Notes on the ninth day

Redistribute Technology

Default RIP and OSPF If the agreement is reissued at two points , Because of their different priorities , So the first one ASBR After the re release of the device , Will affect other ASBR Routing table of the device . So that the route may be returned to the source protocol , Routing feedback occurs ---A Reroute protocol to B After the agreement , It was republished back A agreement . Routing feedback may lead to poor routing and even the emergence of routing loops .

Huawei equipment in order to eliminate the phenomenon of routing feedback , He will be OSPF The priority of internally generated routes is defined as 10, The default priority of routes imported outside the domain is defined as 150（150 The priority of is higher than that of all Huawei systems IGP Default priority of the protocol ）. In this way, route feedback is eliminated .

Due to the seed measurement problem of republishing technology, it will inevitably lead to poor routing . We can only rely on routing strategy to interfere with routing .

Control layer flow ： The routing protocol transmits the traffic generated by the routing information .

Data layer traffic ： Data traffic generated when the device accesses the target network segment .

Routing strategy ： In the process of controlling the flow of the layer , Intercept flow , Then modify the traffic and forward it or not , Final   Realize the generation of impact routing table , The effect of interference in route selection .

1、 Grab traffic ：

（1）ACL list --- because ACL The list itself is designed to capture data layer traffic , therefore , Because of the existence of wildcards, it can flexibly match digital features , however , There's no way to match Mask characteristics in routing information . therefore , He is not good at capturing the traffic of the control layer .

（2）IP-prefix--- The prefix list

[r1]ip ip-prefix aa（ Name of the custom prefix list ）permit（ Allow and deny , Only crawl traffic can be selected permit）192.168.1.0 24--- Capture the information of the target network in the control layer traffic .

[r1]display ip ip-prefix aa--- View prefix list information

Matching rules for prefix list ： From top to bottom , One by one matching , Once matched, the action will be executed according to the corresponding rules , Don't match down any more . The end implicitly rejects all rules .

The rule in the prefix list defaults to 10 Automatically add a sequence number to the step , Easy to insert and delete rules .

[r1]ip ip-prefix aa index 15 permit 192.168.3.0 24--- Insert rules according to serial number .

[r1]undo ip ip prefix aa index 15--- Delete the rule in the prefix list

[r1]ip ip-prefix aa permit192.168.3.0 24 less-equal 28--- Crawl mask length is 24-28 Between .

[r1]ip ip-prefix aa permit192.168.4.0 24 greater-equal 28--- After the current contradiction , The latter will prevail , Ahead 24 Become former 24 Bits are fixed , The matching mask length is greater than or equal to 28 Routing information for .

[r1]ip ip-prefix aa permit 192.168.5.0 24 greater-equal 28 less-equal 30--- front 24 Bit fixation , The matching mask length is 28-30 Network segment information .

[r1]ip ip-prefix aa permit 192.168.6.0 24 greater-equal 28 less-equal 28--- front 24 Bit fixation , The matching mask length is 28 Bit network segment information .

[r1]ip ip-prefix aa permit 0.0.0.0 0 greater-equal 32--- Match all host routes .

[r1]ip ip-prefix aa permit 0.0.0.0 0--- Match the default

[r1]ip ip-prefix aa permit 0.0.0.0 0 less-equal 32

2、 Routing strategy

（1）RIP Of merticin and merticout--- Offset list --- Only for distance vector protocol design and Application .

① Grab traffic

[r1]ip ip-prefix aa permit 23.0.0.0 24

② Call... On the interface

[r1-GigabitEthernet0/0/1]rip metricin ip-orefix aa 10

（2）filter-policy--- Filtering strategy

① Grab traffic

[r1]ip ip-prefix bb deny 34.0.0.0 24

[r1]ip ip-prefix bb permit 0.0.0.0 0 less-equal 32

② Called in the process

[r1-rip-1]filter-policy ip-prefix bb import GigabitEthernet0/0/0

Be careful ： The filtering strategy itself can be used in OSPF Used in , however , stay OSPF When used in the area , Because topology information is transmitted inside the region , therefore , Cannot call in the outgoing direction , Can only be called in the incoming direction , Influence yourself , Nor does it mean that LSA Information filtering out , Only filter the routing information when adding tables , Don't let it add a watch . When routing information is transferred between regions, you can call out of the direction .

3、route-policy--- Routing strategy

（1） Grab traffic

[r2-acl-basic-2000]rule permit source 1.1.1.0 0

[r2-acl-basic-2000]rule permit source 2.2.2.0 0

[r2]ip ip-prefix aa permit 3.3.3.0 24

[r2]ip ip-prefix bb permit 4.4.4.0 24

（2） Configure routing policies

[r2]route-policy aa deny node 10

Info:New Sequence of this List

[r2-route-policy]if-match acl 2000

[r2]route-policy aa permit node 20

Info:New Sequence of this List

[r2-route-policy]if-match acl 2001

[r2-route-policy]apply cost 10

[r2]route-policy aa permit node 30

[r2-route-policy]if-match ip-prefix aa

[r2-route-policy]apply cost-type type-1

[r2]route-policy aa permit node 40

Info:New Sequence of this List

[r2-route-policy]if-match ip-prefix bb

[r2-route-policy]apply cost-type type-1

[r2-route-policy]apply tag 666

Be careful ： In a rule , If there are multiple apply perhaps if-match, Then these needs are met at the same time , Satisfy “ And ” Relationship .

[r2]route-policy aa permit node 50--- Allow all

① No, if-match--- Match all

② No, apply--- Just follow the big action

（3） Call the routing policy during republishing

[r2-ospf-1]import-route rip route-policy aa

Matching rules of routing policy ： From top to bottom , One by one matching , Once matched, the action will be executed according to the corresponding rules , Don't match down any more . The end implicitly rejects all rules .

4、ROUTE-POLICY Configuration Guide for

（1） Even if a traffic needs to be rejected , When capturing traffic , Permission must also be used , Then reject in the routing policy .

（2） In one rule , If there is no flow matching , Then it means that all ; If there is no APPLY（ Little affectations ）, Only follow the big action . therefore , The big action is allowed, and the empty table means that all .