1.用distribute-list过滤路由在不同协议里的用法
  在RIP里
  在EIGRP里
  在OSPF里
  只接收奇数路由
  只接收偶数路由
  只接收被4整除的路由
2.offset-list在不同协议里的用法
  在RIP里
  在EIGRP里
3.OSPF过滤区域间的LSA
4.多种协议之间的重分布
5.双点双向重分布
  解决重分布引起的次优路径问题
  解决重分布引起的路由环路问题
6.策略路由PBR
  基于包大小的PBR
  基于应用的PBR
  PBR跟踪远程地址的可达性
7.DHCP
  基本DHCP配置
  DHCP中继服务
8.访问控制列表
  基于时间的ACL
  动态ACL
  自反ACL

基本配置:
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
line vty 0 4
pass cisco
logg sync
exit
host

1. 在不同协议中用distribute-list过滤路由
-------------------------------------------------------------------------------------------

RIP:
-------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R2:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router eigrp 1
distribute-list 10 out
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

在RIP和EIGRP中做过滤的时候,IN方向和OUT都是可以过滤的。但是在OSPF中不一样,OSPF只能在IN方向。

OSPF:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 11.1.1.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0

R2:
access-list 10 deny 33.1.1.1
access-list 10 permit any
router ospf 1
distribute-list 10 in
exit

end
show ip route ospf
conf

R1:
end
show ip route ospf
conf

只接收奇数路由:
--------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.0.1 255.255.255.0
no shut
exit
int l1
ip add 22.1.1.1 255.255.255.0
no shut
exit
int l2
ip add 22.1.2.1 255.255.255.0
no shut
exit
int l3
ip add 22.1.3.1 255.255.255.0
no shut
exit
int l4
ip add 22.1.4.1 255.255.255.0
no shut
exit
int l5
ip add 22.1.5.1 255.255.255.0
no shut
exit
int l6
ip add 22.1.6.1 255.255.255.0
no shut
exit
int l7
ip add 22.1.7.1 255.255.255.0
no shut
exit
int l8
ip add 22.1.8.1 255.255.255.0
no shut
exit
int l9
ip add 22.1.9.1 255.255.255.0
no shut
exit
int l10
ip add 22.1.10.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
exit

R1:
access-list 10 permit 22.1.1.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收偶数路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收被4整除路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.252.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

2. offset-list在不同协议中的用法
---------------------------------------------------------------------------------------
RIP:
----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
end
clear ip route *
show ip route rip
conf t

access-list 10 permit 33.1.1.0
router rip
offset-list 10 in 3
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

R2:
access-list 10 permit 33.1.1.0
router eigrp 1
offset-list 10 out 280
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

3. OSPF过滤区域间LSA
----------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 11.1.1.0 0.0.0.255 area 0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 1
network 33.1.1.0 0.0.0.255 area 1
exit

--------------------------------------------------
R1:
end
show ip route ospf
conf t

R2:
ip prefix-list YESLAB deny 33.1.1.1/32
ip prefix-list YESLAB permit 0.0.0.0/0 le 32
router ospf 1
area 1 filter-list prefix YESLAB out
exit

R1:
end
show ip route ospf
conf t

4. 多种协议之间的重分布
---------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary

network 12.0.0.0
network 11.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

router ospf 1
router-id 22.1.1.1
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
exit

R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
--------------------------------------------------
R2:
router rip
redistribute ospf 1 metric 5
exit

router ospf 1
redistribute rip subnets
exit

R3:
router eigrp 1
redistribute ospf 1 metric 100000 100 255 1 1500
exit

router ospf 1
reditribute eigrp 1 subnets
exit

5. 双点双向重分布
-----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 1.1.12.1 255.255.255.0
no shut
exit
int f1/0
ip add 1.1.14.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R2:
int f1/0
ip add 1.1.12.2 255.255.255.0
no shut
exit
int f0/0
ip add 1.1.23.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R3:
int f0/0
ip add 1.1.23.3 255.255.255.0
no shut
exit
int f1/0
ip add 2.1.35.3 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 33.1.1.1
network 2.1.35.0 0.0.0.255 area 0
exit

R4:
int f0/0
ip add 1.1.14.4 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 44.1.1.1
network 2.1.45.0 0.0.0.255 area 0
exit

R5:
int f0/0
ip add 2.1.35.5 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.5 255.255.255.0
no shut
exit

router ospf 1
router-id 55.1.1.1
network 2.1.0.0 0.0.255.255 area 0
exit

-------------------------------------------------------
R3:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

R4:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

解决重分布引起的次优路径问题
--------------------------------------------------------
R3:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.23.2 0.0.0.0 10
exit

R4:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.14.1 0.0.0.0 10
exit

解决重分布引起的路由环路问题
-------------------------------------------------------
R3:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map ospf2rip deny 10
match tag 100
exit
route-map rip2ospf deny 10
match tag 200
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R4:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map rip2ospf deny 10
match tag 200
exit
route-map ospf2rip deny 10
match tag 100
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R5:
end
shwo ip route 1.1.12.0
conf t

R1:
end
show ip route 2.1.45.0
conf t

6. 策略路由PBR
----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int f2/0
ip add 24.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 23.0.0.0
network 24.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
network 34.0.0.0
exit

R4:
int f0/0
ip add 24.1.1.4 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 24.0.0.0
network 34.0.0.0
exit

--------------------------------------------------
R2:
access-list 10 permit 12.1.1.0 0.0.0.255
route-map R1-R3
match ip add 10
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map R1-R3
exit

R1:
end
traceroute 33.1.1.1
conf t

R2:
no access-list 10 permit 12.1.1.0 0.0.0.255
no route-map R1-R3
int f0/0
no ip policy route-map R1-R3
exit

基于包大小的PBR
----------------------------------------------------------------
R2:
route-map PBR permit 10
match length 1000 1500
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
ping

R2:
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

基于应用的PBR
----------------------------------------------------------------
R2:
ip access-list extended TELNET
permit tcp any any
exit
route-map PBR permit 10
match ip add TELNET
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
end
telnet 33.1.1.1
ping 33.1.1.1

conf t

R2:
no ip access-list extended TELNET
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

CCNP路由实验(3) -- 路由控制的更多相关文章

  1. CCNP路由实验之八 路由重公布

     CCNP路由实验之八 路由重公布 在前面几个实验,已经学习了静态路由和动态路由.如今,我们要掌握怎样使它们在一个网络中融合,即路由重公布. 使用出站口作为静态路由 0 使用下一跳地址作为静态路由 ...

  2. CCNP路由实验之六 动态路由协议之IS-IS

     CCNP路由实验之六动态路由协议之IS-IS 动态路由协议能够自己主动的发现远程网络.仅仅要网络拓扑结构发生了变化.路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络.还能够在当前网络 ...

  3. CCNP路由实验之九 路由策略

     CCNP路由实验之九 路由策略 路由器在公布与接收路由信息时,可能须要实施一些策略.以便对路由信息进行过滤,比如仅仅接收或公布满足一定条件的路由信息. 一种路由协议可能须要引入其它的路由协议发现 ...

  4. CCNP路由实验之七 动态路由之BGP

     CCNP路由实验之七 动态路由之BGP 动态路由协议能够自己主动的发现远程网络,仅仅要网络拓扑结构发生了变化,路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络,还能够在当前网络连接失 ...

  5. CCNP路由实验之十二 MPLS

     个.第3个数据包„„同样的操作.包含查询路由表.重写MAC地址,CRC校验等. 系列路由器.或者12000系列路由器. Netflow switching 通过一种标准的交换机制,处理了流的第一 ...

  6. CCNP路由实验之十 组播(多播)

                        CCNP路由实验之十 组播(多播) 种方法: 在交换机上配置静态的多播MAC地址到用户接口的映射 使用CGMP.执行CGMP的多播路由器能够将用户发送给自己 ...

  7. CCNP路由实验之十五 NAT(网络地址转换)

     CCNP路由实验之十五 NAT(网络地址转换) 众所周知,要让自己的电脑连上Internet,必须要到运营商(ISP)申请一个上网账号,依据此账号申请自己的宽频业务(拨号上网.商业固定IP等等) ...

  8. CCNP之静态路由实验报告

                   静态路由实验报告 一.实验要求: 1.内网IP基于172.16.0.0/16自行子网划分 2.除了R2--R4路由器各有两个环回接口 3.R1下的PC自动获取IP地址 4 ...

  9. CCNP路由实验(4) -- BGP

    基本配置:enableconf tno ip do loenable pass ciscoline con 0logg syncexec-t 0 0line vty 0 4pass ciscologg ...

随机推荐

  1. QF——关于iOS的强引用,弱引用及strong,retain,copy,weak,assignd的关系

    强引用和弱引用: 我们已经知道OC中的内存管理是通过“引用计数器”来实现的.一个对象的生命周期取决于它是否还被其他对象引用(是否retainCount=0).但在有些情况下,我们并不希望对象的销毁时间 ...

  2. 学习笔记(一) HTML+CSS基础课程

    这个周把慕课网的<HTML+CSS基础课程>课程学完,内容都是非常非常基础的,不过还是学到了几个小知识点,记下来先. <a>超链接发送邮件 直接上把他的图片给挪过来了,我就不打 ...

  3. jquery学习(2)--选择器

    jquery-李炎恢学习视频学习笔记.自己手写. 简单的选择器    css 写 法: #box{ color:#f00;}    //id选择器    jquery获取:$('#box').css( ...

  4. 《windows程序设计》学习_4.1:计时器(可用于扫雷)

    为了做一个逼真的扫雷,我的扫雷程序的位图都是从windowsXP下面的扫雷里来的.具体是怎么获取位图的呢?win8.1不给力,习惯了vc++6.0,所以虚拟机里装上了xp,用vc++6.0加载扫雷程序 ...

  5. PHPExcel 多工作表 导入

    //参数初始化 $filePath = ''; if ($_FILES["file"]["error"] > 0) { returnJSON(ERROR_ ...

  6. B. Wet Shark and Bishops(思维)

    B. Wet Shark and Bishops time limit per test 2 seconds memory limit per test 256 megabytes input sta ...

  7. android高仿微信拍照、多选、预览、删除(去除相片)相冊功能

    先声明授人与鱼不如授人与渔,仅仅能提供一个思路,当然须要源代码的同学能够私下有偿问我要源代码:QQ:508181017 工作了将近三年时间了,一直没正儿八经的研究系统自带的相冊和拍照,这回来个高仿微信 ...

  8. 统计分析SQL Server Profiler 跟踪的SQL

    --跟踪文件读入到表中分析 SELECT * INTO ZGSJY FROM fn_trace_gettable('E:\wxxcdbprofiler.trc', default); --某时间内,最 ...

  9. 如何查詢 SQL Server 資料庫中欄位值為 NULL 的資料(转)

    最近使用mssql的时候对于未null的字段查询不到 http://blogs.msdn.com/b/jchiou/archive/2008/05/01/sql-server-null.aspx 先建 ...

  10. OC 中的block使用

    在iOS的开发过程中,使用块的地方很多也很方便,但是在使用块的过程中要注意内存泄露的问题. 在块创建的时候,会对块内的所有对象的引用计数加一,直到块销毁,所以在使用块的过程中需要我们进行处理,在这里以 ...