Scribd
Upload
37 views21 pages

OSPF Configuration and Route Management

Uploaded by

sachinrajkour1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views21 pages

OSPF Configuration and Route Management

Uploaded by

sachinrajkour1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

LAB – OSPF (Interface-Specific, Authentication, Passive Interface, Route Summarization, Route Filtering)

Objectives
Topology
OSPF Interface-Specific Configuration
CR-1 CR-2 Area 0
2/0 2/0
OSPF Authentication Configuration
1/0 1/1 1/2 1/0 1/1 1/2

OSPF
Authentication Passive-Interface Configuration
• Make all interfaces passive
1/0 1/1 1/0 1/1 1/0 1/1 Router Filter • Allow OSPF updates on specific interface
172.27.0.0/22
DR-1 DR-2 DR-3 (ABR)
1/2 1/2 1/2 Area 40
1/3
Area 30 Route Summarization
Area 10 Area 20
• Intra-area Route Summarization
1/0 1/0 • External Route Summarization
1/0 1/0 Router Filter
172.16.0.0/22 (ASBR) BR-3 BR-4
BR-1 BR-2 Route Filtering

• Route Filtering on ABR


172.16.0.0/24 External 172.27.0.0/24
172.18.0.0/24
172.18.1.0/24
172.20.1.0/24
172.20.2.0/24
• Route Filtering on ASBR
172.16.1.0/24 Summarization 172.27.1.0/24 172.18.2.0/24 172.20.3.0/24
172.16.2.0/24 172.27.2.0/24 172.18.3.0/24 172.20.4.0/24
172.16.3.0/24 172.27.3.0/24
Interarea
Summarization

External External

Primary Path
Backup Path
IP Address Table
Router Port IP Address Router Port IP Address Router Port IP Address
CR1 E1/0 10.10.1.1/30 DR-3 E1/0 10.10.1.10/30 BR-3 E1/0 10.13.1.2/30
E1/1 10.10.1.5/30 E1/1 10.10.2.10/30 Lo 0 192.168.0.247
E1/2 10.10.1.9/30 E1/2 10.13.1.1/24 Lo 1 172.18.0.1/24
E2/0 10.10.1.17/30 E1/3 10.14.1.1/24 Lo 2 172.18.1.1/24
Lo 0 192.168.0.254 Lo 0 192.168.0.250 Lo 3 172.18.2.1/24
CR2 E1/0 10.10.2.1/30 Lo 4 172.18.3.1/24
Router Port IP Address
E1/1 10.10.2.5/30
BR-1 E1/0 10.11.1.2/24 Router Port IP Address
E1/2 10.10.2.9/30
Lo 0 192.168.0.249 BR-4 E1/0 10.14.1.2/30
E2/0 10.10.1.18/30
Lo 1 172.16.0.1/24 E1/1 172.19.1.1/24
Lo 0 192.168.0.253
Lo 2 172.16.1.1/24 Lo 0 192.168.0.246
Lo 3 172.16.2.1/24 Lo 1 172.28.1.1/24
Router Port IP Address 172.16.3.1/24
Lo 4 Lo 2 172.28.2.1/24
DR-1 E1/0 10.10.1.2/30
Lo 3 172.28.3.1/24
E1/1 10.10.2.2/30
Router Port IP Address Lo 4 172.28.4.1/24
E1/2 10.11.1.1/24
BR-2 E1/0 10.12.1.2/24
Lo 0 192.168.0.252
Lo 0 192.168.0.248
Lo 1 172.27.0.1/24
Router Port IP Address
10.10.1.6/30 Lo 2 172.27.1.1/24
DR-2 E1/0
10.10.2.6/30 Lo 3 172.27.2.1/24
E1/1
10.12.1.1/24 Lo 4 172.27.3.1/24
E1/2
Lo 0 192.168.0.251
interface Loopback0
ip address 192.168.0.254 255.255.255.255
CR-1 !
interface Ethernet1/0
ip address 10.10.1.1 255.255.255.252 OSPF Authentication
ip ospf authentication message-digest Configuration
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0 OSPF Point-to-Point
! Network Type
interface Ethernet1/1
ip address 10.10.1.5 255.255.255.252
ip ospf authentication message-digest OSPF Interface-Specific
ip ospf message-digest-key 1 md5 p@ssword Configuration
ip ospf network point-to-point
ip ospf 1 area 0
!
interface Ethernet1/2
ip address 10.10.1.9 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
interface Ethernet2/0
ip address 10.10.1.17 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
router ospf 1
Make all interfaces passive
router-id 192.168.0.254
passive-interface default
no passive-interface Ethernet1/0 Allow OSPF updates on
no passive-interface Ethernet1/1 specific interface
no passive-interface Ethernet1/2
no passive-interface Ethernet2/0
interface Loopback0
ip address 192.168.0.253 255.255.255.255
CR-2 !
interface Ethernet1/0
ip address 10.10.2.1 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet1/1
ip address 10.10.2.5 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet1/2
ip address 10.10.2.9 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet2/0
ip address 10.10.1.18 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
router ospf 1
router-id 192.168.0.253
passive-interface default
no passive-interface Ethernet1/0
no passive-interface Ethernet1/1
no passive-interface Ethernet1/2
no passive-interface Ethernet2/0
DR-1 interface Loopback0
ip address 192.168.0.252 255.255.255.255
!
interface Ethernet1/0
ip address 10.10.1.2 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
interface Ethernet1/1
ip address 10.10.2.2 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet1/2
ip address 10.11.1.1 255.255.255.0
ip ospf 1 area 10
!
router ospf 1
router-id 192.168.0.252
passive-interface default
no passive-interface Ethernet1/0
no passive-interface Ethernet1/1
no passive-interface Ethernet1/2
interface Loopback0
DR-2 ip address 192.168.0.251 255.255.255.255
!
interface Ethernet1/0
ip address 10.10.1.6 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
interface Ethernet1/1
ip address 10.10.2.6 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet1/2
ip address 10.12.1.1 255.255.255.0
ip ospf 1 area 20
!
router ospf 1
router-id 192.168.0.251 Route Summarization for Intra-Area
area 20 range 172.27.0.0 255.255.252.0 Route (from BR-2,Area 20)
passive-interface default
no passive-interface Ethernet1/0
no passive-interface Ethernet1/1
no passive-interface Ethernet1/2
interface Loopback0
ip address 192.168.0.250 255.255.255.255 Route Filtering on ABR
DR-3 !
interface Ethernet1/0
ip address 10.10.1.10 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
!
interface Ethernet1/1
ip address 10.10.2.10 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 p@ssword
ip ospf network point-to-point
ip ospf 1 area 0
ip ospf cost 100
!
interface Ethernet1/2
ip address 10.13.1.1 255.255.255.0
ip ospf 1 area 30
!
interface Ethernet1/3
ip address 10.14.1.1 255.255.255.0
ip ospf 1 area 40
!
router ospf 1
router-id 192.168.0.250 Apply the Filter-List to the OSPF
area 0 filter-list prefix FILTER-1 in Area
passive-interface default
no passive-interface Ethernet1/0
no passive-interface Ethernet1/1
no passive-interface Ethernet1/2
no passive-interface Ethernet1/3
! Create a Prefix-List to Match
ip prefix-list FILTER-1 seq 5 deny 172.20.2.1/32
the Routes You Want to Filter
ip prefix-list FILTER-1 seq 10 deny 172.20.3.1/32
ip prefix-list FILTER-1 seq 20 permit 0.0.0.0/0 le 32
BR-1 interface Loopback0
ip address 192.168.0.249 255.255.255.255
!
interface Loopback1
ip address 172.16.0.1 255.255.255.0
!
interface Loopback2
ip address 172.16.1.1 255.255.255.0
!
interface Loopback3
ip address 172.16.2.1 255.255.255.0
!
interface Loopback4
ip address 172.16.3.1 255.255.255.0
!
interface Ethernet1/0
ip address 10.11.1.2 255.255.255.0
ip ospf 1 area 10
!
router ospf 1
router-id 192.168.0.249 Route Summarization for
summary-address 172.16.0.0 255.255.252.0 External Route
redistribute connected subnets
passive-interface default
no passive-interface Ethernet1/0
interface Loopback0
BR-2
ip address 192.168.0.248 255.255.255.255
!
interface Loopback1
ip address 172.27.0.1 255.255.255.0
ip ospf 1 area 20
!
interface Loopback2
ip address 172.27.1.1 255.255.255.0
ip ospf 1 area 20
!
interface Loopback3
ip address 172.27.2.1 255.255.255.0
ip ospf 1 area 20
!
interface Loopback4
ip address 172.27.3.1 255.255.255.0
ip ospf 1 area 20
!
interface Ethernet1/0
ip address 10.12.1.2 255.255.255.0
ip ospf 1 area 20
!
router ospf 1
router-id 192.168.0.248
passive-interface default
no passive-interface Ethernet1/0
Route Filtering on ASBR
interface Loopback0
BR-3 ip address 192.168.1.9 255.255.255.255
!
interface Loopback1
ip address 172.18.0.1 255.255.255.0
!
interface Loopback2
ip address 172.18.1.1 255.255.255.0
!
interface Loopback3
ip address 172.18.2.1 255.255.255.0
!
interface Loopback4
ip address 172.18.3.1 255.255.255.0
!
router ospf 1
router-id 192.168.0.247
redistribute connected subnets route-map FILTER
passive-interface default
Filter External Routes Using ACL
no passive-interface Ethernet1/0
!
access-list 10 deny 172.18.1.0 0.0.0.255 Route Filtering from External
access-list 10 deny 172.18.2.0 0.0.0.255 Route
access-list 10 permit any
!
route-map FILTER permit 10
match ip address 10
interface Loopback0
BR-4 ip address 192.168.0.246 255.255.255.255
!
interface Loopback1
ip address 172.20.1.1 255.255.255.0
ip ospf 1 area 40
!
interface Loopback2
ip address 172.20.2.1 255.255.255.0
ip ospf 1 area 40
!
interface Loopback3
ip address 172.20.3.1 255.255.255.0
ip ospf 1 area 40
!
interface Loopback4
ip address 172.20.4.1 255.255.255.0
ip ospf 1 area 40
!
router ospf 1
router-id 192.168.0.246
passive-interface default
no passive-interface Ethernet1/0
Verification
Verifying the OSPF interface configuration and status
Area ID Process ID

Router ID

OSPF Network Type

Port Cost

OSPF State

Timer

Neighbor ID

MD5 authentication
Verify the OSPF neighbor relationships

CR-1

CR-2

DR-1

DR-2

DR-3
Verify the OSPF neighbor relationships

BR-1

BR-2

BR-3

BR-4
Verifying the Routing Table from CR-1

Summary Route from BR-1


(External)

won’t see the routes that were


filtered (denied).
172.18.1.0/24
172.18.2.0/24

won’t see the routes that were


filtered (denied)
172.20.2.0/24
172.20.3.0/24

Summary Route from Area 20


(Intra-Area)
Verifying the Routing Table from DR-1

Summary Route from BR-1


(External)

won’t see the routes that were


filtered (denied).
172.18.1.0/24
172.18.2.0/24

won’t see the routes that were


filtered (denied)
172.20.2.0/24
172.20.3.0/24

Summary Route from Area 20


(Intra-Area)
Verifying the Routing Table from BR-1

won’t see the routes that were


filtered (denied).
172.18.1.0/24
172.18.2.0/24

won’t see the routes that were


filtered (denied)
172.20.2.0/24
172.20.3.0/24

Summary Route from Area 20


(Intra-Area)
Verifying the Routing Table from BR-2

Summary Route from BR-1


(External)

won’t see the routes that were


filtered (denied).
172.18.1.0/24
172.18.2.0/24

won’t see the routes that were


filtered (denied)
172.20.2.0/24
172.20.3.0/24
Verifying the OSPF Database (LSDB)

filtered external routes won't


appear here
172.18.1.0/24
172.18.2.0/24

filtered Intra-Area routes won't


appear here
172.20.2.0/24
172.20.3.0/24

You might also like