写在前面:本人是一名计算机系大二的学生,正在备考HCIE R&S,会不定时的将我的学习笔记分享给大家!如果需要更多的学习资源可以通过我的GitHub自行下载!
路由策略实验
topo
实验需求
- 运行 OSPF 协议的网络中,RouterA 从 Internet 网络接收路由,并为 OSPF 网络提供了 Internet路由。要求 OSPF 网络中只能访问 172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三个网段的网络,其中 RouterC 连接的网络只能访问 172.1.18.0/24 网段的网络。
需求分析
-
在 RouterA 上配置路由策略,在路由发布时运用路由策略,使 RouterA 仅提供路由172.1.17.0/24、172.1.18.0/24、172.1.19.0/24 给 RouterB,实现 OSPF 网络中只能访问172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三个网段的网络。
-
在 RouterC 上配置路由策略,在路由引入时运用路由策略,使 RouterC 仅接收路由
172.1.18.0/24,实现 RouterC 连接的网络只能访问 172.1.18.0/24 网段的网络。
实验配置
a、基本地址配置
[r1]
#
sysname r1
#
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
#
[r2]
#
sysname r2
#
interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet2/0/0
ip address 192.168.3.1 255.255.255.0
#
[r3]
#
sysname r3
#
interface GigabitEthernet0/0/0
ip address 192.168.2.2 255.255.255.0
#
[r4]
#
sysname r4
#
interface GigabitEthernet0/0/0
ip address 192.168.3.2 255.255.255.0
#
b、ospf
[r1]
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
#
[r2]
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255
#
[r3]
#
ospf 1
area 0.0.0.0
network 192.168.2.0 0.0.0.255
#
[r4]
#
ospf 1
area 0.0.0.0
network 192.168.3.0 0.0.0.255
#
c、配置静态路由
[r1]
#
ip route-static 172.1.16.0 255.255.255.0 NULL0
ip route-static 172.1.17.0 255.255.255.0 NULL0
ip route-static 172.1.18.0 255.255.255.0 NULL0
ip route-static 172.1.19.0 255.255.255.0 NULL0
ip route-static 172.1.20.0 255.255.255.0 NULL0
#
查看路由表
dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 14 Routes : 14Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.16.0/24Static 60 0 D 0.0.0.0 NULL0
172.1.17.0/24Static 60 0 D 0.0.0.0 NULL0
172.1.18.0/24Static 60 0 D 0.0.0.0 NULL0
172.1.19.0/24Static 60 0 D 0.0.0.0 NULL0
172.1.20.0/24Static 60 0 D 0.0.0.0 NULL0
192.168.1.0/24 Direct 0 0 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.3.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
d、过滤路由
- 路由发布策略
[r1]
#
ospf 1
filter-policy ip-prefix rourou export static //发布路由
import-route static
#
ip ip-prefix rourou index 10 permit 172.1.17.0 24
ip ip-prefix rourou index 20 permit 172.1.18.0 24
ip ip-prefix rourou index 30 permit 172.1.19.0 24
#
在r2上验证结果
dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 16 Routes : 16Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.17.0/24O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.18.0/24O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.19.0/24O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.0/24 Direct 0 0 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.1 GigabitEthernet 0/0/1
192.168.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.3.0/24 Direct 0 0 D 192.168.3.1 GigabitEthernet 2/0/0
192.168.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
192.168.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
- 路由接收策略
[r3]
#
ospf 1
filter-policy ip-prefix rou import //接收
#
ip ip-prefix rou index 10 permit 172.1.18.0 24
#
在r3上查看路由表
dis ip routing-table Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 8 Routes : 8Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.18.0/24O_ASE 150 1 D 192.168.2.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.2 GigabitEthernet 0/0/0
192.168.2.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
查看 RouterC 的 OSPF 路由表,可以看到 OSPF 路由表中接收到 3 条列表rourou 中定义的路由。因为在链路状态协议中,filter-policy import 命令用于过滤从协议路由表加入本地核心路由表的路由。
dis ospf routing
OSPF Process 1 with Router ID 192.168.2.2
Routing TablesRouting for Network Destination Cost Type NextHop
AdvRouter Area
192.168.2.0/24 1 Transit 192.168.2.2 192.168.2.2 0.0.0.0
192.168.1.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0
192.168.3.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0Routing for
ASEsDestination Cost Type Tag
NextHop AdvRouter
172.1.17.0/241 Type2 1 192.168.2.1 192.168.1.1
172.1.18.0/241 Type2 1 192.168.2.1 192.168.1.1
172.1.19.0/241 Type2 1 192.168.2.1 192.168.1.1Total Nets: 6 Intra Area: 3 Inter Area: 0 ASE: 3 NSSA: 0
本文均属肉肉原创,如有不详或错误,欢迎指出!
本文作者:肉肉
版权声明:博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明出处!