OSPF comprehensive experiment

OSPF：

Open shortest path first protocol

Classless link state igp agreement ; Cycle update (30min)+ Trigger update ; The update amount of link state protocol increases exponentially with the expansion of network range , therefore ospf The protocol is designed to work in medium and large networks , Need structured deployment - Zoning 、 reasonable ip Address planning ; Multicast update --- 224.0.0.5 224.0.0.6

Topology ：

1. The experimental requirements ：

（1）.R1-3 Is the region 0,R3 To R4 Is the region 1, among R3 The loop back is also in the area 0

（2）.R1-R3  R3 by DR equipment , No, BDR

（3）.R4 Loopback address fixed , Other network segments use 192.168.1.0/24 Make a reasonable distribution

（4）. Loopback cannot declare , Network wide accessibility , To ensure the security of updates , Avoid loops , Reduce the number of routing entries

2. Experimental thinking ：

（1）. Relative to area Yes ip 192.168.1.0/24 Divide the subnet （）

0 Area （area 0）

192.168.1.0/24
192.168.1.0/25
0000 0000
192.168.1.0/28
192.168.1.16/28
192.168.1.32/28
192.168.1.48/28
192.168.1.64/28

1 Area （area 1）

192.168.1.128/25

（2） To configure ： Start with the router ip To configure .; The router does SPF To configure ： because R4 Loopback cannot pass OSPF Declare , So use the default route （ The whole network can reach ）; stay 0 Area definition priority , Realization DR( Adjacency relations ) To configure ; Yes OSPF authentication （ encryption ） Realize the security of transmission , Because some network segments are not used when dividing subnets , Routing black holes tend to appear , So we need to correct the routing AR7 Define an empty interface , Prevent routing black holes .

3. Configuration command

First configure each interface of the router ip:

With AR8 For example ：

 OSPF Configuration command ：

Define the process number , route ID, Area , Announce segment ：

With R8 For example ：

  Define priority , Give Way R7 Become DR:

Add up DR/BDR Knowledge , Easy for everyone to learn .

                              DR/BDR The election ：

The condition for neighbors to become adjacency ; Related to network type ;

Network type ：

Point to point -- There can only be two nodes in a network segment -- Serial link

MA-- Multiple access - There is no limit to the number of nodes in a network segment ; It's not that several nodes are connected at the moment ; Instead, this network type allows multiple nodes to be finally connected ;-- Ethernet

Point to point network neighbor relationship directly becomes adjacency relationship ; stay MA In the network , There will be DR/BDR The election ; In a network segment, only DR/BDR It is adjacent to other routers ; Not DR/BDR They are neighbors ;

Election rules ：

1. First, compare the priority of all the equipment interfaces in the network segment , The bigger the better ;

  The default priority is 1; Value range 0-255,0 The logo does not stand for election

    2.   If all candidates have the same priority , Compare the... Of the candidate equipment RID, The value is excellent ;

Interference in elections ：

    3.DR The highest priority ,BDR Second largest -- Bear in mind ospf The election is non preemptive ; So after modifying the priority , All routers need to be restarted OSPF process ;

[r2]interface GigabitEthernet 0/0/0

[r2-GigabitEthernet0/0/0]ospf dr-priority  3     // Modify interface priority

<r1>reset ospf process     // restart ospf process

With R6 For example ：

  Configuration of default route （ Even if it's not right R8 The loopback announcement of can also be reached throughout the network ）

Configuration command ：[r8-ospf-1]default-route-advertise always

verification ：

R5pingR8 The loopback of ：ping 4.4.4.4

  principle ：

Through the configuration of the default command ,OSPF By collecting routing information , Make other routers get 0.0.0.0  Next jump ,192.168.1.51 The routing table for , Realize automatic target finding IP The effect of .

Encrypt the transmission information of the route ：

With R5 For example ：

Configuration command ：

Be careful ： In the same area , Certification should be carried out at the same time （ encryption ） To configure .

Take this experiment as an example ：

R5,R6,R7 It's all in the area 0 , Therefore, they should be certified .

Add ：

authentication -- Interface authentication   Configure , Ensure the security of updates

[r1-GigabitEthernet0/0/1]ospf authentication-mode md5  1 cipher 123456

Pattern 、 Number 、 The password requires consistency between neighbors

Define an empty interface , Deal with routing black holes （ Prevent loops ）

Configuration command ：

principle ：

Why do this ？

Define an empty interface 0： When accessing the IP when , If the goal at this time IP To break off , Because the default route is defined , Source IP Target not found IP Use the default to return to the upper layer route , The upper layer route will send the information to the lost IP On your router , here , Form a loop （ Dead cycle ） Cause the waste of network resources

Reduce the number of routing entries ：

Why do this ：

because OSPF The protocol occupies a large bandwidth , Due to its own algorithm mechanism , Lead to large resource occupation , Reducing the number of routing entries can reduce resource consumption , The later stage belongs to network optimization .

Operation command ：

Conclusion ：

It's not easy to create , I hope I can help everyone who is working hard , Thank you for your support ！！