OSPF域间汇总实验目的：了解并掌握域间汇总的配置实验拓扑图：基本配置R1(config)#int s2/1R1(config-if)#ip ad 12.0.0.1 255.255.255.0R1(config-if)#int lo 0R1(config-if)#ip ad 1.1.0.1 255.255.255.0R1(config-if)#int lo 1R1(config-if)#ip ad 1.1.1.1 255.255.255.0R1(config-if)#int lo 2R1(config-if)#ip ad 1.1.2.1 255.255.255.0R1(config-if)#int lo 3R1(config-if)#ip ad 1.1.3.1 255.255.255.0R1(config-if)#int s2/1R1(config-if)#no shR1(config-if)#00:02:54: %LINK-3-UPDOWN: Interface Serial2/1, changed state to upR1(config-if)#00:02:55: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to up R1(config-if)#router ospf 10R1(config-router)#net 12.0.0.0 0.0.0.255 a 0R1(config-router)#no net 12.0.0.0 0.0.0.255 a 0R1(config-router)#net 12.0.0.0 0.0.0.255 a 1R1(config-router)#net 1.1.0.0 0.0.0.255 a 1R1(config-router)#net 1.1.1.0 0.0.0.255 a 1R1(config-router)#net 1.1.2.0 0.0.0.255 a 1R1(config-router)#net 1.1.3.0 0.0.0.255 a 1R2(config)#int s2/1R2(config-if)#no shR2(config-if)#int s2/2R2(config-if)#00:02:53: %LINK-3-UPDOWN: Interface Serial2/1, changed state to upR2(config-if)#ip ad00:02:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to upR2(config-if)#ip ad 23.0.0.2 255.255.255.0R2(config-if)#no shR2(config-if)#int lo 000:03:05: %LINK-3-UPDOWN: Interface Serial2/2, changed state to upR2(config-if)#int lo 0R2(config-if)#ip ad00:03:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2, changed state to upR2(config-if)#ip ad 2.2.2.2 255.255.255.0R2(config-if)#00:03:33: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2, changed state to downR2(config-if)#00:03:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2, changed state to upR2(config-if)#router ospf 10R2(config-router)#net 12.0.0.0 0.0.0.255 a 1R2(config-router)#net 2.2.2.2 0.0.0.0 a00:05:35: %OSPF-5-ADJCHG: Process 10, Nbr 1.1.3.1 on Serial2/1 from LOADING to FULL, Loading Done R2(config-router)#net 2.2.2.2 0.0.0.0 a 0R2(config-router)#net 23.0.0.0 0.0.0.255 a 0R3(config-if)#int s2/1R3(config-if)#ip ad 23.0.0.3 255.255.255.0R3(config-if)#no shR3(config-if)#00:03:41: %LINK-3-UPDOWN: Interface Serial2/1, changed state to upR3(config-if)#00:03:42: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to upR3(config-if)#int lo 0R3(config-if)#ip ad 3.3.3.3 255.255.255.0R3(config-if)#router ospf 10R3(config-router)#net 23.0.0.0 0.0.0.255 a 0R3(config-router)#int s/2^% Invalid input detected at '^' marker.R3(config)#00:07:07: %OSPF-5-ADJCHG: Process 10, Nbr 2.2.2.2 on Serial2/1 from LOADING to FULL, Loading Done R3(config)#int s2/2R3(config-if)#ip ad 34.0.0.03 255.255.255.0R3(config-if)#no sh00:07:23: %LINK-3-UPDOWN: Interface Serial2/2, changed state to upsoR3(config-if)#router oso00:07:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2, changed state to upR3(config-if)#router ospf 10R3(config-router)#net 34.0.0.0 0.0.0.255 a 2R4(config)#int s2/1R4(config-if)#ip ad 34.0.0.4 255.255.255.0R4(config-if)#no shR4(config-if)#int lo 0R4(config-if)#ip ad 4.4.4.4 255.255.255.0R4(config-if)#router ospf 10R4(config-router)#net 34.0.0.0 0.0.0.255 a 2R4(config-router)#net 4.4.4.4 0.0.0.0 a 2在R3、R4之间搭建一条虚链路，R3(config-router)#area 2 virR3(config-router)#area 2 virtual-link 4.4.4.4 4.4.4.4为对端router-id，且在配之前双方都能ping通对端的router-id，这样虚链路就可以搭建起来。

R4(config)#router ospf 10R4(config-router)#area 2 virtual-link 3.3.3.3R3#show ip ospf virtual-linksVirtual Link OSPF_VL2 to router 4.4.4.4 is upRun as demand circuitDoNotAge LSA allowed.Transit area 2, via interface Serial2/2, Cost of using 64Transmit Delay is 1 sec, State POINT_TO_POINT,Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5Hello due in 00:00:08Adjacency State FULL (Hello suppressed)Index 2/3, retransmission queue length 1, number of retransmission 1First 0x62C1C520(22)/0x0(0) Next 0x62C1C520(22)/0x0(0)Last retransmission scan length is 1, maximum is 1Last retransmission scan time is 0 msec, maximum is 0 msecLink State retransmission due in 1516 msecR4#show ip ospf virtual-linksVirtual Link OSPF_VL3 to router 3.3.3.3 is upRun as demand circuitDoNotAge LSA allowed.Transit area 2, via interface Serial2/1, Cost of using 64Transmit Delay is 1 sec, State POINT_TO_POINT,Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5Hello due in 00:00:03Index 1/2, retransmission queue length 0, number of retransmission 0First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)Last retransmission scan length is 0, maximum is 0Last retransmission scan time is 0 msec, maximum is 0 msecR3#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRP - periodic downloaded static routeGateway of last resort is not set34.0.0.0/24 is subnetted, 1 subnetsC 34.0.0.0 is directly connected, Serial2/21.0.0.0/22 is subnetted, 1 subnetsO IA 1.1.0.0 [110/129] via 23.0.0.2, 00:00:08, Serial2/12.0.0.0/32 is subnetted, 1 subnetsO 2.2.2.2 [110/65] via 23.0.0.2, 00:00:08, Serial2/13.0.0.0/24 is subnetted, 1 subnetsC 3.3.3.0 is directly connected, Loopback04.0.0.0/32 is subnetted, 1 subnetsO 4.4.4.4 [110/65] via 34.0.0.4, 00:00:18, Serial2/25.0.0.0/32 is subnetted, 1 subnetsO IA 5.5.5.5 [110/129] via 34.0.0.4, 00:00:08, Serial2/2 通过虚链路，可以把几个区域互通起来23.0.0.0/24 is subnetted, 1 subnetsC 23.0.0.0 is directly connected, Serial2/112.0.0.0/24 is subnetted, 1 subnetsO IA 12.0.0.0 [110/128] via 23.0.0.2, 00:00:09, Serial2/145.0.0.0/24 is subnetted, 1 subnetsO IA 45.0.0.0 [110/128] via 34.0.0.4, 00:00:09, Serial2/2我们在R3上给虚链路配置明文认证R3(config-router)#area 2 virtual-link 4.4.4.4 authentication-key ?<0-7> Encryption type (0 for not yet encrypted, 7 for proprietary)LINE Authentication key (8 chars)R3(config-router)#area 2 virtual-link 4.4.4.4 authentication-key shenduR3(config-router)#area 2 virtual-link 4.4.4.4 authentication ?authentication Set authentication typeauthentication-key Set authentication keydead-interval Dead router detection timehello-interval Hello packet intervalmessage-digest-key Set message digest keynull No authenticationretransmit-interval LSA retransmit intervaltransmit-delay LSA transmission delay<cr>R3(config-router)#area 2 virtual-link 4.4.4.4 authentication 启用认证，R4不配R3(config-router)#^ZR3#ping 4.4.4.4Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 180/339/536 msR3#debug ip ospf ajd^% Invalid input detected at '^' marker.R3#debug ip ospf adjOSPF adjacency events debugging is onR3#clear ip ospf proReset ALL OSPF processes? [no]: yR3#02:00:41: OSPF: Interface OSPF_VL2 going Down02:00:41: OSPF: 3.3.3.3 address 0.0.0.0 on OSPF_VL2 is dead, state DOWN02:00:41: OSPF: 4.4.4.4 address 34.0.0.4 on OSPF_VL2 is dead, state DOWN02:00:41: %OSPF-5-ADJCHG: Process 10, Nbr 4.4.4.4 on OSPF_VL2 from FULL to DOWN, Neighbor Down: Interface down or detached02:00:41: OSPF: Interface Loopback0 going Down02:00:41: OSPF: 3.3.3.3 address 3.3.3.3 on Loopback0 is dead, state DOWN02:00:41: OSPF: Interface Serial2/1 going Down02:00:41: OSPF: 3.3.3.3 address 23.0.0.3 on Serial2/1 is dead, state DOWN02:00:41: OSPF: 2.2.2.2 address 23.0.0.2 on Serial2/1 is dead, state DOWN02:00:41: %OSPF-5-ADJCHG: Process 10, Nbr 2.2.2.2 on Serial2/1 from FULL to DOWN, Neighbor Down: Interface down or detached02:00:41: OSPF: Interface Serial2/2 going Down02:00:41: OSPF: 3.3.3.3 address 34.0.0.3 on Serial2/2 is dead, state DOWN02:00:41: OSPF: 4.4.4.4 address 34.0.0.4 on Serial2/2 is dead, state DOWN02:00:41: %OSPF-5-ADJCHG: Process 10R3#, Nbr 4.4.4.4 on Serial2/2 from FULL to DOWN, Neighbor Down: Interface down or detached02:00:42: OSPF: Interface Loopback0 going Up02:00:42: OSPF: Interface Serial2/1 going Up02:00:42: OSPF: Interface Serial2/2 going Up02:00:42: OSPF: Build router LSA for area 0, router ID 3.3.3.3, seq 0x8000000102:00:42: OSPF: Build router LSA for area 2, router ID 3.3.3.3, seq 0x8000000102:00:45: OSPF: 2 Way Communication to 4.4.4.4 on Serial2/2, state 2WAY02:00:45: OSPF: Send DBD to 4.4.4.4 on Serial2/2 seq 0x1174 opt 0x42 flag 0x7 len 3202:00:46: OSPF: Rcv DBD from 4.4.4.4 on Serial2/2 seq 0x2450 opt 0x42 flag 0x7 len 32 mtu 1500 state EXSTART02:00:46: OSPF: NBR Negotiation Done. We are the SLA VE02:00:46: OSPF: Send DBD to 4.4.4.4 on Serial2/2 seq 0x2450 opt 0x42 flag 0x2 len 5202:00:47: OSPF: Rcv DBD from 4.4.4.4 on Serial2/2 seq 0x2451 opt 0x42 flag 0x3 len 352 mtu 1500 state EXCHANGE02:00:47: OSPF: Send DBD to 4.4.4.4 on Serial2/2 seq 0x2451 opt 0x42 flag 0x0 len 3202:00:47: OSPF: Database request to 4.4.4.402:00:47: OSPF: sent LS REQ packet to 34.0.0.4, length 19202:00:47: OSPF: Rcv DBD from 4.4.4.4 on Serial2/2 seq 0x2452 opt 0x42 flag 0x1 len 32 mtu 1500 state EXCHANGE02:00:47: OSPF: Exchange Done with 4.4.4.4 on Serial2/202:00:47: OSPF: Send DBD to 4.4.4.4 on Serial2/2 seq 0x2452 opt 0x42 flag 0x0 len 3202:00:47: OSPF: Build rouR3#ter LSA for area 2, router ID 3.3.3.3, seq 0x8000000302:00:47: OSPF: Synchronized with 4.4.4.4 on Serial2/2, state FULL02:00:47: %OSPF-5-ADJCHG: Process 10, Nbr 4.4.4.4 on Serial2/2 from LOADING to FULL, Loading DoneR3#02:00:48: OSPF: 2 Way Communication to 2.2.2.2 on Serial2/1, state 2WAY02:00:48: OSPF: Send DBD to 2.2.2.2 on Serial2/1 seq 0x14F8 opt 0x42 flag 0x7 len 3202:00:48: OSPF: Rcv DBD from 2.2.2.2 on Serial2/1 seq 0x2044 opt 0x42 flag 0x7 len 32 mtu 1500 state EXSTART02:00:48: OSPF: First DBD and we are not SLA VE02:00:48: OSPF: Rcv DBD from 2.2.2.2 on Serial2/1 seq 0x14F8 opt 0x42 flag 0x2 len 212 mtu 1500 state EXSTART02:00:48: OSPF: NBR Negotiation Done. We are the MASTER02:00:48: OSPF: Send DBD to 2.2.2.2 on Serial2/1 seq 0x14F9 opt 0x42 flag 0x3 len 5202:00:48: OSPF: Database request to 2.2.2.202:00:48: OSPF: sent LS REQ packet to 23.0.0.2, length 108R3#02:00:49: OSPF: Rcv DBD from 2.2.2.2 on Serial2/1 seq 0x14F9 opt 0x42 flag 0x0 len 32 mtu 1500 state EXCHANGE02:00:49: OSPF: Send DBD to 2.2.2.2 on Serial2/1 seq 0x14FA opt 0x42 flag 0x1 len 3202:00:50: OSPF: Rcv DBD from 2.2.2.2 on Serial2/1 seq 0x14FA opt 0x42 flag 0x0 len 32 mtu 1500 state EXCHANGE02:00:50: OSPF: Exchange Done with 2.2.2.2 on Serial2/102:00:50: OSPF: Synchronized with 2.2.2.2 on Serial2/1, state FULLR3#02:00:50: %OSPF-5-ADJCHG: Process 10, Nbr 2.2.2.2 on Serial2/1 from LOADING to FULL, Loading DoneR3#02:00:50: OSPF: Build router LSA for area 0, router ID 3.3.3.3, seq 0x80000002R3#02:00:56: OSPF: Build router LSA for area 0, router ID 3.3.3.3, seq 0x80000005R3#02:01:02: OSPF: Interface OSPF_VL2 going UpR3#02:01:04: OSPF: Rcv pkt from 34.0.0.4, OSPF_VL2 : Mismatch Authentication type. Input packet specified type 0, we use type 1 认证匹配不上R3#02:01:14: OSPF: Rcv pkt from 34.0.0.4, OSPF_VL2 : Mismatch Authentication type. Input packet specified type 0, we use type 1R3#02:01:23: OSPF: Rcv pkt from 34.0.0.4, OSPF_VL2 : Mismatch Authentication type. Input packet specified type 0, we use type 1R3#02:01:34: OSPF: Rcv pkt from 34.0.0.4, OSPF_VL2 : Mismatch Authentication type. Input packet specified type 0, we use type 1R4#ping 3.3.3.3Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 256/445/772 ms 在R4上ping依旧可以ping通。