文档视界
文档视界 最新最全的文档下载
当前位置:文档视界 › 关于OSPF路由过滤的说明

关于OSPF路由过滤的说明

关于OSPF路由过滤的说明
关于OSPF路由过滤的说明

关于OSPF路由过滤的说明:

内部路由过滤:

distribute-list <1_1000> [标准访问列表] in

作用:

过滤掉路由器自身学到的,符合访问列表规则的路由信息,对OSPF自治系统中别的路由器无影响。

示例:

原来通过OSPF学到路由信息如下:

MP36A#show ip route

MP36A#show ip route

Codes: C - connected, S - static, R - RIP, O - OSPF, OE-OSPF External, M - Management

D - Redirect,

E - EIGRP, EX - EIGRP external, o - ODR, B - BGP

Gateway of last resort is not set

O 119.1.1.0/24 [110/1613] via 192.168.11.2, 00:06:30, serial1/0:1

O 119.2.2.0/24 [110/1613] via 192.168.11.2, 00:06:30, serial1/0:1

O 119.3.3.0/24 [110/1613] via 192.168.11.2, 00:06:30, serial1/0:1

C 129.255.29.0/24 is directly connected, 18:27:53, fastethernet0

O 149.255.29.0/24 [110/833] via 192.168.11.2, 00:06:30, serial1/0:1

O 192.168.1.0/24 [110/832] via 192.168.11.2, 00:06:30, serial1/0:1

O 192.168.2.0/24 [110/51] via 192.168.11.2, 00:06:30, serial1/0:1

C 192.168.4.0/24 is directly connected, 18:26:50, serial0/0

C 192.168.5.0/24 is directly connected, 18:27:50, serial0/1

C 192.168.6.0/24 is directly connected, 18:26:47, serial0/2

O 192.168.7.0/24 [110/782] via 192.168.6.2, 00:06:25, serial0/2

OE 192.168.8.0/24 [150/10000] via 192.168.6.2, 00:06:25, serial0/2

C 192.168.11.0/24 is directly connected, 00:27:49, serial1/0:1

O 192.168.12.0/24 [110/64] via 192.168.11.2, 00:06:30, serial1/0:1

O 192.168.13.0/24 [110/114] via 192.168.11.2, 00:06:30, serial1/0:1

C 192.168.14.0/24 is directly connected, 18:11:48, fastethernet2/0

C 193.168.5.0/24 is directly connected, 18:27:50, serial0/1

C 193.168.6.0/24 is directly connected, 18:26:47, serial0/2

OE 199.0.0.0/8 [150/20] via 192.168.6.2, 00:06:25, serial0/2

O 1.1.1.1/32 [110/1614] via 192.168.11.2, 00:06:30, serial1/0:1

O 3.3.3.3/32 [110/833] via 192.168.11.2, 00:06:30, serial1/0:1

OE 4.4.4.4/32 [150/10000] via 192.168.6.2, 00:06:25, serial0/2

O 5.5.5.5/32 [110/782] via 192.168.5.2, 00:06:25, serial0/1

O 6.6.6.6/32 [110/782] via 192.168.6.2, 00:06:25, serial0/2

O 7.7.7.7/32 [110/52] via 192.168.11.2, 00:06:30, serial1/0:1

O 8.8.8.8/32 [110/1614] via 192.168.11.2, 00:06:30, serial1/0:1

O 16.16.16.16/32 [110/2] via 192.168.14.2, 00:06:30, fastethernet2/0

O 18.18.18.18/32 [110/2] via 192.168.14.4, 00:06:30, fastethernet2/0

C 36.36.36.36/32 is directly connected, 18:27:53, loopback0

O 37.37.37.37/32 [110/51] via 192.168.11.2, 00:06:30, serial1/0:1

O 38.38.38.38/32 [110/65] via 192.168.11.2, 00:06:30, serial1/0:1

O 39.39.39.39/32 [110/115] via 192.168.11.2, 00:06:30, serial1/0:1

O 44.44.44.44/32 [110/1614] via 192.168.11.2, 00:06:30, serial1/0:1

S 129.255.29.9/32 [1/100] is directly connected, 18:27:52, fastethernet0

C 192.168.4.1/32 is directly connected, 18:26:50, serial0/0

C 192.168.5.2/32 is directly connected, 18:27:50, serial0/1

C 192.168.6.2/32 is directly connected, 18:26:47, serial0/2

C 192.168.11.2/32 is directly connected, 00:27:49, serial1/0:1

现使用内部路由过滤,过滤掉上边红色标记路由:

1.配置访问列表:

ip access-list standard 2

deny host 199.0.0.0

deny 119.0.0.0 0.255.255.255

exit

2.配置内部路由过滤:

router ospf

network 192.168.4.0 0.0.0.255 area 0

network 192.168.11.0 0.0.0.255 area 0

network 192.168.5.0 0.0.0.255 area 1

network 192.168.6.0 0.0.0.255 area 1

network 193.168.5.0 0.0.0.255 area 1

network 193.168.6.0 0.0.0.255 area 1

network 36.36.36.36 0.0.0.0 area 1

network 192.168.14.0 0.0.0.255 area 5

area 5 virtual-link 18.18.18.18

redistribute static

distribute-list 2 in

exit

结果:过滤掉了指定路由

MP36A#sh ip route

Codes: C - connected, S - static, R - RIP, O - OSPF, OE-OSPF External, M - Management

D - Redirect,

E - EIGRP, EX - EIGRP external, o - ODR, B - BGP

Gateway of last resort is not set

C 129.255.29.0/24 is directly connected, 18:34:05, fastethernet0

O 149.255.29.0/24 [110/833] via 192.168.11.2, 00:12:43, serial1/0:1

O 192.168.1.0/24 [110/832] via 192.168.11.2, 00:12:43, serial1/0:1

O 192.168.2.0/24 [110/51] via 192.168.11.2, 00:12:43, serial1/0:1

C 192.168.4.0/24 is directly connected, 18:33:02, serial0/0

C 192.168.5.0/24 is directly connected, 18:34:03, serial0/1

C 192.168.6.0/24 is directly connected, 18:33:00, serial0/2

O 192.168.7.0/24 [110/782] via 192.168.6.2, 00:12:38, serial0/2

OE 192.168.8.0/24 [150/10000] via 192.168.6.2, 00:12:38, serial0/2

C 192.168.11.0/24 is directly connected, 00:34:02, serial1/0:1

O 192.168.12.0/24 [110/64] via 192.168.11.2, 00:12:43, serial1/0:1

O 192.168.13.0/24 [110/114] via 192.168.11.2, 00:12:43, serial1/0:1

C 192.168.14.0/24 is directly connected, 18:18:00, fastethernet2/0

C 193.168.5.0/24 is directly connected, 18:34:03, serial0/1

C 193.168.6.0/24 is directly connected, 18:33:00, serial0/2

O 1.1.1.1/32 [110/1614] via 192.168.11.2, 00:12:43, serial1/0:1

O 3.3.3.3/32 [110/833] via 192.168.11.2, 00:12:43, serial1/0:1

OE 4.4.4.4/32 [150/10000] via 192.168.6.2, 00:12:38, serial0/2

O 5.5.5.5/32 [110/782] via 192.168.5.2, 00:12:38, serial0/1

O 6.6.6.6/32 [110/782] via 192.168.6.2, 00:12:38, serial0/2

O 7.7.7.7/32 [110/52] via 192.168.11.2, 00:12:43, serial1/0:1

O 8.8.8.8/32 [110/1614] via 192.168.11.2, 00:12:43, serial1/0:1

O 16.16.16.16/32 [110/2] via 192.168.14.2, 00:12:43, fastethernet2/0

O 18.18.18.18/32 [110/2] via 192.168.14.4, 00:12:43, fastethernet2/0

C 36.36.36.36/32 is directly connected, 18:34:05, loopback0

O 37.37.37.37/32 [110/51] via 192.168.11.2, 00:12:43, serial1/0:1

O 38.38.38.38/32 [110/65] via 192.168.11.2, 00:12:43, serial1/0:1

O 39.39.39.39/32 [110/115] via 192.168.11.2, 00:12:43, serial1/0:1

O 44.44.44.44/32 [110/1614] via 192.168.11.2, 00:12:43, serial1/0:1

S 129.255.29.9/32 [1/100] is directly connected, 18:34:05, fastethernet0

C 192.168.4.1/32 is directly connected, 18:33:02, serial0/0

C 192.168.5.2/32 is directly connected, 18:34:03, serial0/1

C 192.168.6.2/32 is directly connected, 18:33:00, serial0/2

C 192.168.11.2/32 is directly connected, 00:34:02, serial1/0:1

外部路由过滤:

命令:

distribute-list <1_1000> [标准访问列表] out

作用:

此命令在ASBR上有效,即在配置了OSPF重分发的路由器上有效,可以过滤掉指定的外部路由信息(比如满足访问列表规则的外部路由信息),会对整个OSPF自治系统中的外部路由有影响。

示例:

路由器6 ,路由器5 使用OSPF动态路由协议,并且在路由6 的OSPF中配置了对静态路由及Eigrp路由的重分发:

MP6:

router ospf

network 6.6.6.6 0.0.0.0 area 1

network 192.168.6.0 0.0.0.255 area 1

network 192.168.7.0 0.0.0.255 area 1

network 193.168.6.0 0.0.0.255 area 1

summary-address 199.0.0.0 255.0.0.0

redistribute eigrp 100

redistribute static

exit

那么MP5有学到的OSPF外部路由(红色的,即由MP6重分发静态路由及动态路由Eigrp学到的):

mp5#sh ip route

Codes: C - connected, S - static, R - RIP, O - OSPF, OE-OSPF External, M - Management

D - Redirect,

E - EIGRP, EX - EIGRP external, o - ODR, B - BGP

Gateway of last resort is not set

O 119.1.1.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

O 119.2.2.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

O 119.3.3.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

C 192.168.5.0/24 is directly connected, 18:43:00, serial1/0

O 192.168.6.0/24 [110/1562] via 192.168.5.1, 00:21:40, serial1/0

C 192.168.7.0/24 is directly connected, 18:42:05, serial2/0

OE 192.168.8.0/24 [150/10000] via 192.168.7.2, 00:42:21, serial2/0

O 192.168.11.0/24 [110/831] via 192.168.5.1, 00:21:30, serial1/0

O 192.168.12.0/24 [110/845] via 192.168.5.1, 00:21:30, serial1/0

O 193.168.6.0/24 [110/1562] via 192.168.5.1, 00:21:40, serial1/0

[110/1562] via 192.168.7.2, 00:21:40, serial2/0

OE 199.0.0.0/8 [150/20] via 192.168.7.2, 18:41:43, serial2/0

O 1.1.1.1/32 [110/2395] via 192.168.5.1, 00:21:30, serial1/0

O 3.3.3.3/32 [110/1614] via 192.168.5.1, 00:21:30, serial1/0

OE 4.4.4.4/32 [150/10000] via 192.168.7.2, 00:42:15, serial2/0

C 5.5.5.5/32 is directly connected, 45:47:06, loopback0

O 6.6.6.6/32 [110/782] via 192.168.7.2, 18:41:43, serial2/0

C 192.168.5.1/32 is directly connected, 18:43:00, serial1/0

现在MP6上配置标准访问列表,不让别的路由器(MP5)学到以下两条路由

OE 192.168.8.0/24 [150/10000] via 192.168.7.2, 00:42:21, serial2/0

OE 199.0.0.0/8 [150/20] via 192.168.7.2, 18:41:43, serial2/0

ip access-list standard 4

deny 199.0.0.0 0.255.255.255

deny 192.0.0.0 0.255.255.255

exit

在MP6上配置外部路由过滤:

router ospf

network 6.6.6.6 0.0.0.0 area 1

network 192.168.6.0 0.0.0.255 area 1

network 192.168.7.0 0.0.0.255 area 1

network 193.168.6.0 0.0.0.255 area 1

summary-address 199.0.0.0 255.0.0.0

redistribute eigrp redistribute rip

redistribute static

distribute-list 4 out

exit

MP6上配置外部路由过滤后,Mp5不会再学到指定的外部路由信息:

mp5#sh ip route

Codes: C - connected, S - static, R - RIP, O - OSPF, OE-OSPF External, M - Management

D - Redirect,

E - EIGRP, EX - EIGRP external, o - ODR, B - BGP

Gateway of last resort is not set

O 119.1.1.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

O 119.2.2.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

O 119.3.3.0/24 [110/2394] via 192.168.5.1, 00:21:30, serial1/0

C 192.168.5.0/24 is directly connected, 18:43:00, serial1/0

O 192.168.6.0/24 [110/1562] via 192.168.5.1, 00:21:40, serial1/0

C 192.168.7.0/24 is directly connected, 18:42:05, serial2/0

O 192.168.11.0/24 [110/831] via 192.168.5.1, 00:21:30, serial1/0

O 192.168.12.0/24 [110/845] via 192.168.5.1, 00:21:30, serial1/0

O 193.168.6.0/24 [110/1562] via 192.168.5.1, 00:21:40, serial1/0

[110/1562] via 192.168.7.2, 00:21:40, serial2/0

O 1.1.1.1/32 [110/2395] via 192.168.5.1, 00:21:30, serial1/0

O 3.3.3.3/32 [110/1614] via 192.168.5.1, 00:21:30, serial1/0

OE 4.4.4.4/32 [150/10000] via 192.168.7.2, 00:42:15, serial2/0

C 5.5.5.5/32 is directly connected, 45:47:06, loopback0

O 6.6.6.6/32 [110/782] via 192.168.7.2, 18:41:43, serial2/0

C 192.168.5.1/32 is directly connected, 18:43:00, serial1/0

相关文档
相关文档
最新文档

侵权投诉  © 2013-2023 www.docsj.com  站点地图 | 手机版

闽ICP备11023808号-7  本站文档均来自互联网及网友上传分享,本站只负责收集和整理,有任何问题可通过上访投诉通道进行反馈