OSPF的NSSA详解
HCIEv3.0 OSPF收尾
1.OSPF的STUB
dis cu conf ospf
#
ospf 1 router-id 13.13.13.13
area 0.0.0.15
stub
dis ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 10 Routes : 14
OSPF routing table status : <Active>
Destinations : 10 Routes : 14
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.1.15.1 Vlanif30
OSPF 10 2 D 10.1.15.5 Vlanif30 //area 15因为存在2个ABR,每个ABR都会产生默认路由的3类LSA(开销值默认为1),总的开销值为2
dis ospf lsdb summary 0.0.0.0
OSPF Process 1 with Router ID 0.0.0.1
Area: 0.0.0.0
Link State Database
Area: 0.0.0.15
Link State Database
Type : Sum-Net
Ls id : 0.0.0.0
Adv rtr : 0.0.0.1
Ls age : 357
Len : 28
Options : None
seq# : 80000001
chksum : 0x8dcf
Net mask: 0.0.0.0
Tos 0metric: 1
Priority: Low
Type : Sum-Net
Ls id : 0.0.0.0
Adv rtr : 5.5.5.5
Ls age : 351
Len : 28
Options : None
seq# : 80000001
chksum : 0xfc4d
Net mask: 0.0.0.0
Tos 0metric: 1
Priority: Low
完全的STUB区域:
进一步减少3类LSA,仅仅剩余1、2、ABR产生的默认路由的3类LSA
在ABR设备上实施no-summary
ospf
area 15
stub no-summary
ospf
area 15
stub no-summary
dis ospf routing
OSPF Process 1 with Router ID 13.13.13.13
Routing Tables
Routing for Network
Destination CostType NextHop AdvRouter Area
10.1.15.0/24 1 Transit 10.1.15.3 13.13.13.13 0.0.0.15
0.0.0.0/0 2 Inter-area 10.1.15.1 0.0.0.1 0.0.0.15
0.0.0.0/0 2 Inter-area 10.1.15.5 5.5.5.5 0.0.0.15
dis ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 1 Routes : 2
OSPF routing table status : <Active>
Destinations : 1 Routes : 2
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.1.15.1 Vlanif30
OSPF 10 2 D 10.1.15.5 Vlanif30
2.OSPF的NSSA(not so stub area)区域
不接收5类LSA,但是可以引入外部路由,引入一种新的7类的NSSA的LSA
一个分支现在不接收5类LSA,同时还要在本区域得到默认路由去指向运行商而不是总公司(area 0)
ar
area 15
nssa
Error: The specified area has been configured as a STUB area. //需要先拿掉STUB的配置,然后再配置NSSA
dis th
#
area 0.0.0.15
nssa //该区域中所有设备都配置nssa,否则NP位不一致,导致无法建立邻居
dis ospf peer brief
OSPF Process 1 with Router ID 13.13.13.13
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.15 Vlanif30 0.0.0.1 Full
0.0.0.15 Vlanif30 5.5.5.5 Full
----------------------------------------------------------------------------
dis ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 13 Routes : 14
OSPF routing table status : <Active>
Destinations : 13 Routes : 14
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 O_NSSA1501 D 10.1.15.1 Vlanif30
O_NSSA1501 D 10.1.15.5 Vlanif30 //华为设备上默认从ABR(s)处得到7类LSA产生的默认路由,这点在思科设备上不会自动产生
10.1.1.1/32OSPF 10 1 D 10.1.15.1 Vlanif30
10.1.1.4/32OSPF 10 49 D 10.1.15.1 Vlanif30
10.1.1.5/32OSPF 10 1 D 10.1.15.5 Vlanif30
10.1.34.0/24OSPF 10 97 D 10.1.15.1 Vlanif30
10.1.35.0/24OSPF 10 2 D 10.1.15.5 Vlanif30
10.1.56.0/24OSPF 10 49 D 10.1.15.5 Vlanif30
11.1.1.1/32OSPF 10 1 D 10.1.15.1 Vlanif30
33.1.1.1/32OSPF 10 2 D 10.1.15.5 Vlanif30
44.1.1.1/32OSPF 10 49 D 10.1.15.1 Vlanif30
55.1.1.1/32OSPF 10 1 D 10.1.15.5 Vlanif30
66.1.1.1/32OSPF 10 49 D 10.1.15.5 Vlanif30
100.1.1.1/32O_NSSA1501 D 10.1.15.1 Vlanif30 //不同于STUB区域,此时NSSA区域得到了本区域引入的7类LSA产生的外部路由(其他区域引入的外部路由通过默认路由去访问)
import-route direct
dis ip routing-table protocol ospf //NSSA内部的设备看不到其他区域引入的外部路由,但是可以通过默认路由去访问
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 13 Routes : 14
OSPF routing table status : <Active>
Destinations : 13 Routes : 14
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 O_NSSA1501 D 10.1.15.1 Vlanif30
O_NSSA1501 D 10.1.15.5 Vlanif30
10.1.1.1/32OSPF 10 1 D 10.1.15.1 Vlanif30
10.1.1.4/32OSPF 10 49 D 10.1.15.1 Vlanif30
10.1.1.5/32OSPF 10 1 D 10.1.15.5 Vlanif30
10.1.34.0/24OSPF 10 97 D 10.1.15.1 Vlanif30
10.1.35.0/24OSPF 10 2 D 10.1.15.5 Vlanif30
10.1.56.0/24OSPF 10 49 D 10.1.15.5 Vlanif30
11.1.1.1/32OSPF 10 1 D 10.1.15.1 Vlanif30
33.1.1.1/32OSPF 10 2 D 10.1.15.5 Vlanif30
44.1.1.1/32OSPF 10 49 D 10.1.15.1 Vlanif30
55.1.1.1/32OSPF 10 1 D 10.1.15.5 Vlanif30
66.1.1.1/32OSPF 10 49 D 10.1.15.5 Vlanif30
100.1.1.1/32O_NSSA1501 D 10.1.15.1 Vlanif30
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
ping 6.6.6.6
PING 6.6.6.6: 56data bytes, press CTRL_C to break
Reply from 6.6.6.6: bytes=56 Sequence=1 ttl=254 time=70 ms
Reply from 6.6.6.6: bytes=56 Sequence=2 ttl=254 time=50 ms
Reply from 6.6.6.6: bytes=56 Sequence=3 ttl=254 time=50 ms
Reply from 6.6.6.6: bytes=56 Sequence=4 ttl=254 time=50 ms
Reply from 6.6.6.6: bytes=56 Sequence=5 ttl=254 time=50 ms
--- 6.6.6.6 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/54/70 ms
NSSA的特点:本区域可以为所欲为的引入外部路由,其他区域引入的外部路由不接受(只许州官放火不许百姓点灯)
=========================
7类LSA
通告者:NSSA区域的ASBR
通告范围:仅仅在NSSA区域(更新到NSSA区域外会变成5类LSA)
内容和功能:描述NSSA区域产生的外部路由(网络前缀、掩码、度量、类型、转发地址、tag)
dis ospf lsdb nssa 100.1.1.1
OSPF Process 1 with Router ID 13.13.13.13
Area: 0.0.0.15
Link State Database
Type : NSSA
Ls id : 100.1.1.1
Adv rtr : 0.0.0.1
Ls age : 1526
Len : 36
Options : None
seq# : 80000001
chksum : 0xd40
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.1 //NSSA LSA的转发地址一般都去非0
Tag : 1
Priority: Medium
------------------------
ip route-static 133.1.1.1 32 NULL 0
ospf
import-route static
dis ospf lsdb nssa self-originate
OSPF Process 1 with Router ID 13.13.13.13
Area: 0.0.0.15
Link State Database
Type : NSSA
Ls id : 133.1.1.1
Adv rtr : 13.13.13.13
Ls age : 37
Len : 36
Options :NP //P代表可以转换
seq# : 80000001
chksum : 0x806e
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Low
默认情况下是NSSA区域的ABR(RID较大的ABR,防环的角度)进行的7-->5
<R3>dis ip routing-table 133.1.1.1
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Table : Public
Summary Count : 1
Destination/Mask Proto PreCost Flags NextHop Interface
133.1.1.1/32O_ASE 1501 D 10.1.35.5 GigabitEthernet0/0/0
<R3>dis ospf lsdb ase 133.1.1.1
OSPF Process 1 with Router ID 33.1.1.1
Link State Database
Type : External
Ls id : 133.1.1.1
Adv rtr : 5.5.5.5 //是NSSA区域的ABR设备做了7转5,
Ls age : 318
Len : 36
Options :E
seq# : 80000001
chksum : 0xe72f
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Medium
<R3>dis ospf abr-asbr
OSPF Process 1 with Router ID 33.1.1.1
Routing Table to ABR and ASBR
RtType Destination Area CostNexthop Type
Intra-area0.0.4.4 0.0.0.34 48 10.1.34.4 ABR
Intra-area5.5.5.5 0.0.0.35 1 10.1.35.5 ABR/ASBR //对ASBR的进一步理解:只要产生了5类LSA就是ASBR
Inter-area0.0.0.1 0.0.0.35 49 10.1.35.5 ASBR
Inter-area0.0.0.6 0.0.0.35 49 10.1.35.5 ASBR
=======================
NSSA的细节:
no-summary之后,ABR产生几类的默认路由?3类。OSPF形式的默认路由只能以3、5、7类存在
<SW3>dis ospf routing
OSPF Process 1 with Router ID 13.13.13.13
Routing Tables
Routing for Network
Destination CostType NextHop AdvRouter Area
10.1.15.0/24 1 Transit 10.1.15.3 13.13.13.13 0.0.0.15
0.0.0.0/0 2 Inter-area 10.1.15.1 0.0.0.1 0.0.0.15
0.0.0.0/0 2 Inter-area 10.1.15.5 5.5.5.5 0.0.0.15
Total Nets: 3
Intra Area: 1Inter Area: 2ASE: 0NSSA: 0
<SW3>dis ip rou pro ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 1 Routes : 2
OSPF routing table status : <Active>
Destinations : 1 Routes : 2
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.1.15.5 Vlanif30
OSPF 10 2 D 10.1.15.1 Vlanif30
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
---------------------------
ABR同时也是ASBR的设备引入外部路由,NP不置位,因为这不需要把7类再转成5类,因为ASBR本身就产生了5类LSA。
import-route static
dis ospf lsdb nssa self-originate
OSPF Process 1 with Router ID 0.0.0.1
Area: 0.0.0.0
Link State Database
Area: 0.0.0.15
Link State Database
Type : NSSA
Ls id : 100.1.1.1
Adv rtr : 0.0.0.1
Ls age : 16
Len : 36
Options : None
seq# : 80000001
chksum : 0xd40
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.1
Tag : 1
Priority: Low
dis ospf lsdb ase self-originate
OSPF Process 1 with Router ID 0.0.0.1
Link State Database
Type : External
Ls id : 100.1.1.1
Adv rtr : 0.0.0.1
Ls age : 46
Len : 36
Options :E
seq# : 80000001
chksum : 0xbea9
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority: Low
====================
translator-always Set NSSA translator role always //总是进行7转5的操作
R1上配置该命令,结果
<R4>dis ospf lsdb ase 133.1.1.1 //开始看到的情况R1和R5都做了转换
OSPF Process 1 with Router ID 0.0.4.4
Link State Database
Type : External
Ls id : 133.1.1.1
Adv rtr : 5.5.5.5
Ls age : 825
Len : 36
Options :E
seq# : 80000001
chksum : 0xe72f
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Medium
Type : External
Ls id : 133.1.1.1
Adv rtr : 0.0.0.1
Ls age : 36
Len : 36
Options :E
seq# : 80000001
chksum : 0x78b1
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Medium
<R4>dis ospf lsdb ase 133.1.1.1
OSPF Process 1 with Router ID 0.0.4.4
Link State Database
Type : External
Ls id : 133.1.1.1
Adv rtr : 0.0.0.1
Ls age : 175
Len : 36
Options :E
seq# : 80000001
chksum : 0x78b1
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Medium
<R5>dis ospf lsdb ase 133.1.1.1 self-originate //R5不在做7转5的转换
OSPF Process 1 with Router ID 5.5.5.5
Link State Database
-----------------------
no-import-route //ABR如果做了引入外部路由,由于NSSA内部设备可以通过默认路由访问外部,我们可以不需要改路由
<SW3>dis ip rou pro ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 2 Routes : 3
OSPF routing table status : <Active>
Destinations : 2 Routes : 3
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.1.15.5 Vlanif30
OSPF 10 2 D 10.1.15.1 Vlanif30
100.1.1.1/32O_NSSA1501 D 10.1.15.1 Vlanif30 //默认进入NSSA
nssa translator-always no-summary no-import-route
<SW3>dis ip rou pro ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 1 Routes : 2
OSPF routing table status : <Active>
Destinations : 1 Routes : 2
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 OSPF 10 2 D 10.1.15.5 Vlanif30
OSPF 10 2 D 10.1.15.1 Vlanif30
-----------------------------
ABR转换为5类LSA后转发地址为全0
nssa translator-always no-summary no-import-route suppress-forwarding-address
<R4>dis ospf lsdb ase 133.1.1.1
OSPF Process 1 with Router ID 0.0.4.4
Link State Database
Type : External
Ls id : 133.1.1.1
Adv rtr : 0.0.0.1
Ls age : 100
Len : 36
Options :E
seq# : 80000001
chksum : 0x78b1
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 10.1.15.3
Tag : 1
Priority: Medium
<R4>dis ospf lsdb ase 133.1.1.1 //配置完毕之后的结果
OSPF Process 1 with Router ID 0.0.4.4
Link State Database
Type : External
Ls id : 133.1.1.1
Adv rtr : 0.0.0.1
Ls age : 54
Len : 36
Options :E
seq# : 80000002
chksum : 0xe38
Net mask: 255.255.255.255
TOS 0Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority: Medium
----------------------------------
ASBR上完成,不要在ABR上实施。还有一个条件,是设备上存在其他形式的默认路由
ip route-static 0.0.0.0 0.0.0.0 NULL 0
nssa default-route-advertise
dis ip rou pro ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 12 Routes : 13
OSPF routing table status : <Active>
Destinations : 11 Routes : 12
Destination/Mask Proto PreCost Flags NextHop Interface
0.0.0.0/0 O_NSSA1501 D 10.1.15.1 GigabitEthernet0/0/2 //是拿掉R1的no-summary参数得到的NSSA的ABR产生的默认路由
O_NSSA1501 D 10.1.15.3 GigabitEthernet0/0/2 //是SW3上实施通告默认路由后产生的OSPF的7类的默认路由
1)去互联网
2)去其他区域的外部路由
=============================
LSA,计算路由的材料,不是最终的路由
划分区域后-->LSA的分类
1、2类,只在杭州小打小闹
3类,把生意做到了其他省份
5类LSA,到全世界(除了一些特殊国家)
4类LSA,中间人或者国外的代理商
7类LSA,特殊国家
=============================
作业:
1.在R1完成引入路由,但是不允许这些外部路由进入NSSA区域
2.SW3上引入外部路由,R1上完成7类转5类LSA的操作
=========================
3.OSPF的其他知识
3.1 区域间路由汇总
3.2 外部路由汇总
3.3 认证
3.4 默认路由
添加客服微信了解更多!
{:6_264:}{:6_264:}{:6_265:}{:6_265:}{:6_269:}{:6_269:}
页:
[1]