1.png 

說明:此Lab練習Redistribute並搭配Route-map、Prefix-list、ACL,只讓某些網段Redistribute

   感謝廖貝貝提供Show Run

 

   Route-map、Prefix-list、ACL使用在Redistribute,有些許差別

   Route-map在編寫上比Prefix-list、ACL麻煩,但彈性較大

   Prefix-list在Subnet Mask的管制上會比ACL設定來的方便

 

   Prefix-list詳細說明參考網址

 

實作條件:

★RO_C 建立多條 Loopback,皆放進RIP v2

 loopback 10 20.3.0.254/24

 loopback 11 20.3.1.254/24

 loopback 12 20.3.2.254/24

 loopback 13 20.3.3.254/24

 

 loopback 20 150.3.0.254/24

 loopback 21 150.3.1.254/24

 loopback 22 150.3.2.254/24

 loopback 23 150.3.3.254/24

 loopback 24 150.3.4.254/23

 loopback 25 150.3.32.254/20

 

 loopback 30 172.3.1.254/24

 loopback 31 190.3.1.254/24

 loopback 31 190.3.2.254/24

 loopback 31 190.3.3.254/24

 

★Redistribute 到 OSPF Policy

 一、20網段只允許Redistribute單數網段(20.3.1.0、20.3.3.0)

   並設定Metric=1000、Type=E1、Tag=20

 二、150網段用IP Prefix-list來match

   只允許Class B且subnet mask 23>x>24

   並設定Metric=2000、Type=E2、Tag=150

 三、190網段只允許Redistribute單數網段(190.3.1.0、190.3.3.0)

   並設定Metric=10


RO_C Show Run如下:

RO_C#sh run

Building configuration...

Current configuration : 2450 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RO_C

!

boot-start-marker

boot-end-marker

!

no aaa new-model

no network-clock-participate slot 1

no network-clock-participate wic 0

ip cef

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

建立全部的Loopback

interface Loopback10

ip address 20.3.0.254 255.255.255.0

!

interface Loopback11

ip address 20.3.1.254 255.255.255.0

!

interface Loopback12

ip address 20.3.2.254 255.255.255.0

!

interface Loopback13

ip address 20.3.3.254 255.255.255.0

!

interface Loopback20

ip address 150.3.0.254 255.255.255.0

!

interface Loopback21

ip address 150.3.1.254 255.255.255.0

!

interface Loopback22

ip address 150.3.2.254 255.255.255.0

!

interface Loopback23

ip address 150.3.3.254 255.255.255.0

!

interface Loopback24

ip address 150.3.4.254 255.255.254.0

!

interface Loopback25

ip address 150.3.32.254 255.255.240.0

!

interface Loopback30

ip address 170.3.1.254 255.255.255.0

!

interface Loopback31

ip address 190.3.1.254 255.255.255.0

!

interface Loopback32

ip address 190.3.2.254 255.255.255.0

!

interface Loopback33

ip address 190.3.3.254 255.255.255.0

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0

ip address 10.140.3.2 255.255.255.0

!

interface FastEthernet0/1

ip address 192.168.103.254 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

!

router ospf 100

log-adjacency-changes

redistribute rip subnets route-map rip_to_ospf

將RIP Redistribute到OSPF並參照Route-map rip_to_ospf

Subnets是將有切割過的子網段也可Redistribute,若沒加,只能Redistribute Classful Subnets

network 10.140.3.2 0.0.0.0 area 0

network 192.168.103.0 0.0.0.255 area 3

!

router rip

version 2

redistribute connected metric 10 route-map loopback_to_rip

將直連的網段Redistribute進RIP並參照Route-map loopback_to_rip

network 10.0.0.0

network 20.0.0.0

network 150.3.0.0

network 170.3.0.0

network 200.3.1.0

no auto-summary

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip prefix-list C seq 5 permit 128.0.0.0/2 ge 23 le 24

利用prefix-list來判斷,只允許Class B並Subnet mask大於23,小於24

access-list 10 permit 20.3.1.0 0.0.254.0

利用ACL來判斷,只允許單數網段(20.3.1.0、20.3.3.0)

!

route-map loopback_to_rip permit 10

match interface Loopback31 Loopback33

建立一條Route-map,名稱為loopback_to_rip,動作為只允許介面loopback31和33

!

route-map rip_to_ospf permit 10

match ip address 10

set metric 1000

set metric-type type-1

set tag 20

建立一條Route-map,名稱為rip_to_ospf

符合ACL 10的IP address將metric=1000、type=E1、tag=20

!

route-map rip_to_ospf permit 20

match ip address prefix-list C

set metric 2000

set metric-type type-2

set tag 150

建立一條Route-map,名稱為rip_to_ospf,接著上面

符合prefix-list C的IP address將metric=2000、type=E2、tag=150

!

control-plane

!

line con 0

line aux 0

line vty 0 4

login

!

!

end

 

arrow
arrow
    全站熱搜
    創作者介紹
    創作者 EdisonChang 的頭像
    EdisonChang

    Coolking's CCNP 筆記

    EdisonChang 發表在 痞客邦 留言(0) 人氣()