华为ENSP网络大实验
文章目录实验要求实验所需的技术支持实验配置实验拓扑图LSW4的配置(二层交换机)LSW5的配置(二层交换机)LSW6的配置(二层交换机)LSW1的配置(三层交换机)LSW2的配置(三层交换机)AR1的配置AR2的配置AR3的配置AR4的配置AR5的配置实验要求内部网络要求互通;内部网络能够连接外部的服务器;路由器能够获取外部服务器的服务;公网服务器无法连接内部的主机。实验所需的技术支持OSPF:链
·
文章目录
一、实验准备
实验要求
内部网络要求互通;
内部网络能够连接外部的服务器;
路由器能够获取外部服务器的服务;
公网服务器无法连接内部的主机。
实验技术支持
OSPF:链路状态路由协议
RIP:距离矢量路由协议
NAT:网络地址转换协议
ACL:访问控制列表
VRRP:虚拟路由器冗余协议
MSTP:多区域生成树协议
ospf和rip重分发
单臂路由
链路聚合
二、实验流程
实验拓扑图
LSW4的配置(二层交换机)
# ## 创建vlan
vlan batch 100 200
# ## 设置不同接口属性及属于不同vlan
interface Ethernet0/0/1
port link-type access
port default vlan 100
#
interface Ethernet0/0/2
port link-type access
port default vlan 200
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
# ## mstp多生成树协议
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root primary
stp instance 2 root primary
stp instance 3 root secondary
stp instance 4 root secondary
#
LSW5的配置(二层交换机)
LSW5上面的配置参考LSW5配置
#
vlan batch 300 400
#
interface Ethernet0/0/1
port link-type access
port default vlan 300
#
interface Ethernet0/0/2
port link-type access
port default vlan 400
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root secondary
stp instance 2 root secondary
stp instance 3 root primary
stp instance 4 root primary
#
LSW6的配置(二层交换机)
# ## 创建vlan
vlan batch 500 600
# ## 设置不同接口属性及属于不同vlan
interface Ethernet0/0/1
port link-type access
port default vlan 500
#
interface Ethernet0/0/2
port link-type access
port default vlan 600
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
LSW1的配置(三层交换机)
# ## 创建vlan
vlan batch 100 200 300 400 555
# ## 设置接口属性及vlan
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
# ## 配置接口ip地址及创建vrrp
interface Vlanif100
ip address 192.168.1.10 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
vrrp vrid 1 priority 105
vrrp vrid 1 track interface GigabitEthernet0/0/1
#
interface Vlanif200
ip address 192.168.2.10 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.2
#
interface Vlanif300
ip address 192.168.3.10 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.3
vrrp vrid 3 priority 105
vrrp vrid 3 track interface GigabitEthernet0/0/1
#
interface Vlanif400
ip address 192.168.4.10 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.4
#
interface Vlanif555
ip address 192.168.15.100 255.255.255.0
#
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Eth-Trunk1 ## 创建链路聚合
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
eth-trunk 1
#
interface GigabitEthernet0/0/5
eth-trunk 1
#
interface GigabitEthernet0/0/6
eth-trunk 1
#
interface GigabitEthernet0/0/7
eth-trunk 1
#
stp region-configuration ## 多区域生成树协议
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root primary
stp instance 2 root secondary
stp instance 3 root secondary
stp instance 4 root secondary
#
interface GigabitEthernet0/0/1 ## 配置接口IP地址及配置ospf路由协议
port link-type access
port default vlan 555
#
interface Vlanif555
ip address 192.168.15.100 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.15.0 0.0.0.255
network 192.168.0.0 0.0.255.255
#
LSW2的配置(三层交换机)
LSW2上面的配置命令参考LSW1的配置命令
#
vlan batch 100 200 300 400 666
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Vlanif100
ip address 192.168.1.20 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
#
interface Vlanif200
ip address 192.168.2.20 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.2
vrrp vrid 2 priority 105
vrrp vrid 2 track interface GigabitEthernet0/0/3
#
interface Vlanif300
ip address 192.168.3.20 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.3
#
interface Vlanif400
ip address 192.168.4.20 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.4
vrrp vrid 4 priority 105
vrrp vrid 4 track interface GigabitEthernet0/0/3
#
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root secondary
stp instance 2 root primary
stp instance 3 root secondary
stp instance 4 root primary
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
eth-trunk 1
#
interface GigabitEthernet0/0/5
eth-trunk 1
#
interface GigabitEthernet0/0/6
eth-trunk 1
#
interface GigabitEthernet0/0/7
eth-trunk 1
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 666
#
interface Vlanif666
ip address 192.168.16.100 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.16.0 0.0.0.255
network 192.168.0.0 0.0.255.255
#
AR1的配置
# ## 配置接口IP地址
interface GigabitEthernet0/0/0
ip address 202.10.101.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 202.10.102.1 255.255.255.0
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR2的配置
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 202.10.101.2 255.255.255.0
nat outbound 2000
#
interface GigabitEthernet0/0/1
ip address 192.168.10.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 192.168.15.2 255.255.255.0
#
interface GigabitEthernet4/0/0
ip address 192.168.16.2 255.255.255.0
# ## 配置ospf协议
ospf 1
default-route-advertise always
area 0.0.0.0
network 192.168.0.0 0.0.255.255
network 192.168.10.0 0.0.0.255
network 192.168.15.0 0.0.0.255
network 192.168.16.0 0.0.0.255
# ## 建立默认路由
ip route-static 0.0.0.0 0.0.0.0 202.10.101.1
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR3的配置
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.10.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.20.3 255.255.255.0
# ## 配置ospf协议
ospf 1
import-route rip 1 cost 10
area 0.0.0.0
network 192.168.10.0 0.0.0.255
# ## 配置rip协议
rip 1
undo summary
default-route originate
version 2
network 192.168.20.0
import-route ospf 1 cost 0
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR4的配置
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.20.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.30.4 255.255.255.0
# ## 配置rip协议
rip 1
undo summary
version 2
network 192.168.20.0
network 192.168.30.0
# ## 开启ftp数据端口服务
nat alg ftp enable
AR5的配置
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.30.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 500
ip address 192.168.5.5 255.255.255.0
arp broadcast enable
#
interface GigabitEthernet0/0/1.2
dot1q termination vid 600
ip address 192.168.6.6 255.255.255.0
arp broadcast enable
# ## 配置rip协议
rip 1
undo summary
version 2
network 192.168.30.0
network 192.168.5.0
network 192.168.6.0
#
三、实验结果
验证内网互通
验证内网主机能访问外网服务器
验证外网服务器无法访问到内网主机
路由器上获取服务器开启的服务
显示以下内容为成功获取:
四、实验结论
经过上述实验,能够全面的了解并掌握到各个硬件的功能及用法。同时也能梳理不同网络类型之间需要使用哪些协议去搭建网络结构。同时需要程序员能够清晰地知道实验的每一步的内容以及需要展现的结果。
开放原子开发者工作坊旨在鼓励更多人参与开源活动,与志同道合的开发者们相互交流开发经验、分享开发心得、获取前沿技术趋势。工作坊有多种形式的开发者活动,如meetup、训练营等,主打技术交流,干货满满,真诚地邀请各位开发者共同参与!
更多推荐
55
0- 0
已为社区贡献2条内容
所有评论(0)