过滤路由控制路由的发布和接收

写在前面：本人是一名计算机系大二的学生，正在备考HCIE R&S,会不定时的将我的学习笔记分享给大家！如果需要更多的学习资源可以通过我的GitHub自行下载！

路由策略实验

topo

实验需求

• 运行 OSPF 协议的网络中，RouterA 从 Internet 网络接收路由，并为 OSPF 网络提供了 Internet路由。要求 OSPF 网络中只能访问 172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三个网段的网络，其中 RouterC 连接的网络只能访问 172.1.18.0/24 网段的网络。

需求分析

1. 在 RouterA 上配置路由策略，在路由发布时运用路由策略，使 RouterA 仅提供路由172.1.17.0/24、172.1.18.0/24、172.1.19.0/24 给 RouterB，实现 OSPF 网络中只能访问172.1.17.0/24、172.1.18.0/24 和 172.1.19.0/24 三个网段的网络。

2. 在 RouterC 上配置路由策略，在路由引入时运用路由策略，使 RouterC 仅接收路由
   172.1.18.0/24，实现 RouterC 连接的网络只能访问 172.1.18.0/24 网段的网络。

实验配置

a、基本地址配置

[r1]
#
sysname r1
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.1 255.255.255.0 
#

[r2]
#
sysname r2
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 192.168.2.1 255.255.255.0 
#
interface GigabitEthernet2/0/0
 ip address 192.168.3.1 255.255.255.0 
#

[r3]
#
sysname r3
#
interface GigabitEthernet0/0/0
 ip address 192.168.2.2 255.255.255.0 
#

[r4]
#
sysname r4
#
interface GigabitEthernet0/0/0
 ip address 192.168.3.2 255.255.255.0 
#

b、ospf

[r1]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.1.0 0.0.0.255 
#

[r2]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.1.0 0.0.0.255 
  network 192.168.2.0 0.0.0.255 
  network 192.168.3.0 0.0.0.255 
#

[r3]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.2.0 0.0.0.255 
#

[r4]
#
ospf 1 
 area 0.0.0.0 
  network 192.168.3.0 0.0.0.255 
#

c、配置静态路由

[r1]
#
ip route-static 172.1.16.0 255.255.255.0 NULL0
ip route-static 172.1.17.0 255.255.255.0 NULL0
ip route-static 172.1.18.0 255.255.255.0 NULL0
ip route-static 172.1.19.0 255.255.255.0 NULL0
ip route-static 172.1.20.0 255.255.255.0 NULL0
#

查看路由表

dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 14 Routes : 14

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.16.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.17.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.18.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.19.0/24 Static 60 0 D 0.0.0.0 NULL0
172.1.20.0/24 Static 60 0 D 0.0.0.0 NULL0
192.168.1.0/24 Direct 0 0 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.3.0/24 OSPF 10 2 D 192.168.1.2 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

d、过滤路由

• 路由发布策略

[r1]
#
ospf 1 
 filter-policy ip-prefix rourou export static  //发布路由
 import-route static
#
ip ip-prefix rourou index 10 permit 172.1.17.0 24
ip ip-prefix rourou index 20 permit 172.1.18.0 24
ip ip-prefix rourou index 30 permit 172.1.19.0 24
#

在r2上验证结果

dis ip routing-table
Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 16 Routes : 16

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.17.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.18.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
172.1.19.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet 0/0/0
192.168.1.0/24 Direct 0 0 D 192.168.1.2 GigabitEthernet 0/0/0
192.168.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.1 GigabitEthernet 0/0/1
192.168.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
192.168.3.0/24 Direct 0 0 D 192.168.3.1 GigabitEthernet 2/0/0
192.168.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
192.168.3.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 2/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

• 路由接收策略

[r3]
#
ospf 1 
 filter-policy ip-prefix rou import   //接收
#
ip ip-prefix rou index 10 permit 172.1.18.0 24
#

在r3上查看路由表

dis ip routing-table Route Flags: R - relay, D - download to
fib
------------------------------------------------------------------------------ Routing Tables: Public
Destinations : 8 Routes : 8

Destination/Mask Proto Pre Cost Flags NextHop
Interface
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.18.0/24 O_ASE 150 1 D 192.168.2.1 GigabitEthernet 0/0/0
192.168.2.0/24 Direct 0 0 D 192.168.2.2 GigabitEthernet 0/0/0
192.168.2.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0

查看 RouterC 的 OSPF 路由表，可以看到 OSPF 路由表中接收到 3 条列表rourou 中定义的路由。因为在链路状态协议中，filter-policy import 命令用于过滤从协议路由表加入本地核心路由表的路由。

dis ospf routing

OSPF Process 1 with Router ID 192.168.2.2
Routing Tables

Routing for Network Destination Cost Type NextHop
AdvRouter Area
192.168.2.0/24 1 Transit 192.168.2.2 192.168.2.2 0.0.0.0
192.168.1.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0
192.168.3.0/24 2 Transit 192.168.2.1 192.168.1.2 0.0.0.0

Routing for ASEs Destination Cost Type Tag
NextHop AdvRouter
172.1.17.0/24 1 Type2 1 192.168.2.1 192.168.1.1
172.1.18.0/24 1 Type2 1 192.168.2.1 192.168.1.1
172.1.19.0/24 1 Type2 1 192.168.2.1 192.168.1.1

Total Nets: 6 Intra Area: 3 Inter Area: 0 ASE: 3 NSSA: 0

本文均属肉肉原创，如有不详或错误，欢迎指出！

本文作者：肉肉
版权声明：博客所有文章除特别声明外，均采用 CC BY-NC-SA 4.0 许可协议。转载请注明出处！