過濾路由控制路由的發佈和接收

寫在前面：本人是一名計算機系大二的學生，正在備考HCIE R&S,會不定時的將我的學習筆記分享給大家！如果需要更多的學習資源可以通過我的GitHub自行下載！

路由策略實驗

topo

實驗需求

• 運行 OSPF 協議的網絡中，RouterA 從 Internet 網絡接收路由，併爲 OSPF 網絡提供了 Internet路由。要求 OSPF 網絡中只能訪問 172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三個網段的網絡，其中 RouterC 連接的網絡只能訪問 172.1.18.0/24 網段的網絡。

需求分析

1. 在 RouterA 上配置路由策略，在路由發佈時運用路由策略，使 RouterA 僅提供路由172.1.17.0/24、172.1.18.0/24、172.1.19.0/24 給 RouterB，實現 OSPF 網絡中只能訪問172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三個網段的網絡。

2. 在 RouterC 上配置路由策略，在路由引入時運用路由策略，使 RouterC 僅接收路由
   172.1.18.0/24，實現 RouterC 連接的網絡只能訪問 172.1.18.0/24 網段的網絡。

實驗配置

a、基本地址配置

[r1]
#
sysname r1
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.1 255.255.255.0 
#

[r2]
#
sysname r2
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 192.168.2.1 255.255.255.0 
#
interface GigabitEthernet2/0/0
 ip address 192.168.3.1 255.255.255.0 
#

[r3]
#
sysname r3
#
interface GigabitEthernet0/0/0
 ip address 192.168.2.2 255.255.255.0 
#

[r4]
#
sysname r4
#
interface GigabitEthernet0/0/0
 ip address 192.168.3.2 255.255.255.0 
#

b、ospf

[r1]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.1.0 0.0.0.255 
#

[r2]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.1.0 0.0.0.255 
  network 192.168.2.0 0.0.0.255 
  network 192.168.3.0 0.0.0.255 
#

[r3]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.2.0 0.0.0.255 
#

[r4]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.3.0 0.0.0.255 
#

c、配置靜態路由

[r1]
#
ip route-static 172.1.16.0 255.255.255.0 NULL0
ip route-static 172.1.17.0 255.255.255.0 NULL0
ip route-static 172.1.18.0 255.255.255.0 NULL0
ip route-static 172.1.19.0 255.255.255.0 NULL0
ip route-static 172.1.20.0 255.255.255.0 NULL0
#

查看路由表

dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 14 Routes : 14

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.16.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.17.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.18.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.19.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.20.0/24 Static 60 0 D 0.0.0.0 NULL0
192.168.1.0/24 Direct 0 0 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.3.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

d、過濾路由

• 路由發佈策略

[r1]
#
ospf 1 
 filter-policy ip-prefix rourou export static  //發佈路由
 import-route static
#
ip ip-prefix rourou index 10 permit 172.1.17.0 24
ip ip-prefix rourou index 20 permit 172.1.18.0 24
ip ip-prefix rourou index 30 permit 172.1.19.0 24
#

在r2上驗證結果

dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 16 Routes : 16

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.17.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.18.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.19.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.0/24 Direct 0 0 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.1 GigabitEthernet 0/0/1
192.168.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.3.0/24 Direct 0 0 D 192.168.3.1 GigabitEthernet 2/0/0
192.168.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
192.168.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

• 路由接收策略

[r3]
#
ospf 1 
 filter-policy ip-prefix rou import   //接收
#
ip ip-prefix rou index 10 permit 172.1.18.0 24
#

在r3上查看路由表

dis ip routing-table Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 8 Routes : 8

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.18.0/24 O_ASE 150 1 D 192.168.2.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.2 GigabitEthernet 0/0/0
192.168.2.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

查看 RouterC 的 OSPF 路由表，可以看到 OSPF 路由表中接收到 3 條列表rourou 中定義的路由。因爲在鏈路狀態協議中，filter-policy import 命令用於過濾從協議路由表加入本地核心路由表的路由。

dis ospf routing

OSPF Process 1 with Router ID 192.168.2.2
Routing Tables

Routing for Network Destination Cost Type NextHop
AdvRouter Area
192.168.2.0/24 1 Transit 192.168.2.2 192.168.2.2 0.0.0.0
192.168.1.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0
192.168.3.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0

Routing for ASEs Destination Cost Type Tag
NextHop AdvRouter
172.1.17.0/24 1 Type2 1 192.168.2.1 192.168.1.1
172.1.18.0/24 1 Type2 1 192.168.2.1 192.168.1.1
172.1.19.0/24 1 Type2 1 192.168.2.1 192.168.1.1

Total Nets: 6 Intra Area: 3 Inter Area: 0 ASE: 3 NSSA: 0

本文均屬肉肉原創，如有不詳或錯誤，歡迎指出！

本文作者：肉肉
版權聲明：博客所有文章除特別聲明外，均採用 CC BY-NC-SA 4.0 許可協議。轉載請註明出處！