OSPF虚链路配置及认证

时间:2024-03-27 15:56:37

写在前面:虚链路被视为是骨干区域area0的一个延伸,因此如果在路由器上开启了area0的区域认证,那么要注意虚链路也要参与认证。
1.网络拓扑图
链接:https://pan.baidu.com/s/1SA7nmvomJziYq5x8U18gtA
提取码:8888
eNSP
链接:https://pan.baidu.com/s/1wP0vHim4yqVV0bc0wmzhFw
提取码:8888
OSPF虚链路配置及认证
2.网络需求
a.R1、R2、R3及R4运行OSPF;
b. 由于Area2未与Area0直连,因此网络中OSPF路由计算将会出现问题。需要在R2-R3之间建立虚链路Virtual Link。

3.配置
要在R2、R3上建立一条跨越area1的虚链路:
R2的配置增加如下:
[R2] ospf 1
[R2-ospf-1] area 1
[R2-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3

R3的配置增加如下:
数通实验手册(基础篇)
第114页, 共229页
[R3] ospf 1
[R3-ospf-1] area 1
[R3-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2

在R1上开启area0区域认证:
[R1] ospf 1
[R1-ospf-1 ] area 0
[R1-ospf-1-area-0.0.0.0] authentication-mode md5 1 cipher ht123123
在R2上开启area0区域认证:
[R2] ospf 1
[R2-ospf-1 ] area 0
[R2-ospf-1-area-0.0.0.0] authentication-mode md5 1 cipher ht123123
R3作为虚链路的端点,R3也要开启area0区域认证,否则虚链路无法正常建立:
[R3] ospf 1
[R3-ospf-1 ] area 0
[R3-ospf-1-area-0.0.0.0] authentication-mode md5 1 cipher ht123123

3.1、R1的配置
display current-configuration

sysname R1

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http

firewall zone Local
priority 16

interface Ethernet0/0/0

interface Ethernet0/0/1

interface Serial0/0/0
link-protocol ppp

interface Serial0/0/1
link-protocol ppp

interface Serial0/0/2
link-protocol ppp

interface Serial0/0/3
link-protocol ppp

interface GigabitEthernet0/0/0
ip address 192.168.12.1 255.255.255.0

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface GigabitEthernet0/0/3

wlan

interface NULL0

ospf 1 router-id 1.1.1.1
area 0.0.0.0
authentication-mode md5 1 cipher U:C[IWj}813IF$’:[285qP1#
network 192.168.12.0 0.0.0.255

user-interface con 0
user-interface vty 0 4
user-interface vty 16 20

return

3.2、R2的配置
display current-configuration

sysname R2

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http

firewall zone Local
priority 16

interface Ethernet0/0/0

interface Ethernet0/0/1

interface Serial0/0/0
link-protocol ppp

interface Serial0/0/1
link-protocol ppp

interface Serial0/0/2
link-protocol ppp

interface Serial0/0/3
link-protocol ppp

interface GigabitEthernet0/0/0
ip address 192.168.12.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.23.2 255.255.255.0

interface GigabitEthernet0/0/2

interface GigabitEthernet0/0/3

wlan

interface NULL0

ospf 1 router-id 2.2.2.2
area 0.0.0.0
authentication-mode md5 1 cipher nk(5Cj>9x)pe}@[email protected]#
network 192.168.12.0 0.0.0.255
area 0.0.0.1
network 192.168.23.0 0.0.0.255
vlink-peer 3.3.3.3

user-interface con 0
user-interface vty 0 4
user-interface vty 16 20

return
3.3、R3的配置
display current-configuration

sysname R3

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http

firewall zone Local
priority 16

interface Ethernet0/0/0

interface Ethernet0/0/1

interface Serial0/0/0
link-protocol ppp

interface Serial0/0/1
link-protocol ppp

interface Serial0/0/2
link-protocol ppp

interface Serial0/0/3
link-protocol ppp

interface GigabitEthernet0/0/0
ip address 192.168.23.3 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.34.3 255.255.255.0

interface GigabitEthernet0/0/2

interface GigabitEthernet0/0/3

wlan

interface NULL0

ospf 1 router-id 3.3.3.3
area 0.0.0.0
authentication-mode md5 1 cipher J$^o,&&r"1pe}@[email protected]"QQ#
area 0.0.0.1
network 192.168.23.0 0.0.0.255
vlink-peer 2.2.2.2
area 0.0.0.2
network 192.168.34.0 0.0.0.255

user-interface con 0
user-interface vty 0 4
user-interface vty 16 20

return
3.4、R4的配置
display current-configuration

sysname R4

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http

firewall zone Local
priority 16

interface Ethernet0/0/0

interface Ethernet0/0/1

interface Serial0/0/0
link-protocol ppp

interface Serial0/0/1
link-protocol ppp

interface Serial0/0/2
link-protocol ppp

interface Serial0/0/3
link-protocol ppp

interface GigabitEthernet0/0/0
ip address 192.168.34.4 255.255.255.0

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface GigabitEthernet0/0/3

wlan

interface NULL0

ospf 1 router-id 4.4.4.4
area 0.0.0.2
network 192.168.34.0 0.0.0.255

user-interface con 0
user-interface vty 0 4
user-interface vty 16 20

return

4.查看邻居建立情况
OSPF虚链路配置及认证
R2与R3之间的虚链路已经建立起来了,状态为Full。