DynagenでCCIEを目指す
20100423 OSPF エリア間のフィルタ
最終更新:
it_certification
-
view
目的
- OSPFのエリア間で、経路をフィルタする方法を確認します。
構成
- 設定概要
- OSPFによってルーティングします。
- 構成図
- netファイル
ghostios = True sparsemem = True model = 3620 [localhost] [[3620]] image = C:\Program Files\Dynamips\images\c3620-j1s3-mz.123-18.bin ram = 256 [[ROUTER R1]] e0/0 = R2 e0/1 [[ROUTER R2]] e0/0 = R3 e0/1 [[ROUTER R3]]
- 初期設定 R1
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Ethernet0/0 ip address 192.168.12.1 255.255.255.0 full-duplex ! interface Ethernet0/1 ip address 192.168.10.1 255.255.255.0 full-duplex no keepalive ! interface Ethernet0/2 no ip address shutdown half-duplex ! interface Ethernet0/3 no ip address shutdown half-duplex ! router ospf 1 log-adjacency-changes redistribute connected network 192.168.10.0 0.0.0.255 area 0 network 192.168.12.0 0.0.0.255 area 0 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 login ! ! end
- 初期設定 R2
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Ethernet0/0 ip address 192.168.23.2 255.255.255.0 full-duplex ! interface Ethernet0/1 ip address 192.168.12.2 255.255.255.0 full-duplex ! interface Ethernet0/2 no ip address shutdown half-duplex ! interface Ethernet0/3 no ip address shutdown half-duplex ! router ospf 1 log-adjacency-changes redistribute connected network 192.168.12.0 0.0.0.255 area 0 network 192.168.23.0 0.0.0.255 area 1 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 login ! ! end
- 初期設定 R3
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Ethernet0/0 ip address 10.0.10.3 255.255.255.0 full-duplex no keepalive ! interface Ethernet0/1 ip address 192.168.23.3 255.255.255.0 full-duplex ! interface Ethernet0/2 ip address 10.0.12.3 255.255.255.0 full-duplex no keepalive ! interface Ethernet0/3 ip address 10.0.13.3 255.255.255.0 full-duplex no keepalive ! router ospf 1 log-adjacency-changes redistribute connected network 10.0.10.0 0.0.0.255 area 1 network 10.0.12.0 0.0.0.255 area 1 network 10.0.13.0 0.0.0.255 area 1 network 192.168.23.0 0.0.0.255 area 1 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 login ! ! end
検証1 事前設定の確認
- ルーティングテーブルの確認
R1のルーティングテーブルを確認します。
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Ethernet0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 192.168.10.0/24 is directly connected, Ethernet0/1
10.0.0.0/24 is subnetted, 3 subnets
O IA 10.0.10.0 [110/30] via 192.168.12.2, 00:00:45, Ethernet0/0
O IA 10.0.12.0 [110/30] via 192.168.12.2, 00:00:26, Ethernet0/0
O IA 10.0.13.0 [110/30] via 192.168.12.2, 00:00:06, Ethernet0/0
O IA 192.168.23.0/24 [110/20] via 192.168.12.2, 00:03:59, Ethernet0/0
R1#
検証2 経路のフィルタ
- フィルタの設定
Area 1からArea 0へ経路を通知する際、10.0.10.0/24のみをArea 0に通知しないようにします。
R2(config)#ip prefix-list area1outbound seq 10 deny 10.0.10.0/24 R2(config)#ip prefix-list area1outbound seq 20 permit 0.0.0.0/0 le 32 R2(config)#router ospf 1 R2(config-router)#area 1 filter-list prefix area1outbound out
- ルーティングテーブルの確認
R1のルーティングテーブルから10.0.10.0/24が消えている事が確認できます。
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, Ethernet0/0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 192.168.10.0/24 is directly connected, Ethernet0/1
10.0.0.0/24 is subnetted, 2 subnets <- 10.0.10.0/24が見当たらない
O IA 10.0.12.0 [110/30] via 192.168.12.2, 00:05:12, Ethernet0/0
O IA 10.0.13.0 [110/30] via 192.168.12.2, 00:05:12, Ethernet0/0
O IA 192.168.23.0/24 [110/20] via 192.168.12.2, 00:05:12, Ethernet0/0
R1#
添付ファイル
