如何配置华为OSPF多区域认证(2)
如何配置华为OSPF多区域认证
使用displayospf lsdb命令查看R1的链路状态数据库。
[R1]dis ospf lsdb
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.2.2 10.0.2.2 632 60 80000004 48
Router 10.0.1.1 10.0.1.1 651 48 80000004 48
Sum-Net 10.0.13.0 10.0.1.1 934 28 80000002 1
Sum-Net 10.0.3.3 10.0.1.1 374 28 80000002 1
Sum-Net 10.0.1.1 10.0.1.1 910 28 80000002 0
Sum-Asbr 10.0.3.3 10.0.1.1 1196 28 80000001 1
Area: 0.0.0.1
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 10.0.3.3 10.0.3.3 1197 48 80000005 1
Router 10.0.1.1 10.0.1.1 372 48 80000007 1
Network 10.0.13.1 10.0.1.1 372 32 80000003 0
Sum-Net 10.0.12.0 10.0.1.1 934 28 80000002 48
Sum-Net 10.0.2.2 10.0.1.1 631 28 80000002 48
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 10.0.3.0 10.0.3.3 1197 36 80000001 1
External 10.0.13.0 10.0.3.3 1197 36 80000001 1
External 172.64.0.0 10.0.3.3 1197 36 80000001 1
以上显示的是整个链路状态数据库的简要信息。突出显示的内容为LSA Type4和LSA Type5.
也可以使用如下命显示某个条目的具体信息,以下三条命令分别显示了LSA Type3、4、5三种类型的LSA数据结构。
[R1]displ ospf lsdb summary 10.0.3.3
OSPF Process 1 with Router ID 10.0.1.1
Area: 0.0.0.0
Link State Database
Type : Sum-Net
Ls id : 10.0.3.3
Adv rtr : 10.0.1.1
Ls age : 660
Len : 28
Options : E
seq# : 80000002
chksum : 0x4af4
Net mask : 255.255.255.255
Tos 0 metric: 1
Priority : Low
Area: 0.0.0.1
Link State Database
[R1]display ospf lsdb asbr
OSPF Process 1 with Router ID 10.0.1.1
Area: 0.0.0.0
Link State Database
Type : Sum-Asbr
Ls id : 10.0.3.3
Adv rtr : 10.0.1.1
Ls age : 1562
Len : 28
Options : E
seq# : 80000001
chksum : 0x3e01
Tos 0 metric: 1
Area: 0.0.0.1
Link State Database
OSPF Process 1 with Router ID 10.0.1.1
Link State Database
Type : External
Ls id : 172.64.0.0
Adv rtr : 10.0.3.3
Ls age : 283
Len : 36
Options : E
seq# : 80000001
chksum : 0xb51e
Net mask : 255.255.255.0
TOS 0 Metric: 1
E type : 2
Forwarding Address : 0.0.0.0
Tag : 1
Priority : Low
步骤五.OSPF认证配置及验证
将R1接口S1/0/0配置为OSPF接口认证模式、明文、密码“Huawei”。
[R1]interface s1/0/0
[R1-Serial1/0/0]ospf auth
[R1-Serial1/0/0]ospf authentication-mode simple plain huawei
[R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
[R1]
此时R1与R2的ospf认证方式不匹配,所以R1与R2无法建立邻居。
将R2接口S1/0/0配置为OSPF接口认证模式,明文,密码“Huawei”。
[R2]interface ser1/0/0
[R2-Serial1/0/0]ospf auth
[R2-Serial1/0/0]ospf authentication-mode simple plain huawei
在R1查看与R2的邻居状态。
[R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.2.2 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
[R1]
此时R1、与R2之间认证方式和密码均匹配,所以R1与R2重新建立了邻居关系。将R1的区域配置为OSPF区域认证模式,加密方式为MD5,密码问密文形式“Huawei”。
[R1]ospf 1
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher Huawei
在R1上查看与R3的邻居状态。
[R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.2.2 Full
----------------------------------------------------------------------------
[R1]
由于R1与R3之间OSPF认证方式不匹配,此时R1与R3无法建立邻居关系。
将R3上区域1配置为OSPF区域认证模式,加密方式为MD5,密码为密文形式“Huawei”。
[R3]ospf
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]authentication-mode md5 1 cipher huawei
在R1上查看与R3的邻居状态。
[R1]display ospf peer brief
OSPF Process 1 with Router ID 10.0.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 Serial1/0/0 10.0.2.2 Full
0.0.0.1 GigabitEthernet0/0/0 10.0.3.3 Full
----------------------------------------------------------------------------
此时R1与R3之间认证方式和密码均匹配,所以R1与R3重新建立了邻居关系。
配置华为OSPF多区域认证的相关文章: