1.拓扑图
链接:https://pan.baidu.com/s/1CaDJS-GpQluJy3-STP-90Q
提取码:8888
eNSP
链接:https://pan.baidu.com/s/1wP0vHim4yqVV0bc0wmzhFw
提取码:8888
R1、R2运行RIPv2,R2、R3运行OSPF。R1上开设三个Loopback接口;R1并没有在这三个接口上激活RIPv2。
2.网络需求
a.R1在RIP视图中只使用network命令激活GE0/0/0接口,而三个Loopback接口不能激活RIP,要求R2能够通过RIP学习到除了192.168.3.0/24路由之外的其他两条Loopback路由;
b.在R2上部署路由重发布,将RIP路由注入到OSPF使得R3能够学习到192.168.1.0/24及192.168.2.0/24这两条路由,同时要求192.168.1.0/24这条路由在R3的路由表中度量值显示10,而192.168.1.0/24这条路由在R3的路由表中度量值显示20,两条外部路由类型均为Type2。
c.要求R3能够访问192.168.1.1及192.168.2.1。
3.配置
当使用ACL来抓取路由时ACL的书写方法,例如要抓取192.168.1.0/24这条路由,ACL的规则是“rule permit source 192.168.1.0 0.0.0.0“,通配符不是0.0.0.255而是0.0.0.0,这是因为基本ACL在匹配路由时,只能匹配路由的网络号,而无法匹配路由的掩码,因此通配符写成0.0.0.0,表示精确匹配192.168.1.0这个网络号。
3.1 R1的配置
display current-configuration
sysname R1
acl number 2000
rule 5 deny source 192.168.3.0 0
rule 10 permit
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.12.1 255.255.255.0
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/3
wlan
interface NULL0
interface LoopBack1
ip address 192.168.1.1 255.255.255.0
interface LoopBack2
ip address 192.168.2.1 255.255.255.0
interface LoopBack3
ip address 192.168.3.1 255.255.255.0
rip 1
version 2
network 192.168.12.0
import-route direct route-policy 1to2
route-policy 1to2 permit node 10
if-match acl 2000
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
3.2R2的配置
display current-configuration
sysname R2
acl number 2001
rule 5 permit source 192.168.1.0 0
acl number 2002
rule 5 permit source 192.168.2.0 0
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.12.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.23.2 255.255.255.0
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/3
wlan
interface NULL0
ospf 1 router-id 2.2.2.2
import-route rip 1 route-policy r2o
area 0.0.0.0
network 192.168.23.0 0.0.0.255
rip 1
version 2
network 192.168.12.0
import-route ospf 1
route-policy r2o permit node 10
if-match acl 2001
apply cost 10
apply cost-type type-2
route-policy r2o permit node 20
if-match acl 2002
apply cost 20
apply cost-type type-2
route-policy r2o permit node 30
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
3.3 R3的配置
display current-configuration
sysname R3
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 192.168.23.3 255.255.255.0
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/3
wlan
interface NULL0
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 192.168.23.0 0.0.0.255
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
4.查看路由注入情况因为配置了路由策略所以192.168.3.0/24网段没有被注入
