Download presentation
Presentation is loading. Please wait.
1
OSPF alfred
2
Step 1 建立校園骨幹 Dlink 3627 Lab, 含出口 Wan 建立 forti3950 學校 vlan and 10 筆靜態路由指到 Dlink 3627. 確認 dlink3627 與 forti 3950 學校 vlan 互通. Ex:3950 ERDC vlan 256 與教研 vlan Wan ip 是 ok 的 建立 N7K 與 3950 單一學校 ospf 路由交換用 vlan 設定 N7K 與 3950 間路由交換用 vlan interface 啟動 ospf Check nei Check topology table
3
Router(config)#ip route 10.231.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.241.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.251.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.253.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.247.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.245.56.0 255.255.255.0 163.20.202.185 Router(config)#ip route 10.226.56.0 255.255.255.0 163.20.202.185
4
OSPF 的開始 PC>ping 163.20.224.189 Pinging 163.20.224.189 with 32 bytes of data: Reply from 163.20.224.189: bytes=32 time=31ms TTL=254 Reply from 163.20.224.189: bytes=32 time=16ms TTL=254 Reply from 163.20.224.189: bytes=32 time=15ms TTL=254 Ping statistics for 163.20.224.189: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 31ms, Average = 19ms PC>ping 163.20.224.186 Pinging 163.20.224.186 with 32 bytes of data: Request timed out. ??????? Why? N7k 尚未設定回來路由 Ospf 課程的開
5
Forti 3950 ospf router ospf 1 log-adjacency-changes area 1256 nssa network 163.20.224.184 0.0.0.7 area 1256
7
Ospf command Review 1. router ospf process-id 2.ios only enable interface match network cmd 3. network widecard 4. area X
8
N7k ospf Router(config)#router ospf 1 Router(config-router)#net Router(config-router)#network 163.20.224.184 0.0.0.7 area 1256 Router(config-router)#do sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 163.20.224.189 1 FULL/DR 00:00:39 163.20.224.189 Vlan200 203.72.153.254 1 FULL/DR 00:00:32 163.20.220.14 Vlan969 172.18.254.254 1 FULL/DROTHER 00:00:34 172.17.11.251 Vlan30 Router(config-router)# 00:47:33: %OSPF-5-ADJCHG: Process 1, Nbr 163.20.224.189 on Vlan200 from LOADING to FULL, Loading Done
9
redistribute Router(config-router)#redistribute connected su Router(config-router)#redistribute connected subnets Router(config-router)#redistribute st Router(config-router)#redistribute static ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF Router(config-router)#redistribute sta Router(config-router)#redistribute static su Router(config-router)#redistribute static subnets Router(config-router)#
11
N7k Sh ip route Gateway of last resort is 192.168.1.254 to network 0.0.0.0 10.0.0.0/24 is subnetted, 7 subnets O N2 10.226.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.231.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.241.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.245.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.247.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.251.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 10.253.56.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 163.20.0.0/16 is variably subnetted, 7 subnets, 3 masks O N2 163.20.1.0/24 [110/20] via 163.20.220.14, 00:57:59, Vlan969 O N2 163.20.66.0/24 [110/20] via 163.20.224.189, 00:00:02, Vlan200 O N2 163.20.202.184/29 [110/20] via 163.20.224.189, 00:00:57, Vlan200 C 163.20.220.8/29 is directly connected, Vlan969 L 163.20.220.9/32 is directly connected, Vlan969 C 163.20.224.184/29 is directly connected, Vlan200 L 163.20.224.186/32 is directly connected, Vlan200 172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.17.11.0/24 is directly connected, Vlan30 L 172.17.11.242/32 is directly connected, Vlan30 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.1.0/24 is directly connected, Vlan11 L 192.168.1.1/32 is directly connected, Vlan11 O N2 203.72.153.0/24 [110/20] via 163.20.220.14, 00:57:59, Vlan969 S* 0.0.0.0/0 [1/0] via 192.168.1.254 Router#ping 10.231.56.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.231.56.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5),
![N7k Sh ip route Gateway of last resort is to network /24 is subnetted, 7 subnets O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan200 O N /24 [110/20] via , 00:00:02, Vlan /16 is variably subnetted, 7 subnets, 3 masks O N /24 [110/20] via , 00:57:59, Vlan969 O N /24 [110/20] via , 00:00:02, Vlan200 O N /29 [110/20] via , 00:00:57, Vlan200 C /29 is directly connected, Vlan969 L /32 is directly connected, Vlan969 C /29 is directly connected, Vlan200 L /32 is directly connected, Vlan /16 is variably subnetted, 2 subnets, 2 masks C /24 is directly connected, Vlan30 L /32 is directly connected, Vlan /24 is variably subnetted, 2 subnets, 2 masks C /24 is directly connected, Vlan11 L /32 is directly connected, Vlan11 O N /24 [110/20] via , 00:57:59, Vlan969 S* /0 [1/0] via Router#ping Type escape sequence to abort.](http://images.slideplayer.com./24/7521102/slides/slide_11.jpg "Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds: !!!!. Success rate is 100 percent (5/5),.")
12
Ospf 常用指令 Sh ip ospf nei Sh ip ospf database
14
Fortigate Firewall 模擬學校 L3 Router 設定 模擬三個 vlan 及 一個 wan 模擬 fortigate 3950 一個 Vdom 設定 – 向下與 dlink 3627 Static Route – 向上與 cisco nexus 7K ospf 交換路由 Policy 設定 實作 Thin Ap controller
16
interface 設定 port – 給 Ip address – 給 dhcp 派 ip Create Vlan – 給 ip address 將 vlan 加到 port 設定 interface vlan ip 派 dhcp
17
Routing 設定 static route 設定 ospf
18
policy 設定 policy nat 設定 radius By 網段管理
19
Thin AP 三個部驟
Similar presentations
