Policy route is one of difficult topic of CCNP certification so please visit my video on youtube for 3/4 times "CCNP ROUTE POLICY ROUTE ".
LAB ON : POLICY ROUTING : Please go through it.
LAB ON : POLICY ROUTING : Please go through it.
!
hostname client1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip routing
no ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
ip address 192.168.1.10 255.255.255.0
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
no ip route-cache
shutdown
duplex auto
speed auto
!
ip default-gateway 192.168.1.100
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
---------------------------------------------------------------------------
!
hostname client2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip routing
no ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface FastEthernet0/0
ip address 192.168.1.20 255.255.255.0
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
no ip route-cache
shutdown
duplex auto
speed auto
!
ip default-gateway 192.168.1.100
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
-------------------------------------------------------------
!
hostname PBR
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip sla monitor 1
type echo protocol ipIcmpEcho 200.1.1.2
timeout 1000
frequency 3
ip sla monitor schedule 1 life forever start-time now
!
!
track 1 rtr 1 reachability
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.100 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 200.1.1.1 255.255.255.252
shutdown
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 200.1.2.1 255.255.255.252
clock rate 2000000
!
ip local policy route-map rat
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ip access-list extended c1
permit ip host 192.168.1.10 any
ip access-list extended c2
permit tcp host 192.168.1.20 any eq ftp
permit tcp host 192.168.1.20 any eq 22
permit tcp host 192.168.1.20 any eq telnet
permit tcp host 192.168.1.20 any eq www
permit tcp host 192.168.1.20 any eq 443
ip access-list extended rr
permit ip any any
!
!
route-map POL permit 10
match ip address c1
set ip next-hop 200.1.2.2
!
route-map POL permit 20
match ip address c2
set ip next-hop 200.1.1.2
!
route-map POL permit 2000
set ip next-hop 201.1.1.2
!
route-map rat permit 10
match ip address rr
set ip next-hop verify-availability 200.1.1.2 10 track 1
set ip next-hop 200.1.2.2
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
------------------------------------------------------
!
hostname ISP1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 200.1.1.2 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 200.1.1.1
!
!
no ip http server
no ip http secure-server
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
------------------------------------------------------------------
!
hostname ISP2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 200.1.2.2 255.255.255.252
clock rate 2000000
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 200.1.2.1
!
!
no ip http server
no ip http secure-server
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
No comments:
Post a Comment