Справочник по настройке сетевого оборудования Cisco. Александр Владимирович Меньшуткин
Чтение книги онлайн.

Читать онлайн книгу Справочник по настройке сетевого оборудования Cisco - Александр Владимирович Меньшуткин страница 26

СКАЧАТЬ 10.0.10.1/32 [90/435200] via 10.0.24.2, 00:00:32, FastEthernet0/1

      D 10.0.12.0/24 [90/307200] via 10.0.24.2, 00:21:22, FastEthernet0/1

      D 10.0.13.0/24 [90/307200] via 10.0.34.3, 00:21:22, FastEthernet0/0

      D 10.2.2.2/32 [90/409600] via 10.0.24.2, 00:21:22, FastEthernet0/1

      D 10.3.3.3/32 [90/409600] via 10.0.34.3, 00:21:29, FastEthernet0/0

      D 10.1.1.1/32 [90/435200] via 10.0.34.3, 00:21:22, FastEthernet0/0

      [90/435200] via 10.0.24.2, 00:21:22, FastEthernet0/1

      D 10.0.100.1/32 [90/435200] via 10.0.24.2, 00:00:32, FastEthernet0/1

      EIGRP фильтрация с расширенным листом доступа (Filtering with Extended ACL)

      Схема аналогична.

      Для начало смотрим как приходят данные сети:

      r4#show ip route eigrp

      10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks

      D 10.0.10.1/32 [90/435200] via 10.0.34.3, 00:00:30, FastEthernet0/0

      [90/435200] via 10.0.24.2, 00:00:30, FastEthernet0/1

      D 10.0.12.0/24 [90/307200] via 10.0.24.2, 00:24:23, FastEthernet0/1

      D 10.0.13.0/24 [90/307200] via 10.0.34.3, 00:24:23, FastEthernet0/0

      D 10.2.2.2/32 [90/409600] via 10.0.24.2, 00:24:23, FastEthernet0/1

      D 10.3.3.3/32 [90/409600] via 10.0.34.3, 00:24:30, FastEthernet0/0

      D 10.1.1.1/32 [90/435200] via 10.0.34.3, 00:24:23, FastEthernet0/0

      [90/435200] via 10.0.24.2, 00:24:23, FastEthernet0/1

      D 10.0.100.1/32 [90/435200] via 10.0.34.3, 00:00:30, FastEthernet0/0

      [90/435200] via 10.0.24.2, 00:00:30, FastEthernet0/1

      Создаем и применяем расширенный лист доступа.

      r4(config)#access-list 100 deny ip host 10.0.10.1 host 10.4.4.4

      r4(config)#access-list 100 deny ip host 10.0.100.1 host 10.4.4.4

      r4(config)#access-list 100 permit ip any any

      r4(config)#router eigrp 1

      r4(config-router)#distribute-list 100 in FastEthernet 0/0

      И получаем нужный нам результат.

      r4#show ip route eigrp

      10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks

      D 10.0.10.1/32 [90/435200] via 10.0.24.2, 00:01:17, FastEthernet0/1

      D 10.0.12.0/24 [90/307200] via 10.0.24.2, 00:01:17, FastEthernet0/1

      D 10.0.13.0/24 [90/332800] via 10.0.24.2, 00:01:17, FastEthernet0/1

      D 10.2.2.2/32 [90/409600] via 10.0.24.2, 00:04:09, FastEthernet0/1

      D 10.3.3.3/32 [90/460800] via 10.0.24.2, 00:01:17, FastEthernet0/1

      D 10.1.1.1/32 [90/435200] via 10.0.24.2, 00:01:17, FastEthernet0/1

      D 10.0.100.1/32 [90/435200] via 10.0.24.2, 00:01:17, FastEthernet0/1

      EIGRP

      фильтрация

      с

      префикс

      листом

      (Filtering with Prefix-List)

      В данном примере, мы запрещаем распространение адреса 10.4.4.4 и не пускаем на маршрутизатор r4 адрес 10.1.1.1.

      r4(config)#ip prefix-list r4_out seq 5 deny 10.4.4.4/32

      r4(config)#ip prefix-list r4_out seq 10 permit 0.0.0.0/0 le 32

      r4(config)# ip prefix-list r4_in seq 5 deny 10.1.1.1/32

      r4(config)# ip prefix-list r4_in seq 10 permit 0.0.0.0/0 le 32

      r4(config)#router eigrp 1

      r4(config-router)#distribute-list prefix r4_out out

      r4(config-router)#distribute-list prefix r4_in in

      В результате проверки, мы видим, что на маршрутизаторах r1 и r2 нет адреса 10.4.4.4, а адрес 10.1.1.1 присутствует на маршрутизаторе r2, а на r4 его нет.

      r1#show ip route eigrp

      10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks

      D 10.2.2.2/32 [90/409600] via 10.0.12.2, 01:16:56, FastEthernet0/0

      D 10.3.3.3/32 [90/409600] via 10.0.13.3, 01:15:17, FastEthernet0/1

      D 10.0.24.0/24 [90/307200] via 10.0.12.2, 00:43:44, FastEthernet0/0

      D 10.0.34.0/24 [90/307200] via 10.0.13.3, 00:43:44, FastEthernet0/1

      r2#show ip route eigrp

      10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks

      D 10.0.10.1/32 [90/409600] via 10.0.12.1, 00:46:20, FastEthernet0/0

      D 10.0.13.0/24 [90/307200] via 10.0.12.1, 00:26:53, FastEthernet0/0

      D 10.3.3.3/32 [90/435200] via 10.0.24.4, 00:26:53, FastEthernet0/1

      [90/435200] via 10.0.12.1, 00:26:53, FastEthernet0/0

      D 10.1.1.1/32 [90/409600] via 10.0.12.1, 01:18:16, FastEthernet0/0

      D 10.0.34.0/24 [90/307200] via 10.0.24.4, 00:48:05, FastEthernet0/1

      D 10.0.100.1/32 [90/409600] via 10.0.12.1, 00:46:14, FastEthernet0/0

      r4#show ip route eigrp

      10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks

      D 10.0.10.1/32 [90/435200] via 10.0.34.3, 00:30:33, FastEthernet0/0

      [90/435200] via 10.0.24.2, 00:30:33, FastEthernet0/1

      D 10.0.12.0/24 [90/307200] via 10.0.24.2, 00:30:33, FastEthernet0/1

      D 10.0.13.0/24 [90/307200] via 10.0.34.3, 00:30:33, FastEthernet0/0

      D СКАЧАТЬ