路由协议相关:
Support: RIPv2,EIGRP,IS-IS,OSPF,BGP
Not Support: RIPV1,IGRP
Packets Format:
RIPv2: 支持16-bit tags 表示为十进制:0 ~ 65535
EIGRP external route TLVs: 支持32-bit tags 表示为十进制:0 ~ 4294967295
OSPF type 5 LSAs: 支持32-bit tags 表示为十进制:0 ~ 4294967295
配置实例:
router ospf 1 redistribute igrp 1 metric 10 subnets tag 1 redistribute rip metric 10 subnets route-map sense network 10.100.200.1 0.0.0.0 area 0 ! router rip network 10.0.0.0 ! router igrp 1 network 10.0.0.0 ! access-list 1 permit 10.1.2.3 access-list 2 permit 10.1.2.4 ! route-map sense permit 10 match ip route-source 1 set tag 2 ! route-map sense permit 20 match ip route-source 2 set tag 3 |
(二) Distribute-list
作用:
<1> 控制路由条目的分发,及路由的重分布。
<2> 建立一个"route firewall"
关于路由协议:
Distance Vector Routing Protocol: Route Filtering可以控制其通告/接收的路由条目,及重分布的路由条目。
Link-State Routing Protocol: Route Filtering只可以控制其在重分布时的路由条目。
注: LS Routing Protocol的一个基本的要求就是在一个area内所有Routers的Link State Database必须一致,所以如果Route Filtering能过滤掉LS Routing Protocol的LSA通告,就违背了LS Routing Protocol的规范。
Case Study: Filtering Specific Routes router rip version 2 network 192.168.75.0 distribute-list 1 in Serial1 ! ip classless access 1 permit 0.0.0.0 Case Study: Route Filtering and Redistribution |
注:
distribute-list 命令用于Link-State Routing Protocol时:
与接口联用: 只能使用in参数
与路由进程联用: 只能使用out参数
两种方案效果相同。与接口联用的方案在抑制route feedback上效果比较好;与路由进程联用的方案在抑制route feedback时,由于在过滤时,相应的路由条目已经进行了路由表,所以失效。
<1> 与接口联用
router ospf 25 redistribute rip metric 100 network 172.16.1.254 0.0.0.0 area 25 network 172.16.8.254 0.0.0.0 area 25 network 172.16.50.254 0.0.0.0 area 25 distribute-list 3 in Ethernet0/0 distribute-list 3 in Ethernet0/1 distribute-list 3 in Ethernet0/2 ! router rip redistribute ospf 25 metric 5 passive-interface Ethernet0/0 passive-interface Ethernet0/1 passive-interface Ethernet0/2 network 192.16.0.0 distribute-list 1 in Ethernet0/3 distribute-list 1 in Ethernet2/0 distribute-ilst 1 in Ethernet2.1 ! ip classless access-list 1 permit 172.16.128.0 0.0.127.255 access-iist 3 permit 172.16.0.0 0.0.127.255 |
<2> 与路由进程联用:
router ospf 25 redistribute rip metric 100 network 172.16.1.254 0.0.0.0 area 25 network 172.16.8.254 0.0.0.0 area 25 network 172.16.50.254 0.0.0.0 area 25 distribute-list 10 out rip ! router rip redistribute ospf 25 metric 5 passive-interface Ethernet0/3 passive-interface Ethernet2/0 passive-interface Ethernet2/1 network 172.16.0.0 distribute-list 20 out ospf 25 ! ip classless access-list 10 permit 172.16.130.0 access-list 10 permit 172.16.145.0 access-list 10 permit 172.16.240.0 access-list 20 permit 172.16.23.0 access-list 20 permit 172.16.9.0 access-list 20 permit 172.16.75.0 |
分页: [1] [2] [3] [4]
- 上一篇:交换机故障发生的类型及分析方法
- 下一篇:优势互联 www.qvsp.com