碼上快樂

相關內容    簡體    繁體

實驗7 ISIS多區域配置

本文轉載自   查看原文   2019-07-07 21:50   426    SE實驗-大規模路由

實驗任務一:ISIS路由聚合和驗證配置

  1. 建立物理連接

  2. 配置IS多區域
    [RTA-isis-1]network-entity 10.0000.0000.0001.00//配置網絡實體
    [RTA-isis-1]is-level level-1//配置路由器類型
    [RTA-GigabitEthernet0/0]isis enable//使能接口
    [RTA-GigabitEthernet0/1]isis enable
    [RTA-GigabitEthernet0/1]isis circuit-level level-1//配置接口的鏈路鄰接關系類型。

[RTB-isis-1]network-entity 10.0000.0000.0002.00
[RTB-isis-1]is-level level-1
[RTB-GigabitEthernet0/2]isis enable
[RTB-GigabitEthernet0/2]isis circuit-level level-1

[RTC-isis-1]network-entity 10.0000.0000.0003.00
[RTC-isis-1]is-level level-1-2//默認也是level-1-2
[RTC-GigabitEthernet0/0]isis enable
[RTC-GigabitEthernet0/0]isis circuit-level level-2
[RTC-GigabitEthernet0/2]isis enable
[RTC-GigabitEthernet0/2]isis circuit-level level-1
[RTC-GigabitEthernet0/1]isis enable
[RTC-GigabitEthernet0/1]isis circuit-level level-1

[RTD-isis-1]network-entity 20.0000.0000.0004.00
[RTD-isis-1]is-level level-2//默認也是level-1-2
[RTD-GigabitEthernet0/1]isis enable
[RTD-GigabitEthernet0/0]isis enable
[RTD-GigabitEthernet0/0]isis circuit-level level-2

  1. isis路由表及LSDB查看
    [RTA]display isis route

                     Route information for IS-IS(1)
                 ------------------------------

                 Level-1 IPv4 Forwarding Table
                 -----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

0.0.0.0/0 10 NULL GE0/1 172.16.1.2 R/-/-
172.16.2.0/24 20 NULL GE0/1 172.16.1.2 R/-/-
172.16.1.0/24 10 NULL GE0/1 Direct D/L/-
172.16.0.0/24 10 NULL GE0/0 Direct D/L/-

  Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down bit set

[RTB]display isis route

                     Route information for IS-IS(1)
                     ------------------------------

                     Level-1 IPv4 Forwarding Table
                     -----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

0.0.0.0/0 10 NULL GE0/2 172.16.2.2 R/-/-
172.16.2.0/24 10 NULL GE0/2 Direct D/L/-
172.16.1.0/24 20 NULL GE0/2 172.16.2.2 R/-/-
172.16.0.0/24 30 NULL GE0/2 172.16.2.2 R/-/-

  Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down bit set

//level-1路由器有一條缺省路由指向level-2的路由器。

[RTC]display isis route

                     Route information for IS-IS(1)
                     ------------------------------

                     Level-1 IPv4 Forwarding Table
                     -----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

172.16.2.0/24 10 NULL GE0/2 Direct D/L/-
172.16.1.0/24 10 NULL GE0/1 Direct D/L/-
172.16.0.0/24 20 NULL GE0/1 172.16.1.1 R/L/-

  Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down bit set

                     Level-2 IPv4 Forwarding Table
                     -----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

172.16.2.0/24 10 NULL D/L/-
172.16.1.0/24 10 NULL D/L/-
192.168.2.0/24 20 NULL GE0/0 192.168.1.2 R/-/-
192.168.1.0/30 10 NULL GE0/0 Direct D/L/-

  Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down bit set

//level-2路由器的路由表存放着level-1的路由,level-1路由器的路由表存放着缺省路由指向level2路由器。
例如:
RTA------------------------------------------RTB-------------------------------------------------RTC
Level-1 level-1-2 level-2
-----------------level-1的明細路由發送--------->>>>
<<------缺省路由指向level-2路由器

display ip routing-table

Destinations : 18 Routes : 18

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 IS_L1 15 10 172.16.1.2 GE0/1
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 Direct 0 0 172.16.0.254 GE0/0
172.16.0.0/32 Direct 0 0 172.16.0.254 GE0/0
172.16.0.254/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.255/32 Direct 0 0 172.16.0.254 GE0/0
172.16.1.0/24 Direct 0 0 172.16.1.1 GE0/1
172.16.1.0/32 Direct 0 0 172.16.1.1 GE0/1
172.16.1.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.1.255/32 Direct 0 0 172.16.1.1 GE0/1
172.16.2.0/24 IS_L1 15 20 172.16.1.2 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

//每條鏈路的開銷值為10,ISIS缺省的路由開銷類型為narrow
修改開銷類型為wide,設置參考帶寬,使能自動計算鏈路度量值
[RTA-isis-1]cost-style wide
[RTA-isis-1]bandwidth-reference 1000
[RTA-isis-1]auto-cost enable

[RTA]display ip routing-table

Destinations : 18 Routes : 18

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 Direct 0 0 172.16.0.254 GE0/0
172.16.0.0/32 Direct 0 0 172.16.0.254 GE0/0
172.16.0.254/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.255/32 Direct 0 0 172.16.0.254 GE0/0
172.16.1.0/24 Direct 0 0 172.16.1.1 GE0/1
172.16.1.0/32 Direct 0 0 172.16.1.1 GE0/1
172.16.1.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.1.255/32 Direct 0 0 172.16.1.1 GE0/1
172.16.2.0/24 IS_L1 15 20 172.16.1.2 GE0/1
192.168.1.0/30 IS_L1 15 156260 172.16.1.2 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Wide或wide-campatible,根據公式開銷=(參考值/帶寬)*10

  1. 配置is-is的聚合與驗證
    (1)Level-1聚合到level-2
    [RTC-isis-1-ipv4]summary 172.16.0.0 16 level-2//配置聚合路由發往level-2的路由
    [RTD]display ip routing-table

Destinations : 18 Routes : 18

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/16 IS_L2 15 20 192.168.1.1 Ser1/0
192.168.1.0/30 Direct 0 0 192.168.1.2 Ser1/0
192.168.1.0/32 Direct 0 0 192.168.1.2 Ser1/0
192.168.1.1/32 Direct 0 0 192.168.1.1 Ser1/0
192.168.1.2/32 Direct 0 0 127.0.0.1 InLoop0
192.168.1.3/32 Direct 0 0 192.168.1.2 Ser1/0
192.168.2.0/24 Direct 0 0 192.168.2.254 GE0/1
192.168.2.0/32 Direct 0 0 192.168.2.254 GE0/1
192.168.2.254/32 Direct 0 0 127.0.0.1 InLoop0
192.168.2.255/32 Direct 0 0 192.168.2.254 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

(1) Level-2聚合到level-1
[RTD-isis-1-ipv4]summary 192.168.0.0 16 level-1
//發現沒能在RTA看到RTD聚合的路由,必須配置路由滲透。
display ip routing-table

Destinations : 20 Routes : 20

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 IS_L1 15 10 172.16.1.2 GE0/1
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 Direct 0 0 172.16.0.254 GE0/0
172.16.0.0/32 Direct 0 0 172.16.0.254 GE0/0
172.16.0.254/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.255/32 Direct 0 0 172.16.0.254 GE0/0
172.16.1.0/24 Direct 0 0 172.16.1.1 GE0/1
172.16.1.0/32 Direct 0 0 172.16.1.1 GE0/1
172.16.1.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.1.255/32 Direct 0 0 172.16.1.1 GE0/1
172.16.2.0/24 IS_L1 15 20 172.16.1.2 GE0/1
192.168.0.0/16 IS_L1 15 156261 172.16.1.2 GE0/1
192.168.1.0/30 IS_L1 15 156260 172.16.1.2 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

[RTC-isis-1-ipv4]import-route isis level-2 into level-1//路由滲透
[RTC-isis-1-ipv4]summary 192.168.0.0 16 level-1//路由聚合

display ip routing-table

Destinations : 19 Routes : 19

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 IS_L1 15 10 172.16.1.2 GE0/1
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 Direct 0 0 172.16.0.254 GE0/0
172.16.0.0/32 Direct 0 0 172.16.0.254 GE0/0
172.16.0.254/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.255/32 Direct 0 0 172.16.0.254 GE0/0
172.16.1.0/24 Direct 0 0 172.16.1.1 GE0/1
172.16.1.0/32 Direct 0 0 172.16.1.1 GE0/1
172.16.1.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.1.255/32 Direct 0 0 172.16.1.1 GE0/1
172.16.2.0/24 IS_L1 15 20 172.16.1.2 GE0/1
192.168.0.0/16 IS_L1 15 156260 172.16.1.2 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
驗證:
(1) 區域驗證
[RTC-isis-1]domain-authentication-mode simple plain 123
[RTD-isis-1]domain-authentication-mode simple plain 111
[RTC-isis-1]display isis peer

                     Peer information for IS-IS(1)
                     -----------------------------

System ID: 0000.0000.0001
Interface: GE0/1 Circuit Id: 0000.0000.0003.02
State: Up HoldTime: 25s Type: L1 PRI: 64

System ID: 0000.0000.0002
Interface: GE0/2 Circuit Id: 0000.0000.0003.03
State: Up HoldTime: 26s Type: L1 PRI: 64

System ID: 0000.0000.0004
Interface: Ser1/0 Circuit Id: 001
State: Up HoldTime: 28s Type: L2 PRI: --

[RTD-Serial1/0]display isis route

                     Route information for IS-IS(1)
                     ------------------------------

                     Level-2 IPv4 Forwarding Table
                     -----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

192.168.3.0/24 0 NULL Loop1 Direct D/L/-
192.168.2.0/24 1 NULL GE0/1 Direct D/L/-
192.168.1.0/30 15625 NULL Ser1/0 Direct D/L/-

  Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down bit set

配置路由域驗證方式和驗證密碼后,驗證密碼將按照設定的方式插入到發送的Level-2報文(包括LSP、CSNP、PSNP)中並對收到的Level-2報文進行驗證密碼的檢查。所以說,還是可以建立鄰居,但是不能互相學習路由。
(2)接口驗證
[RTC-Serial1/0]isis authentication-mode simple plain 111
[RTC-Serial1/0]display isis peer

                     Peer information for IS-IS(1)
                     -----------------------------

System ID: 0000.0000.0001
Interface: GE0/1 Circuit Id: 0000.0000.0003.02
State: Up HoldTime: 28s Type: L1 PRI: 64

System ID: 0000.0000.0002
Interface: GE0/2 Circuit Id: 0000.0000.0003.03
State: Up HoldTime: 26s Type: L1 PRI: 64

配置鄰居關系驗證方式和驗證密碼后,驗證密碼將會按照設定的方式封裝到Hello報文中,並對接收到的Hello報文進行驗證密碼的檢查,通過檢查才會形成鄰居關系,否則將不會形成鄰居關系。
所以說,接口驗證失敗,不能夠建立鄰居。
補充:
問題1:當RTA的開銷類型為narrow不能向RTC的開銷類型為wide學習到路由。
[RTC-isis-1]cost-style wide
[RTC-isis-1]bandwidth-reference 1000
[RTC-isis-1]auto-cost enable

問題2:當RTC和RTD的鄰居鏈路類型是不一樣的,能建立鄰居,但不能學習到各自的的路由。
(1) [RTC-Serial1/0]isis circuit-level level-2, [RTD-Serial1/0]isis circuit-level level-1-2,RTA和RTB是不能學習到level-2的默認路由。
[RTD]display isis peer

                     Peer information for IS-IS(1)
                     -----------------------------

System ID: 0000.0000.0003
Interface: Ser1/0 Circuit Id: 001
State: Up HoldTime: 22s Type: L2 PRI: --
(2) [RTC-Serial1/0]isis circuit-level level-1-2, [RTD-Serial1/0]isis circuit-level level-1-2,RTA和RTB是只能學習到RTC使能的接口下的level-1網段,並且學不到level-1的默認路由。RTD能學習到level-1的明細路由。
[RTD-Serial1/0]display ip routing-table

Destinations : 24 Routes : 24

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 IS_L2 15 15645 192.168.1.1 Ser1/0
172.16.1.0/24 IS_L2 15 15635 192.168.1.1 Ser1/0
172.16.2.0/24 IS_L2 15 15635 192.168.1.1 Ser1/0
192.168.1.0/30 Direct 0 0 192.168.1.2 Ser1/0
192.168.1.0/32 Direct 0 0 192.168.1.2 Ser1/0
192.168.1.1/32 Direct 0 0 192.168.1.1 Ser1/0
192.168.1.2/32 Direct 0 0 127.0.0.1 InLoop0
192.168.1.3/32 Direct 0 0 192.168.1.2 Ser1/0
192.168.2.0/24 Direct 0 0 192.168.2.254 GE0/1
192.168.2.0/32 Direct 0 0 192.168.2.254 GE0/1
192.168.2.254/32 Direct 0 0 127.0.0.1 InLoop0
192.168.2.255/32 Direct 0 0 192.168.2.254 GE0/1
192.168.3.0/24 Direct 0 0 192.168.3.1 Loop1
192.168.3.0/32 Direct 0 0 192.168.3.1 Loop1
192.168.3.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.3.255/32 Direct 0 0 192.168.3.1 Loop1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
[RTD]display isis peer

                     Peer information for IS-IS(1)
                     -----------------------------

System ID: 0000.0000.0003
Interface: Ser1/0 Circuit Id: 001
State: Up HoldTime: 22s Type: L2 PRI: --
(3) [RTC-Serial1/0]isis circuit-level level-1, [RTD-Serial1/0]isis circuit-level level-2,RTA和RTB能學習到RTC使能的接口下的level-1網段,且不和RTD建立鄰居。
[RTC-Serial1/0]display isis peer

                     Peer information for IS-IS(1)
                     -----------------------------

System ID: 0000.0000.0001
Interface: GE0/1 Circuit Id: 0000.0000.0003.02
State: Up HoldTime: 22s Type: L1 PRI: 64

System ID: 0000.0000.0002
Interface: GE0/2 Circuit Id: 0000.0000.0003.03
State: Up HoldTime: 21s Type: L1 PRI: 64
(4) [RTC-Serial1/0]isis circuit-level level-2, [RTD-Serial1/0]isis circuit-level level-2,RTA和RTB才能學習到RTC使能的接口下的level-2網段。
display ip routing-table

Destinations : 18 Routes : 18

Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 IS_L1 15 10 172.16.1.2 GE0/1
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.0/24 Direct 0 0 172.16.0.254 GE0/0
172.16.0.0/32 Direct 0 0 172.16.0.254 GE0/0
172.16.0.254/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.255/32 Direct 0 0 172.16.0.254 GE0/0
172.16.1.0/24 Direct 0 0 172.16.1.1 GE0/1
172.16.1.0/32 Direct 0 0 172.16.1.1 GE0/1
172.16.1.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.1.255/32 Direct 0 0 172.16.1.1 GE0/1
172.16.2.0/24 IS_L1 15 20 172.16.1.2 GE0/1
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

問題3:模擬器,isis區域之間,一個配置了區域驗證,一個沒有,但是還是可以學習到各自的路由,但是兩個都配置區域驗證,驗證失敗才不能學習到各自的路由。

解決問題2:level-1-2鏈路互相可以學習到路由。之前失敗是因為左邊的路由器開銷類型都是wide,右邊的不是,不能互相學習路由。
解決問題3:配置了驗證的路由器,收到沒配置驗證的路由器發來的鏈路信息,驗證路由器不會學習它的路由,但是未配置驗證的路由器會學習到驗證路由器發來的鏈路信息。


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 OSPF 多區域配置實驗 ISIS路由協議的概念及實驗配置 ISIS簡單配置 實驗三:isis 缺省路由(Is-type) 華為網絡實驗-OSPF多區域配置(引入RIP) 單多區域OSPF實驗 OSPF 單區域實驗 isis 協議 什么是Apache Isis ISIS TLV
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM