H3C策略路由

1.实验原理：

在RT2上使用策略路由，根据源地址的不同分别指向不同的下一跳

2.实验拓扑：

3.实验配置：

RT1:             
[RT1]int lo 0
[RT1-LoopBack0]ip add 10.1.0.1 24 
[RT1-LoopBack0]int lo 1
[RT1-LoopBack1]ip add 10.2.0.1 24
[RT1-LoopBack1]int g0/0/0
[RT1-GigabitEthernet0/0/0]ip add 10.3.0.1 24
[RT1-GigabitEthernet0/0/0]qu
[RT1]ip route 0.0.0.0 0.0.0.0 10.3.0.2
//
RT2：
[RT2]int g0/0/0
[RT2-GigabitEthernet0/0/0]ip add 10.3.0.2 24
[RT2-GigabitEthernet0/0/0]int g0/0/1
[RT2-GigabitEthernet0/0/1]ip add 10.4.0.1 24
[RT2-GigabitEthernet0/0/1]int g0/0/2
[RT2-GigabitEthernet0/0/2]ip add 20.5.0.1 24
[RT2-GigabitEthernet0/0/2]qu      
[RT2]acl num 2001                                   //这里用访问控制链表来匹配IP地址
[RT2-acl-basic-2001]rule 0 permit source 10.1.0.0 0.0.0.255
[RT2-acl-basic-2001]acl num 2002 
[RT2-acl-basic-2002]rule 0 per s 10.2.0.0 0.0.0.255
[RT2-acl-basic-2002]qu
[RT2]policy-based-route isp permit node 1          //这里定义策略路由
[RT2-pbr-isp-1]if-match acl 2001                   //这里应用访问控制链表
[RT2-pbr-isp-1]apply ip-address next-hop 10.4.0.2 
[RT2-pbr-isp-1]qu
[RT2]policy-based-route isp node 2
[RT2-pbr-isp-2]if-match acl 2002
[RT2-pbr-isp-2]apply ip-address next-hop 10.5.0.2 
[RT2-pbr-isp-2]qu
[RT2]int g0/0/0
[RT2-GigabitEthernet0/0/0]ip policy-based-route isp  //把策略应用到接口
[RT2]ip route 0.0.0.0 0.0.0.0 10.3.0.1
//
RT3：
[RT3]int g0/0/0
[RT3-GigabitEthernet0/0/0]ip add 10.4.0.2 24
[RT3-GigabitEthernet0/0/0]int lo 0
[RT3-LoopBack0]ip add 10.6.0.1 24
[RT3]ip route 0.0.0.0 0.0.0.0 10.4.0.1
///
RT4：
[RT4]int g0/0/0
[RT4-GigabitEthernet0/0/0]ip ad 10.5.0.2 24
[RT4-GigabitEthernet0/0/0]int lo 0
[RT4-LoopBack0]ip add 10.7.0.1 24
[RT4-LoopBack0]qu
[RT4]ip route 0.0.0.0 0.0.0.0 10.5.0.1
           

4.实验结果：

RT1：
[RT1]ping -a 10.1.0.1 10.6.0.1                             //这里要用扩展ping命令
  PING 10.6.0.1: 56  data bytes, press CTRL_C to break
    Reply from 10.6.0.1: bytes=56 Sequence=1 ttl=254 time=1 ms
    Reply from 10.6.0.1: bytes=56 Sequence=2 ttl=254 time=26 ms
    Reply from 10.6.0.1: bytes=56 Sequence=3 ttl=254 time=16 ms
    Reply from 10.6.0.1: bytes=56 Sequence=4 ttl=254 time=1 ms
    Request time out
[RT1]ping -a 10.1.0.1 10.7.0.1
  PING 10.7.0.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out
    Request time out
[RT1]ping -a 10.2.0.1 10.6.0.1
  PING 10.6.0.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out
    Request time out
[RT1]ping -a 10.2.0.1 10.7.0.1
  PING 10.7.0.1: 56  data bytes, press CTRL_C to break
    Request time out
    Reply from 10.7.0.1: bytes=56 Sequence=2 ttl=254 time=5 ms
    Reply from 10.7.0.1: bytes=56 Sequence=3 ttl=254 time=4 ms
    Reply from 10.7.0.1: bytes=56 Sequence=4 ttl=254 time=5 ms
    Reply from 10.7.0.1: bytes=56 Sequence=5 ttl=254 time=1 ms