Configuration of routing policy on S3600

Configuration of routing policy on S3600*

1 Network requirements:

Switch A: Import direct network 100.1.1.0/24 to OSPF.

Swtich B: Import direct network 40.1.1.0/24 and 50.1.1.0/24 to OSPF. Use routing policy to forbid other routers to learn 50.1.1.0/24 network.

Switch D: Import direct network 200.1.1.0/24 to OSPF.

PC1 and PC2 would access each other.

 

2 Network diagram:

 

3 Configuration procedure:

Switch A：

3.1 Create Vlan 10, and add E1/0/2 to Vlan 10:

[SwitchA]vlan 10
[SwitchA-vlan10]port Ethernet 1/0/2

3.2 Create Vlan interface 10, and configure IP address:

[SwitchA]interface Vlan-interface 10
[SwitchA-Vlan-interface10]ip add 10.1.1.2 255.255.255.0

3.3 Create Vlan 100, and add E1/0/1 to Vlan 100:

[SwitchA]vlan 100
[SwitchA-vlan100]port Ethernet 1/0/1

3.4 Create Vlan interface 100, and configure IP address:

[SwitchA]interface Vlan-interface 100
[SwitchA-Vlan-interface100]ip add 100.1.1.1 255.255.255.0

3.5 Enable OSPF and configure:

[SwitchA]ospf
[SwitchA-ospf]area 0
[SwitchA-ospf-area-0.0.0.0]network 10.1.1.0 0.0.0.255

3.6 Import direct routes to OSPF:

[SwitchA-ospf]import-route direct

3.7 Configure default route:

[SwitchA]ip route-static 0.0.0.0 0.0.0.0 10.1.1.1

 

Switch B:

3.8 Create Vlan 10, and add E1/0/2 to Vlan 10:

[SwitchB]vlan 10
[SwitchB-vlan10]port Ethernet 1/0/2

3.9 Create Vlan interface 10, and configure IP address:

[SwitchB]interface Vlan-interface 10
[SwitchB-Vlan-interface10]ip add 10.1.1.1 255.255.255.0

3.10 Create Vlan 20, and add E1/0/1 to Vlan 20:

[SwitchB]vlan 20
[SwitchB-vlan20]port Ethernet 1/0/1

3.11 Create Vlan interface 20, and configure IP address:

[SwitchB]interface Vlan-interface 20
[SwitchB-Vlan-interface20]ip add 20.1.1.1 255.255.255.0

3.12 Create Vlan 40 and 50, and add some ports into these vlans:

[SwitchB]vlan 40
[SwitchB-vlan40]port Ethernet 1/0/4

[SwitchB]vlan 50

[SwitchB-vlan50]port Ethernet 1/0/5

3.13 Create Vlan interface 40 and 50, and then configure IP address for these interfaces:

[SwitchB]interface Vlan-interface 40
[SwitchB-Vlan-interface40]ip add 40.1.1.1 255.255.255.0

[SwitchB]interface Vlan-interface 50
[SwitchB-Vlan-interface50]ip add 50.1.1.1 255.255.255.0

3.14 Configure ACL:

[SwitchB]acl number 2000
[SwitchB-acl-basic-2000]rule deny source 50.1.1.0 0.0.0.255

3.15 Enable OSPF and configure:

[SwitchB]ospf
[SwitchB-ospf]area 0
[SwitchB-ospf-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[SwitchB-ospf-area-0.0.0.0]network 20.1.1.0 0.0.0.255

3.16 Import direct routes to OSPF:

[SwitchB-ospf]import-route direct

3.17 Configure filter policy:

[SwitchB-ospf]filter-policy 2000 export

 

Switch C:

3.18 Create Vlan 20, and add E1/0/1 to Vlan 20:

[SwitchC]vlan 20
[SwitchC-vlan20]port Ethernet 1/0/1

3.19 Create Vlan interface 20, and configure IP address:

[SwitchC]interface Vlan-interface 20
[SwitchC-Vlan-interface20]ip add 20.1.1.2 255.255.255.0

3.20 Create Vlan 30, and add E1/0/2 to Vlan 30:

[SwitchC]vlan 30
[SwitchC-vlan30]port Ethernet 1/0/2

3.21 Create Vlan interface 30, and configure IP address:

[SwitchC]interface Vlan-interface 30
[SwitchC-Vlan-interface30]ip add 30.1.1.1 255.255.255.0

3.22 Enable OSPF and configure:

[SwitchC]ospf
[SwitchC-ospf]area 0
[SwitchC-ospf-area-0.0.0.0]network 20.1.1.0 0.0.0.255

[SwitchC-ospf-area-0.0.0.0]network 30.1.1.0 0.0.0.255

Switch D:

3.23Create Vlan 30, and add E1/0/2 to Vlan 30:

[SwitchD]vlan 30
[SwitchD-vlan20]port Ethernet 1/0/2

3.24 Create Vlan interface 30, and configure IP address:

[SwitchD]interface Vlan-interface 30
[SwitchD-Vlan-interface30]ip add 30.1.1.2 255.255.255.0

3.25 Create Vlan 200, and add E1/0/1 to Vlan 200:

[SwitchD]vlan 200
[SwitchD-vlan200]port Ethernet 1/0/1

3.26 Create Vlan interface 200, and configure IP address:

[SwitchD]interface Vlan-interface 200
[SwitchD-Vlan-interface200]ip add 200.1.1.1 255.255.255.0

3.27 Enable OSPF and configure:

[SwitchD]ospf
[SwitchD-ospf]area 0
[SwitchD-ospf-area-0.0.0.0]network 30.1.1.0 0.0.0.255

3.28 Import direct routes to OSPF:

[SwitchD-ospf]import-route direct

3.29 Configure default route:

[SwitchD]ip route-static 0.0.0.0 0.0.0.0 30.1.1.1

 

4 Configuration Tips:

4.1 filter-policy export command can only be applied in routes imported by OSPF, but can not be applied in routes advertised by network command.

 

*NOTICE: This case is also applicable to H3C S3610 / S5510 / S5600 series switch.