当前位置：首页 > news >正文

（eNSP）策略路由实验配置

news 来源：原创 2025/5/8 15:14:09

1.实验拓扑

2.基础配置

[SW2]dis cu
#
sysname SW2
#
vlan batch 10 20
#
interface Ethernet0/0/1port link-type accessport default vlan 10
#
interface Ethernet0/0/2port link-type accessport default vlan 20
#
interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 10 20
#

[SW1]dis cu
#
sysname SW1
#
vlan batch 10 20 30
#
interface Vlanif10ip address 192.168.10.254 255.255.255.0
#
interface Vlanif20ip address 192.168.20.254 255.255.255.0
#
interface Vlanif30ip address 192.168.30.2 255.255.255.0
#
interface GigabitEthernet0/0/1port link-type accessport default vlan 30
#
interface GigabitEthernet0/0/2port link-type trunkport trunk allow-pass vlan 10 20
#
ospf 1area 0.0.0.0network 192.168.20.0 0.0.0.255network 192.168.10.0 0.0.0.255network 192.168.30.0 0.0.0.255
#

[R1]dis cu
[V200R003C00]
#sysname R1
#
acl number 2000  rule 5 permit source 192.168.10.0 0.0.0.255 
acl number 2010  rule 5 permit source 192.168.20.0 0.0.0.255 
acl number 2100  rule 5 permit source 192.168.0.0 0.0.255.255 
#
traffic classifier yidong operator orif-match acl 2010
traffic classifier dianxin operator orif-match acl 2000
#
traffic behavior re_dianxinredirect ip-nexthop 12.1.1.2
traffic behavior re_yidongredirect ip-nexthop 13.1.1.3
#
traffic policy pclassifier dianxin behavior re_dianxinclassifier yidong behavior re_yidong
#
interface GigabitEthernet0/0/0ip address 13.1.1.1 255.255.255.0 nat outbound 2100
#
interface GigabitEthernet0/0/1ip address 12.1.1.1 255.255.255.0 nat outbound 2100
#
interface GigabitEthernet0/0/2ip address 192.168.30.1 255.255.255.0 traffic-policy p inbound
#
ospf 1 default-route-advertisearea 0.0.0.0 network 192.168.30.0 0.0.0.255 
#
ip route-static 0.0.0.0 0.0.0.0 12.1.1.2 preference 10
ip route-static 0.0.0.0 0.0.0.0 13.1.1.3
#

[R2]dis cu
[V200R003C00]
#sysname R2
#
interface GigabitEthernet0/0/0ip address 12.1.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1ip address 23.1.1.2 255.255.255.0 
#
interface LoopBack0ip address 2.2.2.2 255.255.255.255 
#
rip 1version 2network 23.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 12.1.1.1

[R3]dis cu
[V200R003C00]
#sysname R3
#
interface GigabitEthernet0/0/0ip address 13.1.1.3 255.255.255.0 
#
interface GigabitEthernet0/0/1ip address 23.1.1.3 255.255.255.0 
#
interface LoopBack0ip address 3.3.3.3 255.255.255.255 
#
rip 1version 2network 23.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 13.1.1.1
#

3.重点配置

[R1]acl 2000
[R1-acl-basic-2000]rule permit source 192.168.10.0 0.0.0.255
[R1-acl-basic-2000]q
[R1]acl 2010
[R1-acl-basic-2010]rule permit source 192.168.20.0 0.0.0.255
[R1-acl-basic-2010]q
[R1]traffic classifier dianxin
[R1-classifier-dianxin]if-match acl 2000
[R1-classifier-dianxin]q
[R1]traffic classifier yidong
[R1-classifier-yidong]if-match acl 2010
[R1-classifier-yidong]q
[R1]traffic behavior re_dianxin
[R1-behavior-re_dianxin]redirect ip-nexthop 12.1.1.2
[R1-behavior-re_dianxin]q
[R1]traffic behavior re_yidong
[R1-behavior-re_yidong]redirect ip-nexthop 13.1.1.3
[R1-behavior-re_yidong]q
[R1]traffic policy p
[R1-trafficpolicy-p]classifier dianxin behavior re_dianxin
[R1-trafficpolicy-p]classifier yidong behavior re_yidong
[R1-trafficpolicy-p]q
[R1]int g0/0/2
[R1-GigabitEthernet0/0/2]traffic-policy p inbound