OSPF comprehensive experiment
1. The experiment
1) understand and grasp the characteristics of the OSPF stub area configuration and
2) to understand and master OSPF totally stub area and the characteristics of configuration
3) to understand and grasp the characteristics and configuration of OSPF NSSA region
4) understand and master OSPF totally NSSA region the characteristics and configuration
5) to grasp the role of passive interface
6) to grasp the effect of OSPF LSA7
7) between the master authentication OSPF neighbors
2. experimental topology 
3. experiment demand
1) reference topology, each router basic configuration, in addition to the address shown identification, the address of the device between their own planning.
2) the basic configuration of each routing protocol OSPF weight distribution and bidirectional RIPv2 in R2, bidirectional EIGRP and OSPF weight distribution on R6, and then complete the required configuration, up to the entire network, and OSPF area manually specify each router on each router in the router ID for the RID.
3) On R1, using appropriate manner to set the respective interfaces passive-interface.
4) using the link between R1 and R2 link plain text authentication password is "cisco", and authentication information using wireshark capture was observed.
5) using the link between R1 and R3 link MD5 authentication password is "yucedu", and authentication information using wireshark capture was observed.
6) using the MD5 authentication between the regions on the area 4567, the custom code.
7) in plain text authentication between the regions in the backbone area, custom password.
8) carefully observe the regional router's routing table, each OSPF router LSDB observation information database, focusing on observation of what type of information is present in each LSA OSPF routers.
9) The area 123 set as a stub area, then the observed changes in the OSPF database routing entries R1 and R1, R1 and communicates with other test areas.
10) The area 123 is set to totally stub area, OSPF database changes observed on R1 and re-routing entries, and to communicate with other test R1 region.
11) The area 4567 is set to NSSA area, observe changes in each route entry again to complete the necessary configuration, up to the entire network.
12) The area 4567 is set to Totally NSSA area, again observe the changes of routing entries, complete the required configuration, up to the entire network.
3. Experimental Procedure
Step a:
Build a topology experiment, as shown in FIG accompanied IP address, and completes the OSPF, RIP, EIGRP the basic configuration.
Because no re-distribution, and R8 is not directly connected to the backbone area, resulting in R8, R9, R10 routes are not, so the R4 and R7, R5 and R7 are carried out to establish the tunnel.
And re-distributed on R2 and R6.
Tunnel establishment:
IOU4(config)#int tunnel 0
IOU4(config-if)#tunnel source 192.168.47.4
IOU4(config-if)#tunnel destination 192.168.47.7
IOU4(config-if)#ip address 47.47.47.4 255.255.255.0
IOU4(config-if)#ip ospf 1 area 0
IOU7(config)#int tunnel 0
IOU7(config-if)#tunnel source 192.168.47.7
IOU7(config-if)#tunnel destination 192.168.47.4
IOU7(config-if)#ip address 47.47.47.7 255.255.255.0
IOU7(config-if)#ip ospf 1 area 0Redistribution:
IOU2(config)#router rip
IOU2(config-router)#redistribute ospf 1 metric 1
IOU2(config)#router ospf 1
IOU2(config-router)#redistribute rip subnets
IOU6(config)#router ospf 1
IOU6(config-router)#redistribute eigrp 90 subnets
IOU6(config-router)#exit
IOU6(config)#router eigrp 90
IOU6(config-router)#redistribute ospf 1 metric 1 1 1 1 1In the opening set on R1 loopback passive interfaces:
IOU1(config)#router ospf 1
IOU1(config-router)#passive-interface default
IOU1(config-router)#no passive-interface s2/0
IOU1(config-router)#no passive-interface s2/1步骤二:
在R1和R2的链路上采用明文认证
IOU1(config)#int s2/0
IOU1(config-if)#ip ospf authentication
IOU1(config-if)#ip ospf authentication-key cisco
IOU2(config)#int s2/0
IOU2(config-if)#ip ospf authentication
IOU2(config-if)#ip ospf authentication-key cisco在R1和R3的链路上采用MD认5证
IOU1(config)#int s2/1
IOU1(config-if)#ip ospf authentication message-digest
IOU1(config-if)#ip ospf message-digest-key 1 md5 yucedu
IOU3(config)#int s2/0
IOU3(config-if)#ip ospf authentication message-digest
IOU3(config-if)#ip ospf message-digest-key 1 md5 yucedu
基于进程下的明文认证:
IOU3(config-if)#router os 1
IOU3(config-router)#area 1 authentication
IOU3(config-router)#int s2/0
IOU3(config-if)#ip ospf authentication-key yucedu基于进程下的MD5认证:
IOU2(config-if)# router os 1
IOU2(config-router)#area 1 authentication message-digest
IOU2(config-router)#int e0/0
IOU2(config-if)#ip ospf message-digest-key 2 md5 cisco后面基于进程的就直接套用,本段的命令。
步骤三:
在设置stub区域之前先将R1的路由表截取下来,等下用来作对比。
①将区域123设置为stub区域后:
O E2的路由消失了,变成一条默认路由,并且全网能够通信。
stub区域:可以过滤4类、5类的路由,并且ABR会自动向内部下放一条默认路由。
IOU2(config-router)#area 1 stub--将该区域设置成末节区域,同区域内的所有路由器都要配置
②将区域123设置为totally stub区域后:
O E2和O IA的路由都被过滤掉了
totally stub区域:在stub的基础上,继续过滤3类的路由信息,并且ABR会自动向内部下发默认路由。
IOU2(config-router)#area 1 stub no-summary --只需要在ABR上配置
以下路由信息都为R6上的
③将区域4567设置为nssa区域
nssa区域:可以过滤4类、5类的路由,并且ABR不会自动向内部下发一条默认路由,但是可以手动下发。
IOU2(config-router)#area 1 nssa 将该区域配置成nssa区域,同一个区域内的所有路由器都需要配置
IOU2(config-router)#area 1 nssa default-information-originate --手动下放默认路由,只需要在ABR上配置。
④将区域4567设置为totally nssa区域
Totally nssa area: 3 continued to filter routing information based on the basis of nssa, and automatically delivers hop ABR default route to the interior.
IOU2 (config-router) #area 1 nssa no-summary-- only on the ABR
