基于route-map的路由过滤
2011-01-21 20:33
661 查看
实验拓扑
实验过程
1.R1的预配置
2.R2的预配置
3.R3的预配置
4.R1的ospf配置
5.R2的ospf和rip的配置
6.R3的rip的配置
7.在R2上配置过滤掉ospf的路由
8.查看R3的路由表
说明:可以看到172.16.0.0和172.16.1.0被过滤掉了。
9.在R2上配置过滤掉rip的路由
10.查看R1的路由表
说明:可以看到,rip的部分路由被过滤掉了,route-map主要是结合重发布使用,可以有选择的进行重发布。
本文出自 “等待” 博客,请务必保留此出处http://mxn19871215.blog.51cto.com/982365/483036
实验过程
1.R1的预配置
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R1 R1(config)#int s1/0 R1(config-if)#no shut R1(config-if)#ip add 172.16.255.1 255.255.255.252 R1(config-if)#exit R1(config)#int lo0 R1(config-if)#ip add 172.16.0.1 255.255.255.0 R1(config-if)#exit R1(config)#int lo1 R1(config-if)#ip add 172.16.1.1 255.255.255.0 R1(config-if)#exit R1(config)#int lo2 R1(config-if)#ip add 172.16.2.1 255.255.255.0 R1(config-if)#exit R1(config)#int lo3 R1(config-if)#ip add 172.16.3.1 255.255.255.0 R1(config-if)#exit |
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R2 R2(config)#int s1/0 R2(config-if)#no shut R2(config-if)#ip add 172.16.255.2 255.255.255.252 R2(config-if)#exit R2(config)#int s1/1 R2(config-if)#no shut R2(config-if)#ip add 192.168.255.2 255.255.255.0 R2(config-if)#exit |
Router>en Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no ip domain-lookup Router(config)#line console 0 Router(config-line)#no exec-timeout Router(config-line)#loggin syn Router(config-line)#exit Router(config)#host R3 R3(config)#int s1/1 R3(config-if)#no shut R3(config-if)#ip add 192.168.255.1 255.255.255.0 R3(config-if)#exit R3(config)#int lo0 R3(config-if)#ip add 192.168.0.1 255.255.255.0 R3(config-if)#exit R3(config)#int lo1 R3(config-if)#ip add 192.168.1.1 255.255.255.0 R3(config-if)#exit R3(config)#int lo2 R3(config-if)#ip add 192.168.2.1 255.255.255.0 R3(config-if)#exit R3(config)#int lo3 R3(config-if)#ip add 192.168.3.1 255.255.255.0 R3(config-if)#exit |
R1(config)#router ospf 1 R1(config-router)#net 172.16.0.1 0.0.0.0 area 0 R1(config-router)#net 172.16.1.1 0.0.0.0 area 0 R1(config-router)#net 172.16.2.1 0.0.0.0 area 0 R1(config-router)#net 172.16.3.1 0.0.0.0 area 0 R1(config-router)#net 172.16.255.1 0.0.0.0 area 0 R1(config-router)#end |
R2(config)#router ospf 1 R2(config-router)#net 172.16.255.2 0.0.0.0 area 0 R2(config-router)#exit R2(config)#router rip R2(config-router)#version 2 R2(config-router)#no auto R2(config-router)#net 192.168.255.0 R2(config-router)#end |
R3(config)#router rip R3(config-router)#version 2 R3(config-router)#no auto R3(config-router)#net 192.168.255.0 R3(config-router)#net 192.168.0.0 R3(config-router)#net 192.168.1.0 R3(config-router)#net 192.168.2.0 R3(config-router)#net 192.168.3.0 R3(config-router)#end |
R2(config)#access-list 1 deny 172.16.0.0 0.0.0.255 //用ACL抓取需要的流量 R2(config)#access-list 1 deny 172.16.1.0 0.0.0.255 R2(config)#access-list 1 permit any R2(config)#route-map ospf-rip permit //对抓取的流量执行permit操作 R2(config-route-map)#match ip address 1 //匹配抓取的流量 R2(config-route-map)#exit R2(config)#router rip R2(config-router)#redistribute ospf 1 metric 10 route-map ospf-rip //重发布时使用route-map过滤流量 R2(config-router)#exit |
R3#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks R 172.16.255.0/30 [120/10] via 192.168.255.2, 00:00:20, Serial1/1 R 172.16.3.1/32 [120/10] via 192.168.255.2, 00:00:20, Serial1/1 R 172.16.2.1/32 [120/10] via 192.168.255.2, 00:00:20, Serial1/1 C 192.168.255.0/24 is directly connected, Serial1/1 C 192.168.0.0/24 is directly connected, Loopback0 C 192.168.1.0/24 is directly connected, Loopback1 C 192.168.2.0/24 is directly connected, Loopback2 C 192.168.3.0/24 is directly connected, Loopback3 |
9.在R2上配置过滤掉rip的路由
R2(config)#access-list 2 deny 192.168.2.0 0.0.0.255 R2(config)#access-list 2 deny 192.168.3.0 0.0.0.255 R2(config)#access-list 2 permit any R2(config)#route-map rip-ospf R2(config-route-map)#match ip address 2 R2(config-route-map)#exit R2(config)#router ospf 1 R2(config-router)#redistribute rip metric 100 route-map rip-ospf subnets R2(config-router)#end |
R1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks C 172.16.255.0/30 is directly connected, Serial1/0 C 172.16.0.0/24 is directly connected, Loopback0 C 172.16.1.0/24 is directly connected, Loopback1 C 172.16.2.0/24 is directly connected, Loopback2 C 172.16.3.0/24 is directly connected, Loopback3 O E2 192.168.255.0/24 [110/100] via 172.16.255.2, 00:01:52, Serial1/0 O E2 192.168.0.0/24 [110/100] via 172.16.255.2, 00:01:52, Serial1/0 O E2 192.168.1.0/24 [110/100] via 172.16.255.2, 00:01:52, Serial1/0 |
本文出自 “等待” 博客,请务必保留此出处http://mxn19871215.blog.51cto.com/982365/483036
相关文章推荐
- Cisco 路由过滤之 Route-map & Distribute-list
- 路由过滤命令详解route-map
- 基于route-map的策略路由
- ACL和Route-Map中permit,deny对路由过滤的动作
- 路由过滤命令详解route-map
- 路由过滤之 Route-map & Distribute-list
- 路由过滤命令详解route-map
- 用route-map筛选路由更新进而过滤路由 推荐
- 路由过滤命令详解route-map
- 用route-map筛选路由更新进而过滤路由
- 交换与路由练习(十二、route-map)
- route-map策略路由设置笔记
- 在route-map中使用verify-availability确保路由可用性
- route-map策略路由设置
- 使用ACL以及Prefix-list加route-map控制路由更新
- 基于distribute-list的路由过滤
- h3c ospf import-route 路由过滤
- IP SLA route-map中常用,是个路由控制的小脚本
- 03-6 route-map/默认路由