URL: https://www.opennet.ru/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 20686
[ Назад ]

Исходное сообщение
"ASA 5505 как роутер"

Отправлено wOOlf , 15-Мрт-10 16:25 
Есть такой стендик: Сisco1760 === ASA5505 === Сisco1760 (ASA между двумя роутерами)
На роутерах и Асе настроен OSPF примерно так:

Router1#
!
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
network 10.68.1.0 0.0.0.3 area 0
network 192.168.0.0 0.0.0.255 area 0
network 222.0.12.0 0.0.0.255 area 0
!  

Router2#
!
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
network 10.1.0.0 0.0.255.255 area 0
network 10.222.39.0 0.0.0.3 area 0
network 172.31.15.0 0.0.0.255 area 0
!

ASA#
!
!
router ospf 1
network 10.68.1.0 255.255.255.252 area 0
network 10.222.39.0 255.255.255.252 area 0
area 0 authentication message-digest
log-adj-changes
!

Маршруты устанавливаются, и с компа, стоящего за одним роутером, я могу пинговать комп, стоящий за другим. Но вот какая штука наблюдается на Асе:

ASA# sh ospf int

inside is up, line protocol is up  
  Internet Address 10.222.39.1 mask 255.255.255.252, Area 0
  Process ID 1, Router ID 10.222.39.1, Network Type BROADCAST, Cost: 10
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 1.1.1.1, Interface address 10.222.39.2
  Backup Designated router (ID) 10.222.39.1, Interface address 10.222.39.1
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 0:00:06
  Index 2/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 2
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 1.1.1.1  (Designated Router)
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
    Youngest key id is 5
outside is up, line protocol is up  
  Internet Address 10.68.1.2 mask 255.255.255.252, Area 0
  Process ID 1, Router ID 10.222.39.1, Network Type BROADCAST, Cost: 10
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 5.5.5.5, Interface address 10.68.1.1
  Backup Designated router (ID) 10.222.39.1, Interface address 10.68.1.2
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 0:00:04
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 2
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 5.5.5.5  (Designated Router)
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
    Youngest key id is 5
ASA#

Как так получается, что АСА находится в двух зонах, являясь для них BDR, причем обе зоны - area 0?


Содержание

Сообщения в этом обсуждении
"ASA 5505 как роутер"
Отправлено wOOlf , 17-Мрт-10 09:39 
сам дурак :)
http://www.anticisco.ru/forum/viewtopic.php?f=2&t=605