《使用PBR实现策略路由.docx》由会员分享,可在线阅读,更多相关《使用PBR实现策略路由.docx(8页珍藏版)》请在三一办公上搜索。
1、实验报告课程名 称路由交换技术实验项目名称使用PBR实现策略路由开课学院及 实验室实验日 期2013.10.5学生姓 名学号专业班 级指导教 师实验成绩、实验目标1、掌握如何配置使用PBR实现基于源地址的策略路由;2、掌握如何配置使用PBR实现基于业务类型的策略路由。二、实验组网图192.128.10.2192. 128. 10.3图2.1使用PBR实现策略路由实验组网三、实验过程实验任务PBR的基本配置步骤一:建立物理连接;步骤二:IP地址配置;步骤三:路由的配置;步骤四:配置基于源地址的PBR;配置访问控制策略acl#acl number 3001rule 0 permit ip sour
2、ce 192.128.10.2 0acl number 3002rule 0 permit ip source 192.128.10.3 0#配置基于地址选择路径的PBR#policy-based-route choose permit node 5if-match acl 3001apply output-interface Serial1/0policy-based-route choose permit node 10if-match acl 3002apply output-interface Ethernet0/1#PC1向PC2发送ip数据包可以发现数据包从s1/0发送出去图2.1
3、 PC1向PC2发送ip数据包R1dis ip policy-based-route Interface EthernetB/B policy policy-based-route: choose permit node 5apply output-interface Denied: 0, Forwarded: 30permit node 1Qapply output-interfaceDenied: 0,Forwarded: 0statistics interface e0/0 based routing statistics informationSerial1/0EthernetO/13
4、0Total denied: 0, Forwarded:步骤五:配置基于报文的PBR;#policy-based-route abc permit node 20if-match packet-length 1 99apply ip-address next-hop 202.128.2.6policy-based-route abc permit node 30if-match packet-length 100 1500apply ip-address next-hop 202.128.1.2#当数据包大于100的时候可见PC1向PC2发送数据包的端口是e0/1图2.3 PC1向PC2发送数
5、据包Rldis ip policy-based-route statistics interface eO/OInterface EthernetO/O policy based routing statistics information policy-based-route: abc permit node 20 apply ip-address next-hop 202.128.2.6Denied: 8, Forwarded: 50 permit node 30apply ip-address next-hop 282.128.1.2 Denied: 0, Forwarded: 0Tot
6、al denied: 0, Forwarded: 50R1RTA上完整的配置信息R1dis cur# version 5.20, Release 1808, Standard#sysname R1# domain default enable system# router id 1.1.1.1#dar p2p signature-file cfa0:/p2p_default.mtd #port-security enable#acl number 3001rule 0 permit ip source 192.128.10.2 0 acl number 3002rule 0 permit ip
7、 source 192.128.10.3 0#vlan 1#domain system access-limit disable state active idle-cut disable self-service-url disable#user-group system#local-user adminpassword cipher .USE=B,53Q=Q、MAF41! authorization-attribute level 3 service-type telnet#interface Aux0async mode flow link-protocol ppp#interface
8、Ethernet0/0port link-mode route ip address 192.128.10.1 255.255.255.0 undo ip fast-forwardingip policy-based-route choose#interface Ethernet0/1 port link-mode route ip address 202.128.1.1 255.255.255.252#interface Serial1/0 link-protocol ppp ip address 202.128.2.5 255.255.255.252#interface Serial2/0
9、 link-protocol ppp#interface NULL0#ospf 1area 0.0.0.0network 192.128.10.0 0.0.0.255network 202.128.2.4 0.0.0.3network 202.128.1.0 0.0.0.3#policy-based-route choose permit node 5 if-match acl 3001 apply output-interface Serial1/0policy-based-route choose permit node 10 if-match acl 3002 apply output-
10、interface Ethernet0/1#policy-based-route abc permit node 20 if-match packet-length 1 99 apply ip-address next-hop 202.128.2.6policy-based-route abc permit node 30 if-match packet-length 100 1500 apply ip-address next-hop 202.128.1.2#load tr069-configuration#user-interface con 0user-interface aux 0us
11、er-interface vty 0 4#ReturnRTB上完整的配置信息R2dis cur# version 5.20, Release 1808, Standard#sysname R2# domain default enable system# router id 2.2.2.2#dar p2p signature-file cfa0:/p2p_default.mtd#port-security enable#vlan 1#domain systemaccess-limit disable state active idle-cut disable self-service-url
12、disable#user-group system#local-user adminpassword cipher .USE=B,53Q=Q、MAF41! authorization-attribute level 3 service-type telnet#interface Aux0async mode flow link-protocol ppp#interface Ethernet0/0port link-mode route ip address 192.128.20.1 255.255.255.0#interface Ethernet0/1port link-mode routei
13、p address 202.128.1.2 255.255.255.252#interface Serial1/0 link-protocol ppp#interface Serial2/0 link-protocol ppp ip address 202.128.2.6 255.255.255.252# interface NULL0#ospf 1area 0.0.0.0network 202.128.1.0 0.0.0.3network 202.128.2.4 0.0.0.3network 192.128.20.0 0.0.0.255#load tr069-configuration#user-interface con 0user-interface aux 0 user-interface vty 0 4#Return#结果分析与体会通过这次实验,我发现问题不仅仅是从书本上获得的,更多的 问题是在做实验的过程中,反反复复实验后,才发现的。同时,在对 实验代码配置中的顺序问题,也是一个深刻的教训,以后得记住。上机成绩、指导教师批改日期评语签名
