华为ISIS实验记录

Ledo
2015-11-26 / 6 评论 / 11,347 阅读 / 正在检测是否收录...

实验要求

  1. 如拓扑图所示,客户网络所有路由器路由协议要求启用IS-IS,使全网路由可达。全部IS-IS进程号统一为100,
  2. 其中AR5在Area49.0001区域为DIS。
  3. AR2与AR1之间要求采用P2P网络类型,
  4. AR1引入直连链路192.168.X.X,要求AR5访问Area49.0002走最优路径。
  5. 根据上述描述,进行正确配置,使网络路由达到客户需求。

 

拓扑图

配置记录

1. 全网route配置ip address;AR5配置isis进程号100 :isis 100,network-entity 49.0002.0000.0000.0005.00 (区域ID.系统ID.两位小数是网络服务访问点(selector)),路由角色为L1:is-level level-1,AR3和AR4 区域ID一样49.0002, 路由角色设置为L1-2(相当于ospf中的abr角色),AR1、AR2设置区域ID为49.0001、骨干区、route角色为L2、使全网互通。

2. AR5设置为DIS:接口下配置 isis dis-priority 120 level-1

3. AR2与AR1之间要求采用P2P网络类型,接口下配置 isis circuit-type p2p 

4. AR1 引入直连路由192.168.x.x import-route direct

5.要求AR5访问Area49.0001走最优路径:ar3致Area49.0001为以太链路比ar4过去的串口链路要优,ar3 isis设置路由渗透 import-route isis level-2 into level-1(将l1 l2的路由引入 让ar5访问过去走ar3,否则是两边都走即负载均衡)

全route配置

AR1

<ar1>disp cur 
[V200R003C00]
#
sysname ar1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
isis 100
is-level level-2
network-entity 49.0001.0000.0000.0001.00
import-route direct
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 4.4.4.2 255.255.255.0
isis enable 100
isis circuit-type p2p
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.1 255.255.255.0
#
interface LoopBack2
ip address 192.168.2.1 255.255.255.0
#
interface LoopBack3
ip address 192.168.3.1 255.255.255.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<ar1>
------------------------------------------------------------------------------------------------ <ar2>disp cur [V200R003C00] # sysname ar2 # board add 0/4 2SA # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # isis 1 is-level level-2 # isis 100 is-level level-2 network-entity 49.0001.0000.0000.0002.00 # firewall zone Local priority 15 # interface Serial4/0/0 link-protocol ppp ip address 3.3.3.2 255.255.255.0 isis enable 100 # interface Serial4/0/1 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 2.2.2.2 255.255.255.0 isis enable 100 # interface GigabitEthernet0/0/1 ip address 4.4.4.1 255.255.255.0 isis enable 100 isis circuit-type p2p # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return <ar2> -------------------------------------------------------------------------------------------------- <ar3>dis cur [V200R003C00] # sysname ar3 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # isis 100 network-entity 49.0002.0000.0000.0003.00 import-route isis level-2 into level-1 # firewall zone Local priority 15 # interface GigabitEthernet0/0/0 ip address 1.1.1.2 255.255.255.0 isis enable 100 # interface GigabitEthernet0/0/1 ip address 2.2.2.1 255.255.255.0 isis enable 100 # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return <ar3> ---------------------------------------------------------------------------------------- <ar4>dis cur [V200R003C00] # sysname ar4 # board add 0/4 2SA # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # isis 1 # isis 100 network-entity 49.0002.0000.0000.0004.00 # firewall zone Local priority 15 # interface Serial4/0/0 link-protocol ppp ip address 3.3.3.1 255.255.255.0 isis enable 100 # interface Serial4/0/1 link-protocol ppp # interface GigabitEthernet0/0/0 ip address 1.1.1.3 255.255.255.0 isis enable 100 # interface GigabitEthernet0/0/1 # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return <ar4>  --------------------------------------------------------------------------------------------------- <ar5> <ar5> <ar5>disp cur [V200R003C00] # sysname ar5 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # isis 1 # isis 10 # isis 100 is-level level-1 network-entity 49.0002.0000.0000.0005.00 # firewall zone Local priority 15 # interface GigabitEthernet0/0/0 ip address 1.1.1.1 255.255.255.0 isis enable 100 isis dis-priority 120 level-1 # interface GigabitEthernet0/0/1 # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return <ar5>

 

结束,如有不对,请指教。

 

0

评论 (6)

取消
  1. 头像
    子午书屋
    Windows 7 · FireFox

    太专业了,看不懂,标题中的ISIS好惊悚

    回复
  2. 头像
    Peanut酱
    Windows 7 · Google Chrome

    活捉大佬一只

    回复
    1. 头像
      喵君 作者
      Windows 10 · FireFox
      @ Peanut酱

      不不不你才是大佬.png :roll:

      回复
  3. 头像
    小样
    Windows 7 · Google Chrome

    发现一技术大佬啊,(^▽^)

    回复
  4. 头像
    Hoe
    iPhone · Safari

    不明觉厉!666

    回复
  5. 头像
    玩技
    Windows 10 · Google Chrome

    好高深~

    回复