1.用distribute-list过滤路由在不同协议里的用法
  在RIP里
  在EIGRP里
  在OSPF里
  只接收奇数路由
  只接收偶数路由
  只接收被4整除的路由
2.offset-list在不同协议里的用法
  在RIP里
  在EIGRP里
3.OSPF过滤区域间的LSA
4.多种协议之间的重分布
5.双点双向重分布
  解决重分布引起的次优路径问题
  解决重分布引起的路由环路问题
6.策略路由PBR
  基于包大小的PBR
  基于应用的PBR
  PBR跟踪远程地址的可达性
7.DHCP
  基本DHCP配置
  DHCP中继服务
8.访问控制列表
  基于时间的ACL
  动态ACL
  自反ACL

基本配置:
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
line vty 0 4
pass cisco
logg sync
exit
host

1. 在不同协议中用distribute-list过滤路由
-------------------------------------------------------------------------------------------

RIP:
-------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R2:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router eigrp 1
distribute-list 10 out
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

在RIP和EIGRP中做过滤的时候,IN方向和OUT都是可以过滤的。但是在OSPF中不一样,OSPF只能在IN方向。

OSPF:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 11.1.1.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0

R2:
access-list 10 deny 33.1.1.1
access-list 10 permit any
router ospf 1
distribute-list 10 in
exit

end
show ip route ospf
conf

R1:
end
show ip route ospf
conf

只接收奇数路由:
--------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.0.1 255.255.255.0
no shut
exit
int l1
ip add 22.1.1.1 255.255.255.0
no shut
exit
int l2
ip add 22.1.2.1 255.255.255.0
no shut
exit
int l3
ip add 22.1.3.1 255.255.255.0
no shut
exit
int l4
ip add 22.1.4.1 255.255.255.0
no shut
exit
int l5
ip add 22.1.5.1 255.255.255.0
no shut
exit
int l6
ip add 22.1.6.1 255.255.255.0
no shut
exit
int l7
ip add 22.1.7.1 255.255.255.0
no shut
exit
int l8
ip add 22.1.8.1 255.255.255.0
no shut
exit
int l9
ip add 22.1.9.1 255.255.255.0
no shut
exit
int l10
ip add 22.1.10.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
exit

R1:
access-list 10 permit 22.1.1.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收偶数路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收被4整除路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.252.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

2. offset-list在不同协议中的用法
---------------------------------------------------------------------------------------
RIP:
----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
end
clear ip route *
show ip route rip
conf t

access-list 10 permit 33.1.1.0
router rip
offset-list 10 in 3
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

R2:
access-list 10 permit 33.1.1.0
router eigrp 1
offset-list 10 out 280
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

3. OSPF过滤区域间LSA
----------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 11.1.1.0 0.0.0.255 area 0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 1
network 33.1.1.0 0.0.0.255 area 1
exit

--------------------------------------------------
R1:
end
show ip route ospf
conf t

R2:
ip prefix-list YESLAB deny 33.1.1.1/32
ip prefix-list YESLAB permit 0.0.0.0/0 le 32
router ospf 1
area 1 filter-list prefix YESLAB out
exit

R1:
end
show ip route ospf
conf t

4. 多种协议之间的重分布
---------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary

network 12.0.0.0
network 11.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

router ospf 1
router-id 22.1.1.1
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
exit

R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
--------------------------------------------------
R2:
router rip
redistribute ospf 1 metric 5
exit

router ospf 1
redistribute rip subnets
exit

R3:
router eigrp 1
redistribute ospf 1 metric 100000 100 255 1 1500
exit

router ospf 1
reditribute eigrp 1 subnets
exit

5. 双点双向重分布
-----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 1.1.12.1 255.255.255.0
no shut
exit
int f1/0
ip add 1.1.14.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R2:
int f1/0
ip add 1.1.12.2 255.255.255.0
no shut
exit
int f0/0
ip add 1.1.23.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R3:
int f0/0
ip add 1.1.23.3 255.255.255.0
no shut
exit
int f1/0
ip add 2.1.35.3 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 33.1.1.1
network 2.1.35.0 0.0.0.255 area 0
exit

R4:
int f0/0
ip add 1.1.14.4 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 44.1.1.1
network 2.1.45.0 0.0.0.255 area 0
exit

R5:
int f0/0
ip add 2.1.35.5 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.5 255.255.255.0
no shut
exit

router ospf 1
router-id 55.1.1.1
network 2.1.0.0 0.0.255.255 area 0
exit

-------------------------------------------------------
R3:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

R4:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

解决重分布引起的次优路径问题
--------------------------------------------------------
R3:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.23.2 0.0.0.0 10
exit

R4:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.14.1 0.0.0.0 10
exit

解决重分布引起的路由环路问题
-------------------------------------------------------
R3:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map ospf2rip deny 10
match tag 100
exit
route-map rip2ospf deny 10
match tag 200
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R4:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map rip2ospf deny 10
match tag 200
exit
route-map ospf2rip deny 10
match tag 100
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R5:
end
shwo ip route 1.1.12.0
conf t

R1:
end
show ip route 2.1.45.0
conf t

6. 策略路由PBR
----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int f2/0
ip add 24.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 23.0.0.0
network 24.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
network 34.0.0.0
exit

R4:
int f0/0
ip add 24.1.1.4 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 24.0.0.0
network 34.0.0.0
exit

--------------------------------------------------
R2:
access-list 10 permit 12.1.1.0 0.0.0.255
route-map R1-R3
match ip add 10
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map R1-R3
exit

R1:
end
traceroute 33.1.1.1
conf t

R2:
no access-list 10 permit 12.1.1.0 0.0.0.255
no route-map R1-R3
int f0/0
no ip policy route-map R1-R3
exit

基于包大小的PBR
----------------------------------------------------------------
R2:
route-map PBR permit 10
match length 1000 1500
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
ping

R2:
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

基于应用的PBR
----------------------------------------------------------------
R2:
ip access-list extended TELNET
permit tcp any any
exit
route-map PBR permit 10
match ip add TELNET
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
end
telnet 33.1.1.1
ping 33.1.1.1

conf t

R2:
no ip access-list extended TELNET
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

CCNP路由实验(3) -- 路由控制的更多相关文章

  1. CCNP路由实验之八 路由重公布

     CCNP路由实验之八 路由重公布 在前面几个实验,已经学习了静态路由和动态路由.如今,我们要掌握怎样使它们在一个网络中融合,即路由重公布. 使用出站口作为静态路由 0 使用下一跳地址作为静态路由 ...

  2. CCNP路由实验之六 动态路由协议之IS-IS

     CCNP路由实验之六动态路由协议之IS-IS 动态路由协议能够自己主动的发现远程网络.仅仅要网络拓扑结构发生了变化.路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络.还能够在当前网络 ...

  3. CCNP路由实验之九 路由策略

     CCNP路由实验之九 路由策略 路由器在公布与接收路由信息时,可能须要实施一些策略.以便对路由信息进行过滤,比如仅仅接收或公布满足一定条件的路由信息. 一种路由协议可能须要引入其它的路由协议发现 ...

  4. CCNP路由实验之七 动态路由之BGP

     CCNP路由实验之七 动态路由之BGP 动态路由协议能够自己主动的发现远程网络,仅仅要网络拓扑结构发生了变化,路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络,还能够在当前网络连接失 ...

  5. CCNP路由实验之十二 MPLS

     个.第3个数据包„„同样的操作.包含查询路由表.重写MAC地址,CRC校验等. 系列路由器.或者12000系列路由器. Netflow switching 通过一种标准的交换机制,处理了流的第一 ...

  6. CCNP路由实验之十 组播(多播)

                        CCNP路由实验之十 组播(多播) 种方法: 在交换机上配置静态的多播MAC地址到用户接口的映射 使用CGMP.执行CGMP的多播路由器能够将用户发送给自己 ...

  7. CCNP路由实验之十五 NAT(网络地址转换)

     CCNP路由实验之十五 NAT(网络地址转换) 众所周知,要让自己的电脑连上Internet,必须要到运营商(ISP)申请一个上网账号,依据此账号申请自己的宽频业务(拨号上网.商业固定IP等等) ...

  8. CCNP之静态路由实验报告

                   静态路由实验报告 一.实验要求: 1.内网IP基于172.16.0.0/16自行子网划分 2.除了R2--R4路由器各有两个环回接口 3.R1下的PC自动获取IP地址 4 ...

  9. CCNP路由实验(4) -- BGP

    基本配置:enableconf tno ip do loenable pass ciscoline con 0logg syncexec-t 0 0line vty 0 4pass ciscologg ...

随机推荐

  1. can't find which disk is full

    df -lh lsof | grep delete $program_id df -lh # 搞定问题

  2. linux杂记(一)各硬件装置在linux中的代号

    装置 装置在linux内的代号 IDE硬盘机 /dev/hd[a-d] SCSI硬盘机 /dev/sd[a-p] U盘 /dev/sd[a-p](与SCSI硬盘一样) CDROM /dev/cdrom ...

  3. Struts2部分标签

    由于Struts多用OGNL语言所以使用给类标签之前需引入<%@taglib prefix="s" uri="/struts-tags"%> 1.f ...

  4. SilverlightLoader使用托管代码创建自定义载入界面及动态加载XAP

    Silverlight实现动态加载xap和Splash Screen.收藏! 内容来自 http://silverlightchina.net/html/tips/2010/0115/588.html

  5. 在VHDL中,“传输延迟”和“惯性延迟”

    传输延迟就是最容易理解的从输入变化到输出变化之间的延迟.对应语法是transport例如 b <= transport a after 20ns 惯性延迟考虑了电容效应,即如果输入是(相对)窄的 ...

  6. Httpwatch 工具介绍

    一 概述: HttpWatch强大的网页数据分析工具.集成在Internet Explorer工具栏.包括网页摘要.Cookies管理.缓存管理.消息头发送/接受.字符查询.POST 数据和目录管理功 ...

  7. SAR图像与光学图像区别

    按传感器采用的成像波段分类,光学图像通常是指可见光和部分红外波段传感器获取的影像数据.而SAR传感器基本属于微波频段,波长通常在厘米级.可见光图像通常会包含多个波段的灰度信息,以便于识别目标和分类提取 ...

  8. Exec sql/c

    Exec sql/c 利用高级语言的过程性结构来弥补SQL语言实现复杂应用方面的不足. 嵌入SQL的高级语言称为主语言或宿主语言. 在混合编程中,SQL语句负责操作数据库,高级语言语句负责控制程序流程 ...

  9. JavaSE复习日记 : 多态

    /** * 里氏替换原则 : * 能使用父类的地方,一定可以使用子类 * 什么是多态 : * 父类的引用,指向子类的对象 * 多态的前提条件 : * 有继承关系的两个类 * 多态的目的 : * ☆☆☆ ...

  10. BHO启动IE调试

    如下图选择Web Browser Debugger, 输入启动网址