《《高级路由管理》PPT课件.ppt》由会员分享,可在线阅读,更多相关《《高级路由管理》PPT课件.ppt(64页珍藏版)》请在三一办公上搜索。
1、高级路由管理OSPF路由协议应用配置,2007年4月,提纲,OSPF技术要点回顾OSPF的基本配置选项OSPF的附加配置OSPF flooding ReductionOSPF Redistribution and FilteringOSPF SummarizationOSPF Default RoutingOSPF AuthenticationOSPF Virtual Links确认OSPF的运行状态ShowdebugOSPF v3的新特点,OSPF技术要点回顾,OSPF特点,快速收敛Fast Convergence支持VLSM,支持路由聚合summarization借助分层及区域管理,支持大
2、规模网络支持stub类型网络,减小路由规模借助multicast,实现高效率、可靠的路由信息传送采用链路特性的抽象评价cost,使得链路管理灵活很好的负载均衡支持认证/加密支持路由信息标记,可依据此对外来路由信息进行控制支持无类地址路由,OSPF基本工作过程,初始化,通过组播地址发送hello包到所有外连接口。在NBMA和multipoint类型接口则采用单点地址。通过交互,路由维护各自邻居信息。邻居关系独立于物理连接关系,相当于为交流路由信息而在路由之间选择建立的专用虚拟链路。路由器各自向其新加入的neighbour发送LSA信息.路由器将收到的LSA记录下来,并继续转发到其他新加入的nei
3、ghbour。所有路由器根据收集到的LSA集合,建立Link-state databases。当databases构建完成,运用SPF算法计算出从本节点出发到达其他路由节点的loop-free的路径,并组成SPF 的tree结构。从SPF的tree结构提取信息,对应加入到路由表中,作为优选的最佳路径。,OSPF的Hello协议,用于Neighbour discovery(Hello包中包含的信息)Router IDArea IDOriginating router interface的address maskAuthencation Type和Authencation informationH
4、ello IntervalHello deadintervalRouter priorityDR/BDRSome flagsRouter IDs of originating routers neighbour邻居关系的确认及维护使用Hello interval、Deadinterval、area IDs、authencation type and password验证邻居关系的建立邻居keeplive算法Deadinterval被设置为4倍的Hello interval,如果在deadinterval之内未收到hello信息,则邻居关系解除在broadcast和NBMA类型网络中DR/BDR
5、s的选择 Router ID、现有DR/BDR、router priority用于新的DR/BDR选择及状态判定,OSPF的相邻网络类型,Point-to-Point networks不必选举DR/BDRs,但采用组播地址在路由之间传送hello和LSA数据。Broadcast networks通过组播在普通节点和DR/BDRs之间传送数据。NBMA networks不能使用组播地址传送数据,邻居关系需要手工指定,DR/BDR选举出后,所有的数据均为单播地址传送。一般而言,DR/BDR应该为与其他路由器均有链路相连的节点。Point-to-multipoint必须被静态指定,被作为多个点对点网
6、络对待Virtual Links专用于连接Area 0的特殊网络,在NBMA网络中运行OSPF,OSPF的DR/BDRs选举,优势减少LSA数据的传送量新加入的节点只需和已选出的DR/BDR建立邻居关系选举过程路由器各自发送及接收hello信息Hello信息中的priority将被检测,最高优先级被选为DR,默认优先级为1,可更改。优先级为0的邻居不参加选举如果DR没有选出或者不响应,则BDR转为DR角色,而后选举新的BDR。如果出现一个以上相同优先级的设备节点,则从Router ID最高的中选出BDR运行过程中有新的更高优先级的设备加入,DR/BDR仍旧保持不变,只在失效时才重起选举进程邻居
7、之间周期性发送hello信息,在deadinterval内没有信息传送,则邻居关系解除,OSPF的RID,Unique router ID可以带来以下优势可以识别出重复的LSA唯一确认virtual link的端点在DR/BDR竞选中起关键作用RID(router ID)的选择路由设备所有有效接口的IP地址均参与RID的选择,最高值被选为相应链路上该设备的RID如果loopback接口存在,该接口地址被选用,如果有多个loopback接口,最高值的接口地址被选用需要控制RID的值,选择配置loopback接口,定制地址。此地址不需要被外界其他用户所访问,OSPF Loopback Addres
8、s,For OSPF to function there must always be an active interfacePhysical interfaces e.g.serial/Ethernet may not always be active routing would failConfigure virtual“loopback”interface as solutionSubnet mask will always be 255.255.255.255Router(config)#interface loopback numberRouter(config-if)#ip add
9、ress ip-address subnet-mask,SPF及OSPF链路的评估,SPF基于网络拓扑的有权无向图进行计算各个链路的权值主要以来BW计算FDDI,ATM,Gigabit Ethernet cost=1HSSI 45Mcost=216-Mbps Token Ring cost=610-Mbps Ethernetcost=10T1(1.544Mbps)cost=6456kbpscost=1785各个链路的权值可以人工指定,OSPF Cost 计算,Cost is the OSPF metric used in path selection Cost is based on band
10、widthDefault bandwidth is 1.544Mbps cost is 64Cost is 108 bandwidthRouter(config)#interface serial 0/0Router(config-if)#bandwidth 64 Router(config-if)#ip ospf cost number,OSPF的Router、Areas、LSAs Types,Area TypesBackbone area()Nonbackbone,nonstub areaStub areaTotally stubby areaNot-so-stubby area(NSSA
11、s)Router TypesInternal routersArea Border Routers(ABRs)Backbone routersAutonomous System Boundary Routers(ASBRs)LSAs typesRouter LSANetwork LSASummary LSAs for ABRsSummary LSAs for ASBRsAutonomous system external LSAsNSSA external LSA,OSPF的 PATH type,(o)Intra-area paths/routers(o IA)Interarea paths/
12、routers(o E1)External Type 1 paths/routers(o E2)External Type 2 paths/routers(o N1)OSPF NSSA type 1(o N2)OSPF NSSA type 2,OSPF 基本配置选项,准备参数,Area 0的设定所有路由器的RID路由器的priority及RID用于DR/BDR选举在单域内尽量保持地址连续,利于地址聚合收敛选择合适的stub网络类型尽量避免virtual links的使用,STUB区域、路由聚合和虚连接,OSPF基本配置步骤,将网络划分为若干逻辑区域area,明确backbone area 0。
13、在需要选择DR/BDR的区域,选择最佳选择。通过loopback interface或者直接设定router ID的方式为每一台路由指定 RID在路由器上启用OSPF,并配置RID配置路由的各个接口地址参数需要时指定OSPF的邻居节点需要时设置特殊area类型设置其他OSPF运行参数选项,如hello interval/deadinterval,route summarization,authencation等,配置OSPF协议划分区域,划分区域的基本原则按照自然的地区或者行政单位划分按照网络中的高端路由器来划分按照IP地址的规律一些制约条件区域的规模与骨干区域连通ABR的处理能力,启动OSP
14、F协议的基本配置,Enabling an OSPF process using the router ospf command.Assigning areas to the interfaces using the network command.Process-id can be a value between 0 and 65,535Wildcard mask NOT subnet mask used with network command,启动OSPF协议的基本配置,配置路由器的Router ID启动OSPF协议Quidway ospf enable配置OSPF区域Quidway-Se
15、rial0 ospf enable area area_id,OSPF 基本配置样例一,OSPF基本配置样例二,Router5#configure terminal Enter configuration commands,one per line.End with CNTL/Z.Router5(config)#router ospf 87Router5(config-router)#network 0.0.0.0 255.255.255.255 area 0Router5(config-router)#exitRouter5(config)#endRouter5#,OSPF基本配置样例三,R
16、outer9#configure terminal Enter configuration commands,one per line.End with CNTL/Z.Router9(config)#router ospf 87Router9(config-router)#exitRouter9(config)#interface FastEthernet0/0Router9(config-if)#ip ospf 87 area 10Router9(config-if)#exitRouter9(config)#endRouter9#,OSPF的附加配置,OSPF flooding Reduct
17、ion/Tuning OSPF,Router(config-if)#ip ospf flood-reduction默认LSA flooding每3600秒(1小时)进行一次,此命令可禁止floodingRouter(config-if)#ospf database-filter all out禁止在指定接口向外传送LSARouter(config-router)#neighbour ip_address database-filter all out禁止向特定的neighbour传送LSARouter(config-if)#ip ospf hello-interval interal_in_s
18、econdsRouter(config-if)#ip ospf dead-interval dead_interval_in_secondsRouter(config-if)#ip ospf retransmit-interval,Allows routing-information exchange between OSPF and other routing protocols,OSPF Route Redistribution,OSPF,RIPIGRPEnhanced IGRPIS-IS,BGPEGP,OSPF Redistribution Command,Redistributes r
19、outes from OSPF into other routing protocols(and vice versa),OSPF Redistribution Example 1,OSPF Redistribution Example 1,router ospf 109network 172.16.62.0 0.0.0.255 area 0network 172.16.63.0 0.0.0.255 area 0redistribute rip subnets metric-type 1 metric 20 router rippassive-interface serial 0passive
20、-interface serial 1default-metric 10redistribute ospf 109 match internal external 1 external 2,OSPF Redistribution Example 2,Back door creates potential loop,Redistribution Example 2 cont,router ospf 109network 172.16.62.0 0.0.0.255 area 0network 172.16.63.0 0.0.0.255 area 0redistribute rip subnets
21、metric-type 1 metric 20 distribute-list 11 out rip,Minimizes routing table entriesLocalizes impact of a topology change,OSPF Route Summarization,Inter-area(IA)summary link carries maskOne entry can represent several subnets,Route Summarization(cont.),Summary Route,Mask=240Address=12,Existing Subnet,
22、Mask=252Address=12,11111100000011 00,1111 00000000 1100,Valid 3rd Subnet,Invalid Subnet Zero,Some addresses may need reallocating,Route Summarization Issue,Route Summarization Commands,Consolidates IA routes on an ABR,Route Summarization Example,Default route to routers outside the area,Add a defaul
23、t route to the OSPF router connected to the outside network.This route can be redistributed to each router in the Area through normal OSPF updates Router(config)#ip interface|next-hop addressThe following configuration statement will propagate this route to all the routers in a normal OSPF area:Rout
24、er(config-router)#default-information originateAll routers in the OSPF area will learn a default route provided that the interface of the border router to the default gateway is active.,OSPF route authencation,Enable area authencation on all routers in that areaRouter(config-router)#area area_id aut
25、hencationRouter(config-router)#ip ospf authencation-key passwordMD5 cyrptographic authencationRouter(config-router)#area area_id authencation message-digestRouter(config-router)#ip ospf message-digest-key key_value md5 password,OSPF virtual links,Its the last option,and the better choice is to avoid
26、 virtual linkRouter(config-router)#area transit_area_id virtual-link router_id_of_remoteRouter#show ip ospf virtual-links,确认 OSPF 配置及运行状态,Verifies interfaces are in correct areas,Router#show ip ospf interface e0Ethernet0 is up,line protocol is up Internet Address 203.250.14.1 255.255.255.0,Area 0.0.
27、0.0 Process ID 10,Router ID 203.250.13.41,Network Type BROADCAST,Cost:10 Transmit Delay is 1 sec,State BDR,Priority 1 Designated Router(ID)203.250.15.1,Interface address 203.250.14.2 Backup Designated router(ID)203.250.13.41,Interface address 203.250.14.1 Timer intervals configured,Hello 10,Dead 40,
28、Wait 40,Retransmit 5 Hello due in 0:00:02 Neighbor Count is 3,Adjacent neighbor count is 3 Adjacent with neighbor 203.250.15.1(Designated Router)Loopback0 is up,line protocol is up Internet Address 203.250.13.41 255.255.255.255,Area 1 Process ID 10,Router ID 203.250.13.41,Network Type LOOPBACK,Cost:
29、1 Loopback interface is treated as a stub Host,show ip ospf interface Command,Show IP ospf interface,In this example,we use loopback interface instead of Ethernet interface,Displays general information about the OSPF routing process,show ip ospf Command,show ip ospf database Command,show ip protocol
30、 Command,Other OSPF show Commands,Displays parameters about OSPF virtual links,OSPF的debug命令,Debug ip ospf adj查看OSPF的hello协议Debug ip ospf events查看 OSPF的LSA信息传送将hello协议的运做记入日志Router(config)#router ospf 7Router(config-router)#log-adjacency-changesRouter#show log,OSPF v3的新特点,OSPF v3特点,OSPF for IPv6 Base
31、d on OSPFv2,with enhancementsDistributes IPv6 prefixesRuns directly over IPv6Ships-in-the-night with OSPFv2,OSPFv3/OSPFv2 相似性,Basic packet types Hello,DBD,LSR,LSU,LSAMechanisms for neighbor discovery and adjacency formationInterface typesP2P,P2MP,Broadcast,NBMA,VirtualLSA flooding and agingNearly id
32、entical LSA types,OSPFv3/OSPFv2 不同点,OSPFv3 runs over a link,rather than a subnetMultiple instances per linkOSPFv2 topology not IPv6-specificRouter ID Link IDStandard authentication mechanismsUses link-local addressesGeneralized flooding scopeTwo new LSA types,Configuring OSPFv3 in Cisco IOS Software
33、,Similar to OSPFv2Prefixing existing Interface and Exec mode commands with“ipv6”Interfaces configured directlyReplaces network command“Native”IPv6 router modeNot a sub-mode of router ospf,Configuration Modes in OSPFv3,Entering router modeno ipv6 router ospf Entering interface modeno ipv6 ospf area E
34、xec modeno show ipv6 ospf clear ipv6 ospf,Cisco IOS OSPFv3 Specific Attributes,Configuring area rangeno area range/Showing new LSAshow ipv6 ospf database link show ipv6 ospf database prefix,OSPFv3 Debug Commands,Adjacency is not appearingno debug ipv6 ospf adjno debug ipv6 ospf hello SPF is running
35、constantlyno debug ipv6 ospf spfno debug ipv6 ospf floodingno debug ipv6 ospf eventsno debug ipv6 ospf lsa-generationno debug ipv6 ospf database-timer General purposeno debug ipv6 ospf packetsno debug ipv6 ospf retransmissionno debug ipv6 ospf tree,OSPFv3 configuration example,LAN1:2001:1:1:1:/64,LA
36、N2:2001:2:2:2:/64,Eth0,Eth1,Router1,Area 0,Area 1,Router2,Cisco IOS OSPFv3 Display,Area 0,Area 1,Router2,Cisco IOS OSPFv3 Database Display,Router2#show ipv6 ospf database OSPF Router with ID(3.3.3.3)(Process ID 1)Router Link States(Area 0)Link ID ADV Router Age Seq#Checksum Link count0 1.1.1.1 2009
37、0 x8000000A 0 x2DB1 10 3.3.3.3 501 0 x80000007 0 xF3E6 1 Net Link States(Area 0)Link ID ADV Router Age Seq#Checksum7 1.1.1.1 480 0 x80000006 0 x3BAD Inter Area Prefix Link States(Area 0)ADV Router Age Seq#Prefix1.1.1.1 1761 0 x80000005 2001:2:2:2:/641.1.1.1 982 0 x80000005 2001:2:2:4:2/128 Link(Type
38、-8)Link States(Area 0)Link ID ADV Router Age Seq#Checksum Interface11 3.3.3.3 245 0 x80000006 0 xF3DC Lo07 1.1.1.1 236 0 x80000008 0 x68F Fa2/07 3.3.3.3 501 0 x80000008 0 xE7BC Fa2/0 Intra Area Prefix Link States(Area 0)Link ID ADV Router Age Seq#Checksum Ref lstype0 1.1.1.1 480 0 x80000008 0 xD670
39、0 x2001107 1.1.1.1 236 0 x80000008 0 xC05F 0 x20020 3.3.3.3 245 0 x80000006 0 x3FF7 0 x2001,Cisco IOS OSPFv3 Detailed LSA Display,show ipv6 ospf 1 database inter-area prefix LS age:1714 LS Type:Inter Area Prefix Links Link State ID:0 Advertising LS Seq Number:80000006 Checksum:0 x25A0 Length:36 Metr
40、ic:1 Prefix Address:2001:2:2:2:Prefix Length:64,Options:None show ipv6 ospf 1 database link LS age:283 Options:(IPv6 Router,Transit Router,E-Bit,No Type 7-to-5,DC)LS Type:Link-LSA(Interface:Loopback0)Link State ID:11(Interface ID)Advertising LS Seq Number:80000007 Checksum:0 xF1DD Length:60 Router P
41、riority:1 Link Local Address:FE80:205:5FFF:FEAC:1808 Number of Prefixes:2 Prefix Address:2001:1:1:3:Prefix Length:64,Options:None Prefix Address:2001:1:1:3:Prefix Length:64,Options:None,OSPFv3 on IPv6 Tunnels over IPv4,IPv6 Network,IPv4 Backbone,IPv6 Tunnel,IPv6 Tunnel,IPv6 Tunnel,IPv6 Network,IPv6
42、Network,interface Tunnel0 no ip address ipv6 address 2001:0001:45A/64 ipv6 address FE80:10:7BC2:ACC9:10 link-local ipv6 router ospf 1 area 0 tunnel source Ethernet1 tunnel destination 10 tunnel mode ipv6ip!ipv6 router ospf 1,interface Tunnel0 no ip address ipv6 address 2001:0001:45C/64 ipv6 address
43、FE80:10:7BC2:B280:11 link-local ipv6 router ospf 1 area 0 tunnel source Ethernet2 tunnel destination 10 tunnel mode ipv6ip!ipv6 router ospf 1,Conclusion,Based on existing OSPFv2 implementationSimilar CLI and functionalityFully functional EFT available nowCisco IOS Software availability:Release 12.2(15)T Release 12.2(RLS3)S for Cisco 7000 Series Routers and Cisco Catalyst 6000 Series SwitchesRelease 12.0(24)S the Cisco 12000 Series Internet Routers,参考文献,Link:,
