使用distribute-list(分发列表)过滤BGP路由
2010-07-09 11:19
507 查看
一、拓扑图
二、配置
R1#sh run
Building configuration...
Current configuration : 1725 bytes
!
! Last configuration change at 09:38:24 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
interface Loopback0
ip address 172.16.1.1 255.255.255.0
!
interface Loopback1
ip address 172.16.2.1 255.255.255.0
!
interface Loopback2
ip address 172.16.3.1 255.255.255.0
!
interface Loopback3
ip address 172.16.4.1 255.255.255.0
!
interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 172.16.1.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
network 172.16.4.0 mask 255.255.255.0
neighbor 12.12.12.2 remote-as 64512
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
====================================================================
R2#sh run
Building configuration...
Current configuration : 1822 bytes
!
! Last configuration change at 11:00:00 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Loopback1
ip address 192.168.2.1 255.255.255.0
!
interface Loopback2
ip address 192.168.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 23.23.23.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
neighbor 12.12.12.1 remote-as 64512
neighbor 12.12.12.1 next-hop-self
neighbor 23.23.23.2 remote-as 100
neighbor 23.23.23.2 distribute-list dl out
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
ip access-list extended dl
deny ip 172.16.1.0 0.0.0.255 any
deny ip 172.16.2.0 0.0.0.255 any
permit ip any any
!
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
====================================================================
R3#sh run
Building configuration...
Current configuration : 1625 bytes
!
! Last configuration change at 10:43:52 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface Loopback1
ip address 10.10.11.1 255.255.255.0
!
interface Loopback2
ip address 10.10.12.1 255.255.255.0
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 10.10.11.0 mask 255.255.255.0
network 10.10.12.0 mask 255.255.255.0
neighbor 23.23.23.1 remote-as 64512
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
R3#sh ip bgp
BGP table version is 23, local router ID is 10.10.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 0.0.0.0 0 32768 i
*> 10.10.11.0/24 0.0.0.0 0 32768 i
*> 10.10.12.0/24 0.0.0.0 0 32768 i
*> 172.16.3.0/24 23.23.23.1 0 64512 i
*> 172.16.4.0/24 23.23.23.1 0 64512 i
*> 192.168.1.0 23.23.23.1 0 0 64512 i
*> 192.168.2.0 23.23.23.1 0 0 64512 i
*> 192.168.3.0 23.23.23.1 0 0 64512 i
这样就可过滤掉R1的172.16.1.0/24和172.16.2.0/24两个网段。
二、配置
R1#sh run
Building configuration...
Current configuration : 1725 bytes
!
! Last configuration change at 09:38:24 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
interface Loopback0
ip address 172.16.1.1 255.255.255.0
!
interface Loopback1
ip address 172.16.2.1 255.255.255.0
!
interface Loopback2
ip address 172.16.3.1 255.255.255.0
!
interface Loopback3
ip address 172.16.4.1 255.255.255.0
!
interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 172.16.1.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
network 172.16.4.0 mask 255.255.255.0
neighbor 12.12.12.2 remote-as 64512
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
====================================================================
R2#sh run
Building configuration...
Current configuration : 1822 bytes
!
! Last configuration change at 11:00:00 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Loopback1
ip address 192.168.2.1 255.255.255.0
!
interface Loopback2
ip address 192.168.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 23.23.23.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
neighbor 12.12.12.1 remote-as 64512
neighbor 12.12.12.1 next-hop-self
neighbor 23.23.23.2 remote-as 100
neighbor 23.23.23.2 distribute-list dl out
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
ip access-list extended dl
deny ip 172.16.1.0 0.0.0.255 any
deny ip 172.16.2.0 0.0.0.255 any
permit ip any any
!
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
====================================================================
R3#sh run
Building configuration...
Current configuration : 1625 bytes
!
! Last configuration change at 10:43:52 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface Loopback1
ip address 10.10.11.1 255.255.255.0
!
interface Loopback2
ip address 10.10.12.1 255.255.255.0
!
interface FastEthernet0/0
ip address 23.23.23.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 10.10.11.0 mask 255.255.255.0
network 10.10.12.0 mask 255.255.255.0
neighbor 23.23.23.1 remote-as 64512
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
R3#sh ip bgp
BGP table version is 23, local router ID is 10.10.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 0.0.0.0 0 32768 i
*> 10.10.11.0/24 0.0.0.0 0 32768 i
*> 10.10.12.0/24 0.0.0.0 0 32768 i
*> 172.16.3.0/24 23.23.23.1 0 64512 i
*> 172.16.4.0/24 23.23.23.1 0 64512 i
*> 192.168.1.0 23.23.23.1 0 0 64512 i
*> 192.168.2.0 23.23.23.1 0 0 64512 i
*> 192.168.3.0 23.23.23.1 0 0 64512 i
这样就可过滤掉R1的172.16.1.0/24和172.16.2.0/24两个网段。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 使用分发列表过滤BGP路由 推荐
- 使用分发列表过滤BGP路由
- LAB16:重分发过滤路由-使用distribute-list
- 使用distribute-list过滤OSPF路由信息
- distribute-list分发列表 和 不进行重分发LAS过滤方法area filter-list prefix、database-filter
- 使用分发列表过滤路由及路由汇总、防环
- 利用distribute-list列表过滤路由
- 使用前缀列表过滤BGP路由 推荐
- 34、重分布配置实验之分发列表distribute-list
- Cisco 路由过滤之 Route-map & Distribute-list
- BGP交换前缀列表的出口路由过滤"ORF"技术
- OSPF系列:distribute-list分发列表
- 路由过滤之 Route-map & Distribute-list
- BGP交换前缀列表的出口路由过滤"ORF"技术
- 路由策略3_Distribute-list6(在双点双向重分发中的应用)