「網絡工程師」-路由配置-政策路由配置

政策路由的基本原理就是：根據ACL定義的不同資料流，經過路由器時，使用基于源位址或者基于目标位址政策轉發資料到下一個接口，通過如下案例可以實作政策路由。

RouterA、RouterB、RouterC使用OSPF保證全網路由可達，并且在RouterA上檢視路由表可以發現，到10.0.0.0的下一跳為RouterC的GE1/0/0接口位址。在RouterA上應用的政策路由，使從10.0.2.0/24到10.0.0.0/24的流量重定向到RouterB上。

RouterA的配置檔案如下：

[RouterA] acl number 3001 //定義ACL比對的目的源位址是10.0.2.0/24，目的位址是10.0.0.0/24

[RouterA-acl-adv-3001] rule 5 permit ip source 10.0.2.0 0.0.0.255 destination 10.0.0.0 0.0.0.255

[RouterA-acl-adv-3001] quit

[RouterA] traffic classifier credirect operator or //定義需要重定向的資料流分類

[RouterA-classifier-credirect] if-match acl 3001

[RouterA-classifier-credirect] quit

[RouterA] traffic behavior bredirect //定義流行為重定向到RouterB的GE1/0/0的接口位址

[RouterA-behavior-bredirect] redirect ip-nexthop 10.181.10.2

[RouterA-behavior-bredirect] quit

[RouterA] traffic policy predirect //綁定流政策

[RouterA-policy-predirect] classifier credirect behavior bredirect

[RouterA-policy-predirect] quit

[RouterA] interface GigabitEthernet1/0/0

[RouterA-GigabitEthernet1/0/0] ip address 10.181.20.1 255.255.255.0

[RouterA-GigabitEthernet1/0/0] quit

[RouterA] interface GigabitEthernet2/0/0

[RouterA-GigabitEthernet2/0/0] ip address 10.181.10.1 255.255.255.0

[RouterA-GigabitEthernet2/0/0] quit

[RouterA] interface GigabitEthernet3/0/0

[RouterA-GigabitEthernet3/0/0] ip address 10.0.2.1 255.255.255.0

[RouterA-GigabitEthernet3/0/0] traffic-policy predirect inbound //從10.0.2.0/24到10.0.0.0/24的流量重定向到RouterB上

[RouterA-GigabitEthernet3/0/0] quit

[RouterA] ospf 1 //配置OSPF路由協定

[RouterA-ospf-1] area 0.0.0.0

[RouterA-ospf-1-area-0.0.0.0] network 10.0.2.0 0.0.0.255

[RouterA-ospf-1-area-0.0.0.0] network 10.181.20.0 0.0.0.255

[RouterA-ospf-1-area-0.0.0.0] network 10.191.10.0 0.0.0.255

[RouterA-ospf-1-area-0.0.0.0] quit

RouterB的配置檔案如下：

[RouterB] interface GigabitEthernet1/0/0

[RouterB-GigabitEthernet1/0/0] ip address 10.181.10.2 255.255.255.0

[RouterB-GigabitEthernet1/0/0] quit

[RouterB] interface GigabitEthernet2/0/0

[RouterB-GigabitEthernet2/0/0] ip address 10.184.10.1 255.255.255.0

[RouterB-GigabitEthernet2/0/0] quit

[RouterB] ospf 1 //配置OSPF路由協定

[RouterB-ospf-1] area 0.0.0.0

[RouterB-ospf-1-area-0.0.0.0] network 10.181.10.0 0.0.0.255

[RouterB-ospf-1-area-0.0.0.0] network 10.184.10.0 0.0.0.255

[RouterB-ospf-1-area-0.0.0.0] quit

RouterC的配置檔案如下：

[RouterC] interface GigabitEthernet1/0/0

[RouterC-GigabitEthernet1/0/0] ip address 10.181.20.2 255.255.255.0

[RouterC-GigabitEthernet1/0/0] quit

[RouterC] interface GigabitEthernet2/0/0

[RouterC-GigabitEthernet2/0/0] ip address 10.184.10.2 255.255.255.0

[RouterC-GigabitEthernet2/0/0] quit

[RouterC] ospf 1 //配置OSPF路由協定

[RouterC-ospf-1] area 0.0.0.0

[RouterC-ospf-1-area-0.0.0.0] network 10.181.20.0 0.0.0.255

[RouterC-ospf-1-area-0.0.0.0] network 10.184.10.0 0.0.0.255

[RouterC-ospf-1-area-0.0.0.0] network 10.0.0.0 0.0.0.255

[RouterC-ospf-1-area-0.0.0.0] quit

​