2012-02-21

25. Filtering Routing Updates with a Router Maps

1、掌握基于Route-map的路由过滤配置方法。 
2、掌握route-map的命令语法。
 
网络图:

image.png

配置好基本的IP地址信息,测试互连可达。

配置好基本的动态路由信息,在R2上配置重分发。

关闭RIP v2的自动汇总。

 

各路由器基本配置:

R1(config)#router ospf 1
R1(config-router)#network 172.16.0.0 0.0.3.255 a 0
R1(config-router)#network 172.16.255.0 0.0.0.3 a 0
R1(config-router)#exit

 

R2(config)#router ospf 1
R2(config-router)#network 172.16.255.0 0.0.0.3 a 0
R2(config-router)#exit

R2(config)#router rip
R2(config-router)#ver 2 
R2(config-router)#network 192.168.255.0

R2(config-router)#no au
R2(config-router)#exit
R2(config)#router ospf 1
R2(config-router)#re rip me 200 su
R2(config-router)#exit
R2(config)#router rip
R2(config-router)#re ospf 1 me 10
R2(config-router)#exit      ----------->重分发

 

R3(config)#router rip 
R3(config-router)#ver 2
R3(config-router)#network 192.168.255.0
R3(config-router)#network 192.168.0.0
R3(config-router)#network 192.168.1.0
R3(config-router)#network 192.168.2.0
R3(config-router)#network 192.168.3.0

R2(config-router)#no au
R3(config-router)#exit


 

查看R1和R3的路由表:

R1#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C       172.16.255.0/30 is directly connected, Serial0/0
C       172.16.0.0/24 is directly connected, Loopback0
C       172.16.1.0/24 is directly connected, Loopback1
C       172.16.2.0/24 is directly connected, Loopback2
C       172.16.3.0/24 is directly connected, Loopback3
O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:06:42, Serial0/0
O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:06:42, Serial0/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:06:43, Serial0/0
O E2 192.168.2.0/24 [110/200] via 172.16.255.2, 00:06:43, Serial0/0
O E2 192.168.3.0/24 [110/200] via 172.16.255.2, 00:06:43, Serial0/0

 

R3#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
R       172.16.255.0/30 [120/10] via 192.168.255.1, 00:00:08, Serial0/0
R       172.16.1.1/32 [120/10] via 192.168.255.1, 00:00:08, Serial0/0
R       172.16.0.1/32 [120/10] via 192.168.255.1, 00:00:08, Serial0/0
R       172.16.3.1/32 [120/10] via 192.168.255.1, 00:00:08, Serial0/0
R       172.16.2.1/32 [120/10] via 192.168.255.1, 00:00:08, Serial0/0
C    192.168.255.0/24 is directly connected, Serial0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
C    192.168.2.0/24 is directly connected, Loopback2
C    192.168.3.0/24 is directly connected, Loopback3

 

根据拓扑要求,在R2上配置路由过滤,过滤OSPF部分路由:

R2(config)#access 1 deny 172.16.0.0 0.0.0.255 
R2(config)#access 1 deny 172.16.1.0 0.0.0.255
R2(config)#access 1 per any
R2(config)#route-map ospf-to-rip permit 10      ---------->创建route-map,名称是ospf-to-rip,序号是10,permit的意思是
R2(config-route-map)#match ip address 1             如果下面match命令指定的条件成立的话则其动作为允许,类似ACL
R2(config-route-map)#exit                    后面也有一个隐含的deny。
R2(config)#router rip 
R2(config-router)#re ospf 1 me 10 route-map ospf-to-rip    ------>引用route-map
R2(config-router)#exit

 

查看R3上的路由表:

R3#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
R       172.16.255.0/30 [120/10] via 192.168.255.1, 00:00:09, Serial0/0
R       172.16.3.1/32 [120/10] via 192.168.255.1, 00:00:09, Serial0/0
R       172.16.2.1/32 [120/10] via 192.168.255.1, 00:00:09, Serial0/0    ---->已经正常过滤被拒绝的路由条目
C    192.168.255.0/24 is directly connected, Serial0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
C    192.168.2.0/24 is directly connected, Loopback2
C    192.168.3.0/24 is directly connected, Loopback3

 

在R2上配置过滤RIP的路由:

R2(config)#access 2 permit 192.168.0.0 0.0.1.255     ----->只允许这两个,其它全拒绝
R2(config)#route-map rip-to-ospf permit 10          包括拒绝RIP内的那个互连地址
R2(config-route-map)#match ip add 2
R2(config-route-map)#exit
R2(config)#router ospf 1
R2(config-router)#re rip me 200 subnets route-map rip-to-ospf
R2(config-router)#exit

 

查看R1的路由表:

R1#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C       172.16.255.0/30 is directly connected, Serial0/0
C       172.16.0.0/24 is directly connected, Loopback0
C       172.16.1.0/24 is directly connected, Loopback1
C       172.16.2.0/24 is directly connected, Loopback2
C       172.16.3.0/24 is directly connected, Loopback3
O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:27:49, Serial0/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:27:49, Serial0/0   ---------->正常地拒绝了一些路由条目

 

在R2上也可以这样:

R2(config)#access-list 2 permit 192.168.2.0 0.0.0.255 
R2(config)#access-list 2 permit 192.168.3.0 0.0.0.255 ------->这里使用permit方式
R2(config)# 
R2(config)#route-map rip_to_ospf deny 10   ------->这里用deny拒绝上面的列表2
R2(config-route-map)#match ip address 2 
R2(config-route-map)#exit 
R2(config)#route-map rip_to_ospf permit 20  ------>这里permit序号20,不匹配条件,则允许所有(匹配所有条件)
R2(config-route-map)#exit           同时也放过了RIP中的互连地址,和上一个有点小差别
R2(config)# 
R2(config)#router ospf 1 
R2(config-router)#redistribute rip metric 200 subnets route-map rip_to_ospf 
R2(config-router)#exit

 

查看R1的路由表:

R1#show ip route
Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C       172.16.255.0/30 is directly connected, Serial0/0
C       172.16.0.0/24 is directly connected, Loopback0
C       172.16.1.0/24 is directly connected, Loopback1
C       172.16.2.0/24 is directly connected, Loopback2
C       172.16.3.0/24 is directly connected, Loopback3

O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:19:20, Serial1/1  --------->包括RIP中的互连网络
O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:27:49, Serial0/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:27:49, Serial0/0  

 


标签:
作者:天才小网管 | 分类:网络技术 | 浏览:1554 | 评论:0

发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

桂ICP备19000498号-3