ccnp學習013--路由與交換（05路由更新與控制)

一 如何控制路由流量

在路由上有多個方法,有完全阻止,過濾,路由表,map,以及策略規劃等.

1.passive-interface command在介面上完全阻止

EX:passiver-interface s0(關閉S0口)

no passiver-interface s1(開啟S1口,RIP協議在預設的情況下是關閉的.)

2.route filtes

配置分發列表.

在出的方向配置

(config-router)#distribute-list {access-list-number|name} out {interface-name|routeing-process|[automous-system number]}

在進的方向.

#distribute-list {access-list-number|name} in [type number]

因為ospf路由之間不是交換的路由資訊,而交換的是LSA,所以在出的方向配置再發布是沒有意義的,但在進的方向配置是起作用的.

例子:

ROUTER B(10.0.0.8/30)介面s1 and s3)分別與ROUTERA(10.1.0.0 10.2.0.0 10.3.0.0)和ROUTERC(10.8.0.0 10.9.0.0 10.10.0.0 10.11.0.0)相連

routerB配置

router ospf 1

network 10.0.0.8 0.0.0.255 area 0

redistribute rip subnets

distribute-list 2 out rip

!

router rip

network 10.0.0.0

version 0

passiver-interface s3

redistribute ospf 1 metric 5

distribute-list 3 out ospf 1

access-list 2 deny 10.3.0.0 0.0.255.255

access-list 2 permit any

access-list 3 permit 10.9.0.0

3.用route map 來控制更新.

與訪問列表相似,都是自上而下的匹配.主要應用:

策略規定.BGP策略應用.再發布的應用.

4.route map的操作.

route-map my_bgp permit 10

:::::::::::::::::::::::

{match statements}

:::::::::::::::::::::::::::

{set statements }

route-map my_bgp deny 20

:::::::::::::::::::::

match ip address x y z 此時表示的關係是or關係,滿足任何一個關係就可以

match ....a

match.....b

match.....c

此時的關係是and關係,三個關係才能滿足才符合條件.

5.

(config-router)#redistribute protocol [process-id]

route-map map-tag

(config)#route-map map-tag [permit|deny][sequence-number]

(config-route-map)#match {conditions }

(config-route-map)#set {actions}

6.match {iptions}

options:

ip address ip-access-list

ip route-source ip-access-list

ip next-hop ip address-list

ip default-next-hop ip address-list

interface type number

metric metric-value

route-type [external|internal|level-1|level-2|local]

還有其它的.

set {options}匹配之後再做修改.

EX:

(config)#route ospf 1

(config-route)#redistribute rip route-map redis-rip

!

(config)#route-map redis-rip permit 10

match ip address 23 29

set metric 500

set metric-type type-1

route-map redis-rip deny 20

match ip address 37

route-map redis-rip permit 30

set metric 5000

set metric-type type-2

access-list 23 permit 10.1.0.0 0.0.255.255

access-list 29 permit 172.16.1.0 0.0.0.255

access-list 37 permit 10.0.0.0 0.255.255.255

[@more@]