Tweet
Hiện tại cty mình đang sử dụng mô hình:lease-line và FTTH
- tất cả trafic tới dải 10.41.0.0 sẽ chạy qua lease-line
- https, http sẽ chạy qua FTTH
Mình đã cấu hình chạy , tuy nhiên có cách nào khác ngắn gon hơn nũa ko, mong các bạn giúp đỡ.
interface FastEthernet0/1
description $ES_LAN$
ip address 10.41.3.254 255.255.255.0
ip helper-address 10.41.1.14
ip helper-address 10.41.1.15
ip accounting output-packets
ip policy route-map PBR
duplex auto
speed auto
access-list 101 deny ip 10.41.3.0 0.0.0.127 10.0.0.0 0.255.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 10.0.0.0 0.255.255.255
access-list 101 permit ip 10.41.3.0 0.0.0.127 172.16.20.0 0.0.0.3
access-list 101 permit ip 10.41.3.128 0.0.0.63 172.16.20.0 0.0.0.3
access-list 101 deny ip 10.41.3.0 0.0.0.127 172.16.0.0 0.15.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 172.16.0.0 0.15.255.255
access-list 101 deny ip 10.41.3.0 0.0.0.127 172.16.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 172.16.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.0 0.0.0.127 192.168.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 192.168.0.0 0.0.255.255
access-list 101 permit ip 10.41.3.0 0.0.0.127 any
access-list 101 permit ip 10.41.3.128 0.0.0.63 any
access-list 101 permit tcp any eq www any
access-list 101 permit tcp any any eq 443
access-list 101 deny tcp any neq www any
snmp-server community fubonnet RW
snmp-server location VN-HN-2811
snmp-server host 10.201.201.3 fubonnet
route-map PBR permit 10
match ip address 101
set ip next-hop 10.41.3.253
- tất cả trafic tới dải 10.41.0.0 sẽ chạy qua lease-line
- https, http sẽ chạy qua FTTH
Mình đã cấu hình chạy , tuy nhiên có cách nào khác ngắn gon hơn nũa ko, mong các bạn giúp đỡ.
interface FastEthernet0/1
description $ES_LAN$
ip address 10.41.3.254 255.255.255.0
ip helper-address 10.41.1.14
ip helper-address 10.41.1.15
ip accounting output-packets
ip policy route-map PBR
duplex auto
speed auto
access-list 101 deny ip 10.41.3.0 0.0.0.127 10.0.0.0 0.255.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 10.0.0.0 0.255.255.255
access-list 101 permit ip 10.41.3.0 0.0.0.127 172.16.20.0 0.0.0.3
access-list 101 permit ip 10.41.3.128 0.0.0.63 172.16.20.0 0.0.0.3
access-list 101 deny ip 10.41.3.0 0.0.0.127 172.16.0.0 0.15.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 172.16.0.0 0.15.255.255
access-list 101 deny ip 10.41.3.0 0.0.0.127 172.16.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 172.16.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.0 0.0.0.127 192.168.0.0 0.0.255.255
access-list 101 deny ip 10.41.3.128 0.0.0.63 192.168.0.0 0.0.255.255
access-list 101 permit ip 10.41.3.0 0.0.0.127 any
access-list 101 permit ip 10.41.3.128 0.0.0.63 any
access-list 101 permit tcp any eq www any
access-list 101 permit tcp any any eq 443
access-list 101 deny tcp any neq www any
snmp-server community fubonnet RW
snmp-server location VN-HN-2811
snmp-server host 10.201.201.3 fubonnet
route-map PBR permit 10
match ip address 101
set ip next-hop 10.41.3.253
Comment