1,配置IP地址
[R1]dis ip interface brief Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 200.1.1.1/24 up up
GigabitEthernet0/0/1 10.1.1.1/24 up up
GigabitEthernet0/0/2 10.2.2.1/24 up up
LoopBack0 1.1.1.1/32 up up(s) [R2]dis ip interface brief Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.1.1.2/24 up up
GigabitEthernet0/0/1 10.3.3.2/24 up up
LoopBack0 2.2.2.2/32 up up(s) [R3]dis ip interface brief Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 10.2.2.3/24 up up
GigabitEthernet0/0/1 10.3.3.3/24 up up
GigabitEthernet0/0/2 192.168.1.254/24 up up
LoopBack0 3.3.3.3/32 up up(s)
[R4]dis ip interface brief Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 200.1.1.4/24 up up PC1:192.168.1.1/24
2,R1,R2,R3运行ospf使内网互通,所有接口(公网接口除外)全部宣告进Area 0 ;
R1
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.2.2.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0R2
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 0.0.0.0 255.255.255.255R3
[R3-ospf-1-area-0.0.0.0]network 0.0.0.0 255.255.255.255
3,公网通
[R1]ip route-static 0.0.0.0 0 200.1.1.4
4,业务网段不允许出现协议报文
[R3-ospf-1]silent-interface GigabitEthernet 0/0/2
——设置静默接口使得ospf的协议报文不能通过0/0/2口
5,R4模拟互联网,内网通过R1连接互联网,在R1上配置默认路由并引入到ospf
1,在接口上配置easy ip[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]nat outbound 2000
配置默认路由
[R1-ospf-1]default-route-advertise always 6,要求业务网段访问互联网流量经过R3,R2,R1
[R1]int g 0/0/2
[R1-GigabitEthernet0/0/2]ospf cost 1000[R3]int g 0/0/0
[R3-GigabitEthernet0/0/0]ospf cost 1000——通过改变开销值方法改变ospf选路(注意:两个端口开销值应该相同)
