CCNP-25 分配列表(BSCI)
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://loveme23.blog.51cto.com/7891/49793 |
CCNP-25 分配列表试验拓扑: 实验要求:R1与R2起OSPF,在R1上起LOOPBACK地址用于测试,分别配置分配列表来过滤不必要的路由更新。
试验目的:掌握基本的分配列表和路由重发布中分配列表的配置方法。
试验配置:
R1:
R1(config)#int s1/0
R1(config-if)#ip add 199.99.1.1
255.255.255.0
R1(config-if)#clock rate 64000
R1(config-if)#no shu
R1(config-if)#exit
R1(config)#int loop0
R1(config-if)#ip add
R1(config-if)#exit
R1(config)#int loop1
R1(config-if)#ip add 172.16.1.1
255.255.255.0
R1(config-if)#ip ospf network
point-to-point
R1(config-if)#exit
R1(config)#int loop2
R1(config-if)#ip add 172.16.2.1
255.255.255.0
R1(config-if)#ip ospf network
point-to-point
R1(config-if)#exit
R1(config)#router ospf 100
R1(config-router)#router-id
R1(config-router)#network 199.99.1.0
R1(config-router)#network 172.16.1.0
R1(config-router)#network 172.16.2.0
R1(config-router)#exit
R2:
R2(config)#int s1/0
R2(config-if)#ip add 199.99.1.2
255.255.255.0
R2(config-if)#no shu
R2(config-if)#exit
R2(config)#int loop0
R2(config-if)#ip add
R2(config-if)#exit
R2(config)#router ospf 100
R2(config-router)#router-id
R2(config-router)#network 199.99.1.0
R2(config-router)#exit
基本配置完成,然后我们来查看一下R2的LSDB和路由表:
R2#show ip ospf database
OSPF Router with ID (
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
Summary Net Link States (Area
0)
Link ID ADV Router Age Seq# Checksum
172.16.1.0
172.16.2.0
R2#show ip route
Codes: C - connected, S - static, R - RIP,
M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/65] via 199.99.1.1,
00:00:03, Serial1/0
O IA 172.16.2.0 [110/65] via 199.99.1.1,
00:00:03, Serial1/0
C
199.99.1.0/24 is directly connected, Serial1/0
好的,在R2上可以看到有两条区域外部路由,然后我们开始配置分配列表:
(注意:在RIP,IGRP,EIGRP的路由协议中,分配列表的IN/OUT方向都可以配置,但是在ISIS与OSPF路由协议中,分配列表只能应用IN方向的)
R2(config)#access-list 10
deny 172.16.1.0
R2(config)#access-list 10
permit any
R2(config)#router ospf 100
R2(config-router)#distribute-list
R2(config-router)#exit
先定义ACL禁止172.16.1.0/24的数据包通过,然后应用到OSPF中,方向为IN方向,配置完成后我们再看R2的路由表:
R2#show ip route
Codes: C - connected, S - static, R - RIP,
M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
N1 - OSPF NSSA external type 1, N2 - OSPF
NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
172.16.0.0/24 is subnetted, 1 subnets
O IA 172.16.2.0 [110/65] via 199.99.1.1,
00:00:02, Serial1/0
C
199.99.1.0/24 is directly connected, Serial1/0
确实没有172.16.1.0/24的路由条目了,再看一下LSDB有什么变化?
R2#show ip ospf database
OSPF Router with ID (
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
Summary Net Link States (Area
0)
Link ID ADV Router Age Seq# Checksum
172.16.1.0
172.16.2.0
没有任何变化,也就是说在链路状态路由协议中应用分配列表,只是当适当的路由从LSDB中选取出来放到路由表的时候过滤掉分配列表中定义过滤的路由,但是无法阻止LSDB的更新。
下面我们在R1上再起两个loopback接口,然后配置RIP路由协议,将RIP重发布到OSPF中,接着再配置分配列表来过滤掉不需要的路由:
R1(config)#int loop3
R1(config-if)#ip add 177.77.1.1
255.255.255.0
R1(config-if)#exit
R1(config)#int loop4
R1(config-if)#ip add 177.77.2.1
255.255.255.0
R1(config-if)#exit
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 177.77.1.0
R1(config-router)#network 177.77.2.0
R1(config-router)#no auto-summary
R1(config-router)#exit
R1(config)#router ospf 100
R1(config-router)#redistribute rip subnets
R1(config-router)#exit
配置完成后再到R2上查看LSDB与路由表:
R2#show ip ospf database
OSPF Router with ID (
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
Summary Net Link States (Area
0)
Link ID ADV Router Age Seq# Checksum
172.16.1.0
172.16.2.0
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
177.77.1.0
177.77.2.0
R2#show ip route
Codes: C - connected, S - static, R - RIP,
M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
172.16.0.0/24 is subnetted, 1 subnets
O IA
172.16.2.0 [110/65] via 199.99.1.1, 00:00:01, Serial1/0
C
199.99.1.0/24 is directly connected, Serial1/0
177.77.0.0/24 is subnetted, 2 subnets
O E2 177.77.1.0 [110/20] via 199.99.1.1,
00:00:01, Serial1/0
O E2 177.77.2.0 [110/20] via 199.99.1.1, 00:00:01,
Serial1/0
成功学习到了自制系统外部路由。下面在R1上配置分配列表:
R1(config)#access-list 20
deny 177.77.1.0
R1(config)#access-list 20
permit any
R1(config)#router ospf 100
R1(config-router)#distribute-list
20 out rip
R1(config-router)#exit
首先定义ACL,禁止177.77.1.0/24的路由,然后应用到OSPF 100中,方向为OUT,然后查看R2的LSDB与路由表:
R2#show ip route
Codes: C - connected, S - static, R - RIP,
M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
172.16.0.0/24 is subnetted, 1 subnets
O IA
172.16.2.0 [110/65] via 199.99.1.1, 00:00:23, Serial1/0
C
199.99.1.0/24 is directly connected, Serial1/0
177.77.0.0/24 is subnetted, 1 subnets
O E2 177.77.2.0 [110/20] via 199.99.1.1,
00:00:23, Serial1/0
只剩下一条自治系统外部路由了;
R2#show ip ospf database
OSPF Router with ID (
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.1.0
172.16.2.0
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
177.77.1.0
177.77.2.0
同样的LSDB没有任何变化,这也再次说明分配列表对LSDB没有任何影响!
最后我们用命令show ip
protocols来查看一下两台路由器的路由协议配置情况:
R1#show ip protocols
Routing Protocol is "ospf 100"
Outgoing update filter list for all interfaces is not set
Redistributed rip filtered by 20
Incoming update filter list for all interfaces is not set
Router ID
It
is an area border and autonomous system boundary router
Redistributing External Routes from,
rip, includes subnets in redistribution
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
172.16.1.0
172.16.2.0
199.99.1.0
Reference bandwidth unit is 100 mbps
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 110)
上面用红色标记的是说重分布RIP到OSPF中,并且过滤掉匹配ACL20的路由条目。
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 14 seconds
Invalid after 180 seconds, hold down 180,
flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv
Triggered RIP Key-chain
Loopback3 2 2
Loopback4 2 2
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
177.77.0.0
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 120)
R2#show ip protocols
Routing Protocol is "ospf 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all
interfaces is 10
Router ID
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
199.99.1.0
Reference bandwidth unit is 100 mbps
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 110)
上面用红色标记的是说过滤掉匹配ACL10的,从所有接口进来的路由更新。
实验总结:掌握基本的分配列表的配置与重发布路由协议中应用分配列表的方法。
本文出自 “★Beckham~23” 博客,请务必保留此出处http://loveme23.blog.51cto.com/7891/49793 本文出自 51CTO.COM技术博客 |
loveme23
博客统计信息
热门文章
最新评论
友情链接