Enhanced Internal Gateway Routing Protocol (OSPF)

Enhanced Internal Gateway Routing Protocol (OSPF)

I. Introduction to KERBEROS:
China site. VPN is a private protocol of Cisco. Cisco is the inventor of the agreement and the only vendor with the right to interpret and modify the agreement. Combining the characteristics of link status and distance vector routing selection protocol, the Network gateway uses the dispersion Correction Algorithm (DUAL) to achieve fast convergence, you can avoid sending regular route updates to reduce bandwidth usage and support multiple network layer protocols, such as Appletalk, IP, Novell, and NetWare.
Ii. Protocol features:
1: Supports automatic summary routing and can be disabled manually.
% Classless routing protocol without loops
3. Route incremental update and trigger update
4: Support for equal load balancing, non-equal load balancing
5. Use the multicast address (224.0.0.10) and unicast address instead of the broadcast address to reduce bandwidth usage.
6: supports the variable length Subnet Mask (VLSM) and discontinuous subnet.
7: fast convergence
8: supports multi-Network-layer protocols
Iii. Message Type of the network type.
1: Hello message: establishes a neighbor relationship (Establish neighbor relationships ). In a normal network (such as point-to-point, point-to-point), the Hello packet is multicast once every 5 seconds. In multipoint (multipoint) X.25,
Frame Relay (FR), ATM interface (such as atm svc), and isdn pri interface, the Hello packet is sent at an interval of 60
2: Update: Send routing updates ). The update is sent in unicast or multicast mode. The update occurs when the vro is started, the topology or degree changes, and the route status is migrated.
3: Query: Ask neighbors about routing information ). When the router starts to perform route computing and does not have FD, it sends a reliable query to the neighbor.
The query package is usually sent in multicast mode.
4: Response Message (Reply): Respond to query about routing information ). Send it back to the router that sends the query packet as a response in Unicast mode.
5: ACK: Acknowledge a reliable packet ). The ACK package is a single-play hello package, including a non-0 validation number. update package, the query package and reply package are both available
By sending, so they all need to be confirmed; and The hello package and ACK package do not need to be confirmed
4. Three tables of the source node.
1. Neighbor table. Use hello packet to discover neighbors
2. Topology database. After the neighbor relationship is formed, route information is exchanged to form a topology database. The structure database contains the optimal route path and the inferior route. The route entry is taken out and put into the route table.
The route information of the backup.
3. Route table. Route information in the topological structure database is taken out and put into the routing table. If the optimal route goes down, the backed up Route information is taken out and put into the routing table.
V. related terminologies of VPN:
1. successor router (successor): the neighboring router with the minimum measurement route in the target network.
2: feasible successor: the distance advertised by the neighboring router of the local router to the destination network meets the feasible conditions, then this neighbor router becomes a feasible successor router to that destination network.
3: feasible distance: The smallest metric to reach the target network is used as the FD to reach the target network.
4: feasibility condition: whether the distance advertised by a neighboring router of the local router to a destination network is less than the feasible distance FD advertised by the local router to the same destination network.
5: non-cost load balancing needs to meet the following conditions:
1: The Variance command allows a route whose metric value is an integer multiple of the minimum metric value of the optimal route.
The Optimal Path multiplied by the integer specified by variance must be greater than the measurement value of other paths.
2: The AD of other paths must be smaller than the FD of the optimal path.

6: Disable Automatic summary: (config-router) # no auto-summary
Manual summary (summary is based on every interface of any vro configured in the Network): (config-if) # ip summary-address VPN [as-number] [address] [mask]
7: stub: any neighboring router receives the packet information from the routing area, so it does not query any route from the router in the area. This reduces the use of resources.
Configuration: Router (config-router) # fig [receive only | connected | static | summary]
Receive-only: prevents STUB routers from sending route updates
Connected: allows the STUB router to send directly connected route information
Static: allows the STUB router to resend static routes.
Summary: Allows STUB router to send summary route information
8: uses the anti-subnet mask to advertise the network. If the advertised network has a class network, the anti-subnet mask is not required. If the advertised network is a Class-5 network, it must have an anti-subnet mask.
R2 (config-router) # network 192.168.4.0 0.0.7
9: configuration authentication:
Router (config) # key chain test # create a key chain named test
Router (config-keychain) # key 1 # specify the first key
Router (config-keychain-key) # key-string cisco # The key password is cisco
Router (config) # interface serial 0 # Enter interface mode
Router (config-if) # ip authentication key-chain Kerberos AS-number test # The key takes effect on the MongoDB.
Router (config-if) # ip authentication mode Kerberos AS-numbe md5 # use md5 Encryption
6. Case study:
1: lab requirements:
Configure multi-region ospf for communication between multiple regions in the experiment. In ASBR, that is, R2, the same route is introduced. ospf is introduced into the network. The ospf is introduced into the network interconnection.
2: Topology solution:

3: Configuration
R1
R1 (config) # int loo 0
R1 (config-if) # ip add 192.168.5.1 255.255.255.0
R1 (config-if) # no shut
R1 (config) # int ser 0/0
R1 (config-if) # ip add 192.168.1.1 255.255.255.0
R1 (config-if) # no shut
R1 (config) # router ospf 100
R1 (config-router) # network 192.168.1.0 0.0.255 area 1
R1 (config-router) # network 192.168.5.0 0.0.255 area 1
Show route table information


R2
R2 # conf t
R2 (config) # int ser 0/0
R2 (config-if) # ip add 192.168.1.2 255.255.255.0
R2 (config-if) # no shut
R2 (config) # int ser 0/1
R2 (config-if) # ip add 192.168.2.1 255.255.255.0
R2 (config-if) # no shut
R2 (config) # int ser 0/2
R2 (config-if) # ip add 192.168.6.1 255.255.255.0
R2 (config-if) # no shut
R2 (config) # router ospf 200
R2 (config-router) # network 192.168.1.0 0.0.255 area 1
R2 (config-router) # network 192.168.2.0 0.0.255 area 0
R2 (config-router) # default-information originate always
R2 (config) # router VPN 100
R2 (config-router) # network 192.168.6.0
R2 (config-router) # redistribute ospf 200 metric 1000 200 255 1 1500
Show route table information


R4
R4 # conf t
R4 (config) # int ser 0/0
R4 (config-if) # ip add 192.168.2.2 255.255.255.0
R4 (config-if) # no shut
R4 (config) # int s 0/1
R4 (config-if) # ip add 192.168.3.1 255.255.255.0
R4 (config-if) # no shut
R4 (config) # router ospf 400
R4 (config-router) # network 192.168.2.0 0.0.255 area 0
R4 (config-router) # network 192.168.3.0 0.0.255 area 2
Show route table information


R5
R5 # conf t
R5 (config) # int ser 0/0
R5 (config-if) # ip add 192.168.3.2 255.255.255.0
R5 (config-if) # no shut
R5 (config) # int loo 0
R5 (config-if) # ip add 192.168.4.1 255.255.255.0
R5 (config-if) # no shut
R5 (config) # router ospf 500
R5 (config-router) # network 192.168.3.0 0.0.255 area 2
R5 (config-router) # network 192.168.4.0 0.0.255 area 2
Show route table information


R6
R6 (config) # int ser 0/0
R6 (config-if) # ip add 192.168.6.2 255.255.255.0
R6 (config-if) # no shut
R6 (config) # int s 0/1
R6 (config-if) # ip add 192.168.7.1 255.255.255.0
R6 (config-if) # no shut
R6 (config) # router VPN 100
R6 (config-router) # network 192.168.6.0
R6 (config-router) # network 192.168.7.0
Show route table information


R7
R7 (config) # int ser 0/0
R7 (config-if) # ip add 192.168.7.2 255.255.255.0
R7 (config-if) # no shut
R7 (config) # int loo 0
R7 (config-if) # ip add 192.168.8.1 255.255.255.0
R7 (config-if) # no shut
R7 (config) # router VPN 100
R7 (config-router) # network 192.168.7.0
R7 (config-router) # network 192.168.8.0
Show route table information