---恢复内容开始---
实验内容
某公司网络如实验拓扑所示,公司总部运行OSPF协议,分部运行isis协议,总部和分部中各有若干业务网段,其中奇数网段为业务A网段,偶数网段为业务B网段,请根据如下需求对网络进行部署:
1) 按照拓扑分别搭建总部OSPF网络与分部rip网络,并尽量减少OSPF Area 1中设备需要维护的路由条目;
2) 网络管理员在R1上将isis路由引入到OSPF中,在R2上将OSPF路由引入到isis中,并通过适当调测使得业务网段间能够正常通信;
3) 为了避免由于总部与分部网络间单点故障而造成的断网,网络管理员在R1、R2上部署双向引入,并通过适当调测使得业务网段间能够正常通信;
4) 网络管理员在维护中发现总部与分部网络间单条链路负载过大,为了均衡流量,使业务A的流量通过R1转发,业务B的流量通过R2转发;
5) 在总部OSPF网络Area 1中,使得业务A与B的流量各使用一条链路以实现负载均衡(不能使用路由策略)。
第四第五步做的不太好!!!!!大概命令吧!!!!!
1. 按照拓扑分别搭建总部OSPF网络与分部ISIS网络,并尽量减少OSPF Area 1中设备需要维护的路由条目
R4R5做stub
R4为例:
#OSPF 1
#area 1
#stub
#stub no-summary
R5:
level-2是骨干区域,默认是level-1-2!!!!
以下是 R1-R5的基本配置:
R1:
isis 1
network-entity 47.0001.0000.0000.0001.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 14.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 13.1.1.1 255.255.255.0
isis enable 1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.0
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.0 0.0.0.255
network 4.4.4.0 0.0.0.255
network 14.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
R2:
#
isis 1
network-entity 47.0001.0000.0000.0002.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 23.1.1.2 255.255.255.0
isis enable 1
#
interface GigabitEthernet0/0/1
ip address 24.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.0
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.0 0.0.0.255
network 4.4.4.0 0.0.0.255
network 24.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
R3:
宣告回环口
#
isis 1
network-entity 47.0001.0000.0000.0003.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 13.1.1.3 255.255.255.0
isis enable 1
#
interface GigabitEthernet0/0/1
ip address 23.1.1.3 255.255.255.0
isis enable 1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
R4:
interface Serial3/0/0
link-protocol ppp
ip address 45.1.1.4 255.255.255.0
#
interface Serial3/0/1
link-protocol ppp
ip address 44.1.1.4 255.255.255.0
#
interface Serial4/0/0
link-protocol ppp
#
interface Serial4/0/1
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 14.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 24.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet1/0/0
#
interface GigabitEthernet2/0/0
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.0
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 1.1.1.0 0.0.0.255
network 2.2.2.0 0.0.0.255
network 4.4.4.0 0.0.0.255
network 14.1.1.0 0.0.0.255
network 24.1.1.0 0.0.0.255
area 0.0.0.1
network 5.5.5.0 0.0.0.255
network 44.1.1.0 0.0.0.255
network 45.1.1.0 0.0.0.255
stub no-summary
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
R5:
interface Serial3/0/0
link-protocol ppp
ip address 45.1.1.5 255.255.255.0
#
interface Serial3/0/1
link-protocol ppp
ip address 44.1.1.5 255.255.255.0
#
interface Serial4/0/0
link-protocol ppp
#
interface Serial4/0/1
link-protocol ppp
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.0
#
interface LoopBack1
ip address 172.16.1.1 255.255.255.0
#
interface LoopBack2
ip address 172.16.2.1 255.255.255.0
#
interface LoopBack3
ip address 172.16.3.1 255.255.255.0
#
interface LoopBack4
ip address 172.16.4.1 255.255.255.0
#
ospf 1 router-id 5.5.5.5
area 0.0.0.1
network 5.5.5.0 0.0.0.255
network 44.1.1.0 0.0.0.255
network 45.1.1.0 0.0.0.255
stub no-summary
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
2. 网络管理员在R1上将isis路由引入到OSPF中,在R2上将OSPF路由引入到isis中,并通过适当调测使得业务网段间能够正常通信
R1;
ospf 1 router-id 1.1.1.1
import-route isis 1
R2:
isis 1
network-entity 47.0001.0000.0000.0002.00
import-route ospf 1
3. 为了避免由于总部与分部网络间单点故障而造成的断网,网络管理员在R1、R2上部署双向引入,并通过适当调测使得业务网段间能够正常通信
将OSPF路由引入到isis中,在R2上将isis路由引入到ospf中
4. 网络管理员在维护中发现总部与分部网络间单条链路负载过大,为了均衡流量,使业务A的流量通过R1转发,业务B的流量通过R2转发
[R1]acl 2001
[R1-acl-basic-2001]rule permit source 172.16.1.0 0.0.2.0
[R1-acl-basic-2001]acl 2002
[R1-acl-basic-2002]rule permit source 172.16.0.0 0.0.6.0
[R1-acl-basic-2002]acl 2011
[R1-acl-basic-2011]rule permit source 192.168.1.0 0.0.2.0
[R1-acl-basic-2011]acl 2012
[R1-acl-basic-2012]rule permit source 192.168.0.0 0.0.6.0
[R1-route-policy]route-policy I1O permit node 2
[R1-route-policy]if-match acl 2011
[R1-route-policy]apply cost 100
[R1-route-policy]apply tag 100
[R1-route-policy]route-policy I1O permit node 3
[R1-route-policy]if-match acl 2012
[R1-route-policy]apply cost 100
[R1-route-policy]apply tag 100
[R1]route-policy O2I permit node 2
[R1-route-policy]if-match acl 2001
[R1-route-policy]apply cost 100
[R1-route-policy]apply tag 300
[R1-route-policy]route-policy O2I permit node 3
[R1-route-policy]if-match acl 2002
[R1-route-policy]apply cost 100
[R1-route-policy]apply tag 300
[R1-isis-1]import-route ospf 1 route-policy O2I
[R2]acl 2001
[R2-acl-basic-2001]rule per s 172.16.1.0 0.0.2.0
[R2-acl-basic-2001]acl 2002
[R2-acl-basic-2002]rule per s 172.16.0.0 0.0.6.0
[R2-acl-basic-2002]acl 2011
[R2-acl-basic-2011]rule per s 192.168.1.0 0.0.2.0
[R2-acl-basic-2011]acl 2012
[R2-acl-basic-2012]rule per s 192.168.1.0 0.0.6.0
[R2]route-policy O1I permit node 2
[R2-route-policy]if-match acl 2001
[R2-route-policy]apply tag 200
[R2-route-policy]apply cost 300
[R2]route-policy O1I permit node 3
[R2-route-policy]if-match acl 2002
[R2-route-policy]apply tag 200
[R2-route-policy]apply cost 100
[R2]route-policy I2O permit node 2
[R2-route-policy]if-match acl 2011
[R2-route-policy]apply cost 300
[R2-route-policy]apply tag 400
[R2-route-policy]route-policy I2O permit node 3
[R2-route-policy]if-match acl 2012
[R2-route-policy]apply cost 100
[R2-route-policy]apply tag 400
5. 在总部OSPF网络Area 1中,使得业务A与B的流量各使用一条链路以实现负载均衡(不能使用路由策略)
提示:使用策略路由完成该功能。在本题中,我们需要使用接口策略路由。
[R4]acl 2001
[R4-acl-basic-2001]rule permit source 192.168.1.0 0.0.2.255
[R4-acl-basic-2001]acl 2002
[R4-acl-basic-2002]rule permit source 192.168.0.0 0.0.6.255
[R4]traffic classifier A operator or —创建流分类,or
[R4-classifier-A]if-match acl 2001
[R4-classifier-A]traffic classifier B operator or
[R4-classifier-B]if-match acl 2002
[R4]traffic behavior SA——制定策略
[R4-behavior-SA]redirect ip-nexthop 10.0.45.5
[R4-behavior-SA]traffic behavior SB
[R4-behavior-SB]redirect ip-nexthop 10.0.54.5
[R4] traffic policy lo
[R4-trafficpolicy-lo]classifier A behavior SA
[R4-trafficpolicy-lo]classifier B behavior SB
[R4]int gig0/0/0
[R4-GigabitEthernet0/0/0]traffic-policy lo inbound —绑定策略
[R4-GigabitEthernet0/0/0]int gig0/0/1
[R4-GigabitEthernet0/0/1]traffic-policy lo inbound
---恢复内容结束---