OSPF协议学习笔记(二)-白红宇

九、OSPF

基本命令：

R1(config)#router ospf 进程号 //指定使用OSPF协议

R1(config-router)#network 接口IP 0.0.0.0(反掩码) area 区域号

R1(config-router)#router-id ip地址 //手工指定router-id

备注：如果router-id已经产生，要改变router-id则必须手工指定，且必须重启OSPF进程才生效。

重启OSPF进程：R1#clear ip ospf process

反掩码是: 1 和 0 反转的子网掩码，即用255.255.255.255减去原掩码得出反掩码，又称为通配符，0位表示必须匹配，1位表示不必匹配。例如：

Router(config)# network 2.3.6.0 0.0.0.255 area 0

表示可以是 2.3.6.0 这个网段的任意主机

Router(config)# network 2.2.2.2 0.0.0.0 area 0

表示唯一地址为 2.2.2.2 （常用于设定接口地址****经常使用）

Router(config)# network 0.0.0.0 0.0.0.0 area 0

表示可以是任意网段的任意主机

在存在双链路的网络环境中，可以实现等价负载均衡

通过修改链路成本实现：进入接口模式

r1(config)#interface 接口编号

r1(config-if)#ip ospf cost 成本(1-65535)

配置相关的接口参数：

hello时间：在接口模式下：

r1(config)#interface 接口编号

r1(config-if)#ip ospf hello-interval 时间

**两台路由器相连的接口都要修改，保持时间默认会是hello的时间4倍

保持时间：

hello时间：在接口模式下：

r1(config)#interface 接口编号

r1(config-if)#ip ospf dead-interval 时间

查看OSPF配置命令：

查看OPSF邻居表：

r1#show ip ospf neighbors

查看rouer-id，管理距离:

r1#show ip protocols

查看接口的相关OSPF属性：r1#show ip ospf interface 接口

可以看到hello时间，保持时间，接口类型等等

ospf学习到的路由条目用字母O表示，即同一个区域内所学到的，管理距离值110

设置接口的优先级:

R1(config)# interface s0

R1(config-if)#

ip ospf priority 100

显示接口的优先级信息

R1# show ip ospf interface s0

配置OSPF的网络类型：

R1 (config-if) # ip ospf network {broadcast | point-to-point | point-to-multicast}

OSPF的认证：

为了安全的原因，在相同OSPF区域的路由器上启用身份验证的功能，只有经过身份验证的同一区域的路由器才能互相通告路由信息。

OSPF的纯文本验证：

简单的纯文本验证允许一个区只配置一个密码(Password)同一个区中的路由器要想参与路由，他们必须配置相同的密码。这种方法的缺点是易受攻击。

使用下面的命令启动密码验证：

R1(config-if)

#ip ospf authentication-key mypassword

R1(config-router)#area 0 authentication //”0”是area的ID

OSPF的MD5认证：

MD5（Message Digest Authentication）是采用加密验证，每个路由器上都必须配置密码和密码ID。路由器使用一种算法，基于OSPF报文、密码和密码ID产生一个 “Message Digest”,然后加到OSPF报文中。不像简单密码验证，MD5验证密码不在网络上传输。每个OSPF报文中还包含有一个序列号以保护网络不受攻击。

使用下面的命令来配置MD5验证：

R1(config-if)

#ip ospf message-digest-key <key-id> md5 <key>

R1(config-router)#area 0 authentication message-digest

十、实例：

下面网络拓朴图中配置OSPF协议，并且在R2与R3实现等负载均衡，并且手动修改R2的router-id为10.10.10.10，查看DR和BDR路由是哪个？查看Router ID？通过改变RID来改变DR和BDR。

三个路由器基配置

enable

configure terminal

no ip domain-lookup

line console 0

no exec-timeout

logging syn

password cisco

hostname r1

interface l0

ip add 1.1.1.1 255.255.255.0

no sh

interface s0/0

ip address 192.1.1.1 255.255.255.0

no shutdown

router ospf 1

network 192.1.1.1 0.0.0.0 area 0

network 1.1.1.1 0.0.0.0 area 0

enable

configure terminal

no ip domain-lookup

line console 0

no exec-timeout

logging syn

password cisco

hostname r2

interface l0

ip add 2.2.2.2 255.255.255.0

no sh

interface s0/0

ip address 192.1.1.2 255.255.255.0

no shutdown

interface s0/1

ip address 193.1.1.2 255.255.255.0

no shutdown

interface f1/0

ip address 194.1.1.2 255.255.255.0

no shutdown

router ospf 1

network 192.1.1.2 0.0.0.0 area 0

network 193.1.1.2 0.0.0.0 area 0

network 194.1.1.2 0.0.0.0 area 0

network 2.2.2.2 0.0.0.0 area 0

enable

configure terminal

no ip domain-lookup

line console 0

no exec-timeout

logging syn

password cisco

hostname r3

interface l0

ip add 3.3.3.3 255.255.255.0

no sh

interface s0/1

ip address 193.1.1.1 255.255.255.0

no shutdown

interface f1/0

ip address 194.1.1.1 255.255.255.0

no shutdown

router ospf 1

network 193.1.1.1 0.0.0.0 area 0

network 194.1.1.1 0.0.0.0 area 0

network 3.3.3.3 0.0.0.0 area 0

1、查看DR和BDR路由：

r2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

3.3.3.3 1 FULL/BDR 00:00:32 194.1.1.1 FastEthernet1/0

1.1.1.1 0 FULL/ - 00:00:39 192.1.1.1 Serial0/0

显示R2是DR，R3是BDR

2、查看R2的Router ID

r2#sho ip protocols

Routing Protocol is "ospf 1"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 2.2.2.2

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

2.2.2.2 0.0.0.0 area 0

192.1.1.2 0.0.0.0 area 0

193.1.1.2 0.0.0.0 area 0

194.1.1.2 0.0.0.0 area 0

Reference bandwidth unit is 100 mbps

Routing Information Sources:

Gateway Distance Last Update

3.3.3.3 110 00:14:50

1.1.1.1 110 00:14:50

Distance: (default is 110)

显示Router ID为:2.2.2.2

3、改变其Router ID:

r2(config)#router ospf 1

r2(config-router)#router-id 10.10.10.10

Reload or use "clear ip ospf process" command, for this to take effect

r2(config-router)#end

r2#clear ip ospf process

Reset ALL OSPF processes? [no]: yes

r2#sh ip protocols

Routing Protocol is "ospf 1"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 10.10.10.10

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

2.2.2.2 0.0.0.0 area 0

192.1.1.2 0.0.0.0 area 0

193.1.1.2 0.0.0.0 area 0

194.1.1.2 0.0.0.0 area 0

Reference bandwidth unit is 100 mbps

Routing Information Sources:

Gateway Distance Last Update

3.3.3.3 110 00:19:38

1.1.1.1 110 00:00:12

Distance: (default is 110)

4、查看R2路由器的DR和BDR路由信息：

r2#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface

3.3.3.3 1 FULL/DR 00:00:32 194.1.1.1 FastEthernet1/0

1.1.1.1 0 FULL/ - 00:00:39 192.1.1.1 Serial0/0

显示R2变成BDR，R3变成DR

5、再到R3重启OSPF协议

r3#clear ip ospf pr

r3#clear ip ospf process

Reset ALL OSPF processes? [no]: yes

再查看R2信息，又变回来了。

r2#sh ip ospf nei

Neighbor ID Pri State Dead Time Address Interface

3.3.3.3 1 FULL/BDR 00:00:34 194.1.1.1 FastEthernet1/0

1.1.1.1 0 FULL/ - 00:00:33 192.1.1.1 Serial0/0

1、通过改变路由器接口的Cost来实现R2与R3负载均衡

R2和R3有两条连接一个s0/1和f1/0，成本cost分别为64和1，所以在R2上到3.3.3.3路由表是194.1.1.1。

r2#sh ip ospf interface s0/1

Serial0/1 is up, line protocol is up

Internet Address 193.1.1.2/24, Area 0

Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT,

Cost: 64

Transmit Delay is 1 sec, State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

oob-resync timeout 40

Hello due in 00:00:06

Supports Link-local Signaling (LLS)

Index 2/2, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 1, maximum is 1

Last flood scan time is 0 msec, maximum is 0 msec

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 3.3.3.3

Suppress hello for 0 neighbor(s)

r2#sh ip ospf interface f1/0

FastEthernet1/0 is up, line protocol is up

Internet Address 194.1.1.2/24, Area 0

Process ID 1, Router ID 2.2.2.2, Network Type BROADCAST,

Cost: 1

Transmit Delay is 1 sec, State DR, Priority 1

Designated Router (ID) 2.2.2.2, Interface address 194.1.1.2

Backup Designated router (ID) 3.3.3.3, Interface address 194.1.1.1

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

oob-resync timeout 40

Hello due in 00:00:03

Supports Link-local Signaling (LLS)

Index 3/3, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 1, maximum is 2

Last flood scan time is 0 msec, maximum is 4 msec

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 3.3.3.3 (Backup Designated Router)

Suppress hello for 0 neighbor(s)

r2#sh ip route

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/65] via 192.1.1.1, 00:03:18, Serial0/0

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

3.0.0.0/32 is subnetted, 1 subnets

O 3.3.3.3 [110/2] via 194.1.1.1, 00:03:18, FastEthernet1/0

C 193.1.1.0/24 is directly connected, Serial0/1

C 192.1.1.0/24 is directly connected, Serial0/0

C 194.1.1.0/24 is directly connected, FastEthernet1/0

改变R2

的s0/1

接口cost

为1

r2(config)#interface s0/1

r2(config-if)#ip ospf cost 1

r2#sh ip ospf interface s0/1

Serial0/1 is up, line protocol is up

Internet Address 193.1.1.2/24, Area 0

Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost: 1

Transmit Delay is 1 sec, State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

oob-resync timeout 40

Hello due in 00:00:01

Supports Link-local Signaling (LLS)

Index 2/2, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 1, maximum is 1

Last flood scan time is 0 msec, maximum is 0 msec

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 3.3.3.3

Suppress hello for 0 neighbor(s)

修改成功，再查看R2的路由表，到达3.3.3.3有两条路由条目了。

r2#sh ip route

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/65] via 192.1.1.1, 00:00:00, Serial0/0

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

3.0.0.0/32 is subnetted, 1 subnets

O 3.3.3.3 [110/2] via 194.1.1.1, 00:00:00, FastEthernet1/0

[110/2] via 193.1.1.1, 00:00:00, Serial0/1

C 193.1.1.0/24 is directly connected, Serial0/1

C 192.1.1.0/24 is directly connected, Serial0/0

C 194.1.1.0/24 is directly connected, FastEthernet1/0

十一、处理OSPF故障常用命令

OSPF是链路状态协议，维护3个数据库：相邻数据库、拓扑结构数据库、路由表。

OSPF相关的show命令：

Show running-config

Show ip route

Show ip route ospf ；仅显示OSPF路由

Show ip ospf process-id ；显示与特定进程ID相关的信息

Show ip ospf ；显示OSPF相关信息

Show ip ospf border-routers ；显示边界路由器

Show ip ospf database ；显示OSPF的归纳数据库

Show ip ospf interface ；显示指定接口上的OSPF信息

Show ip ospf neighbor ；显示OSPF相邻信息

Show ip ospf request-list ；显示链路状态请求列表

Show ip ospf summary-address ；显示归纳路由的再发布信息

Show ip ospf virtual-links ；显示虚拟链路信息

Show ip interface ；显示接口的IP设置

OSPF相关的debug命令：

Debug ip ospf adj ；

Debug ip ospf events

Debug ip ospf flood

Debug ip ospf lsa-generation

Debug ip ospf packet

Debug ip ospf retransmission

Debug ip ospf spf

Debug ip ospf tree

常见的OSPF故障：OSPF的每个area不超过100台路由器，整个网络不超过700台路由器；通配符掩码配置不当；

本文转自成功不仅是个人荣誉，更是对家人责任博客51CTO博客，原文链接http://blog.51cto.com/hukunlin/272696如需转载请自行联系原作者

kunlin_hu