Route-map是CISCO路由协议中功能性非常强的策略列表,可以用来过滤路由也可以调整路由的属性,自身具备过滤功能。
下面以实例说明Route-Map的作用:
1.在分发列表上调用做route-map,过滤路由
拓扑说明: R1 R2建立eigrp 邻居,R2 上要求不接受的路由条目。
R1配置:
hostname R1
interface Loopback1
ip address
interface Loopback2
ip address
interface Loopback3
ip address
interface GigabitEthernet0/0
ip address
router eigrp
no au
network
network
network
network
R2配置
hostname R2
interface GigabitEthernet0/0
ip address
access-list 1 permit
route-map m1 deny
match ip address 1
route-map m1 permit
//配置ACL抓取路由前缀,配置Route-map拒绝ACL匹配的条目
router eigrp
no au
distribute-list route-map m1 in
network
//协议中挂接分发列表
完成检查R2 eigrp路由表,条目被过滤掉了。
2.在策略路由中调用Route-map,实现对数据转发进行操控
如图拓扑: PC1 PC2
网关 G0 G1 G2
ISP1 G0 LO0
ISP2 G0 LO
两ISP Lo0模拟外网服务器 ,网关不配置默认出口路由,默认情况下PC是不能访问的。
通过策略路由调用Route-map实现PC1通过ISP1 PC2通过ISP2访问
配置:
PC1配置
hostname PC1
no ip routing
ip default-gateway
interface GigabitEthernet0/0
ip address
PC2配置
hostname PC2
no ip routing
ip default-gateway
interface GigabitEthernet0/0
ip address
//CISCO模拟器用路由模拟PC,关闭IP路由功能,配置默认网关
网关配置
hostname Router
interface GigabitEthernet0/0
ip address
interface GigabitEthernet0/1
ip address
interface GigabitEthernet0/2
ip address
ISP1配置
hostname ISP1
interface Loopback0
ip address
interface GigabitEthernet0/0
ip address
ip route GigabitEthernet0/.1
ISP2配置
hostname ISP1
interface Loopback0
ip address
interface GigabitEthernet0/0
ip address
ip route GigabitEthernet0/.1
//网关和ISP配置好地址,ISP配置回程路由,注意网关没有配置路由
很明显此时PC可以PING通网关,但无法PING通外网
下面配置策略路由实现流量转发控制
在网关上配置
access-list permit ip host host
access-list permit ip host host
//配置ACL抓取对应PC访问的流量
route-map m1 permit
match ip address
set ip next-hop
route-map m1 permit
match ip address
set ip next-hop
//配置Route-map匹配不同流量手工指定下一跳出口地址
interface GigabitEthernet0/0
ip policy route-map m1
//接口调用策略
配置完成后测试,可以看到PC可以ping通,而且PC1走的ISP1,PC2走的ISP2,实现了流量转的控制。
3.在重分布中调用Route-map,实现对路由条目进行操控
如图拓扑:R1 R2之间运行Eigrp,R2 R3运行OSPF
需要将R1上除了的条目外其他的引入OSPF
仅将R2上引入Eigrp
配置
R1配置
hos tname R1
interface Loopback1
ip address
interface Loopback2
ip address
interface Loopback3
ip address
interface GigabitEthernet0/0
ip address
router eigrp
no au
network
network
network
network
R3配置
hostname R3
interface Loopback1
ip address
interface Loopback2
ip address
interface Loopback3
ip address
interface GigabitEthernet0/1
ip address
router ospf
router-id
network area 0
network area 0
network area 0
network area 0
R2配置
hostname R2
interface GigabitEthernet0/0
ip address
interface GigabitEthernet0/1
ip address
access-list 1 permit
access-list 2 permit
//配置ACL抓取对应的路由条目
route-map m1 deny
match ip address 1
route-map m1 permit
//配置route-map m1拒绝acl1,放行其他
route-map m2 permit
match ip address 2
//配置route-map m2放行acl 2
router eigrp
network
redistribute ospf metric route-map m2
//按照route-map m2重分布OSPF路由进eigrp
router ospf
router-id
redistribute eigrp subnets route-map m1
network area 0
//按照route-map m1重分布Eigrp路由进ospf
配置完成后观察R1 R3路由表,达到要求。