火星路由,代表在互联网上一些不可路由的地址,譬如127.0.0.0/8,240.0.0.0/24等地址,缺省的火星路由如下:
inet.0:
0.0.0.0/0 exact -- allowed
0.0.0.0/8 orlonger -- disallowed
127.0.0.0/8 orlonger -- disallowed
192.0.0.0/24 orlonger -- disallowed
240.0.0.0/4 orlonger -- disallowed
224.0.0.0/4 exact -- disallowed
224.0.0.0/24 exact -- disallowed
火星路由的机理是:路由要加入到路由表的时候要和火星路由表比对,如果匹配了火星路由表那么根据后面的动作进行执行,如果动作是disallowed那么该路由不能加入到路由表中。如果后面的动作是allowed那么可以加入到路由表。如果不和火星路由表中的路由条目匹配,那么不执行动作。
在设置火星路由的时候,可以按照下面关键字来定义网段范围:
exact Exactly match the prefix length
标明精确匹配该路由的。
[edit routing-options]
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
}
martians {
192.168.10.0/24 exact; //精确匹配该路由的不能进路由表
}
[edit routing-options]
admin@jr1# run show route
inet.0: 3 destinations, 3 routes (2 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.10.0/23 *[Static/5] 00:00:18
Reject
192.168.10.0/25 *[Static/5] 00:00:18
Reject
[edit routing-options]
admin@jr1#
longer Mask is greater than the prefix length
比该路由长的,不包括该路由本身
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
}
martians {
192.168.10.0/24 longer; //比该路由 掩码长的,但不包括自身。
}
[edit routing-options]
admin@jr1# run show route
inet.0: 3 destinations, 3 routes (2 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.10.0/23 *[Static/5] 00:01:36
Reject
192.168.10.0/24 *[Static/5] 00:01:36
Reject
[edit routing-options]
admin@jr1#
orlonger Mask is greater than or equal to the prefix length
比该路由长的,包括该路由本身
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
}
martians {
192.168.10.0/24 orlonger; //比这个掩码长的,但包含自身。
}
[edit routing-options]
admin@jr1# run show route
inet.0: 3 destinations, 3 routes (1 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.10.0/23 *[Static/5] 00:03:17
Reject
[edit routing-options]
admin@jr1#
prefix-length-range Mask falls between two prefix lengths
前缀长度范围
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
route 192.168.9.0/25 reject;
}
martians {
192.168.10.0/24 prefix-length-range /25-/26; 前缀是192.168.10 ,掩码长度在25-26之间的。
}
[edit routing-options]
admin@jr1# run show route
inet.0: 4 destinations, 4 routes (3 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.9.0/25 *[Static/5] 00:00:06
Reject
192.168.10.0/23 *[Static/5] 00:11:55
Reject
192.168.10.0/24 *[Static/5] 00:11:55
Reject
[edit routing-options]
admin@jr1#
through Route falls between two prefixes
在两个前缀之间
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
route 192.168.9.0/25 reject;
}
martians {
192.168.10.0/24 through 192.168.10.0/25; 192.168.10.0 前缀24-25之间的。奇怪的是前缀部分不一致的譬如192.168.9.0/24 192.168.10.0/24的不能成功。
}
[edit routing-options]
admin@jr1# run show route
inet.0: 4 destinations, 4 routes (2 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.9.0/25 *[Static/5] 00:08:52
Reject
192.168.10.0/23 *[Static/5] 00:20:41
Reject
[edit routing-options]
admin@jr1#
upto Mask falls between two prefix lengths
比该前缀短的(在该前缀之上)
admin@jr1# show
static {
route 192.168.10.0/24 reject;
route 192.168.10.0/23 reject;
route 192.168.10.0/25 reject;
route 192.168.9.0/25 reject;
}
martians {
192.168.10.0/24 upto /25; //前缀是192.168.10.0,但掩码在25以上的,不包括25。
}
[edit routing-options]
admin@jr1# run show route
inet.0: 4 destinations, 4 routes (2 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.9.0/25 *[Static/5] 00:11:10
Reject
192.168.10.0/23 *[Static/5] 00:22:59
Reject
[edit routing-options]
admin@jr1#
被拒绝掉的路由,采用如下命令可以查看:
admin@jr1# run show route hidden
inet.0: 4 destinations, 4 routes (2 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.10.0/24 [Static/5] 00:23:41
Reject
192.168.10.0/25 [Static/5] 00:23:41
Reject
[edit routing-options]
admin@jr1#
阅读(1956) | 评论(0) | 转发(0) |