OSPF&PAT综合实验报告
1.1
实验任务
按照拓扑图配置
OSPF
区域、外部路由和网络地址转换
1.2
实验环境和网络拓扑
|
IP
地址规划
|
|||
|
路由器
|
接口
|
IP
地址
|
Loopback 0
|
|
R1
|
F0/0
|
192.168.10.1/24
|
1.1.1
.1
|
|
R2
|
F0/0
|
192.168.10.2/24
|
2.2.2
.2
|
|
F1/0
|
192.168.20.1/24
|
||
|
R3
|
F1/0
|
192.168.20.2/24
|
3.3.3
.3
|
|
F0/0
|
192.168.30.1/24
|
||
|
F1/1
|
192.168.130.1/24
|
||
|
R4
|
F0/0
|
192.168.30.2/24
|
4.4.4
.4
|
|
F1/0
|
202.193.10.1/24
|
||
|
R5
|
F1/1
|
192.168.130.2/24
|
5.5.5
.5
|
|
F1/0
|
202.193.20.1/24
|
||
|
R6
|
F0/0
|
202.193.10.2/24
|
6.6.6
.6
|
|
F1/1
|
202.193.20.2/24
|
||
1.3
完成标准
(1)
按照拓扑图要求连接路由器,配置好各个
OSPF
区域。
(2)
为
R4
和
R5
配置
PAT
。
(3)
在
R4
和
R5
上配置到
R6
的路由,
R4
与
R6
之间为主路由,
R5
与
R6
之间为备份路由;最后验证
R1
到
R6
的网络连通性。
2
.详细操作步骤
Step 1:
配置路由器各接口
IP
地址、各路由器所属
OSPF
区域和外网路由
路由器
R1
配置如下:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R1
R1(config)#int lo 0 //
配置
Loopback 0
地址
R1(config-if)#ip add 1.1.1 .1 255.0.0.0
R1(config-if)#no shut
R1(config-if)#int f0/0 //
配置端口
IP
R1(config-if)#ip add 192.168.10.1 255.0.0.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#
*Dec 20 20:10:35.415: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Dec 20 20:10:36.415: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config)#int f0/0 //
配置端口
IP
R1(config-if)#ip add 192.168.10.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#router ospf 10 //
配置进程为
10
的
OSPF
R1(config-router)#network 192.168.10.0 0.0.0 .255 area 1 //
配置区域
1
的网段和反掩码
R1(config-router)#area 1 stub no-summary //
配置区域
1
为
Stub Totally
区域
R1(config-router)#exit
R1(config)#
*Dec 20 20:19:36.167: %OSPF-5-ADJCHG: Process 10, Nbr 2.2.2 .2 on FastEthernet0/0 from LOADING to FULL, Loading Done
R1(config)#exit
路由器
R2
配置如下:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R2
R2(config)#int lo 0 //
配置
Loopback 0
地址
R2(config-if)#ip add 2.2.2 .2 255.0.0.0
R2(config-if)#no shut
R2(config-if)#int f0/0 //
配置端口
IP
R2(config-if)#ip add 192.168.10.2 255.255.255.0
R2(config-if)#no shut
R2(config-if)#
*Dec 20 20:10:54.007: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Dec 20 20:10:55.007: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet0/0, changed state to up
R2(config-if)#int f1/0 //
配置端口
IP
R2(config-if)#ip add 192.168.20.1 255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#
*Dec 20 20:12:25.515: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed stato up
*Dec 20 20:12:26.515: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/0, changed state to up
R2(config)#router ospf 20 //
配置进程为
20
的
OSPF
R2(config-router)#network 192.168.10.0 0.0.0 .255 area 1 //
配置区域
1
的网段和反掩码
R2(config-router)#area 1 stub no-summary //
配置区域
1
为
Stub Totally
区域
R2(config-router)#
*Dec 20 20:19:36.387: %OSPF-5-ADJCHG: Process 20, Nbr 1.1.1 .1 on FastEthernet from LOADING to FULL, Loading Done
R2(config-router)#network 192.168.20.0 0.0.0 .255 area 0 //
配置区域
0
的网段和反掩码
R2(config-router)#
*Dec 20 20:21:02.923: %OSPF-5-ADJCHG: Process 20, Nbr 3.3.3 .3 on FastEthernet from LOADING to FULL, Loading Done
R2(config-router)#exit
R2(config)#exit
路由器
R3
配置如下:
R3:
Router>
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R3
R3(config)#int lo 0 //
配置
Loopback 0
地址
R3(config-if)#ip add 3.3.3 .3 255.0.0.0
R3(config-if)#no shut
R3(config-if)#int f1/0 //
配置端口
IP
R3(config-if)#ip add 192.168.20.2 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
*Dec 20 20:12:57.711: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed stato up
*Dec 20 20:12:58.711: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/0, changed state to up
R3(config-if)#int f0/0 //
配置端口
IP
R3(config-if)#ip add 192.168.30.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
*Dec 20 20:13:23.559: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Dec 20 20:13:24.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet0/0, changed state to up
R3(config-if)#int f1/1 //
配置端口
IP
R3(config-if)#ip add 192.168.130.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#
*Dec 20 20:13:51.943: %LINK-3-UPDOWN: Interface FastEthernet1/1, changed stato up
*Dec 20 20:13:52.943: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/1, changed state to up
R3(config)#router ospf 30 //
配置进程为
30
的
OSPF
R3(config-router)#network 192.168.20.0 0.0.0 .255 area 0 //
配置区域
0
的网段和反掩码
R3(config-router)#
*Dec 20 20:21:02.295: %OSPF-5-ADJCHG: Process 30, Nbr 2.2.2 .2 on FastEthernet from LOADING to FULL, Loading Done
R3(config-router)#network 192.168.30.0 0.0.0 .255 area 2 //
配置区域
2
的网段和反掩码
R3(config-router)#network 192.168.130.0 0.0.0 .255 area 2 //
配置区域
2
的网段和反掩码
R3(config-router)#area 2 nssa //
配置区域
2
为
NSSA
区域
R3(config-router)#
*Dec 20 20:22:32.271: %OSPF-5-ADJCHG: Process 30, Nbr 4.4.4 .4 on FastEthernet from LOADING to FULL, Loading Done
*Dec 20 20:23:18.007: %OSPF-5-ADJCHG: Process 30, Nbr 5.5.5 .5 on FastEthernet from LOADING to FULL, Loading Done
R3(config-router)#exit
R3(config)#exit
路由器
R4
配置如下:
R4:
Router>
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R4
R4(config)#int lo 0 //
配置
Loopback 0
地址
R4(config-if)#ip add 4.4.4 .4 255.0.0.0
R4(config-if)#no shut
R4(config-if)#int f0/0 //
配置端口
IP
R4(config-if)#ip add 192.168.30.2 255.255.255.0
R4(config-if)#no shut
R4(config-if)#
*Dec 20 20:14:20.631: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed stato up
*Dec 20 20:14:21.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet0/0, changed state to up
R4(config-if)#int f1/0 //
配置端口
IP
R4(config-if)#ip add 202.193.10.1 255.255.255.0
R4(config-if)#no shut
R4(config-if)#
*Dec 20 20:14:46.503: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up
*Dec 20 20:14:47.503: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/0, changed state to up
R4(config-if)#
*Dec 20 20:16:19.071: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on F
Ethernet1/0 (not half duplex), with R6 FastEthernet0/0 (half duplex).
R4(config-if)#duplex full
R4(config-if)#
*Dec 20 20:16:28.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/0, changed state to down
*Dec 20 20:16:30.515: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up
*Dec 20 20:16:31.515: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthet1/0, changed state to up
R4(config-if)#exit
R4(config)#router ospf 40 //
配置进程为
40
的
OSPF
R4(config-router)#network 192.168.30.0 0.0.0 .255 area 2 //
配置区域
2
的网段和反掩码
R4(config-router)#area 2 nssa //
配置区域
2
为
NSSA
区域
R4(config-router)#
*Dec 20 20:22:32.011: %OSPF-5-ADJCHG: Process 40, Nbr 3.3.3 .3 on FastEthernet from LOADING to FULL, Loading Done
R4(config-router)#exit
R4(config)#ip route 0.0.0 .0 0.0.0.0 202.193.10.2 //
配置到
R6
的默认路由
R4(config)#router ospf 40
R4(config-router)#area 2 nssa default-information-originate
//NSSA
区域
2
中默认路由重分发
(代价默认为
0
的主默认路由)
R4(config-router)#exit
路由器
R5
配置如下:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R5
R5(config)#int lo 0 //
配置
Loopback 0
地址
R5(config-if)#ip add 5.5.5 .5 255.0.0.0
R5(config-if)#no shut
R5(config-if)#int f1/1 //
配置端口
IP
R5(config-if)#ip add 192.168.130.2 255.255.255.0
R5(config-if)#no shut
R5(config-if)#
*Dec 20 20:15:20.755: %LINK-3-UPDOWN: Interface FastEthernet1/1, changed state to up
*Dec 20 20:15:21.755: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/1, changed state to up
R5(config-if)#int f1/0 //
配置端口
IP
R5(config-if)#ip add 202.193.20.1 255.255.255.0
R5(config-if)#no shut
R5(config-if)#
*Dec 20 20:15:42.523: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up
*Dec 20 20:15:43.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up
R5(config-if)#exit
R5(config)#nrouter ospf 50 //
配置进程为
50
的
OSPF
R5(config-router)#network 192.168.130.0 0.0.0 .255 area 2 //
配置区域
2
的网段和反掩码
R5(config-router)#area 2 nssa //
配置区域
2
为
NSSA
区域
R5(config-router)#
*Dec 20 20:23:18.403: %OSPF-5-ADJCHG: Process 50, Nbr 3.3.3 .3 on FastEthernet1/1
from LOADING to FULL, Loading Done
R5(config-router)#exit
R5(config)#ip route 0.0.0 .0 0.0.0.0 202.193.20.2 //
配置到
R6
的默认路由
R5(config)#router ospf 50
R5(config-router)#area 2 nssa default-information-originate metric 150
//NSSA
区域
2
中默认路由重分发
(代价设置为
150
的备份默认路由)
R5(config-router)#exit
路由器
R6
配置如下:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ho R6
R6(config)#int lo 0 //
配置
Loopback 0
地址
R6(config-if)#ip add 6.6.6 .6 255.0.0.0
R6(config-if)#no shut
R6(config-if)#int f0/0 //
配置端口
IP
R6(config-if)#ip add 202.193.10.2 255.255.255.0
R6(config-if)#no shut
R6(config-if)#
*Dec 20 20:16:21.479: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Dec 20 20:16:22.479: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
*Dec 20 20:16:31.123: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on Fast
Ethernet0/0 (not full duplex), with R4 FastEthernet1/0 (full duplex).
R6(config-if)#duplex full
R6(config-if)#int f1/1 //
配置端口
IP
R6(config-if)#ip add 202.193.20.2 255.255.255.0
R6(config-if)#no shut
R6(config-if)#
*Dec 20 20:17:42.323: %LINK-3-UPDOWN: Interface FastEthernet1/1, changed state to up
*Dec 20 20:17:43.323: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/1, changed state to up
R6(config-if)#exit
R6(config)#exit
R6#
Step 2:
配置路由器
R4
和
R5
上的
PAT
路由器
R4
配置如下:
R4(config)#access-list 4 permit any //
定义内部
ACL 4
,允许所有
R4(config)#ip nat inside source list 4 interface f1/0 //
设置复用
IP
地址转换在
F1/0
上
R4(config)#int f1/0 //
在
F1/0
上启用外部
NAT
R4(config-if)#ip nat outside
R4(config-if)#int f0/0 //
在
F0/0
上启用内部
NAT
R4(config-if)#ip nat inside
R4(config-if)#exit
R4(config)#exit
路由器
R5
配置如下:
R5(config)#access-list 5 permit any //
定义内部
ACL 5
,允许所有
R5(config)#ip nat inside source list 5 interface f1/0 //
设置复用
IP
地址转换在
F1/0
上
R5(config)#int f1/0 //
在
F1/0
上启用外部
NAT
R5(config-if)#ip nat outside
R5(config-if)#int f1/1 //
在
F1/1
上启用内部
NAT
R5(config-if)#ip nat inside
R5(config-if)#exit
R5(config)#exit
Step 3:
验证路由表、验证网络连通性
路由器
R1
路由表显示如下:
C 1.0.0 .0/8 is directly connected, Loopback0
C 192.168.10.0/24 is directly connected, FastEthernet0/0
O*I A 0.0.0 .0/0 [110/2] via 192.168.10.2, 00:08:01, FastEthernet0/0
路由器
R2
路由表显示如下:
C 2.0.0 .0/8 is directly connected, Loopback0
O IA 192.168.30.0/24 [110/2] via 192.168.20.2, 00:05:35, FastEthernet1/0
C 192.168.10.0/24 is directly connected, FastEthernet0/0
O IA 192.168.130.0/24 [110/2] via 192.168.20.2, 00:04:50, FastEthernet1/0
C 192.168.20.0/24 is directly connected, FastEthernet1/0
O*E2 0.0.0 .0/0 [110/1] via 192.168.20.2, 00:03:41, FastEthernet1/0
路由器
R3
路由表显示如下:
C 3.0.0 .0/8 is directly connected, Loopback0
C 192.168.30.0/24 is directly connected, FastEthernet0/0
O IA 192.168.10.0/24 [110/2] via 192.168.20.1, 00:03:16, FastEthernet1/0
C 192.168.130.0/24 is directly connected, FastEthernet1/1
C 192.168.20.0/24 is directly connected, FastEthernet1/0
O*N2 0.0.0 .0/0 [110/1] via 192.168.30.2, 00:03:16, FastEthernet0/0
路由器
R4
路由表显示如下:
C 192.168.30.0/24 is directly connected, FastEthernet0/0
C 4.0.0 .0/8 is directly connected, Loopback0
O IA 192.168.10.0/24 [110/3] via 192.168.30.1, 00:03:22, FastEthernet0/0
O 192.168.130.0/24 [110/2] via 192.168.30.1, 00:03:22, FastEthernet0/0
O IA 192.168.20.0/24 [110/2] via 192.168.30.1, 00:03:22, FastEthernet0/0
C 202.193.10.0/24 is directly connected, FastEthernet1/0
S* 0.0.0 .0/0 [1/0] via 202.193.10.2
路由器
R5
路由表显示如下:
C 202.193.20.0/24 is directly connected, FastEthernet1/0
O 192.168.30.0/24 [110/2] via 192.168.130.1, 00:03:27, FastEthernet1/1
C 5.0.0 .0/8 is directly connected, Loopback0
O IA 192.168.10.0/24 [110/3] via 192.168.130.1, 00:03:27, FastEthernet1/1
C 192.168.130.0/24 is directly connected, FastEthernet1/1
O IA 192.168.20.0/24 [110/2] via 192.168.130.1, 00:03:27, FastEthernet1/1
S* 0.0.0 .0/0 [1/0] via 202.193.20.2
路由器
R6
路由表显示如下:
C 202.193.20.0/24 is directly connected, FastEthernet1/1
C 6.0.0 .0/8 is directly connected, Loopback0
C 202.193.10.0/24 is directly connected, FastEthernet0/0
路由器
R1
与其他路由器网络连通性测试:
R1#ping 192.168.10.1
//
本地接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R1#ping 192.168.10.2
//
在
R2
上与本地接口相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/56/164 ms
R1#ping 192.168.20.1
//
在
R2
上与
R3
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/80/212 ms
R1#ping 192.168.20.2
//
在
R3
上与
R2
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/84/216 ms
R1#ping 192.168.30.1
//
在
R3
上与
R4
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/142/224 ms
R1#ping 192.168.130.1
//
在
R3
上与
R5
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.130.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/150/208 ms
R1#ping 192.168.30.2
//
在
R4
上与
R3
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/156/280 ms
R1#ping 192.168.130.2
//
在
R5
上与
R3
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.130.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 160/192/228 ms
R1#ping 202.193.10.1
//
在
R4
上与
R6
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 202.193.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 184/222/268 ms
R1#ping 202.193.20.1
//
在
R5
上与
R6
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 202.193.20.1, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 312/333/368 ms
R1#ping 202.193.10.2
//
在
R6
上与
R4
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 202.193.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 188/264/352 ms
R1#ping 202.193.20.2
//
在
R6
上与
R5
相连的接口地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 202.193.20.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 204/316/476 ms
R1#ping 6.6.6 .6
//
在
R6
上的
Loopback 0
地址
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6 .6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 144/270/488 ms
验证路由器
R4
上
PAT
的配置:
R4#show ip nat translations //
监控
NAT
Pro Inside global Inside local Outside local Outside global
协议
内部全局地址
内部局部地址
外部局部地址
外部全局地址
icmp 202.193.10.1:13 192.168.10.1:13 6.6.6 .6:13 6.6.6 .6:13
icmp 202.193.10.1:14 192.168.10.1:14 202.193.10.2:14 202.193.10.2:14
icmp 202.193.10.1:15 192.168.10.1:15 202.193.20.2:15 202.193.20.2:15
R4#
R4#show ip nat statistics //
显示
NAT
数据
Total active translations: 1 (0 static, 1 dynamic; 1 extended)
//
总的活动翻译数:
1
(
0
个静态,
1
个动态;
1
个扩展的)
Outside interfaces: //
外部接口
FastEthernet1/0
Inside interfaces: //
内部接口
FastEthernet0/0
Hits: 70 Misses: 8 //
完成:
70
失败:
8
Expired translations: 7 //
过期的翻译:
7
Dynamic mappings: //
动态映射:
-- Inside Source //
内部资源
[Id: 1] access-list 4 interface FastEthernet1/0 refcount 1 //Id:1 ACL 4
接口
F1/0
计算
1
3
.实验总结
此实验在
OSPF
多区域基础上增加
PAT
配置和默认路由备份配置,实验总结如下:
l
网络地址转换(
Network Address Translation, NAT
)通过将内部网络的私有
IP
地址翻译成全球唯一的公网
IP
地址,使内部网络可以连接到互联网等外部网络上,广泛应用于各种类型因特网接入方式和各种类型的网络中。
l
NAT
实现的三种方式:静态转换(
Static Translation
);动态转换(
Dynamic Translation
);端口多路复用(
Port Address Translation, PAT
)
l
复用内部
LAN
地址(
PAT
)是网络地址转换(
NAT
)的一种方式,是通过准许对
TCP
连接或
UDP
会话的端口进行转换,从而节省内全局集中的合法地址。
l
当多个不同的内部局部地址映射到同一个内部全局地址时,使用各个内部主机的
TCP
或
UDP
端口号来区分它们。
本文出自 “�a�i天命嘻哈” 博客,转载请与作者联系!