1. OSPF irregular areas
1. Non-backbone who are far away from the backbone
2. Discontinuous backbone
Solution purpose: reachable across the entire network
Solution
method one
Tunnel : Use tunnel between legal and illegal ABroad to establish a new network segment (or an independent network cable) and then declare the network segment to the OSPF protocol;
shortcoming
(1) Poor route selection;
(2) Period and trigger information affect the middle area
Method Two
OSPF virtual link : A legal ABR establishes a virtual link with an ABR in an illegal area in the same area; for an illegal virtual link, the sending ABR can share inter-area routes after it obtains authorization from the legal ABR.
[r1-ospf-1]area 1 The area where two ABRs coexist[r1-ospf-1-area-0.0.0.1]vlink-peer 4.4.4.4 RID of the peer ABRBoth routers need to be configured[r2]display ospf vlink View virtual link[r2]display ospf peer—View neighbor table[r2]display ospf peer brief—View neighbor tables
advantage
Since no new network segment links appear, there will be no poor route selection like tunnels.
shortcoming
Periodic and triggered information affects the area shuttled in between.
CISCO system: Cancel periodic updates and periodic keepalives on virtual links
Huawei system: retains period information and affects the intermediate area
Method three
Multi-process bidirectional redistribution
multi-Progress
Multiple OSPF processes in Yunxiao on a router can establish their own neighbors respectively. Each process has an independent database and does not share information. It just loads the routers calculated by each into the same routing table; similar to that on the same router. Allows the effect of multiple routing dynamic protocols; a single interface on the router can only work in one process
Republish
If multiple routing protocols are running at the same time on the same network, the default protocols are incompatible and cannot share routes. You can configure ASBR between the two protocols. ASBR (autonomous system edge router, protocol border router) must use different interfaces to work. In different protocols, the routes between edges are obtained through two protocols. By default, these routes are not shared. The re-distribution technology can realize the sharing, and ultimately the entire network is reachable;
Therefore, in irregular areas, the multi-process weighted publishing mechanism can be used to achieve reachability of the entire network, and there will be no related routing problems and problems related to periodic information in intermediate areas;
Multi-process bidirectional redistribution of configuration commands
[r4]ospf 1
[r4-ospf-1]import-route ospf 2
[r4-ospf-1]q
[r4]ospf 2
[r4-ospf-2]import-route ospf 1
Note: The OSPF reason learned through redistribution shows that the protocol is O_ASE and the priority is 150;
2. OSPF database table
View OSPF database directory
<r1>display ospf lsdb
All learnable LSAs are loaded in LSDB;
LSA:
Link status advertisement, a topology or a routing entry is called an LSA
The database of the OSPF protocol is a collection of all local LSAs. Different types of LSAs will be generated in different network environments;
LSA is delivered based on LSU packets when sharing;
<r1>display ospf lsdb router 2.2.2.2
Category link-id
Basic information carried by all types of LSA
| Type : Router | Category name, here is Category 1 |
| Ls id : 2.2.2.2 | Page numbers in the table of contents |
| Adv rtr : 2.2.2.2 | Adv rtr : 2.2.2.2 |
| Ls age : 1532 | Aging time, unit second; period 1800 returns to 0, resets to 0 when triggered; maximum aging 3609; |
| Len : 48 | length |
| seq# : 80000026 | serial number |
| chksum : 0x568e | Check code |
| name | Spread scope | Link-id | Notifier | carry content | |
| LSA1 | Router | single area | Notifier RID | Each OSFP router in the area | local direct topology |
| LSA2 | Network | single area | IP address of DR interface | The DR device of this network segment | Topology of a single MA network segment |
| LSA3 | summary | The entire OSPF domain | Destination network number for inter-domain routing | ABR, when passed into the new area through the next ABR, is modified to the new ABR | Inter-domain routing entries |
| LAS4 | asbr | The entire ospf domain except the area where the ASBR is located; the area where the ASBR is located informs the ASBR location through Class 1 | RID of ASBR | ABR is a router in the same area as ASBR. This router is also connected to the backbone area and is an ABR. | ASBR position check |
| LAS5 | ase | Entire OSPF domain (priority 150) | Destination network number for out-of-domain routing | ASBR | Out-of-domain routing entries |
3. OSPF LSA optimization
Purpose: Reduce the amount of LSA updates
3.1. Summary: Optimize backbone areas
3.1.1. Inter-area summary: The ABR device calculates the best route based on type 1/2 LSA in a certain area and performs summary transmission when sharing it with other areas.
[r2]ospf 1
[r2-ospf-1]area 1 is the area where the detailed routing is located. The ABR device must be in the same area as the detailed routing.
[r2-ospf-1-area-0.0.0.1]abr-summary 1.1.0.0 255.255.252.0
3.1.2. Out-of-domain summary: ASBR redistributes routes into the OSPF domain for summary configuration
[r6]ospf 1
[r6-ospf-1]import-route rip redistributes RIP routes into the OSPF domain
After ASBR redistributes routes, perform summary configuration at the same time
[r6]ospf 1
[r6-ospf-1]asbr-summary 99.1.0.0 255.255.252.0
3.2. Special areas: Optimize the number of LSAs in non-backbone areas
It is not a backbone area and cannot have virtual links.
3.2.1. ASBR cannot exist
3.2.1.1. End area
This area denies the entry of LSAs 4 and 5. At the same time, the ABR connected to the backbone area 0 in this area publishes a type 3 default route to this area.
[r1]ospf 1
[r1-ospf-1]area1
[r1-ospf-1-area-0.0.0.1]stub
Each router in this area needs to be configured, otherwise neighbor relationships cannot be established normally.
3.2.1.2. Complete terminal
On the basis of the early stub area, further reject Type 3 LSAs, and only retain the Type 3 default that the ABR sends overloaded; first configure the area as a stub area, and then only define a complete stub on the ABR.
[r2]ospf 1
[r2-ospf-1]area1
[r2-ospf-1-area-0.0.0.1]stub no-summary
3.2.2. ASBR exists
3.2.2.1. NSSA non-complete stub area
This area rejects Category 4 and 5 LSAs. The routes generated by the local ASBR are transmitted based on Category 7. When a Category 7 LSA needs to enter the backbone area through the ABR in the NSSA area, the ABR will perform 7-to-5 conversion and send it to the backbone area in Category 5. , the ABR converted from 7 to 5 becomes an ASBR at the same time
Huawei equipment automatically generates Category 7 default routes through the backbone ASBR connected to the area.
[r4]ospf
[r4-ospf-1]area2
r4-ospf-1-area-0.0.0.2]nssa Each device in this area needs to be configured
3.2.2.2. Complete NSSA
On the basis of NSSA, type 3 LSAs are further rejected, and the ABR connected to the area publishes a type 3 default. First configure the area as NSSA, and then only when the ABR is fully defined
r4-ospf-1-area-0.0.0.2]nssa no-summary
Type 7 LSA:
| name | Spread scope | carry content | Link-id | Notifier | |
| LSA7 | NSSA | Single NSSA area | Out-of-domain routing | Out-of-domain routing destination network number | ASBR |
When entering the backbone area from this NSSA area, it will be converted to Category 5
4. OSPF expansion configuration
4.1. OSPF authentication
Between direct neighbors or inter-neighbor relationships, after authentication is configured, the five types of data packets all carry passwords for identity verification, and Huawei equipment encrypts the update information, and selects ciphertext authentication for the authentication method in advance.
4.1.1 Interface authentication
[r1-GigabitEthernet0/0/0]ospf authentication-mode md5 1 cipher 123456
The secret keys and numbers between directly connected neighbors must be consistent, otherwise the neighbor relationship cannot be established.
4.1.2. Regional certification
Assume that area authentication for area 0 is enabled in R!. In fact, interface authentication is configured on all interfaces on R1 that are advertised to area 0.
[r4]ospf 1
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]authentication-mode md5 1 cilpher 123456It can be understood that interface certification has been completed in batches.
4.1.3. Virtual link authentication
[r5-ospf-1-area-0.0.0.2]vlink-peer 4.4.4.4 md5 1 cipher 123456
Configure on both ends of the virtual link
2. Speed up convergence
The Hello time of ospf is 10s or 30s, and the dead time is 4 times the Hello time. The time must be consistent between neighbors, otherwise the neighbor relationship cannot be established. If the Hello time is 10s, it is not recommended to modify it. If it is 30s, it can be combined with the actual hardware of the network. processing power, appropriately modify the timer to speed up the convergence speed
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ospf timer hello 10
Note: Modify the Hello time of the local end, and the dead time of the local end will automatically match the relationship 4 times. The other end needs to be manually modified to be consistent, otherwise the neighbor relationship cannot be established.
[r2-GigabitEthernet0/0/0]ospf timer dead 40
Note: Modify the local end’s dead time, and the local end’s Hello time will not change.
Waiting time: Waiting timer --- time is equal to the death timer. If the death timer time is modified, the timer time will also be modified. The election time of DR and BDR,
Poll: Polling time: 120s—the periodic time for Hello packets to occur with neighbors whose status is Down. In an NBMA environment, if one party designates the other party as a neighbor, the neighbor's state will be set to the Attempt state. However, if the pair is placed in a waiting time
Specifying the local end will put the neighbor relationship into down state, and then slow down the frequency of sending hello packets.
[r1-GigabitEthernet0/0/0]ospf timer poll ?
INTEGER<1-3600> Second(s)
Retransmit: Retransmission time --- 5S --- When a data packet is sent and no confirmation from the peer is received within 5S, it will be retransmitted.
[r1-GigabitEthernet0/0/0]ospf timer retransmit ?
INTEGER<1-3600> Second(s)
Transmit Delay: Transmission delay---1s---LSA aging time cannot be determined according to the transmission process.
3. Silent interface
Only accepts and does not send routing protocol information. It is used for routers to connect to neighbors or adjacent backbone links. It must not be used to connect to end-user interfaces.
[r1]ospf 1
[r1-ospf-1]silent-interface GigabitEthernet 0/0/2
4. Default route
4.1, Class 3 default
You can only automatically publish the ABR connecting the special area to the backbone area after configuring the special area (stub area, complete stub area, complete NSSA area). Ordinary NSSA does not generate type 3 defaults.
Category 4.2 and 5 default
[r3-ospf-1]default-route-advertise
redistributes default routes (most commonly static routes) generated by other protocols in the routing table on the border router to the local OSPF protocol;Therefore, if the routing table of the border router does not have a default route, configuring this command will not be able to advertise the default route to other neighbors.
[r3-ospf-1]default-route-advertise always---Force the local resend the default route to all neighbors, even if there is no default route in the local routing table, it will be advertised
4.3, Category 7 default
When configuring NASS in a special area, the ABR connecting the backbone of the NSSA area will publish the default route.
[r4-ospf-1-area-0.0.0.2]nssa default-route-advertise
The default route obtained by other protocols within the NSSA area is, and the NSSA area can be redistributed.
Remember: Since special districts will generate default routes pointing to the backbone area, you must pay attention to the location of the SP in the network, otherwise a loop may occur due to the default mutual reference---any district where the ISP is connected to the backbone, then this district The city will not be configured as a special district city:
5. Route filtering
[r2-ospf-1-area-0.0.0.1]abr-summary 192.168.0.0 255.255.252.0 not-advertise
Filtering for Type 3 LSAs---Routes can also be filtered through this method
Note: Category 5 and 7 LSAs can also be filtered in a similar way
6. Routing control
priority
[r3-ospf-1]preference 20
[r3-ospf-1]preference ase 50
Overhead value
COST=reference bandwidth/real bandwidth
Reference bandwidth
[r3-ospf-1]bandwidth-reference ?
INTEGER<1-2147483648> The reference bandwidth(Mbits/s)
real bandwidth
[r2-GigabitEthernet0/0/1]undo negotiation auto --- Turn off automatic negotiation
[r2-GigabitEthernet0/0/1]speed 10 ---Modify the transmission rate of the door---restart to take effect
COST
[r2-GigabitEthernet0/0/1]ospf cost 20
control plane traffic
Data plane traffic