配置思路:
两边去的包在R1上用mqc进行下一跳重定向
两边回程包在R4上用mqc进行下一跳重定向
最终让内网
192.168.10.0出去的数据包来回全走上面R-1-2-4
192.168.20.0出去的数据包来回全走 下面R1-3-4
R2和R3就是简单ospf配置和宣告,其它没有配置,这里就不贴上去了。
dis current-configuration
[V200R003C00]
acl number 3000
rule 5 permit ip source 192.168.10.0 0.0.0.255 destination 10.0.3.0 0.0.0.255
rule 10 permit ip source 192.168.10.0 0.0.0.255 destination 10.0.4.0 0.0.0.255
acl number 3001
rule 5 permit ip source 192.168.20.0 0.0.0.255 destination 10.0.4.0 0.0.0.255
rule 10 permit ip source 192.168.20.0 0.0.0.255 destination 10.0.3.0 0.0.0.255
traffic classifier 124 operator or
if-match acl 3000
traffic classifier 134 operator or
if-match acl 3001
traffic behavior 124
redirect ip-nexthop 12.1.1.2
traffic behavior 134
redirect ip-nexthop 13.1.1.3
traffic policy admin
classifier 124 behavior 124
classifier 134 behavior 134
interface GigabitEthernet0/0/0
ip address 11.1.1.1 255.255.255.0
traffic-policy admin inbound
ospf enable 1 area 0.0.0.0
interface GigabitEthernet0/0/1
ip address 12.1.1.1 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GigabitEthernet0/0/2
ip address 13.1.1.1 255.255.255.0
ospf enable 1 area 0.0.0.0
ospf 1
import-route direct
area 0.0.0.0
dis current-configuration
sysname hx
undo info-center enable
vlan batch 10 20 30
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
dhcp enable
interface Vlanif1
interface Vlanif10
ip address 192.168.10.1 255.255.255.0
dhcp select interface
interface Vlanif20
ip address 192.168.20.1 255.255.255.0
dhcp select interface
interface Vlanif30
ip address 11.1.1.2 255.255.255.0
ospf enable 1 area 0.0.0.0
interface MEth0/0/1
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
interface GigabitEthernet0/0/2
port link-type access
port default vlan 20
interface GigabitEthernet0/0/3
port link-type access
port default vlan 30
ospf 1
import-route direct
silent-interface Vlanif10
silent-interface Vlanif20
area 0.0.0.0
dis current-configuration
[V200R003C00]
board add 0/4 4GET
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
clock timezone China-Standard-Time minus 08:00:00
portal local-server load portalpage.zip
drop illegal-mac alarm
set cpu-usage threshold 80 restore 75
acl number 3000
rule 10 permit ip source 10.0.3.0 0.0.0.255 destination 192.168.10.0 0.0.0.255
acl number 3001
rule 10 permit ip source 10.0.4.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
traffic classifier 431 operator or
if-match acl 3001
traffic classifier 421 operator or
if-match acl 3000
traffic behavior 431
redirect ip-nexthop 34.1.1.3
traffic behavior 421
redirect ip-nexthop 24.1.1.2
traffic policy 431
classifier 431 behavior 431
traffic policy 421
classifier 421 behavior 421
interface GigabitEthernet0/0/0
ip address 24.1.1.4 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GigabitEthernet0/0/1
ip address 34.1.1.4 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GigabitEthernet0/0/2
ip address 10.0.3.1 255.255.255.0
traffic-policy 421 inbound
interface GigabitEthernet4/0/0
ip address 10.0.4.1 255.255.255.0
traffic-policy 431 inbound
interface NULL0
ospf 1
import-route direct
silent-interface GigabitEthernet0/0/2
silent-interface GigabitEthernet4/0/0
area 0.0.0.0