引入问题:引入规划不当,会导致次优路由、路由环路等问题
以上为参考优先级
第一步:拓扑结构
第二步:解析
可以通过路由策略、打标签、改变cost值
第三步:配置命令:路由策略
R1:
[V200R003C00]
sysname r1
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
clock timezone China-Standard-Time minus 08:00:00
portal local-server load portalpage.zip
drop illegal-mac alarm
set cpu-usage threshold 80 restore 75
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
firewall zone Local
priority 15
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.2.1 255.255.255.0
interface GigabitEthernet0/0/2
ip address 192.168.3.1 255.255.255.0
interface NULL0
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
wlan ac
return
<r1>
R2:
[V200R003C00]
sysname r2
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
clock timezone China-Standard-Time minus 08:00:00
portal local-server load portalpage.zip
drop illegal-mac alarm
set cpu-usage threshold 80 restore 75
acl number 2001
rule 5 deny source 192.168.4.0 0.0.0.255
rule 10 deny source 192.168.5.0 0.0.0.255
rule 15 deny source 192.168.6.0 0.0.0.255
rule 20 permit
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
firewall zone Local
priority 15
interface GigabitEthernet0/0/0
ip address 192.168.3.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.5.1 255.255.255.0
interface GigabitEthernet0/0/2
interface NULL0
ospf 1 router-id 2.2.2.2
import-route rip 1 route-policy rp2
area 0.0.0.0
network 192.168.3.0 0.0.0.255
rip 1
version 2
network 192.168.5.0
import-route ospf 1
route-policy rp2 permit node 10
if-match acl 2001
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
wlan ac
return
<r2>
R3:
[V200R003C00]
sysname r3
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
clock timezone China-Standard-Time minus 08:00:00
portal local-server load portalpage.zip
drop illegal-mac alarm
set cpu-usage threshold 80 restore 75
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
firewall zone Local
priority 15
interface GigabitEthernet0/0/0
ip address 192.168.5.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.4.2 255.255.255.0
interface GigabitEthernet0/0/2
ip address 192.168.6.1 255.255.255.0
interface NULL0
rip 1
version 2
network 192.168.5.0
network 192.168.4.0
network 192.168.6.0
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
wlan ac
return
<r3>
R4:
[V200R003C00]
sysname r4
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
clock timezone China-Standard-Time minus 08:00:00
portal local-server load portalpage.zip
drop illegal-mac alarm
set cpu-usage threshold 80 restore 75
acl number 2000
rule 5 deny source 192.168.1.0 0.0.0.255
rule 10 deny source 192.168.2.0 0.0.0.255
rule 15 deny source 192.168.3.0 0.0.0.255
rule 20 permit
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
firewall zone Local
priority 15
interface GigabitEthernet0/0/0
ip address 192.168.2.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.4.1 255.255.255.0
interface GigabitEthernet0/0/2
interface NULL0
ospf 1 router-id 4.4.4.4
import-route rip 1
area 0.0.0.0
network 192.168.2.0 0.0.0.255
rip 1
version 2
network 192.168.4.0
import-route ospf 1 route-policy rp1
route-policy rp1 permit node 10
if-match acl 2000
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
wlan ac
return
<r4>
注意:需要对网络进行充分分析后,制定路由策略