当前位置: 首页 > news >正文

路由策略实验配置

news 2025/9/10 10:12:55

0.原理

0.1、策略路由原理

策略路由:通过定义策略和应用,实现数据流量按照规划的路径走,比如张三走联通出口,李四走电信出口(策略路由的优先级比普通路由表优先级更高)。

路由策略是通过ACL等方式控制路由发布,让对方学到适当路由条目,比如有20条路由条目,只想让某个路由器学到10条,可以通过路由策略进行过滤。

路由策略和策略路由是两种不同的机制,主要区别如下:

路由策略策略路由
基于策略控制路由信息的引入、发布、接收基于策略控制报文的转发,即可以不按照路由表转发报文,而是通过按照策略需要转发,转发失败后再通过查找路由表转发
基于控制平面,为路由协议和路由表服务基于转发平面,为转发策略服务
与路由协议结合完成策略,应用命令route-policy需要手工逐跳配置,以保证报文按策略转发,应用命令traffic-policy

1.拓扑图

1757235284467

2.实验步骤

实现的效果:

三个路由器,分配配置RIPv2,OSPF,分别学到路由信息,并设备cost。

在R1中配置IP地址和RIPv2
<Huawei>sys
[Huawei]sysname R1
[R1]interface g0/0/0
[R1-GigabitEthernet0/0/0]ip add 12.1.1.1 30
[R1-GigabitEthernet0/0/0]int lo0
[R1-LoopBack0]ip add 10.1.1.1 24
[R1-LoopBack0]int lo1
[R1-LoopBack1]ip add 10.1.2.1 24
[R1-LoopBack1]int lo2
[R1-LoopBack2]ip add 10.1.3.1 24
[R1-LoopBack2]q[R1]rip 
[R1-rip-1]version 2
[R1-rip-1]network 12.0.0.0
[R1-rip-1]network 10.0.0.0
[R1-rip-1]q

在R2中配置IP地址、RIPv2、OSPF
<Huawei>sys
[Huawei]sysname R2 
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 30
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 23.1.1.1 30
[R2-GigabitEthernet0/0/1]q
[R2]ping 12.1.1.1PING 12.1.1.1: 56  data bytes, press CTRL_C to breakReply from 12.1.1.1: bytes=56 Sequence=1 ttl=255 time=70 msReply from 12.1.1.1: bytes=56 Sequence=2 ttl=255 time=30 msReply from 12.1.1.1: bytes=56 Sequence=3 ttl=255 time=10 msReply from 12.1.1.1: bytes=56 Sequence=4 ttl=255 time=10 msReply from 12.1.1.1: bytes=56 Sequence=5 ttl=255 time=20 ms--- 12.1.1.1 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 10/28/70 ms[R2]rip 
[R2-rip-1]version 2
[R2-rip-1]network 12.0.0.0
[R2-rip-1]q[R2]dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 13       Routes : 13       Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface10.1.1.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/010.1.2.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/010.1.3.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/012.1.1.0/30  Direct  0    0           D   12.1.1.2        GigabitEthernet0/0/012.1.1.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/012.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/023.1.1.0/30  Direct  0    0           D   23.1.1.1        GigabitEthernet0/0/123.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/123.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0[R2]ospf 
[R2-ospf-1]are	
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]net	
[R2-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.3
[R2-ospf-1-area-0.0.0.0]q
[R2-ospf-1]

在R3中配置,IP地址、OSPF
<Huawei>sys
[Huawei]sysname R3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 23.1.1.2 30
[R3-GigabitEthernet0/0/0]int lo0
[R3-LoopBack0]ip add 30.1.1.1 24
[R3-LoopBack0]int lo1
[R3-LoopBack1]ip add 30.1.2.1 24
[R3-LoopBack1]int lo2
[R3-LoopBack2]ip add 30.1.3.1 24
[R3-LoopBack2]q[R3]ospf 1
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.3
[R3-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[R3-ospf-1-area-0.0.0.0]q
[R3-ospf-1]q

在R2中查看路由表有没有学到R2中的路由信息
<R2>dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 16       Routes : 16       Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface10.1.1.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/010.1.2.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/010.1.3.0/24  RIP     100  1           D   12.1.1.1        GigabitEthernet0/0/012.1.1.0/30  Direct  0    0           D   12.1.1.2        GigabitEthernet0/0/012.1.1.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/012.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/023.1.1.0/30  Direct  0    0           D   23.1.1.1        GigabitEthernet0/0/123.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/123.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/130.1.1.1/32  OSPF    10   1           D   23.1.1.2        GigabitEthernet0/0/130.1.2.1/32  OSPF    10   1           D   23.1.1.2        GigabitEthernet0/0/130.1.3.1/32  OSPF    10   1           D   23.1.1.2        GigabitEthernet0/0/1127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

经过上述配置之后,R2拥有R1和R3的路由信息,但是R1和R3并没有彼此的路由信息,需要在R2上进行路由的重分发。

在R2中配置,实现指定的网段,被引用到R3中
1.配置ACL,允许10.1.2.0 和 10.1.3.0 两个网段
[R2]acl 2000
[R2-acl-basic-2000]rule 10 permit source 10.1.2.0 0.0.0.255
[R2-acl-basic-2000]rule 20 permit source 10.1.3.0 0.0.0.255
[R2-acl-basic-2000]q2.配置路由策略
[R2]route-policy fromR1 permit ?node  Node of the route policy
[R2]route-policy fromR1 permit node ?INTEGER<0-65535>  Index of the node
[R2]route-policy fromR1 permit node 10 
Info: New Sequence of this List.
[R2-route-policy]if-match acl 2000
[R2-route-policy]q3.通过R3中的OSPF来引入网段,
import-route rip 1  增加后面的路由策略进行限制,指定特定的网段被引入:route-policy fromR1 [R2]ospf 1
[R2-ospf-1]import-route rip 1 ?cost          Set costroute-policy  Route policytag           Specify route tagtype          Metric type of the imported external routes<cr>          Please press ENTER to execute command 
[R2-ospf-1]import-route rip 1 route-policy ?STRING<1-40>  Name of the route policyfromR1        Name of the route policy
[R2-ospf-1]import-route rip 1 route-policy fromR1 
[R2-ospf-1]q

在R3中查看路由表,指定的路由信息已经被引入:
如:10.1.2.0/24  O_ASE   150  1  <R3>dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 18       Routes : 18       Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface10.1.2.0/24  O_ASE   150  1           D   23.1.1.1        GigabitEthernet0/0/010.1.3.0/24  O_ASE   150  1           D   23.1.1.1        GigabitEthernet0/0/023.1.1.0/30  Direct  0    0           D   23.1.1.2        GigabitEthernet0/0/023.1.1.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/023.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/030.1.1.0/24  Direct  0    0           D   30.1.1.1        LoopBack030.1.1.1/32  Direct  0    0           D   127.0.0.1       LoopBack030.1.1.255/32  Direct  0    0           D   127.0.0.1       LoopBack030.1.2.0/24  Direct  0    0           D   30.1.2.1        LoopBack130.1.2.1/32  Direct  0    0           D   127.0.0.1       LoopBack130.1.2.255/32  Direct  0    0           D   127.0.0.1       LoopBack130.1.3.0/24  Direct  0    0           D   30.1.3.1        LoopBack230.1.3.1/32  Direct  0    0           D   127.0.0.1       LoopBack230.1.3.255/32  Direct  0    0           D   127.0.0.1       LoopBack2127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
在R2中配置,实现指定的网段,被引用到R1中
[R2]acl 2001
[R2-acl-basic-2001]rule 20 permit source 30.1.2.0 0.0.0.255
[R2-acl-basic-2001]rule 30 permit source 30.1.3.0 0.0.0.255
[R2-acl-basic-2001]q[R2]route-policy ?STRING<1-40>  Name of the route policyfromR1        Name of the route policyfromR3        Name of the route policy
[R2]route-policy fromR3 permit ?node  Node of the route policy
[R2]route-policy fromR3 permit node 20
[R2-route-policy]if-match acl 2001
[R2-route-policy]apply cost 10
[R2-route-policy]q[R2]rip 1
[R2-rip-1]import-route ospf 1 route-policy ?STRING<1-40>  Name of the route policyfromR1        Name of the route policyfromR3        Name of the route policy
[R2-rip-1]import-route ospf 1 route-policy fromR3
[R2-rip-1]q

在R1中查看路由表,指定的路由信息已经被引入:
<R1>dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 18       Routes : 18       Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface10.1.1.0/24  Direct  0    0           D   10.1.1.1        LoopBack010.1.1.1/32  Direct  0    0           D   127.0.0.1       LoopBack010.1.1.255/32  Direct  0    0           D   127.0.0.1       LoopBack010.1.2.0/24  Direct  0    0           D   10.1.2.1        LoopBack110.1.2.1/32  Direct  0    0           D   127.0.0.1       LoopBack110.1.2.255/32  Direct  0    0           D   127.0.0.1       LoopBack110.1.3.0/24  Direct  0    0           D   10.1.3.1        LoopBack210.1.3.1/32  Direct  0    0           D   127.0.0.1       LoopBack210.1.3.255/32  Direct  0    0           D   127.0.0.1       LoopBack212.1.1.0/30  Direct  0    0           D   12.1.1.1        GigabitEthernet0/0/012.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/012.1.1.3/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/030.1.2.1/32  RIP     100  1           D   12.1.1.2        GigabitEthernet0/0/030.1.3.1/32  RIP     100  1           D   12.1.1.2        GigabitEthernet0/0/0127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

文章转载自:

http://M2YSQEtn.Lsqxh.cn
http://udXI3J1Q.Lsqxh.cn
http://ng76WNzu.Lsqxh.cn
http://G6w9C33C.Lsqxh.cn
http://qCy5UJjg.Lsqxh.cn
http://dDRiAYLt.Lsqxh.cn
http://8knPKTT7.Lsqxh.cn
http://LqETCjmS.Lsqxh.cn
http://PFzW2rIJ.Lsqxh.cn
http://yYChMDzY.Lsqxh.cn
http://78J1Qtmd.Lsqxh.cn
http://Tul0SuKL.Lsqxh.cn
http://mJxFn4QF.Lsqxh.cn
http://GSwRR2uN.Lsqxh.cn
http://xsFOEJcY.Lsqxh.cn
http://YSaAQ0ju.Lsqxh.cn
http://YcewCwB7.Lsqxh.cn
http://QcbCpKP6.Lsqxh.cn
http://vXUSZ4Gm.Lsqxh.cn
http://IYZ18rBO.Lsqxh.cn
http://St9aqIeV.Lsqxh.cn
http://YaWdXNFD.Lsqxh.cn
http://XGkTyfs9.Lsqxh.cn
http://pSThKmqF.Lsqxh.cn
http://LBz4wig2.Lsqxh.cn
http://2NL8FGju.Lsqxh.cn
http://9j749TFG.Lsqxh.cn
http://yhr0cE0E.Lsqxh.cn
http://bUUI8Nii.Lsqxh.cn
http://G7E3aFw4.Lsqxh.cn
http://www.dtcms.com/a/371344.html

相关文章:

  • 【高并发内存池】五、页缓存的设计
  • PHP - OPcache 字节码缓存 - 学习/实践
  • redis学习——七
  • nginx反向代理不转发静态文件的解决办法
  • Webassemly和声明宏的联合使用
  • 选拔考试复现
  • 【Linux】 进程控制
  • C++ 连接 Redis:redis-plus-plus 安装与使用入门指南
  • K8s访问控制(二)
  • PerfTest:轻量高性能压测工具,兼容 HTTP/1/2/3、WebSocket,并带实时监控
  • 【Linux基础】fdisk命令详解:从入门到精通的磁盘分区管理完全指南
  • 【从零开始学习Redis】秒杀优化——阻塞队列、消息队列实现异步秒杀
  • 【基于深度学习的中草药识别系统】
  • AI 驱动数据分析:开源 SQLBot 项目探索,基于大模型和 RAG 实现精准问数与图表挖掘
  • 延迟 队列
  • 宋红康 JVM 笔记 Day14|垃圾回收概述
  • 【ICCV2025】计算机视觉|即插即用|ESC:颠覆Transformer!超强平替,ESC模块性能炸裂!
  • 手机能看、投屏 / 车机不能看与反向链接验证类似吗?
  • Xilinx ZYNQ 开发环境中搭建 Qt 环
  • leetcode909.蛇梯棋
  • JAVA NIO学习笔记基础强化学习总结
  • 基于51单片机手机无线蓝牙APP控制风扇调速设计
  • 力扣hot100:相交链表与反转链表详细思路讲解(160,206)
  • 如何在 DevOps 管道中实现 AI?
  • 【Java基础07】面向对象进阶
  • 动态维护有效区间:滑动窗口
  • 桌面时间 Catime
  • 解锁服务器网络配置新姿势:Wisdom SSH 助力之旅
  • 设计模式:状态模式(State Pattern)
  • 【ARM基础知道】