路由引入常见问题-路由策略-CFANZ编程社区

引入问题：引入规划不当，会导致次优路由、路由环路等问题

路由引入常见问题-路由策略_3c

以上为参考优先级

第一步：拓扑结构

路由引入常见问题-路由策略_优先级_02

第二步：解析

可以通过路由策略、打标签、改变cost值

第三步：配置命令：路由策略

R1:

display current-configuration
[V200R003C00]

sysname r1

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.2.1 255.255.255.0

interface GigabitEthernet0/0/2
ip address 192.168.3.1 255.255.255.0

interface NULL0

interface LoopBack0
ip address 1.1.1.1 255.255.255.255

ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

wlan ac

return
<r1>

R2:

display current-configuration
[V200R003C00]

sysname r2

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

acl number 2001
rule 5 deny source 192.168.4.0 0.0.0.255
rule 10 deny source 192.168.5.0 0.0.0.255
rule 15 deny source 192.168.6.0 0.0.0.255
rule 20 permit

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 192.168.3.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.5.1 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

ospf 1 router-id 2.2.2.2
import-route rip 1 route-policy rp2
area 0.0.0.0
network 192.168.3.0 0.0.0.255

rip 1
version 2
network 192.168.5.0
import-route ospf 1

route-policy rp2 permit node 10
if-match acl 2001

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

wlan ac

return
<r2>

R3:

display current-configuration
[V200R003C00]

sysname r3

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 192.168.5.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.4.2 255.255.255.0

interface GigabitEthernet0/0/2
ip address 192.168.6.1 255.255.255.0

interface NULL0

rip 1
version 2
network 192.168.5.0
network 192.168.4.0
network 192.168.6.0

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

wlan ac

return
<r3>

R4:

display current-configuration
[V200R003C00]

sysname r4

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

acl number 2000
rule 5 deny source 192.168.1.0 0.0.0.255
rule 10 deny source 192.168.2.0 0.0.0.255
rule 15 deny source 192.168.3.0 0.0.0.255
rule 20 permit

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 192.168.2.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.4.1 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

ospf 1 router-id 4.4.4.4
import-route rip 1
area 0.0.0.0
network 192.168.2.0 0.0.0.255

rip 1
version 2
network 192.168.4.0
import-route ospf 1 route-policy rp1

route-policy rp1 permit node 10
if-match acl 2000

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

wlan ac

return
<r4>

注意：需要对网络进行充分分析后，制定路由策略