实验指南
Wow
conf t
host Wow
int l 0
ip ad 1.1.1.1 255.255.255.255
int f0/0
ip ad 206.191.241.43 255.255.255.248
ip nat outside
no shut
int f1/0
ip ad 172.16.7.7 255.255.255.0
no shut
int s 2/0
ip ad 192.168.1.7 255.255.255.0
no shut
encap f
no arp f
no frame inver
frame map ip 192.168.1.3 102 b
frame map ip 192.168.1.4 103 b
ip nat inside
exit
ip route 0.0.0.0 0.0.0.0 206.191.241.44
access-list 1 permit any
ip nat inside source list 1 interface s2/0 overload
router eigrp 65002
no au
net 192.168.1.7 0.0.0.0
redistribute static metric 10000 100 255 1 1500
line vty 0 4
password cisco
login
end
Plains
conf t
host Plains
int l 0
ip ad 2.2.2.2 255.255.255.255
int s2/0
encap f
no arp f
no frame inver
ip ad 192.168.1.3 255.255.255.0
frame map ip 192.168.1.7 201 b
frame map ip 192.168.1.4 201 b
no shut
int f 0/0
ip ad 172.16.1.3 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 192.168.1.3 0.0.0.0
net 172.16.1.3 0.0.0.0
end
Swamp
conf t
host Swamp
int l 0
ip ad 3.3.3.3 255.255.255.255
int s2/0
ip ad 192.168.1.4 255.255.255.0
encap f
no arp f
no frame inver
frame map ip 192.168.1.7 301 b
frame map ip 192.168.1.3 301 b
no shut
bandwidth 64
int f 0/0
ip ad 172.16.1.4 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.1.4 0.0.0.0
net 192.168.1.4 0.0.0.0
end
Forest
conf t
host Forest
int l 0
ip ad 4.4.4.4 255.255.255.255
int f 0/0
ip ad 172.16.1.6 255.255.255.0
no shut
int f 1/0
ip ad 172.16.2.6 255.255.255.0
no shut
ip route-cache policy
ip policy route-map IPTRAFFIC
exit
access-list 100 permit ip host 172.16.2.10 172.16.7.0 0.0.0.255
access-list 100 permit ip host 172.16.2.5 172.16.7.0 0.0.0.255
access-list 110 deny ip any 172.16.0.0 0.0.255.255
access-list 110 deny ip any 192.168.1.0 0.0.0.255
access-list 110 permit ip host 172.16.2.10 any
access-list 120 deny ip any 172.16.0.0 0.0.255.255
access-list 120 deny ip any 192.168.1.0 0.0.0.255
access-list 120 permit ip host 172.16.2.5 any
route-map IPTRAFFIC permit 10
match ip ad 100
match length 0 1199
set ip next-hop 172.16.1.3
route-map IPTRAFFIC permit 20
match ip ad 100
match length 1200 1544
set ip next-hop 172.16.1.4
route-map IPTRAFFIC permit 30
match ip ad 110
set ip default next-hop 172.16.1.3
route-map IPTRAFFIC permit 40
match ip ad 120
set ip default next-hop 172.16.1.4
router eigrp 65002
no au
net 172.16.1.6 0.0.0.0
net 172.16.2.6 0.0.0.0
end
Mountain
conf t
host Mountain
int l 0
ip ad 5.5.5.5 255.255.255.255
int f 1/0
ip ad 172.16.2.10 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.2.10 0.0.0.0
end
Island
conf t
host Island
int l 0
ip ad 6.6.6.6 255.255.255.255
int f 1/0
ip ad 172.16.2.5 255.255.255.0
no shut
exit
router eigrp 65002
no au
net 172.16.2.5 0.0.0.0
end
校验
Island#ping 192.168.1.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/90/276 ms
Island#ping 206.191.241.43
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 206.191.241.43, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/108/208 ms
Forest#sh ip access
Extended IP access list 100
10 permit ip host 172.16.2.10 172.16.7.0 0.0.0.255
20 permit ip host 172.16.2.5 172.16.7.0 0.0.0.255 (5 matches)
Extended IP access list 110
10 deny ip any 172.16.0.0 0.0.255.255
20 deny ip any 192.168.1.0 0.0.0.255 (10 matches)
30 permit ip host 172.16.2.10 any
Extended IP access list 120
10 deny ip any 172.16.0.0 0.0.255.255
20 deny ip any 192.168.1.0 0.0.0.255 (10 matches)
30 permit ip host 172.16.2.5 any (35 matches)
Forest#sh route
route-map 1, permit, sequence 10
Match clauses:
ip address (access-lists): 110
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 10
Match clauses:
ip address (access-lists): 100
length 0 1199
Set clauses:
ip next-hop 172.16.1.3
Policy routing matches: 5 packets, 570 bytes
route-map IPTRAFFIC, permit, sequence 20
Match clauses:
ip address (access-lists): 100
length 1200 1544
Set clauses:
ip next-hop 172.16.1.4
Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 30
Match clauses:
ip address (access-lists): 110
Set clauses:
ip default next-hop 172.16.1.3
Policy routing matches: 0 packets, 0 bytes
route-map IPTRAFFIC, permit, sequence 40
Match clauses:
ip address (access-lists): 120
Set clauses:
ip default next-hop 172.16.1.4
Policy routing matches: 35 packets, 2646 bytes
本文出自 “穿过地狱去看海” 博客,谢绝转载!