网站微建站,wordpress安装文件下载,灯具网站建设,网站安全建设目的是什么题目
1、内网IP地址使用172.16.0.0/26分配 2、SW1和SW2之间互为备份 3、VRRP/STP/VLAN/Eth-trunk均使用 4、所有PC均通过DHCP获取IP地址 5、ISP只能配置IP地址 6、所有电脑可以正常访问ISP路由器环回
实验步骤
第一步、规划IP地址
R1-R2#xff1a;100.1.1.0/24
R2-LSW1…
题目
1、内网IP地址使用172.16.0.0/26分配 2、SW1和SW2之间互为备份 3、VRRP/STP/VLAN/Eth-trunk均使用 4、所有PC均通过DHCP获取IP地址 5、ISP只能配置IP地址 6、所有电脑可以正常访问ISP路由器环回
实验步骤
第一步、规划IP地址
R1-R2100.1.1.0/24
R2-LSW1172.16.0.0/30
R2-LSW2172.16.0.4/30
VLAN 2172.16.2.0/24
VLAN 3172.16.3.0/24 第二步、核心层
配置路由器的IP地址
R1ISP
Huaweisystem-view
[Huawei]sysname ISP
[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip address 100.1.1.2 24
[ISP-GigabitEthernet0/0/0]int lo0
[ISP-LoopBack0]ip address 100.1.2.1 24 R2
Huaweisystem-view
[Huawei]sysname R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip address 100.1.1.1 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip address 172.16.0.1 30
[R2-GigabitEthernet0/0/1]int g0/0/2
[R2-GigabitEthernet0/0/2]ip address 172.16.0.5 30 配置VLANIF的IP地址
LSW1
[LSW1]int Vlanif 1
[LSW1-Vlanif1]ip address 172.16.0.2 30
LSW2
[LSW2]int Vlanif 1
[LSW2-Vlanif1]ip address 172.16.0.5 30
配置OSPF
R1
[R2]ospf 1 router-id 3.3.3.3
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
LSW1
[LSW1]ospf 1 router-id 1.1.1.1
[LSW1-ospf-1]area 0
[LSW1-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
LSW2
[LSW2]ospf 1 router-id 2.2.2.2
[LSW2-ospf-1]area 0
[LSW2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
配置静态路由、NAT、边界路由器上配置一个下发缺省
让私网能够访问公网在边界路由器上配置缺省指向公网和做NAT并向内部网络下发一条缺省。
[R2]ip route-static 0.0.0.0 0 100.1.1.2
[R2]acl 2000
[R2-acl-basic-2000]rule 1 permit source any
[R2-acl-basic-2000]q
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]nat outbound 2000
[R2]ospf 1
[R2-ospf-1]default-route-advertise always 第三步、汇聚层
配置LSW1-LSW2之间的Eth-trunk链路
LSW1
[LSW1]int Eth-Trunk 1
[LSW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/1
[LSW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/2
[LSW1-Eth-Trunk1]port trunk allow-pass vlan all
[LSW1-Eth-Trunk1]q
LSW2
[LSW2]int Eth-Trunk 1
[LSW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/1
[LSW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/2
[LSW2-Eth-Trunk1]port trunk allow-pass vlan all
[LSW2-Eth-Trunk1]q配置Trunk
LSW1
[LSW1]int g0/0/3
[LSW1-GigabitEthernet0/0/3]port link-type trunk
[LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW1-GigabitEthernet0/0/3]int g0/0/4
[LSW1-GigabitEthernet0/0/4]port link-type trunk
[LSW1-GigabitEthernet0/0/4]port trunk allow-pass vlan all LSW2
[LSW2]int g0/0/3
[LSW2-GigabitEthernet0/0/3]port link-type trunk
[LSW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW2-GigabitEthernet0/0/3]int g0/0/4
[LSW2-GigabitEthernet0/0/4]port link-type trunk
[LSW2-GigabitEthernet0/0/4]port trunk allow-pass vlan all 启动MSTP
vlan 2 放实例2 中vlan 3 放实例3中
LSW1 [LSW1]stp mode mstp
[LSW1]stp enable
[LSW1]vlan batch 2 3
[LSW1]stp region-configuration
[LSW1-mst-region]region-name 11
[LSW1-mst-region]instance 2 vlan 2
[LSW1-mst-region]instance 3 vlan 3
[LSW1-mst-region]active region-configuration LSW2
[LSW2]stp mode mstp
[LSW2]stp enable
[LSW2]stp region-configuration
[LSW2-mst-region]region-name 11
[LSW2-mst-region]instance 2 vlan 2
[LSW2-mst-region]instance 3 vlan 3
[LSW2-mst-region]active region-configuration
LSW3
[LSW3]stp mode mstp
[LSW3]stp enable
[LSW3]stp region-configuration
[LSW3-mst-region]region-name 11
[LSW3-mst-region]instance 2 vlan 2
[LSW3-mst-region]instance 3 vlan 3
[LSW3-mst-region]active region-configuration
LSW4
[LSW4]stp mode mstp
[LSW4]stp enable
[LSW4]stp region-configuration
[LSW4-mst-region]region-name 11
[LSW4-mst-region]instance 2 vlan 2
[LSW4-mst-region]instance 3 vlan 3
[LSW4-mst-region]active region-configuration
指定LSW1为instance 2的主为instance 3的备份
[LSW1]stp instance 2 root primary
[LSW1]stp instance 3 root secondary 指定LSW2为instance 3的主为instance 2的备份
[LSW2]stp instance 2 root secondary
[LSW2]stp instance 3 root primary 进行查看生成树 在LSW2 上查看你instance 2 可以看出是以自己为根
在LSW2 上查看你instance 3 可以看出是以自己为根 在去LSW 3上看instance 2的阻塞的是连接LSW2的链路接口g0/0/4。 在去LSW 4上看instance 3的阻塞的是连接LSW1的链路接口g0/0/4。 配置VLANIF的IP地址
LSW1
[LSW1]int Vlanif 2
[LSW1-Vlanif2]ip address 172.16.2.1 24
[LSW1-Vlanif2]q
[LSW1]int Vlanif 3
[LSW1-Vlanif3]ip address 172.16.3.1 24
LSW2
[LSW2]int Vlanif 2
[LSW2-Vlanif2]ip address 172.16.2.2 24
[LSW2-Vlanif2]q
[LSW2]int Vlanif 3
[LSW2-Vlanif3]ip address 172.16.3.2 24
配置VRRP
LSW1
[LSW1]int Vlanif 2
[LSW1-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.254
[LSW1-Vlanif2]vrrp vrid 1 priority 200
[LSW1-Vlanif2]vrrp vrid 1 track interface Vlanif 1 reduced 150
[LSW1-Vlanif2]q
[LSW1]int Vlanif 3
[LSW1-Vlanif3]vrrp vrid 2 virtual-ip 172.16.3.254
[LSW1-Vlanif3]vrrp vrid 2 priority 100LSW2
[LSW2]int Vlanif 2
[LSW2-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.254
[LSW2-Vlanif2]vrrp vrid 1 priority 100
[LSW2]int Vlanif 3
[LSW2-Vlanif3]vrrp vrid 2 virtual-ip 172.16.3.254
[LSW2-Vlanif3]vrrp vrid 2 priority 200
[LSW2-Vlanif3]vrrp vrid 2 track interface Vlanif 1 reduced 150
配置DHCP
LSW1
[LSW1]ip pool aa
Info:Its successful to create an IP address pool.
[LSW1-ip-pool-aa]network 172.16.2.0 mask 24
[LSW1-ip-pool-aa]gateway-list 172.16.2.254
[LSW1-ip-pool-aa]dns-list 8.8.8.8
[LSW1-ip-pool-aa]q
[LSW1]ip pool bb
Info:Its successful to create an IP address pool.
[LSW1-ip-pool-bb]network 172.16.3.0 mask 24
[LSW1-ip-pool-bb]gateway-list 172.16.3.254
[LSW1-ip-pool-bb]dns-list 8.8.8.8
[LSW1-ip-pool-bb]q
[LSW1]dhcp enable
[LSW1]int Vlanif 2
[LSW1-Vlanif2]dhcp select global
[LSW1-Vlanif2]q
[LSW1]int Vlanif 3
[LSW1-Vlanif3]dhcp select global
LSW2
[LSW2]ip pool aa
Info:Its successful to create an IP address pool.
[LSW2-ip-pool-aa] gateway-list 172.16.2.254
[LSW2-ip-pool-aa] network 172.16.2.0 mask 24
[LSW2-ip-pool-aa] dns-list 8.8.8.8
[LSW2-ip-pool-aa]q
[LSW2]ip pool bb
Info:Its successful to create an IP address pool.
[LSW2-ip-pool-bb] gateway-list 172.16.3.254
[LSW2-ip-pool-bb] network 172.16.3.0 mask 24
[LSW2-ip-pool-bb] dns-list 8.8.8.8
[LSW2-ip-pool-bb] dhcp enable
[LSW2]int Vlanif 2
[LSW2-Vlanif2]dhcp select global
[LSW2-Vlanif2]q
[LSW2]int Vlanif 3
[LSW2-Vlanif3]dhcp select global
[LSW2-Vlanif3]q
查看PC机自动获取到的IP地址 第四步、接入层
VLAN划分
LSW5
Huaweisystem-view
[Huawei]sysname LSW3
[LSW3]vlan batch 2 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW3]int g0/0/1
[LSW3-GigabitEthernet0/0/1]port link-type access
[LSW3-GigabitEthernet0/0/1]port default vlan 2
[LSW3-GigabitEthernet0/0/1]int g0/0/2
[LSW3-GigabitEthernet0/0/2]port link-type access
[LSW3-GigabitEthernet0/0/2]port default vlan 3
[LSW3-GigabitEthernet0/0/2]int g0/0/3
[LSW3-GigabitEthernet0/0/3]port link-type trunk
[LSW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW3-GigabitEthernet0/0/3]int g0/0/4
[LSW3-GigabitEthernet0/0/4]port link-type trunk
[LSW3-GigabitEthernet0/0/4]port trunk allow-pass vlan all
LSW4
Huaweisystem-view
[Huawei]sysname LSW4
[LSW4]vlan batch 2 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW4]int g0/0/1
[LSW4-GigabitEthernet0/0/1]port link-type access
[LSW4-GigabitEthernet0/0/1]port default vlan 2
[LSW4-GigabitEthernet0/0/1]int g0/0/2
[LSW4-GigabitEthernet0/0/2]port link-type access
[LSW4-GigabitEthernet0/0/2]port default vlan 3
[LSW4-GigabitEthernet0/0/2]int g0/0/3
[LSW4-GigabitEthernet0/0/3]port link-type trunk
[LSW4-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[LSW4-GigabitEthernet0/0/3]int g0/0/4
[LSW4-GigabitEthernet0/0/4]port link-type trunk
[LSW4-GigabitEthernet0/0/4]port trunk allow-pass vlan all
第五步、测试
PC1访问全网 PC4访问全网 先在PC2上查看访问100.1.2.1路由追踪它是走的LSW2然后到达的目的就满足当链路正常的时候VLAN3 的路由走LSW2设备。 当我们断开链路或故障依然可以到达100.1.2.1就启用了备份路径LSW1设备。 先在PC3上查看访问100.1.2.1路由追踪它是走的LSW1然后到达的目的。就满足当链路正常的时候VLAN2 的路由走LSW1设备。 当我们断开链路或故障依然可以到达100.1.2.1就启用了备份路径LSW2设备。
