用分發清單過濾掉路由更新，以達到路由篩選的目的

一、拓撲圖：

二、配置各路由器的IP和協定，然後在R2上做重分發。保證兩邊都能學到各自的路由，為了學到的全部都是明細路由，以展現實驗效果。我們把R2和R3的RIP V2都關閉自動彙總，

1、下面看一下R1的route:

R1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.168.0.0/24 is subnetted, 4 subnets

C       172.168.0.0 is directly connected, Loopback0

C       172.168.1.0 is directly connected, Loopback0

C       172.168.2.0 is directly connected, Loopback0

C       172.168.3.0 is directly connected, Loopback0

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.255.0 is directly connected, Serial1/1

O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:00:03, Serial1/1

O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:00:03, Serial1/1

O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:00:03, Serial1/1

O E2 192.168.2.0/24 [110/200] via 172.16.255.2, 00:00:03, Serial1/1

O E2 192.168.3.0/24 [110/200] via 172.16.255.2, 00:00:03, Serial1/1

2、再來看一下R3的路由表：

R3#show ip route

     172.168.0.0/16 is variably subnetted, 4 subnets, 2 masks

R       172.168.1.0/24 [120/10] via 192.168.255.2, 00:00:02, Serial1/0

R       172.168.0.1/32 [120/10] via 192.168.255.2, 00:00:02, Serial1/0

R       172.168.2.0/24 [120/10] via 192.168.255.2, 00:00:02, Serial1/0

R       172.168.3.0/24 [120/10] via 192.168.255.2, 00:00:02, Serial1/0

R       172.16.255.0 [120/10] via 192.168.255.2, 00:00:02, Serial1/0

C    192.168.255.0/24 is directly connected, Serial1/0

C    192.168.0.0/24 is directly connected, Loopback0

C    192.168.1.0/24 is directly connected, Loopback0

C    192.168.2.0/24 is directly connected, Loopback0

C    192.168.3.0/24 is directly connected, Loopback0

3、現在兩邊明細路由都有了，那麼現在我要用distribute的指令過濾特定路由條目。不過在這之前我們要建立通路控制清單。

4、在R2上distribute針對ospf區域的RIP發進來的路由，以過濾掉192.168.2.0/24和192.168.3.0/24的網絡：

R2(config)#access-list 1 deny 192.168.2.0 0.0.0.255

R2(config)#access-list 1 deny 192.168.3.0 0.0.0.255

R2(config)#access-list 1 permit any  (這一條一定要加上，不然的話會全部過濾掉RIP來的路由)

R2(config-router)# router ospf 1

R2(config-router)#distribute-list 1 out rip (對外部RIP路由進行distribute,引用通路控制清單1)

5、再來看一下R1的路由表：

R1#show ip route

O E2 192.168.255.0/24 [110/200] via 172.16.255.2, 00:01:31, Serial1/1

O E2 192.168.0.0/24 [110/200] via 172.16.255.2, 00:01:31, Serial1/1

O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:01:31, Serial1/1 (現在隻能學到這三條路由了,過濾掉了192.168.2.0和192.168.3.0這兩個網絡)

6、我們再在R2上distribute針對RIP區域的OSPF發進來的路由，以過濾掉172.168.0.0/24和172.168.1.0/24的網絡：

R2(config)#access-list 2 deny 172.168.0.0 0.0.0.255 (建立一個清單2對源位址的過濾)

R2(config)#access-list 2 deny 172.168.1.0 0.0.0.255 (建立一個清單2對源位址的過濾)

R2(config)#access-list 2 permit any  (切記不要忘了加這一條，不然所有路由都學不到)

R2(config-router)# router rip

R2(config-router)#distribute-list 2 out ospf 1(對外部ospf路由進行distribute,引用通路控制清單2)

7、下面我再來看一下R3的路由表：

     172.168.0.0/24 is subnetted, 2 subnets

R       172.168.2.0 [120/10] via 192.168.255.2, 00:00:01, Serial1/0 

R       172.168.3.0 [120/10] via 192.168.255.2, 00:00:01, Serial1/0  (隻有這兩條路由了)

R       172.16.255.0 [120/10] via 192.168.255.2, 00:00:01, Serial1/0

R3#

通過上面的圖示可以看到172.168.0.0/24和172.168.1.0/24的網絡已經被過濾掉了。

 本文轉自wxs-163 51CTO部落格，原文連結:http://blog.51cto.com/supercisco/253406