OSPF 三张表
neighbors
topology 也就是LSDB
Routing table
OSPF 采用层次化架构(this two-level hierarchy consists of the following)
-Transit area(backbone or area 0)
-Regular areas (non backbone area )
OSPF area Characteristics:
minimizes routing table entries
localizes impact of a topology change within an area
detailed lsa flooding stops at the area boundary ( lsa:链路状态通告)
requires a hierarchical network design
ospf 中路由器的种类
骨干路由器,ABR路由器(满足的条件有一个接口必须是area 0) ASBR(边界路由器)
Point-to-point
--Both neighbors become fully adjacent
Lan links:
--Neighbors form a full adjacency with the DR and BDR
--Routers maintain two-way state with the other routers (DRothers)(路由器维护双向状态与其他路由器)
Routing updates and topology information are passed only between adjacent routers
在邻接的状态下才能传递路由信息
Once an adjacency is formed,LSDBs are synchronized by exchanging LSAs
LSAs are flooded reliably throughout the area (or network)
Hello packets exchanged via ip multicast
Electing DR and BDR (选DR&BDR的选法)
highest OSPF priority
highest Router ID
OSPF router-id 选举:
手工指定
环回地址最大的(激活)
物理接口地址最大的(激活)
Rid 不抢占
路由器重启
进程重启 clear ip ospf process
DR选举规则:
不抢占
30s选举时间
比时间
比优先级
比RID最高
DR失效的时候,BDR成为DR,在选举新的BDR
先选BDR,在选DR
邻居 neighbors 2way
邻接 adjacency full
邻接一定是邻居,邻居不一定成为邻接
10^8/带宽 来自动确认链路成本
30分钟更新一次LSDB
Hello router id,hello and dead interval *,neighbors,area id*,router priority,DR ip address,BDR ip address ,authencation password * ,stub area flag*
Dbd
lSr
lsu
lsaack
version: 版本号 v2 (ipv4)v3 ipv6
authentication type:
0 空认证
1 明文认证
2 密文认证
以太网的hello 时间为 10s dead 40s
广域网 hello时间 为 30s dead 120s
OSPF 网络类型:
1.Point to point serial FR subinterface(帧中继) ATM
2.broadcast 以太网 令牌环(token ring)
3.NBMA x.25 FR
4.P2MP 点到多点
5.p2Mp NBMA 点到多点非广播多路访问
6.loopbcak
#show ip os int s 0/0 查看OSPF接口网络类型
网络类型 接口 hello 是否选举DR,BDR 是否组播建立邻居
P2p serial 10s 不选 是
FR subinterface
Broadcast 以太网 token ring 10s 选 是
NBMA 30s 选 不是(neighbors)
P2MP 30s 不选 是
P2MP NBMA 30s 不选 不是
Loopback (无法通过命令修改成loopbak)
P2P 子网掩码可以不相同
其他类型 子网掩码必须相同
Attempt 在帧中继环境下
Neighbors
指定R1成为DR,ip os priority 0 优先级为0 不参与DR ,BDR 选举
Link-state advertisement
LSA Type Description
Router LSAs
Network LSAs
3or 4 summary LSAs
5 Autonomous system
External LSAs
6 Multicast OSPF LSA
7 Defined for Not-So-stubby areas
8 External attributes LSA for border
Gateway Protocol (BGP)
9,10,11 Opaque LSAs
Show ip os border-routers ---------------------------------------查看谁是ABR
Show ip os database asbr- ----------------------------------------查看LSA 4
第一类 LSA
起源:每台路由都有1类lsa
传播:在本区域传播,不能穿越ABR
内容:
OSPF汇总:
区域间汇总
配置在汇总区域的所有ABR上,area 0 range 192.168.0.0 255.255.0.0
AS间汇总:
在ASBR上配置,summary-address 10.1.0.0 255.255.252.0 tag 88
过滤
为什么要打tag,要支持qos,就要用到qos,方便,tag不单独使用。
tunnel
虚链路
OSPF多进程
1 interface Tunnel 0
Ip address 31.1.1.1 255.255.255.0
Ip ospf 1 area 0
Tunel source 1.1.1.1.
Tunnel destination 3.3.3.3
Router ospf 1
Router-id 3.3.3.3
Redistribute ospf 2 subnets
Router ospf 2
Router-id 33.3.3.3
Redistribute ospf 1 subnets
area 1 virtual-link 3.3.3.3(对方的router-id) 区域id 为所在区域
virtual-link 有donotage(DNA) 不老化特性。
OSPF认证:
|
认证类型/方式 |
明文认证 |
密文认证 |
|
接口认证: |
Interface serial 0/1 Ip ospf authentication Ip ospf authentication-key 123123 |
Interface serial 0/1 Ip ospf authentication message-digest Ip ospf authentication message-key 1 md5 12345 |
|
区域认证: |
Router ospf 1 Area 0 authencation Interface serial 0/1 Ip ospf authencation-key 123 |
Router ospf Area 0 authentication message-digest Interface serial 0/1 Ip ospf message-digest key 1 md5 123123 |
|
虚链路认证: |
Router ospf Area 1 virtual-link 1.1.1.1 authentication authencation-key 123123 |
Router ospf 1 Area 1 virtual-link 1.1.1.1 authencation message-digest Area 1 virtual-link 1.1.1.1 message-digest-key 1 md5 cisco |
认证类型相同的时候,密文比明文优先高
区域认证和接口认证同时启用谁优先?
区域0采用了认证,虚链路要与区域0同步验证