实验指南:路由策略

实验指南
 
 
Wow
conf t
host Wow
int l 0
ip ad 1.1.1.1 255.255.255.255
int f0/0
ip ad 206.191.241.43 255.255.255.248
ip nat outside
no shut
int  f1/0
ip ad 172.16.7.7 255.255.255.0
no shut
int s 2/0
ip ad 192.168.1.7 255.255.255.0
no shut
encap f
no arp f
no frame inver
frame map ip 192.168.1.3 102 b
frame map ip 192.168.1.4 103 b
ip nat inside
exit
ip route 0.0.0.0 0.0.0.0 206.191.241.44
access-list 1 permit any
ip nat inside source list 1 interface s2/0 overload
router eigrp 65002
no au
net 192.168.1.7 0.0.0.0
redistribute static metric 10000 100 255 1 1500
line vty 0 4
password cisco
login
end

Plains
conf t
host Plains
int l 0
ip ad 2.2.2.2 255.255.255.255
int s2/0
encap f
no arp f
no frame inver
ip ad 192.168.1.3 255.255.255.0
frame map ip 192.168.1.7 201 b
frame map ip 192.168.1.4 201 b
no shut
int f 0/0
ip ad 172.16.1.3 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 192.168.1.3 0.0.0.0
net 172.16.1.3 0.0.0.0
end

Swamp
conf t
host Swamp
int  l 0
ip ad 3.3.3.3 255.255.255.255
int s2/0
ip ad 192.168.1.4 255.255.255.0
encap f
no arp f
no frame inver
frame map ip 192.168.1.7 301 b
frame map ip 192.168.1.3 301 b
no shut
bandwidth 64
int f 0/0
ip ad 172.16.1.4 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.1.4 0.0.0.0
net 192.168.1.4 0.0.0.0
end

Forest
conf t
host Forest
int l 0
ip ad 4.4.4.4 255.255.255.255
int f 0/0
ip ad 172.16.1.6 255.255.255.0
no shut
int f 1/0
ip ad 172.16.2.6 255.255.255.0
no shut
ip route-cache policy
ip policy route-map IPTRAFFIC
exit
access-list 100 permit ip host 172.16.2.10 172.16.7.0 0.0.0.255
access-list 100 permit ip host 172.16.2.5 172.16.7.0 0.0.0.255
access-list 110 deny ip any 172.16.0.0 0.0.255.255
access-list 110 deny ip any 192.168.1.0 0.0.0.255
access-list 110 permit ip host 172.16.2.10 any
access-list 120 deny ip any 172.16.0.0 0.0.255.255
access-list 120 deny ip any 192.168.1.0 0.0.0.255
access-list 120 permit ip host 172.16.2.5 any
route-map IPTRAFFIC permit 10
match ip ad 100
match length 0 1199
set ip next-hop 172.16.1.3
route-map IPTRAFFIC permit 20
match ip ad 100
match length 1200 1544
set ip next-hop 172.16.1.4
route-map IPTRAFFIC permit 30
match ip ad 110
set ip default next-hop 172.16.1.3
route-map IPTRAFFIC permit 40
match ip ad 120
set ip default next-hop 172.16.1.4
router eigrp 65002
no au
net 172.16.1.6 0.0.0.0
net 172.16.2.6 0.0.0.0
end

Mountain
conf t
host Mountain
int l 0
ip ad 5.5.5.5 255.255.255.255
int f 1/0
ip ad 172.16.2.10 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.2.10 0.0.0.0
end

Island
conf t
host Island
int l 0
ip ad 6.6.6.6 255.255.255.255
int f 1/0
ip ad 172.16.2.5 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.2.5 0.0.0.0
end
 
 
校验
Island#ping 192.168.1.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/90/276 ms

Island#ping 206.191.241.43
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 206.191.241.43, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/108/208 ms
 
 
Forest#sh ip access
Extended IP access list 100
    10 permit ip host 172.16.2.10 172.16.7.0 0.0.0.255
    20 permit ip host 172.16.2.5 172.16.7.0 0.0.0.255 (5 matches)
Extended IP access list 110
    10 deny ip any 172.16.0.0 0.0.255.255
    20 deny ip any 192.168.1.0 0.0.0.255 (10 matches)
    30 permit ip host 172.16.2.10 any
Extended IP access list 120
    10 deny ip any 172.16.0.0 0.0.255.255
    20 deny ip any 192.168.1.0 0.0.0.255 (10 matches)
    30 permit ip host 172.16.2.5 any (35 matches)

Forest#sh route   
route-map 1, permit, sequence 10
  Match clauses:
    ip address (access-lists): 110
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 10
  Match clauses:
    ip address (access-lists): 100
    length 0 1199
  Set clauses:
    ip next-hop 172.16.1.3
  Policy routing matches: 5 packets, 570 bytes
route-map IPTRAFFIC, permit, sequence 20
  Match clauses:
    ip address (access-lists): 100
    length 1200 1544
  Set clauses:
    ip next-hop 172.16.1.4
  Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 30
  Match clauses:
    ip address (access-lists): 110
  Set clauses:
    ip default next-hop 172.16.1.3
  Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 40
  Match clauses:
    ip address (access-lists): 120
  Set clauses:
    ip default next-hop 172.16.1.4
  Policy routing matches: 35 packets, 2646 bytes
 

本文出自 “穿过地狱去看海” 博客,谢绝转载!

你可能感兴趣的:(职场,acl,休闲,实验指南,route-map)