Halaman

ROUTING OSPF (Open Shortest Path First)

            OSPF (Open Shortest Path First) mak protokolu routing hodi hatudu maneira hanesan atu enkamina tráfiku iha rede. Ida-ne'e uza algoritmu Dijkstra atu hatene kaminu boot liu ba tráfiku entre router sira iha rede. OSPF popularmente uza iha ambiente boot komplesu no grande, hanesan iha korporasaun sira, ISP (Internet Service Providers), no operadora telekomunikasaun.

Nune'e, hau sei hatudu prosesu konfigurasaun OSPF ho tetun:

  1. Ensinia OSPF iha Interface ba rede lokal:

    • Loke iha modo konfigurasaun router.
    • Ensinia OSPF iha interface sira ne'ebé konektadu ba rede lokal.
    • Uza komandu "router ospf [process ID]" atu ativa OSPF hodi define process ID ida. Process ID bele mak ita nia id iha router ida.
    • Define area OSPF ba kada interface, ho komandu "network [network address] [wildcard mask] area [area ID]". Ne'e sei hatudu OSPF network ida ho area ID ne'ebé asosia ho interface ne'ebé identifika hanesan pertense ba área ida iha OSPF.

  2. Define OSPF Router ID:

    • Identifika router ne'ebé iha OSPF process ho OSPF Router ID (ID router nian).
    • Komandu "router-id [Router ID]" bele ativa router ID.

  3. Konsidera Hierarkia OSPF:

    • Define hanesan iha OSPF neighbor routers nia relasaun iha hierarkia ida, inklui Designated Router (DR) no Backup Designated Router (BDR) iha broadcast network.
    • Iha broadcast network, router ho boot priority boot liu sei asume papel hanesan DR. Iha komandu "ip ospf priority" atu define boot priority ida ba router ne'ebé sei asume papel hanesan DR.
    • Iha non-broadcast network, presiza hatene iha manualmente define DR no BDR.

  4. Monitorizasaun OSPF:

    • Hatene kona-ba OSPF neighbor routers nia estadu uza komandu "show ip ospf neighbor".
    • Monitoriza topolojia rede uza komandu "show ip ospf topology".

  5. Seguransa OSPF:

    • Uza autentikasaun OSPF atu asegura katak komunikasaun OSPF seguru. Hanesan, autentikasaun kriptografika uza MD5.
    • Define autentikasaun OSPF ho komandu "ip ospf authentication".

        Hau espera ke informasaun ne'e ajuda ita atu hatudu prosesu konfigurasaun OSPF boot importante tebes iha redes boot no grande hodi hatene maneira hanesan atu enkamina tráfiku ho efikas no seguru.


Ref.
http://searchenterprisewan.techtarget.com/definition/OSPF

Topologia Routing OSPF
 

 Konfiurasaun nebé ita halo iha router mak hanesan tuir mai né :
===============================================
# R1
hostname R1
!
!
ip cef
no ipv6 cef
!

spanning-tree mode pvst
!
interface FastEthernet0/0
 ip address 192.168.20.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 10.10.10.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/1/0
 ip address 40.40.40.1 255.255.255.252
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
router ospf 10
 log-adjacency-changes
 network 10.10.10.0 0.0.0.3 area 0
 network 40.40.40.0 0.0.0.3 area 0
 network 192.168.20.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

koko teste


R1#sh ip ospf neighbor


Neighbor ID Pri State Dead Time Address Interface
192.168.10.254 0 FULL/ - 00:00:31 10.10.10.2 Serial0/0/0
192.168.40.254 0 FULL/ - 00:00:34 40.40.40.2 Serial0/1/0
R1#

======================================
 Konfigurasaun iha R2
======================================
hostname R2
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!
interface FastEthernet0/0
 ip address 192.168.10.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 10.10.10.2 255.255.255.252
!
interface Serial0/1/0
 ip address 30.30.30.1 255.255.255.252
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
router ospf 10
 log-adjacency-changes
 network 10.10.10.0 0.0.0.3 area 0
 network 30.30.30.0 0.0.0.3 area 0
 network 192.168.10.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

koko teste
R2#sh ip ospf neighbor


Neighbor ID Pri State Dead Time Address Interface
192.168.20.254 0 FULL/ - 00:00:33 10.10.10.1 Serial0/0/0
192.168.30.254 0 FULL/ - 00:00:34 30.30.30.2 Serial0/1/0

=====================================
 Konfigurasaun iha R3
=====================================
 hostname R3
!
!
ip cef
no ipv6 cef
!

spanning-tree mode pvst
!
!
interface FastEthernet0/0
 ip address 192.168.40.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 40.40.40.2 255.255.255.252
!
interface Serial0/1/0
 ip address 20.20.20.2 255.255.255.252
!
interface Vlan1
 no ip address
 shutdown
!
router ospf 10
 log-adjacency-changes
 network 20.20.20.0 0.0.0.3 area 0
 network 40.40.40.0 0.0.0.3 area 0
 network 192.168.40.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

 koko teste 

R3#sh ip ospf neighbor


Neighbor ID Pri State Dead Time Address Interface
192.168.20.254 0 FULL/ - 00:00:38 40.40.40.1 Serial0/0/0
192.168.30.254 0 FULL/ - 00:00:34 20.20.20.1 Serial0/1/0

========================================
konfigurasaun iha R4
========================================
hostname R4
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
!
interface FastEthernet0/0
 ip address 192.168.30.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 30.30.30.2 255.255.255.252
!
interface Serial0/1/0
 ip address 20.20.20.1 255.255.255.252
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
router ospf 10
 log-adjacency-changes
 network 20.20.20.0 0.0.0.3 area 0
 network 30.30.30.0 0.0.0.3 area 0
 network 192.168.30.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end

koko teste
R4#sh ip ospf neighbor


Neighbor ID Pri State Dead Time Address Interface
192.168.10.254 0 FULL/ - 00:00:38 30.30.30.1 Serial0/0/0
192.168.40.254 0 FULL/ - 00:00:35 20.20.20.2 Serial0/1/0

=========================================

koko teste ping 
ex:ping husi pc0 ba ip 30.30.30.1

 

ex1; ping husi pc1 ba ip192.168.10.254

 


keta haluha teste ping husi router ida ba router seluk e teste ping husi pc0 ba router hotu.

obrigado.
Diposting oleh Tidak ada komentar:

Routing EIGRP (Enchanced Interior Gateway Routing Protocol)

            EIGRP mak protokolu routing hodi hatene maneira hanesan atu enkamina tráfiku iha rede. Ida-ne'e uza algoritmu DUAL (Diffusing Update Algorithm) hodi hatene kaminu boot liu ba tráfiku. EIGRP hanesan protokolu routing avançadu ne'ebé dezenvolve hosi Cisco Systems.

            Iha EIGRP, kada router armazena informasaun kona-ba topolojia rede nian, inklui IP address sira, métrika, ka hop count (numeru boot), hodi kria tabela routing ne'ebé hatudu rota sira ba destinu. EIGRP permite atu hatene maneira hanesan atu enkamina tráfiku liu hosi múltiplu kaminu, haree atu assegura alta disponibilidade no redundánsia ba rede.

Prosesu konfigurasaun EIGRP inklui:

  1. Ativa EIGRP iha Interface ba rede lokal:

    • Loke iha modo konfigurasaun router.
    • Ensinia EIGRP iha interface sira ne'ebé konektadu ba rede lokal.
    • Uza komandu "router eigrp [AS number]" atu ativa EIGRP hodi define Autonomous System (AS) number. AS number mak numeru ne'ebé identifika rede ne'ebé uza EIGRP.

  2. Define Neighbor Routers:

    • Router sira ne'ebé iha mesmu AS sei estabelese relasaun neighbor.
    • Router sira sei troka EIGRP updates hodi hatene topolojia boot liu ba rede.
    • Komunikasaun entre router sira mak iha hanesan hodi hatene rota boot liu ba tráfiku.

  3. Konsidera Métrika EIGRP:

    • EIGRP uza métrika boot liu hanesan kombinasaun hosi bandwith, delay, load, ka reliability atu hatene kaminu boot liu ba tráfiku.
    • Métrika boot liu hosi EIGRP bele adapta ho kondisaun rede ne'ebé kambia, hatudu tráfiku boot liu hosi kaminu ne'ebé boot efetivu.

  4. Monitorizasaun EIGRP:

    • Monitoriza topolojia rede uza komandu "show ip eigrp topology".
    • Observa neighbor routers hosi router nia perspetiva uza komandu "show ip eigrp neighbors".

  5. Seguransa EIGRP:

    • Uza autentikasaun EIGRP atu asegura katak komunikasaun EIGRP seguru. Hanesan, autentikasaun kriptografika uza MD5.
    • Define autentikasaun EIGRP ho komandu "ip authentication mode eigrp".

EIGRP boot importante iha ambiente korporativu, espesialmente iha ambiente Cisco, tanba boot flexibilidade, rendimentu boot liu, no mekanizmu boot liu ba redundánsia ba rede. Hau espera ke informasaun ne'e ajuda ita atu hatudu prosesu konfigurasaun EIGRP ho tetun.


Ref :
http://catatanulun.blogspot.com/2014/01/eigrp-enchanced-interior-gateway.html

Mai ita koko halo tuir dezenho ida iha kraik né :



Dezenho iha Leten né Router_3 R3 hanesan Router gateway entre router hotu iha laran, configurasaun iha router R3 mak hanesan tuir mai né:
 ======================================
hostname R3
!
!
no ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 172.78.0.1 255.255.255.252
!
interface Serial0/1/0
 ip address 172.72.0.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/2/0
 ip address 172.76.0.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/3/0
 ip address 172.74.0.1 255.255.255.252
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 222
 network 172.76.0.0
 network 174.76.0.0
 network 172.78.0.0
 network 172.72.0.0
 network 172.74.0.0
 auto-summary
!
ip classless
!
ip flow-export version 9
!
!
!
no cdp run
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
end

koko teste ;

R3#sh ip eigrp neighbors
IP-EIGRP neighbors for process 222
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.76.0.2 Se0/2/0 13 00:12:21 40 1000 0 21

1 172.78.0.2 Se0/0/0 13 00:12:20 40 1000 0 19

2 172.74.0.2 Se0/3/0 14 00:12:19 40 1000 0 37

3 172.72.0.2 Se0/1/0 14 00:12:19 40 1000 0 38

R3#

=================================
Konfigurasaun iha R1
=================================
 hostname R1
!
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
!

interface FastEthernet0/0
 ip address 172.70.0.254 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 172.72.0.2 255.255.255.252
!
interface Serial0/1/0
 ip address 172.73.0.2 255.255.255.252
!
interface Serial0/2/0
 ip address 172.71.0.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/3/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 222
 network 172.71.0.0
 network 172.72.0.0
 network 172.73.0.0
 network 172.70.0.0
 auto-summary
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

koko teste R1#sh ip eigrp neighbors 

 R1#sh ip eigrp neighbors
IP-EIGRP neighbors for process 222
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.71.0.2 Se0/2/0 10 00:22:30 40 1000 0 20

1 172.72.0.1 Se0/0/0 11 00:22:29 40 1000 0 23

2 172.73.0.1 Se0/1/0 12 00:22:26 40 1000 0 38
==================================
 Konfigurasaun ih Router_2 R2
==================================

hostname R2
!
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
!
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 172.78.0.2 255.255.255.252
 clock rate 2000000
!
interface Serial0/1/0
 ip address 172.71.0.2 255.255.255.252
!
interface Serial0/2/0
 ip address 172.77.0.2 255.255.255.252
 clock rate 2000000
!
interface Serial0/3/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 222
 network 172.78.0.0
 network 172.71.0.0
 network 172.77.0.0
 auto-summary
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end


R2#sh ip eigrp neighbors
IP-EIGRP neighbors for process 222
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.71.0.1 Se0/1/0 14 00:24:44 40 1000 0 38

1 172.78.0.1 Se0/0/0 11 00:24:44 40 1000 0 22

===================================
Konfigurasaun iha Router_4 R4
===================================
hostname R4
!
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 172.73.0.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/1/0
 ip address 172.75.0.1 255.255.255.252
 clock rate 2000000
!
interface Serial0/2/0
 ip address 172.74.0.2 255.255.255.252
!
interface Serial0/3/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 222
 network 172.75.0.0
 network 172.74.0.0
 network 172.73.0.0
 auto-summary
!
ip classless
!
ip flow-export version 9
!
!
!
no cdp run
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

R4#sh ip eigrp neighbors
IP-EIGRP neighbors for process 222
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.75.0.2 Se0/1/0 10 00:26:13 40 1000 0 20

1 172.74.0.1 Se0/2/0 11 00:26:13 40 1000 0 22

2 172.73.0.2 Se0/0/0 14 00:26:10 40 1000 0 39

====================================
Konfigurasaun iha Router_5 R5
====================================
hostname R5
!
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
!
interface FastEthernet0/0
 ip address 172.79.0.230 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 172.76.0.2 255.255.255.252
!
interface Serial0/1/0
 ip address 172.75.0.2 255.255.255.252
!
interface Serial0/2/0
 ip address 172.77.0.1 255.255.255.252
!
interface Serial0/3/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 222
 network 172.76.0.0
 network 172.75.0.0
 network 172.7.0.0
 network 172.79.0.0
 auto-summary
!
ip classless
!
ip flow-export version 9
!
!
!
no cdp run
!
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
!
!
end

R5# sh ip eigrp neighbors
IP-EIGRP neighbors for process 222
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.76.0.1 Se0/0/0 10 00:27:44 40 1000 0 22

1 172.75.0.1 Se0/1/0 13 00:27:43 40 1000 0 37

====================================

koko halo teste ping husi Pc0 ba qualquer router e teste ba pc1

ex:

 Ex2 husi pco ba pc1


 obrigado.


Diposting oleh Tidak ada komentar:

Routing Information Protocol (RIP) Vertion 2

            Routing Information Protocol (RIP) mak protokolu routing hodi hatudu maneira hanesan atu enkamina tráfiku iha rede. Ida-ne'e boot uza liu-liu iha ambiente boot no simplu, maibé nia mos bele uza iha rede grande.

Hau sei hatudu prosesu konfigurasaun RIP Versaun 2 ho tetun:

  1. Ensinia RIP Versaun 2 iha Interface ba rede lokal:

    • Loke iha modo konfigurasaun router.
    • Uza komandu "router rip" hodi aktivar RIP iha router.
    • Define interface sira ne'ebé boot ba RIP hodi hatudu informasaun routing.
    • Uza komandu "network [network address]" atu hatudu rede ne'ebé afeta ba RIP.

  2. Define RIP Timers:

    • RIP uza timers sira hodi hatudu maneira hanesan atu atualiza informasaun routing.
    • Timers prinsipal sira mak Update Timer, Invalid Timer, Holddown Timer, no Flush Timer.
    • Uza komandu "timers basic [update] [invalid] [holddown] [flush]" atu define timers sira.

  3. Define RIP Version 2:

    • Aktiva RIP Versaun 2 atu hatudu katak ita uza RIPv2 iha rede.
    • Uza komandu "version 2" iha modo konfigurasaun router.

  4. Monitorizasaun RIP:

    • Uza komandu "show ip route rip" atu hatudu tabela routing ne'ebé afeta ba RIP.
    • Monitoriza RIP neighbor routers uza komandu "show ip rip database" ka "show ip rip neighbor".

  5. Autentikasaun RIP (Opsional):

    • Atu asegura katak komunikasaun RIP seguru, ita bele uza autentikasaun RIP.
    • Define autentikasaun RIP ka autentikasaun MD5.
    • Uza komandu "ip rip authentication mode" hodi define modu autentikasaun RIP.

RIP Versaun 2 boot solusaun routing ida-ne'ebé boot simplu atu implementa, maibé importante atu hatudu katak nia nia kona-ba atualizasaun routing bele sai limitadu iha rede grande ka komplesu. Labele uza iha ambiente ho topolojia boot kompleksu ka grande, tanba nia nia kona-ba métrika limitadu no aktualizasaun routing iha intervak nu'udar limitasau

http://fadlyfstik2010.blogspot.com/2012/10/rip-routing-information-protocol.html

ita koko halo tuir topologia tuir mai né ;

=======================
 Configurasaun iha Router ISP :
=======================
hostname Rtr_ISP
!
!
no ip cef
no ipv6 cef
!
!

!
spanning-tree mode pvst
!

interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 200.100.10.1 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 200.100.10.0
!
ip classless
!
ip flow-export version 9
!

!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end

===========================
 Konfigurasaun iha Router R1
======================

hostname R1
!
!

no ip cef
no ipv6 cef
!

!
spanning-tree mode pvst
!

interface FastEthernet0/0
no ip address
ip nat inside
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
ip address 192.168.20.254 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Serial0/0/0
ip address 200.100.10.2 255.255.255.252
!
interface Serial0/1/0
ip address 10.10.10.1 255.255.255.252
ip nat outside
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 10.0.0.0
network 192.168.20.0
network 200.100.10.0
!
ip nat inside source static 192.168.20.4 8.8.8.8
ip classless
!
ip flow-export version 9
!

line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end

=======================
Konfigurasuan iha Router R2
=======================
hostname R2
!
!

no ip cef
no ipv6 cef
!

spanning-tree mode pvst
!

interface FastEthernet0/0
ip address 192.168.10.254 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.10.10.2 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
network 192.168.10.0
!
ip classless
!
ip flow-export version 9
!
!

line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end

====================
====================
====================

koko halo teste ping husi PC1 hanesan tuir mai né ba ip 192.168.20.4/DNS-Server
ex 1:












Ex2 : test to Rtr_ISP














iha Kongirasaun nebe hau tau ona (warna iha laran) ne atu hatudu deit network nebe vizino/Neighbors ka ligasaun directa entre equipamento hanesan iha dezenho nebé ita halo ona iha leten, bele hare didiak ka analiza liga ligasaun né para bele kompriende liu tan.


obrigado.
Diposting oleh 1 komentar:
Langganan: Komentar (Atom)