1.用distribute-list过滤路由在不同协议里的用法
　　在RIP里
　　在EIGRP里
　　在OSPF里
　　只接收奇数路由
　　只接收偶数路由
　　只接收被4整除的路由
2.offset-list在不同协议里的用法
　　在RIP里
　　在EIGRP里
3.OSPF过滤区域间的LSA
4.多种协议之间的重分布
5.双点双向重分布
　　解决重分布引起的次优路径问题
　　解决重分布引起的路由环路问题
6.策略路由PBR
　　基于包大小的PBR
　　基于应用的PBR
　　PBR跟踪远程地址的可达性
7.DHCP
　　基本DHCP配置
　　DHCP中继服务
8.访问控制列表
　　基于时间的ACL
　　动态ACL
　　自反ACL

基本配置：
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
line vty 0 4
pass cisco
logg sync
exit
host

1. 在不同协议中用distribute-list过滤路由
-------------------------------------------------------------------------------------------

RIP：
-------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R2:
access-list 10 deny 33.1.1.0
access-list 10 permit any
router eigrp 1
distribute-list 10 out
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

在RIP和EIGRP中做过滤的时候，IN方向和OUT都是可以过滤的。但是在OSPF中不一样，OSPF只能在IN方向。

OSPF:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 11.1.1.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0

R2:
access-list 10 deny 33.1.1.1
access-list 10 permit any
router ospf 1
distribute-list 10 in
exit

end
show ip route ospf
conf

R1:
end
show ip route ospf
conf

只接收奇数路由：
--------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.0.1 255.255.255.0
no shut
exit
int l1
ip add 22.1.1.1 255.255.255.0
no shut
exit
int l2
ip add 22.1.2.1 255.255.255.0
no shut
exit
int l3
ip add 22.1.3.1 255.255.255.0
no shut
exit
int l4
ip add 22.1.4.1 255.255.255.0
no shut
exit
int l5
ip add 22.1.5.1 255.255.255.0
no shut
exit
int l6
ip add 22.1.6.1 255.255.255.0
no shut
exit
int l7
ip add 22.1.7.1 255.255.255.0
no shut
exit
int l8
ip add 22.1.8.1 255.255.255.0
no shut
exit
int l9
ip add 22.1.9.1 255.255.255.0
no shut
exit
int l10
ip add 22.1.10.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
exit

R1:
access-list 10 permit 22.1.1.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收偶数路由
-----------------------------------------------------------
R1：
access-list 10 permit 22.1.0.0 0.0.254.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

只接收被4整除路由
-----------------------------------------------------------
R1：
access-list 10 permit 22.1.0.0 0.0.252.0
router rip
distribute-list 10 in
exit

end
clear ip route *
show ip route rip
conf t

no access-list 10
router rip
no distribute-list 10 in
exit

2. offset-list在不同协议中的用法
---------------------------------------------------------------------------------------
RIP：
----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 11.0.0.0
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 22.0.0.0
network 23.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
exit

R1:
end
clear ip route *
show ip route rip
conf t

access-list 10 permit 33.1.1.0
router rip
offset-list 10 in 3
exit

end
clear ip route *
show ip route rip
conf t

EIGRP:
-----------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 12.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

R2:
access-list 10 permit 33.1.1.0
router eigrp 1
offset-list 10 out 280
exit

R1:
end
clear ip route *
show ip route eigrp
conf t

3. OSPF过滤区域间LSA
----------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 11.1.1.0 0.0.0.255 area 0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit

router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 1
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 1
network 33.1.1.0 0.0.0.255 area 1
exit

--------------------------------------------------
R1:
end
show ip route ospf
conf t

R2:
ip prefix-list YESLAB deny 33.1.1.1/32
ip prefix-list YESLAB permit 0.0.0.0/0 le 32
router ospf 1
area 1 filter-list prefix YESLAB out
exit

R1:
end
show ip route ospf
conf t

4. 多种协议之间的重分布
---------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary

network 12.0.0.0
network 11.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

router ospf 1
router-id 22.1.1.1
network 22.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
no shut
exit

router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
network 33.1.1.0 0.0.0.255 area 0
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
exit

R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
no shut
exit

router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
--------------------------------------------------
R2:
router rip
redistribute ospf 1 metric 5
exit

router ospf 1
redistribute rip subnets
exit

R3:
router eigrp 1
redistribute ospf 1 metric 100000 100 255 1 1500
exit

router ospf 1
reditribute eigrp 1 subnets
exit

5. 双点双向重分布
-----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 1.1.12.1 255.255.255.0
no shut
exit
int f1/0
ip add 1.1.14.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R2:
int f1/0
ip add 1.1.12.2 255.255.255.0
no shut
exit
int f0/0
ip add 1.1.23.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

R3:
int f0/0
ip add 1.1.23.3 255.255.255.0
no shut
exit
int f1/0
ip add 2.1.35.3 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 33.1.1.1
network 2.1.35.0 0.0.0.255 area 0
exit

R4:
int f0/0
ip add 1.1.14.4 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 1.0.0.0
exit

router ospf 1
router-id 44.1.1.1
network 2.1.45.0 0.0.0.255 area 0
exit

R5:
int f0/0
ip add 2.1.35.5 255.255.255.0
no shut
exit
int s1/0
ip add 2.1.45.5 255.255.255.0
no shut
exit

router ospf 1
router-id 55.1.1.1
network 2.1.0.0 0.0.255.255 area 0
exit

-------------------------------------------------------
R3:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

R4:
router rip
redistribute ospf 1 metric 5
exit
router ospf 1
redistribute rip subnets
exit

解决重分布引起的次优路径问题
--------------------------------------------------------
R3:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.23.2 0.0.0.0 10
exit

R4:
access-list 10 permit 1.0.0.0 0.255.255.255
router rip
distance 100 1.1.14.1 0.0.0.0 10
exit

解决重分布引起的路由环路问题
-------------------------------------------------------
R3:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map ospf2rip deny 10
match tag 100
exit
route-map rip2ospf deny 10
match tag 200
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R4:
route-map rip2ospf permit 20
set tag 100
exit
route-map ospf2rip permit 20
set tag 200
exit

route-map rip2ospf deny 10
match tag 200
exit
route-map ospf2rip deny 10
match tag 100
exit

router rip
redistribute ospf 1 metric 5 route-map ospf2rip
exit
router ospf 1
redistribute rip subnets route-map rip2ospf
exit

R5:
end
shwo ip route 1.1.12.0
conf t

R1:
end
show ip route 2.1.45.0
conf t

6. 策略路由PBR
----------------------------------------------------------------------------------

------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
exit

R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int f2/0
ip add 24.1.1.2 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 12.0.0.0
network 23.0.0.0
network 24.0.0.0
exit

R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit

router rip
version 2
no auto-summary
network 23.0.0.0
network 33.0.0.0
network 34.0.0.0
exit

R4:
int f0/0
ip add 24.1.1.4 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.4 255.255.255.0
no shut
exit

router rip
version 2
no auto-summary
network 24.0.0.0
network 34.0.0.0
exit

--------------------------------------------------
R2:
access-list 10 permit 12.1.1.0 0.0.0.255
route-map R1-R3
match ip add 10
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map R1-R3
exit

R1:
end
traceroute 33.1.1.1
conf t

R2:
no access-list 10 permit 12.1.1.0 0.0.0.255
no route-map R1-R3
int f0/0
no ip policy route-map R1-R3
exit

基于包大小的PBR
----------------------------------------------------------------
R2:
route-map PBR permit 10
match length 1000 1500
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
ping

R2:
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit

基于应用的PBR
----------------------------------------------------------------
R2：
ip access-list extended TELNET
permit tcp any any
exit
route-map PBR permit 10
match ip add TELNET
set ip next-hop 24.1.1.4
exit
int f0/0
ip policy route-map PBR
exit

end
debug ip policy
conf t

R1:
end
telnet 33.1.1.1
ping 33.1.1.1

conf t

R2:
no ip access-list extended TELNET
no route-map PBR permit 10
int f0/0
no ip policy route-map PBR
exit