HP 5500 Ei 5500 Si Switch Series Configuration Guide
Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
![Page 1046
357
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy] if-match ipv6 address acl 2000
[SwitchA-route-policy] apply cost 50
[SwitchA-route-policy] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy] if-match ipv6 address acl 2000
[SwitchA-route-policy] apply cost 100
[SwitchA-route-policy] quit
{ Apply routing policy apply_med_50 to routes outgoing to peer 3001::3, and apply routing
policy apply_med_100 to routes outgoing to peer...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1045.png "Page 1046
357
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy] if-match ipv6 address acl 2000
[SwitchA-route-policy] apply cost 50
[SwitchA-route-policy] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy] if-match ipv6 address acl 2000
[SwitchA-route-policy] apply cost 100
[SwitchA-route-policy] quit
{ Apply routing policy apply_med_50 to routes outgoing to peer 3001::3, and apply routing
policy apply_med_100 to routes outgoing to peer...")
![Page 1047
358
{ Configure the minimum interval for transmitting BFD control packets as 500 milliseconds.
[SwitchC-Vlan-interface101] bfd min-transmit-interval 500
{ Configure the minimum interval for receiving BFD control packets as 500 milliseconds.
[SwitchC-Vlan-interface101] bfd min-receive-interval 500
{ Configure the detect multiplier as 7.
[SwitchC-Vlan-interface101] bfd detect-multiplier 7
[SwitchC-Vlan-interface101] return
6. Verify the configuration:
The following operations are made on...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1046.png "Page 1047
358
{ Configure the minimum interval for transmitting BFD control packets as 500 milliseconds.
[SwitchC-Vlan-interface101] bfd min-transmit-interval 500
{ Configure the minimum interval for receiving BFD control packets as 500 milliseconds.
[SwitchC-Vlan-interface101] bfd min-receive-interval 500
{ Configure the detect multiplier as 7.
[SwitchC-Vlan-interface101] bfd detect-multiplier 7
[SwitchC-Vlan-interface101] return
6. Verify the configuration:
The following operations are made on...")
![Page 1048
359
Destination : 1200:: PrefixLength : 6\
4
NextHop : 3000::1 Preference : 2\
55
RelayNextHop : 3001::2 Tag : 0\
H
Neighbor : 3000::1 ProcessID : 0\
Interface : Vlan-interface101 Protocol : BGP\
4+
State : Active Adv Cost : 5\
0
Tunnel ID : 0x0...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1047.png "Page 1048
359
Destination : 1200:: PrefixLength : 6\
4
NextHop : 3000::1 Preference : 2\
55
RelayNextHop : 3001::2 Tag : 0\
H
Neighbor : 3000::1 ProcessID : 0\
Interface : Vlan-interface101 Protocol : BGP\
4+
State : Active Adv Cost : 5\
0
Tunnel ID : 0x0...")
![Page 1049
360
Neighbor : 2000::1 ProcessID : 0\
Interface : Vlan-interface201 Protocol : B\
GP4+
State : Active Adv Cost : 1\
00
Tunnel ID : 0x0 Label : N\
ULL
Age : 4635sec
The output shows that Switch C has one route to reach network 1200::0/64, that is, Switch
CSwitch DSwitch A.
Troubleshooting IPv6 BGP configuration
IPv6 BGP...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1048.png "Page 1049
360
Neighbor : 2000::1 ProcessID : 0\
Interface : Vlan-interface201 Protocol : B\
GP4+
State : Active Adv Cost : 1\
00
Tunnel ID : 0x0 Label : N\
ULL
Age : 4635sec
The output shows that Switch C has one route to reach network 1200::0/64, that is, Switch
CSwitch DSwitch A.
Troubleshooting IPv6 BGP configuration
IPv6 BGP...")
![Page 1053
364
Step Command Remarks
2. Define an IPv6
prefix list. ip ipv6-prefix
ipv6-prefix-name [ index index-number ]
{ deny | permit } ipv6-address prefix-length
[ greater-equal min-prefix-length ] [ less-equal
max-prefix-length ] Not defined by default.
If all items are set to the
deny mode, no routes can pass the IPv6 prefix list. You must define the permit ::
0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.
For example, the...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1052.png "Page 1053
364
Step Command Remarks
2. Define an IPv6
prefix list. ip ipv6-prefix
ipv6-prefix-name [ index index-number ]
{ deny | permit } ipv6-address prefix-length
[ greater-equal min-prefix-length ] [ less-equal
max-prefix-length ] Not defined by default.
If all items are set to the
deny mode, no routes can pass the IPv6 prefix list. You must define the permit ::
0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.
For example, the...")
![Page 1056
367
Step Command Remarks
5. Match BGP routing information whose AS
path attribute is specified in the AS path
lists. if-match as-path
AS-PATH-number & Optional.
Not configured by
default.
6.
Match BGP routing information whose
community attribute is specified in the
community lists. if-match community
{ { basic-community-list-number |
comm-list-name } [ whole-match ] |
adv-community-list-number }& Optional.
Not configured by
default.
7.
Match routes having the specified...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-1055.png "Page 1056
367
Step Command Remarks
5. Match BGP routing information whose AS
path attribute is specified in the AS path
lists. if-match as-path
AS-PATH-number & Optional.
Not configured by
default.
6.
Match BGP routing information whose
community attribute is specified in the
community lists. if-match community
{ { basic-community-list-number |
comm-list-name } [ whole-match ] |
adv-community-list-number }& Optional.
Not configured by
default.
7.
Match routes having the specified...")
362 An IP prefix list is configured to match the destination address of routing information. You can use the gateway option to allow only routing information from certain routers to be received. For gateway option information, see Configuring RIP and Configuring OSPF . A n IP prefix list, identified by name, can comprise multiple items. Each item, identified by an index n u m b e r, c a n s p e ci f y a p re f ix r a n g e t o m a t c h. A n i t e m wi t h a s m a l l e r i n d e x n u m b e r i s m a t c h e d f i r s t. I f o n e item is matched, the IP prefix list is passed , and the packet will not go to the next item. AS-PATH list A n A S - PAT H l i s t, c o n f i g u re d b a s e d o n t h e B G P A S PAT H a t t r i b u t e , c a n o n l y b e u s e d t o m a t c h B G P ro u t i n g information. For more information about AS-PATH list, see Configuring BGP. Community list A community list, configured based on the BGP community attribute, can only be used to match BGP routing information. For more information about community list, see Configuring BGP. Extended community list An extended community list, configured based on the BGP extended community attribute (Route-Target for VPN and Source of Origin), can only be used to match BGP routing information. Routing policy A routing policy is used to match routing information and modify the attributes of permitted routes. It can reference the filters to define its own match criteria. A routing policy can comprise multiple nodes, which are in logic OR relationship. Each routing policy node is a match unit, and a node with a smaller numb er is matched first. Once a node is matched, the routing policy is passed and the packet will not go to the next node. A routing policy node comprises a set of if-match , apply, and continue clauses. • The if-match clauses define the match criteria. The matching objects are some attributes of routing information. The if-match clauses of a routing policy node is in a logical AND relationship. A packet must match all the if-match clauses of the node to pass it. • The apply clauses of the node specify the actions to be taken on the permitted packets, such as modifying a route attribute. • The continue clause specifies the next routing policy node to be matched. With this clause configured, when a route matches the current routing policy node, it continues to match against the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy. Follow these guidelines when you configure if-match, apply, and continue clauses: • If you want to implement route filterin g only, you do not need to configure apply clauses. • If you do not configure any if-match clauses for a permit-mode node, the node permits all routes to pass. • Configure a permit-mode node containing no if-match or apply clauses behind multiple deny-mode nodes to allow unmatched routes to pass.
363
Defining filters
Configuration prerequisites
Before you configure this task, you must determine IP-prefix list name, matching address range, and
extcommunity list sequence number.
Defining an IP-prefix list
Defining an IPv4 prefix list
Identified by name, an IPv4 prefix list can comprise multiple items. Each item specifies a prefix range to
match and is identified by an index number.
An item with a smaller index number is matched first. If one item is matched, the IP prefix list is passed,
and the routing information will not go to the next item.
To define an IPv4 prefix list:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Define an IPv4
prefix list. ip ip-prefix
ip-prefix-name [ index index-number ]
{ deny | permit } ip-address mask-length
[ greater-equal min-mask-length ] [ less-equal
max-mask-length ] Not defined by default.
If all the items are set to the
deny mode, no routes can pass the IPv4 prefix list. You must define the permit
0.0.0.0 0 less-equal 32 item following multiple deny items to allow other IPv4 routing information to
pass.
For example, the following configuration filters routes 10.1.0.0/16, 10.2.0.0/16, and 10.3.0.0/16, but
allows other routes to pass.
system-view
[Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16
[Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16
[Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16
[Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32
Defining an IPv6 prefix list
Identified by name, each IPv6 prefix list can comprise multiple items. Each item specifies a prefix range
to match and is identified by an index number.
A n i t e m wi t h a s m a l l e r i n d e x n u m b e r i s m a t c h e d f i r s t. I f o n e i t e m i s m a t c h e d, t h e I P v 6 p re f ix l i s t i s p a s s e d,
and the routing information will not go to the next item.
To define an IPv6 prefix list:
Step Command Remarks
1. Enter system view.
system-view N/A
364
Step Command Remarks
2. Define an IPv6
prefix list. ip ipv6-prefix
ipv6-prefix-name [ index index-number ]
{ deny | permit } ipv6-address prefix-length
[ greater-equal min-prefix-length ] [ less-equal
max-prefix-length ] Not defined by default.
If all items are set to the
deny mode, no routes can pass the IPv6 prefix list. You must define the permit ::
0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.
For example, the following configuration filters routes 2000:1::/48, 2000:2::/48, and 2000:3::/48,
but allows other routes to pass.
system-view
[Sysname] ip ipv6-prefix abc index 10 deny 2000:1:: 48
[Sysname] ip ipv6-prefix abc index 20 deny 2000:2:: 48
[Sysname] ip ipv6-prefix abc index 30 deny 2000:3:: 16
[Sysname] ip ipv6-prefix abc index 40 permit :: 0 less-equal 128
Defining an AS path list
You can define multiple items for an AS path list that is identified by number. The relationship between
items is logical OR. If a route matches one of these items, it passes the AS path list.
To define an AS path list:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Define an AS path
ACL. ip as-path
as-path-number { deny |
permit } regular-expression Not defined by default.
Defining a community list
You can define multiple items for a community list that is identified by number. During matching, the
relationship between items is logic OR. If routing information matches one of these items, it passes the
community list.
To define a community list:
Step Command Remarks
1.
Enter system view.
system-view N/A
2. Define a community list.
• Define a basic community list:
ip community-list { basic-comm-list-num |
basic comm-list-name } { deny | permit }
[ community-number-list ] [ internet |
no-advertise | no-export |
no-export-subconfed ] *
• Define an advanced community list:
ip community-list { adv-comm-list-num |
advanced comm-list-name } { deny | permit }
regular-expression Use either approach.
Not defined by
default.
365
Defining an extended community list
You can define multiple items for an extended community list that is identified by number. During
matching, the relation between items is logic OR. If routing information matches one of these items, it
passes the extended community list.
To define an extended community list:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Define an extended
community list. ip extcommunity-list
ext-comm-list-number { deny |
permit } { rt route-target }& Not defined by default.
Configuring a routing policy
A routing policy is used to filter routing information and modify attributes of matching routing information.
The match criteria of a routing policy can be configured by referencing the appropriate filters.
A routing policy can comprise mult
iple nodes, and each routing policy node contains the following:
• if-match clauses —Define the match criteria that routing information must satisfy. The matching
objects are some attributes of routing information.
• apply clauses —Specify the actions to be taken on routing information that has satisfied the match
criteria, such as route attribute modification.
• continue clauses —Specify the next routing policy node to be matched. With this clause configured,
when a route matches the current routing policy no de, it continues to match against the specified
next node in the same routing policy.
Configuration prerequisites
Before configuring this task, you need to configure the filters and routing protocols. You also need to
decide on the name of the routing policy and node numbers, match criteria, and attributes to be
modified.
Creating a routing policy
Follow these guidelines when you create a routing policy:
• If a routing policy node has the permit keyword specified, routing information matching all the
if-match clauses of the node will be handled using the apply clauses of this node, without needing
to match against the next node. If routing information does not match the node, it goes to the next
node for a match.
• If a routing policy node has the deny keyword specified, the apply clauses of the node is not
executed. When routing information matches all the if-match c l a u s e s o f t h e n o d e, i t c a n n o t p a s s t h e
node, or go to the next node. If route information cannot match all the if-match clauses of the node,
it goes to the next node for a match.
• When a routing policy has more than one node, at least one node must be configured with the
permit keyword. If the routing policy is used to filter routing information, routing information that
does not meet any node cannot pass the routing poli cy. If all nodes of the routing policy are set with
the deny keyword, no routing information can pass it.
366
To create a routing policy:
Step Command
1. Enter system view.
system-view
2. Create a routing policy,
specify a node for it, and
enter routing policy view. route-policy
route-policy-name { deny | permit } node node-number
Defining if-match clauses
Follow these guidelines when you define if-match clauses:
• The if-match clauses of a routing policy node are in logic AND relationship. Routing information
must satisfy all of its if-match clauses before being executed with its apply clauses. If an if-match
command exceeds the maximum length, multiple identical if-match clauses are generated. These
clauses are in logical OR relationship. Routing information only needs to match one of them.
• You can specify any number of if-match clauses for a routing policy node. If no if-match clause is
specified, and the routing policy node is in permit mode, all routing information can pass the node.
If it is in deny mode, no routing information can pass it.
• If the ACL referenced by an if-match clause does not exist, the clause is always satisfied; if no rules
of the referenced ACL are matched or the matching rule is inactive, the clause is not satisfied.
• An ACL specified in an if-match clause must be a non-VPN ACL.
• The if-match commands for matching IPv4 destination, next hop, and source address are different
from those for matching IPv6 ones.
• BGP does not support criteria for matching agains t outbound interfaces of routing information.
To d efi n e if-match clauses:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter routing policy view. route-policy
route-policy-name { deny
| permit } node node-number N/A
3.
Define match criteria for IPv4 routes.
• Match IPv4 routing information
specified in the ACL:
if-match acl acl-number
• Match IPv4 routing information
specified in the IP prefix list:
if-match ip-prefix ip-prefix-name.
• Match IPv4 routing information
whose next hop or source is
specified in the ACL or IP prefix
list:
if-match ip { next-hop |
route-source } { acl acl-number |
ip-prefix ip-prefix-name } Optional.
Not configured by
default.
4.
Match IPv6 routing information whose
next hop or source is specified in the ACL
or IP prefix list. if-match ipv6
{ address | next-hop |
route-source } { acl acl-number |
prefix-list ipv6-prefix-name } Optional.
Not configured by
default.
367
Step Command Remarks
5. Match BGP routing information whose AS
path attribute is specified in the AS path
lists. if-match as-path
AS-PATH-number & Optional.
Not configured by
default.
6.
Match BGP routing information whose
community attribute is specified in the
community lists. if-match community
{ { basic-community-list-number |
comm-list-name } [ whole-match ] |
adv-community-list-number }& Optional.
Not configured by
default.
7.
Match routes having the specified cost.
if-match cost value Optional.
Not configured by
default.
8. Match BGP routing information whose
extended community attribute is specified
in the extended community list(s). if-match extcommunity
ext-comm-list-number & Optional.
Not configured by
default.
9.
Match routing information having
specified outbound interface(s). if-match interface
{ interface-type
interface-number }& Optional.
Not configured by
default.
10.
Match routing information having the
specified route type. if-match route-type
{ external-type1 |
external-type1or2 | external-type2 |
internal | is-is-level-1 | is-is-level-2 |
nssa-external-type1 |
nssa-external-type1or2 |
nssa-external-type2 } * Optional.
Not configured by
default.
11.
Match RIP, OSPF, and IS-IS routing
information having the specified tag
value. if-match tag value
Optional.
Not configured by
default.
Defining apply clauses
Step Command Remarks
1.
Enter system view.
system-view N/A
2. Enter routing policy view. route-policy
route-policy-name
{ deny | permit } node node-number Not created by default.
3. Set the AS-PATH attribute for
BGP routing information. apply as-path
as-number&
[ replace ] Optional.
Not set by default.
4.
Delete the community attribute
of BGP routing information
using the community list. apply comm-list
{ comm-list-number
| comm-list-name } delete Optional.
Not configured by default.
5.
Set the community attribute for
BGP routing information. apply community
{ none | additive
| { community-number & |
aa:nn& | internet |
no-advertise | no-export |
no-export-subconfed } *
[ additive ] } Optional.
Not set by default.
368
Step Command Remarks
6. Set a cost for routing
information. apply cost
[ + | - ] value Optional.
Not set by default.
7.
Set a cost type for routing
information. apply cost-type
[ external | internal
| type-1 | type -2 ] Optional.
Not set by default.
8.
Set the extended community
attribute for BGP routing. apply extcommunity
{ { rt
route-target }& [ additive ] }
Optional.
Not set by default.
9. Set the next hop.
• Set the next hop for IPv4 routes:
apply ip-address next-hop
ip-address
• Set the next hop for IPv6 routes:
apply ipv6 next-hop
ipv6-address Optional.
Not set by default.
The setting does not apply to
redistributed routing information.
The apply ip-address next-hop
and apply ipv6 next-hop
commands do not apply to
redistributed IPv4 and IPv6
routes.
10.
Inject routing information to a
specified ISIS level. apply isis
{ level-1 | level-1-2 |
level-2 } Optional.
Not configured by default.
11.
Set the local preference for
BGP routing information. apply local-preference
preference Optional.
Not set by default.
12.
Set the origin attribute for BGP
routing information. apply origin {
egp as-number | igp
| incomplete } Optional.
Not set by default.
13.
Set the preference for the
routing protocol. apply preference
preference Optional.
Not set by default.
14.
Set a preferred value for BGP
routing information. apply preferred-value
preferred-value Optional.
Not set by default.
15.
Set a tag value for RIP, OSPF, or
IS-IS routing information. apply tag
value Optional.
Not set by default.
16.
Configure FRR. apply fast-reroute
{
backup-interface interface-type
interface-number [ backup-nexthop
ip-address ] } Optional.
Not configured by default.
NOTE:
The difference between IPv4 and IPv6 apply clauses is the command for settin
g the next hop for routing
information.
Defining a continue clause
Follow these guidelines when you define a continue clause:
• If you configure the same type of apply clauses that set different values (including the apply
community and apply extcommunity clauses with the additive keyword) on nodes that are
369
combined by the continue clause, the apply clause configured on the last matching node takes
effect.
• If you configure the apply community clause for multiple nodes that are combined by the continue
clause, the apply comm-list delete clause configured on the current node cannot delete the
community attributes of preceding nodes.
To define a continue clause:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Create a routing policy and
enter routing policy view. route-policy
route-policy-name
{ deny | permit } node node-number
Not created by default.
3. Specify the next routing policy
node to be matched. continue [
node-number ] Optional.
Not configured by default.
The node number specified must
be larger than the current node
number.
Displaying and maintaining the routing policy
Task Command Remarks
Display BGP AS-PATH list
information.
display ip as-path
[ as-path-number ] [ | { begin |
exclude | include } regular-expression ] Available in any
view
Display BGP community list
information. display ip community-list
[ basic-community-list-number |
adv-community-list-number | comm-list-name ] [ |
{ begin | exclude | include } regular-expression ] Available in any
view
Display BGP extended community
list information. display ip extcommunity-list
[ ext-comm-list-number ] [ | { begin | exclude |
include } regular-expression ] Available in any
view
Display IPv4 prefix list statistics. display ip ip-prefix
[ ip-prefix-name ] [ | { begin |
exclude | include } regular-expression ] Available in any
view
Display IPv6 prefix list statistics. display ip ipv6-prefix [
ipv6-prefix-name ] [ |
{ begin | exclude | include } regular-expression ] Available in any
view
Display routing policy information. display route-policy [ route-policy-name
] [ | { begin
| exclude | include } regular-expression ] Available in any
view
Clear IPv4 prefix list statistics. reset ip ip-prefix [ ip-prefix-name ] Available in user
view
Clear IPv6 prefix list statistics. reset ip ipv6-prefix [ ipv6-prefix-name ] Available in user
view
370 Routing policy configuration examples Applying a routing policy to IPv4 route redistribution Network requirements As shown in Figure 119, S witch B exchanges routing information with Switch A using OSPF, and with Switch C using IS-IS. On Switch B, enable route redistribution from IS-IS to OSPF, and apply a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20. Figure 119 Network diagram Configuration procedure 1. Specify IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS: # Configure Switch C. system-view [SwitchC] isis [SwitchC-isis-1] is-level level-2 [SwitchC-isis-1] network-entity 10.0000.0000.0001.00 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] isis enable [SwitchC-Vlan-interface200] quit [SwitchC] interface vlan-interface 201 [SwitchC-Vlan-interface201] isis enable [SwitchC-Vlan-interface201] quit [SwitchC] interface vlan-interface 202 [SwitchC-Vlan-interface202] isis enable [SwitchC-Vlan-interface202] quit [SwitchC] interface vlan-interface 203 [SwitchC-Vlan-interface203] isis enable [SwitchC-Vlan-interface203] quit # Configure Switch B.
371
system-view
[SwitchB] isis
[SwitchB-isis-1] is-level level-2
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable
[SwitchB-Vlan-interface200] quit
3. Configure OSPF and route redistribution:
# Configure OSPF on Switch A.
system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# On Switch B, configure OSPF and enable route redistribution from IS-IS.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route isis 1
[SwitchB-ospf-1] quit
# Display the OSPF routing table on Sw itch A to view redistributed routes.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1562 Stub 192.168.1.1 192.168.1.1 0.0.0.\
0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter\
172.17.1.0/24 1 Type2 1 192.168.1.2 192.168.2\
.2
172.17.2.0/24 1 Type2 1 192.168.1.2 192.168.2\
.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2\
.2
192.168.2.0/24 1 Type2 1 192.168.1.2 192.168.2\
.2
Total Nets: 5
Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0
4. Configure filtering lists:
# Configure ACL 2002 to permit route 172.17.2.0/24.
[SwitchB] acl number 2002
[SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255
[SwitchB-acl-basic-2002] quit