os:所有的网段,左端为地址为10.1.X.1,右端地址为10.1.X.2,掩码为24位
另:此拓扑为真机连接示意图,红点忽略不计
出现问题
1.由于交换机对ospf和rip协议的信任问题,sw3会优先选择ospf协议,与sw5之间的通信无法直接到达(sw3->sw5)而是会绕一个圈先到达(sw2->sw4->sw5),同理,sw4也会出现反向绕圈。
os:只有在ospf出现多区域时出现此种情况,如果全部区域都为area 0 则不会出现这种情况
虚线为理想到达路线,实线为实际到达路线。
试验目的
1.完成ospf与rip双向重分发
2.实现路径:
在SW1上:
traceroute 172.16.3.1or 10.1.1.2 :sw1->sw2->sw3->sw5
traceroute 172.16.4.1or 10.1.2.2 :sw1->sw2->sw4->sw5
在SW5上:
traceroute 172.16.1.1 :sw5->sw3->sw2->sw1
traceroute 172.16.2.1 :sw5->sw4->sw2->sw1
基础配置
sw1
interface GigabitEthernet 0/3
no switchport
ip address 10.1.5.1 255.255.255.0interface Loopback 0
ip address 172.16.1.1 255.255.255.255
interface Loopback 1
ip address 172.16.2.1 255.255.255.255sw2
interface GigabitEthernet 0/1
no switchport
ip address 10.1.3.1 255.255.255.0
!
interface GigabitEthernet 0/2
no switchport
ip address 10.1.4.1 255.255.255.0
!
interface GigabitEthernet 0/3
no switchport
ip address 10.1.5.2 255.255.255.0sw3
interface GigabitEthernet 0/1
no switchport
ip address 10.1.3.2 255.255.255.0
!
interface GigabitEthernet 0/2
no switchport
ip address 10.1.1.1 255.255.255.0sw4
interface GigabitEthernet 0/1
no switchport
ip address 10.1.2.1 255.255.255.0
!
interface GigabitEthernet 0/2
no switchport
ip address 10.1.4.2 255.255.255.0sw5
interface GigabitEthernet 0/1
no switchport
ip address 10.1.2.2 255.255.255.0
!
interface GigabitEthernet 0/2
no switchport
ip address 10.1.1.2 255.255.255.0interface Loopback 0
ip address 172.16.3.1 255.255.255.255
interface Loopback 1
ip address 172.16.4.1 255.255.255.255OSPF配置
sw1
router ospf 10
router-id 10.1.5.1
y
network 10.1.5.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.0 area 0
network 172.16.2.0 0.0.0.0 area 0sw2
router ospf 10
router-id 10.1.5.2
y
network 10.1.3.0 0.0.0.255 area 1
network 10.1.4.0 0.0.0.255 area 2
network 10.1.5.0 0.0.0.255 area 0sw3
router ospf 10
network 10.1.3.0 0.0.0.255 area 1sw4
router ospf 10
network 10.1.4.0 0.0.0.255 area 2RIP配置
sw3/sw4
router rip
version 2
network 10.0.0.0
no auto-summarysw5
router rip
version 2
network 10.0.0.0
network 172.16.0.0
no auto-summary双向路由过滤重分发
目的:让ospf和rip互相学习,实线全网通
在ospf中 redistribute rip subnets,rip中redistribute ospf 10简单的重分发就会导致绕路问题,所以本次实践中我使用了前缀列表抓取路由,设置route-map,然后进行具体双向重分发,解决绕路问题。
sw3
ip prefix-list ruijie seq 10 permit 172.16.3.1/32
ip prefix-list ruijie seq 20 permit 10.1.1.0/24
ip prefix-list ruijie seq 30 permit 172.16.4.1/32
route-map aaa permit 10
match ip address prefix-list ruijie
router ospf 10
redistribute rip subnets route-map aaa ip prefix-list bbb seq 10 permit 172.16.1.1/32
ip prefix-list bbb seq 20 permit 10.1.5.0/24
ip prefix-list bbb seq 30 permit 10.1.3.0/24
route-map bbb
match ip address prefix-list bbb
router rip
redistribute ospf 10 route-map bbbsw4
ip prefix-list ruijie seq 10 permit 172.16.4.1/32
ip prefix-list ruijie seq 20 permit 10.1.2.0/24
ip prefix-list ruijie seq 30 permit 172.16.3.0/24
route-map aaa permit 10
match ip address prefix-list ruijie
router ospf 10
redistribute rip subnets route-map aaa ip prefix-list bbb seq 10 permit 172.16.2.1/32
ip prefix-list bbb seq 20 permit 10.1.5.0/24
ip prefix-list bbb seq 30 permit 10.1.4.0/24
route-map bbb
match ip address prefix-list bbb
route rip
redistribute ospf 10 route-map bbbroute-map的执行语句
route-map test permit 10
match x y z
match a
set b
set c
route-map test permit 20
match q
set r
deny all(系统隐含)
If (x or y or z) and a
then set (b and c)
else if q
then set r
else set nothing
route-map-name给路由图定义一个便于记忆的名字。redistribute 路由进程配置命令是通过该名字引用路由图的。一个路由图可以定义多个路由图策略,一个路由图策略对应一个序号。
permit/deny sequence-number
permit
(可选)如果定义了permit关键字,又符合match定义的匹配规则。则set命令对重分布路由进行控制;对于策略路由,set命令将对数据包转发进行控制。并退出路由图的操作。
如果定义了permit关键字,而不符合match定义的匹配规则。则将进入第二个路由图策略进行操作。直到最终执行了set命令。
deny
(可选)如果定义了deny关键字,又符合match定义的匹配规则。则不会执行任何操作,该路由图策略不允许进行路由重分布或策略路由,而且退出路由图操作。
如果定义了deny关键字,而不符合match定义的匹配规则。则将进入下一个路由图策略进行操作。直到最终执行了set命令。
sequence-number
路由图策略对应的序号。低序号的策略优先得到使用,因此需要注意序号的设置。
验证
