DynagenでCCIEを目指す
20100630 OSPF NBMA環境の設定
最終更新:
it_certification
-
view
目的
- NBMA環境でのOSPF設定方法を確認します。
- 設定方法は以下2通りです。
- 方法1 : ユニキャストによるneighbor確立 (検証2-4)
- 方法2 : 擬似ブロードキャスト環境の構築 (検証5)
構成
- 設定概要
- 各ルータはframe-relayによって接続されています。
- 初期設定はIPアドレスのみです。
- 構成図
- netファイル
ghostios = True
sparsemem = True
model = 3620
[localhost]
[[3620]]
image = C:\Program Files\Dynamips\images\c3620-j1s3-mz.123-18.bin
ram = 256
[[ROUTER R1]]
f1/0 = NIO_gen_eth:\Device\NPF_{EEC4A317-FFD6-4B4A-9787-64BB3651D3B0}
s0/0 = SW 1
[[ROUTER R2]]
s0/0 = SW 2
[[ROUTER R3]]
s0/0 = SW 3
[[FRSW SW]]
1:102 = 2:201
1:103 = 3:301
- 初期設定 R1
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Serial0/0 ip address 192.168.0.1 255.255.255.0 serial restart-delay 0 ! interface Serial0/1 no ip address shutdown serial restart-delay 0 ! interface Serial0/2 no ip address shutdown serial restart-delay 0 ! interface Serial0/3 no ip address shutdown serial restart-delay 0 ! interface FastEthernet1/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R2
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Serial0/0 ip address 192.168.0.2 255.255.255.0 serial restart-delay 0 ! interface Serial0/1 no ip address shutdown serial restart-delay 0 ! interface Serial0/2 no ip address shutdown serial restart-delay 0 ! interface Serial0/3 no ip address shutdown serial restart-delay 0 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- 初期設定 R3
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Serial0/0 ip address 192.168.0.3 255.255.255.0 serial restart-delay 0 ! interface Serial0/1 no ip address shutdown serial restart-delay 0 ! interface Serial0/2 no ip address shutdown serial restart-delay 0 ! interface Serial0/3 no ip address shutdown serial restart-delay 0 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
検証1 環境構築
- frame-relayの設定
以下の通りframe-relay網の設定を行います。図の通り、R1がハブでR2, R3がスポークになります。
R1(config)#interface Serial 0/0 R1(config-if)#encapsulation frame-relay R1(config-if)# *Mar 1 00:04:31.915: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up R1(config-if)#frame-relay map ip 192.168.0.2 102 R1(config-if)#frame-relay map ip 192.168.0.3 103 R2(config)#interface Serial 0/0 R2(config-if)#encapsulation frame-relay R2(config-if)# *Mar 1 00:06:28.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up R2(config-if)# R2(config-if)#frame-relay map ip 192.168.0.1 201 R2(config-if)#frame-relay map ip 192.168.0.3 201 R3(config)#interface S R3(config)#interface Serial 0/0 R3(config-if)#encapsulation frame-relay R3(config-if)# *Mar 1 00:12:05.219: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up R3(config-if)# R3(config-if)#frame-relay map ip 192.168.0.1 301 R3(config-if)#frame-relay map ip 192.168.0.2 301
- frame-relayの確認
DLCIとIPアドレスのマッピング確認やpingによる疎通確認を行います。(R1, R2の出力は省略します)
R3#show frame-relay map
Serial0/0 (up): ip 0.0.0.0 dlci 301(0x12D,0x48D0)
broadcast,
CISCO, status defined, active
Serial0/0 (up): ip 192.168.0.1 dlci 301(0x12D,0x48D0), static,
CISCO, status defined, active
Serial0/0 (up): ip 192.168.0.2 dlci 301(0x12D,0x48D0), static,
CISCO, status defined, active
R3#
R3#
R3#ping 192.168.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/117/244 ms
R3#
検証2 ユニキャストによるOSPF neighbor
- OSPFの設定
NBMA環境下では、マルチキャストを転送する事はできません。そこで、ユニキャストを使用してOSPF neighborを確立するよう設定します。
R1(config)#router ospf 1 R1(config-router)#passive-interface default R1(config-router)#network 1.1.1.1 0.0.0.0 area 0 R1(config-router)#network 192.168.1.1 0.0.0.0 area 0 R1(config-router)#network 192.168.0.1 0.0.0.0 area 0 R1(config-router)#no passive-interface Serial 0/0 R1(config-router)#neighbor 192.168.0.2 <- ユニキャストでneighborを確立する設定 R1(config-router)#neighbor 192.168.0.3 <- ユニキャストでneighborを確立する設定 R2(config)#router ospf 1 R2(config-router)#passive-interface default R2(config-router)#network 2.2.2.2 0.0.0.0 area 0 R2(config-router)#network 192.168.0.2 0.0.0.0 area 0 R2(config-router)#no passive-interface Serial 0/0 R2(config-router)#neighbor 192.168.0.1 <- ユニキャストでneighborを確立する設定 R3(config)#router ospf 1 R3(config-router)#passive-interface default R3(config-router)#network 3.3.3.3 0.0.0.0 area 0 R3(config-router)#network 192.168.0.3 0.0.0.0 area 0 R3(config-router)#no passive-interface Serial 0/0 R3(config-router)#neighbor 192.168.0.1 <- ユニキャストでneighborを確立する設定
- neighborの確認
R1でneighborが確立されたどうかを確認します。neighborのState欄には「ATTEMP」と見慣れない記載がありますが、全く問題ありません。これは、Helloパケットを送信したものの未だ返答がない状態を表します。
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
N/A 0 ATTEMPT/DROTHER 00:01:14 192.168.0.2 Serial0/0
N/A 0 ATTEMPT/DROTHER 00:01:15 192.168.0.3 Serial0/0
R1#
R1#
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 192.168.0.0/24 is directly connected, Serial0/0
R1#
- neighborの再確認
設定を投入してから3分程度待つと、以下のようなメッセージがコンソール上に表示されます。その後、nieghborを確認すると、neighborが確立された事が確認できます。
R1#
*Mar 1 00:09:53.687: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from LOADING to FULL, Loading Done
*Mar 1 00:10:10.991: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from LOADING to FULL, Loading Done
R1#
R1#
R1#
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/DROTHER 00:01:38 192.168.0.2 Serial0/0
3.3.3.3 1 FULL/DR 00:01:37 192.168.0.3 Serial0/0
R1#
R1#
R1#
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O E2 2.2.2.2 [110/20] via 192.168.0.2, 00:00:37, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O E2 3.3.3.3 [110/20] via 192.168.0.3, 00:00:37, Serial0/0
C 192.168.0.0/24 is directly connected, Serial0/0
検証3 timer変更
- timerの確認
R1のOSPF I/Fを確認します。network typeがNON_BROADCASTである事が分かります。また、hello, deadが30秒, 120秒になっている事も分かります。(I/FがEthernetであるかSerialであるかでデフォルトの設定が異なる事は要注意です。筆記試験でよく問われます。)
R1#show ip ospf interface
Serial0/0 is up, line protocol is up
Internet Address 192.168.0.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64 <- network typeがNON_BROADCASTになっています。
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 3.3.3.3, Interface address 192.168.0.3
Backup Designated router (ID) 1.1.1.1, Interface address 192.168.0.1
Old designated Router (ID) 2.2.2.2, Interface address 192.168.0.2
Flush timer for old DR LSA due in 00:02:31
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5 <- timerは長めに設定されています。
oob-resync timeout 120
Hello due in 00:00:00
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 2.2.2.2
Adjacent with neighbor 3.3.3.3 (Designated Router)
Suppress hello for 0 neighbor(s)
- timerの変更
hello timerが30秒間隔では、経路の交換に非常に時間がかかってしまいます。快適に検証を行うため、timerを以下の通り変更します。
R1(config)#interface Serial 0/0 R1(config-if)#ip ospf hello-interval 10 R1(config-if)#ip ospf dead-interval 30 R2(config)#interface Serial 0/0 R2(config-if)#ip ospf hello-interval 10 R2(config-if)#ip ospf dead-interval 30 R3(config)#interface Serial 0/0 R3(config-if)#ip ospf hello-interval 10 R3(config-if)#ip ospf dead-interval 30
- timerの再確認
timerの設定変更が反映された事を確認します(R2, R3の出力は省略)
R1#show ip ospf interface Serial 0/0
Serial0/0 is up, line protocol is up
Internet Address 192.168.0.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 3.3.3.3, Interface address 192.168.0.3
Backup Designated router (ID) 1.1.1.1, Interface address 192.168.0.1
Old designated Router (ID) 2.2.2.2, Interface address 192.168.0.2
Timer intervals configured, Hello 10, Dead 30, Wait 30, Retransmit 5 <- Hello, Deadを確認します
oob-resync timeout 40
Hello due in 00:00:02
Index 3/3, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 2.2.2.2
Adjacent with neighbor 3.3.3.3 (Designated Router)
Suppress hello for 0 neighbor(s)
R1#
検証4 DRの明示的な指定
- ルーティングテーブルの確認
ルーティングテーブルを見ると、正常に経路を交換できているように見えます。(実際は、経路交換できていません。詳細は後述します。)
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 192.168.0.2, 00:04:36, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 192.168.0.3, 00:04:36, Serial0/0
C 192.168.0.0/24 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, FastEthernet1/0
R1#
- 再起動後のルーティングテーブル
OSPFプロセスを再起動させた後のルーティングテーブルを確認します。R1のルーティングテーブル上に、2.2.2.2/32のエントリが見当たりません。
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#
*Mar 1 00:30:53.479: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from 2WAY to DOWN, Neighbor Down: Interface down or detached
*Mar 1 00:30:53.483: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 00:31:23.843: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from LOADING to FULL, Loading Done
*Mar 1 00:31:23.847: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from LOADING to FULL, Loading Done
R1#
R1#
R1#
R1#
R1#
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets <- 2.2.2.2/32のエントリが存在しません
C 1.1.1.1 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 192.168.0.3, 00:00:28, Serial0/0
C 192.168.0.0/24 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, FastEthernet1/0
R1#
- DRの明示的な指定
経路が交換できなくなってしまったのは、再起動によりDRがR3に変わってしまったためです。そのため、R1, R3のみが経路を交換するようになります。
このようなトラブルを回避するために、確実にR1がDRになるよう設定します。priority値を0に設定する事で、R2, R3がDRにならないようになります。
このようなトラブルを回避するために、確実にR1がDRになるよう設定します。priority値を0に設定する事で、R2, R3がDRにならないようになります。
R2(config)#interface Serial 0/0 R2(config-if)#ip ospf priority 0 R3(config)#interface Serial 0/0 R3(config-if)#ip ospf priority 0
- 再起動後のルーティングテーブル
R1が確実にDRとして選出される状態で、OSPFプロセスを再起動させます。今度は、R1/R2, R1/R3で経路が交換されるため、全てのルートがルーティングテーブルに載っています。
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#
*Mar 1 00:36:45.287: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from 2WAY to DOWN, Neighbor Down: Interface down or detached
*Mar 1 00:36:45.291: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from 2WAY to DOWN, Neighbor Down: Interface down or detached
*Mar 1 00:37:15.671: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from LOADING to FULL, Loading Done
*Mar 1 00:37:15.739: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from LOADING to FULL, Loading Done
R1#
R1#
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 192.168.0.2, 00:00:39, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 192.168.0.3, 00:00:39, Serial0/0
C 192.168.0.0/24 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, FastEthernet1/0
R1#
検証5 擬似ブロードキャスト環境
- 検証2 設定削除
検証2で投入した、ユニキャストでeighborを確立する設定を削除します。
R1(config)#router ospf 1 R1(config-router)#no neighbor 192.168.0.2 R1(config-router)#no neighbor 192.168.0.3 R2(config)#router ospf 1 R2(config-router)#no neighbor 192.168.0.1 R3(config)#router ospf 1 R3(config-router)#no neighbor 192.168.0.1
- 擬似ブロードキャスト環境の設定
frame-relay網内で、擬似的にブロードキャスト, マルチキャストが転送できるよう設定を変更します。
R1(config)#interface Serial 0/0 R1(config-if)#frame-relay map ip 192.168.0.2 102 broadcast R1(config-if)#frame-relay map ip 192.168.0.3 103 broadcast R2(config)#interface Serial 0/0 R2(config-if)#frame-relay map ip 192.168.0.1 201 broadcast R2(config-if)#frame-relay map ip 192.168.0.3 201 broadcast R3(config)#interface Serial 0/0 R3(config-if)#frame-relay map ip 192.168.0.1 301 broadcast R3(config-if)#frame-relay map ip 192.168.0.2 301 broadcast
- 擬似ブロードキャスト環境の確認
show frame-relay mapコマンドで、broadcastの表示があるかどうかを確認します。
R1#show frame-relay map
Serial0/0 (up): ip 0.0.0.0 dlci 102(0x66,0x1860)
broadcast,
CISCO, status defined, active
Serial0/0 (up): ip 192.168.0.2 dlci 102(0x66,0x1860), static,
broadcast, <- 擬似ブロードキャスト環境である事を確認
CISCO, status defined, active
Serial0/0 (up): ip 192.168.0.3 dlci 103(0x67,0x1870), static,
broadcast, <- 擬似ブロードキャスト環境である事を確認
CISCO, status defined, active
R1#
- network typeの変更
Serial I/Fのデフォルトのnetwork typeはNON_BROADCASTです。マルチキャストによりneighborを確立できるよう、network typeをBROADCASTに変更します。
R1(config)#interface Serial 0/0 R1(config-if)#ip ospf network broadcast R2(config)#interface Serial 0/0 R2(config-if)#ip ospf network broadcast R3(config)#interface Serial 0/0 R3(config-if)#ip ospf network broadcast
show ip ospf interfaceコマンドにより、network typegがBROADCASTに変わった事を確認します。
R1#show ip ospf interface
Serial0/0 is up, line protocol is up
Internet Address 192.168.0.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 64 <- network typeがBROADCASTに変わった事を確認できます。
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 1.1.1.1, Interface address 192.168.0.1
Backup Designated router (ID) 2.2.2.2, Interface address 192.168.0.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:00
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 2, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
- neighborの確認
neighborが確立され、経路が交換されている事を確認します。
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/DROTHER 00:00:23 192.168.0.2 Serial0/0
3.3.3.3 0 FULL/DROTHER 00:00:29 192.168.0.3 Serial0/0
R1#
R1#
R1#
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 192.168.0.2, 00:00:42, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 192.168.0.3, 00:00:42, Serial0/0
C 192.168.0.0/24 is directly connected, Serial0/0
C 192.168.1.0/24 is directly connected, FastEthernet1/0
R1#
添付ファイル
