cisco ospf route


啟用ospf
(config)#router ospf < process-id> //process-id可自訂
(config-router)#network < ip> < wild card> area < area-id>

ps:process-id值為1-65535之間,各路由器不一定要相同,因這只對本機有意義,用在識別資料庫
ps:area-id值可從0到42億個

ex:
讓介面192.168.1.0與192.168.100.0使用ospf,並設process-id為1,area-id為0
(config)#router ospf 1
(config-router)#network 192.168.1.0 0.0.0.255 area 0
(config-router)#network 192.168.100.0 0.0.0.255 area 0
ex:
不要輸入每個介面讓192.168.20.0和192.168.30.0和192.168.40.0各界面使用ospf,並設process-id為1,area為0
(config)#router ospf 1
(config-router)#network 192.168.0.0 0.0.255.255 area 0
ps:
兩個network的優先順序以2進位0最多的wildcard-mask為優先

ex:
(config-router)#network 192.168.1.0 0.0.0.0 area 1
(config-router)#network 192.168.0.0 0.0.255.255 area 0
則會另192.168.1.0歸類為area 1, 而192.168.0.0則歸類為area 0
ps:
若沒有指定rid或無任何up介面用以產生rid,則會因沒有rid使ospf無法啟動,並出現類似以下訊息
ospf process 1 cannot start

area互連
(config-router)#network < ip> < wild card> area < area x>
(config-router)#network < ip> < wild card> area < area y>
ex:
設本地介面10.1.2.254連接area 0,本地介面10.1.3.1連接area 1
(config-if)#router ospf 1
(config-router)#network 10.1.2.254 0.0.0.0 area 0
(config-router)#network 10.1.3.1 0.0.0.0 area 1 

僅宣告指定介面使用OSPF
(config-if)#ip ospf < process-id> area < area-id> 

定義OSPF rid
(config-router)# router-id < net>
每個router的rid需唯一 

設定介面優先權
(config-if)#ip ospf priority < value>

value範圍為0-255,預設為1,0表示不參與DR選舉 
ps:常用於指定DR及BDR 

......................... 

調整鄰居關係 

指定該介面可以成為鄰居
(config-router)#neighbor < network> 
ps:由於NBMA網路不會自動探索鄰居,因此需透過該指令手動指定鄰居

指定passive interface
(config-router)# passive-interface < int> 
指定介面停止傳送hello封包以關閉探索鄰居的功能設定

hello interval
(config-if)#ip ospf hello-interval < seconds>

在廣播網路預設是10秒,在非廣播網路預設是30秒
ps:此值router間要相同是成為鄰居條件之一

設定dead interval
(config-if)#ip ospf dead-interval < seconds>
預設是hello的4倍
ps:此值router間要相同是成為鄰居條件之一

設定hello間隔為秒的分數 
(config-if)#ip ospf dead-interval minimal hello-multiplier < number>
number=分數的1/sec

ps:
ospf支援BFD(bidirectional forwarding detection,雙向轉送偵測) 

... 

OSPF鄰居驗證
主要支援明文認證及MD5認證
同一介面上可設定多個金鑰

type1,設定ospf明文認證
1設定認證密碼
(config-if)#ip ospf authentication-key < password>

password最長可達8字元
2啟用認證,主要有兩方法
啟用所有介面
(config-router)#area < area> authentication

啟用單一介面 
(config-if)#ip ospf authentication
ps:(同時啟用時以單一介面的指令優先)
ps:若介面要互相認證,必須設定相同的值
ex:設router a,b的ospf 1組態己設好且正常運作在area 0,並各透過fa0/0界面互連,使用明碼cisco做為認證
a_router(config)#int fa0/0
a_router(config-if)#ip ospf authentication-key cisco
a_router(config-if)#router ospf 1
a_router(config-router)#area 0 authentication
b_router(config)#int fa0/0
b_router(config-if)#ip ospf authentication-key cisco
b_router(config-if)#router ospf 1
b_router(config-router)#area 0 authentication

type2,設定ospf加密認證(MD5)
1設定認證密碼
(config-if)#ip ospf message-digest-key < key-id> [encryption-type] md5 < key>

< key-id>是一識別子,其值在1-255間
[encryption-type]0表示未設和7表示專屬
< key>是可達16字元的密碼
2啟用認證,主要有2方法可用 
啟用全部介面,(config-router)#area < area> authentication message-digest
啟用單一介面,(config-if)#ip ospf authentication message-digest
ps:若介面要互相認證,必須設定相同的值
ex:設router b,c的ospf 1組態己設好且正常運作在area 1,並各透過fa0/1界面互連,用加密密碼cisco做為認證,key-id為1
b_router(config)#int fa0/1
b_router(config-if)#ip ospf message-digest-key 1 md5 cisco
b_router(config-if)#router ospf 1
b_router(config-router)#area 1 authentication message-digest
c_router(config)#int fa0/1
c_router(config-if)#ip ospf message-digest-key 1 md5 cisco
c_router(config-if)#router ospf 1
c_router(config-router)#area 1 authentication message-digest

........................................... 

設定ospf網路類型
(config-if)#ip ospf network < type1 < type2...>>

type預設為broadcast,不同type會有不同的探索鄰居政策
可選的type如下
broadcast: Specify OSPF broadcast multi-access network
non-broadcast: Specify OSPF NBMA network
point-to-multipoint: Specify OSPF point-to-multipoint network
point-to-point: Specify OSPF point-to-point network

 

........................................... 

路徑控制 

設定介面成本以調整SPF的結果
介面成本越低,成為路徑的機率越高

修改參照頻寬
(config-router)# auto-cost reference-bandwidth < mbps>

使用原因:為了讓fastethernet和gigabit介面成本有差異 
介面的成本= ceil(參照頻寬/介面實際頻寬) 
ex:
reference-bandwidth=100(mbps) 
則serial介面成本=ceil(100000/1544)=64
fastethernet介面成本=ceil(100000/100000)=1
gigabit介面成本=ceil(100000/1000000)=ceil(0.1)=1
10gigabit介面成本=ceil(100000/10000000)=ceil(0.01)=1

修改介面實際頻寬
(config-if)#bandwidth < mbps>

直接指定介面成本
(config-if)#ip ospf cost < value>

指定所有路徑連來該設備的default metric 
(config-router)#area < area> default-cost < metric>

指定最大的相同路由
(config)#maximum-path < number>
number預設為4
OSPF僅支援equal-cost(成本相等)的load balance 

 

................................................. 

過濾ABR的Type3 lsa 
(config)#ip prefix-list < p-name> [seq < id>] < deny|permit> < prefix/p-length>
(config-router)# area < area-id> filter-list prefix < p-name> < in|out>

只有符合deny才會將該通告刪除
in:代表進入area-id的type3 lsa要被刪除,
out:代表離開該area-id的type3 lsa要被刪除
ex:
刪除進入area 3的且包含子網路10.1.3.0/24的通告 
(config)# ip prefix-list fpolicy seq 5 deny 10.1.3.0/24
(config)# ip prefix-list fpolicy seq 10 permit 0.0.0.0/0 le 32
(config)# router ospf 1
(config-router)# area 3 filter-list prefix fpolicy in

 

限制OSPF的LSA數量
(config-router)# max-lsa < number>
當LSA超過指定的數量時,系統會建立log 

...............................................
 
通告匯整路徑 

在ABR上手動通告指定的匯整路徑給其他OSPF area 
(config-router)#network < ip> < mask> area < area-id>
(config-router)#area < area-id> range < ip> < mask> [advertise|not-advertise][cost < cost>]
[cost] 手動指定metric,值越小優先權越高,預設使用
所有subordinate route(次級路徑)中最低的值,同eigrp
不會通告subordinate route,因為已經包含在匯整route內,同eigrp
建立type 3 lsa匯整外部路徑

在ASBR上手動通告指定的匯整路徑給其他OSPF area
(config-router)#summary-address < ip> < mask> [not-advertise]
建立type 5 lsa匯整外部路徑

............................................... 

設定預設路徑
主要有兩方法
使用default-information originate:將default route傳進整個ospf domain 
使用stub area:將stub area內的資料流導向到其他area裡的其中一個abr

 

要求asbr將default route傳進整個OSPF domain 
ASBR(config-router)#default-information originate [always] [metric < value>] [metric-type < type>] [route-map < map-name>]
假如asbr的route table有0.0.0.0/0(default route),則將該route傳播給整個ospf domain
always:表示若router的route table不存在default-route時,仍會通告該route
metric:定義權值,預設為1 
metric-type:定義LSA為external type1或external type2,預設為external type2(metric=1的type 5 lsa)
route-map:支援route-map以決定如何通告default-route 
ps:只要border router到default gateway的介面還有作用,在OSPF area的所有router將學習預設路徑

 

使用stub area設定預設路徑 

設定stub
(config-router)# area < area-id> stub
指定area-id為stub area
area中每一台router都要設定stub指令 

設定NSSA
(config-router)# area < area-id> nssa
指定area-id為stub area
area中每一台router都要設定nssa指令 

啟用totally功能
(config-router)# area < area-id> < stub | nssa> no-summary

stub:設定為totally stubby 
nssa:設定為totally NSSA 
area中每一台router都要設定stub或nssa指令,且ABR要多設定no-summary指令 
ps:此為cisco專屬區域類型

以stub設定預設路徑的權值
(config-router)# area < area-id> default-metric < metric>
預設為1,每個abr可以不同

 

ps:
(config-router)#?
exit   Exit from routing protocol configuration mode
network   Enable routing on an IP network
area   OSPF area parameters
summary-address   Configure IP address summaries
redistribute   Redistribute information from another routing protocol
default-metric   Set metric of redistributed routes
distribute-list   Filter networks in routing updates
default-information   Control distribution of default information
distance   Control distribution of default information
passive-interface   Suppress routing updates on an interface
neighbor   Specify a neighbor router

 

....................................................................

顯示ospf相關資訊
#show ip ospf [process-id]
顯示內容包括統計資訊,...等

以show ip ospf為例,畫面大致如下
Routing Process "ospf 10" with ID 24.17.2.2 //process-id為10
Supports only single TOS(TOS0) routes
It is an area brode router  //此為abr,因連接了area0和area3
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs //timer
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs //timer

Number of external LSA 0. Checksum Sum 0x0
Number of DCbitless external LSA 0
Number of DoNotAge external LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
 Area BACKBONE(0)
  Number of interfaces in this area is 1
  Area has no authentication
  SPF algorithm executed 4 times  //spf執行第4次 
  Area ranges are
  Number of LSA 3. Checksum Sum 0x2212D
  Number of DCbitless LSA 0
  Number of indication LSA 0
  Number of DoNotAge LSA 0
 Area 3 
  Number of interfaces in this area is 1
  It is a stub Area, no summary LSA in this area //stub area,而且no summay表示totally stub area 
 [omit...] 

顯示ospf連結狀態資料庫 
#show ip ospf database [ LSA type] [database-summary] 
顯示內容包含鏈路數目,路徑類型,拓樸資料庫,...等

LSA type可選的值有
 router  :type1 lsa 
 network :type2 lsa
 summary :type3 lsa  
 asbr-summary :type4 lsa
 external: type5 lsa  
不使用參數LSA type
畫面大致如下
#show ip ospf database
  OSPF Router with ID (9.9.9.9) (Process ID 10)     //LSID=9.9.9.9 
  Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count    
8.8.8.8 8.8.8.8 0 0x80000009 0x5461    //type1 LSA ID為rid8.8.8.8的router,該area中其中一台router  
9.9.9.9 9.9.9.9 0 0x80000002 0x2007           //type 1LSA ID為rid9.9.9.9的router,該area中其中一台router 
 Net Link States (Area 0)         //列出area 0內所有type2 lsa的LSID    
Link ID ADV Router Age Seq# Checksum
10.10.3.4 7.7.7.7 1104 0x80000001 0x00AB28 //type2 lsa id=10.10.34.4(DR的IP),目前建立在RID7.7.7.7的router  
 Summary Net Link States (Area 0)    //列出area 0內所有type3 lsa的LSID 
Link ID ADV Router Age Seq# Checksum
24.17.2.2 8.8.8.8 0 0x80000008 0x3562     //該子網路的type3 lsa的LSID=23.17.2.2,換句話說,要到網路24.17.2.2可到RID8.8.8.8的router 
[router]
參數LSA type指定router,僅列出type1 lsa資訊
畫面大致如下
#show ip ospf database router 9.9.9.9
 OSPF Router with ID (9.9.9.9) (Process ID 5)
  Router Link States (Area 0)
LS age: 796
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 9.9.9.9 
Advertising Router: 9.9.9.9 
LS Seq Number: 80000004
Checksum: 0x63C3
Length: 84
Number of Links: 2
Link connected to: another Router (point-to-point) //連接一個鄰居 
 (Link ID) Neighboring Router ID: 8.8.8.8            
//該鄰居RID為8.8.8.8
 (Link Data) Router Interface address: 10.10.2.5   //router介面上的IP10.10.2.5可以到RID8.8.8.8 
 Number of TOS metrics: 0
 TOS 0 Metrics: 64
Link connected to: a Stub Network   //連接一個stub network,也就是沒有選出DR的介面 
 (Link ID) Network/subnet number: 10.10.2.0
 (Link Data) Network Mask: 255.255.255.248 
 Number of TOS metrics: 0
 TOS 0 Metrics: 64  
Link connected to: a Transit Network   //連接到type 2 lsa 
 (Link ID) Designated Router address: 10.10.3.4  //type2 lsa的
LSID為10.10.3.4
 (Link Data) Router Interface address: 10.10.3.4
 Number of TOS metrics: 0
 TOS 0 Metrics: 1
[network]
參數LSA type指定network,僅列出type2 lsa資訊
畫面大致如下
#show ip ospf database network 10.10.3.4
 OSPF Router with ID (9.9.9.9) (Process ID 3)
  Net Link States (Area 34)
Routing Bit Set on this LSA
LS age: 1161
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 10.10.3.4 (address of Designated Router)
Advertising Router: 7.7.7.7 
LS Seq Number: 80000001
Checksum: 0xAB28
Length: 32
Network Mask: /24
 Attached Router: 8.8.8.8     //目前連接的RID為8.8.8.8                                 
 Attached Router: 9.9.9.9 
[summary]
參數LSA type指定summary,僅列出type 3 lsa資訊 
畫面大致如下
# show ip ospf database summary 24.17.2.0
 OSPF Router with ID (9.9.9.9) (Process ID 3)
  Summary Net Link States (Area 34)
Routing Bit Set on this LSA
LS age: 1062
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 24.17.2.0 (summary Network Number) //目地網路為24.17.2.0,type3 lsa的LSID=24.17.2.0  
Advertising Router: 7.7.7.7   //宣告typ3 lsa的ABR的RID為7.7.7.7  
LS Seq Number: 80000002
Checksum: 0x3D81
Length: 28
Network Mask: /24     //目地網路mask為24 
 TOS: 0 Metric: 2
[asbr-summary]
參數LSA type指定asbr-summary,僅列出type 4 lsa資訊
畫面大致如下
# show ip ospf database asbr-summary
  OSPF Router with ID (5.5.5.5) (Process ID 5)
   Summary ASB Link States (Area 1)
 Routing Bit Set on this LSA
LS age: 984
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 1.1.1.1 (AS Boundary Router address)  //type4 lsa的LSID=ASBR的rid
Advertising Router: 3.3.3.3   //由abr(rid=3.3.3.3)發出type4 lsa
LS Seq Number: 8000000D
Checksum: 0xE43A
Length: 28
Network Mask: /0
  TOS: 0 Metric: 1  //該區域的abr到asbr的成本為1 
LS age: 1072
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(AS Boundary Router)
Link State ID: 1.1.1.1 (AS Boundary Router address)
Advertising Router: 4.4.4.4
LS Seq Number: 8000000B
Checksum: 0x439A
Length: 28
Network Mask: /0
  TOS: 0 Metric: 64  //該區域的abr到asbr的成本為64 
[database-summary]
參數使用database-summary
畫面大致如下 
# show ip ospf database database-summary
 OSPF Router with ID (1.1.1.1) (Process ID 2)
Area 3 database summary
 LSA Type Count Delete Maxage
 Router 4 0 0
 Network 1 0 0
 Summary Net 24 0 0
 Summary ASBR 0 0 0
 Type-7 Ext 0 0 0
  Prefixes redistributed in Type-7 0
 Opaque Link 0 0 0
 Opaque Area 0 0 0
 Subtotal 29 0 0
Process 2 database summary
 LSA Type Count Delete Maxage
 Router 4 0 0
 Network 1 0 0
 Summary Net 24 0 0
 Summary ASBR 0 0 0
 Type-7 Ext 0 0 0
 Opaque Link 0 0 0
 Opaque Area 0 0 0
 Type-5 Ext 0 0 0
  Prefixes redistributed in Type-5 0
 Opaque AS 0 0 0
 Non-self 28
 Total 29 0 0 

 

顯示ospf介面資訊
#show ip ospf interface
[interface] [brief] 
以eth0介面為例,畫面大致如下
Ethernet0 is up, line protocol is up
Internet Address 24.17.2.2/28 , Area 0 //該介面在area 0
Process ID 10, Router ID 24.17.2.2, Network Type DR, Cost: 10 //自己的rid是24.17.2.2
Transmit Delay is 1 sec, State DR, Priority 1 //優先權為1表示會參與dr選擇.目前狀態是DR
Designated Router (ID) 24.17.2.2, Interface address 24.17.2.2 //dr資訊
Backup Designated router (ID) 24.17.2.1, Interface address 24.17.2.1 //bdr資訊
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 //兩路由器的時間參數需相同才可互通

Hello due in 00:00:02
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 24.17.2.1(Backup Designated Router)
Suppress hello for 0 neighbor(s)
Message digest authentication enabled  //該介面使用MD5做鄰居驗證 
 Youngest key id is 1
[brief]
使用參數brief
畫面大致如下
# show ip ospf interface brief
Interface PID Area IP Address/Mask Cost State Nbrs F/C //所列出的介面都不是passive interface 
Fe0/0 2 0 10.1.2.2/30 64 P2P 1/1
Fa0/1 2 0 10.1.1.2/25 1 DR 0/0
Fe0/2 2 1 10.1.1.1/30 64 P2P 1/1  //該介面在area 1 

顯示ospf鄰居資訊
#show ip ospf neighbor [detail]

畫面大致如下
Neighbor ID Pri State Dead Time Address Interface //state會顯示ospf link state
24.17.2.17 3 FULL/DR 05:12:40 24.17.2.17 Serial0   //本地serial0介面連到鄰居ip24.17.2.17
24.17.2.18 1 2WAY/DROTHER 05:12:40 24.17.2.18 Ethernet0  //2way鄰居關係,不會交換topology資料 
24.17.1.17 2 FULL/BDR 05:12:40 24.17.1.17 Serial1                 
24.17.1.18 3 FULL/DR 05:12:40 24.17.1.18 Ethernet1            //full鄰居關係,會交換topology資料 
ps:出現多個dr可能是連結多個as
ps:FULL/DOTHER 表示在無DR的環境下,和DOTHER交換LSDB而達到FULL狀態
ps:FULL/DR 表示在DR環境下,和DR交換LSDB而達到FULL狀態
[detail]
加detail後畫面大致如下
Neighbor 24.17.2.17, interface address 24.17.2.17
 In the area 10 via interface Serial0
 Neighbor priority is 1, State is FULL, 6 state changes
 DR is 0.0.0.0 BDR is 0.0.0.0 //dr和bdr資訊
 Options 2
 Dead timer due in

顯示ospf路由表進入abr的資訊,或顯示abr資訊
#show ip ospf border-routers
在internal router,顯示router抵達ASBR的best cost
畫面大致如下
OSPF Process 4 internal Routing Table
Codes: i - Intra-area route, I - Inter-area route   
//以下列出router知道的abr和asbr 
I 1.1.1.1 [64] via 172.16.14.1, Serial0/0/0, ASBR, Area 0, SPF 16 //由rid1.1.1.1(ASBR)公告到達該ASBR會經過172.16.14.1   
i 3.3.3.3 [65] via 172.16.14.1, Serial0/0/0, ABR, Area 0, SPF 16  //由rid3.3.3.3(abr)公告到達該ABR會經過172.16.14.1 
i 3.3.3.3 [128] via 172.16.45.5, Serial0/0/1, ABR, Area 1, SPF 8   //該介面為area 1

 

顯示ospf相關資訊
#show ip protocols
畫面大致如下
Routing Protocol is "ospf 10" //使用process-id為10
Sending updates every 90 seconds, next due in 10 seconds
Invalid after 30 seconds, hold down 0, flushed after 60
Outgoing update filter list for all interfaces is not set //filter未設定
Incoming update filter list for all interfaces is not set
Redistributing: ospf 10
Routing for Networks:
 24.0.0.0 0.255.255.255 area 0    //正在交換24.0.0.0/8的網路,具area為0 

Routing on Interfaces Configured Explicitly (Area 0):
 Serial0/1            //指定介面s0/1交換OSPF資訊 
Reference bandwidth unit is 100 mbps
Passive Interface(s):
 FastEthernet0/0        //fa0/0為被動介面 

 FastEthernet0/1
Routing Information Sources:
 Gateway Distance Last Update
 24.17.2.18 110 00:00:06            //接收RID為24.17.2.18的router的資訊 
 24.17.2.18 110 00:00:06
Distance: (default is 110)

 

顯示ospf路由表
#show ip route
畫面大致如下
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
 U - per-user static route
C 24.17.2.16 is directly connected, Serial0
O 24.17.2.0 [110/64] via 24.17.2.1, 00:00:50, Serial0
O IA 24.17.3.0 [110/64] via 24.17.3.1, 00:00:50, Serial1  //OSPF interarea路徑

 

#debug ip ospf < act>
act有以下
adj 看ospf的dr和bdr選取,也可看ospf鄰居驗證的過程
events 顯示相鄰關係,flooding資訊,dr選舉,spf計算
packet 顯示每個收到的ospf封包

timer不一致會產生如下訊息
*Apr 11 00:07:51.511: %OSPF-5-ADJCHG: Process 4, Nbr 1.1.1.1 on FastEthernet0/0
from 2WAY to DOWN, Neighbor Down: Dead timer expired
*Apr 11 00:07:57.624: %OSPF-5-ADJCHG: Process 4, Nbr 3.3.3.3 on FastEthernet0/0
from FULL to DOWN, Neighbor Down: Dead timer expired
*Apr 11 00:07:58.395: %OSPF-5-ADJCHG: Process 4, Nbr 2.2.2.2 on FastEthernet0/0
from FULL to DOWN, Neighbor Down: Dead timer expired

IP MTU不一致會產生如下訊息
*Apr 11 13:36:00.252: %OSPF-5-ADJCHG: Process 4, Nbr 2.2.2.2 on FastEthernet0/0
from EXSTART to DOWN, Neighbor Down: Too many retransmissions 

當兩邊之間只有一邊介面啟用type1明文認證(執行ip ospf authentication)  
*Apr 11 00:30:35: OSPF: Rcv pkt from 10.1.1.2, Serial1/1 : Mismatch Authentication type. Input packet specified type 0, we use type 1
*Apr 11 00:54:45: OSPF: Rcv pkt from 10.1.1.2, Serial1/1 : Mismatch Authentication Key - Clear Text

hello timer和dead timer不一致 
r1#
2w5d: OSPF: Rcv hello from 10.8.7.1 area 0.0.0.0 from Ethernet0/0 10.8.1.2
2w5d: OSPF: Mismatched hello parameters from 10.8.1.2
2w5d: Dead R 40 C 120, Hello R 10 C 30 Mask R 255.255.255.0 C 255.255.255.0 
r1的dead timer是120sec,hello timer是30sec
另一邊是dead timer是40sec,hello timer是10sec

area不一致
05:13:16: OSPF: Rev pkt from 10.1.1.2, Ethernet0/1, area 0.0.0.1 mismatch area 0.0.0.2 in the header
05:13:19: OSPF: Rev hello from 10.10.10.3 area 0 from Ethernet0/0 10.2.0.2
05:13:19: OSPF: End of hello processing
介面ethernet0/1設定area 1,但另一邊設定area2,造成area不一致

....................

在abr上設定virtual-link(虛擬鏈路)
r1(config)# router ospf < transit area>
r1(config-router)# area < transit area> virtual-link < r2-rid>

r2(config)# router ospf < transit area>
r2(config-router)# area < transit area> virtual-link < r1-rid>
ps:
r1 ping virtual-link命令中的r2-rid會失敗,但virtual-link是正常的

ex:
在area2的r1(5.5.5.5)及r2(3.3.3.3)之間建立virtual-link
r1(config)# router ospf 2
r1(config-router)# area 2 virtual-link 3.3.3.3
r2(config)# router ospf 2
r2(config-router)# area 2 virtual-link 5.5.5.5 

 

顯示在ospf虛擬連結的參數
#show ip ospf virtual-links

畫面大致如下 
Virtual Link OSPF_VL0 to router 3.3.3.3 is up //指派的鏈路另一邊ABR的rid為3.3.3.3,一樣使用type 1 lsa
 Run as demand circuit
 DoNotAge LSA allowed. //兩邊都支援DNA
 Transit area 2, via interface FastEthernet0/1, Cost of using 4 //介面成本不是4,而是會經過4個介面才會到另一邊ABR
 Transmit Delay is 1 sec, State POINT_TO_POINT,
 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
  Hello due in 00:00:02
  Adjacency State FULL (Hello suppressed) //目前為完全相鄰狀態,並停止發送HELLO封包
  Index 1/2, retransmission queue length 0, number of retransmission 0
  First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
  Last retransmission scan length is 0, maximum is 0
  Last retransmission scan time is 0 msec, maximum is 0 msec 

....................................................................................................................

OSPF IPv6 

啟用OSPFv3
(config)# ipv6 router ospf < process-id>
ps:運作ospfv3前,ipv6 unicast-routing指令需要被執行
(config-if)# ipv6 ospf < process-id> area < as>
ps:介面啟用ipv6 ospf前,介面需先啟用ipv6
ps:
運作時要有ospf rid,預設在有ipv4位址的情況下會自動選出,  
若無ipv4位址,則不會自動選出,需以指令router-id手動指派rid
ps:
該介面所有IPv6位址都會參與ospf,而且不能選擇那些位址不參與

 

ps:
#clear ipv6 ospf process
ospf database重建,並執行SPF演算法


檢驗狀態相關指令
#show ipv6 router ospf

 

#show ipv6 ospf
畫面大致如下
Routing Process "ospfv3 1" with ID 10.10.10.1 //ospfv3表示支援ipv6的版本  
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
 Area BACKBONE(0)
  Number of interfaces in this area is 1
  MD5 Authentication, SPI 1000
  SPF algorithm executed 2 times
  Number of LSA 5. Checksum Sum 0x02A005
  Number of DCbitless LSA 0
  Number of indication LSA 0
  Number of DoNotAge LSA 0
  Flood list length 0

# show ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
2.2.2.2 1 FULL/ - 00:00:36 19 Serial0/0/0.2
1.1.1.1 1 FULL/ - 00:00:35 19 Serial0/0/0.1
4.4.4.4 1 FULL/DR 00:00:34 3
ps:
與show ip ospf neighbor不同的是,鄰居從address變為interface id
# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - 00:00:31 10.10.23.2 Serial0/0/0.2
1.1.1.1 0 FULL/ - 00:00:31 10.10.13.1 Serial0/0/0.1
4.4.4.4 1 FULL/DR 00:00:39 10.10.34.4

# show ipv6 ospf database router adv-router 3.3.3.3
 OSPFv3 Router with ID (3.3.3.3) (Process ID 5)
  Router Link States (Area 34)
LS age: 996
Options: (V6-Bit, E-Bit, R-bit, DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 3.3.3.3
LS Seq Number: 80000007
Checksum: 0xDC04
Length: 72
Number of Links: 3
 Link connected to: another Router (point-to-point)
  Link Metric: 64
  Local Interface ID: 17 //使用介面id,而非使用鄰居ip
  Neighbor Interface ID: 19
  Neighbor Router ID: 2.2.2.2
 Link connected to: another Router (point-to-point)
  Link Metric: 64
  Local Interface ID: 16
  Neighbor Interface ID: 19
  Neighbor Router ID: 1.1.1.1
 Link connected to: a Transit Network
  Link Metric: 1
  Local Interface ID: 3
  Neighbor (DR) Interface ID: 3
  Neighbor (DR) Router ID: 4.4.4.4

# show ipv6 ospf interface brief
Interface PID Area Intf ID Cost State Nbrs F/C   //原ospfv2的鄰居ip,在ospfv3都以interface id(Intf ID)代替
Se0/0/0.1 1 34 19 64 P2P 1/1
Se0/0/0.2 1 34 19 64 P2P 1/1
Fa0/0 1 34 3 1 BDR 1/1
ps:該指令比show ip protocol輸出的資訊少

# show ipv6 ospf interface
FastEthernet0/0 is up, line protocol is up
 Link Local Address 2001:0DB1:205:5FFF:FED3:5808, Interface ID 3 
 Area 1, Process ID 1, Instance ID 0, Router ID 172.16.3.3  //該介面被執行ipv6 ospf 1 area 1
 Network Type BROADCAST, Cost: 1
 Transmit Delay is 1 sec, State BDR, Priority 1 //該介面屬於bdr  
 Designated Router (ID) 172.16.6.6, local address 2001:0DB1:205:5FFF:FED3:6408 //dr位置 
 Backup Designated router (ID) 172.16.3.3, local address 2001:0DB1:205:5FFF:FED3:5808 //bdr的位置 
 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
  Hello due in 00:00:05
 Index 1/1/1, flood queue length 0
 Next 0x0(0)/0x0(0)/0x0(0)
 Last flood scan length is 12, maximum is 12
 Last flood scan time is 0 msec, maximum is 0 msec
 Neighbor Count is 1, Adjacent neighbor count is 1
  Adjacent with neighbor 172.16.6.6 (Designated Router)
 Suppress hello for 0 neighbor(s) 

 

# show ipv6 protocols
IPv6 Routing Protocol is "connected" 
IPv6 Routing Protocol is "ospf 1"   //使用ospfv3,process id=1
 Interfaces (Area 34): 
  Serial0/0/0.1
  Serial0/0/0.2
  FastEthernet0/0
 Redistribution:
  None

ps:該指令比show ip protocol輸出的資訊少 

 


2008-10-09 22:28:20發表 2013-08-18 23:05:14修改   

數據分析
程式開發
計算機組織與結構
資料結構與演算法
Database and MySql
manage tool
windows
unix-like
linux service
network
network layer3
network layer2
network WAN
network service
作業系統
數位鑑識
資訊安全解決方案
資訊安全威脅
Cisco security
Cisco network
Cisco layer3

Cisco layer2



  登入      [牛的大腦] | [單字我朋友] Powered by systw.net