24. Filtering Routing Updates with a Distribute List

1、掌握基于distribute 命令的路由过滤配置方法。

分发列表应用——不让远端路由器全盘接受路由更新

 

上图:

image.png


配置好基本的IP地址信息,测试互连可达。

配置好基本的动态路由信息,在R2上配置重分发。

关闭RIP v2的自动汇总。

 

各路由器基本配置:

R1(config)#router ospf 1
R1(config-router)#network 172.16.0.0 0.0.3.255 a 0
R1(config-router)#network 172.16.255.0 0.0.0.3 a 0
R1(config-router)#exit

 

R2(config)#router ospf 1
R2(config-router)#network 172.16.255.0 0.0.0.3 a 0
R2(config-router)#exit

R2(config)#router rip
R2(config-router)#ver 2 
R2(config-router)#network 192.168.255.0

R2(config-router)#no au
R2(config-router)#exit
R2(config)#router ospf 1
R2(config-router)#re rip me 200 su
R2(config-router)#exit
R2(config)#router rip
R2(config-router)#re ospf 1 me 10
R2(config-router)#exit      
----------->重分发

 

R3(config)#router rip 
R3(config-router)#ver 2
R3(config-router)#network 192.168.255.0
R3(config-router)#network 192.168.0.0
R3(config-router)#network 192.168.1.0
R3(config-router)#network 192.168.2.0
R3(config-router)#network 192.168.3.0

R2(config-router)#no au
R3(config-router)#exit

 

查看R1和R3路由表:

R1#show ip rout
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C       172.16.255.0/30 is directly connected, Serial0/0
C       172.16.0.0/24 is directly connected, Loopback0
C       172.16.1.0/24 is directly connected, Loopback1
C       172.16.2.0/24 is directly connected, Loopback2
C       172.16.3.0/24 is directly connected, Loopback3
O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:00:18, Serial0/0
O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:00:18, Serial0/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:00:18, Serial0/0
O E2 192.168.2.0/24 [110/200] via 172.16.255.2, 00:00:18, Serial0/0
O E2 192.168.3.0/24 [110/200] via 172.16.255.2, 00:00:18, Serial0/0

 

R3#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
R       172.16.255.0/30 [120/10] via 192.168.255.1, 00:00:11, Serial0/0
R       172.16.1.1/32 [120/10] via 192.168.255.1, 00:00:11, Serial0/0
R       172.16.0.1/32 [120/10] via 192.168.255.1, 00:00:11, Serial0/0
R       172.16.3.1/32 [120/10] via 192.168.255.1, 00:00:11, Serial0/0
R       172.16.2.1/32 [120/10] via 192.168.255.1, 00:00:11, Serial0/0
  ----->为什么是32我也不知道
C    192.168.255.0/24 is directly connected, Serial0/0           指导手册上有意回避这个问题
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
C    192.168.2.0/24 is directly connected, Loopback2
C    192.168.3.0/24 is directly connected, Loopback3

 

根据拓扑需要,在R2上配置路由过滤,以过滤OSPF的路由:

R2(config)#access-list 1 deny   172.16.0.0 0.0.1.255
R2(config)#access-list 1 permit any
R2(config)#access-list 2 deny   192.168.2.0 0.0.0.255
R2(config)#access-list 2 deny   192.168.3.0 0.0.0.255
R2(config)#access-list 2 permit any       
-------->先用ACL选定过滤范围

R2(config)#router ospf 1
R2(config-router)# distribute-list 2 out rip
R2(config-router)# exit
R2(config)#router rip
R2(config-router)# distribute-list 1 out ospf 1  

             ---->在RIP协议下配置分发列表,引用ACL,过滤从OSPF重分发进RIP的网络路由
R2(config-router)#
R2(config-router)#
R2(config-router)#exit

 

查看R3路由:

R3#show ip route  
Gateway of last resort is not set 
     172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
R       172.16.255.0/30 [120/10] via 192.168.255.1, 00:00:00, Serial0/0
R       172.16.3.1/32 [120/10] via 192.168.255.1, 00:00:00, Serial0/0
R       172.16.2.1/32 [120/10] via 192.168.255.1, 00:00:00, Serial0/0

----->被过滤的两条路由学习不到
C    192.168.255.0/24 is directly connected, Serial0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
C    192.168.2.0/24 is directly connected, Loopback2
C    192.168.3.0/24 is directly connected, Loopback3

 

查看R1路由表:

R1#show ip route  
Gateway of last resort is not set 
     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C       172.16.255.0/30 is directly connected, Serial0/0
C       172.16.0.0/24 is directly connected, Loopback0
C       172.16.1.0/24 is directly connected, Loopback1
C       172.16.2.0/24 is directly connected, Loopback2
C       172.16.3.0/24 is directly connected, Loopback3
O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:02:25, Serial0/0
O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:02:25, Serial0/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:02:26, Serial0/0

------------->指定路由条目被过滤

 

 

完成。


发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

桂ICP备19000498号-3