简介
ssh 基本配置实验
拓扑图
001 基本配置
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip address 192.168.56.254 24
<H3C>save
002 启用ssh服务
[H3C]dis cur | include ssh
[H3C]ssh server enable
003 aaa用户配置
[H3C]local-user admin
[H3C-luser-manage-admin]password simple Luoxue@123
[H3C-luser-manage-admin]authorization-attribute user-role network-admin
[H3C-luser-manage-admin]service-type ssh terminal https
004 user-interface 配置
[H3C]user-interface vty 0 4
[H3C-line-vty0-4]authentication-mode scheme
[H3C-line-vty0-4]protocol inbound ssh
005 console密码
[H3C]user-interface console 0
[H3C-line-console0]authentication-mode scheme
006 web
//https://www.h3c.com/cn/d_201910/1239331_30005_0.htm#
[H3C]ip https enable
quiz
- C:\Users\luoxue>ssh admin@192.168.56.254 Unable to negotiate with 192.168.56.254 port 22: no matching host key type found. Their offer: ssh-rsa
拓扑图
基本配置
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 10.0.13.1 24
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 10.0.12.1 24
[R1]int LoopBack 0
[R1-LoopBack0]ip address 1.1.1.1 32
[R1-GigabitEthernet0/0/1]int g0/0/2
[R1-GigabitEthernet0/0/2]ip add 192.168.10.100 24
[R1-GigabitEthernet0/0/2]quit
[R1]ip route-static 0.0.0.0 0 192.168.124.1
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.0.12.2 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 10.0.23.2 24
[R2-GigabitEthernet0/0/1]int lo0
[R2-LoopBack0]ip add 2.2.2.2 32
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 10.0.13.3 24
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 10.0.23.3 24
[R3-GigabitEthernet0/0/1]int lo0
[R3-LoopBack0]ip add 3.3.3.3 32
[R3-LoopBack0]int g0/0/2
[R3-GigabitEthernet0/0/2]ip add 192.168.1.1 24
VPCS_4> ip 192.168.1.2/24 192.168.1.1
VPCS_4> ip dns 8.8.8.8
VPCS_4> show ip
VPCS_4> save
配置ospf
[R1]ospf 1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]quit
[R1-ospf-1]default-route-advertise
[R1-ospf-1]silent-interface g0/0/2
[R1-ospf-1]silent-interface LoopBack 0
[R2]ospf 1
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 10.0.23.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1]silent-interface LoopBack 0
[R3] ospf 1
[R3-ospf-1]silent-interface g0/0/2
[R3-ospf-1]silent-interface LoopBack 0
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 10.0.23.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
测试网络连通性
ping 192.168.10.1
[R1-GigabitEthernet0/0/2]nat outbound
VPCS_4> ping 8.8.8.8
VPCS_4> ping loc.changgle.top
查看路由和ospf信息
[R3]display ip routing-table
[R3]display ospf peer
[R3]display ospf routing
基本配置
Step 1 Configure IP addresses for interconncetion interfaces and loopback interfaces.
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip address 10.0.123.1 24
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip address 10.0.1.1 24
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.0.123.2 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 10.0.24.2 24
[R2-GigabitEthernet0/0/1]int l0
[R2-LoopBack0]ip add 10.0.2.2 24
[R2-LoopBack0]int l1
[R2-LoopBack1]ip add 10.2.0.1 24
[R2-LoopBack1]int l2
[R2-LoopBack2]ip add 10.2.1.1 24
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 10.0.123.3 24
[R3-GigabitEthernet0/0/0]int l0
[R3-LoopBack0]ip add 10.0.3.3 24
[R3-LoopBack0]int l1
[R3-LoopBack1]ip add 10.3.0.1 24
[R3-LoopBack1]int l2
[R3-LoopBack2]ip add 10.3.1.1 24
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 10.0.24.4 24
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip add 10.0.45.4 24
[R4-GigabitEthernet0/0/1]int l0
[R4-LoopBack0]ip add 10.0.4.4 24
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 10.0.45.5 24
[R5-GigabitEthernet0/0/0]int l0
[R5-LoopBack0]ip add 10.0.5.5 24
[R5-LoopBack0]int l1
[R5-LoopBack1]ip add 10.5.0.1 24
[R5-LoopBack1]int l2
[R5-LoopBack2]ip add 10.5.1.1 24
Step 2 Configure multi-area OSPF
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.123.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.24.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 2
[R2-ospf-1-area-0.0.0.2]network 10.0.123.2 0.0.0.0
[R3-ospf-1]area 2
[R3-ospf-1-area-0.0.0.2]network 10.0.123.3 0.0.0.0
[R3-ospf-1-area-0.0.0.2]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.2]network 10.3.0.1 0.0.0.0
[R3-ospf-1-area-0.0.0.2]network 10.3.1.1 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.24.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]quit
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.45.4 0.0.0.0
[R5]ospf 1 router-id 10.0.5.5
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.1]network 10.5.0.1 0.0.0.0
[R5-ospf-1-area-0.0.0.1]network 10.5.1.1 0.0.0.0
[R5-ospf-1-area-0.0.0.1]network 10.0.45.5 0.0.0.0
Step 3 Verify the OSPF configuration.
<R3>reset ospf process
<R2>display ospf peer
<R5>display ospf routing
<R2>display ospf lsdb
Step 4 Configure route summarization for OSPF inter-area routes and AS external routes
[R2]display ospf routing
<R4>display ospf routing
[R4-ospf-1-area-0.0.0.1]abr-summary 10.5.0.0 255.255.254.0
[R2-ospf-1-area-0.0.0.2]abr-summary 10.3.0.0 255.255.254.0
[R2-ospf-1]import-route direct
[R2-ospf-1]asbr-summary 10.2.0.0 255.255.254.0
Step 5 Change the bandwidth reference value of OSPF.
[R1-ospf-1]bandwidth-reference 10000
[R2-ospf-1]bandwidth-reference 10000
[R3-ospf-1]bandwidth-reference 10000
[R4-ospf-1]bandwidth-reference 10000
[R5-ospf-1]bandwidth-reference 10000
[R4]display ospf routing
Step 6 Configure OSPF to import a defualt route.
[R1]ip route-static 0.0.0.0 0.0.0.0 10.0.1.1
[R1-ospf-1]default-route-advertise
[R1-ospf-1]default-route-advertise always
[R1-ospf-1]default-route-advertise always type 1
Step 7 Change the preferences of the two types of OSPF routes.
<R3>display ip routing-table protocol ospf
[R1-ospf-1]preference 20
[R1-ospf-1]preference ase 50
[R3-ospf-1]preference 20
[R3-ospf-1]preference ase 50Configuration Procedure
Step 1 Configure IP addresses for interconncetion interfaces and loopback interfaces.
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 10.0.123.1 24
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 10.0.1.1 24
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.0.123.2 24
[R2-GigabitEthernet0/0/0]int l0
[R2-LoopBack0]ip add 10.0.2.2 24
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 10.0.123.3 24
[R3-GigabitEthernet0/0/0]int l0
[R3-LoopBack0]ip add 10.0.3.3 24
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 10.0.123.4 24
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip add 10.0.45.4 24
[R4-GigabitEthernet0/0/1]int l0
[R4-LoopBack0]ip add 10.0.4.4 24
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 10.0.45.5 24
[R5-GigabitEthernet0/0/0]int l0
[R5-LoopBack0]ip add 10.0.5.5 24
Step 2 Configure multi-area OSPF.
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.123.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.123.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.123.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.123.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.45.4 0.0.0.0
[R5]ospf 1 router-id 10.0.5.5
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.45.5 0.0.0.0
Step 3 Verify the OSPF configuration
<R4>display ospf peer
<R4>display ospf routing
<R4>display ospf lsdb
Step 4 Change the DR priorities of the device interfaces to affect DR election.
[R4-GigabitEthernet0/0/0]ospf dr-priority 255
[R3-GigabitEthernet0/0/0]ospf dr-priority 254
[R2-GigabitEthernet0/0/0]ospf dr-priority 0
<R1>reset ospf process
<R4>display ospf peer
<R4>display ospf peer verbose
<S1>reboot
Step 5 Import direct routes to OSPF.
<R1>display ospf routing
[R5-ospf-1]import-route direct
<R1>display ospf routing
<R1>display ospf lsdb ase
<R1>display ospf lsdb summary
Step 6 Observe the various types of LSAs.
Step 7 Observe the LSR,LSU, and LSAck packets.
### Step 1 Configure IP addresses for interconnection interfaces and loopback interfaces.
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 10.0.13.1 24
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 10.0.1.1 24
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.0.23.2 24
[R2-GigabitEthernet0/0/0]int l0
[R2-LoopBack0]ip add 10.0.2.2 24
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 10.0.13.3 24
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 10.0.34.3 24
[R3-GigabitEthernet0/0/1]int g0/0/2
[R3-GigabitEthernet0/0/2]ip add 10.0.23.3 24
[R3-GigabitEthernet0/0/2]int l0
[R3-LoopBack0]ip add 10.0.3.3 24
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 10.0.34.4 24
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip add 10.0.45.4 24
[R4-GigabitEthernet0/0/1]int l0
[R4-LoopBack0]ip add 10.0.4.4 24
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 10.0.45.5 24
[R5-GigabitEthernet0/0/0]int l0
[R5-LoopBack0]ip add 10.0.5.5 24
<R3>ping 10.0.13.1
<R3>ping 10.0.23.2
<R3>ping 10.0.34.4
<R5>ping 10.0.45.4
Step 2 Configure multi-area OSPF
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 2
[R1-ospf-1-area-0.0.0.2]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.2]network 10.0.13.1 0.0.0.0
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 3
[R2-ospf-1-area-0.0.0.3]network 10.0.23.2 0.0.0.0
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.34.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]aera 2
[R3-ospf-1-area-0.0.0.2]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.2]area 3
[R3-ospf-1-area-0.0.0.3]network 10.0.23.3 0.0.0.0
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 10.0.34.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]area 1
[R4-ospf-1-area-0.0.0.1]network 10.0.45.4 0.0.0.0
[R5]ospf 1 router-id 10.0.5.5
[R5-ospf-1]area 1
[R5-ospf-1-area-0.0.0.1]network 10.0.45.5 0.0.0.0
Step 3 Verify the multi-area OSPF configuration.
<R3>display ospf peer
[R5]dis ospf peer
<R3>display ospf routing
Step 4 Import AS external routes into the OSPF routing tables.
[R5-ospf-1]import-route direct
[R2]ip route-static 0.0.0.0 0.0.0.0 10.0.2.2
[R2]undo ip route-static 0.0.0.0 0.0.0.0 10.0.2.2
[R2]ip route-static 0.0.0.0 0 null 0
[R2]ospf 1
[R2-ospf-1]default-route-advertise type 1 cost 20
<R3>ping 10.0.5.5
<R3>ping 10.0.2.2
### Step 5 Configure area 2 as a stub area
[R1-ospf-1-area-0.0.0.2]stub
[R3-ospf-1-area-0.0.0.2]stub
<R1>display ospf routing
<R1>display ospf lsdb
[R3-ospf-1-area-0.0.0.2]stub no-summary
<R1>dis ospf routing
<R1>dis ospf lsdb
Step 6 Configure area 1 as an NSSA
<R4>display ospf routing
<R5>display ospf routing
[R4-ospf-1-area-0.0.0.1]nssa
[R5-ospf-1-area-0.0.0.1]nssa
<R5>display ospf routing
<R5>display ospf lsdb
<R4>display ospf routing
Step 7 Observe the impact of the NSSA on OSPF.
<R4>display ospf
<R4>display ospf lsdb nssa 10.0.5.0
<R4>display ospf lsdb ase 10.0.5.0
ospf网络类型
根据不同的二层链路类型
广播多路访问网络(Broadcast Multi-Access) 以太网
NBMA 非广播多路访问 帧中继
P2MP
P2P
224.0.0.5 所有运行ospf的接口都会监听
225.0.0.6 所有DR/BDR的接口会监听
[H3C]display ospf interface
[H3C-GigabitEthernet0/0/0]ospf network-type ?
ospf 报文类型 (五种)
邻接关系建立过程
// 2-way的前提
1. Router-id无冲突
2. 掩码长度一致
3. 区域id一致
4. 验证码一致
5. hello-time
6. dead-time
//full的前提
ospf的所有报文都不允许分片
1.mtu 不一致,会卡在exstart或exchange转态
2.网络类型 不一致,邻居状态FULL,但无法学习路由
常用配置
[H3C-GigabitEthernet0/0/0]ospf cost 100
LSA类型 LSAs (link state advertisement)
router
Network
Network Summary
ASBR Summary
AS External
NSSA External
0. LSA header
//通用报文字段
LS Type
LS ID
1. router
//3. 链路描述(可变长度,每条链路12 bytes)
Link id (32 bits) 1.邻居Router ID 2.DR的接口ip地址 3. 网络ip地址 4. 虚链路对端Router-ID
Link Data (32 bits) 接口ip或子网掩码
link type (8 bits) 1.P2P 2.Transit 3.Stub 4.Virtual Link
#ToS (8 bits) Number of types of service (ToSs). 已弃用
Metric (16 bits)
2. network
1. Link State ID(32 bits) Interface IP address of the DR
2. Network Mask(32 bits) Mask of the broadcast or NBMA network
3. Attached Router(32 bits) Router IDs of all devices on the broadcast or NBMA network, including the router ID of the DR
3. Summary
describes routes on a network segment in an area and is advertised to other related areas.
1. Network Mask (32 bits) Mask of the broadcast or NBMA network
2. Metric (24 bits)
查看命令
[H3C-GigabitEthernet0/0/0]ospf network-type ?
[H3C]display ospf lsdb
[H3C]display ospf lsdb router
<H3C>display ospf lsdb network
<H3C>display ospf lsdb summary
keyword
OSPF Packet Format
OSPF LSA Format
ospf router lsa packet format
references
https://support.huawei.com/enterprise/en/doc/EDOC1100262536/dd80564e/ospf-lsa-format
001 ospf建立了邻居关系后为什么还要建立邻接关系
Chapter 1 h3c官方参考手册
H3C SR8800-X 路由器
H3C MSR 3600路由器
S6850
S5820V2
基本认证实验
测试 watch和serve
mdbook watch
mdbook serve
测试
测试2
1. 基本配置
VPCS_5> ip 192.168.1.1 /24 192.168.1.254
VPCS_5> save
VPCS_6> ip 192.168.2.1/24 192.168.2.254
VPCS_6> save
[S3]vlan 10
[S3-vlan10]port g1/0/1
[S3-vlan10]vlan 20
[S3-vlan20]port g1/0/2
[S3-vlan20]int g1/0/3
[S3-GigabitEthernet1/0/3]port link-type trunk
[S3-GigabitEthernet1/0/3]port trunk permit vlan 10 20
[S3-GigabitEthernet1/0/3]int g1/0/4
[S3-GigabitEthernet1/0/4]port link-type trunk
[S3-GigabitEthernet1/0/4]port trunk permit vlan 10 20
[S1]vlan 10 20 100
[S1]int g1/0/2
[S1-GigabitEthernet1/0/2]port link-type access
[S1-GigabitEthernet1/0/2]port access vlan 100
[S1-GigabitEthernet1/0/2]int g1/0/1
[S1-GigabitEthernet1/0/1]port link-type trunk
[S1-GigabitEthernet1/0/1]port trunk permit vlan 10 20
[S1]interface Vlan-interface 100
[S1-Vlan-interface100]ip address 10.1.1.1 24
[S2]vlan 10 20 200
[S2]int g1/0/2
[S2-GigabitEthernet1/0/2]port link-type access
[S2-GigabitEthernet1/0/2]port access vlan 200
[S2-GigabitEthernet1/0/2]int g1/0/1
[S2-GigabitEthernet1/0/1]port link-type trunk
[S2-GigabitEthernet1/0/1]port trunk permit vlan 10 20
[S2]int vlan 200
[S2-Vlan-interface200]ip add 10.2.2.1 24
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 10.1.1.4 24
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 10.2.2.4 24
2. vrrp配置
[S1]int vlan 10 [S1-Vlan-interface10]ip add 192.168.1.252 24 [S1-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.1.254 [S1-Vlan-interface10]vrrp vrid 10 priority 120 [S1-Vlan-interface10]int vlan 20 [S1-Vlan-interface20]ip add 192.168.2.252 24 [S1-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.2.254
[S2]int vlan 10 [S2-Vlan-interface10]ip add 192.168.1.253 24 [S2-Vlan-interface10]vrrp vrid 10 virtual-ip 192.168.1.254 [S2-Vlan-interface10]int vlan 20 [S2-Vlan-interface20]ip add 192.168.2.253 24 [S2-Vlan-interface20]vrrp vrid 20 virtual-ip 192.168.2.254 [S2-Vlan-interface20]vrrp vrid 20 priority 120
3. 测试
[S1]display vrrp [S2]display vrrp