RouterOS Wireguard+OSPF Mesh组网 YuS(2)
时间:2023-03-29 21:46 来源:网络整理 作者:默认发布 点击:次
R3路由器 3台路由器的Wireguard连接建立完成,注意所有Peer都开启了persistent-keepalive为30秒,目的是能保持状态连接。 OSPF配置R1路由器 R1与R2和R3建立OSPF关系, /routing ospf interface-template add area=ospf-area-0 disabled=no networks=172.16.0.0/30 type=ptp add area=ospf-area-0 disabled=no networks=172.17.0.0/30 type=ptpR2路由器 R2与R1和R3建立OSPF关系 /routing ospf interface-template add area=ospf-area-0 disabled=no networks=172.16.0.0/30 type=ptp add area=ospf-area-0 disabled=no networks=172.18.0.0/30 type=ptpR3路由器 R3与R1和R2建立OSPF关系,并发布192.168.10.0/24的路由 /routing ospf interface-template add area=ospf-area-1 disabled=no networks=172.18.0.0/30 type=ptp add area=ospf-area-1 disabled=no networks=172.17.0.0/30 type=ptp add area=ospf-area-1 disabled=no networks=192.168.10.0/24查看R3的OSPF邻居关系,到R1和R2的state状态为Full,查看R1和R2的OSPF状态这里不再展示。 [admin@R3] /routing/ospf/neighbor> print Flags: V - virtual; D - dynamic 0 D instance=ospf-instance-1 area=ospf-area-1 address=172.17.0.1 router-id=172.17.0.1 state="Full" state-changes=4 adjacency=32m11s timeout=39s 1 D instance=ospf-instance-1 area=ospf-area-1 address=172.18.0.1 router-id=172.18.0.1 state="Full" state-changes=5 adjacency=34m21s timeout=39s [admin@R3] /routing/ospf/neighbor>查看R1的路由,可以看到192.168.10.0/24路由来至172.17.0.2%wireguard2-R3,当前R1到R3是直接连接。 [admin@R1] /ip/route> print Flags: D - DYNAMIC; A - ACTIVE; c, o, d, y - COPY; + - ECMP Columns: DST-ADDRESS, GATEWAY, DISTANCE DST-ADDRESS GATEWAY DISTANCE DAd 0.0.0.0/0 192.168.88.1 1 DAc 172.16.0.0/30 wireguard1-R2 0 DAc 172.17.0.0/30 wireguard2-R3 0 DAo+ 172.18.0.0/30 172.16.0.2%wireguard1-R2 110 DAo+ 172.18.0.0/30 172.17.0.2%wireguard2-R3 110 DAo 192.168.10.0/24 172.17.0.2%wireguard2-R3 110 DAc 192.168.88.0/24 ether1 0查看R2的路由 [admin@R2] /routing/ospf> /ip route print Flags: D - DYNAMIC; A - ACTIVE; c, o, d, y - COPY; + - ECMP Columns: DST-ADDRESS, GATEWAY, DISTANCE DST-ADDRESS GATEWAY DISTANCE DAd 0.0.0.0/0 192.168.88.1 1 DAc 172.16.0.0/30 wireguard1-R1 0 DAo+ 172.17.0.0/30 172.16.0.1%wireguard1-R1 110 DAo+ 172.17.0.0/30 172.18.0.2%wireguard2-R3 110 DAc 172.18.0.0/30 wireguard2-R3 0 DAo 192.168.10.0/24 172.18.0.2%wireguard2-R3 110 DAc 192.168.88.0/24 ether1 0中断R3到R1的wireguard连接,R3和R1之间的OSPF中断,OSPF发布的路由将从R3->R2->R1,可以查看R1的路由表,到192.168.10.0/24的路由来至172.16.0.2%wireguard1-R2,R1到192.168.10.0/24路由自动切换到R1->R2->R3。 [admin@R1] /interface/wireguard> /ip route/print Flags: D - DYNAMIC; A - ACTIVE; c, o, d, y - COPY Columns: DST-ADDRESS, GATEWAY, DISTANCE DST-ADDRESS GATEWAY DISTANCE DAd 0.0.0.0/0 192.168.88.1 1 DAc 172.16.0.0/30 wireguard1-R2 0 DAc 172.17.0.0/30 wireguard2-R3 0 DAo 172.18.0.0/30 172.16.0.2%wireguard1-R2 110 DAo 192.168.10.0/24 172.16.0.2%wireguard1-R2 110 DAc 192.168.88.0/24 ether1 0从R3发布的路由R1和R2都能学习到,即使R1到R3路由中断,R1也能从R2学习到R3发布的192.168.10.0/24的路由,这样在基于Wireguard组建的Mesh网络中,使用OSPF实现了网络自愈能力。 选择静态路由也可以实现,R1到R3的192.168.10.0/24需配置两条静态路由,一条经过R2到R3,一条直接到R3,同时R2还要配置静态路由,然后通过distance来控制距离,还需要通过网络监控判断线路是否中断,整个一套配置很繁琐复杂,使用OSPF简化了很多配置。 (责任编辑:admin) |