Professional Documents
Culture Documents
05 IP - FC3027 - E01 - 1-ZXR10 M6000 Routing Policy and Policy Routing Configuration (V2.00.20) - 44p
05 IP - FC3027 - E01 - 1-ZXR10 M6000 Routing Policy and Policy Routing Configuration (V2.00.20) - 44p
Routing
(ZXR10 M6000 V2.00.20)
V2.0
Objectives
2
Contents
3
What is Routing Policy?
Problem One:
Router B needs to filter routes distributed
AS100 by Router A, only receiving routes
Lo0:30.1.1.1/3
2 20.1.1.1/32 and shielding routes
Lo1:20.1.1.1/3
30.1.1.1/32
2
10.1.1.1/3
A
A
20.1.1.1/3
Problem Two:
0 0
Router A only distributes AS100 routes to
router B and other routing entries will be
10.1.1.2/3 20.1.1.2/3 shielded for security reason.
0 0
Problem Three:
B Router B needs to firstly choose
B
AS200 10.1.1.0/30 link to AS100.
Routing Policy
7
How to Define Routing Policy (1)
n Route-Map
l It mainly consists of clauses Match and Set and conducts setting
according to matching conditions
n Access Control List
l It is used to configure matching conditions
n Prefix-List
l It functions like ACL, used to configure matching conditions. It can
both be used individually and used together with route map and
Area Filter-List.
n As-Path Access-List
l It is only used for BGP protocol to filter routes according to AS path
information and it is used together with route map.
n Community-List
l It is only used for BGP protocol to filter routes according to Community List
and it is used together with route map.
Result:
Redistribution succeeds. The static route
pointing to 1.1.1.1 is redistributed to OSPF routing
table and Metric value is set to 300.
ZXR10(config)#ipv4-access-list 1
ZXR10(config-ipv4-acl)#rule 1 permit 1.1.1.1 0.0.0.0
ZXR10(config-ipv4-acl)#exit
ZXR10(config)#route-map redistribute deny 10
ZXR10(config-route-map)#match ip address 1
ZXR10(config-route-map)# set ip metric 120
ZXR10(config)# router ospf 100
ZXR10(config-ospfv2)# redistribute static route-map redistribute
Result:
static route pointing to 1.1.1.1 can not be redistributed
——How about the other static routes?
ZXR10(config)#ipv4-access-list 1
ZXR10(config-ipv4-acl)#rule 1 deny 1.1.1.1 0.0.0.0
ZXR10(config-ipv4-acl)#rule 2 permit any
ZXR10(config-ipv4-acl)#exit
ZXR10(config)#route-map redistribute deny 10
ZXR10(config-route-map)#match ip address 1
ZXR10(config-route-map)#set ip metric 300
ZXR10(config)#route-map redistribute permit 20
ZXR10(config)#router ospf 100
ZXR10(config-ospfv2)# redistribute static route-map redistribute
Result:
The static route pointing to 1.1.1.1 is redistributed to OSPF routing
table and Metric value is the default value. Other static routes cannot be
redistributed.
Character Meaning
$ Ending of Input String
. Any Character
_ Beginning and Ending of A String
^ Beginning of Input String
Expression Meaning
^$ Route not passing through any AS-Path, i.e. originate locally
^100$ Only indicate route that originates from AS100 and not
passes through any other AS
n Filter Application:
Note: router ospf 100
Filter command can only filter type 5 and type 7 LSAs and do no
functionfilter 5.5.5.5
to other 255.255.255.255
types 10
of LSAs. Filter command here controls whether
to import an OSPF route into routing table and can not control the
//only permit 5.5.5.5 routes to be imported into routing table,
learning of external LSAs, i.e. Filter command will not effect LSA
learning inchange the priority to 10 and deny all the other routes.
OSPF database.
© ZTE All rights reserved 23
OSPF Area Filter-List
n Definition of OSPF Area Filter-List
l area <area-id> filter-list prefix <prefix-list> {out | in }
1.in/out: filter networks sent to/from this area
2.It only functions on type 3 LSA, Prefix defines the permit/deny action,
and the default value of Prefix is Deny All.
3.It is only used on ABR.
n Instance of OSPF Area Filter-List
ip prefix-list test seq 1 deny 20.20.20.0 24
ip prefix-list test seq 2 permit 0.0.0.0 0 le 32
router ospf 1
area 0.0.0.0 filter-list prefix test out
//Do not distribute type 3 LSA of 20.20.20.0/24 of Area0 to other
areas
Question: If not configure ip prefix-list test seq 2 permit 0.0.0.0 0, what the result will
be?
25
Routing Policy Application Instance I (1)
AS100 AS200
10.1.1.1/3 10.1.1.2/3
AA 0 0 BB
Lo1:20.1.1.1/3
2
Lo2:30.1.1.1/3
2
//Configure Route-Map
ipv4-access-list 10
rule 1 permit 20.1.1.1 0.0.0.0
route-map test permit 3
match ip address 10
Lo0:30.1.1.1/32
AS100
10.1.1.1/30 A
A 20.1.1.1/30
10.1.1.2/30 20.1.1.2/30
B
B
//Configure Route-Map
route-map higher-pref permit 10
set local preference 200
route-map lower-pref permit 10
set local preference 100
AREA 0
Lo1:20.1.1.1/32
Lo2:30.1.1.1/32 A BB
40.1.1.1/30 40.1.1.2/30
Configuration of Router B:
router ospf 200
network 40.1.1.0 0.0.0.3 area 0
filter 30.1.1.1 255.255.255.255 110
Note:
We can view 20.1.1.1/32 and 30.1.1.1/32 related link
state information in LSDB of Router B. After enabling
command Filter, 20.1.1.1/32 will be forbidden to be
imported to routing table.
33
Demands
ISP1 ISP2
212.0.1.1/30 A 200.30.10.1/30
Gei-0/1/1/1
B 222.1.0.0/24
B
202.102.11.0/24
Users in 202.102.11.0/24 belong to ISP1 and their addresses are assigned by ISP1;
Users in 222.1.0.0/24 belong to ISP2 and their addresses are assigned by ISP2;
Demands:
Users of ISP1 access Internet via egress of ISP1;
Users of ISP2 access Internet via egress of ISP2.
© ZTE All rights reserved 34
Demands--Solution
ISP1 ISP2
212.0.1.1/30 A 200.30.10.1/30
Gei-
0/1/1/1
B 222.1.0.0/24
B
202.102.11.0/24
Solution——Designate egress manually according to source address of
user: designate specific route for specific packet forwarding via policy
routing
n Common Routing
l Look up routing table according to destination address of IP packet for
forwarding
n Policy Routing
l Perform routing for packet forwarding according to policy routing rather than
looking up routing table
n Routing Policy
l It’s a method to control routing information
37
Configuration Steps of Policy Routing
39
Policy Routing Instance (1)
ISP1 ISP2
212.0.1.1/30 A 200.30.10.1/30
Gei-0/1/1/1
B 222.1.0.0/24
B
202.102.11.0/24
Router A is connected with two ISPs, where 202.102.11.0/24
is assigned by ISP1 and 222.1.0.0/24 is assigned by ISP2; ISP1
is interconnected with Router A via address 212.0.1.1 and
ISP2 is interconnected with Router A via address 200.30.10.1.