一、拓扑图:
二、配置说明:
1、根据拓扑图的配置,R4上面跑OSPF,下面走静态路由,R5和R6走默认路由上去。但是要注意的一点是R4上要加一条命令:default-information originate always (向OSPF区域通知一条默认路由,并且要加always,因为在R4上我们没有默认路由,之前我说在R4上只做了一条静态路由到R5和R6。)
2、在保证所有的链路都能通全网之后。我现在在R4上做策略路由:让192.168.45.0能在设置的策略路由上走:
A:192.168.45.0/24上的所有路由器--------àR2----àR1-------1.1.1.1/24
B:192.168.46.0/24上的所有路由器--------àR3----àR1-------1.1.1.1/24
3、下面来配置一下route-map
R4(config)#access-list 1 permit 192.168.45.0 0.0.0.255 (建立左边的access-list)
R4(config)#access-list 1 permit 5.5.5.0. 0.0.0.255
R4(config)#access-list 2 permit 192.168.46.0 0. 0.0.0.255 (建立右边的access-list)
R4(config)#access-list 2 permit 6.6.6.0. 0.0.0.255
R4(config)#route-map pbr1 permit 1 (建立一个route-map名为pbr1)
R4(config-route-map)#match policy-list pbr1(匹配策略列表pbr1)或者用match ip add 1
R4(config-route-map)#set ip next-hop 192.168.24.2(设置下一跳走192.168.24.2)
R4(config)#int s0/2(进入R4的S0/2)
R4(config-if)#ip policy route-map pbr1(把之前建立的pbr1挂上去)
R4(config)#route-map pbr2 permit 2(再建立个route-map 名为pbr2)
R4(config-route-map)#match policy-list pbr2 (匹配策略列表pbr2)
R4(config-route-map)#set ip next-hop 192.168.34.3(pbr2我设置为走192.168.34.3)
R4(config)#int s0/3(进入R4的S0/3)
R4(config-if)#ip policy route-map pbr2(把之前建立的pbr2挂上去)
|
4、下面在R5上traceroute 1.1.1.1 看一下是不是走我们设定的策略:
R5#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.45.4 56 msec 36 msec 8 msec
2 192.168.24.2 84 msec 40 msec 56 msec
3 192.168.12.1 112 msec * 132 msec (对,没错!)
|
再看一下R6:
R6#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.46.4 56 msec 56 msec 24 msec
2 192.168.34.3 52 msec 64 msec 52 msec
3 192.168.13.1 116 msec * 148 msec (也没错!)
|
5、在R4上show route-map 看一下包的情况,都增加了成6 ,ping 的话默认为5:
R4#show route-map
route-map pbr1, permit, sequence 1
Match clauses:
IP Policy lists:
pbr1
Set clauses:
ip next-hop 192.168.24.2
Policy routing matches: 6 packets, 576 bytes
route-map pbr2, permit, sequence 2
Match clauses:
IP Policy lists:
pbr2
Set clauses:
ip next-hop 192.168.34.3
Policy routing matches: 6 packets, 1652 bytes
R4#
|
6、但是我们现在在R4上去traceroute 看一下:
R4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.34.3 64 msec
192.168.24.2 76 msec
192.168.34.3 8 msec
2 192.168.12.1 88 msec
192.168.13.1 88 msec *
R4#
|
发现是两边走,那么是什么原因呢?因为我们没有在R4上去做,这就涉及到本地的概念。没有对本地接口生效,之前分明是定义了45.0网段,但45.4这个接口却不能生效。
7、我们的解决办法是,在R4上加两条命令去应用pbr1和pbr2
R4(config)#ip local policy route-map pbr1
R4(config)#ip local policy route-map pbr2
|
这其中要注意,如果我只应用pbr1,那么在R4上traceroute 1.1.1.1 的话,它只会走左边,不会去走右边链路到1.1.1.1 所以我们要定义把pbr2也应用上去。这也是匹配了前面定义的route-map。
8、下面再来扩展traceroute 看一下效果:
R4#traceroute ip
Target IP address: 1.1.1.1
Source address: 192.168.24.4
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.24.2 32 msec 56 msec 20 msec
2 192.168.12.1 88 msec * 92 msec
R4#traceroute ip
Target IP address: 1.1.1.1
Source address: 192.168.34.4
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.34.3 56 msec 56 msec 24 msec
2 192.168.13.1 92 msec * 92 msec
|
OK。通过route-map来配置,都能够按照我设置的策略路由来走。
本文转自wxs-163 51CTO博客,原文链接:http://blog.51cto.com/supercisco/249799