一.实验要求及拓扑
二.实验思路
1.配置IP地址及环回
2.配置OSPF协议及RIP协议
3.OSPF和RIP进行路由引入
4.在R2上配置路由过滤,使RIP部分无法学到R4业务网段的信息
5.在R4上进行路由过滤(地址前缀列表),使 R4 无法学习到 R1的业务网段路由
6.在R2 RIP进程上配置静默接口,使RIP报文无法进入OSPF区域
三.实验步骤
1、配置IP地址和环回
R1:
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 100.1.1.1 24
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 192.168.0.1 32
[R1-LoopBack0]int l1
[R1-LoopBack1]ip add 192.168.1.1 32
R2:
[R2]int g 0/0/0
[R2-GigabitEthernet0/0/0]ip add 100.1.1.2 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 100.2.2.2 24
R3:
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 100.2.2.3 24
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 100.3.3.3 24
[R3-GigabitEthernet0/0/1]int l0
[R3-LoopBack0]ip add 192.168.2.1 32
[R3-LoopBack0]int l1
[R3-LoopBack1]ip add 192.168.3.1 32
R4:
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 100.3.3.4 24
[R4-GigabitEthernet0/0/0]int l0
[R4-LoopBack0]ip add 192.168.4.1 32
[R4-LoopBack0]int l1
[R4-LoopBack1]ip add 192.168.5.1 32
2.配置OSPF协议及RIP协议
OSPF:
area 0:
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a 0
[R2-ospf-1-area-0.0.0.0]network 100.2.2.0 0.0.0.255
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]network 100.2.2.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 192.168.2.1 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 192.168.3.1 0.0.0.0
area 1:
[R3-ospf-1]a 1
[R3-ospf-1-area-0.0.0.1]ne 100.3.3.0 0.0.0.255
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a 1
[R4-ospf-1-area-0.0.0.1]network 100.3.3.0 0.0.0.255
[R4-ospf-1-area-0.0.0.1]ne 192.168.4.1 0.0.0.0
[R4-ospf-1-area-0.0.0.1]ne 192.168.5.1 0.0.0.0
RIP:
[R1]rip 1
[R1-rip-1]v 2
[R1-rip-1]undo summary
[R1-rip-1]network 100.0.0.0
[R1-rip-1]network 192.168.0.0
[R1-rip-1]network 192.168.1.0
[R2]rip 1
[R2-rip-1]v 2
[R2-rip-1]undo summary
[R2-rip-1]network 100.0.0.0
3.OSPF和RIP进行路由引入
[R2-rip-1]import-route ospf 1
[R2]ospf 1
[R2-ospf-1]import-route rip
4.在R2上配置路由过滤,使RIP部分无法学到R4业务网段的信息
不允许192.168.4.0/23(汇总后的网段)通过的同时,需要允许其他的网段通过
抓取流量:
[R2]acl 2000
[R2-acl-basic-2000]rule deny source 192.168.4.0 0.0.1.255
[R2-acl-basic-2000]rule permit source 0.0.0.0 255.255.255.255
写策略:
[R2]route-policy o2r permit node 10
[R2-route-policy]if-match acl 2000
调用策略:
[R2]rip 1
[R2-rip-1]import-route ospf 1 route-policy o2r
5.在R4上进行路由过滤(地址前缀列表),使 R4 无法学习到 R1的业务网段路由
地址前缀列表:
[R4]ip ip-prefix aa index 10 deny 192.168.0.0 23 less-equal 32
[R4]ip ip-prefix aa index 20 permit 0.0.0.0 0 less-equal 32
[R4]ospf 1
[R4-ospf-1]filter-policy ip-prefix aa import
配置前的路由表:
配置完成后的路由表:
6.在R2 RIP进程上配置静默接口,使RIP报文无法进入OSPF区域
在R2接口上配置静默接口,不发RIP的路由信息
[R2]rip 1
[R2-rip-1]silent-interface g0/0/1
