1.用distribute-list过滤路由在不同协议里的用法
  在RIP里
  在EIGRP里
  在OSPF里
  只接收奇数路由
  只接收偶数路由
  只接收被4整除的路由
2.offset-list在不同协议里的用法
  在RIP里
  在EIGRP里
3.OSPF过滤区域间的LSA
4.多种协议之间的重分布
5.双点双向重分布
  解决重分布引起的次优路径问题
  解决重分布引起的路由环路问题
6.策略路由PBR
  基于包大小的PBR
  基于应用的PBR
  PBR跟踪远程地址的可达性
7.DHCP
  基本DHCP配置
  DHCP中继服务
8.访问控制列表
  基于时间的ACL
  动态ACL
  自反ACL

基本配置:
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
line vty 0 4
pass cisco
logg sync
exit
host

1. 在不同协议中用distribute-list过滤路由
-------------------------------------------------------------------------------------------

RIP:
-------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R2:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router eigrp 1
distribute-list 10 out
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

在RIP和EIGRP中做过滤的时候,IN方向和OUT都是可以过滤的。但是在OSPF中不一样,OSPF只能在IN方向。

OSPF:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 11.1.1.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0

R2:
access-list 10 deny 33.1.1.1
access-list 10 permit any
router ospf 1
distribute-list 10 in
exit

end
show ip route ospf
conf

R1:
end
show ip route ospf
conf

只接收奇数路由:
--------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.0.1 255.255.255.0
no shut
exit
int l1
ip add 22.1.1.1 255.255.255.0
no shut
exit
int l2
ip add 22.1.2.1 255.255.255.0
no shut
exit
int l3
ip add 22.1.3.1 255.255.255.0
no shut
exit
int l4
ip add 22.1.4.1 255.255.255.0
no shut
exit
int l5
ip add 22.1.5.1 255.255.255.0
no shut
exit
int l6
ip add 22.1.6.1 255.255.255.0
no shut
exit
int l7
ip add 22.1.7.1 255.255.255.0
no shut
exit
int l8
ip add 22.1.8.1 255.255.255.0
no shut
exit
int l9
ip add 22.1.9.1 255.255.255.0
no shut
exit
int l10
ip add 22.1.10.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
exit

R1:
access-list 10 permit 22.1.1.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收偶数路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收被4整除路由
-----------------------------------------------------------
R1:
access-list 10 permit 22.1.0.0 0.0.252.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

2. offset-list在不同协议中的用法
---------------------------------------------------------------------------------------
RIP:
----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
end
clear ip route *
show ip route rip
conf t

access-list 10 permit 33.1.1.0
router rip
offset-list 10 in 3
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

R2:
access-list 10 permit 33.1.1.0
router eigrp 1
offset-list 10 out 280
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

3. OSPF过滤区域间LSA
----------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 11.1.1.0 0.0.0.255 area 0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 1
network 33.1.1.0 0.0.0.255 area 1
exit

--------------------------------------------------
R1:
end
show ip route ospf
conf t

R2:
ip prefix-list YESLAB deny 33.1.1.1/32
ip prefix-list YESLAB permit 0.0.0.0/0 le 32
router ospf 1
area 1 filter-list prefix YESLAB out
exit

R1:
end
show ip route ospf
conf t

4. 多种协议之间的重分布
---------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary

network 12.0.0.0
network 11.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

router ospf 1
router-id 22.1.1.1
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
exit

R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
--------------------------------------------------
R2:
router rip
redistribute ospf 1 metric 5
exit

router ospf 1
redistribute rip subnets
exit

R3:
router eigrp 1
redistribute ospf 1 metric 100000 100 255 1 1500
exit

router ospf 1
reditribute eigrp 1 subnets
exit

5. 双点双向重分布
-----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 1.1.12.1 255.255.255.0
no shut
exit
int f1/0
ip add 1.1.14.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R2:
int f1/0
ip add 1.1.12.2 255.255.255.0
no shut
exit
int f0/0
ip add 1.1.23.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R3:
int f0/0
ip add 1.1.23.3 255.255.255.0
no shut
exit
int f1/0
ip add 2.1.35.3 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 33.1.1.1
network 2.1.35.0 0.0.0.255 area 0
exit

R4:
int f0/0
ip add 1.1.14.4 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 44.1.1.1
network 2.1.45.0 0.0.0.255 area 0
exit

R5:
int f0/0
ip add 2.1.35.5 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.5 255.255.255.0
no shut
exit

router ospf 1
router-id 55.1.1.1
network 2.1.0.0 0.0.255.255 area 0
exit

-------------------------------------------------------
R3:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

R4:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

解决重分布引起的次优路径问题
--------------------------------------------------------
R3:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.23.2 0.0.0.0 10
exit

R4:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.14.1 0.0.0.0 10
exit

解决重分布引起的路由环路问题
-------------------------------------------------------
R3:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map ospf2rip deny 10
match tag 100
exit
route-map rip2ospf deny 10
match tag 200
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R4:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map rip2ospf deny 10
match tag 200
exit
route-map ospf2rip deny 10
match tag 100
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R5:
end
shwo ip route 1.1.12.0
conf t

R1:
end
show ip route 2.1.45.0
conf t

6. 策略路由PBR
----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int f2/0
ip add 24.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 23.0.0.0
network 24.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
network 34.0.0.0
exit

R4:
int f0/0
ip add 24.1.1.4 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 24.0.0.0
network 34.0.0.0
exit

--------------------------------------------------
R2:
access-list 10 permit 12.1.1.0 0.0.0.255
route-map R1-R3
match ip add 10
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map R1-R3
exit

R1:
end
traceroute 33.1.1.1
conf t

R2:
no access-list 10 permit 12.1.1.0 0.0.0.255
no route-map R1-R3
int f0/0
no ip policy route-map R1-R3
exit

基于包大小的PBR
----------------------------------------------------------------
R2:
route-map PBR permit 10
match length 1000 1500
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
ping

R2:
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

基于应用的PBR
----------------------------------------------------------------
R2:
ip access-list extended TELNET
permit tcp any any
exit
route-map PBR permit 10
match ip add TELNET
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
end
telnet 33.1.1.1
ping 33.1.1.1

conf t

R2:
no ip access-list extended TELNET
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

CCNP路由实验(3) -- 路由控制的更多相关文章

  1. CCNP路由实验之八 路由重公布

     CCNP路由实验之八 路由重公布 在前面几个实验,已经学习了静态路由和动态路由.如今,我们要掌握怎样使它们在一个网络中融合,即路由重公布. 使用出站口作为静态路由 0 使用下一跳地址作为静态路由 ...

  2. CCNP路由实验之六 动态路由协议之IS-IS

     CCNP路由实验之六动态路由协议之IS-IS 动态路由协议能够自己主动的发现远程网络.仅仅要网络拓扑结构发生了变化.路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络.还能够在当前网络 ...

  3. CCNP路由实验之九 路由策略

     CCNP路由实验之九 路由策略 路由器在公布与接收路由信息时,可能须要实施一些策略.以便对路由信息进行过滤,比如仅仅接收或公布满足一定条件的路由信息. 一种路由协议可能须要引入其它的路由协议发现 ...

  4. CCNP路由实验之七 动态路由之BGP

     CCNP路由实验之七 动态路由之BGP 动态路由协议能够自己主动的发现远程网络,仅仅要网络拓扑结构发生了变化,路由器就会相互交换路由信息,不仅能够自己主动获知新添加的网络,还能够在当前网络连接失 ...

  5. CCNP路由实验之十二 MPLS

     个.第3个数据包„„同样的操作.包含查询路由表.重写MAC地址,CRC校验等. 系列路由器.或者12000系列路由器. Netflow switching 通过一种标准的交换机制,处理了流的第一 ...

  6. CCNP路由实验之十 组播(多播)

                        CCNP路由实验之十 组播(多播) 种方法: 在交换机上配置静态的多播MAC地址到用户接口的映射 使用CGMP.执行CGMP的多播路由器能够将用户发送给自己 ...

  7. CCNP路由实验之十五 NAT(网络地址转换)

     CCNP路由实验之十五 NAT(网络地址转换) 众所周知,要让自己的电脑连上Internet,必须要到运营商(ISP)申请一个上网账号,依据此账号申请自己的宽频业务(拨号上网.商业固定IP等等) ...

  8. CCNP之静态路由实验报告

                   静态路由实验报告 一.实验要求: 1.内网IP基于172.16.0.0/16自行子网划分 2.除了R2--R4路由器各有两个环回接口 3.R1下的PC自动获取IP地址 4 ...

  9. CCNP路由实验(4) -- BGP

    基本配置:enableconf tno ip do loenable pass ciscoline con 0logg syncexec-t 0 0line vty 0 4pass ciscologg ...

随机推荐

  1. struts2 + jquery 开发环境下的ajax构建方法(action写法 + struts.xml配置 + js调用代码)

    1.action写法 public class RegisterAction extends ActionSupport { private InputStream inputStream; /** ...

  2. Android 通知栏系列....

    转:http://blog.csdn.net/vipzjyno1/article/details/25248021 在android的应用层中,涉及到很多应用框架,例如:Service框架,Activ ...

  3. Ajax中XML和JSON格式的优劣比较

    刚做完一个小的使用Ajax的项目.整个小项目使用JavaScript做客户端,使用PHP做服务器端.利用xmlHttpRequest组件作为交互工具,利用XML作为数据传输的格式.做完后基本做一个简单 ...

  4. centos之tomcat安装

    1.环境说明     系统:centos, 2.6.32-573.el6.x86_64; tomcat: apache-tomcat-7.0.68 2.下载文件并上传     下载apache-tom ...

  5. CentOS 7 下yum安装xtrabackup备份工具

    第一步:安装xtrabackup的数据库 yum install https://www.percona.com/redir/downloads/percona-release/redhat/late ...

  6. 紫薇~还记得大明湖畔的HTML5智力拼图吗?

    曲线谜团是非常有趣的HTML5智力游戏,据说超过多少分会有惊喜,游戏简单易操作,偶尔抛弃那种杀死脑细胞的大型游戏,玩玩这种简单经典的益智小游戏,放松放松,也是不错的选择嘛-将游戏 通过 统一开发环境( ...

  7. JavaEE Tutorials (17) - Java消息服务示例

    17.1JMS示例概述23317.2编写简单的JMS应用233 17.2.1启动JMS提供者234 17.2.2创建JMS受管理对象234 17.2.3构建所有简单示例235 17.2.4发送消息23 ...

  8. NOI2013 Day1

    NOI2013 Day1 向量内积 题目描述:两个\(d\)维向量\(A\)与\(B\)的内积为其相对应维度的权值的乘积和,现有\(n\)个\(d\)维向量 ,求是否存在两个向量的内积为\(k\)(\ ...

  9. poj2186 Popular Cows --- 强连通

    给一个有向图,问有多少结点是其它全部结点都能够到达的. 等价于,在一个有向无环图上,找出度为0 的结点.假设出度为0的结点仅仅有一个,那么这个就是答案.假设大于1个.则答案是0. 这题有环.所以先缩点 ...

  10. Flash,EEPROM差别

    flash是用来存储代码的,在执行过程中不能改:EEPROM是用来保存用户数据,执行过程中能够改变,比方一个时钟的闹铃时间初始化设定为12:00,后来在执行中改为6:00,这是保存在EEPROM里,不 ...