组网需求
- 运行OSPF协议的网络中,Router A从Internet网络接收路由,并为OSPF网络提供Internet路由
- 要求:OSPF网络中只能访问172.1.17.0/24、172.1.18.0/24、172.19.0/24三个网段的网络
- Router C连接的网路只能访问192.18.0/24网段的网络
组网拓扑
配置思路
- 配置路由器基本功能以及各个接口IP地址
- 配置OSPF协议
- 配置路由过滤策略,实现OSPF网络访问固定网段(在Router A上配置)
- 配置路由过滤策略,实现Router C 只能访问固定网段(在Router C上配置)
配置命令
配置各个路由器基本功能以及各个接口IP地址
Router A配置
1
2
3
4
5
6sys
sys Router A
int g0/0/0
ip add 192.168.1.1 30
int LoopBack 0
ip add 1.1.1.1 32
Router B配置
1
2
3
4
5
6
7
8
9
10sys
sys Router B
int g0/0/0
ip add 192.168.1.2 30
int g0/0/1
ip add 192.168.2.1 30
int g0/0/2
ip add 192.168.3.1 30
int LoopBack 0
ip add 2.2.2.2 32
Router C配置
1
2
3
4
5
6sys
sys Router C
int g0/0/1
ip add 192.1638.2.2 30
int LoopBack 0
ip add 3.3.3.3 32
Router D配置
1
2
3
4
5
6sys
sys Router D
int g0/0/2
ip add 192.168.3.2 30
int LoopBack 0
ip add 4.4.4.4 32
配置OSPF协议
Router A配置
1
2
3
4sys
ospf 1 router-id 1.1.1.1
area 0
network 192.168.1.0 0.0.0.3
Router B配置
1
2
3
4
5
6sys
ospf 1 router-id 2.2.2.2
area 0
network 192.168.1.0 0.0.0.3
network 192.168.2.0 0.0.0.3
network 192.168.3.0 0.0.0.3
Router C配置
1
2
3
4sys
ospf 1 rotuer-id 3.3.3.3
area 0
network 192.168.2.0 0.0.0.3
Router D配置
1
2
3
4sys
ospf 1 router-id 4.4.4.4
area 0
network 192.168.3.0 0.0.0.3
配置引入路由
Router A配置
1
2
3
4
5
6
7
8
9sys
ip route-static 172.1.16.0 24 NULL 0
ip route-static 172.1.17.0 24 NULL 0
ip route-static 172.1.18.0 24 NULL 0
ip route-static 172.1.19.0 24 NULL 0
ip route-static 172.1.20.0 24 NULL 0
ospf 1
import-route static
配置路由策略
Router A只宣告固定网段路由的策略
1
2
3
4
5
6sys
ip ip-prefix OSPF_List index 1 deny 172.1.16.0 24
ip ip-prefix OSPF_List index 2 permit 172.1.17.0 22 greater-equal 22 less-equal 32
ospf 1
filter-policy ip-prefix OSPF_List export static
Router C只接受固定网段路由的策略
1
2
3
4
5sys
ip ip-prefix OSPF_List index 1 permit 172.1.18.0
ospf 1
filter-policy ip-prefix OSPF_List import
结果查看
未配置路由策略前的路由表(以Router B为例)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43display ip routing-table
<Router B>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 19 Routes : 19
Destination/Mask Proto Pre Cost Flags NextHop Interface
2.2.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.16.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.17.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.18.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.19.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.20.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
192.168.1.0/30 Direct 0 0 D 192.168.1.2 GigabitEthernet
0/0/0
192.168.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.1.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.2.0/30 Direct 0 0 D 192.168.2.1 GigabitEthernet
0/0/1
192.168.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.2.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.3.0/30 Direct 0 0 D 192.168.3.1 GigabitEthernet
0/0/2
192.168.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
192.168.3.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Router A配置路由策略后的路由表
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39display ip routing-table
<Router B>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 17 Routes : 17
Destination/Mask Proto Pre Cost Flags NextHop Interface
2.2.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.17.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.18.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
172.1.19.0/24 O_ASE 150 1 D 192.168.1.1 GigabitEthernet
0/0/0
192.168.1.0/30 Direct 0 0 D 192.168.1.2 GigabitEthernet
0/0/0
192.168.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.1.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
192.168.2.0/30 Direct 0 0 D 192.168.2.1 GigabitEthernet
0/0/1
192.168.2.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.2.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.3.0/30 Direct 0 0 D 192.168.3.1 GigabitEthernet
0/0/2
192.168.3.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
192.168.3.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/2
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Router C配置路由策略后的路由表
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23display ip routing-table
<Router C>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
3.3.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.1.18.0/24 O_ASE 150 1 D 192.168.2.1 GigabitEthernet
0/0/1
192.168.2.0/30 Direct 0 0 D 192.168.2.2 GigabitEthernet
0/0/1
192.168.2.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.2.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0Router C的OSPF协议的路由表
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21display ospf routing
<Router C>dis ospf routing
OSPF Process 1 with Router ID 3.3.3.3
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.2.0/30 1 Transit 192.168.2.2 3.3.3.3 0.0.0.0
192.168.1.0/30 2 Transit 192.168.2.1 1.1.1.1 0.0.0.0
192.168.3.0/30 2 Transit 192.168.2.1 2.2.2.2 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.1.17.0/24 1 Type2 1 192.168.2.1 1.1.1.1
172.1.18.0/24 1 Type2 1 192.168.2.1 1.1.1.1
172.1.19.0/24 1 Type2 1 192.168.2.1 1.1.1.1
Total Nets: 6
Intra Area: 3 Inter Area: 0 ASE: 3 NSSA: 0
