什么是 not-advertise?
OSPF 除了可以做正常的区域间汇总(如:area 0 range 10.0.0.0 255.0.0.0)以外,还可以配置一个叫做 not-advertise 的选项(如:area 0 range 10.0.0.0 255.0.0.0 not-advertise)。
not-advertise 字面意思就是不通告。配置了 not-advertise 选项的汇总路由将不会通告出去,同时汇总路由下的明细路由也不会通告出去。下面举个栗子:
IOU1上有如下三条明细路由:
10.1.1.1/24 10.1.2.1/24 10.2.1.1/24
如果做了区域间汇总:
area 0 range 10.0.0.0 255.0.0.0
那么其他区域将会收到一条汇总路由,而其他三条明细路由将会被抑制:
汇总路由: 10.0.0.0/8 明细路由(被抑制):10.1.1.1/2410.1.2.1/2410.2.1.1/24
如果我们配置的是带有 not-advertise 选项的汇总路由:
area 0 range 10.0.0.0 255.0.0.0 not-advertise
那么除了明细路由不会发送给其他区域以外,汇总路由也不会发送给其他区域:
汇总路由(被抑制):10.0.0.0/8明细路由(被抑制):10.1.2.1/2410.2.1.1/2410.1.1.1/24
所以配置 not-advertise 选项的作用就是:如果你的区域内有一些网段不希望发给其他区域,那么就可以使用这个选项对该网段进行抑制,这样其他区域就收不到任何关于该网段的路由了。
接下来引用一句话,这句话来自《OSPF 网络设计解决方案(第 2 版)》(2013 年 10 月第 1 版)的第 411 页,是关于 not-advertise 选项的解释,这句话总结得也很到位:
如果你不希望 ABR 通告汇总路由以及落在汇总路由范围内的明细路由,那么你可以使用关键字 not-advertise 。
《OSPF 网络设计解决方案(第 2 版)》(2013 年 10 月第 1 版)这本书的详情如下:
注意:《OSPF 网络设计解决方案(第 2 版)》这本书有好几个版本,而且译者是不一样的,所以叙述也是不一样的。今天早上网友 “木头” 在 QQ 上联系了我,他发现 2004 年 2 月份印刷的那个版本关于 not-advertise 选项的描述是不准确的(如下图所示)。
上面这本书关于 not-advertise 选项的解释就不是很准确,“汇总范围之外的特殊子网” 不知道是什么意思,详情如下:
当你不想让 ABR 通告汇总范围之外的特殊子网时,使用这个命令;缺省的情况是通告。
not-advertise 的配置命令:
area range
To consolidate and summarize routes at an area boundary, use the area range command in router configuration mode. To disable this function, use the no form of this command.
area area-id range ip-address mask [advertise | not-advertise] [cost cost]
no area area-id range ip-address mask [advertise | not-advertise] [cost cost]
Syntax Description
| area-id | Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IP address. |
| ip-address | IP address. |
| mask | IP address mask. |
| advertise | (Optional) Sets the address range status to advertise and generates a Type 3 summary link-state advertisement (LSA). |
| not-advertise | (Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and the component networks remain hidden from other networks.
(可选的)设置的地址范围将会处于 DoNotAdvertise(不通告)状态。类型为 3 的汇总 LSA 将会被抑制,同时(汇总路由下的)这些子网仍然不会通告给其他网络。 |
| cost cost | (Optional) Metric or cost for this summary route, which is used during OSPF SPF calculation to determine the shortest paths to the destination. The value can be 0 to 16777215. |
Defaults
This command is disabled by default.
Command Modes
Router configuration
……
- “not-advertise 的配置命令” 部分摘自思科的官方英文文档:Chapter: OSPF commands
接下来我们做一个实验来验证一下上面的描述。
实验环境:
操作系统:Windows 10(1607,14393.351,当时最新测试版),模拟器:GNS3 IOU for Windows 1.5.2(当时最新正式版)
注:当然,只要有思科模拟器都可以做这个实验
实验过程:
先配置 IOU1、IOU2 和 IOU3 上的 IP 地址和 OSPF:
| IOU1:
conf t int e 0/0 int l 1 router ospf 123 int r e 0/0 , l 0 , l 1 |
IOU2:
conf t int e 0/0 int e 0/1 router ospf 123 int r e 0/0 , l 0 int e 0/1 |
IOU3:
conf t
int l 0
ip add 3.3.3.3 255.255.255.255
int e 0/1
ip add 23.1.1.3 255.255.255.0
no sh
router ospf 123
router-id 3.3.3.3
int r e 0/1 , l 0
ip os 123 a 1
现在在 IOU1 上收到了 IOU3 的 O IA 路由:
IOU1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/11] via 12.1.1.2, 00:00:15, Ethernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/21] via 12.1.1.2, 00:00:05, Ethernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback1
L 10.1.1.1/32 is directly connected, Loopback1
C 10.1.2.0/24 is directly connected, Loopback1
L 10.1.2.1/32 is directly connected, Loopback1
C 10.2.1.0/24 is directly connected, Loopback1
L 10.2.1.1/32 is directly connected, Loopback1
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 12.1.1.0/24 is directly connected, Ethernet0/0
L 12.1.1.1/32 is directly connected, Ethernet0/0
23.0.0.0/24 is subnetted, 1 subnets
O IA 23.1.1.0 [110/20] via 12.1.1.2, 00:00:15, Ethernet0/0
在 IOU3 上也收到了 IOU1 上的三条 10 网段的明细路由:
IOU3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:00:41, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:00:41, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.1.1.1/32 [110/21] via 23.1.1.2, 00:00:41, Ethernet0/1
O IA 10.1.2.0/24 [110/21] via 23.1.1.2, 00:00:41, Ethernet0/1
O IA 10.2.1.0/24 [110/21] via 23.1.1.2, 00:00:41, Ethernet0/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:00:41, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
再在 IOU2 上配置:
router ospf 123 area 0 range 10.0.0.0 255.0.0.0
现在可以看到 IOU3 上出现了 10 网段的汇总路由,同时明细路由被抑制:
IOU3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:04:57, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:04:57, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
O IA 10.0.0.0/8 [110/21] via 23.1.1.2, 00:00:36, Ethernet0/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:04:57, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
IOU3 上 ping 10 网段也是通的,没问题:
IOU3#p 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
再在 IOU2 上配置 not-advertise:
router ospf 123
area 0 range 10.0.0.0 255.0.0.0 not-advertise
end
clear ip ospf process
y
现在在 IOU3 上就没有 10 网段的汇总路由了:
IOU3#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:00:10, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:00:10, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:00:10, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
IOU3 自然也就 ping 不通:
IOU3#p 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
OSPF 进程号不一致对 not-advertise 是否有影响?
上面的实验做的是 IOU3 的 OSPF 进程号与 IOU2 的 OSPF 进程号一致的情况,那如果 OSPF 进程号不一致会不会影响到 not-advertise 的使用呢?
现在我们改成 IOU3 的 OSPF 进程号与 IOU2 的 OSPF 进程号不一致的情况:
在 IOU2 上恢复一下配置:
router ospf 123 no area 0 range 10.0.0.0 255.0.0.0 not-advertise
再在 IOU3 上配置一个新的 OSPF 进程:
no router ospf 123 router ospf 3 router-id 3.3.3.3 int r e 0/1 , l 0 ip os 3 a 1
此时 IOU2 上是 ip os 123 a 1,而 IOU3 上是 ip os 3 a 1,OSPF 进程号不一致。
现在在 IOU3 上正常收到了 IOU1 上的三条 10 网段的明细路由:
IOU3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:02:47, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:02:47, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.1.1.1/32 [110/21] via 23.1.1.2, 00:02:47, Ethernet0/1
O IA 10.1.2.0/24 [110/21] via 23.1.1.2, 00:02:47, Ethernet0/1
O IA 10.2.1.0/24 [110/21] via 23.1.1.2, 00:02:47, Ethernet0/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:02:47, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
再在 IOU2 上配置:
router ospf 123 area 0 range 10.0.0.0 255.0.0.0
现在可以看到 IOU3 上出现了 10 网段的汇总路由,同时明细路由被抑制:
IOU3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:07:29, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:07:29, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
O IA 10.0.0.0/8 [110/21] via 23.1.1.2, 00:03:12, Ethernet0/1
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:07:29, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
IOU3 上 ping 10 网段也是通的,没问题:
IOU3#p 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
再在 IOU2 上配置 not-advertise:
router ospf 123
area 0 range 10.0.0.0 255.0.0.0 not-advertise
end
clear ip ospf process
y
现在在 IOU3 上就没有 10 网段的汇总路由了:
IOU3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 23.1.1.2, 00:01:18, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/11] via 23.1.1.2, 00:01:18, Ethernet0/1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.1.1.0 [110/20] via 23.1.1.2, 00:01:18, Ethernet0/1
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/24 is directly connected, Ethernet0/1
L 23.1.1.3/32 is directly connected, Ethernet0/1
IOU3 自然也就 ping 不通:
IOU3#p 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
所以,not-advertise 选项在 OSPF 进程号不一致的情况下也不影响使用。
上述实验也正好验证了我说的:配置了 not-advertise 选项的汇总路由将不会通告出去,同时汇总路由下的明细路由也不会通告出去。
本文完。如有疑问,欢迎在下方留言;如本文有什么错误,欢迎在下方留言指正,谢谢。
发表评论?