目录
- 实验条件
- 网络拓朴
- 需求
- 基础配置
- 需求实现
- 1.A---F所有区用Loopback模拟,地址格式为:XX.XX.XX.XX/32,其中X为路由器编号。根据拓扑宣告进对应协议。A1和A2区为特例,A1:55.55.55.0/24,A2:55.55.66.0/24
- 2.照拓扑图配置EIGRP/OSPF路由协议,关闭所有自动汇总。OSPF手动指明RID为Loopback 0地址。
- 3.R4做双向重分布,R6把OSPF重分布到EIGRP,要求全网ping通。如无明确说明,禁止使用静态路由,禁止直接使用ACL过滤数据。
- 4. A1区网段为55.55.55.0/24,配置R6使其禁止从R7学到此网段(要求:使用前缀列表)
- 5. 在R4上配置,要求EIGRP重分布到OSPF时,B区Metric值为100,类型为E1;C区Metric值为200,类型为E1。 其他路由按照默认设置。
- 6. 在R1的Area 0中增加以下网段:11.11.1.0/24、11.11.2.0/24 (用Loopback模拟),要求在R2上配置最精确的路由汇总,并且只允许在III区学到该汇总路由。
- 7. 要求A1到F区的数据流走R4,A2到E区的数据流走R6(R5带A1和A2的源地址采用Traceroute测试)
- 8. 在R7上配置,使其路由表中显示去往E、F区的下一跳是R6。
- 9. 在R4上配置,使其访问E区走 I 区 --> III 区,其他路线不变 (要求:不允许策略路由和分发列表)
实验条件
网络拓朴
拓扑中的IP地址段采用:172.8.AB.X/24,其中AB为两台路由器编号组合,
例如:R3-R6之间的AB为36,X为路由器编号,例如R3的X=3
所有路由器都有一个Loopback 0接口,地址格式为:X.X.X.X/32,其中X为路由器编号。
没有特殊要求,不允许使用静态路由。
需求
- A—F所有区用Loopback模拟,地址格式为:XX.XX.XX.XX/32,其中X为路由器编号。根据拓扑宣告进对应协议。A1和A2区为特例,A1:55.55.55.0/24,A2:55.55.66.0/24。
- 照拓扑图配置EIGRP/OSPF路由协议,关闭所有自动汇总。OSPF手动指明RID为Loopback 0地址。
- R4做双向重分布,R6把OSPF重分布到EIGRP,要求全网ping通。如无明确说明,禁止使用静态路由,禁止直接使用ACL过滤数据。
- A1区网段为55.55.55.0/24,配置R6使其禁止从R7学到此网段(要求:使用前缀列表)
- 在R4上配置,要求EIGRP重分布到OSPF时,B区Metric值为100,类型为E1;C区Metric值为200,类型为E1。 其他路由按照默认设置。
- 在R1的Area 0中增加以下网段:11.11.1.0/24、11.11.2.0/24 (用Loopback模拟),要求在R2上配置最精确的路由汇总,并且只允许在III区学到该汇总路由。
- 要求A1到F区的数据流走R4,A2到E区的数据流走R6(R5带A1和A2的源地址采用Traceroute测试)
- 在R7上配置,使其路由表中显示去往E、F区的下一跳是R6。
- 在R4上配置,使其访问E区走 I 区 --> III 区,其他路线不变 (要求:不允许策略路由和分发列表)
基础配置
R1
R1#show run | s interface
interface Loopback0ip address 1.1.1.1 255.255.255.255ip ospf 89 area 2
interface Ethernet0/0ip address 14.1.1.1 255.255.255.0ip ospf 89 area 2duplex auto
interface Ethernet0/1ip address 12.1.1.1 255.255.255.0ip ospf 89 area 0duplex auto
R1#show run | s rout
router ospf 89router-id 1.1.1.1
R2
R2#show run | s interface
interface Loopback0ip address 2.2.2.2 255.255.255.255ip ospf 89 area 0
interface Loopback1ip address 22.22.22.22 255.255.255.255
interface Ethernet0/0ip address 23.1.1.2 255.255.255.0ip ospf 89 area 3duplex auto
interface Ethernet0/1ip address 12.1.1.2 255.255.255.0ip ospf 89 area 0duplex auto
R2#show run | s route
router ospf 89router-id 2.2.2.2
R3
R3(config-if)#do show run | s interface
interface Loopback0ip address 3.3.3.3 255.255.255.255ip ospf 89 area 3
interface Loopback1ip address 33.33.33.33 255.255.255.255
interface Ethernet0/0ip address 23.1.1.3 255.255.255.0ip ospf 89 area 3duplex auto
interface Ethernet0/1ip address 36.1.1.3 255.255.255.0ip ospf 89 area 3duplex auto
R3(config-if)#do show run | s route
router ospf 89router-id 3.3.3.3
R4
R4(config-route-map)#do show run | s interface
interface Loopback0ip address 4.4.4.4 255.255.255.255ip ospf 89 area 2
interface Loopback1ip address 44.44.44.44 255.255.255.255
interface Ethernet0/0ip address 14.1.1.4 255.255.255.0ip ospf 89 area 2duplex auto
interface Ethernet0/1ip address 47.1.1.4 255.255.255.0duplex auto
R4(config-route-map)#do show run | s route
router eigrp 1network 44.44.44.44 0.0.0.0network 47.1.1.4 0.0.0.0eigrp router-id 4.4.4.4
router ospf 89router-id 4.4.4.4
R5
R5(config-router)#do show run | s interface
interface Loopback0ip address 5.5.5.5 255.255.255.255
interface Loopback1ip address 55.55.55.55 255.255.255.0
interface Loopback2ip address 55.55.66.66 255.255.255.0
interface Ethernet0/2ip address 57.1.1.5 255.255.255.0duplex auto
R5(config-router)#do show run | s route
router eigrp 1network 0.0.0.0eigrp router-id 5.5.5.5
R5(config-router)#
R6
R6(config-router)#do show run | s interface
interface Loopback0ip address 6.6.6.6 255.255.255.255ip ospf 89 area 3
interface Loopback1ip address 66.66.66.66 255.255.255.255
interface Ethernet0/0ip address 67.1.1.6 255.255.255.0duplex auto
interface Ethernet0/1ip address 36.1.1.6 255.255.255.0ip ospf 89 area 3duplex auto
R6(config-router)#do show run | s route
router eigrp 1distribute-list prefix A1 in network 66.66.66.66 0.0.0.0network 67.1.1.6 0.0.0.0eigrp router-id 6.6.6.6
router ospf 89router-id 6.6.6.6
R6(config-router)#
R7
R7(config-router)#do show run | s route
router eigrp 1network 0.0.0.0eigrp router-id 7.7.7.7
R7(config-router)#do show run | s interface
interface Loopback0ip address 7.7.7.7 255.255.255.255
interface Loopback1ip address 77.77.77.77 255.255.255.255
interface Ethernet0/0ip address 67.1.1.7 255.255.255.0duplex auto
interface Ethernet0/1ip address 47.1.1.7 255.255.255.0duplex auto
interface Ethernet0/2ip address 57.1.1.7 255.255.255.0duplex auto
R7(config-router)#do show run | s route
router eigrp 1network 0.0.0.0eigrp router-id 7.7.7.7
R7(config-router)#
需求实现
1.A—F所有区用Loopback模拟,地址格式为:XX.XX.XX.XX/32,其中X为路由器编号。根据拓扑宣告进对应协议。A1和A2区为特例,A1:55.55.55.0/24,A2:55.55.66.0/24
基础配置中已完成
2.照拓扑图配置EIGRP/OSPF路由协议,关闭所有自动汇总。OSPF手动指明RID为Loopback 0地址。
基础配置中已完成
3.R4做双向重分布,R6把OSPF重分布到EIGRP,要求全网ping通。如无明确说明,禁止使用静态路由,禁止直接使用ACL过滤数据。
R4:
router eigrp 1
redistribute ospf 89 metric 10000 100 255 1 1500router ospf 89
redistribute eigrp 1 subnets
R6:
router eigrp 1
redistribute ospf 89 metric 10000 100 255 1 1500
4. A1区网段为55.55.55.0/24,配置R6使其禁止从R7学到此网段(要求:使用前缀列表)
R6:
ip prefix-list A1 deny 55.55.55.0/24
ip prefix-list A1 permit 0.0.0.0/0 le 32
router eigrp 1
distribute-list prefix A1 in Ethernet0/0
5. 在R4上配置,要求EIGRP重分布到OSPF时,B区Metric值为100,类型为E1;C区Metric值为200,类型为E1。 其他路由按照默认设置。
R4:
access-list 1 permit 44.44.44.44
access-list 2 permit 66.66.66.66route-map BCarea permit 10match ip address 1set metric 100set metric-type type-1
route-map BCarea permit 20match ip address 2set metric 200set metric-type type-1
route-map BCarea permit 30router ospf 89
redistribute eigrp 1 subnets route-map BCarea
6. 在R1的Area 0中增加以下网段:11.11.1.0/24、11.11.2.0/24 (用Loopback模拟),要求在R2上配置最精确的路由汇总,并且只允许在III区学到该汇总路由。
R1:
interface Loopback1ip address 11.11.1.1 255.255.255.0
interface Loopback2ip address 11.11.2.1 255.255.255.0
router ospf 89network 11.11.1.1 0.0.0.0 area 0network 11.11.2.1 0.0.0.0 area 0
R2:
router ospf 89area 0 range 11.11.0.0 255.255.252.0
现在要将这个汇总的路由限制在III区内,那就是要在R6上重分布到I区时,拦截该条汇总路由,不让他分布进I区的eigrp协议中
R6:
ip prefix-list R1-summary permit 11.11.0.0/22 // 精确匹配这条路由route-map R1-summary deny 10 //拒绝match的路由match ip address prefix-list R1-summary
route-map R1-summary permit 20router eigrp 1redistribute ospf 89 metric 10000 100 255 1 1500 route-map R1-summary
7. 要求A1到F区的数据流走R4,A2到E区的数据流走R6(R5带A1和A2的源地址采用Traceroute测试)
这个需求可以使用策略路由来实现这个功能, 根据源地址来决定路由走向,先定义两个ACL
R7:
access-list 155 permit 55.55.55.0 0.0.0.255 host 22.22.22.22 // 扩展ACL
access-list 166 permit 55.55.66.0 0.0.0.255 host 33.33.33.33route-map PBR permit 10match ip address 155set ip next-hop 47.1.1.4
route-map PBR permit 20match ip address 166set ip next-hop 67.1.1.6在A1,A2区进入R7的时候,配置策略路由
interface ethernet 0/2ip policy route-map PBR
测试结果
R5:
R5#traceroute 22.22.22.22 source 55.55.55.55
Type escape sequence to abort.
Tracing the route to 22.22.22.22
VRF info: (vrf in name/id, vrf out name/id)1 57.1.1.7 0 msec 1 msec 0 msec2 47.1.1.4 0 msec 1 msec 0 msec3 14.1.1.1 1 msec 0 msec 1 msec4 12.1.1.2 0 msec * 1 msec
R5#traceroute 33.33.33.33 source 55.55.66.66
Type escape sequence to abort.
Tracing the route to 33.33.33.33
VRF info: (vrf in name/id, vrf out name/id)1 57.1.1.7 0 msec 1 msec 0 msec2 67.1.1.6 1 msec 0 msec 0 msec3 36.1.1.3 1 msec * 0 msec
8. 在R7上配置,使其路由表中显示去往E、F区的下一跳是R6。
去往E、F区的路由是 22.22.22.22 33.33.33.33
R7: 路由表
22.0.0.0/32 is subnetted, 1 subnets
D EX 22.22.22.22 [170/307200] via 67.1.1.6, 04:00:32, Ethernet0/0[170/307200] via 47.1.1.4, 04:00:32, Ethernet0/133.0.0.0/32 is subnetted, 1 subnets
D EX 33.33.33.33 [170/307200] via 67.1.1.6, 03:46:12, Ethernet0/0[170/307200] via 47.1.1.4, 03:46:12, Ethernet0/1
从路由表上得到的信息是,等价负载均衡的,现在只需增大去往R4的metric值,使的R6的metric优先,就可以达到目的
R7:
access-list 10 permit 22.22.22.22
access-list 10 permit 33.33.33.33
router eigrp 1offset-list 10 in 1 ethernet 0/1 //从R4通告过来的,通过ethernet 0/1接口 进来的方向
路由表结果
22.0.0.0/32 is subnetted, 1 subnets
D EX 22.22.22.22 [170/307200] via 67.1.1.6, 00:00:02, Ethernet0/023.0.0.0/24 is subnetted, 1 subnets
D EX 23.1.1.0 [170/307200] via 67.1.1.6, 00:00:02, Ethernet0/0[170/307200] via 47.1.1.4, 00:00:02, Ethernet0/133.0.0.0/32 is subnetted, 1 subnets
D EX 33.33.33.33 [170/307200] via 67.1.1.6, 00:00:02, Ethernet0/0
R7(config-router)#do show ip eigrp topology 22.22.22.22/32
EIGRP-IPv4 Topology Entry for AS(1)/ID(7.7.7.7) for 22.22.22.22/32State is Passive, Query origin flag is 1, 1 Successor(s), FD is 307200Descriptor Blocks:67.1.1.6 (Ethernet0/0), from 67.1.1.6, Send flag is 0x0Composite metric is (307200/281600), route is ExternalVector metric:Minimum bandwidth is 10000 KbitTotal delay is 2000 microsecondsReliability is 255/255Load is 255/255Minimum MTU is 1500Hop count is 1Originating router is 6.6.6.6External data:AS number of route is 89External protocol is OSPF, external metric is 21Administrator tag is 0 (0x00000000)47.1.1.4 (Ethernet0/1), from 47.1.1.4, Send flag is 0x0Composite metric is (307201/281600), route is ExternalVector metric:Minimum bandwidth is 10000 KbitTotal delay is 2000 microsecondsReliability is 255/255Load is 255/255Minimum MTU is 1500Hop count is 1Originating router is 4.4.4.4External data:AS number of route is 89External protocol is OSPF, external metric is 21Administrator tag is 0 (0x00000000)
67.1.1.6 (Ethernet0/0), from 67.1.1.6, Send flag is 0x0Composite metric is (307200/281600), route is External47.1.1.4 (Ethernet0/1), from 47.1.1.4, Send flag is 0x0Composite metric is (307201/281600), route is External
R4上的路由metric FD值为307201,比R6上的307200大了1
9. 在R4上配置,使其访问E区走 I 区 --> III 区,其他路线不变 (要求:不允许策略路由和分发列表)
R4上查询路由表得到
33.0.0.0/32 is subnetted, 1 subnets
O IA 33.33.33.33 [110/31] via 14.1.1.1, 00:20:20, Ethernet0/0
查询Eigrp拓扑表可以查到以下记录
R4#show ip eigrp topology 33.33.33.33/32
EIGRP-IPv4 Topology Entry for AS(1)/ID(4.4.4.4) for 33.33.33.33/32State is Passive, Query origin flag is 1, 1 Successor(s), FD is 281600Descriptor Blocks:14.1.1.1, from Redistributed, Send flag is 0x0Composite metric is (281600/0), route is ExternalVector metric:Minimum bandwidth is 10000 KbitTotal delay is 1000 microsecondsReliability is 255/255Load is 255/255Minimum MTU is 1500Hop count is 0Originating router is 4.4.4.4External data:AS number of route is 89External protocol is OSPF, external metric is 31Administrator tag is 0 (0x00000000)47.1.1.7 (Ethernet0/1), from 47.1.1.7, Send flag is 0x0Composite metric is (332800/307200), route is ExternalVector metric:Minimum bandwidth is 10000 KbitTotal delay is 3000 microsecondsReliability is 255/255Load is 255/255Minimum MTU is 1500Hop count is 2Originating router is 6.6.6.6External data:AS number of route is 89External protocol is OSPF, external metric is 11Administrator tag is 0 (0x00000000)
我的想法是通过在eigrp里修改distance,达到目的,具体是这样的
access-list 33 permit 33.33.33.33 router eigrp 1distance 109 47.1.1.7 0.0.0.0 33
但是可惜没有能达到目的,因为33.33.33.33是eigrp外部路由,不能生效。 所以就改将ospf OIA的AD值为110的那条记录。修改成171,因为eigrp外部路由的AD值为170,这样的话,ospf的那条路由记录就会竞争RIB失效。从而达到我们的目的,从I区,III区走。
access-list 33 permit 33.33.33.33 router ospf 89distance 171 0.0.0.0 255.255.255.255 33
查询路由表得到
33.0.0.0/32 is subnetted, 1 subnets
D EX 33.33.33.33 [170/332800] via 47.1.1.7, 00:00:07, Ethernet0/1测试路径
R4#traceroute 33.33.33.33
Type escape sequence to abort.
Tracing the route to 33.33.33.33
VRF info: (vrf in name/id, vrf out name/id)1 47.1.1.7 0 msec 0 msec 0 msec2 67.1.1.6 1 msec 0 msec 0 msec3 36.1.1.3 0 msec * 1 msec
R4#
