OSPF详细配置

OSPF详细配置
启用OSPF动态路由协议
routerospf进程号

进程号可以随意设置，只标识ospf为本路由器内的一个进程

定义参与ospf的子网.该子网属于哪一个OSPF路由信息交换区域。
networkip子网号通配符area区域号

路由器将限制只能在相同区域内交换子网信息，不同区域间不交换路由信息。另外，区域0为主干OSPF区域。不同区域交换路由信息必须经过区域0。一般地，某一区域要接入OSPF0路由区域，该区域必须至少有一台路由器为区域边缘路由器，即它既参与本区域路由又参与区域0路由。

OSPF区域间的路由信息总结
如果区域中的子网是连续的，则区域边缘路由器向外传播给路由信息时，采用路由总结功能后，路由器就会将所有这些连续的子网总结为一条路由传播给其它区域，则在其它区域内的路由器看到这个区域的路由就只有一条。这样可以节省路由时所需网络带宽。

设置对某一特定范围的子网进行总结：area区域号range子网范围掩码

指明网络类型在需要进行OSPF路由信息的端口中，设置：
ipospfnetworkbroadcast或non-broadcast或point-to-mutlipoint

一般地，对于DDN，帧中继和X.25属于非广播型的网络，即non-broadcast

对于非广播型的网络连接，需指明路由器的相邻路由器
neighbor相邻路由器的相邻端口的IP地址

通过以上配置，路由器之间就可以完成交换路由信息了，其它设置，为了防止路由信息被窃取，可以对OSPF进行安全设置，只有合法的同一区域的路由器之间才能交换路由信息。

　

设置步骤

设置某区域使用安全设置MD5方式
area区域标号autherficationmessage-digest

可以采用明文方式，但建议采用MD5方式，较安全。

设置某端口验证其相邻路由器相邻端口时的MD5口令，在端口设置模式下
ipospfmessage-digest-key口令标号MD5口令字符串

其中，在同一区域的相邻路由器的相邻端口的口令标号及口令字符串必须相同，同一路由器的不同端口的MD5口令可以不同，也可以某些端口使用安全设置，某些端口不使用安全设置。

　

实例1无安全，无路由总结的OSPF设置


2511－1的设置

Currentconfiguration：

！

version11.3

noservicepassword-encryption

!

hostname2511-1

!

enablepasswordcisco

!

interfaceEthernet0

ipaddress192.4.1.1255.255.255.0

!

interfaceSerial0

ipaddress192.3.1.1255.255.255.0

encapsulationframe-relayIETF

noipmroute-cache

bandwidth2000

frame-relaymapip192.3.1.2100broadcast

frame-relaylmi-typecisco

!

interfaceSerial1

ipaddress192.1.1.1255.255.255.0

encapsulationppp

bandwidth64

!

routerospf1

passive-interfaceEthernet0

network192.1.1.00.0.0.255area0

network192.3.1.00.0.0.255area0

network192.4.1.00.0.0.255area0

neighbor192.1.1.2priority1

neighbor192.3.1.2priority1

!

ipclassless

!

linecon0

line18

lineaux0

linevty04

!

end

2505的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostname2505

!

enablesecret5$1$GbYT$OR05giiLZxI4hEAO0F8kV1

!

hubether01

link-test

auto-polarity

!

hubether02

link-test

auto-polarity

!

hubether03

link-test

auto-polarity

!

hubether04

link-test

auto-polarity

!

hubether05

link-test

auto-polarity

!

hubether06

link-test

auto-polarity

!

hubether07

link-test

auto-polarity

!

hubether08

link-test

auto-polarity

!

interfaceEthernet0

ipaddress192.1.4.1255.255.255.0

!

interfaceSerial0

ipaddress192.1.2.1255.255.255.0

ipospfnetworknon-broadcast

bandwidth2000

clockrate2000000

!

interfaceSerial1

ipaddress192.1.1.2255.255.255.0

enpsurationppp

ipospfnetworknon-broadcast

bandwidth64

clockrate64000

!

routerospf1

passive-interfaceEthernet0

network192.1.1.00.0.0.255area0

network192.1.2.00.0.0.255area2

network192.1.4.00.0.0.255area2

neighbor192.1.1.1priority1

neighbor192.1.2.2priority1

!

noipclassless

ipospfname-lookup

!

linecon0

lineaux0

linevty04

login

!

end

internal-2的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostnameinternal-2

!

enablesecret5$1$KX00$rTI/2TvDokWxT4xC6wvmi/

!

interfaceEthernet0

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.1.2.2255.255.255.0

ipospfnetworknon-broadcast

!

interfaceSerial1

noipaddress

shutdown

!

routerospf1

network192.1.2.00.0.0.255area2

neighbor192.1.2.1priority1

!

noipclassless

!

linecon0

line116

lineaux0

linevty04

!

end

　

2514的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostname2514

!

enablesecret5$1$uoHU$Vks/lYCRi33z4TXs4qekI0

!

frame-relayswitching

!

interfaceEthernet0

ipaddress192.5.1.1255.255.255.0

!

interfaceEthernet1

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.3.1.2255.255.255.0

encapsulationframe-relayIETF

bandwidth2000

clockrate2000000

frame-relaymapip192.3.1.1100broadcast

frame-relayintf-typedce

!

interfaceSerial1

ipaddress192.2.1.1255.255.255.0

noipmroute-cache

encapsulationX25dce

bandwidth64

x25address1234

x25htc16

x25nvc4

x25mapip192.2.1.25678broadcast

clockrate64000

!

routerospf1

passive-interfaceEthernet0

network192.3.1.00.0.0.255area0

network192.2.1.00.0.0.255area0

network192.5.1.00.0.0.255area0

neighbor192.2.1.2priority1

neighbor192.3.1.1priority1

!

noipclassless

!

linecon0

lineaux0

linevty04

login

!

end

　

2511-2的设置

Buildingconfiguration...

Currentconfiguration:

!

version11.3

noservicepassword-encryption

!

hostname2511-2

!

enablesecret5$1$7o5F$MSyFWzVf6JBgnjLJghHSB.

!

interfaceEthernet0

ipaddress192.2.4.1255.255.255.0

!

interfaceSerial0

ipaddress192.2.1.2255.255.255.0

encapsulationx25

noipmroute-cache

x25address5678

x25htc16

x25nvc4

x25mapip192.2.1.11234broadcast

!

interfaceSerial1

ipaddress192.2.2.1255.255.255.0

ipospfnetworknon-broadcast

noipmroute-cache

bandwidth2000

clockrate2000000

!

routerospf1

passive-interfaceEthernet0

network192.2.2.00.0.0.255area1

network192.2.4.00.0.0.255area1

network192.2.1.00.0.0.255area0

neighbor192.2.1.1piority1

neighbor192.2.2.2piority1

!

ipclassless

!

linecon0

line18

lineaux0

linevty04

!

end

internal-1的设置

Buildingconfiguration...

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostnameinternal-1

!

enablesecret5$1$cF2M$z2T8Ohij5q/yn2RsiVaGE/

!

interfaceEthernet0

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.2.2.2255.255.255.0

ipospfnetworknon-broadcast

!

interfaceSerial1

noipaddress

shutdown

!

routerospf10

network192.2.2.00.0.0.255area1

neighbor192.2.2.1priority1

!

noipclassless

!

linecon0

line116

lineaux0

linevty04

login

!

end

　

实例2有安全，路由总结的OSPF设置

　

　


　internal-2的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostnameinternal-2

!

enablesecret5$1$KX00$rTI/2TvDokWxT4xC6wvmi/

!

interfaceEthernet0

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.1.2.2255.255.255.0

ipospfmessage-digest-key1md5cisco

ipospfnetworknon-broadcast

!

interfaceSerial1

noipaddress

shutdown

!

routerospf1

network192.1.2.00.0.0.255area2

neighbor192.1.2.1priority1

area2authenticationmessage-digest

!

noipclassless

!

linecon0

line116

lineaux0

linevty04

login

!

end

2505的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostname2505

!

enablesecret5$1$b43o$CpEYSTC2EPwnR1QGvIm//

!

username2511-1password7104D000A0618

!

hubether01

link-test

auto-polarity

!

hubether02

link-test

auto-polarity

!

hubether03

link-test

auto-polarity

!

hubether04

link-test

auto-polarity

!

hubether05

link-test

auto-polarity

!

hubether06

link-test

auto-polarity

!

hubether07

link-test

auto-polarity

!

hubether08

link-test

auto-polarity

!

interfaceEthernet0

ipaddress192.1.4.1255.255.255.0

!

interfaceSerial0

ipaddress192.1.2.1255.255.255.0

ipospfmessage-digest–key1md5cisco

ipospfnetworknon-broadcast

bandwidth2000

clockrate2000000

!

interfaceSerial1

ipaddress192.7.1.2255.255.255.0

enpsulationppp

ipospfmessage-digest-key1md5kim

ipospfnetworknon-broadcast

bandwidth64

clockrate64000

pppauthenticationchap

!

routerospf1

passive-interfaceEthernet0

network192.1.2.00.0.0.255area2

network192.1.4.00.0.0.255area2

network192.7.1.00.0.0.255area0

neighbor192.7.1.1priority1

neighbor192.1.2.2priority1

area0authenticationmessage-digest

area2authenticationmessage-digest

area2range192.1.0.0255.255.0.0

!

noipclassless

ipospfname-lookup

!

linecon0

lineaux0

linevty04

login

!

end

2511－1的设置

Currentconfiguration：

！

version11.3

noservicepassword-encryption

!

hostname2511-1

!

enablepasswordcisco

!

username2505passweord0cisco

noipdomain-lookup

!

interfaceEthernet0

ipaddress192.4.1.1255.255.255.0

!

interfaceSerial0

ipaddress192.3.1.1255.255.255.0

encapsulationframe-relayIETF

ipospfmessage-digest-key1md5kim

noipmroute-cache

bandwidth2000

frame-relaymapip192.3.1.2100broadcast

frame-relaylmi-typecisco

!

interfaceSerial1

ipaddress192.7.1.1255.255.255.0

encapsulationppp

ipospfmessage-digest-key1md5kim

ipospfnetworknon-broadcast

bandwidth64

pppauthenticationchap

!

routerospf1

passive-interfaceEthernet0

network192.3.1.00.0.0.255area0

network192.4.1.00.0.0.255area0

network192.7.1.00.0.0.255area0

neighbor192.7.1.2priority1

neighbor192.3.1.2priority1

area0authenticationmessage-digest

!

noipclassless

!

linecon0

line18

lineaux0

linevty04

login

!

end

2514的设置

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostname2514

!

enablesecret5$1$uoHU$Vks/lYCRi33z4TXs4qekI0

!

frame-relayswitching

!

interfaceEthernet0

ipaddress192.5.1.1255.255.255.0

!

interfaceEthernet1

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.3.1.2255.255.255.0

encapsulationframe-relayIETF

ipospfmessage-digest-key1md5kim

bandwidth2000

clockrate2000000

frame-relaymapip192.3.1.1100broadcast

frame-relayintf-typedce

!

interfaceSerial1

ipaddress192.8.1.1255.255.255.0

noipmroute-cache

encapsulationX25dce

ipospfmessage-digest-key2md5cisco

bandwidth64

x25address1234

x25htc16

x25nvc4

x25mapip192.8.1.25678broadcast

clockrate64000

!

routerospf1

network192.3.1.00.0.0.255area0

network192.5.1.00.0.0.255area0

network192.8.1.00.0.0.255area0

neighbor192.8.1.2priority1

neighbor192.3.1.1priority1

area0authenticationmessage-digest

!

noipclassless

!

linecon0

lineaux0

linevty04

login

!

end

2511-2的设置

Currentconfiguration:

version11.3

noservicepassword-encryption

!

hostname2511-2

!

enablesecret5$1$7o5F$MSyFWzVf6JBgnjLJghHSB.

!

!

interfaceEthernet0

ipaddress192.2.4.1255.255.255.0

!

interfaceSerial0

ipaddress192.8.1.2255.255.255.0

encapsulationx25

ipospfmessage-digest-key2md5cisco

noipmroute-cache

x25address5678

x25htc16

x25nvc4

x25mapip192.8.1.11234broadcast

!

interfaceSerial1

ipaddress192.2.2.1255.255.255.0

ipospfauthentication-keykim

ipospfnetworknon-broadcast

noipmroute-cache

bandwidth2000

clockrate2000000

!

routerospf1

passive-interfaceEthernet0

network192.2.2.00.0.0.255area1

network192.2.4.00.0.0.255area1

network192.8.1.00.0.0.255area0

neighbor192.8.1.1priority1

neighbor192.2.2.2priority1

area0authenticationmessage-digest

area1authentication(疑应加上message-digest，但原文如此)

area1range192.2.0.0255.255.0.0

!

ipclassless

!

linecon0

line18

lineaux0

linevty04

login

!

end

internal-1的设置

Buildingconfiguration...

Currentconfiguration:

!

version11.2

noserviceudp-small-servers

noservicetcp-small-servers

!

hostnameinternal-1

!

enablesecret5$1$cF2M$z2T8Ohij5q/yn2RsiVaGE/

!

interfaceEthernet0

noipaddress

shutdown

!

interfaceSerial0

ipaddress192.2.2.2255.255.255.0

ipospfauthentication-keykim

ipospfnetworknon-broadcast

!

interfaceSerial1

noipaddress

shutdown

!

routerospf1

network92.2.2.00.0.0.255area1

neighbor192.2.2.1priority1

area1authentication

!

noipclassless

!

linecon0

line116

lineaux0

linevty04

login

!

end

• · MPLS技术在企业网中的应用
• · MPLS架构下的移动IP技术
• · GMPLS链路的保护与恢复
• · GMPLS--IP与WDM无缝结合的关键
• · MPLS：IP和ATM融合模型
• · MPLS技术及其应用
• · MPLS OAM技术
• · GMPLS的关键技术
• · MPLS交换路由器的设计与实现
• · GMPLS中的标记分配协议研究
• · 基于GMPLS自动交换光网络智能设计
• · MPLS VPN价值空间及业务空间定位
• · 三层MPLS VPN及其故障处理
• · GMPLS助光网络向前发展
• · MPLS技术研究及应用
• · 基于ATM的MPLS域的可扩展性研究
• · VoIP在基于MPLS集成模型中QoS技术
• · 移动数据：迁移到MPLS
• · 利用RPR和MPLS提高MSTP网络效能
• · 组播在MPLS VPN网络中的实现
• · 运营商在实施MPLS TE时需要关注问题
• · BGP/MPLS VPN的实现技术
• · MPLS优化IP城域层
• · GMPLS 的关键技术
• · 多协议交换GMPLS前瞻
• · MPLS VPN的原理及构建
• · 在MPLS上做文章
• · 三层MPLS VPN及其故障处理
• · 多协议标志交换(MPLS)基本原理
• · MPLS VPN技术原理(四)
• · MPLS VPN技术原理(三)
• · MPLS VPN技术原理(二)
• · MPLS VPN技术原理(一)
• · mpls VPN-IPv4地址结构
• · MPLS包头结构在协议栈中的位置
• · 实施MPLS-VPN网络运营新商机
• · 透视GMPLS技术
• · 如何在MPLS上实现VPN