네트워크/CCNA 2016. 3. 28. 12:19
@ CCNA - 12. OSPF
@CCNA Preconfig.txt
@OSPF 동작 과정.ppt
@OSPF 캡처 내용.pcap
@OSPF 장비 실습.pdf
[유튜브] 동영상 강의 링크 (구독! 좋아요!!!)
IP Routing 기초 - OSPF 설정 및 정보 확인 https://youtu.be/rX2G7wYcf6U
IP Routing 기초 - OSPF 이론(1편) https://youtu.be/7GtmR6QcMDE
IP Routing 기초 - OSPF 이론(2편) https://youtu.be/EKxckr004QM
IP Routing 기초 - OSPF 이론(3편) https://youtu.be/jNMTfL-x7GU
IP Routing 기초 - OSPF 이론(4편) https://youtu.be/JY0ftxSQQt0
[실습 환경]
0. OSPF(Open Shortest Path First)
- Link-State 알고리즘
- Classless Routing Protocol
- VLSM, CIDR
- IGP
- SPF 알고리즘을 사용하는 개방된 라우팅 프로토콜
1. 라우터 아이디(Router-ID)
- OSPF 라우터를 구분하기 위한 식별자
- 형식 : IPv4 주소 형식
1) 물리적인 인터페이스만 있을 경우, 그 중에 IP 주소가 가장 높은 IP 주소로 선출
F0/0 : 13.13.10.1
S1/0 : 13.13.12.1 <- 라우터 아이디 선출
2) Loopback 인터페이스가 있을 경우, Loopback 중에 IP 주소가 가장 높은 IP 주소로 선출
F0/0 : 13.13.10.1
S1/0 : 13.13.12.1
Lo172 : 172.16.1.1 <- 라우터 아이디 선출
- 단, Down 상태인 인터페이스 IP 주소로는 선출하지 않는다.
3) 'router-id' 명령어를 이용한 수동 선출
R1(config)# router ospf 1
R1(config-router)# router-id 1.1.1.1
2. OSPF 설정
Router(config)# router ospf [1~65535 Process-ID]
Router(config-router)# router-id x.x.x.x
Router(config-router)# network [로컬 네트워크] [와일드카드 마스크] area [area 주소]
Router(config-router)# passive-interface [Interface Name]
@ R1
router ospf 1
router-id 1.1.1.1
network 13.13.10.0 0.0.0.255 area 0
network 13.13.12.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0
passive-interface fa0/0
passive-interface lo172
@ R2
router ospf 1
router-id 2.2.2.2
network 13.13.20.0 0.0.0.255 area 0
network 13.13.12.0 0.0.0.255 area 0
network 13.13.23.0 0.0.0.255 area 0
passive-interface fa0/0
@ R3
router ospf 1
router-id 3.3.3.3
network 13.13.30.0 0.0.0.255 area 0
network 13.13.23.0 0.0.0.255 area 0
network 172.16.3.0 0.0.0.255 area 0
passive-interface fa0/0
passive-interface lo172
R1,R2,R3#show run
R1,R2,R3#show ip ospf neighbor
R1,R2,R3#show ip route
R1#ping 13.13.20.1 source fa0/0
R1#ping 13.13.30.1 source fa0/0
R1#ping 172.16.3.1 source lo172
R2#ping 13.13.10.1 source fa0/0
R2#ping 172.16.1.1 source fa0/0
R2#ping 13.13.30.1 source fa0/0
R2#ping 172.16.3.1 source fa0/0
R3#ping 13.13.20.1 source fa0/0
R3#ping 13.13.10.1 source fa0/0
R3#ping 172.16.1.1 source lo172
3. Loopback /32 라우팅 업데이트 동작
R2#sh ip route ospf
172.16.0.0/32 is subnetted, 2 subnets
O 172.16.1.1 [110/65] via 13.13.12.1, 00:00:50, Serial1/1
O 172.16.3.1 [110/65] via 13.13.23.3, 00:00:50, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.10.0 [110/74] via 13.13.12.1, 00:00:50, Serial1/1
O 13.13.30.0 [110/74] via 13.13.23.3, 00:00:50, Serial1/0
R1#show ip ospf int lo 172
Loopback172 is up, line protocol is up
Internet Address 172.16.1.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host
--------------- IP 1개 네트워크(255.255.255.255 = /32)
R1(config)#int lo 172
R1(config-if)#ip ospf network point-to-point
R1(config-if)#end
R1#show ip ospf int lo 172
Loopback172 is up, line protocol is up
Internet Address 172.16.1.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 1
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
~ 중간 생략 ~
R2#sh ip route ospf
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
O 172.16.1.0/24 [110/65] via 13.13.12.1, 00:00:55, Serial1/1
O 172.16.3.1/32 [110/65] via 13.13.23.3, 00:00:55, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.10.0 [110/74] via 13.13.12.1, 00:00:55, Serial1/1
O 13.13.30.0 [110/74] via 13.13.23.3, 00:00:55, Serial1/0
R3(config)#int lo 172
R3(config-if)#ip ospf network point-to-point
R3(config-if)#end
R2#sh ip route ospf
172.16.0.0/24 is subnetted, 2 subnets
O 172.16.1.0 [110/65] via 13.13.12.1, 00:00:01, Serial1/1
O 172.16.3.0 [110/65] via 13.13.23.3, 00:00:01, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.10.0 [110/74] via 13.13.12.1, 00:00:01, Serial1/1
O 13.13.30.0 [110/74] via 13.13.23.3, 00:00:01, Serial1/0
4. OSPF 메트릭
- Cost = 10^8 / Bandwidth
Ex) R1에서 '13.13.30.0/24'까지 OSPF 메트릭(Cost)은 얼마인가?
1544k 1544k 10M
R1-------------------------R2------------------------R3---------------| 13.13.30.0/24
cost = 64 cost = 64 cost = 10
64 + 64 + 10 = 138
R1#show ip ospf int s1/0
R2#show ip ospf int s1/0
R3#show ip ospf int fa0/0
R1#show ip route 13.13.30.0
Routing entry for 13.13.30.0/24
Known via "ospf 1", distance 110, metric 138, type intra area
Last update from 13.13.12.2 on Serial1/0, 00:06:14 ago
Routing Descriptor Blocks:
* 13.13.12.2, from 3.3.3.3, 00:06:14 ago, via Serial1/0
Route metric is 138, traffic share count is 1
5. OSPF 신뢰도
R1#show ip route ospf
172.16.0.0/24 is subnetted, 2 subnets
O 172.16.3.0 [110/129] via 13.13.12.2, 00:06:43, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.20.0 [110/74] via 13.13.12.2, 00:06:43, Serial1/0
O 13.13.23.0 [110/128] via 13.13.12.2, 00:06:43, Serial1/0
O 13.13.30.0 [110/138] via 13.13.12.2, 00:06:43, Serial1/0
[참고] 경로 신뢰도
Connected 0
Static 1
EIGRP 90
OSPF 110
RIP 120
EIGRP External 170
6. OSPF 동작 과정
- '@ OSPF 동작 과정.ppt' 참조
- Down -> Init -> Two-Way -> Exstart -> Exchange -> Loading - Full
R1#debug ip ospf adj
OSPF adjacency events debugging is on
R1#
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#
*Mar 1 00:49:57.903: OSPF: Interface Loopback172 going Down
*Mar 1 00:49:57.903: OSPF: 1.1.1.1 address 172.16.1.1 on Loopback172 is dead, state DOWN
*Mar 1 00:49:57.907: OSPF: Interface FastEthernet0/0 going Down
*Mar 1 00:49:57.911: OSPF: 1.1.1.1 address 13.13.10.1 on FastEthernet0/0 is dead, state DOWN
*Mar 1 00:49:57.911: OSPF: Neighbor change Event on interface FastEthernet0/0
*Mar 1 00:49:57.915: OSPF: DR/BDR election on FastEthernet0/0
*Mar 1 00:49:57.915: OSPF: Elect BDR 0.0.0.0
*Mar 1 00:49:57.915: OSPF: Elect DR 0.0.0.0
*Mar 1 00:49:57.919: OSPF: Elect BDR 0.0.0.0
*Mar 1 00:49:57.919: OSPF: Elect DR 0.0.0.0
*Mar 1 00:49:57.923: DR: none BDR: none
*Mar 1 00:49:57.923: OSPF: Flush network LSA immediately
*Mar 1 00:49:57.927: OSPF: Remember old DR 1.1.1.1 (id)
*Mar 1 00:49:57.927: OSPF: Interface Serial1/0 going Down
*Mar 1 00:49:57.931: OSPF: 1.1.1.1 address 13.13.12.1 on Serial1/0 is dead, state DOWN
*Mar 1 00:49:57.931: OSPF: 2.2.2.2 address 13.13.12.2 on Serial1/0 is dead, state DOWN
*Mar 1 00:49:57.935: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial1/0 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 00:49:58.571: OSPF: Interface Loopback172 going Up
*Mar 1 00:49:58.575: OSPF: Interface FastEthernet0/0 going Up
*Mar 1 00:49:58.575: OSPF: Interface Serial1/0 going Up
*Mar 1 00:49:58.591: OSPF: Build router LSA for area 0, router ID 1.1.1.1, seq 0x80000001, process 1
*Mar 1 00:49:58.595: OSPF: We are not DR to build Net Lsa for interface FastEthernet0/0
*Mar 1 00:49:58.603: OSPF: 2 Way Communication to 2.2.2.2 on Serial1/0, state 2WAY
*Mar 1 00:49:58.603: OSPF: Send DBD to 2.2.2.2 on Serial1/0 seq 0x2A2 opt 0x52 flag 0x7 len 32
*Mar 1 00:49:58.627: OSPF: Rcv DBD from 2.2.2.2 on Serial1/0 seq 0x26DD opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Mar 1 00:49:58.631: OSPF: NBR Negotiation Done. We are the SLAVE
*Mar 1 00:49:58.635: OSPF: Send DBD to 2.2.2.2 on Serial1/0 seq 0x26DD opt 0x52 flag 0x2 len 52
*Mar 1 00:49:58.675: OSPF: Rcv DBD from 2.2.2.2 on Serial1/0 seq 0x26DE opt 0x52 flag 0x3 len 72 mtu 1500 state EXCHANGE
*Mar 1 00:49:58.679: OSPF: Send DBD to 2.2.2.2 on Serial1/0 seq 0x26DE opt 0x52 flag 0x0 len 32
*Mar 1 00:49:58.739: OSPF: Rcv DBD from 2.2.2.2 on Serial1/0 seq 0x26DF opt 0x52 flag 0x1 len 32 mtu 1500 state EXCHANGE
*Mar 1 00:49:58.743: OSPF: Exchange Done with 2.2.2.2 on Serial1/0
*Mar 1 00:49:58.747: OSPF: Send LS REQ to 2.2.2.2 length 24 LSA count 2
*Mar 1 00:49:58.747: OSPF: Send DBD to 2.2.2.2 on Serial1/0 seq 0x26DF opt 0x52 flag 0x0 len 32
*Mar 1 00:49:58.815: OSPF: Rcv LS UPD from 2.2.2.2 on Serial1/0 length 184 LSA count 2
*Mar 1 00:49:58.819: OSPF: Synchronized with 2.2.2.2 on Serial1/0, state FULL
*Mar 1 00:49:58.823: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial1/0 from LOADING to FULL, Loading Done
R1#
*Mar 1 00:50:03.971: OSPF: Rcv LS UPD from 2.2.2.2 on Serial1/0 length 100 LSA count 1
*Mar 1 00:50:04.327: OSPF: Build router LSA for area 0, router ID 1.1.1.1, seq 0x80000005, process 1
R1#
R1#undebug all
All possible debugging has been turned off
R1#
7. OSPF 라우팅 업데이트 및 변경 사항
- 네트워크 추가 및 삭제될 경우, LSU 패켓을 통해서 업데이트 실시
8. Area 설계
- OSPF 광고양을 최소화하기 위해서 Area 설계를 실시한다.
- 같은 Area 안에서는 전체 광고되지만, 다른 Area로는 추가/삭제된 부분만 광고한다.
- Area 설계 방법 : 모든 Area는 Area 0을 경유하도록 설계해야 한다.
- Area 0 = Backbone Area (모든 Area가 경유하는 Area)
- ABR = Area 0과 Area X 사이에 있는 라우터
- ASBR = 외부 네트워크 정보를 OSPF 환경으로 라우팅 업데이트하는 라우터
9. OSPF 테이블 유형
1) 네이버 테이블
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - 00:00:30 13.13.12.2 Serial1/0
2) 데이터베이스 테이블(Link-State Database = LSDB)
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 50 0x80000006 0x00E351 4
2.2.2.2 2.2.2.2 51 0x80000007 0x008064 5
3.3.3.3 3.3.3.3 840 0x80000004 0x007682 4
@ R3 Area 0 링크 - 4개
13.13.23.0/24
13.13.30.0/24
172.16.3.0/24
R2와 연결된 S1/1 주소 13.13.23.3
@ R2 Area 0 링크 - 5개
13.13.12.0/24
13.13.20.0/24
13.13.23.0/24
R3와 연결된 S1/0 주소 13.13.23.2
R1과 연결된 S1/1 주소 13.13.12.2
@ R1 Area 0 링크 - 4개
13.13.10.0/24
13.13.12.0/24
172.16.1.0/24
R2와 연결된 S1/0 주소 13.13.12.1
R1#show ip ospf database router
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
LS age: 271
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 1.1.1.1
Advertising Router: 1.1.1.1
LS Seq Number: 80000006
Checksum: 0xE351
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.1.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 13.13.12.1
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.12.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.10.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10
LS age: 273
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 2.2.2.2
Advertising Router: 2.2.2.2
LS Seq Number: 80000007
Checksum: 0x8064
Length: 84
Number of Links: 5
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 1.1.1.1
(Link Data) Router Interface address: 13.13.12.2
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.12.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.20.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 13.13.23.2
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.23.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
LS age: 1063
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 80000004
Checksum: 0x7682
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.3.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.30.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 13.13.23.3
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 13.13.23.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
3) 라우팅 테이블
R1#show ip route ospf
172.16.0.0/24 is subnetted, 2 subnets
O 172.16.3.0 [110/129] via 13.13.12.2, 00:10:32, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.20.0 [110/74] via 13.13.12.2, 00:10:33, Serial1/0
O 13.13.23.0 [110/128] via 13.13.12.2, 00:10:33, Serial1/0
O 13.13.30.0 [110/138] via 13.13.12.2, 00:10:33, Serial1/0
10. OSPF 경로 유형
- O : Intra-Area 경로, 같은 Area 네트워크
- O IA : Inter-Area 경로, 다른 Area 네트워크
- O E2 : External 경로, 외부 네트워크
R3(config)#int lo 100
R3(config-if)#ip address 100.100.1.1 255.255.255.0
R3(config-if)#ip address 100.100.2.1 255.255.255.0 secondary
R3(config-if)#ip address 100.100.3.1 255.255.255.0 secondary
R3(config-if)#
R3(config-if)#int lo 200
R3(config-if)#ip address 200.200.1.1 255.255.255.0
R3(config-if)#ip address 200.200.2.1 255.255.255.0 secondary
R3(config-if)#ip address 200.200.3.1 255.255.255.0 secondary
R3(config-if)#ip ospf network point-to-point
R3(config-if)#
R3(config-if)#router rip
R3(config-router)#version 2
R3(config-router)#no auto-summary
R3(config-router)#network 100.0.0.0
R3(config-router)#
R3(config-router)#router ospf 1
R3(config-router)#network 200.200.0.0 0.0.255.255 area 13
R3(config-router)#redistribute rip subnets
R1#show ip route ospf
100.0.0.0/24 is subnetted, 3 subnets
O E2 100.100.1.0 [110/20] via 13.13.12.2, 00:04:11, Serial1/0
O E2 100.100.2.0 [110/20] via 13.13.12.2, 00:04:11, Serial1/0
O E2 100.100.3.0 [110/20] via 13.13.12.2, 00:04:11, Serial1/0
O IA 200.200.1.0/24 [110/129] via 13.13.12.2, 00:04:11, Serial1/0
O IA 200.200.2.0/24 [110/129] via 13.13.12.2, 00:04:11, Serial1/0
172.16.0.0/24 is subnetted, 2 subnets
O 172.16.3.0 [110/129] via 13.13.12.2, 00:04:11, Serial1/0
O IA 200.200.3.0/24 [110/129] via 13.13.12.2, 00:04:11, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.20.0 [110/74] via 13.13.12.2, 00:04:11, Serial1/0
O 13.13.23.0 [110/128] via 13.13.12.2, 00:04:11, Serial1/0
O 13.13.30.0 [110/138] via 13.13.12.2, 00:04:11, Serial1/0
11. ABR, ASBR 라우터 확인
- ABR : Area 0과 Area X 사이에 있는 라우터
- ASBR : 외부 네트워크 정보를 OSPF 환경으로 라우팅 업데이트하는 라우터
R3#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3
Start time: 00:14:19.748, Time elapsed: 01:11:19.772
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
It is an area border and autonomous system boundary router
Redistributing External Routes from,
rip, includes subnets in redistribution
~ 중간 생략 ~
12. DR/BDR
- '@ OSPF DR&BDR 관련 예제.pkt' 참조
- Multi Access 환경에서 DR/BDR을 선출한다. (단, Point-to-Point 환경은 선출 X)
- Multi Access 환경 : Ethenet 환경
- DR을 통해서 OSPF 광고를 실시하여, OSPF 광고양을 최소화시킨다.
- DR 선출 과정
① OSPF 우선 순위가 높은 라우터가 DR, 두번째가 BDR
② OSPF 라우터 아이디가 높은 라우터가 DR, 두번째가 BDR
- DR/BDR 아닌 라우터들은 'DROTHER'라고 한다.
- DR/BDR은 우선 순위를 조정하여 수동 선출하는 것을 권장한다.
Router(config-if)# ip ospf priority [0~255]
- 우선 순위의 기본값은 '1'이며, 우선 순위가 '0'이면 무조건 DROTHER로 동작한다.
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 2WAY/DROTHER 00:00:37 13.13.100.1 FastEthernet0/1
2.2.2.2 1 2WAY/DROTHER 00:00:37 13.13.100.2 FastEthernet0/1
4.4.4.4 1 FULL/BDR 00:00:37 13.13.100.4 FastEthernet0/1
5.5.5.5 1 FULL/DR 00:00:37 13.13.100.5 FastEthernet0/1
Ex) R1을 DR, R2를 BDR, 나머지 라우터는 무조건 DROTHER가 되도록 구성하여라.
@ R1
int fa0/1
ip ospf priority 255
@ R2
int fa0/1
ip ospf priority 254
@ R3, R4, R5
int fa0/1
ip ospf priority 0
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 255 FULL/DR 00:00:35 13.13.100.1 FastEthernet0/1
2.2.2.2 254 FULL/BDR 00:00:35 13.13.100.2 FastEthernet0/1
4.4.4.4 0 2WAY/DROTHER 00:00:35 13.13.100.4 FastEthernet0/1
5.5.5.5 0 2WAY/DROTHER 00:00:35 13.13.100.5 FastEthernet0/1
13. OSPF 인증
- OSPF 패켓 변조 방지
Ex) Area 0 구간에 인증을 실시하여라.
R1(config)#router ospf 1
R1(config-router)#area 0 authentication message-digest
R1(config-router)#
R1(config-router)#int s1/0
R1(config-if)#ip ospf message-digest-key 13 md5 cisco
R2(config)#router ospf 1
R2(config-router)#area 0 authentication message-digest
R2(config-router)#
R2(config-router)#int s1/0
R2(config-if)#ip ospf message-digest-key 13 md5 cisco
R2(config-if)#
R2(config-router)#int s1/1
R2(config-if)#ip ospf message-digest-key 13 md5 cisco
R3(config)#router ospf 1
R3(config-router)#area 0 authentication message-digest
R3(config-router)#
R3(config-router)#int s1/1
R3(config-if)#ip ospf message-digest-key 13 md5 cisco
R1,R2,R3#show run
R1,R2,R3#show ip ospf neighbor
R1,R2,R3#show ip route
- 다음 실습을 위해서 OSPF 및 인증 설정을 삭제하도록 한다.
R1(config)#no router ospf 1
R1(config)#int s1/0
R1(config-if)#no ip ospf message-digest-key 13 md5 cisco
R1(config-if)#exit
R2(config)#no router ospf 1
R2(config)#int s1/0
R2(config-if)#no ip ospf message-digest-key 13 md5 cisco
R2(config-if)#
R2(config-if)#int s1/1
R2(config-if)#no ip ospf message-digest-key 13 md5 cisco
R2(config-if)#exit
R3(config)#no router ospf 1
R3(config)#int s1/1
R3(config-if)#no ip ospf message-digest-key 13 md5 cisco
R3(config-if)#exit
[실습 환경]
- 그림을 참고하여 OSPF Area 0, Area 13, Area 113을 구성한다.
R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 13.13.10.0 0.0.0.255 area 0
R1(config-router)#network 13.13.12.0 0.0.0.255 area 0
R1(config-router)#network 172.16.1.0 0.0.0.255 area 0
R1(config-router)#passive-interface fa0/0
R1(config-router)#passive-interface lo172
R1(config-router)#end
R2(config)#router ospf 1
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 13.13.12.0 0.0.0.255 area 0
R2(config-router)#network 13.13.20.0 0.0.0.255 area 13
R2(config-router)#network 13.13.23.0 0.0.0.255 area 13
R2(config-router)#passive-interface fa0/0
R2(config-router)#end
R3(config)#router ospf 1
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 13.13.23.0 0.0.0.255 area 13
R3(config-router)#network 13.13.30.0 0.0.0.255 area 13
R3(config-router)#network 172.16.3.0 0.0.0.255 area 113
R3(config-router)#passive-interface fa0/0
R3(config-router)#passive-interface lo172
R3(config-router)#end
14. Virtual-Link 설정
- Area 0을 경유하지 못하는 Area가 발생할 경우, 사용하는 기능
- R2에서 R3의 Area 113 '172.16.3.0/24' 네트워크 정보가 라우팅 업데이트 됬는지 확인한다.
R2#show ip route ospf
172.16.0.0/24 is subnetted, 1 subnets
O 172.16.1.0 [110/65] via 13.13.12.1, 00:02:01, Serial1/1
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.10.0 [110/74] via 13.13.12.1, 00:02:02, Serial1/1
O 13.13.30.0 [110/74] via 13.13.23.3, 00:00:41, Serial1/0
- 해결 방법 : 버추얼 링크를 이용하여 ABR R2가 갖고 있는 Area 0 정보를 R3에게 동기화 시킴
R2(config)#router ospf 1
R2(config-router)#area 13 virtual-link 3.3.3.3
R2(config-router)#end
R3(config)#router ospf 1
R3(config-router)#area 13 virtual-link 2.2.2.2
R3(config-router)#end
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - - 13.13.23.3 OSPF_VL0
1.1.1.1 0 FULL/ - 00:00:37 13.13.12.1 Serial1/1
3.3.3.3 0 FULL/ - 00:00:34 13.13.23.3 Serial1/0
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - - 13.13.23.2 OSPF_VL0
2.2.2.2 0 FULL/ - 00:00:30 13.13.23.2 Serial1/1
R3#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 2.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 13, via interface Serial1/1, Cost of using 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R3#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3
Start time: 00:49:27.332, Time elapsed: 00:04:22.676
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
It is an area border router
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
~ 중간 생략 ~
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:20.880 ago
SPF algorithm executed 3 times
Area ranges are
Number of LSA 10. Checksum Sum 0x055D60
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 5
Flood list length 0
Area 13
Number of interfaces in this area is 2
This area has transit capability: Virtual Link Endpoint
Area has no authentication
SPF algorithm last executed 00:00:20.912 ago
SPF algorithm executed 5 times
Area ranges are
Number of LSA 6. Checksum Sum 0x0210BE
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Area 113
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:31.280 ago
SPF algorithm executed 3 times
Area ranges are
Number of LSA 7. Checksum Sum 0x03C8F2
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
R2#show ip route ospf
172.16.0.0/24 is subnetted, 2 subnets
O 172.16.1.0 [110/65] via 13.13.12.1, 00:00:33, Serial1/1
O IA 172.16.3.0 [110/65] via 13.13.23.3, 00:00:33, Serial1/0
13.0.0.0/24 is subnetted, 5 subnets
O 13.13.10.0 [110/74] via 13.13.12.1, 00:00:33, Serial1/1
O 13.13.30.0 [110/74] via 13.13.23.3, 00:00:33, Serial1/0
15. OSPF 네이버 성립 조건
- 같은 네트워크은 동일한 Area에 포함되어야 한다.
- 같은 네트워크은 OSPF Hello/Dead 주기 시간이 동일해야 한다.
- 같은 네트워크은 MTU 사이즈가 동일해야 한다.
- 라우터 아이디가 중복되면 안된다.
R1#show ip ospf int s1/0
Serial1/0 is up, line protocol is up
Internet Address 13.13.12.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
~ 중간 생략 ~
R1#show int s1/0
Serial1/0 is up, line protocol is up
Hardware is M4T
Internet address is 13.13.12.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
~ 중간 생략 ~
'네트워크 > CCNA' 카테고리의 다른 글
| CCNA - 14. DHCP & NAT (0) | 2016.03.31 |
|---|---|
| CCNA - 13. ACL (0) | 2016.03.28 |
| CCNA - 11. EIGRP (0) | 2016.03.25 |
| CCNA - 10. RIPv2 (0) | 2016.03.22 |
| CCNA - 09. RIPv1 (0) | 2016.03.22 |
