SD-WAN
集团多分支节点智能化组网
发布时间:2022-09-17 08:54:55 作者:江小鱼阅读:0
如图1所示,SwitchB与SwitchA之间通过OSPF协议交换路由信息,与SwitchC之间通过IS-IS协议交换路由信息。用户希望在SwitchB上将IS-IS网络中路由引入到OSPF网络后,OSPF网络中路由172.17.1.0/24的选路优先级较低;路由172.17.2.0/24具有标识,方便以后运用路由策略。
图1 配置在路由引入时应用路由策略组网图
采用如下的思路配置在路由引入时应用路由策略:
在SwitchB上配置路由策略,将172.17.1.0/24的路由的开销设置为100,在OSPF引入IS-IS路由时应用路由策略,实现OSPF网络中路由172.17.1.0/24的选路优先级较低。
在SwitchB上配置路由策略,将172.17.2.0/24的路由的Tag属性设置为20。在OSPF引入IS-IS路由时应用路由策略,实现路由172.17.2.0/24具有标识,方便以后运用路由策略。
配置各接口所属的VLAN
# 配置SwitchA。SwitchB和SwitchC的配置与SwitchA类似。
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 10
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] port link-type trunk
[SwitchA-GigabitEthernet1/0/1] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet1/0/1] quit
配置各VLANIF接口的IP地址
# 配置SwitchA。SwitchB和SwitchC的配置与SwitchA类似。
[SwitchA] interface vlanif 10
[SwitchA-Vlanif10] ip address 192.168.1.1 24
[SwitchA-Vlanif10] quit
配置IS-IS路由协议
# 配置SwitchC。
[SwitchC] isis
[SwitchC-isis-1] is-level level-2
[SwitchC-isis-1] network-entity 10.0000.0000.0001.00
[SwitchC-isis-1] quit
[SwitchC] interface vlanif 20
[SwitchC-Vlanif20] isis enable
[SwitchC-Vlanif20] quit
[SwitchC] interface vlanif 30
[SwitchC-Vlanif30] isis enable
[SwitchC-Vlanif30] quit
[SwitchC] interface vlanif 40
[SwitchC-Vlanif40] isis enable
[SwitchC-Vlanif40] quit
[SwitchC] interface vlanif 50
[SwitchC-Vlanif50] isis enable
[SwitchC-Vlanif50] quit
# 配置SwitchB。
[SwitchB] isis
[SwitchB-isis-1] is-level level-2
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlanif 20
[SwitchB-Vlanif20] isis enable
[SwitchB-Vlanif20] quit
配置OSPF路由协议及路由引入
# 配置SwitchA,启动OSPF。
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# 配置SwitchB,启动OSPF,并引入IS-IS路由。
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route isis 1
[SwitchB-ospf-1] quit
# 查看SwitchA的OSPF路由表,可以看到引入的路由。
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Transit 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 1 Type2 1 192.168.1.2 192.168.1.2
172.17.2.0/24 1 Type2 1 192.168.1.2 192.168.1.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.1.2
192.168.2.0/24 1 Type2 1 192.168.1.2 192.168.1.2
Total Nets: 5
Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0
# 配置编号为2002的ACL,允许172.17.2.0/24通过。
[SwitchB] acl number 2002
[SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255
[SwitchB-acl-basic-2002] quit
# 配置名为prefix-a的地址前缀列表,允许172.17.1.0/24通过。
[SwitchB] ip ip-prefix prefix-a index 10 permit 172.17.1.0 24
配置Route-Policy
[SwitchB] route-policy isis2ospf permit node 10
[SwitchB-route-policy] if-match ip-prefix prefix-a
[SwitchB-route-policy] apply cost 100
[SwitchB-route-policy] quit
[SwitchB] route-policy isis2ospf permit node 20
[SwitchB-route-policy] if-match acl 2002
[SwitchB-route-policy] apply tag 20
[SwitchB-route-policy] quit
[SwitchB] route-policy isis2ospf permit node 30
[SwitchB-route-policy] quit
在路由引入时应用Route-Policy
# 配置SwitchB,设置在路由引入时应用Route-Policy。
[SwitchB] ospf
[SwitchB-ospf-1] import-route isis 1 route-policy isis2ospf
[SwitchB-ospf-1] quit
# 查看SwitchA的OSPF路由表,可以看到目的地址为172.17.1.0/24的路由的开销为100,目的地址为172.17.2.0/24的路由的标记域(Tag)为20,而其他路由的属性未发生变化。
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Transit 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 100 Type2 1 192.168.1.2 192.168.1.2
172.17.2.0/24 1 Type2 20 192.168.1.2 192.168.1.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.1.2
192.168.2.0/24 1 Type2 1 192.168.1.2 192.168.1.2
Total Nets: 5
Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0
SwitchA的配置文件
#
sysname SwitchA
#
vlan batch 10
#
interface Vlanif10
ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
#
return
·
·
SwitchB的配置文件
·
#
sysname SwitchB
#
vlan batch 10 20
#
acl number 2002
rule 5 permit source 172.17.2.0 0.0.0.255
#
isis 1
is-level level-2
network-entity 10.0000.0000.0002.00
#
interface Vlanif10
ip address 192.168.1.2 255.255.255.0
#
interface Vlanif20
ip address 192.168.2.2 255.255.255.0
isis enable 1
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
ospf 1
import-route isis 1 route-policy isis2ospf
area 0.0.0.0
network 192.168.1.0 0.0.0.255
#
route-policy isis2ospf permit node 10
if-match ip-prefix prefix-a
apply cost 100
#
route-policy isis2ospf permit node 20
if-match acl 2002
apply tag 20
#
route-policy isis2ospf permit node 30
#
ip ip-prefix prefix-a index 10 permit 172.17.1.0 24
#
return
SwitchC的配置文件
·
#
sysname SwitchC
#
vlan batch 20 30 40 50
#
isis 1
is-level level-2
network-entity 10.0000.0000.0001.00
#
interface Vlanif20
ip address 192.168.2.1 255.255.255.0
isis enable 1
#
interface Vlanif30
ip address 172.17.1.1 255.255.255.0
isis enable 1
#
interface Vlanif40
ip address 172.17.2.1 255.255.255.0
isis enable 1
#
interface Vlanif50
ip address 172.17.3.1 255.255.255.0
isis enable 1
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet1/0/3
port link-type trunk
port trunk allow-pass vlan 40
#
interface GigabitEthernet1/0/4
port link-type trunk
port trunk allow-pass vlan 50
#
return
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:shawn.lee@vecloud.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
标题:企业组网方案-在路由引入时应用路由策略
TAG标签:企业组网
地址:https://www.kd010.com/cjwt/1336.html
全天服务支持
资源覆盖全球
专属优质服务
技术全线支持
客服
电话
微信