“環回口”(loopback address口)在BGP上也有用到,他是一種在路由器協議上廣泛使用的虛擬接口。是通過系統的編撰,在物理基礎上是實現的。
首先,如果在這臺路由器上設置環回口,可以通過"telnet"命令登陸這臺路由器。由於環回口是虛擬的,如果不特別的去設置關掉它,它就不會因爲物各種故障失效(即down掉)。並且每個環回口都是獨立的,也不會太佔資源。
其次,環回口的ip地址可以作爲OSPF協議下各個路由器的路由器號(即router id),環回口ip地址不但不會出現重複,並且它又穩定。所以它就成了作爲router id的最佳選擇。
還有,他可以作爲一些其他服務對路由器的訪問接口,如tftp、snmp、tacace/radius等等在BGP中它也很重要
loopback 環回接口地址作爲路由協議的router-id,因爲環回接口是邏輯接口,比物理接口更加穩定。在對網絡操作時,網路管理員有可能誤操作導致物理接口地址刪除,或者改動,而環回接口則一般會回去改動
###查看環回接口地址
[R5]display interface LoopBack 0
LoopBack0 current state : UP
Line protocol current state : UP (spoofing)
Description:HUAWEI, AR Series, LoopBack0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 5.5.5.5/32
Physical is Loopback
Current system time: 2020-05-14 14:37:06-08:00
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Realtime 0 seconds input rate 0 bits/sec, 0 packets/sec
Realtime 0 seconds output rate 0 bits/sec, 0 packets/sec
Input: 0 bytes
Output:0 bytes
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
###查看ip端口信息
<R5>disp ip inter br
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 5
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 5
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned down down
GigabitEthernet0/0/1 172.16.12.1/24 up up
GigabitEthernet0/0/2 10.10.12.2/24 *down down
GigabitEthernet4/0/0 10.10.20.2/24 up up
GigabitEthernet4/0/1 unassigned down down
GigabitEthernet4/0/2 unassigned down down
GigabitEthernet4/0/3 unassigned down down
LoopBack0 5.5.5.5/32 up up(s)
##修改 router id 爲環回接口
[R5]router id 5.5.5.5
##查看 ospf router id 是物理接口,需要重啓修改成 新的router id
[R5]dis ospf peer br
OSPF Process 1 with Router ID 172.16.12.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
----------------------------------------------------------------------------
[R5]quit
###重啓生效
<R5>reset ospf process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
<R5>sy
Enter system view, return user view with Ctrl+Z.
###確認是否修改
[R5]dis ospf peer br
OSPF Process 1 with Router ID 5.5.5.5
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
----------------------------------------------------------------------------
[R5]
ospf
鄰居表: 鄰里關係
display osdf peer brief
LSDB: 鏈路狀態信息,並需要實時同步
display ospf lsdb
路由表: spf ospf 中路由表單
display ospf route
OSPF 原理:
1. ospf 要求運行osdf 的路由器都有整個網絡的鏈路狀態信息,這樣才能計算出到達目的地的最優路徑
2. 把LSA集來的信息 建立自己的數據庫LSDB,並用SPF計算,建立起到達每個網絡的最短路徑樹
3.通過最短路徑樹計算最優路由,並更新到自己的路由表彙總
Router ID 是一個32位的值,表示了一個自治系統內路由器,管理員可以爲每臺運行ospf 的路由器手動配置一個RouterID。可以自動生成,爲了防止由於端口地址更改,ID 發生變化,建議手動設置
##修改之前確認是否有RouterID了,如果更改可以要重啓下進程
[R1]ospf router-id 172.172.172.10
Info: The configuration succeeded. You need to restart the OSPF process to valid
ate the new router ID.
###這個是之前自動生成的RouterID
[R1]display ospf peer
OSPF Process 1 with Router ID 172.16.10.1
#如果手動設置想要生效,需要重啓 進程
<R1>reset ospf 1 process
Warning: The OSPF process will be reset. Continue? [Y/N]:y
<R1>display ospf peer
OSPF Process 1 with Router ID 172.172.172.10
## 確認應修改完成
router id 是整個自治域 唯一
###開啓debug 設置 如果關閉可以ctrl +o
<R2>terminal debugging
Info: Current terminal debugging is on.
<R2>termi
<R2>terminal monit
<R2>terminal monitor ?
<cr> Please press ENTER to execute command
<R2>terminal monitor
Info: Current terminal monitor is on.
<R2>debugging ospf packet
<R2>
May 13 2020 17:10:18.346.1-08:00 R2 RM/6/RMDEBUG:
<R2>undo debugging all
Info: All possible debugging has been turned off
<R2>terminal debugging
配置ospf 是網絡通信
###配置R1 路由器
[R1]ospf
[R1-ospf-1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]di th
[V200R003C00]
#
area 0.0.0.0
#
return
[R1-ospf-1-area-0.0.0.0]
[R1-ospf-1-area-0.0.0.0]
[R1-ospf-1-area-0.0.0.0]
[R1-ospf-1-area-0.0.0.0]network 172.16.10.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.10.20.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.10.10.0 0.0.0.255
###查看端口
<R1>disp ospf peer br
OSPF Process 1 with Router ID 1.1.1.1
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/2 5.5.5.5 Full
----------------------------------------------------------------------------
##查看路由
<R1>disp ospf routing
OSPF Process 1 with Router ID 1.1.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.10.20.0/24 1 Transit 10.10.20.1 1.1.1.1 0.0.0.0
172.16.10.0/24 1 Stub 172.16.10.1 1.1.1.1 0.0.0.0
172.16.12.0/24 2 Stub 10.10.20.2 5.5.5.5 0.0.0.0
Total Nets: 3
Intra Area: 3 Inter Area: 0 ASE: 0 NSSA: 0
###查看庫文件
<R1>disp ospf lsdb
OSPF Process 1 with Router ID 1.1.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 1.1.1.1 1.1.1.1 351 48 80000006 1
Router 5.5.5.5 5.5.5.5 369 48 80000007 1
Network 10.10.20.2 5.5.5.5 369 32 80000002 0
####配置 R5 路由器
[R5]ospf
[R5-ospf-1]di th
[V200R003C00]
#
ospf 1
#
return
[R5-ospf-1]are
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]dis ip inter br
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 5
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 5
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned down down
GigabitEthernet0/0/1 172.16.12.1/24 up up
GigabitEthernet0/0/2 10.10.12.2/24 *down down
GigabitEthernet4/0/0 10.10.20.2/24 up up
GigabitEthernet4/0/1 unassigned down down
GigabitEthernet4/0/2 unassigned down down
GigabitEthernet4/0/3 unassigned down down
LoopBack0 5.5.5.5/32 up up(s)
NULL0 unassigned up up(s)
[R5-ospf-1-area-0.0.0.0]network 10.10.12.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 10.10.20.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 172.16.12.0 0.0.0.255
##查看ospf 的路由
[R5-ospf-1-area-0.0.0.0]disp ospf routing
OSPF Process 1 with Router ID 5.5.5.5
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.10.20.0/24 1 Transit 10.10.20.2 5.5.5.5 0.0.0.0
172.16.12.0/24 1 Stub 172.16.12.1 5.5.5.5 0.0.0.0
172.16.10.0/24 2 Stub 10.10.20.1 1.1.1.1 0.0.0.0
Total Nets: 3
Intra Area: 3 Inter Area: 0 ASE: 0 NSSA: 0
[R5-ospf-1-area-0.0.0.0]
###LSDB: 鏈路狀態信息,並需要實時同步
[R5-ospf-1-area-0.0.0.0]disp ospf lsdb
OSPF Process 1 with Router ID 5.5.5.5
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 1.1.1.1 1.1.1.1 149 48 80000006 1
Router 5.5.5.5 5.5.5.5 165 48 80000007 1
Network 10.10.20.2 5.5.5.5 165 32 80000002 0
###修改DR 權限 更新DB
#####查看DR 和BDR
Enter system view, return user view with Ctrl+Z.
[R5]disp ospf peer
OSPF Process 1 with Router ID 5.5.5.5
Neighbors
Area 0.0.0.0 interface 10.10.20.2(GigabitEthernet4/0/0)s neighbors
Router ID: 1.1.1.1 Address: 10.10.20.1
State: Full Mode:Nbr is Slave Priority: 1
DR: 10.10.20.2 BDR: 10.10.20.1 MTU: 0
Dead timer due in 30 sec
Retrans timer interval: 5
Neighbor is up for 00:27:01
Authentication Sequence: [ 0 ]
##確認 DB 是R5 DBR 是R1
##升級R1 爲DB,R5 爲DBR
##在 R1 上提升權限爲2
[R1-GigabitEthernet0/0/2]ospf dr-priority 2
[R1-GigabitEthernet0/0/2]disp ospf peer
OSPF Process 1 with Router ID 1.1.1.1
Neighbors
Area 0.0.0.0 interface 10.10.20.1(GigabitEthernet0/0/2)s neighbors
Router ID: 5.5.5.5 Address: 10.10.20.2
State: Full Mode:Nbr is Master Priority: 1
DR: 10.10.20.2 BDR: 10.10.20.1 MTU: 0
Dead timer due in 35 sec
Retrans timer interval: 5
Neighbor is up for 00:31:01
Authentication Sequence: [ 0 ]
發現 沒有改變,因爲DR 是非搶佔的,需要重啓R5 的 ospf 協議
<R5>reset ospf process
<R5>disp ospf peer
OSPF Process 1 with Router ID 5.5.5.5
Neighbors
Area 0.0.0.0 interface 10.10.20.2(GigabitEthernet4/0/0)s neighbors
Router ID: 1.1.1.1 Address: 10.10.20.1
State: Full Mode:Nbr is Slave Priority: 2
DR: 10.10.20.1 BDR: 10.10.20.2 MTU: 0
Dead timer due in 32 sec
Retrans timer interval: 0
Neighbor is up for 00:00:18
Authentication Sequence: [ 0 ]
<R5>
###ospf 可以在接口下設置 認證和開銷
在R5 上進行設置,
[R5-GigabitEthernet4/0/0]ospf authentication-mode ?
hmac-md5 Use HMAC-MD5 algorithm
keychain Keychain authentication mode
md5 Use MD5 algorithm
null Use null authentication
simple Simple authentication mode
[R5-GigabitEthernet4/0/0]ospf authentication-mode md
[R5-GigabitEthernet4/0/0]ospf authentication-mode md5 ?
INTEGER<1-255> Key ID
<cr> Please press ENTER to execute command
[R5-GigabitEthernet4/0/0]ospf authentication-mode md5 1 ?
STRING<1-255>/<20-392> The password (key)
cipher Encryption type (Cryptogram)
plain Encryption type (Plain text)
[R5-GigabitEthernet4/0/0]ospf authentication-mode md5 1 ci
[R5-GigabitEthernet4/0/0]ospf authentication-mode md5 1 cipher ?
STRING<1-255>/<20-392> The password (key)
[R5-GigabitEthernet4/0/0]ospf authentication-mode md5 1 huayun
[R5-GigabitEthernet4/0/0]quit
[R5]q
<R5>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
<R5>
May 14 2020 15:32:43-08:00 R5 %%01OSPF/3/NBR_CHG_DOWN(l)[0]:Neighbor event:neigh
bor state changed to Down. (ProcessId=256, NeighborAddress=1.1.1.1, NeighborEven
t=InactivityTimer, NeighborPreviousState=Full, NeighborCurrentState=Down)
<R5>
May 14 2020 15:32:43-08:00 R5 %%01OSPF/3/NBR_DOWN_REASON(l)[1]:Neighbor state le
aves full or changed to Down. (ProcessId=256, NeighborRouterId=1.1.1.1, Neighbor
AreaId=0, NeighborInterface=GigabitEthernet4/0/0,NeighborDownImmediate reason=Ne
ighbor Down Due to Inactivity, NeighborDownPrimeReason=Hello Not Seen, NeighborC
hangeTime=2020-05-14 15:32:43-08:00)
<R5>
###發現ping 的動作無法通過
From 172.16.12.12: bytes=32 seq=324 ttl=126 time=15 ms
From 172.16.12.12: bytes=32 seq=325 ttl=126 time=16 ms
From 172.16.12.12: bytes=32 seq=326 ttl=126 time=31 ms
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 172.16.12.12 ping statistics ---
###在R1 上進行 做同樣配置
R1-GigabitEthernet0/0/2]ospf auth
[R1-GigabitEthernet0/0/2]ospf authentication-mode md
[R1-GigabitEthernet0/0/2]ospf authentication-mode md5 1
[R1-GigabitEthernet0/0/2]ospf authentication-mode md5 1
[R1-GigabitEthernet0/0/2]ospf authentication-mode md5 1?
INTEGER<1-255> Key ID
[R1-GigabitEthernet0/0/2]ospf authentication-mode md5 1 huayun
[R1-GigabitEthernet0/0/2]
May 14 2020 15:34:47-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[0]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.20.10.10, Neighbo
rEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
[R1-GigabitEthernet0/0/2]
May 14 2020 15:34:47-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[1]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.20.10.10, Neighbo
rEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=ExStart)
[R1-GigabitEthernet0/0/2]
May 14 2020 15:34:47-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[2]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.20.10.10, Neighbo
rEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exch
ange)
[R1-GigabitEthernet0/0/2]
May 14 2020 15:34:47-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[3]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.20.10.10, Neighbo
rEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loadin
g)
[R1-GigabitEthernet0/0/2]
May 14 2020 15:34:47-08:00 R1 %%01OSPF/4/NBR_CHANGE_E(l)[4]:Neighbor changes eve
nt: neighbor status changed. (ProcessId=256, NeighborAddress=2.20.10.10, Neighbo
rEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
[R1-GigabitEthernet0/0/2]
###發現 ospf 開始 Init -》ExStart -》 Exchange -》Loading -》 Full
##ping 狀態重新通信
From 172.16.12.12: bytes=32 seq=12 ttl=126 time=32 ms
From 172.16.12.12: bytes=32 seq=13 ttl=126 time=15 ms
From 172.16.12.12: bytes=32 seq=14 ttl=126 time=32 ms
--- 172.16.12.12 ping statistics ---
14 packet(s) transmitted
13 packet(s) received
7.14% packet loss
round-trip min/avg/max = 0/28/32 ms