|
|
本帖最后由 闫辉 于 2021-4-9 12:02 编辑
定义:
策略路由PBR(Policy-Based Routing)是一种依据用户制定的策略进行路由选择的机制,分为本地策略路由、接口策略路由和智能策略路由SPR(Smart Policy Routing)。
说明:
· 策略路由与路由策略(Routing Policy)存在以下不同:
o 策略路由的操作对象是数据包,在路由表已经产生的情况下,不按照路由表进行转发,而是根据需要,依照某种策略改变数据包转发路径。
o 路由策略的操作对象是路由信息。路由策略主要实现了路由过滤和路由属性设置等功能,它通过改变路由属性(包括可达性)来改变网络流量所经过的路径。
目的
传统的路由转发原理是首先根据报文的目的地址查找路由表,然后进行报文转发。但是目前越来越多的用户希望能够在传统路由转发的基础上根据自己定义的策略进行报文转发和选路。策略路由使网络管理者不仅能够根据报文的目的地址,而且能够根据报文的源地址、报文大小和链路质量等属性来制定策略路由,以改变数据包转发路径,满足用户需求。
受益
策略路由具有如下优点:
· 可以根据用户实际需求制定策略进行路由选择,增强路由选择的灵活性和可控性。
· 可以使不同的数据流通过不同的链路进行发送,提高链路的利用效率。
· 在满足业务服务质量的前提下,选择费用较低的链路传输业务数据,从而降低企业数据服务的成本。
配置本地策略路由示例:
组网需求:
如图所示,RouterA与RouterB间有两条链路相连。
用户希望实现本机下发的不同长度的报文通过不同的下一跳地址进行转发,其中:
· 长度为64~1400字节的报文设置192.168.1.2作为下一跳地址。
· 长度为1401~1500字节的报文设置192.168.2.2作为下一跳地址。
· 所有其它长度的报文都按基于目的地址的方法进行路由选路。
配置思路:
采用如下思路配置本地策略路由:
1. 在RouterA上配置IP报文长度匹配条件,以实现本机下发的不同长度的报文匹配不同的策略点。
2. 在RouterA上配置本地策略路由的动作,以实现本机下发的不同长度的报文通过不同的下一跳地址进行转发。
3. 使能本地策略路由。
操作步骤
1. 配置各接口的IP地址
# 配置RouterA的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] interface gigabitethernet 1/0/0
[RouterA-GigabitEthernet1/0/0] ip address 192.168.1.1 255.255.255.0
[RouterA-GigabitEthernet1/0/0] quit
[RouterA] interface gigabitethernet 2/0/0
[RouterA-GigabitEthernet2/0/0] ip address 192.168.2.1 255.255.255.0
[RouterA-GigabitEthernet2/0/0] quit
[RouterA] interface loopback 0
[RouterA-LoopBack0] ip address 10.1.1.1 255.255.255.0
[RouterA-LoopBack0] quit
# 配置RouterB的各接口的IP地址。
<Huawei> system-view
[Huawei] sysname RouterB
[RouterB] interface gigabitethernet 1/0/0
[RouterB-GigabitEthernet1/0/0] ip address 192.168.1.2 255.255.255.0
[RouterB-GigabitEthernet1/0/0] quit
[RouterB] interface gigabitethernet 2/0/0
[RouterB-GigabitEthernet2/0/0] ip address 192.168.2.2 255.255.255.0
[RouterB-GigabitEthernet2/0/0] quit
[RouterB] interface loopback 0
[RouterB-LoopBack0] ip address 10.1.2.1 255.255.255.0
[RouterB-LoopBack0] quit
2. 配置静态路由
# 在RouterA上配置静态路由。
[RouterA] ip route-static 10.1.2.0 24 192.168.1.2
[RouterA] ip route-static 10.1.2.0 24 192.168.2.2
# 在RouterB上配置静态路由。
[RouterB] ip route-static 10.1.1.0 24 192.168.1.1
[RouterB] ip route-static 10.1.1.0 24 192.168.2.1
3. 配置策略路由
# 配置名称为lab1的策略路由。
[RouterA] policy-based-route lab1 permit node 10
[RouterA-policy-based-route-lab1-10] if-match packet-length 64 1400
[RouterA-policy-based-route-lab1-10] apply ip-address next-hop 192.168.1.2
[RouterA-policy-based-route-lab1-10] quit
[RouterA] policy-based-route lab1 permit node 20
[RouterA-policy-based-route-lab1-20] if-match packet-length 1401 1500
[RouterA-policy-based-route-lab1-20] apply ip-address next-hop 192.168.2.2
[RouterA-policy-based-route-lab1-20] quit
# 使能本地策略路由。
[RouterA] ip local policy-based-route lab1
4. 验证配置结果
# 清空RouterB接口统计信息。
<RouterB> reset counters interface gigabitethernet 1/0/0
<RouterB> reset counters interface gigabitethernet 2/0/0
# 查看RouterB接口统计信息。
<RouterB> display interface gigabitethernet 1/0/0
GigabitEthernet1/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:24
Description:HUAWEI, AR Series, GigabitEthernet1/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.1.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4c
Last physical up time : 2012-07-30 11:23:24
Last physical down time : 2012-07-24 16:54:19
Current system time: 2012-07-30 14:57:28
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 40 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 7568 bits/sec,Record time: 2012-07-30 12:57:02
Output peak rate 1008 bits/sec,Record time: 2012-07-30 12:42:42
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
<RouterB> display interface gigabitethernet 2/0/0
GigabitEthernet2/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:29
Description:HUAWEI, AR Series, GigabitEthernet2/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.2.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4d
Last physical up time : 2012-07-30 11:23:29
Last physical down time : 2012-07-30 11:09:17
Current system time: 2012-07-30 14:58:24
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 48 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Output peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
# 在RouterA上Ping RouterB的Loopback0,并将报文数据字段长度设为80字节。
<RouterA> ping -s 80 10.1.2.1
PING 10.1.2.1: 80 data bytes, press CTRL_C to break
Reply from 10.1.2.1: bytes=80 Sequence=1 ttl=255 time=2 ms
Reply from 10.1.2.1: bytes=80 Sequence=2 ttl=255 time=2 ms
Reply from 10.1.2.1: bytes=80 Sequence=3 ttl=255 time=2 ms
Reply from 10.1.2.1: bytes=80 Sequence=4 ttl=255 time=2 ms
Reply from 10.1.2.1: bytes=80 Sequence=5 ttl=255 time=2 ms
--- 10.1.2.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/2/2 ms
# 查看RouterB接口统计信息。
<RouterB> display interface gigabitethernet 1/0/0
GigabitEthernet1/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:24
Description:HUAWEI, AR Series, GigabitEthernet1/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.1.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4c
Last physical up time : 2012-07-30 11:23:24
Last physical down time : 2012-07-24 16:54:19
Current system time: 2012-07-30 15:00:15
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 152 bits/sec, 0 packets/sec
Last 300 seconds output rate 16 bits/sec, 0 packets/sec
Input peak rate 7568 bits/sec,Record time: 2012-07-30 12:57:02
Output peak rate 1008 bits/sec,Record time: 2012-07-30 12:42:42
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
<RouterB> display interface gigabitethernet 2/0/0
GigabitEthernet2/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:29
Description:HUAWEI, AR Series, GigabitEthernet2/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.2.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4d
Last physical up time : 2012-07-30 11:23:29
Last physical down time : 2012-07-30 11:09:17
Current system time: 2012-07-30 15:01:02
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 112 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Output peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
比较执行命令ping -s 80 10.1.2.1前后RouterB接口统计信息,只有RouterB接口GigabitEthernet 1/0/0发送报文总数量增加了5,即RouterB接口GigabitEthernet 1/0/0在接收到ICMP请求报文后给RouterA发送5个ICMP应答报文,所以RouterA根据策略路由确定的下一跳为192.168.1.2。
# 清空RouterB接口统计信息。
<RouterB> reset counters interface gigabitethernet 1/0/0
<RouterB> reset counters interface gigabitethernet 2/0/0
# 查看RouterB接口统计信息。
<RouterB> display interface gigabitethernet 1/0/0
GigabitEthernet1/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:24
Description:HUAWEI, AR Series, GigabitEthernet1/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.1.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4c
Last physical up time : 2012-07-30 11:23:24
Last physical down time : 2012-07-24 16:54:19
Current system time: 2012-07-30 16:04:14
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 7568 bits/sec,Record time: 2012-07-30 12:57:02
Output peak rate 1008 bits/sec,Record time: 2012-07-30 12:42:42
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
<RouterB> display interface gigabitethernet 2/0/0
GigabitEthernet2/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:29
Description:HUAWEI, AR Series, GigabitEthernet2/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.2.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4d
Last physical up time : 2012-07-30 11:23:29
Last physical down time : 2012-07-30 11:09:17
Current system time: 2012-07-30 16:04:19
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Output peak rate 11576 bits/sec,Record time: 2012-07-30 13:46:52
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.01%
# 在RouterA上Ping RouterB的Loopback0,并将报文数据字段长度设为1401字节。
<RouterA> ping -s 1401 10.1.2.1
PING 10.1.2.1: 1401 data bytes, press CTRL_C to break
Reply from 10.1.2.1: bytes=1401 Sequence=1 ttl=255 time=1 ms
Reply from 10.1.2.1: bytes=1401 Sequence=2 ttl=255 time=1 ms
Reply from 10.1.2.1: bytes=1401 Sequence=3 ttl=255 time=1 ms
Reply from 10.1.2.1: bytes=1401 Sequence=4 ttl=255 time=1 ms
Reply from 10.1.2.1: bytes=1401 Sequence=5 ttl=255 time=2 ms
--- 10.1.2.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/2 ms
# 查看RouterB接口统计信息。
<RouterB> display interface gigabitethernet 1/0/0
GigabitEthernet1/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2012-07-30 11:23:24
Description:HUAWEI, AR Series, GigabitEthernet1/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 192.168.1.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0819-a6ce-7d4c
Last physical up time : 2012-07-30 11:23:24
Last physical down time : 2012-07-24 16:54:19
Current system time: 2012-07-30 16:04:50
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 40 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 7568 bits/sec,Record time: 2012-07-30 12:57:02
Output peak rate 1008 bits/sec,Record time: 2012-07-30 12:42:42
Input: 135403 packets, 118911125 bytes
Unicast: 107066, Multicast: 10468
Broadcast: 17869, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 59070 packets, 14217739 bytes
Unicast: 37581, Multicast: 21485
Broadcast: 4, Jumbo: 0
Discard: 0, Total Error: 0
官方网工学习讨论群:677090119
|
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2021-4-9 10:04:37
置顶卡
喧嚣卡
变色卡
千斤顶
