评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置基于重定向到MPLS-TE P2P隧道的策略路由示例
本举例介绍配置基于重定向到MPLS-TE P2P隧道的策略路由示例。
组网需求
如图6-1所示,在DeviceA上定义一条名为aaa的策略路由,所有从GE0/1/0接收的源地址为10.100.0.11/24的报文通过Tunnel30发送,从GE0/2/0接收的源地址为10.110.0.11/24的报文通过Tunnel40发送。其中,DeviceA分别和DeviceB、DeviceC直连。
本例中Interface1、Interface2分别代表GE0/1/0、GE0/2/0。
配置思路
基于源地址的策略路由配置思路如下:
配置DeviceA、DeviceB、DeviceC、DeviceD接口的IP地址。
分别配置DeviceB和DeviceC到DeviceD的路由。
定义ACL。
定义策略路由的规则和动作,在接口上使能策略路由。
操作步骤
- (略)配置DeviceA、DeviceB、DeviceC、DeviceD接口的IP地址。
- (略)分别配置DeviceB和DeviceC到DeviceD的路由。
- 配置DeviceA,定义ACL
# 定义访问控制列表,ACL 3001匹配源地址为10.100.0.11/24的报文,ACL 3002匹配源地址为10.110.0.11/24的报文。
<HUAWEI> system-view[~HUAWEI] sysname DeviceA
[*DeviceA] acl name a3001 number 3001
[*DeviceA-acl4-advance-3001] rule permit ip source 10.100.0.11 0.0.0.255
[*DeviceA-acl4-advance-3001] commit
[~DeviceA-acl4-advance-3001] quit
[*DeviceA] acl name a3002 number 3002
[*DeviceA-acl4-advance-3002] rule permit ip source 10.110.0.11 0.0.0.255
[*DeviceA-acl4-advance-3002] commit
[~DeviceA-acl4-advance-3002] quit
- 配置DeviceA,定义策略路由的规则和动作,在接口上使能策略路由
# 定义5号节点,使源地址为10.100.0.11/24的报文被发往Tunnel30。
[*DeviceA] policy-based-route aaa permit node 5
[*DeviceA-policy-based-route-aaa-5] if-match acl name a3001
[*DeviceA-policy-based-route-aaa-5] apply output-interface Tunnel30
[*DeviceA-policy-based-route-aaa-5] commit
[~DeviceA-policy-based-route-aaa-5] quit
# 定义10号节点,使源地址为10.110.0.11/24的报文被发往Tunnel40。
[*DeviceA] policy-based-route aaa permit node 10
[*DeviceA-policy-based-route-aaa-10] if-match acl name a3002
[*DeviceA-policy-based-route-aaa-10] apply output-interface Tunnel40
[*DeviceA-policy-based-route-aaa-10] commit
[~DeviceA-policy-based-route-aaa-10] quit
# 在GE0/1/0上应用定义的策略aaa,处理此接口接收的报文。
[*DeviceA] interface gigabitethernet 0/1/0
[*DeviceA-GigabitEthernet0/1/0] ip address 10.100.0.10 255.255.255.0
[*DeviceA-GigabitEthernet0/1/0] ip policy-based-route aaa
[*DeviceA-GigabitEthernet0/1/0] undo shutdown
[*DeviceA-GigabitEthernet0/1/0] commit
[~DeviceA-GigabitEthernet0/1/0] quit
# 在GE0/2/0上应用定义的策略aaa,处理此接口接收的报文。
[*DeviceA] interface gigabitethernet 0/2/0
[*DeviceA-GigabitEthernet0/2/0] ip address 10.110.0.10 255.255.255.0
[*DeviceA-GigabitEthernet0/2/0] ip policy-based-route aaa
[*DeviceA-GigabitEthernet0/2/0] undo shutdown
[*DeviceA-GigabitEthernet0/2/0] commit
[~DeviceA-GigabitEthernet0/2/0] quit
[*DeviceA] commit
[~DeviceA] quit
- 验证配置结果
执行命令display ip policy-based-route命令查看已使能的策略。
<DeviceA> display ip policy-based-routepolicy Name Interface
aaa GigabitEthernet0/1/0aaa GigabitEthernet0/2/0执行命令display policy-based-route命令查看已创建的策略内容。
<DeviceA> display policy-based-route-----------------------------------------------------
User Defined policy-based-route Policy Information:
-----------------------------------------------------
Total: 100 Used: 1 Free: 99
Policy: aaa
Node: 5 MapInstance: 5
if-match acl name a3001
apply output-interface Tunnel30
Node: 10 MapInstance: 10
if-match acl name a3002
apply output-interface Tunnel40
配置文件
DeviceA的配置文件
#
sysname DeviceA#
acl name a3001 number 3001
rule permit ip source 10.100.0.11 0.0.0.255
acl name a3002 number 3002
rule permit ip source 10.110.0.11 0.0.0.255
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.100.0.10 255.255.255.0
ip policy-based-route aaa
#
#
interface GigabitEthernet0/2/0undo shutdown
ip address 10.110.0.10 255.255.255.0
ip policy-based-route aaa
#
policy-based-route aaa permit node 5 map-instance 5
if-match acl name a3001
apply output-interface Tunnel30
policy-based-route aaa permit node 10 map-instance 10
if-match acl name a3002
apply output-interface Tunnel40
#
return
DeviceB的配置文件
#
sysname DeviceB#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.100.0.11 255.255.255.0
#
ip route-static 10.1.3.0 255.255.255.0 10.100.0.10
#
return
DeviceC的配置文件
#
sysname DeviceC#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.110.0.11 255.255.255.0
#
ip route-static 10.1.2.0 255.255.255.0 10.110.0.10
#
return
