HCNA-31 配置OSPF的认证
HCNA-31 配置OSPF的认证基本配置<Huawei>system-viewsysnamer1interfaceloopback 0//创建环回口 环回接口号为0ipaddress 1.1.1.1 32quitinterfaceGigabitEthernet 0/0/0ipaddress 172.16.12.1 24 quit <Huawei>system-viewsysnamer2interfaceloopback 0ipaddress 2.2.2.2 32quitinterfaceGigabitEthernet 0/0/0ipaddress 172.16.12.2 24 interfaceGigabitEthernet 0/0/1ipaddress 172.16.24.2 24 interface GigabitEthernet 0/0/2ipaddress 172.16.23.2 24 quitdisplayip interface brief <Huawei>system-viewsysnamer3interfaceloopback 0ipaddress 3.3.3.3 32quitinterfaceGigabitEthernet 0/0/0ipaddress 172.16.35.3 24 interfaceGigabitEthernet 0/0/1ipaddress 172.16.36.3 24 interface GigabitEthernet 0/0/2ipaddress 172.16.23.3 24 quitdisplayip interface brief <Huawei>system-viewsysnamer4interfaceloopback 0ipaddress 4.4.4.4 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.24.4 24 quit <Huawei>system-viewsysnamer5interfaceloopback 0ipaddress 5.5.5.5 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.35.5 24 quit <Huawei>system-viewsysnamer6interfaceloopback 0ipaddress 6.6.6.6 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.36.6 24quit配置OSPF及区域认证ospf1//创建OSPF 进程ID为1area1//创建非骨干区域1network1.1.1.1 0.0.0.0//宣告参与OSPF网段network172.16.12.0 0.0.0.255authentication-modesimple plain admin //身份验证模式 简单的明文(区域认证)displaythis# area 0.0.0.1 authentication-mode simple plain admin network 1.1.1.1 0.0.0.0 network 172.16.12.0 0.0.0.255 ospf1area1network172.16.12.0 0.0.0.255network172.16.24.0 0.0.0.255authentication-modesimple plain adminquitarea0//创建骨干区域 0network172.16.23.0 0.0.0.255network2.2.2.2 0.0.0.0authentication-modemd5 1 cipher admin1234//身份验证模式 MD5 加密 ospf1area0network3.3.3.3 0.0.0.255network172.16.23.0 0.0.0.255network172.16.35.0 0.0.0.255network172.16.36.0 0.0.0.255authentication-modemd5 1 cipher admin1234 ospf1area1network4.4.4.4 0.0.0.0network172.16.24.0 0.0.0.255authentication-modesimple plain admin ospf1area0network5.5.5.5 0.0.0.0network172.16.35.0 0.0.0.255authentication-modemd5 1 cipher admin1234 ospf1area0network6.6.6.6 0.0.0.0network172.16.36.0 0.0.0.255authentication-modemd5 1 cipher admin1234
配置OSPF R2与R3之间的链路认证interfaceGigabitEthernet 0/0/2ospfauthentication-mode md5 1 cipher zurkj.comdisplayospf peer//显示OSPF 邻居状态 OSPF Process 1 with Router ID 2.2.2.2 Neighbors Area 0.0.0.1 interface172.16.12.2(GigabitEthernet0/0/0)'s neighbors Router ID: 1.1.1.1 Address: 172.16.12.1 State: Full Mode:Nbr isSlavePriority: 1 DR: 172.16.12.2BDR: 172.16.12.1MTU: 0 Dead timer due in 38sec Retrans timer interval: 5 Neighbor is up for 00:30:11 Authentication Sequence: [ 0 ] Neighbors Area 0.0.0.1 interface172.16.24.2(GigabitEthernet0/0/1)'s neighbors Router ID: 4.4.4.4 Address: 172.16.24.4 State: Full Mode:Nbr isMasterPriority: 1 DR: 172.16.24.2BDR: 172.16.24.4MTU: 0 Dead timer due in 40sec Retrans timer interval: 5 Neighbor is up for 00:15:43 Authentication Sequence: [ 0 ]R3不在OSPF邻居之中了。需要把R3的GE 0/0/2同样配置成接口认证interfaceGigabitEthernet 0/0/2ospfauthentication-mode md5 1 cipher zurkj.com再次看R2的OSPF邻居状态displayospf peer OSPF Process 1 with Router ID 2.2.2.2 Neighbors Area 0.0.0.0 interface172.16.23.2(GigabitEthernet0/0/2)'s neighbors Router ID: 3.3.3.3 Address: 172.16.23.3 State: Full Mode:Nbr isMasterPriority: 1 DR: 172.16.23.3BDR: 172.16.23.2MTU: 0 Dead timer due in 34sec Retrans timer interval: 5 Neighbor is up for 00:01:12 Authentication Sequence: [ 4963] Neighbors Area 0.0.0.1 interface172.16.12.2(GigabitEthernet0/0/0)'s neighbors Router ID: 1.1.1.1 Address: 172.16.12.1 State: Full Mode:Nbr isSlavePriority: 1 DR: 172.16.12.2BDR: 172.16.12.1MTU: 0 Dead timer due in 34sec Retrans timer interval: 5 Neighbor is up for 00:33:29 Authentication Sequence: [ 0 ] Neighbors Area 0.0.0.1 interface172.16.24.2(GigabitEthernet0/0/1)'s neighbors Router ID: 4.4.4.4 Address: 172.16.24.4 State: Full Mode:Nbr isMasterPriority: 1 DR: 172.16.24.2BDR: 172.16.24.4MTU: 0 Dead timer due in 37sec Retrans timer interval: 5 Neighbor is up for 00:19:01 Authentication Sequence: [ 0 ] R3又回来了,完成了OSPF链路认证。display ospf peer brief//查看OSPF 邻居简要信息 OSPF Process 1 with Router ID 3.3.3.3 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 5.5.5.5 Full 0.0.0.0 GigabitEthernet0/0/1 6.6.6.6 Full 0.0.0.0 GigabitEthernet0/0/2 2.2.2.2 Full ---------------------------------------------------------------------------- displayospf peer brief OSPF Process 1 with Router ID 3.3.3.3 Peer Statistic Information ---------------------------------------------------------------------------- Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 5.5.5.5 Full 0.0.0.0 GigabitEthernet0/0/1 6.6.6.6 Full 0.0.0.0 GigabitEthernet0/0/2 2.2.2.2 Full ----------------------------------------------------------------------------Ping 测试:<r1>ping -a 1.1.1.1 172.16.36.6PING 172.16.36.6: 56data bytes, press CTRL_C to break Reply from 172.16.36.6: bytes=56 Sequence=1ttl=253 time=30 ms Reply from 172.16.36.6: bytes=56 Sequence=2ttl=253 time=30 ms Reply from 172.16.36.6: bytes=56 Sequence=3ttl=253 time=50 ms Reply from 172.16.36.6: bytes=56 Sequence=4ttl=253 time=40 ms Reply from 172.16.36.6: bytes=56 Sequence=5ttl=253 time=30 ms --- 172.16.36.6 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 30/36/50 ms
页:
[1]
