Cisco OSPF结合前缀列表进行路由过滤实验

一、实验拓扑:

 二、配置实验1:前缀列表过滤路由:

1、基本的配置:

R1:

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

interface FastEthernet0/0

 ip address 192.168.1.1 255.255.255.0

 duplex auto

 speed auto

router ospf 10

 router-id 1.1.1.1

 log-adjacency-changes

 network 1.1.1.1 0.0.0.0 area 1

 network 192.168.1.0 0.0.0.255 area 0

 

R2:

interface Loopback0

 ip address 2.2.2.2 255.255.255.255

interface Loopback1

 ip address 3.3.3.3 255.255.255.255

interface Loopback2

 ip address 4.4.4.4 255.255.255.255       

interface FastEthernet0/0

 ip address 192.168.1.2 255.255.255.0

 duplex auto

 speed auto

router ospf 10

 router-id 3.3.3.3

 log-adjacency-changes

 network 2.2.2.2 0.0.0.0 area 2

 network 3.3.3.3 0.0.0.0 area 0

 network 4.4.4.4 0.0.0.0 area 4

 network 192.168.1.0 0.0.0.255 area 0

 

2、测试R1路由表:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/2] via 192.168.1.2, 00:00:13, FastEthernet0/0

     3.0.0.0/32 is subnetted, 1 subnets

O       3.3.3.3 [110/2] via 192.168.1.2, 00:00:13, FastEthernet0/0

     4.0.0.0/32 is subnetted, 1 subnets

O IA    4.4.4.4 [110/2] via 192.168.1.2, 00:00:13, FastEthernet0/0

C    192.168.1.0/24 is directly connected, FastEthernet0/0

 

3、测试通过在R1上部署前缀列表,让R1只能学习到4.4.4.4的地址:

ip prefix-list filter-ospf seq 5 deny 2.2.2.2/32

ip prefix-list filter-ospf seq 10 deny 3.3.3.3/32

ip prefix-list filter-ospf seq 15 permit 0.0.0.0/0 le 32    //配置允许所有的路由匹配通过

router ospf 10

distribute-list prefix filter-ospf in

 

4、再次测试R1路由表:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     4.0.0.0/32 is subnetted, 1 subnets

O IA    4.4.4.4 [110/2] via 192.168.1.2, 00:00:05, FastEthernet0/0

C    192.168.1.0/24 is directly connected, FastEthernet0/0

 

三、配置实验2:前缀列表链路分流:

1、在R1R2之间增加一条链路,采用前缀列表分流。

R1:

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

interface Ethernet0/0

 ip address 192.168.1.1 255.255.255.252

interface Ethernet0/1

 ip address 192.168.1.5 255.255.255.252

router ospf 10

 router-id 1.1.1.1

 log-adjacency-changes

 network 1.1.1.1 0.0.0.0 area 1

 network 192.168.1.0 0.0.0.3 area 0

 network 192.168.1.4 0.0.0.3 area 0

 

R2:

interface Loopback0

 ip address 2.2.2.2 255.255.255.255

interface Loopback1

 ip address 3.3.3.3 255.255.255.255

interface Loopback2

 ip address 4.4.4.4 255.255.255.255       

interface Ethernet0/0

 ip address 192.168.1.2 255.255.255.252

interface Ethernet0/1

 ip address 192.168.1.6 255.255.255.252

router ospf 10

 router-id 3.3.3.3

 log-adjacency-changes

 network 2.2.2.2 0.0.0.0 area 2

 network 3.3.3.3 0.0.0.0 area 0

 network 4.4.4.4 0.0.0.0 area 4

 network 192.168.1.0 0.0.0.3 area 0

 network 192.168.1.4 0.0.0.3 area 0

 

2、查看R1路由表:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/11] via 192.168.1.6, 00:00:07, Ethernet0/1

                [110/11] via 192.168.1.2, 00:00:07, Ethernet0/0

     3.0.0.0/32 is subnetted, 1 subnets

O       3.3.3.3 [110/11] via 192.168.1.6, 00:00:07, Ethernet0/1

                [110/11] via 192.168.1.2, 00:00:07, Ethernet0/0

     4.0.0.0/32 is subnetted, 1 subnets

O IA    4.4.4.4 [110/11] via 192.168.1.6, 00:00:11, Ethernet0/1

                [110/11] via 192.168.1.2, 00:00:11, Ethernet0/0

     192.168.1.0/30 is subnetted, 2 subnets

C       192.168.1.0 is directly connected, Ethernet0/0

C       192.168.1.4 is directly connected, Ethernet0/1

 

3、在R1上配置前缀列表进行链路分流:

ip prefix-list filter1 seq 5 deny 3.3.3.3/32

ip prefix-list filter1 seq 10 deny 4.4.4.4/32

ip prefix-list filter1 seq 15 permit 0.0.0.0/0 le 32

ip prefix-list filter2 seq 5 deny 2.2.2.2/32

ip prefix-list filter2 seq 10 deny 3.3.3.3/32

ip prefix-list filter2 seq 15 permit 0.0.0.0/0 le 32

 router ospf 10

 distribute-list prefix filter1 in Ethernet0/0

 distribute-list prefix filter2 in Ethernet0/1

 

4、查看配置了前缀列表后的路由表:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/11] via 192.168.1.2, 00:00:06, Ethernet0/0

     4.0.0.0/32 is subnetted, 1 subnets

O IA    4.4.4.4 [110/11] via 192.168.1.6, 00:00:06, Ethernet0/1

     192.168.1.0/30 is subnetted, 2 subnets

C       192.168.1.0 is directly connected, Ethernet0/0

C       192.168.1.4 is directly connected, Ethernet0/1      //实现分流

 

四、配置实验3:前缀列表过滤路由作用于路由重分发:

1OSPFEIGRP路由重分发使用前缀列表控制路由:

R1:

interface Serial0/0

 ip address 172.16.1.1 255.255.255.252

 serial restart-delay 0

router ospf 10

 router-id 1.1.1.1

 log-adjacency-changes

 network 172.16.1.0 0.0.0.3 area 0

 

R2:

interface Loopback0

 ip address 2.2.2.2 255.255.255.0

interface Serial0/0

 ip address 172.16.1.2 255.255.255.252

 serial restart-delay 0

interface Serial0/1

 ip address 198.16.1.1 255.255.255.252

 serial restart-delay 0

router eigrp 10

 network 198.16.1.0 0.0.0.3

router ospf 10

 router-id 2.2.2.2

 log-adjacency-changes

 redistribute eigrp 10 subnets

 network 2.2.2.0 0.0.0.255 area 1

 network 172.16.1.0 0.0.0.3 area 0

 

R3:

interface Loopback0

 ip address 3.3.3.3 255.255.255.0

interface Loopback1

 ip address 4.4.4.4 255.255.255.0

interface Serial0/1

 ip address 198.16.1.2 255.255.255.252

 serial restart-delay 0

router eigrp 10

 network 3.3.3.0 0.0.0.255

 network 4.4.4.0 0.0.0.255

 network 198.16.1.0 0.0.0.3

 no auto-summary

 

2、查看R1的路由表:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

 

Gateway of last resort is not set

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/65] via 172.16.1.2, 00:00:04, Serial0/0

     3.0.0.0/24 is subnetted, 1 subnets

O E2    3.3.3.0 [110/20] via 172.16.1.2, 00:00:04, Serial0/0

     4.0.0.0/24 is subnetted, 1 subnets

O E2    4.4.4.0 [110/20] via 172.16.1.2, 00:00:04, Serial0/0

//从外部网络学习到了3.3.3.0/244.4.4.0/24198.16.1.0/30

     172.16.0.0/30 is subnetted, 1 subnets        

C       172.16.1.0 is directly connected, Serial0/0

     198.16.1.0/30 is subnetted, 1 subnets

O E2    198.16.1.0 [110/20] via 172.16.1.2, 00:00:04, Serial0/0

//学到了全路由

 

3、在R2上布置前缀列表,让R1只能从外部网络学习到4.4.4.4/24

R2(config)#ip prefix-list filter seq 5 permit 4.4.4.0/24

R2(config)#router ospf 10

R2(config-router)#distribute-list prefix filter out eigrp 10   //允许EIGRP路由4.4.4.4被放入OSPF路由表

 

4、测试R1的网络路由表:发现只有4.4.4.0的路由被学习到。

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/65] via 172.16.1.2, 00:02:56, Serial0/0

     4.0.0.0/24 is subnetted, 1 subnets

O E2    4.4.4.0 [110/20] via 172.16.1.2, 00:02:56, Serial0/0

     172.16.0.0/30 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Serial0/0