Thursday, August 14, 2014

OSPF Advanced: Virtual-link, Stub, Totally Stubby, NSSA, NSSA Totally Stubby Area, md5 Authentication




- OSPF -
MD5 Authentication
Stub
Totally Stubby
NSSA(Not-So-Stubby-Area)
NSSA Totally Stubby
Virtual-Link



1. Cofigure basic OSPF for the network shown. Advertise all networks attached to each router into
OSPF using the simplest method available. To inject external networks into the OSPF domain, redistribute the static routes on R1. These routes should be marked as type E1.

R1>
conf t
router ospf 1
redistribute static subnets metric-type 1 metric 50

2. OSPF should never form neighbor relationships on any interface where other OSPF routers do not exist(as shown in the diagrma).

ex)
R1>
conf t
router ospf 1
 passive-interface default
 no passive-interface FastEthernet0/0

3. All routers in Area 0 should use MD5 authentication for OSPF neighbors. Routers in Area 23 should be configured to support clear-text authentication for OSPF neighbors.

Ex for area0]
R1,R2,R3 and R4>
conf t
int f0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco123

Ex for area 23]
R2 and R3>
conf t
int s0/0
ip ospf authentication
ip ospf authentication-key cisco123



4. Routers in Area 45 are limited in their capacity and should not receive routes for networks outside the OSPF System. These routers should reach the external network using a default route which cannot be configured statically.

####### Stub Area: LSA5 : ABR sends default gateway to stub router for external routes.
                            LSA1-Router, LSA2-Network, LSA3-IA(Summary-LSA),
                            LSA4-Summary-LSA(cost to ASBR), LSA5-external routes(E1,E2),
                            LSA7-external routes in NSSA(N1,N2)
R4 and R5>
conf t
router ospf 1
area 45 stub

5. Routers in Area 23 must not receive any Type 3,4, or 5 LSAs from the rest of the OSPF network.
These routers should reach the external network using a default route with an initial OSPF cost of 100.
Routers in Area 19

####### Totally Stubby Area : LSA 3,4,5 : ABR(R2) must be cisco router because 'Totally stub area' is cisco proprietary.
R2>
conf t
router ospf 1
area 23 stub no-summary
area 23 default-cost 100
R3>
conf t
router ospf 1
area 23 stub

7. Routers in Area 110 must not receive any Type 5 LSAs.(Notice:loopbacks are redistributed into OSPF in R10)
####### NSSA (Not-So-Stubby-Area): When there is a ASBR inside of the network, Stub and Totally Stub network can't be configured.
                          Therefore, we should use NSSA(E1 -> N1, E2 -> N2)
R1>
conf t
router ospf 1
area 110 nssa default-information-originate
R10>
conf t
router ospf 1
area 110 nssa

8. routers in Area 19 must not receive any Type 3,4, or 5 LSAs. (Note: loopbacks are redistributed into OSPF on router 9 in Area 19)
######## NSSA Totally Stubby Area: This does not recieve any type 3,4,5, or 7 from ASBR router except defualt route.

R1>
conf t
router ospf 1
area 19 nssa no-summary
R9>
conf t
router ospf 1
area 19 nssa

9. When this exercise is complete, all routers should be able to reach (ping) every route in the OSPF routing table.

#Virtual link
R6>
conf t
router ospf 1
area 67 virtual-link 7.7.7.7
R7>
conf t
router ospf 1
area 67 virtual-link 6.6.6.6


--------------------------------------------------------------------------------

Configurations

R1>

interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.100.1.1 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco123
 speed 10
 full-duplex
!      
interface Serial0/0
 ip address 10.19.1.1 255.255.255.0
 clock rate 2000000
!
interface Serial0/1
 ip address 10.110.1.1 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 area 19 nssa no-summary
 area 110 nssa default-information-originate
 passive-interface default
 no passive-interface FastEthernet0/0
 no passive-interface Serial0/0
 no passive-interface Serial0/1
 network 10.19.1.1 0.0.0.0 area 19
 network 10.100.1.1 0.0.0.0 area 0
 network 10.110.1.1 0.0.0.0 area 110

R2>

interface Loopback0
 ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.100.1.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco123
 speed 10
 full-duplex
!      
interface Serial0/0
 ip address 10.23.1.2 255.255.255.0
 ip ospf authentication
 ip ospf authentication-key cisco123
 clock rate 2000000
!
router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 area 23 stub no-summary
 area 23 default-cost 100
 passive-interface default
 no passive-interface FastEthernet0/0
 no passive-interface Serial0/0
 network 10.23.1.2 0.0.0.0 area 23
 network 10.100.1.2 0.0.0.0 area 0

R3>

interface Loopback0
 ip address 3.3.3.3 255.255.255.0
!
interface Loopback1
 ip address 172.30.0.1 255.255.255.0
!
interface Loopback2
 ip address 172.30.1.1 255.255.255.0
!
interface Loopback3
 ip address 172.30.2.1 255.255.255.0
!
interface Loopback4
 ip address 172.30.3.1 255.255.255.0
!
interface Serial0/0
 ip address 10.23.1.3 255.255.255.0
 ip ospf authentication
 ip ospf authentication-key cisco123
 clock rate 2000000
!  
router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 area 23 stub
 passive-interface default
 no passive-interface Serial0/0
 network 10.23.1.3 0.0.0.0 area 23
 network 172.30.0.0 0.0.3.255 area 23

R4>

interface Loopback0
 ip address 4.4.4.4 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.100.1.4 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco123
 speed 10
 full-duplex
!      
interface Serial0/0
 ip address 10.45.1.4 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 area 45 stub
 passive-interface default
 no passive-interface FastEthernet0/0
 no passive-interface Serial0/0
 network 10.45.1.4 0.0.0.0 area 45
 network 10.100.1.4 0.0.0.0 area 0

R5>

interface Loopback0
 ip address 5.5.5.5 255.255.255.0
!
interface Serial0/0
 ip address 10.45.1.5 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 5.5.5.5
 log-adjacency-changes
 area 45 stub
 passive-interface default
 no passive-interface Serial0/0
 network 10.45.1.5 0.0.0.0 area 45

R6>

interface Loopback6
 ip address 6.6.6.6 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.100.1.6 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco123
 speed 10
 full-duplex
!      
interface Serial0/0
 ip address 10.67.1.6 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 6.6.6.6
 log-adjacency-changes
 area 67 virtual-link 7.7.7.7
 passive-interface default
 no passive-interface FastEthernet0/0
 no passive-interface Serial0/0
 network 10.67.1.6 0.0.0.0 area 67
 network 10.100.1.6 0.0.0.0 area 0

R7>

interface Loopback0
 ip address 7.7.7.7 255.255.255.0
!
interface Serial0/0
 ip address 10.67.1.7 255.255.255.0
 clock rate 2000000
!
interface Serial0/1
 ip address 10.78.1.7 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 7.7.7.7
 log-adjacency-changes
 area 67 virtual-link 6.6.6.6
 passive-interface default
 no passive-interface Serial0/0
 no passive-interface Serial0/1
 network 10.67.1.7 0.0.0.0 area 67
 network 10.78.1.7 0.0.0.0 area 78

R8>

interface Loopback0
 ip address 8.8.8.8 255.255.255.0
!
interface Serial0/0
 ip address 10.78.1.8 255.255.255.0
 clock rate 2000000
!
router ospf 1
 log-adjacency-changes
 passive-interface default
 no passive-interface Serial0/0
 network 10.78.1.8 0.0.0.0 area 78

R9>

interface Loopback0
 ip address 9.9.9.9 255.255.255.0
!
interface Loopback1
 ip address 172.32.0.1 255.255.255.0
!
interface Loopback2
 ip address 172.32.1.1 255.255.255.0
!
interface Loopback3
 ip address 172.32.2.1 255.255.255.0
!
interface Loopback4
 ip address 172.32.3.1 255.255.255.0
!
interface Serial0/0
 ip address 10.19.1.9 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 9.9.9.9
 log-adjacency-changes
 area 19 nssa
 redistribute connected subnets
 network 10.19.1.9 0.0.0.0 area 19

R10>

interface Loopback0
 ip address 10.10.10.10 255.255.255.0
!
interface Loopback1
 ip address 172.31.0.1 255.255.255.0
!
interface Loopback2
 ip address 172.31.1.1 255.255.255.0
!
interface Loopback3
 ip address 172.31.2.1 255.255.255.0
!
interface Loopback4
 ip address 172.31.3.1 255.255.255.0
!
interface Serial0/0
 ip address 10.110.1.10 255.255.255.0
 clock rate 2000000
!
router ospf 1
 router-id 10.10.10.10
 log-adjacency-changes
 area 110 nssa
 redistribute connected subnets

 network 10.110.1.10 0.0.0.0 area 110

---------------------------------------------------------------

routes

R10 - NSSA

     172.31.0.0/24 is subnetted, 4 subnets
C       172.31.3.0 is directly connected, Loopback4
C       172.31.2.0 is directly connected, Loopback3
C       172.31.1.0 is directly connected, Loopback2
C       172.31.0.0 is directly connected, Loopback1
     172.30.0.0/32 is subnetted, 4 subnets
O IA    172.30.3.1 [110/139] via 10.110.1.1, 00:58:28, Serial0/0
O IA    172.30.2.1 [110/139] via 10.110.1.1, 00:58:28, Serial0/0
O IA    172.30.1.1 [110/139] via 10.110.1.1, 00:58:28, Serial0/0
O IA    172.30.0.1 [110/139] via 10.110.1.1, 00:58:29, Serial0/0
     10.0.0.0/24 is subnetted, 8 subnets
C       10.10.10.0 is directly connected, Loopback0
O IA    10.19.1.0 [110/128] via 10.110.1.1, 00:58:29, Serial0/0
O IA    10.23.1.0 [110/138] via 10.110.1.1, 00:58:29, Serial0/0
O IA    10.45.1.0 [110/138] via 10.110.1.1, 00:58:29, Serial0/0
O IA    10.78.1.0 [110/202] via 10.110.1.1, 00:58:29, Serial0/0
O IA    10.67.1.0 [110/138] via 10.110.1.1, 00:58:29, Serial0/0
C       10.110.1.0 is directly connected, Serial0/0
O IA    10.100.1.0 [110/74] via 10.110.1.1, 00:58:29, Serial0/0
O*N2 0.0.0.0/0 [110/1] via 10.110.1.1, 00:58:29, Serial0/0

R9 - NSSA Totally Stubby Area

     172.32.0.0/24 is subnetted, 4 subnets
C       172.32.0.0 is directly connected, Loopback1
C       172.32.1.0 is directly connected, Loopback2
C       172.32.2.0 is directly connected, Loopback3
C       172.32.3.0 is directly connected, Loopback4
     9.0.0.0/24 is subnetted, 1 subnets
C       9.9.9.0 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.19.1.0 is directly connected, Serial0/0
O*IA 0.0.0.0/0 [110/65] via 10.19.1.1, 01:14:29, Serial0/0

R5 - Stubby

     5.0.0.0/24 is subnetted, 1 subnets
C       5.5.5.0 is directly connected, Loopback0
     172.30.0.0/32 is subnetted, 4 subnets
O IA    172.30.3.1 [110/139] via 10.45.1.4, 01:59:27, Serial0/0
O IA    172.30.2.1 [110/139] via 10.45.1.4, 01:59:27, Serial0/0
O IA    172.30.1.1 [110/139] via 10.45.1.4, 01:59:27, Serial0/0
O IA    172.30.0.1 [110/139] via 10.45.1.4, 01:59:27, Serial0/0
     10.0.0.0/24 is subnetted, 7 subnets
O IA    10.19.1.0 [110/138] via 10.45.1.4, 01:28:51, Serial0/0
O IA    10.23.1.0 [110/138] via 10.45.1.4, 02:42:18, Serial0/0
C       10.45.1.0 is directly connected, Serial0/0
O IA    10.78.1.0 [110/202] via 10.45.1.4, 01:49:40, Serial0/0
O IA    10.67.1.0 [110/138] via 10.45.1.4, 02:42:18, Serial0/0
O IA    10.110.1.0 [110/138] via 10.45.1.4, 01:02:29, Serial0/0
O IA    10.100.1.0 [110/74] via 10.45.1.4, 02:42:18, Serial0/0
O*IA 0.0.0.0/0 [110/65] via 10.45.1.4, 02:42:18, Serial0/0

R3 - Totally Stubby Area

     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback0
     172.30.0.0/24 is subnetted, 4 subnets
C       172.30.2.0 is directly connected, Loopback3
C       172.30.3.0 is directly connected, Loopback4
C       172.30.0.0 is directly connected, Loopback1
C       172.30.1.0 is directly connected, Loopback2
     10.0.0.0/24 is subnetted, 1 subnets
C       10.23.1.0 is directly connected, Serial0/0
O*IA 0.0.0.0/0 [110/164] via 10.23.1.2, 02:00:37, Serial0/0

R8 - Virtual-Link


     172.31.0.0/24 is subnetted, 4 subnets
O E2    172.31.3.0 [110/20] via 10.78.1.7, 01:01:01, Serial0/0
O E2    172.31.2.0 [110/20] via 10.78.1.7, 01:01:01, Serial0/0
O E2    172.31.1.0 [110/20] via 10.78.1.7, 01:01:01, Serial0/0
O E2    172.31.0.0 [110/20] via 10.78.1.7, 01:01:01, Serial0/0
     172.30.0.0/32 is subnetted, 4 subnets
O IA    172.30.3.1 [110/203] via 10.78.1.7, 01:31:31, Serial0/0
O IA    172.30.2.1 [110/203] via 10.78.1.7, 01:31:31, Serial0/0
O IA    172.30.1.1 [110/203] via 10.78.1.7, 01:31:32, Serial0/0
O IA    172.30.0.1 [110/203] via 10.78.1.7, 01:31:32, Serial0/0
     172.32.0.0/24 is subnetted, 4 subnets
O E2    172.32.0.0 [110/20] via 10.78.1.7, 01:16:28, Serial0/0
O E2    172.32.1.0 [110/20] via 10.78.1.7, 01:16:28, Serial0/0
O E2    172.32.2.0 [110/20] via 10.78.1.7, 01:16:28, Serial0/0
O E2    172.32.3.0 [110/20] via 10.78.1.7, 01:16:28, Serial0/0
     8.0.0.0/24 is subnetted, 1 subnets
C       8.8.8.0 is directly connected, Loopback0
     9.0.0.0/24 is subnetted, 1 subnets
O E2    9.9.9.0 [110/20] via 10.78.1.7, 01:16:28, Serial0/0
     10.0.0.0/24 is subnetted, 8 subnets
O E2    10.10.10.0 [110/20] via 10.78.1.7, 01:01:03, Serial0/0
O IA    10.19.1.0 [110/202] via 10.78.1.7, 01:30:19, Serial0/0
O IA    10.23.1.0 [110/202] via 10.78.1.7, 01:31:32, Serial0/0
O IA    10.45.1.0 [110/202] via 10.78.1.7, 01:31:32, Serial0/0
C       10.78.1.0 is directly connected, Serial0/0
O IA    10.67.1.0 [110/128] via 10.78.1.7, 01:31:32, Serial0/0
O IA    10.110.1.0 [110/202] via 10.78.1.7, 01:03:56, Serial0/0
O IA    10.100.1.0 [110/138] via 10.78.1.7, 01:31:34, Serial0/0
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)