CCNP-25 分配列表

试验拓扑：

实验要求： R1

与 R2

起 OSPF

，在 R1

上起 LOOPBACK

地址用于测试，分别配置分配列表来过滤不必要的路由更新。

试验目的：掌握基本的分配列表和路由重发布中分配列表的配置方法。

试验配置：

：

R1(config)#int s1/0

R1(config-if)#ip add 199.99.1.1 255.255.255.0

R1(config-if)#clock rate 64000

R1(config-if)#no shu

R1(config-if)#exit

R1(config)#int loop0

R1(config-if)#ip add 1.1.1.1 255.255.255.0

R1(config-if)#exit

R1(config)#int loop1

R1(config-if)#ip add 172.16.1.1 255.255.255.0

R1(config-if)#ip ospf network point-to-point

R1(config-if)#exit

R1(config)#int loop2

R1(config-if)#ip add 172.16.2.1 255.255.255.0

R1(config-if)#ip ospf network point-to-point

R1(config-if)#exit

R1(config)#router ospf 100

R1(config-router)#router-id 1.1.1.1

R1(config-router)#network 199.99.1.0 0.0.0.255 area 0

R1(config-router)#network 172.16.1.0 0.0.0.255 area 1

R1(config-router)#network 172.16.2.0 0.0.0.255 area 1

R1(config-router)#exit

：

R2(config)#int s1/0

R2(config-if)#ip add 199.99.1.2 255.255.255.0

R2(config-if)#no shu

R2(config-if)#exit

R2(config)#int loop0

R2(config-if)#ip add 2.2.2.2 255.255.255.0

R2(config-if)#exit

R2(config)#router ospf 100

R2(config-router)#router-id 2.2.2.2

R2(config-router)#network 199.99.1.0 0.0.0.255 area 0

R2(config-router)#exit

基本配置完成，然后我们来查看一下 R2

的 LSDB

和路由表：

R2#show ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

1.1.1 .1 1.1.1.1 7 0x80000003 0x0043F4 2

2.2.2 .2 2.2.2.2 7 0x80000001 0x00E352 2

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

172.16.1.0 1.1.1.1 13 0x80000001 0x00E495

172.16.2.0 1.1.1.1 4 0x80000001 0x00D99F

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

172.16.0.0/24 is subnetted, 2 subnets

O IA 172.16.1.0 [110/65] via 199.99.1.1, 00:00:03, Serial1/0

O IA 172.16.2.0 [110/65] via 199.99.1.1, 00:00:03, Serial1/0

C 199.99.1.0/24 is directly connected, Serial1/0

好的，在 R2

上可以看到有两条区域外部路由，然后我们开始配置分配列表：

（注意：在

RIP,IGRP,EIGRP

的路由协议中，分配列表的

IN/OUT

方向都可以配置，但是在

ISIS

与

OSPF

路由协议中，分配列表只能应用

方向的

）

R2(config)#access-list 10 deny 172.16.1.0 0.0.0.255

R2(config)#access-list 10 permit any

R2(config)#router ospf 100

R2(config-router)#distribute-list 10 in

R2(config-router)#exit

先定义 ACL

禁止 172.16.1.0/24

的数据包通过，然后应用到 OSPF

中，方向为 IN

方向，配置完成后我们再看 R2

的路由表：

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

172.16.0.0/24 is subnetted, 1 subnets

O IA 172.16.2.0 [110/65] via 199.99.1.1, 00:00:02, Serial1/0

C 199.99.1.0/24 is directly connected, Serial1/0

确实没有 172.16.1.0/24

的路由条目了，再看一下 LSDB

有什么变化？

R2#show ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

1.1.1 .1 1.1.1.1 36 0x80000003 0x0043F4 2

2.2.2 .2 2.2.2.2 35 0x80000001 0x00E352 2

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

172.16.1.0 1.1.1.1 41 0x80000001 0x00E495

172.16.2.0 1.1.1.1 32 0x80000001 0x00D99F

没有任何变化，也就是说在链路状态路由协议中应用分配列表，只是当适当的路由从 LSDB

中选取出来放到路由表的时候过滤掉分配列表中定义过滤的路由，但是无法阻止 LSDB

的更新。

下面我们在 R1

上再起两个 loopback

接口，然后配置 RIP

路由协议，将 RIP

重发布到 OSPF

中，接着再配置分配列表来过滤掉不需要的路由：

R1(config)#int loop3

R1(config-if)#ip add 177.77.1.1 255.255.255.0

R1(config-if)#exit

R1(config)#int loop4

R1(config-if)#ip add 177.77.2.1 255.255.255.0

R1(config-if)#exit

R1(config)#router rip

R1(config-router)#version 2

R1(config-router)#network 177.77.1.0

R1(config-router)#network 177.77.2.0

R1(config-router)#no auto-summary

R1(config-router)#exit

R1(config)#router ospf 100

R1(config-router)#redistribute rip subnets

R1(config-router)#exit

配置完成后再到 R2

上查看 LSDB

与路由表：

R2#show ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

1.1.1 .1 1.1.1.1 6 0x80000004 0x0047ED 2

2.2.2 .2 2.2.2.2 66 0x80000001 0x00E352 2

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

172.16.1.0 1.1.1.1 72 0x80000001 0x00E495

172.16.2.0 1.1.1.1 63 0x80000001 0x00D99F

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

177.77.1.0 1.1.1.1 5 0x80000001 0x001983 0

177.77.2.0 1.1.1.1 5 0x80000001 0x000E8D 0

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

172.16.0.0/24 is subnetted, 1 subnets

O IA 172.16.2.0 [110/65] via 199.99.1.1, 00:00:01, Serial1/0

C 199.99.1.0/24 is directly connected, Serial1/0

177.77.0.0/24 is subnetted, 2 subnets

O E2 177.77.1.0 [110/20] via 199.99.1.1, 00:00:01, Serial1/0

O E2 177.77.2.0 [110/20] via 199.99.1.1, 00:00:01, Serial1/0

成功学习到了自制系统外部路由。下面在 R1

上配置分配列表：

R1(config)#access-list 20 deny 177.77.1.0 0.0.0.255

R1(config)#access-list 20 permit any

R1(config)#router ospf 100

R1(config-router)#distribute-list 20 out rip

R1(config-router)#exit

首先定义 ACL

，禁止 177.77.1.0/24

的路由，然后应用到 OSPF 100

中，方向为 OUT

，然后查看 R2

的 LSDB

与路由表：

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback0

172.16.0.0/24 is subnetted, 1 subnets

O IA 172.16.2.0 [110/65] via 199.99.1.1, 00:00:23, Serial1/0

C 199.99.1.0/24 is directly connected, Serial1/0

177.77.0.0/24 is subnetted, 1 subnets

O E2 177.77.2.0 [110/20] via 199.99.1.1, 00:00:23, Serial1/0

只剩下一条自治系统外部路由了；

R2#show ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 100)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

1.1.1 .1 1.1.1.1 32 0x80000004 0x0047ED 2

2.2.2 .2 2.2.2.2 92 0x80000001 0x00E352 2

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

172.16.1.0 1.1.1.1 98 0x80000001 0x00E495

172.16.2.0 1.1.1.1 89 0x80000001 0x00D99F

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

177.77.1.0 1.1.1.1 3603 0x80000002 0x004E61 0

177.77.2.0 1.1.1.1 31 0x80000001 0x000E8D 0

同样的 LSDB

没有任何变化，这也再次说明分配列表对 LSDB

没有任何影响！

最后我们用命令 show ip protocols

来查看一下两台路由器的路由协议配置情况：

R1#show ip protocols

Routing Protocol is "ospf 100"

Outgoing update filter list for all interfaces is not set

Redistributed rip filtered by 20

Incoming update filter list for all interfaces is not set

Router ID 1.1.1.1

It is an area border and autonomous system boundary router

Redistributing External Routes from,

rip, includes subnets in redistribution

Number of areas in this router is 2. 2 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

172.16.1.0 0.0.0.255 area 1

172.16.2.0 0.0.0.255 area 1

199.99.1.0 0.0.0.255 area 0

Reference bandwidth unit is 100 mbps

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 110)

上面用红色标记的是说重分布 RIP

到 OSPF

中，并且过滤掉匹配 ACL20

的路由条目。

Routing Protocol is "rip"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Sending updates every 30 seconds, next due in 14 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Redistributing: rip

Default version control: send version 2, receive version 2

Interface Send Recv Triggered RIP Key-chain

Loopback3 2 2

Loopback4 2 2

Automatic network summarization is not in effect

Maximum path: 4

Routing for Networks:

177.77.0.0

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 120)

R2#show ip protocols

Routing Protocol is "ospf 100"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is 10

Router ID 2.2.2.2

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

199.99.1.0 0.0.0.255 area 0

Reference bandwidth unit is 100 mbps

Routing Information Sources:

Gateway Distance Last Update

1.1.1.1 110 00:00:55

Distance: (default is 110)

上面用红色标记的是说过滤掉匹配 ACL10

的，从所有接口进来的路由更新。

实验总结：掌握基本的分配列表的配置与重发布路由协议中应用分配列表的方法。

本文转自loveme2351CTO博客，原文链接：

http://blog.51cto.com/loveme23/49793

，如需转载请自行联系原作者