路径, 并将这些路径保存到路由表中,因此区域内的路由可以保证无环路。
1.17.2 LSA3 防环
- OSPF 要求所有的非 0 区域必须与骨干区域直接相连,区域间路由需经由骨干区域中转
- ABR 只能够将其所连接的区域的区域内部路由(即 LSA1/LSA2 的汇总)注入到 Area0 ,ABR 从非骨干区域收到的 Type-3 不能用于区域间路由的计算,但可用于更新 LSDB
- OSPF 规定从骨干区域传来的三类 LSA 不再传回骨干区域
1.17.3 LSA5 防环
一台路由器使用 Type-5 计算出路由的前提是两个:
- 收到 Type-5 LSA
- 要知道产生这个 Type-5 的 ASBR 在哪里
与 ASBR 接入同一个区域的路由器能够根据该区域内泛洪的 Type-1 LSA 及 Type-2 LSA 计算出到达该 ASBR 的最短路径,从而计算出最佳路由。
因为 ASBR 产生的 Type-1 只能在其所在的区域内泛洪,所以才需要 Type-4 LSA 。因此 其他区域的路由器在获取 Type-4 LSA 后便能计算出到达 ASBR 的最短路径 ,进而利用该 ASBR 产生的 Type-5 LSA 计算出外部路由。
表面上看,Type-5 本身并不具有什么防环的能力,但实际上,它可以依赖 Type-1 及 Type-4 来实现防环。
2 实验
2.1 基本配置与查询
Figure 15: 实验拓扑
2.1.1 开启 OSPF 并通告网络
R1(config)#router ospf 1 R1(config-router)#router-id 1.1.1.1 R1(config-router)#network 12.1.1.0 0.0.0.255 area 0 R1(config-router)#network 10.1.1.1 0.0.0.0 area 0
2.1.2 查看邻接表
R1>show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 0 FULL/ - 00:00:36 12.1.1.2 Serial1/1
R2>show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 0 FULL/ - 00:00:30 23.1.1.3 Serial1/1 1.1.1.1 0 FULL/ - 00:00:36 12.1.1.1 Serial1/0
R3>show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 0 FULL/ - 00:00:32 23.1.1.2 Serial1/0
2.1.3 查看链路状态数据库
R1>show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 886 0x8000000D 0x0092BA 3
2.2.2.2 2.2.2.2 679 0x80000004 0x00533D 4
3.3.3.3 3.3.3.3 618 0x80000002 0x00CE5B 3
R2>show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 915 0x8000000D 0x0092BA 3
2.2.2.2 2.2.2.2 707 0x80000004 0x00533D 4
3.3.3.3 3.3.3.3 645 0x80000002 0x00CE5B 3
R3>show ip ospf database
OSPF Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 940 0x8000000D 0x0092BA 3
2.2.2.2 2.2.2.2 733 0x80000004 0x00533D 4
3.3.3.3 3.3.3.3 669 0x80000002 0x00CE5B 3
2.1.4 查看使用 OSPF 的接口信息
R1>show ip ospf interface
Loopback0 is up, line protocol is up
Internet Address 10.1.1.1/32, Area 0, Attached via Network Statement
Process ID 1, Router ID 1.1.1.1, Network Type LOOPBACK, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Loopback interface is treated as a stub Host
Serial1/1 is up, line protocol is up
Internet Address 12.1.1.1/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
Topology-MTID Cost Disabled Shutdown Topology Name
0 64 no no Base
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:05
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2
Suppress hello for 0 neighbor(s)
2.1.5 查看 OSPF 算法信息
R1>show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1
Start time: 00:03:30.292, Time elapsed: 05:32:34.688
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Supports Database Exchange Summary List Optimization (RFC 5243)
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
EXCHANGE/LOADING adjacency limit: initial 300, process maximum 300
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 2 (1 loopback)
Area has no authentication
SPF algorithm last executed 00:16:58.204 ago
SPF algorithm executed 7 times
Area ranges are
Number of LSA 3. Checksum Sum 0x01B452
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
2.1.6 查看路由协议信息
R1>show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 1.1.1.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.1 0.0.0.0 area 0
12.1.1.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
3.3.3.3 110 00:06:50
2.2.2.2 110 00:09:22
Distance: (default is 110)
2.2 检查 MA 中 DR/BDR
Figure 16: 实验拓扑
需在同一时刻开启所有设备,并观察选举结果。(如果开启时刻间隔太长,则会发生局部选举完成,而 DR/BDR 选举是非抢占式的,所以观察到的结果可能不同)
2.2.1 观察邻居角色
MA 网络中,非 DR/BDR 接口之间会阻塞在 2WAY/DROTHER 状态。
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 1 2WAY/DROTHER 00:00:34 192.168.2.3 Ethernet0/1
4.4.4.4 1 FULL/BDR 00:00:34 192.168.2.4 Ethernet0/1
5.5.5.5 1 FULL/DR 00:00:33 192.168.2.5 Ethernet0/1
1.1.1.1 1 FULL/BDR 00:00:33 192.168.1.1 Ethernet0/0
2.2.2 观察接口 OSPF 状态
R2#show ip ospf interface e0/0 Ethernet0/0 is up, line protocol is up Internet Address 192.168.1.2/24, Area 0, Attached via Network Statement Process ID 1, Router ID 2.2.2.2, Network Type BROADCAST, Cost: 10 Topology-MTID Cost Disabled Shutdown Topology Name 0 10 no no Base Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 2.2.2.2, Interface address 192.168.1.2 Backup Designated router (ID) 1.1.1.1, Interface address 192.168.1.1 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:06 Supports Link-local Signaling (LLS) Cisco NSF helper support enabled IETF NSF helper support enabled Index 1/1/1, flood queue length 0 Next 0x0(0)/0x0(0)/0x0(0) Last flood scan length is 1, maximum is 2 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 1.1.1.1 (Backup Designated Router) Suppress hello for 0 neighbor(s) R2#show ip ospf interface e0/1 Ethernet0/1 is up, line protocol is up Internet Address 192.168.2.2/24, Area 0, Attached via Network Statement Process ID 1, Router ID 2.2.2.2, Network Type BROADCAST, Cost: 10 Topology-MTID Cost Disabled Shutdown Topology Name 0 10 no no Base Transmit Delay is 1 sec, State DROTHER, Priority 1 Designated Router (ID) 5.5.5.5, Interface address 192.168.2.5 Backup Designated router (ID) 4.4.4.4, Interface address 192.168.2.4 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:02 Supports Link-local Signaling (LLS) Cisco NSF helper support enabled IETF NSF helper support enabled Index 1/2/2, flood queue length 0 Next 0x0(0)/0x0(0)/0x0(0) Last flood scan length is 0, maximum is 2 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 3, Adjacent neighbor count is 2 Adjacent with neighbor 4.4.4.4 (Backup Designated Router) Adjacent with neighbor 5.5.5.5 (Designated Router) Suppress hello for 0 neighbor(s)
2.2.3 观察接口监听组播地址
R2#show ip interface e0/0 Ethernet0/0 is up, line protocol is up Internet address is 192.168.1.2/24 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Multicast reserved groups joined: 224.0.0.5 224.0.0.6 # 只有 DR/BDR 才会监听该组播地址 ... R2#show ip interface e0/1 Ethernet0/1 is up, line protocol is up Internet address is 192.168.2.2/24 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Multicast reserved groups joined: 224.0.0.5 ...
2.3 路由汇总
2.3.1 域内汇总 (3类LSA汇总)[range]
area <Num> range <Prefix> <Mask>
即把区域 Num 的 1,2类(即O路由)转为3类的时候做汇总, 不能对本来就是 OIA 的路由进行汇总。
Figure 17: OSPF 只允许在 ABR 上由普通区域向骨干区域通告路由时进行汇总
不同于 EIGRP 是在接口配置模式中进行路由汇总,OSPF 是在 路由器协议配置模式下 进行汇总操作。
Figure 18: 实验拓扑
2.3.1.1 观察汇总前的路由信息
R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 3 subnets # OSPF 会将环回网络认作 32 位的主机路由
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:06:45, Ethernet0/0
O IA 1.1.2.1 [110/21] via 23.1.1.2, 00:06:45, Ethernet0/0
O IA 1.1.3.1 [110/21] via 23.1.1.2, 00:06:45, Ethernet0/0
4.0.0.0/32 is subnetted, 3 subnets
O IA 4.1.1.1 [110/11] via 34.1.1.2, 00:03:36, Ethernet0/1
O IA 4.1.2.1 [110/11] via 34.1.1.2, 00:03:36, Ethernet0/1
O IA 4.1.3.1 [110/11] via 34.1.1.2, 00:03:26, Ethernet0/1
12.0.0.0/30 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:06:45, Ethernet0/0
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/30 is directly connected, Ethernet0/0
L 23.1.1.1/32 is directly connected, Ethernet0/0
34.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 34.1.1.0/30 is directly connected, Ethernet0/1
L 34.1.1.1/32 is directly connected, Ethernet0/1
R3#
2.3.1.2 进行汇总
必须是 ABR/ASBR 且在路由协议配置模式下进行操作。
汇总
1.1.0.0/22R2(config)#router ospf 1 R2(config-router)#area 1 range 1.1.0.0 255.255.252.0
汇总
4.1.0.0/22R4(config)#router ospf 1 R4(config-router)#area 2 range 4.1.0.0 255.255.252.0
2.3.1.3 观察汇总后的路由
R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/22 is subnetted, 1 subnets
O IA 1.1.0.0 [110/21] via 23.1.1.2, 00:03:30, Ethernet0/0
4.0.0.0/22 is subnetted, 1 subnets
O IA 4.1.0.0 [110/11] via 34.1.1.2, 00:00:06, Ethernet0/1
12.0.0.0/30 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 10:56:06, Ethernet0/0
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/30 is directly connected, Ethernet0/0
L 23.1.1.1/32 is directly connected, Ethernet0/0
34.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 34.1.1.0/30 is directly connected, Ethernet0/1
L 34.1.1.1/32 is directly connected, Ethernet0/1
在进行汇总操作的路由器上会创建 空接口 :
R2#show ip route
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 1.1.0.0/22 is a summary, 00:06:42, Null0
O 1.1.1.1/32 [110/11] via 12.1.1.1, 00:06:42, Ethernet0/0
O 1.1.2.1/32 [110/11] via 12.1.1.1, 00:06:42, Ethernet0/0
O 1.1.3.1/32 [110/11] via 12.1.1.1, 00:06:42, Ethernet0/0
4.0.0.0/22 is subnetted, 1 subnets
O IA 4.1.0.0 [110/21] via 23.1.1.1, 00:03:19, Ethernet0/1
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 12.1.1.0/30 is directly connected, Ethernet0/0
L 12.1.1.2/32 is directly connected, Ethernet0/0
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/30 is directly connected, Ethernet0/1
L 23.1.1.2/32 is directly connected, Ethernet0/1
34.0.0.0/30 is subnetted, 1 subnets
O 34.1.1.0 [110/20] via 23.1.1.1, 00:06:42, Ethernet0/1
2.3.1.4 not-advertise 参数的作用 2
用于 过滤 的目的,既抑制明细,又不通告汇总。
2.3.2 域外汇总 (5类LSA汇总)[summary-address] 3
summary-address <Prefix> <Mask>
只能在 ASBR 上进行此操作, 只能针对本路由器产生的5类路由进行汇总,对于别的路由器产生的5类路由,是没有汇总能力的。
2.4 观察 LSA
Figure 19: 实验拓扑
hostname R6 ! router ospf 1 redistribute rip subnets network 192.168.56.0 0.0.0.255 area 20 ! router rip version 2 redistribute ospf 1 metric 1 network 192.168.67.0
2.4.1 Router LSA (Type 1)
Router LSA 是在同一个 Area 内所有路由器(包括自身)送来的 Link State :(缺少了网络的掩码信息,这个信息从 LSA2 中获得)
R1#show ip ospf database router
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 10)
LS age: 1188 # 第一条 LSA1
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 1.1.1.1
Advertising Router: 1.1.1.1 # 自身发出
LS Seq Number: 80000003
Checksum: 0x1A19
Length: 36
Number of Links: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 192.168.12.1
(Link Data) Router Interface address: 192.168.12.1
Number of MTID metrics: 0
TOS 0 Metrics: 10
LS age: 1171 # 第二条 LSA1
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 2.2.2.2
Advertising Router: 2.2.2.2 # 2.2.2.2 发出
LS Seq Number: 80000003
Checksum: 0xDE4A
Length: 36
Area Border Router # 表明 2.2.2.2 是 ABR
Number of Links: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 192.168.12.1
(Link Data) Router Interface address: 192.168.12.2 # 有一个接口属于该域
Number of MTID metrics: 0
TOS 0 Metrics: 10
2.4.2 Network LSA (Type 2)
该 LSA 是每个网段的 DR 发送给其他路由器,告诉它们当前 DR 正连着哪些路由器。
以 R1 为例,查看从 R2 发来的 LSA2 :
R1# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 1 FULL/DR 00:00:31 192.168.12.2 Ethernet0/0 R1#show ip ospf database network OSPF Router with ID (1.1.1.1) (Process ID 1) Net Link States (Area 10) LS age: 220 Options: (No TOS-capability, DC) LS Type: Network Links Link State ID: 192.168.12.2 (address of Designated Router) Advertising Router: 2.2.2.2 LS Seq Number: 80000001 Checksum: 0x8F1F Length: 32 Network Mask: /24 # 掩码信息 Attached Router: 2.2.2.2 # 连着自身 Attached Router: 1.1.1.1 # 连着 1.1.1.1
2.4.3 Network Summary LSA (Type 3)
由 ABR 产生,告诉 Area 内的路由器从它那里可以到达哪些 Network 以及 Cost 。
以 R1 为例,它从 R2 收到 6 条 LSA3 :(可以观察到并没有 192.168.67.0/24 的信息)
R1#show ip ospf database summary
OSPF Router with ID (1.1.1.1) (Process ID 1)
Summary Net Link States (Area 10)
LS age: 830 # 1
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.23.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x2A8
Length: 28
Network Mask: /24
MTID: 0 Metric: 10
LS age: 830 # 2
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.28.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0xCADA
Length: 28
Network Mask: /24
MTID: 0 Metric: 10
LS age: 799 # 3
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.34.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0xECA8
Length: 28
Network Mask: /24
MTID: 0 Metric: 20
LS age: 799 # 4
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.45.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0xD7A8
Length: 28
Network Mask: /24
MTID: 0 Metric: 30
LS age: 799 # 5
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.48.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x5235
Length: 28
Network Mask: /24
MTID: 0 Metric: 20
LS age: 799 # 6
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.56.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0xC2A8
Length: 28
Network Mask: /24
MTID: 0 Metric: 40
2.4.4 ASBR Summary (Type 4)
由 原始区域 ABR 产生,告诉 Area 内的路由器从它那里可以到达哪些 ASBR 以及 Cost 。
以 R1 为例,可以收到一条 LSA4 ,表明通过 R2 可以到达一个叫做 6.6.6.6 的 ASBR ,Cost 为 40 :
R1#show ip ospf database asbr-summary
OSPF Router with ID (1.1.1.1) (Process ID 1)
Summary ASB Link States (Area 10)
LS age: 34
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 6.6.6.6 (AS Boundary Router address)
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0xB939
Length: 28
Network Mask: /0
MTID: 0 Metric: 40
2.4.5 External LSA (Type 5)
由 ASBR 产生,告知 所有 Area (除了 Stub Area )内的所有路由器,从它那里可以到达哪些 External Network (非 OSPF 自治区)。
以 R1 为例,它可以收到来自 R6 发布的 LSA5 ,告诉它从 R6 可以到达 192.168.67.0/24 这个网络:
R1#show ip ospf database external
OSPF Router with ID (1.1.1.1) (Process ID 1)
Type-5 AS External Link States
LS age: 376
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 192.168.67.0 (External Network Number )
Advertising Router: 6.6.6.6
LS Seq Number: 80000002
Checksum: 0x9B3F
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path) # E2
MTID: 0
Metric: 20 # LSA5 会形成 O E2 类型路由条目,并且默认 cost 值为 20
Forward Address: 0.0.0.0
External Route Tag: 0
2.5 特殊区域
Figure 23: 初始实验拓扑
2.5.1 Stub 4
Figure 24: Stub 通常不需要学习区域间的路由信息,只要个单一出口就够了
先观察 R1 的路由表和 LSDB :
R1#show ip route | begin Gateway
Gateway of last resort is not set
192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.12.0/24 is directly connected, Ethernet0/0
L 192.168.12.1/32 is directly connected, Ethernet0/0
O IA 192.168.23.0/24 [110/20] via 192.168.12.2, 01:27:58, Ethernet0/0
O IA 192.168.28.0/24 [110/20] via 192.168.12.2, 01:27:58, Ethernet0/0
O IA 192.168.34.0/24 [110/30] via 192.168.12.2, 01:27:58, Ethernet0/0
O IA 192.168.45.0/24 [110/40] via 192.168.12.2, 01:27:58, Ethernet0/0
O IA 192.168.48.0/24 [110/30] via 192.168.12.2, 01:27:58, Ethernet0/0
O IA 192.168.56.0/24 [110/50] via 192.168.12.2, 01:27:58, Ethernet0/0
O E2 192.168.67.0/24 [110/20] via 192.168.12.2, 01:27:58, Ethernet0/0
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 10)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1305 0x80000007 0x001C12 1
2.2.2.2 2.2.2.2 1315 0x80000007 0x00E043 1
Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
192.168.12.2 2.2.2.2 1315 0x80000003 0x008B21
Summary Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
192.168.23.0 2.2.2.2 1315 0x80000003 0x00FDAA
192.168.28.0 2.2.2.2 1315 0x80000003 0x00C6DC
192.168.34.0 2.2.2.2 1315 0x80000003 0x00E8AA
192.168.45.0 2.2.2.2 1315 0x80000003 0x00D3AA
192.168.48.0 2.2.2.2 1315 0x80000003 0x004E37
192.168.56.0 2.2.2.2 1315 0x80000003 0x00BEAA
Summary ASB Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
6.6.6.6 2.2.2.2 1315 0x80000003 0x00B73A
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
192.168.67.0 6.6.6.6 1342 0x80000003 0x009940 0
可以看出所有的路由都指向 192.168.1.12 ,非常繁琐且占用资源。使用 area <no> stub 对 R1 和 R2 进行设置:
R1(config)#router ospf 1 R1(config-router)#area 10 stub R1(config-router)# *Apr 26 08:57:32.580: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset R1(config-router)# *Apr 26 08:57:55.864: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0/0 from LOADING to FULL, Loading Done
R2(config)#router ospf 1 R2(config-router)#area 10 stub R2(config-router)# *Apr 26 08:57:50.646: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from FULL to DOWN, Neighbor Down: Adjacency forced to reset R2(config-router)# *Apr 26 08:57:55.865: %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Ethernet0/0 from LOADING to FULL, Loading Done
此时 R1 的路由信息如下:
R1#show ip route ospf | begin Gateway Gateway of last resort is 192.168.12.2 to network 0.0.0.0 O*IA 0.0.0.0/0 [110/11] via 192.168.12.2, 00:03:06, Ethernet0/0 # 这条静态路由代替了原先的 E2 路由 O IA 192.168.23.0/24 [110/20] via 192.168.12.2, 00:03:06, Ethernet0/0 O IA 192.168.28.0/24 [110/20] via 192.168.12.2, 00:03:06, Ethernet0/0 O IA 192.168.34.0/24 [110/30] via 192.168.12.2, 00:03:06, Ethernet0/0 O IA 192.168.45.0/24 [110/40] via 192.168.12.2, 00:03:06, Ethernet0/0 O IA 192.168.48.0/24 [110/30] via 192.168.12.2, 00:03:06, Ethernet0/0 O IA 192.168.56.0/24 [110/50] via 192.168.12.2, 00:03:06, Ethernet0/0
这是因为 Stub Area 可以禁止 Type 4 和 Type 5 的 LSA 进入 Area ,并且 ABR 会发出 0.0.0.0 的 Type 3 ,如下:
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 10)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 658 0x8000000C 0x0030FA 1
2.2.2.2 2.2.2.2 669 0x8000000B 0x00F62B 1
Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
192.168.12.2 2.2.2.2 669 0x80000007 0x00A109
Summary Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 2.2.2.2 674 0x80000001 0x0075C0
192.168.23.0 2.2.2.2 674 0x80000006 0x001691
192.168.28.0 2.2.2.2 674 0x80000006 0x00DEC3
192.168.34.0 2.2.2.2 674 0x80000006 0x000191
192.168.45.0 2.2.2.2 674 0x80000006 0x00EB91
192.168.48.0 2.2.2.2 674 0x80000006 0x00661E
192.168.56.0 2.2.2.2 674 0x80000006 0x00D691
# 可以看到 Type 4 和 Type 5 的条目消失了
2.5.1.1 Totally Stubby Area
上面 R1 的路由表其实还可以再简化一点, 只需 在 R2 上运行 area <no> stub no-summary 并查看 R1 的路由表:
R1#show ip route | begin Gateway
Gateway of last resort is 192.168.12.2 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/11] via 192.168.12.2, 00:00:03, Ethernet0/0
192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.12.0/24 is directly connected, Ethernet0/0
L 192.168.12.1/32 is directly connected, Ethernet0/0
这是因为 Totally Stubby Area 中,除了 0.0.0.0 之外的所有 Type 3 都被禁止了 ,查看 LSDB 如下:
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 10)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 151 0x80000010 0x0028FE 1
2.2.2.2 2.2.2.2 151 0x80000010 0x00EC30 1
Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
192.168.12.2 2.2.2.2 148 0x80000009 0x009D0B
Summary Net Link States (Area 10)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 2.2.2.2 161 0x80000003 0x0071C2
# 其他的 LSA3 条目都消失了
因此,Stub Area 和 Totally Stubby Area 能有效减少 LSA 的传递,减轻网络负担,并简化路由表。
但 使用前提 是 Area 不与 External Network 相连。
2.5.2 Not So Stubby Area (NSSA)
通常只有骨干区域才与外部区域相连 ,如果区域符合 Stub 的特点,又 需要连接外部网络 (如图中 Area 20), 这时可以使用 NSSA 。
先看下 R5 的路由表和 LSDB :
R5#show ip route | begin Gateway
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/40] via 192.168.45.4, 04:05:26, Ethernet0/0
O IA 192.168.23.0/24 [110/30] via 192.168.45.4, 04:05:26, Ethernet0/0
O IA 192.168.28.0/24 [110/30] via 192.168.45.4, 04:05:27, Ethernet0/0
O IA 192.168.34.0/24 [110/20] via 192.168.45.4, 04:05:27, Ethernet0/0
192.168.45.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.45.0/24 is directly connected, Ethernet0/0
L 192.168.45.5/32 is directly connected, Ethernet0/0
O IA 192.168.48.0/24 [110/20] via 192.168.45.4, 04:05:27, Ethernet0/0
192.168.56.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.56.0/24 is directly connected, Ethernet0/1
L 192.168.56.5/32 is directly connected, Ethernet0/1
O E2 192.168.67.0/24 [110/20] via 192.168.56.6, 04:05:37, Ethernet0/1
R5#show ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 20)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 689 0x8000000C 0x005176 1
5.5.5.5 5.5.5.5 793 0x8000000C 0x003A1E 2
6.6.6.6 6.6.6.6 746 0x8000000D 0x00D2C9 1
Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
192.168.45.5 5.5.5.5 793 0x80000008 0x0099C5
192.168.56.6 6.6.6.6 746 0x80000008 0x004CFA
Summary Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
192.168.12.0 4.4.4.4 689 0x80000008 0x00F998
192.168.23.0 4.4.4.4 689 0x80000008 0x001C75
192.168.28.0 4.4.4.4 689 0x80000008 0x00E4A7
192.168.34.0 4.4.4.4 689 0x80000008 0x003E52
192.168.48.0 4.4.4.4 689 0x80000008 0x00A3DE
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
192.168.67.0 6.6.6.6 746 0x80000008 0x008F45 0
在 R4, R5, R6 上分别运行 area 20 nssa ,并查看 R5 的 LSDB :
R5#show ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 20)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 30 0x8000000F 0x00F6C5 1
5.5.5.5 5.5.5.5 13 0x80000010 0x00D776 2
6.6.6.6 6.6.6.6 20 0x8000000F 0x007420 1
Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
192.168.45.5 5.5.5.5 36 0x8000000A 0x003B1C
192.168.56.6 6.6.6.6 20 0x8000000A 0x00ED51
Summary Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
192.168.12.0 4.4.4.4 63 0x80000009 0x009DED
192.168.23.0 4.4.4.4 63 0x80000009 0x00BFCA
192.168.28.0 4.4.4.4 63 0x80000009 0x0088FC
192.168.34.0 4.4.4.4 63 0x80000009 0x00E1A7
192.168.48.0 4.4.4.4 63 0x80000009 0x004734
# LSA4 和 LSA5 条目不见了
Type-7 AS External Link States (Area 20) # 新增 LSA7 条目
Link ID ADV Router Age Seq# Checksum Tag
192.168.67.0 6.6.6.6 24 0x80000001 0x0068C1 0
R5#show ip ospf database nssa-external # 查看 Type7 LSA
OSPF Router with ID (5.5.5.5) (Process ID 1)
Type-7 AS External Link States (Area 20)
LS age: 254
Options: (No TOS-capability, Type 7/5 translation, DC, Upward)
LS Type: AS External Link
Link State ID: 192.168.67.0 (External Network Number )
Advertising Router: 6.6.6.6
LS Seq Number: 80000001
Checksum: 0x68C1
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.56.6
External Route Tag: 0
可以看出 NSSA 同样禁止了 Type 4 和 Type 5 ,因此 ASBR 改用 Type 7 来传递 External Network 信息, Type 7 和 Type 5 类似 ,但当 Type 7 从 R6 传递到 R4 时,Type 7 会再次 转换回 Type 5 并传递给其他 Area 。
再次查看 R5 的路由表:
R5#show ip route | begin Gateway
Gateway of last resort is not set
O IA 192.168.12.0/24 [110/40] via 192.168.45.4, 00:05:31, Ethernet0/0
O IA 192.168.23.0/24 [110/30] via 192.168.45.4, 00:05:31, Ethernet0/0
O IA 192.168.28.0/24 [110/30] via 192.168.45.4, 00:05:31, Ethernet0/0
O IA 192.168.34.0/24 [110/20] via 192.168.45.4, 00:05:31, Ethernet0/0
192.168.45.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.45.0/24 is directly connected, Ethernet0/0
L 192.168.45.5/32 is directly connected, Ethernet0/0
O IA 192.168.48.0/24 [110/20] via 192.168.45.4, 00:05:31, Ethernet0/0
192.168.56.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.56.0/24 is directly connected, Ethernet0/1
L 192.168.56.5/32 is directly connected, Ethernet0/1
O N2 192.168.67.0/24 [110/20] via 192.168.56.6, 00:05:08, Ethernet0/1 # 只是把 E2 变为 N2(N2 意为 NSSA 区域的 E2)
不同于 Stub 使用 Type3 下发默认路由,NSSA 需要 手动 配置一条默认路由,
即在 R4 上配置 area 20 nssa default-information-originate ,这样就会以一个 Type7 下发一条默认路由(O*N2)。
再看下 R5 的状态:
R5#show ip route | begin Gateway Gateway of last resort is 192.168.45.4 to network 0.0.0.0 O*N2 0.0.0.0/0 [110/1] via 192.168.45.4, 00:03:23, Ethernet0/0 O IA 192.168.12.0/24 [110/40] via 192.168.45.4, 00:03:50, Ethernet0/0 O IA 192.168.23.0/24 [110/30] via 192.168.45.4, 00:03:50, Ethernet0/0 O IA 192.168.28.0/24 [110/30] via 192.168.45.4, 00:03:50, Ethernet0/0 O IA 192.168.34.0/24 [110/20] via 192.168.45.4, 00:03:50, Ethernet0/0 192.168.45.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.45.0/24 is directly connected, Ethernet0/0 L 192.168.45.5/32 is directly connected, Ethernet0/0 O IA 192.168.48.0/24 [110/20] via 192.168.45.4, 00:03:50, Ethernet0/0 192.168.56.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.56.0/24 is directly connected, Ethernet0/1 L 192.168.56.5/32 is directly connected, Ethernet0/1 O N2 192.168.67.0/24 [110/20] via 192.168.56.6, 00:03:50, Ethernet0/1 R5#show ip ospf database nssa-external OSPF Router with ID (5.5.5.5) (Process ID 1) Type-7 AS External Link States (Area 20) LS age: 221 Options: (No TOS-capability, No Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 4.4.4.4 LS Seq Number: 80000001 Checksum: 0x940D Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 LS age: 888 Options: (No TOS-capability, Type 7/5 translation, DC, Upward) LS Type: AS External Link Link State ID: 192.168.67.0 (External Network Number ) Advertising Router: 6.6.6.6 LS Seq Number: 80000007 Checksum: 0x5CC7 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.56.6 External Route Tag: 0
再看下 R8 的外部路由信息:
R8#show ip ospf database external
OSPF Router with ID (8.8.8.8) (Process ID 1)
Type-5 AS External Link States
LS age: 790
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 192.168.67.0 (External Network Number )
Advertising Router: 4.4.4.4
LS Seq Number: 80000001
Checksum: 0x3903
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.56.6 # Forward Address 表明外部路由的源接收者,通常与通告者不同
External Route Tag: 0
2.5.2.1 NSSA 特性
- 当 NSSA 区域内有多个 ABR 时,由 Router ID 较大 的 ABR 进行七转五操作。
- NSSA 中的 ABR 会被标记为 ASBR (只要能发出 LSA 5 的路由器就是 ASBR )
- 七转五会生成 Forward Address ,当转换后的 Type5 中的 FA 地址不可达时,该条目不会生成一条路由。
如果要避免这种情况,可以在转换的 ABR 上输入
area <no> nssa translate type7 suppress-fa,这样 FA 就变为0.0.0.0。
2.5.2.2 Totally Not So Stubby Area
在 R4 上运行 area 20 nssa no-summary ,在 R5, R6 上运行 area 20 nssa ,再次观察 R5 的路由表和 LSDB :
R5#show ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 20)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 48 0x80000010 0x00F4C6 1
5.5.5.5 5.5.5.5 35 0x80000011 0x00D577 2
6.6.6.6 6.6.6.6 20 0x80000010 0x007221 1
Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
192.168.45.5 5.5.5.5 750 0x8000000A 0x003B1C
192.168.56.6 6.6.6.6 735 0x8000000A 0x00ED51
Summary Net Link States (Area 20)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 4.4.4.4 49 0x80000001 0x00C065 # 以 Type 3 发布一条默认路由(O*IA)
Type-7 AS External Link States (Area 20)
Link ID ADV Router Age Seq# Checksum Tag
192.168.67.0 6.6.6.6 739 0x80000001 0x0068C1 0
R5#show ip route | begin Gateway
Gateway of last resort is 192.168.45.4 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/11] via 192.168.45.4, 00:01:05, Ethernet0/0
192.168.45.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.45.0/24 is directly connected, Ethernet0/0
L 192.168.45.5/32 is directly connected, Ethernet0/0
192.168.56.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.56.0/24 is directly connected, Ethernet0/1
L 192.168.56.5/32 is directly connected, Ethernet0/1
O N2 192.168.67.0/24 [110/20] via 192.168.56.6, 00:01:05, Ethernet0/1
no-redistribution 参数的用法。5
2.6 默认路由
有 2 种方式产生默认路由(其实第二种只是第一种的变体),不像 EIGRP ,有 4 种方式。
2.6.1 方式一(default-information-originate)
Figure 25: 应用场景
通常在出口路由器上可以配置一个 OSPF 默认路由 (0.0.0.0) (通过LSA5产生) 。
在 R1 中进行如下配置:
R1(config)#router ospf 1 R1(config-router)#default-information originate # 该指令可以有一个 always 参数, # 如果不指定 always ,则该路由器必须有一个默认路由,才能给自治系统下发默认路由 # 如果指定了 always ,即使该路由器没有一个默认路由,也可以给自治系统下发默认路由
在 R3 中可以观察到:
R3#show ip route | begin Gateway Gateway of last resort is 192.168.13.1 to network 0.0.0.0 O*E2 0.0.0.0/0 [110/100] via 192.168.13.1, 02:23:23, Ethernet0/0 192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.13.0/24 is directly connected, Ethernet0/0 L 192.168.13.3/32 is directly connected, Ethernet0/0 O 192.168.14.0/24 [110/20] via 192.168.34.4, 02:28:27, Ethernet0/1 [110/20] via 192.168.13.1, 02:30:22, Ethernet0/0 192.168.34.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.34.0/24 is directly connected, Ethernet0/1 L 192.168.34.3/32 is directly connected, Ethernet0/1 R3#show ip ospf database OSPF Router with ID (3.3.3.3) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 599 0x8000000B 0x00E23A 2 3.3.3.3 3.3.3.3 973 0x8000000A 0x00766B 2 4.4.4.4 4.4.4.4 907 0x80000009 0x007066 2 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 192.168.13.1 1.1.1.1 1335 0x80000005 0x00E6C3 192.168.14.1 1.1.1.1 842 0x80000005 0x000E97 192.168.34.3 3.3.3.3 973 0x80000005 0x00255A Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 1.1.1.1 599 0x80000005 0x00F650 1 ! 还有个tag,值为1,是 R1 上 OSPF 的进程号
如果有多个出口网关,则可以通过 metric 参数控制默认路由的优先级:
Figure 26: 多默认路由配置示例
2.6.2 方式二(always)
即 default-information originate always 。
2.7 修改管理距离
2.7.1 方法一: distance
access-list 1 permit 1.2.3.4 ! router ospf 1 distance AD Router-ID 0.0.0.0 1 ! 针对 Router ID 发来的 1.2.3.4 路由,将其管理距离设为 AD !
2.7.2 方法二: distance ospf
router ospf 1 distance ospf intra-area 110 inter-area 111 external 112 !
2.8 不规则区域 6
不规则区域的解决方式有三种:
- 多进程双向重发布
- 隧道
- 虚链路
2.8.1 多进程双向重发布
Figure 27: 实验拓扑
实验初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 int e0/1 ip address 10.1.13.1 255.255.255.0 no sh int e0/0 ip address 10.1.12.1 255.255.255.0 no sh router ospf 110 router-id 11.11.11.11 network 10.1.12.1 0.0.0.0 area 0 network 10.1.13.1 0.0.0.0 area 2 ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 int e0/0 ip address 10.1.12.2 255.255.255.0 no sh int e0/1 ip address 10.1.24.2 255.255.255.0 no sh router ospf 110 router-id 22.22.22.22 network 10.1.12.2 0.0.0.0 area 0 network 10.1.24.2 0.0.0.0 area 1 ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 int e0/1 ip address 10.1.13.3 255.255.255.0 no sh int e0/0 ip address 10.1.35.3 255.255.255.0 no sh router ospf 110 router-id 33.33.33.110 network 10.1.13.3 0.0.0.0 area 2 router ospf 111 router-id 33.33.33.111 network 10.1.35.3 0.0.0.0 area 3 ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 4.4.4.4 255.255.255.255 int e0/1 ip address 10.1.24.4 255.255.255.0 no sh router ospf 110 router-id 44.44.44.44 network 4.4.4.4 0.0.0.0 area 1 network 10.1.24.4 0.0.0.0 area 1 ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 5.5.5.5 255.255.255.255 int e0/0 ip address 10.1.35.5 255.255.255.0 no sh router ospf 110 router-id 55.55.55.55 network 10.1.35.5 0.0.0.0 area 3 network 5.5.5.5 0.0.0.0 area 3
R3 上进行双向重发布
router ospf 110 router-id 33.33.33.110 redistribute ospf 111 metric 20 subnets network 10.1.13.3 0.0.0.0 area 2 router ospf 111 router-id 33.33.33.111 redistribute ospf 110 subnets network 10.1.35.3 0.0.0.0 area 3
2.8.2 使用隧道
Figure 28: 实验拓扑
R2 上进行 GRE 隧道配置
R2(config)#int tun2 R2(config-if)#tunnel source 192.168.23.2 R2(config-if)#tunnel destination 192.168.23.3 *Apr 29 05:45:55.479: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to up R2(config-if)#ip address 10.0.0.2 255.255.255.0 R2(config-if)#ip ospf 1 area 0
R3 上进行 GRE 隧道配置
R3(config)#int tun3 *Apr 29 05:46:51.458: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel3, changed state to down R3(config-if)#tunnel source 192.168.23.3 R3(config-if)#tunnel destination 192.168.23.2 *Apr 29 05:47:04.504: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel3, changed state to up R3(config-if)#ip address 10.0.0.3 255.255.255.0 R3(config-if)#ip ospf 1 area 0 R3(config-if)# *Apr 29 05:47:19.088: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel3 from LOADING to FULL, Loading Done
观察 R3 上的 OSPF 信息
R3#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 0 FULL/ - 00:00:31 10.0.0.2 Tunnel3 2.2.2.2 1 FULL/BDR 00:00:30 192.168.23.2 Ethernet0/0 4.4.4.4 1 FULL/DR 00:00:38 192.168.34.4 Ethernet0/1 R3#show ip route | begin Gateway Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/24 is directly connected, Tunnel3 L 10.0.0.3/32 is directly connected, Tunnel3 O 192.168.12.0/24 [110/1010] via 10.0.0.2, 00:07:11, Tunnel3 192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.23.0/24 is directly connected, Ethernet0/0 L 192.168.23.3/32 is directly connected, Ethernet0/0 192.168.34.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.34.0/24 is directly connected, Ethernet0/1 L 192.168.34.3/32 is directly connected, Ethernet0/1 R3#show ip ospf interface tun3 Tunnel3 is up, line protocol is up Internet Address 10.0.0.3/24, Area 0, Attached via Interface Enable Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_POINT, Cost: 1000 Topology-MTID Cost Disabled Shutdown Topology Name 0 1000 no no Base Enabled by interface config, including secondary ip addresses Transmit Delay is 1 sec, State POINT_TO_POINT Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:08 Supports Link-local Signaling (LLS) Cisco NSF helper support enabled IETF NSF helper support enabled Index 1/1/3, flood queue length 0 Next 0x0(0)/0x0(0)/0x0(0) Last flood scan length is 2, maximum is 2 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 2.2.2.2 Suppress hello for 0 neighbor(s)
观察 R3 发给 R2 的 Hello 包
2.8.3 虚链路
虚链路一般用于临时或备用的连接,且虚链路 只能穿越一个非骨干区域 ,在设计中应该 *避免*使用虚链路。
使用 隧道技术 可以在某些场景下替代虚链路,如 GRE 隧道。
Figure 30: 实验拓扑
配置 R3
R3(config)#router ospf 1 R3(config-router)#area 10 virtual-link 2.2.2.2 R3#show ip ospf virtual-links Virtual Link OSPF_VL0 to router 2.2.2.2 is up Run as demand circuit DoNotAge LSA allowed. Transit area 10, via interface Ethernet0/0 Topology-MTID Cost Disabled Shutdown Topology Name 0 10 no no Base Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00
配置 R2
R2(config)# *Apr 28 09:57:48.755: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from backbone area from 192.168.23.3, Ethernet0/1 R2(config)#router ospf 1 R2(config-router)#area 10 virtual-link 3.3.3.3 R2(config-router)# *Apr 28 09:57:58.092: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from backbone area from 192.168.23.3, Ethernet0/1 R2(config-router)# *Apr 28 09:57:59.205: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on OSPF_VL0 from LOADING to FULL, Loading Done R3#show ip ospf virtual-links Virtual Link OSPF_VL0 to router 2.2.2.2 is up Run as demand circuit DoNotAge LSA allowed. Transit area 10, via interface Ethernet0/0 Topology-MTID Cost Disabled Shutdown Topology Name 0 10 no no Base Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:03 Adjacency State FULL (Hello suppressed) Index 1/1/3, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) Last retransmission scan length is 0, maximum is 0 Last retransmission scan time is 0 msec, maximum is 0 msec
2.9 防环实验
2.9.1 LSA3 防环
Figure 31: 实验拓扑
将 R5 e0/0 端口 shutdown ,则 R4 和 R5 之间不能通信(虽然从物理上看 R5 可以借由 R3 到达 R4 ),这是因为 R3 是 ABR , R3 只会把属于区域 10 的 LSA1/2 汇总后作为 LSA3 发送给骨干区域,这样一来 R5 永远不会知道通过 R3 可以到达 R4 。
假设允许 R3 将 192.168.45.0/24 网段的信息传递给 AREA0 ,这样就会形成环路,即 AREA0 传来的路由信息再注入回 AREA0 ,不符合 OSPF 的防环设计原则。
2.10 路由选路优先级
Figure 32: 实验拓扑
从物理拓扑上看,R3 访问 1.1.1.1/32 的最佳下一跳应为 R2 ,但是 R3 的路由表却显示:
R3#show ip route
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/101] via 192.168.13.1, 00:00:59, Ethernet0/0 # 去往 1.1.1.1 走 R1
O 192.168.12.0/24 [110/101] via 192.168.13.1, 00:00:59, Ethernet0/0
192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.13.0/24 is directly connected, Ethernet0/0
L 192.168.13.3/32 is directly connected, Ethernet0/0
192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.23.0/24 is directly connected, Ethernet0/1
L 192.168.23.3/32 is directly connected, Ethernet0/1
192.168.34.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.34.0/24 is directly connected, Ethernet0/2
L 192.168.34.3/32 is directly connected, Ethernet0/2
这是 OSPF 选路优先级在起作用,虽然 R3 能收到来自 AREA 0 的 LSA3 ,并知道借由 R2 去往 1.1.1.1/32 才是最优路径(O IA):
R3#show ip ospf 1 10 database summary 1.1.1.1
OSPF Router with ID (3.3.3.3) (Process ID 1)
Summary Net Link States (Area 10)
LS age: 1097
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 1.1.1.1 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000003
Checksum: 0x2FFD
Length: 28
Network Mask: /32
MTID: 0 Metric: 2
LS age: 500
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 1.1.1.1 (summary Network Number)
Advertising Router: 3.3.3.3
LS Seq Number: 80000001
Checksum: 0xF6D0
Length: 28
Network Mask: /32
MTID: 0 Metric: 101
但是 R3 作为 ABR 也能通过 LSA1/2 (结合 SPF 算法) 计算出一条路由(O) ,而且 AREA 0 中,R2 和 R3 并不是邻居:
R3#show ip ospf 1 0 neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/DR 00:00:34 192.168.13.1 Ethernet0/0 # R3 只与 R1 是邻居关系
因为 O 路由的优先级大于 O IA ,因此选择了物理上次优的路由。
通过在 R2 和 R3 间建立虚链路可以优化路径,这是因为虚链路使得 R3 和 R2 建立了邻居关系。
2.11 网络类型
| 类型 | 通信方式 | 有无 DR | 备注 |
|---|---|---|---|
| P2P | 支持广播 | 无 | |
| Broadcast | 支持广播 | 有 | |
| NBMA | 仅支持单播 | 有 | |
| P2MP | 支持广播 | 无 | 路由表中自动添加对端 主机路由 |
| P2MP NBMA | 仅支持单播 | 无 | 路由表中自动添加对端 主机路由 |
2.11.1 P2P
Figure 33: P2P 实验拓扑
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 int s1/0 ip address 10.1.12.1 255.255.255.0 ip ospf network point-to-point no sh int s1/1 ip address 10.1.13.1 255.255.255.0 ip ospf network point-to-point no sh router ospf 110 router-id 11.11.11.11 network 10.1.12.1 0.0.0.0 area 0 network 10.1.13.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 int s1/0 ip address 10.1.12.2 255.255.255.0 ip ospf network point-to-point no sh router ospf 110 router-id 22.22.22.22 network 10.1.12.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 int s1/0 ip address 10.1.13.3 255.255.255.0 ip ospf network point-to-point no sh router ospf 110 router-id 33.33.33.33 network 10.1.13.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0
R1 的 OSPF 邻居
R1#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 33.33.33.33 0 FULL/ - 00:00:33 10.1.13.3 Serial1/1 22.22.22.22 0 FULL/ - 00:00:34 10.1.12.2 Serial1/0
R2 的路由表
R2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 10.1.12.1, 00:03:47, Serial1/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/129] via 10.1.12.1, 00:03:47, Serial1/0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.1.12.0/24 is directly connected, Serial1/0
L 10.1.12.2/32 is directly connected, Serial1/0
O 10.1.13.0/24 [110/128] via 10.1.12.1, 00:03:47, Serial1/0
2.11.2 P2MP
Figure 34: 实验拓扑
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 int e0/0 ip address 123.1.1.1 255.255.255.0 ip ospf network point-to-multipoint no sh router ospf 110 router-id 11.11.11.11 network 123.1.1.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 int e0/0 ip address 123.1.1.2 255.255.255.0 ip ospf network point-to-multipoint no sh router ospf 110 router-id 22.22.22.22 network 123.1.1.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 int e0/0 ip address 123.1.1.3 255.255.255.0 ip ospf network point-to-multipoint no sh router ospf 110 router-id 33.33.33.33 network 123.1.1.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0
R2 的 OSPF 信息
R2#sh ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Lo0 110 0 2.2.2.2/32 1 LOOP 0/0 Et0/0 110 0 123.1.1.2/24 10 P2MP 2/2 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 33.33.33.33 0 FULL/ - 00:01:47 123.1.1.3 Ethernet0/0 11.11.11.11 0 FULL/ - 00:01:49 123.1.1.1 Ethernet0/0
R2 路由表
R2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 123.1.1.1, 00:04:18, Ethernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 123.1.1.3, 00:03:29, Ethernet0/0
123.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 123.1.1.0/24 is directly connected, Ethernet0/0
O 123.1.1.1/32 [110/10] via 123.1.1.1, 00:04:18, Ethernet0/0 ! 自动添加的主机路由
L 123.1.1.2/32 is directly connected, Ethernet0/0
O 123.1.1.3/32 [110/10] via 123.1.1.3, 00:03:29, Ethernet0/0
2.11.3 P2MP NBMA
Figure 35: 实验拓扑
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 int e0/0 ip address 123.1.1.1 255.255.255.0 ip ospf network point-to-multipoint non-broadcast no sh router ospf 110 router-id 11.11.11.11 network 123.1.1.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 int e0/0 ip address 123.1.1.2 255.255.255.0 ip ospf network point-to-multipoint non-broadcast no sh router ospf 110 router-id 22.22.22.22 neighbor 123.1.1.1 network 123.1.1.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 int e0/0 ip address 123.1.1.3 255.255.255.0 ip ospf network point-to-multipoint non-broadcast no sh router ospf 110 router-id 33.33.33.33 neighbor 123.1.1.1 network 123.1.1.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0
R2 OSPF 信息
R2#sh ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Lo0 110 0 2.2.2.2/32 1 LOOP 0/0 Et0/0 110 0 123.1.1.2/24 10 P2MP 1/1 R2#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 11.11.11.11 0 FULL/ - 00:01:40 123.1.1.1 Ethernet0/0
R2 路由表
R2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 123.1.1.1, 00:05:49, Ethernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/21] via 123.1.1.1, 00:05:22, Ethernet0/0
123.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 123.1.1.0/24 is directly connected, Ethernet0/0
O 123.1.1.1/32 [110/10] via 123.1.1.1, 00:05:49, Ethernet0/0
L 123.1.1.2/32 is directly connected, Ethernet0/0
O 123.1.1.3/32 [110/20] via 123.1.1.1, 00:05:22, Ethernet0/0
2.11.4 NBMA
Figure 36: 实验拓扑
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 int e0/0 ip address 123.1.1.1 255.255.255.0 ip ospf network non-broadcast no sh router ospf 110 router-id 11.11.11.11 network 123.1.1.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 int e0/0 ip address 123.1.1.2 255.255.255.0 ip ospf priority 0 ip ospf network non-broadcast no sh router ospf 110 router-id 22.22.22.22 neighbor 123.1.1.1 network 123.1.1.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 int e0/0 ip address 123.1.1.3 255.255.255.0 ip ospf priority 0 ip ospf network non-broadcast no sh router ospf 110 router-id 33.33.33.33 neighbor 123.1.1.1 network 123.1.1.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0
R1 OSPF 信息
R1#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 22.22.22.22 0 FULL/DROTHER 00:01:36 123.1.1.2 Ethernet0/0 33.33.33.33 0 FULL/DROTHER 00:01:59 123.1.1.3 Ethernet0/0
R2 OSPF 信息
R2#sh ip os neighbor Neighbor ID Pri State Dead Time Address Interface 11.11.11.11 1 FULL/DR 00:01:38 123.1.1.1 Ethernet0/0
R2 路由信息
R2#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 123.1.1.1, 01:51:59, Ethernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 123.1.1.3, 01:46:07, Ethernet0/0
123.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 123.1.1.0/24 is directly connected, Ethernet0/0
L 123.1.1.2/32 is directly connected, Ethernet0/0