该问题为华为的学习资料
1.首先把所有的PC机全部设置为DHCP
2.配置地址
3.ospf
4.dhcp
5.acl
AR1
dhcp en
interface GigabitEthernet0/0/0
ip address 192.168.1.254 255.255.255.0
dhcp select global
interface GigabitEthernet0/0/1
ip address 10.1.12.1 255.255.255.0
dhcp select global
ospf 1 router-id 1.1.1.1
area 0.0.0.1
network 10.1.12.1 0.0.0.0
network 192.168.1.254 0.0.0.0
ip pool SW1
gateway-list 192.168.1.254
network 192.168.1.0 mask 255.255.255.0
excluded-ip-address 192.168.1.3 192.168.1.253
AR2
dhcp en
interface GigabitEthernet0/0/0
ip address 192.168.2.254 255.255.255.0
dhcp select global
interface GigabitEthernet0/0/1
ip address 10.1.12.2 255.255.255.0
dhcp select global
ospf 1 router-id 2.2.2.2
area 0.0.0.1
network 10.1.12.2 0.0.0.0
network 192.168.2.254 0.0.0.0
ip pool SW2
gateway-list 192.168.2.254
network 192.168.2.0 mask 255.255.255.0
LSW2
time-range test 9:00 to 18:00 0
acl number 3002
rule 5 permit ip source 192.168.1.1 0 destination 192.168.2.252 0
interface GigabitEthernet0/0/2 time-range text
int g 0/0/2
traffic-filter outbound acl 3002
结果:
PC1无法ping通PC3,其他PC之间均是可以通信的
因个人能力有限,笔者发现,在使用acl时,不知在permit时间范围以外,pc1给pc3的报文是否是默认拒绝通过,还有待验证
如有问题,可以使用更好的时间范围,或者多个时间范围的联合
如有错误,还请指正