1.用distribute-list过滤路由在不同协议里的用法
  在RIP里
  在EIGRP里
  在OSPF里
  只接收奇数路由
  只接收偶数路由
  只接收被4整除的路由
2.offset-list在不同协议里的用法
  在RIP里
  在EIGRP里
3.OSPF过滤区域间的LSA
4.多种协议之间的重分布
5.双点双向重分布
  解决重分布引起的次优路径问题
  解决重分布引起的路由环路问题
6.策略路由PBR
  基于包大小的PBR
  基于应用的PBR
  PBR跟踪远程地址的可达性
7.DHCP
  基本DHCP配置
  DHCP中继服务
8.访问控制列表
  基于时间的ACL
  动态ACL
  自反ACL

基本配置:
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
line vty 0 4
pass cisco
logg sync
exit
host

1. 在不同协议中用distribute-list过滤路由
-------------------------------------------------------------------------------------------

RIP:
-------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R2:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router eigrp 1
distribute-list 10 out
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

在RIP和EIGRP中做过滤的时候,IN方向和OUT都是可以过滤的。但是在OSPF中不一样,OSPF只能在IN方向。

OSPF:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 11.1.1.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0

R2:
access-list 10 deny 33.1.1.1
access-list 10 permit any
router ospf 1
distribute-list 10 in
exit

end
show ip route ospf
conf

R1:
end
show ip route ospf
conf

只接收奇数路由:
--------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.0.1 255.255.255.0
no shut
exit
int l1
ip add 22.1.1.1 255.255.255.0
no shut
exit
int l2
ip add 22.1.2.1 255.255.255.0
no shut
exit
int l3
ip add 22.1.3.1 255.255.255.0
no shut
exit
int l4
ip add 22.1.4.1 255.255.255.0
no shut
exit
int l5
ip add 22.1.5.1 255.255.255.0
no shut
exit
int l6
ip add 22.1.6.1 255.255.255.0
no shut
exit
int l7
ip add 22.1.7.1 255.255.255.0
no shut
exit
int l8
ip add 22.1.8.1 255.255.255.0
no shut
exit
int l9
ip add 22.1.9.1 255.255.255.0
no shut
exit
int l10
ip add 22.1.10.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
exit

R1:
access-list 10 permit 22.1.1.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收偶数路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收被4整除路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.252.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

2. offset-list在不同协议中的用法
---------------------------------------------------------------------------------------
RIP:
----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
end
clear ip route *
show ip route rip
conf t

access-list 10 permit 33.1.1.0
router rip
offset-list 10 in 3
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

R2:
access-list 10 permit 33.1.1.0
router eigrp 1
offset-list 10 out 280
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

3. OSPF过滤区域间LSA
----------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 11.1.1.0 0.0.0.255 area 0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 1
network 33.1.1.0 0.0.0.255 area 1
exit

--------------------------------------------------
R1:
end
show ip route ospf
conf t

R2:
ip prefix-list YESLAB deny 33.1.1.1/32
ip prefix-list YESLAB permit 0.0.0.0/0 le 32
router ospf 1
area 1 filter-list prefix YESLAB out
exit

R1:
end
show ip route ospf
conf t

4. 多种协议之间的重分布
---------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary

network 12.0.0.0
network 11.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

router ospf 1
router-id 22.1.1.1
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
exit

R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
--------------------------------------------------
R2:
router rip
redistribute ospf 1 metric 5
exit

router ospf 1
redistribute rip subnets
exit

R3:
router eigrp 1
redistribute ospf 1 metric 100000 100 255 1 1500
exit

router ospf 1
reditribute eigrp 1 subnets
exit

5. 双点双向重分布
-----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 1.1.12.1 255.255.255.0
no shut
exit
int f1/0
ip add 1.1.14.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R2:
int f1/0
ip add 1.1.12.2 255.255.255.0
no shut
exit
int f0/0
ip add 1.1.23.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R3:
int f0/0
ip add 1.1.23.3 255.255.255.0
no shut
exit
int f1/0
ip add 2.1.35.3 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 33.1.1.1
network 2.1.35.0 0.0.0.255 area 0
exit

R4:
int f0/0
ip add 1.1.14.4 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 44.1.1.1
network 2.1.45.0 0.0.0.255 area 0
exit

R5:
int f0/0
ip add 2.1.35.5 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.5 255.255.255.0
no shut
exit

router ospf 1
router-id 55.1.1.1
network 2.1.0.0 0.0.255.255 area 0
exit

-------------------------------------------------------
R3:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

R4:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

解决重分布引起的次优路径问题
--------------------------------------------------------
R3:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.23.2 0.0.0.0 10
exit

R4:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.14.1 0.0.0.0 10
exit

解决重分布引起的路由环路问题
-------------------------------------------------------
R3:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map ospf2rip deny 10
match tag 100
exit
route-map rip2ospf deny 10
match tag 200
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R4:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map rip2ospf deny 10
match tag 200
exit
route-map ospf2rip deny 10
match tag 100
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R5:
end
shwo ip route 1.1.12.0
conf t

R1:
end
show ip route 2.1.45.0
conf t

6. 策略路由PBR
----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int f2/0
ip add 24.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 23.0.0.0
network 24.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
network 34.0.0.0
exit

R4:
int f0/0
ip add 24.1.1.4 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 24.0.0.0
network 34.0.0.0
exit

--------------------------------------------------
R2:
access-list 10 permit 12.1.1.0 0.0.0.255
route-map R1-R3
match ip add 10
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map R1-R3
exit

R1:
end
traceroute 33.1.1.1
conf t

R2:
no access-list 10 permit 12.1.1.0 0.0.0.255
no route-map R1-R3
int f0/0
no ip policy route-map R1-R3
exit

基于包大小的PBR
----------------------------------------------------------------
R2:
route-map PBR permit 10
match length 1000 1500
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
ping

R2:
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

基于应用的PBR
----------------------------------------------------------------
R2:
ip access-list extended TELNET
permit tcp any any
exit
route-map PBR permit 10
match ip add TELNET
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
end
telnet 33.1.1.1
ping 33.1.1.1

conf t

R2:
no ip access-list extended TELNET
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

CCNP路由实验(3) -- 路由控制的更多相关文章

  1. CCNP路由实验之八 路由重公布

     CCNP路由实验之八 路由重公布 在前面几个实验,已经学习了静态路由和动态路由.如今,我们要掌握怎样使它们在一个网络中融合,即路由重公布. 使用出站口作为静态路由 0 使用下一跳地址作为静态路由 ...

  2. CCNP路由实验之六 动态路由协议之IS-IS

     CCNP路由实验之六动态路由协议之IS-IS 动态路由协议能够自己主动的发现远程网络.仅仅要网络拓扑结构发生了变化.路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络.还能够在当前网络 ...

  3. CCNP路由实验之九 路由策略

     CCNP路由实验之九 路由策略 路由器在公布与接收路由信息时,可能须要实施一些策略.以便对路由信息进行过滤,比如仅仅接收或公布满足一定条件的路由信息. 一种路由协议可能须要引入其它的路由协议发现 ...

  4. CCNP路由实验之七 动态路由之BGP

     CCNP路由实验之七 动态路由之BGP 动态路由协议能够自己主动的发现远程网络,仅仅要网络拓扑结构发生了变化,路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络,还能够在当前网络连接失 ...

  5. CCNP路由实验之十二 MPLS

     个.第3个数据包„„同样的操作.包含查询路由表.重写MAC地址,CRC校验等. 系列路由器.或者12000系列路由器. Netflow switching 通过一种标准的交换机制,处理了流的第一 ...

  6. CCNP路由实验之十 组播(多播)

                        CCNP路由实验之十 组播(多播) 种方法: 在交换机上配置静态的多播MAC地址到用户接口的映射 使用CGMP.执行CGMP的多播路由器能够将用户发送给自己 ...

  7. CCNP路由实验之十五 NAT(网络地址转换)

     CCNP路由实验之十五 NAT(网络地址转换) 众所周知,要让自己的电脑连上Internet,必须要到运营商(ISP)申请一个上网账号,依据此账号申请自己的宽频业务(拨号上网.商业固定IP等等) ...

  8. CCNP之静态路由实验报告

                   静态路由实验报告 一.实验要求: 1.内网IP基于172.16.0.0/16自行子网划分 2.除了R2--R4路由器各有两个环回接口 3.R1下的PC自动获取IP地址 4 ...

  9. CCNP路由实验(4) -- BGP

    基本配置:enableconf tno ip do loenable pass ciscoline con 0logg syncexec-t 0 0line vty 0 4pass ciscologg ...

随机推荐

  1. struts2表单提交的乱码的问题的解决

    今天碰到一乱码问题,百思不得其解. 最后解决办法是设置了表单的提交方式,将method设置为post,解决问题.虽然默认的提交方式是post.但是如果不显式设置的话,就会出现我所出现的问题. 总结下处 ...

  2. MySQL数据库mysqlcheck的使用方法

    MySQL数据库mysqlcheck的使用方法的相关知识是本文我们主要要介绍的内容,我们知道,mysqlcheck,是mysql自带的可以检查和修复MyISAM表,并且它还可以优化和分析表,mysql ...

  3. Activiti5 待审 待批任务 TaskQuery查询 条件查询 like查询

    TaskQuery查询API 有两种方法可以从引擎中查询数据:查询API和原生查询.查询API提供了完全类型安全的API. 你可以为自己的查询条件添加很多条件 (所以条件都以AND组合)和精确的排序条 ...

  4. Android API在不同版本系统上的兼容性

    随着安卓版本的不断更新,新的API不断涌出,有时候高版本的API会在低版本crash的. 如果minSdkVersion设置过低,在build的时候,就会报错(Call requires API le ...

  5. windows7 64位下运行 regsvr32 注册ocx或者dll的方法

    来源:转载   it won't work for you unless you have some form of Visual Basic tools loaded on your system: ...

  6. centos6.5编译android-2.2_froyo的几个问题jdk,gcc,arm-gcc

    1.gcc降级 因为之前用QT升级了gcc到4.8.0,现在编译安卓又要降到4.4.6 我这边是直接下的gcc-4.4.6源码安装的 gcc源码安装包下载: ftp://ftp.mpi-sb.mpg. ...

  7. Mocha 从0开始

    Mocha Mocha 是具有丰富特性的 JavaScript 测试框架,可以运行在 Node.js 和浏览器中,使得异步测试更简单更有趣.Mocha 可以持续运行测试,支持灵活又准确的报告,当映射到 ...

  8. servlet tomcat eclipse

    网上搜到的很多利用eclipse结合tomcat开发servlet的教程都要修改server.xml 感觉这种方式太粗暴了,server.xml最好是与应用无关的, 这里比较推荐export war的 ...

  9. Oracle EBS-SQL (SYS-22):sysadmin_用户职责查询.sql

    select fu.user_name 用户名, fu.description 用户说明, frv.RESPONSIBILITY_NAME 职责名称, REQUEST_GROUP_NAME 报表组, ...

  10. 解决Robotium测试用例crash问题

    今天遇到一个棘手的问题 用robotium框架真机测试客户端时 跑到一半会crash 搜了一堆资料终于解决了 我的程序引起crash主要原因有两个: 1.用Robotium测试框架跑多个用例(写在同一 ...