NA West Fifth difficult: OSPF Basic Configuration

OSPF

OSPF (Open Shortest Path First, Open Shortest Path First) is based on the link state interior gateway protocol. OSPF has fast convergence, loop-free routes, and good expansion. Link state algorithm routing protocol is the link state advertisement information to each other, each router own link state information (including the IP address and subnet mask of the network type, the cost of the link, etc.) to other router and network flooding, when each router to collect all the link state information within the network, you can have the topology of the entire network, then the entire network topology based on the case runs the SPF algorithm, draw the shortest of all segments path.

OSPF single area

Basic Configuration

R1

interface Ethernet0/0/0
 ip address 10.0.10.254 255.255.255.0
interface GigabitEthernet0/0/0
 ip address 10.1.1.1 255.255.255.252
interface GigabitEthernet0/0/2
 ip address 10.1.1.5 255.255.255.252

R2

interface Ethernet0/0/0
 ip address 10.0.20.254 255.255.255.0
interface GigabitEthernet0/0/0
 ip address 10.1.1.2 255.255.255.252
interface GigabitEthernet0/0/1
 ip address 10.1.1.9 255.255.255.252

R3

interface Ethernet0/0/0
 ip address 10.0.30.254 255.255.255.0
interface GigabitEthernet0/0/1
 ip address 10.1.1.10 255.255.255.252
interface GigabitEthernet0/0/2
 ip address 10.1.1.6 255.255.255.252

Configure single area OSPF

Declare their directly connected network segments on three area 0 routers, declaring the need to write the inverted mask

[r1]ospf 1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 10.0.10.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.3
[r1-ospf-1-area-0.0.0.0]network 10.1.1.4 0.0.0.3

[r2]ospf
[r2-ospf-1]ar 0
[r2-ospf-1-area-0.0.0.0]network 10.0.20.0 0.0.0.255
[r2-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.3
[r2-ospf-1-area-0.0.0.0]network 10.1.1.8 0.0.0.3

[r3]ospf 
[r3-ospf-1]ar 0
[r3-ospf-1-area-0.0.0.0]network 10.0.30.0 0.0.0.255
[r3-ospf-1-area-0.0.0.0]network 10.1.1.4 0.0.0.3
[r3-ospf-1-area-0.0.0.0]network 10.1.1.8 0.0.0.3

Check the OSPF interface advertised

[r1]display ospf interface 

OSPF Process 1 with Router ID 10.0.10.254
Interfaces 

 Area: 0.0.0.0          (MPLS TE not enabled)
 IP Address      Type         State    Cost    Pri   DR              BDR 
 10.0.10.254     Broadcast    DR       1       1     10.0.10.254     0.0.0.0
 10.1.1.1        Broadcast    DR       1       1     10.1.1.1        10.1.1.2
 10.1.1.5        Broadcast    DR       1       1     10.1.1.5        10.1.1.6

Check the OSPF neighbor

[r1]display ospf peer 

OSPF Process 1 with Router ID 10.0.10.254
Neighbors 

 Area 0.0.0.0 interface 10.1.1.1(GigabitEthernet0/0/0)'s neighbors
 Router ID: 10.0.20.254      Address: 10.1.1.2        
   State: Full  Mode:Nbr is  Master  Priority: 1
   DR: 10.1.1.1  BDR: 10.1.1.2  MTU: 0    
   Dead timer due in 35  sec 
   Retrans timer interval: 5 
   Neighbor is up for 00:05:08     
   Authentication Sequence: [ 0 ] 

Neighbors 

 Area 0.0.0.0 interface 10.1.1.5(GigabitEthernet0/0/2)'s neighbors
 Router ID: 10.0.30.254      Address: 10.1.1.6        
   State: Full  Mode:Nbr is  Master  Priority: 1
   DR: 10.1.1.5  BDR: 10.1.1.6  MTU: 0    
   Dead timer due in 38  sec 
   Retrans timer interval: 5 
   Neighbor is up for 00:02:45     
   Authentication Sequence: [ 0 ] 

View ospf routing table

[r1]dis ip routing-table protocol ospf 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
         Destinations : 3        Routes : 4        

OSPF routing table status : <Active>
         Destinations : 3        Routes : 4

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

      10.0.20.0/24  OSPF    10   2           D   10.1.1.2        GigabitEthernet
0/0/0
      10.0.30.0/24  OSPF    10   2           D   10.1.1.6        GigabitEthernet
0/0/2
       10.1.1.8/30  OSPF    10   2           D   10.1.1.2        GigabitEthernet
0/0/0
                    OSPF    10   2           D   10.1.1.6        GigabitEthernet
0/0/2

OSPF routing table status : <Inactive>
         Destinations : 0        Routes : 0

Multi-area OSPF

OSPF protocol may be the entire autonomous system into different areas (Area). Link state information is only transmitted between the inner region of the flooding, the area rather than just routing entry link status information; Area 0 is the backbone area backbone area is responsible for publishing the routing information between regions between non-backbone area. Backbone and only one region, and the non-backbone areas must be connected to the backbone area, and a non-routing information can not directly interact in a region between the backbone OSPF area.

Al-backbone of the As-backbone area border router

Multi-zone configuration

Al-backbone

vlan batch 901 to 902
interface Vlanif901
 description to_al-core1
 ip address 10.1.1.2 255.255.255.252
interface Vlanif902
 description to_as-backbone
 ip address 10.0.1.2 255.255.255.252
interface GigabitEthernet0/0/1
 description to_al-core1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/2
 description to_as-backbone
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
ospf 1
 area 0.0.0.0
  network 10.0.1.0 0.0.0.3 description to_as-backbone
 area 0.0.0.1
  network 10.1.1.0 0.0.0.3 description to_al-core1

As-backbone

vlan batch 902 to 903
interface Vlanif902
 description to_al-backbone
 ip address 10.0.1.1 255.255.255.252
interface Vlanif903
 description to_as-core1
 ip address 10.2.1.1 255.255.255.252
interface GigabitEthernet0/0/1
 description to_as-core1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/2
 description to_al-backbone
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
ospf 1
 area 0.0.0.0
  network 10.0.1.0 0.0.0.3 description to_al-backbone
 area 0.0.0.2
  network 10.2.1.0 0.0.0.3 description to_as-core1

El-core1

vlan batch 4 901
interface Vlanif4
 description to_pc1
 ip address 10.1.4.254 255.255.255.0
interface Vlanif901
 description to_al-backbone
 ip address 10.1.1.1 255.255.255.252
interface GigabitEthernet0/0/1
 description to_al-backbone
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/2
 description to_pc1
 port link-type access
 port default vlan 4
ospf 1
 area 0.0.0.1
  network 10.1.1.0 0.0.0.3 description to_al-backbone
  network 10.1.4.0 0.0.0.255 description to_pc1

As-core1

vlan batch 4 903
interface Vlanif4
 description to_pc2
 ip address 10.2.4.254 255.255.255.0
interface Vlanif903
 description to_as-backbone
 ip address 10.2.1.2 255.255.255.252
interface GigabitEthernet0/0/1
 description to_as-backbone
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/2
 description to_pc2
 port link-type access
 port default vlan 4
ospf 1
 area 0.0.0.2
  network 10.2.1.0 0.0.0.3 description to_as-backbone
  network 10.2.4.0 0.0.0.255 description to_pc1

View the routing information

<al-backbone>dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 9        Routes : 9        

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

       10.0.1.0/30  Direct  0    0           D   10.0.1.2        Vlanif902
       10.0.1.2/32  Direct  0    0           D   127.0.0.1       Vlanif902
       10.1.1.0/30  Direct  0    0           D   10.1.1.2        Vlanif901
       10.1.1.2/32  Direct  0    0           D   127.0.0.1       Vlanif901
       10.1.4.0/24  OSPF    10   2           D   10.1.1.1        Vlanif901
       10.2.1.0/30  OSPF    10   2           D   10.0.1.1        Vlanif902
       10.2.4.0/24  OSPF    10   3           D   10.0.1.1        Vlanif902
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0

OSPF authentication

OSPF packet authentication, to accept authenticated messages to

Authentication modes for OSPF

1. 区域认证：区域内所有路由器（三层交换机）的认证模式和口令必须一致
2. 链路认证：针对某个邻居设置单独的认证模式和密码。同时配置了两种，则链路认证优先

Three authentication modes for each authentication method

1. 简单验证模式：明文传输
2. MD5验证模式：md5加密传输
3. Key chain验证模式：同时配置多个密钥，不同密钥单独设置生效周期

OSPF area plaintext authentication (experimental environment with multi-zone configuration)

Al-backbone区域1配置
[al-backbone-ospf-1-area-0.0.0.1]authentication-mode simple plain 111111
Al-core1区域1配置
[al-core1-ospf-1-area-0.0.0.1]authentication-mode simple plain 111111

OSPF area 2 secret text authentication (experimental environment with multi-zone configuration)

As-backbone区域2配置
[as-backbone-ospf-1-area-0.0.0.2]authentication-mode simple cipher 111111
As-core1区域2配置
[as-backbone-ospf-1-area-0.0.0.2]authentication-mode simple cipher 111111

Change the OSPF area 1 to md5 (experimental environment with multi-zone configuration)

Al-backbone区域1配置
[al-backbone-ospf-1-area-0.0.0.1]undo authentication-mode 
[al-backbone-ospf-1-area-0.0.0.1]authentication-mode md5 1 huawei

1 identifier, the password is configured huawei

Al-core1区域1配置
[al-core1-ospf-1-area-0.0.0.1]undo authentication-mode 
[al-core1-ospf-1-area-0.0.0.1]authentication-mode md5 1 huawei

Configuring OSPF link authentication

[Huawei]interface GigabitEthernet0/0/1
三层交换机需先清除以太网接口二层配置并开启三层功能
[Huawei-GigabitEthernet0/0/1]undo portswitch
[Huawei-GigabitEthernet0/0/1]ospf authentication-mode md5 1 huawei

OSPF passive interfaces

Passive interface is also known to suppress the interface, after becoming passive interfaces will not be receiving and sending OSPF packets. General configuration interface is a passive interface to pc

Passive Interface Configuration (experimental environment with multi-zone configuration)

[al-core1-ospf-1]silent-interface GigabitEthernet 0/0/2

OSPF Router-ID

OSPF使用Router-ID作为路由器的身份标识，如果在启动ospf时没有指定Router-ID，则OSPF无法正常启动。例如，路由器（三层交换机）上未配置任何ip地址。

Router-ID选举规则

Router-ID命令配置 --> 最大的loopback接口ip地址 --> 最大的其他接口ip地址（不考虑up/down情况）
只有配选为Router-ID的接口ip地址被删除/修改，才触发重新选择过程。Router-ID改变之后，需手动reset ospf协议。

手动配置Router-ID

[al-backbone]router id 1.1.1.1
<al-backbone>reset ospf process 

查看Router-ID

<al-backbone>dis router id
RouterID:1.1.1.1

OSPF的DR与BDR

DR（指定路由器）：所有的路由器都只将各自的链路状态信息发送给DR，再由DR以组播方式发送至所有路由器。
BDR（备份指定路由器）：当DR由于故障失效时，BDR成为DR，并在选择新的BDR路由器。
DR Other（其他路由器）：非DR与BDR的路由器

DR选举规则

比较优先级，优先级高的为DR，次高的为BDR
比较Router-ID，数值高的为DR，次高的为BDR

Notes：DR选举针对接口，DR选举是非抢占的。

手动配置接口ospf优先级

三层交换机需先清除以太网接口二层配置并开启三层功能

[Huawei-GigabitEthernet0/0/1]undo portswitch
[Huawei-GigabitEthernet0/0/1]ospf dr-priority 10

后续处理

改变优先级后，可以利用下面两种方法重新进行DR/BDR的选择，但是这会导致路由器（三层交换机）之间的OSPF邻接关系中断，一般情况下不推荐使用

1. 重启所有路由器（三层交换机）
2. 在建立了OSPF邻居的接口上执行shutdown/undo shutdown命令

OSPF协议优先级修改

当路由器或交换机上同时存在多种路由协议的时候，系统为每一种路由协议设置了不同的默认优先级，当在不同协议中发现同一条路由时，协议优先级高的将被优选。

修改OSPF协议优先级

[al-backbone]ospf
[al-backbone-ospf-1]preference 200

OSPF开销值修改

If the cost of the interface is not configured ospf, ospf cost of which will be automatically calculated based on the bandwidth of the interface. The formula is: The cost = bandwidth reference value / interface bandwidth, taking the integer part of the calculation result as interface cost, cost of the interface may be indirectly changed by changing the bandwidth reference value.

Directly modify the interface cost

Three switches must first remove the Ethernet interface to configure and turn on the second floor three functions

[Huawei-GigabitEthernet0/0/1]undo portswitch
[Huawei-GigabitEthernet0/0/1]ospf cost 1000

Indirect modifying the bandwidth reference value

[al-backbone]ospf
[al-backbone-ospf-1]bandwidth-reference 10000

OSPF timers modification

OSPF, network type is a broadcast network, with a default hello timer is 10 seconds, the timer is 40 seconds Dead

Modify timer

Three switches must first remove the Ethernet interface to configure and turn on the second floor three functions

[Huawei-GigabitEthernet0/0/1]undo portswitch
[Huawei-GigabitEthernet0/0/1]ospf timer hello 20
[Huawei-GigabitEthernet0/0/1]ospf timer dead 80