网络安全工程(实验14)将非直连路由宣告到OSPF中
实现目的:
R1的配置:
undo terminal monitor
system-view
sysname AR1
int g0/0/0
ip address 192.168.12.1 24
quit
int g0/0/1
ip address 192.168.67.6 24
quit
ip router-static 10.10.7.7 24 192.168.67.7
ospf 1 router-id 1.1.1.1
quit
area 12
network 192.168.12.1 0.0.0.0
R2的配置:
undo terminal monitor
system-view
sysname AR2
int g0/0/1
ip address 192.168.12.2 24
quit
int g0/0/0
ip address 192.168.23.2 24
quit
ospf 2 router-id 2.2.2.2
area 0
network 192.168.23.2 0.0.0.0
quit
area 12
network 192.168.12.2 0.0.0.0
quit
R3的配置:
undo terminal monitor
system-view
sysname AR3
int g0/0/0
ip address 192.168.23.3 24
quit
int g0/0/1
ip address 192.168.34.3 24
quit
ospf 3 router-id 3.3.3.3
area 0
network 192.168.23.3 0.0.0.0
network 192.168.34.3 0.0.0.0
quit
R4的配置:
undo terminal monitor
system-view
sysname AR4
int g0/0/0
ip address 192.168.34.4 24
quit
ospf 4 router-id 4.4.4.4
area 0
network 192.168.34.4 0.0.0.0
R5的配置:
undo terminal monitor
system-view
sysname AR5
int g0/0/0
ip address 192.168.67.7 24
quit
interface loopback0
ip address 10.10.7.7 24
quit
使用display ip routing-table 查看路由表是否存在AR5的loopback的网段10.10.7.0的静态路由
AR2与AR5不存在10.10.7.0的路由条目
查看OSPF邻居:display ospf peer brief
AR1上的g0/0/0的ip地址可以ping通 AR4的g0/0/0的ip地址:
AR4上的g0/0/0的ip地址可以ping通 AR1的g0/0/0的ip地址:
查看OSPF的路由器角色:display ospf brief
由此可以看出AR2是区域边界路由器
查看OSPF的数据库:display ospf lsdb
AR4是不能与AR5的环回口通信的:
现在在AR1的OSPF进程1中宣告默认路由,将路由表中的非直连路由宣告到OSPF中:
[AR1]ospf 1
[AR1-ospf-1]import-route static
[AR1-ospf-1]
查看AR2的链路状态数据库如下:
查看AR4的链路状态数据库如下:
最关键的一步:
最后给AR5配置默认路由:ip route-static 0.0.0.0 0.0.0.0 192.168.67.6
给AR5添加一台PC:
在AR1上配置默认路由:ip route-static 192.168.10.0 24 192.168.67.7
AR5配置接口g0/0/1 :ip address 192.168.10.254 24
实验测试:
用PC1 ping AR4的 g0/0/0----------------- ping 192.168.34.4
用AR4ping AR5的loopback口 ---------------ping 10.10.7.7
浙公网安备 33010602011771号