今天来看下access-list的time-range参数的使用
上面的拓扑图计算机IP使用路由器的换回端口来代替!首先进行R1的配置:
Router>en
Router#conf t
R1(config)#no ip domain-lookup
Rourter(config)#hostname R1
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#no exec-timeout
R1(config-line)#logging synchronous
R1(config-line)#exit
R1(config)#int loopback 0
R1(config-if)#no shutdown
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#int s2/0
R1(config-if)#no sh
R1(config-if)#clock rate 64000
R1(config-if)#ip add 10.1.12.1 255.255.255.0
R1(config-if)#exit
R1(config)#router
R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 10.1.1.0 0.0.0.255 ar
R1(config-router)#network 10.1.1.0 0.0.0.255 area 0
R1(config-router)#net
R1(config-router)#network 10.1.12.0 0.0.0.255 are
R1(config-router)#network 10.1.12.0 0.0.0.255 area 0
R1(config-router)#end
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.1.12.0/24 is directly connected, Serial2/0
O 10.1.2.1/32 [110/129] via 10.1.12.2, 00:28:53, Serial2/0
C 10.1.1.0/24 is directly connected, Loopback0
O 10.1.23.0/24 [110/128] via 10.1.12.2, 00:28:53, Serial2/0
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int lo 0
R1(config-if)#ip o
R1(config-if)#ip ospf network point-to-point
R1(config-if)#end
R1#sh ip route
*Mar 1 01:40:40.875: %SYS-5-CONFIG_I: Configured from console by console
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 4 subnets
C 10.1.12.0 is directly connected, Serial2/0
O 10.1.2.0 [110/129] via 10.1.12.2, 00:00:07, Serial2/0
C 10.1.1.0 is directly connected, Loopback0
O 10.1.23.0 [110/128] via 10.1.12.2, 00:00:07, Serial2/0
R1#ping 10.1.2.1 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/52/76 ms
做完time-range之后的效果
R1#ping 10.1.2.1 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
.....
Success rate is 0 percent (0/5)
R1#sh run
Building configuration...
Current configuration : 2152 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0/0
no ip address
shutdown
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface FastEthernet1/0
no ip address
shutdown
!
interface FastEthernet1/1
no ip address
shutdown
!
interface FastEthernet1/2
no ip address
shutdown
!
interface FastEthernet1/3
no ip address
shutdown
!
interface FastEthernet1/4
no ip address
shutdown
!
interface FastEthernet1/5
no ip address
shutdown
!
interface FastEthernet1/6
no ip address
shutdown
!
interface FastEthernet1/7
no ip address
shutdown
!
interface FastEthernet1/8
no ip address
shutdown
!
interface FastEthernet1/9
no ip address
shutdown
!
interface FastEthernet1/10
no ip address
shutdown
!
interface FastEthernet1/11
no ip address
shutdown
!
interface FastEthernet1/12
no ip address
shutdown
!
interface FastEthernet1/13
no ip address
shutdown
!
interface FastEthernet1/14
no ip address
shutdown
!
interface FastEthernet1/15
no ip address
shutdown
!
interface Serial2/0
ip address 10.1.12.1 255.255.255.0
serial restart-delay 0
clockrate 64000
no fair-queue
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Ethernet3/0
no ip address
shutdown
half-duplex
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 0
network 10.1.12.0 0.0.0.255 area 0
!
ip http server
ip classless
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
R1#
R1设置完成后,开始设置R2
Router>en
Router#configure terminal
Rourter(config)#hostname R2
R2(config)#no ip domian-lookup
R2(config)#line console 0
R2(config-line)#no exec-timeout
R2(config-line)#logging synchronous
R2(config-line)#exit
R2(config)#interface s2/0
R2(config-if)#no sh
R2(config-if)#ip address 10.1.12.2 255.255.255.0
R2(config-if)#interface s2/1
R2(config-if)#no sh
R2(config-if)#clock rate 64000
R2(config-if)#ip address 10.1.23.1 255.255.255.0
R2(config-if)#exit
R2(config)#router ospf 1
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 10.1.12.0 0.0.0.255 area 0
R2(config-router)#network 10.1.23.0 0.0.0.255 area 0
R2(config-router)#end
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 3 subnets
C 10.1.12.0 is directly connected, Serial2/0
O 10.1.2.0 [110/65] via 10.1.23.2, 01:59:13, Serial2/1
C 10.1.23.0 is directly connected, Serial2/1
R2(config)#time-range soft
R2(config-time-range)#periodic daily 12:00 to 13:00
R2(config-time-range)#end
R2#conf t
R2(config)#access-list 101 deny icmp 10.1.1.1 0.0.0.255 10.1.2.1 0.0.0.255 time-range soft
R2#sh access-lists
Extended IP access list 101
10 deny icmp 10.1.1.0 0.0.0.255 10.1.2.0 0.0.0.255 time-range soft (inactive)
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface s2/0
R2(config-if)#ip access-group 101 in
R2#
*Mar 1 02:11:14.167: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial2/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R3的设置如下:
Router>en
Router#conf t
R3(config)#no ip domain-lookup
R3(config)#line con 0
R3(config-line)#no exec-timeout
R3(config-line)#logg sy
R3(config-line)#exit
R3(config)#end
R3#
*Mar 1 00:03:51.779: %SYS-5-CONFIG_I: Configured from console by console
R3#sh run
Building configuration...
Current configuration : 1906 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
interface Ethernet0/0
no ip address
shutdown
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface FastEthernet1/0
no ip address
shutdown
!
interface FastEthernet1/1
no ip address
shutdown
!
interface FastEthernet1/2
no ip address
shutdown
!
interface FastEthernet1/3
no ip address
shutdown
!
interface FastEthernet1/4
no ip address
shutdown
!
interface FastEthernet1/5
no ip address
shutdown
!
interface FastEthernet1/6
no ip address
shutdown
!
interface FastEthernet1/7
no ip address
shutdown
!
interface FastEthernet1/8
no ip address
shutdown
!
interface FastEthernet1/9
no ip address
shutdown
!
interface FastEthernet1/10
no ip address
shutdown
!
interface FastEthernet1/11
no ip address
shutdown
!
interface FastEthernet1/12
no ip address
shutdown
!
interface FastEthernet1/13
no ip address
shutdown
!
interface FastEthernet1/14
no ip address
shutdown
!
interface FastEthernet1/15
no ip address
shutdown
!
interface Serial2/0
no ip address
shutdown
serial restart-delay 0
no fair-queue
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Ethernet3/0
no ip address
shutdown
half-duplex
!
interface Vlan1
no ip address
shutdown
!
ip http server
ip classless
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int s2/1
R3(config-if)#no sh
R3(config-if)#clo
R3(config-if)#clock r
R3(config-if)#clock rate 64000
*Mar 1 01:33:20.815: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
*Mar 1 01:33:21.815: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to up
R3(config-if)#ip address 10.1.23.2 255.255.255.0
R3(config-if)#int loopback 0
R3(config-if)#no sh
R3(config-if)#ip address 10.1.2.1 255.255.255.0
R3(config-if)#exit
R
R3(config)#router ospf 1
R3(config-router)#network 10.1.23.0 0.0.0.255 area 0
R3(config-router)#network 10.1.2.0 0.0.0.255 area 0
*Mar 1 01:37:56.643: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.23.1 on Serial2/1 from LOADING to FULL, Loading Done
R3(config-router)#end
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
O 10.1.12.0/24 [110/128] via 10.1.23.1, 00:00:02, Serial2/1
C 10.1.2.0/24 is directly connected, Loopback0
O 10.1.1.1/32 [110/129] via 10.1.23.1, 00:00:02, Serial2/1
C 10.1.23.0/24 is directly connected, Serial2/1
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int lo 0
R3(config-if)#ip ospf network point-to-point
R3(config-if)#end
R3#sh ip ro
*Mar 1 02:12:53.959: %SYS-5-CONFIG_I: Configured from console by console
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 4 subnets
O 10.1.12.0 [110/128] via 10.1.23.1, 00:00:19, Serial2/1
C 10.1.2.0 is directly connected, Loopback0
O 10.1.1.0 [110/129] via 10.1.23.1, 00:00:19, Serial2/1
C 10.1.23.0 is directly connected, Serial2/1
R3#sh run
Building configuration...
Current configuration : 2133 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.1.2.1 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0/0
no ip address
shutdown
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface FastEthernet1/0
no ip address
shutdown
!
interface FastEthernet1/1
no ip address
shutdown
!
interface FastEthernet1/2
no ip address
shutdown
!
interface FastEthernet1/3
no ip address
shutdown
!
interface FastEthernet1/4
no ip address
shutdown
!
interface FastEthernet1/5
no ip address
shutdown
!
interface FastEthernet1/6
no ip address
shutdown
!
interface FastEthernet1/7
no ip address
shutdown
!
interface FastEthernet1/8
no ip address
shutdown
!
interface FastEthernet1/9
no ip address
shutdown
!
interface FastEthernet1/10
no ip address
shutdown
!
interface FastEthernet1/11
no ip address
shutdown
!
interface FastEthernet1/12
no ip address
shutdown
!
interface FastEthernet1/13
no ip address
shutdown
!
interface FastEthernet1/14
no ip address
shutdown
!
interface FastEthernet1/15
no ip address
shutdown
!
interface Serial2/0
no ip address
shutdown
serial restart-delay 0
no fair-queue
!
interface Serial2/1
ip address 10.1.23.2 255.255.255.0
serial restart-delay 0
clockrate 64000
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Ethernet3/0
no ip address
shutdown
half-duplex
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 10.1.2.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
ip http server
ip classless
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
转载于:https://blog.51cto.com/c1813/578499
3081
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
