文件链接:
链接：https://pan.baidu.com/s/1wUBBoeod7TnLmy6nDviM0w
提取码：2021
搭建拓扑：

划分IP地址

配置互联IP

配置MGRE

配置各个区域的IGP

配置R3 R5 R6 R7 的 ACL 做接口 NAT

将Area1作为完全末梢区域 Area1区域仅有一条由ABR发送的三类缺省

配置Area2区域为 非完全末梢区域

仅保留一条三类缺省

路由条目的优化：
由于网段划分以及手工汇总

R5的OSPF路由表如下

配置
sysname R1

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 172.16.0.1 255.255.255.252

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 192.16.48.1 255.255.240.0

ospf 100 router-id 1.1.1.1
area 0.0.0.1
network 172.16.0.0 0.0.255.255
stub

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

sysname R2

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 172.16.0.5 255.255.255.252

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 172.16.32.1 255.255.240.0

ospf 100 router-id 2.2.2.2
area 0.0.0.1
network 172.16.0.0 0.0.255.255
stub

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

R3
acl number 2000
rule 5 permit
interface GigabitEthernet0/0/0
ip address 34.1.1.1 255.255.255.252
nat outbound 2000

interface GigabitEthernet0/0/1
ip address 172.16.0.2 255.255.255.252

interface GigabitEthernet0/0/2
ip address 172.16.0.6 255.255.255.252

interface NULL0

interface LoopBack0
ip address 172.16.1.1 255.255.255.0

interface Tunnel0/0/0
ip address 10.1.1.1 255.255.255.0
tunnel-protocol gre p2mp
source 34.1.1.1
ospf network-type broadcast
ospf dr-priority 10
nhrp entry multicast dynamic
nhrp network-id 3567

ospf 100 router-id 3.3.3.3
default-route-advertise always
area 0.0.0.0
network 10.1.1.0 0.0.0.255
area 0.0.0.1
abr-summary 172.16.0.0 255.255.192.0
network 172.16.0.0 0.0.255.255
stub no-summary

ip route-static 0.0.0.0 0.0.0.0 34.1.1.2

R4
interface GigabitEthernet0/0/0
ip address 64.1.1.2 255.255.255.252

interface GigabitEthernet0/0/1
ip address 34.1.1.2 255.255.255.252

interface GigabitEthernet0/0/2
ip address 54.1.1.2 255.255.255.252

interface GigabitEthernet4/0/0
ip address 74.1.1.2 255.255.255.252

interface NULL0

interface LoopBack0
ip address 4.4.4.4 255.255.255.255
R5
acl number 2000
rule 5 permit

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0

interface GigabitEthernet0/0/1
ip address 54.1.1.1 255.255.255.252
nat outbound 2000

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 172.16.64.1 255.255.192.0

interface Tunnel0/0/0
ip address 10.1.1.2 255.255.255.0
tunnel-protocol gre p2mp
source 54.1.1.1
ospf network-type broadcast
ospf dr-priority 0
nhrp network-id 3567
nhrp entry 10.1.1.1 34.1.1.1 register

ospf 100 router-id 5.5.5.5
default-route-advertise always
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 172.16.0.0 0.0.255.255

ip route-static 0.0.0.0 0.0.0.0 54.1.1.2

R6:

acl number 2000
rule 5 permit

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 172.16.128.1 255.255.255.252

interface GigabitEthernet0/0/1
ip address 64.1.1.1 255.255.255.252
nat outbound 2000

interface GigabitEthernet0/0/2

interface NULL0

interface Tunnel0/0/0
ip address 10.1.1.3 255.255.255.0
tunnel-protocol gre p2mp
source 64.1.1.1
ospf network-type broadcast
ospf dr-priority 0
nhrp network-id 3567
nhrp entry 10.1.1.1 34.1.1.1 register

ospf 100 router-id 6.6.6.6
area 0.0.0.0
network 10.1.1.0 0.0.0.255
area 0.0.0.1
area 0.0.0.2
abr-summary 172.16.128.0 255.255.192.0
network 172.16.0.0 0.0.255.255
nssa no-summary

ip route-static 0.0.0.0 0.0.0.0 64.1.1.2

R7
acl number 2000
rule 5 permit

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 74.1.1.1 255.255.255.252
nat outbound 2000

interface GigabitEthernet0/0/1
ip address 172.16.208.1 255.255.255.252

interface GigabitEthernet0/0/2

interface NULL0

interface Tunnel0/0/0
ip address 10.1.1.4 255.255.255.0
tunnel-protocol gre p2mp
source 74.1.1.1
ospf network-type broadcast
ospf dr-priority 0
nhrp network-id 3567
nhrp entry 10.1.1.1 34.1.1.1 register

ospf 100 router-id 7.7.7.7
area 0.0.0.0
network 10.1.1.0 0.0.0.255
area 0.0.0.3
abr-summary 172.16.192.0 255.255.192.0
network 172.16.0.0 0.0.255.255
nssa no-summary

ip route-static 0.0.0.0 0.0.0.0 74.1.1.2
核心配置位以上内容
所有区域均可到达4.4.4.4