您的位置: 首页  >  文章  >  层次化技术实验

层次化技术实验

分类: 文章 2022-10-04 21:29:25

需求和技术应用

1.技术应用
acl控制pc不能访问r2
dhcp获取各个pc的地址
mstp的快速转发数据
vrrp的双机热备份
nat的地址转换
静态路由和默认路由的应用

拓扑图的设计

层次化技术实验

配置步骤

1.各个pc为dhcp获取
层次化技术实验
层次化技术实验
2.各个交换机划分vlan
各个交换机之间的端口类型配置
3.在两个三层交换机上配置dhcp地址池获取地址
4.配置vrrp的双机热备
5.配置mstp的快速模式
6.检测pc是否能ping到网关
7.查看vrrp的主备问题
8.在出口路由器上配置acl限制流量
在出口路由器上配置nat进行地址转换
最后结束
game over 今日小实验打卡

最后附上配置命令:
**1.dis current-configuration
sysname Huawei
vlan batch 10 20 100
stp instance 1 root primary
stp instance 2 root secondary
dhcp enable
stp region-configuration
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
drop-profile default
ip pool 1
gateway-list 10.1.1.254
network 10.1.1.0 mask 255.255.255.0
excluded-ip-address 10.1.1.100 10.1.1.251
lease unlimited
dns-list 8.8.8.8
ip pool 2
gateway-list 20.1.1.254
network 20.1.1.0 mask 255.255.255.0
lease unlimited
dns-list 8.8.8.8
domain-name www.123.com
interface Vlanif1
interface Vlanif10
ip address 10.1.1.100 255.255.255.0
vrrp vrid 10 virtual-ip 10.1.1.254
vrrp vrid 10 priority 150
dhcp select global
interface Vlanif20
ip address 20.1.1.100 255.255.255.0
vrrp vrid 20 virtual-ip 20.1.1.254
dhcp select global
interface Vlanif100
ip address 192.168.1.1 255.255.255.0
interface MEth0/0/1
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100

ip route-static 0.0.0.0 0.0.0.0 192.168.1.2**

2.dis cu

sysname Huawei

vlan batch 10 20 100

stp instance 1 root secondary
stp instance 2 root primary

cluster enable
ntdp enable
ndp enable

drop illegal-mac alarm

dhcp enable

diffserv domain default

stp region-configuration
instance 1 vlan 10
instance 2 vlan 20
active region-configuration

drop-profile default

ip pool 1
gateway-list 10.1.1.254
network 10.1.1.0 mask 255.255.255.0
excluded-ip-address 10.1.1.100 10.1.1.251
lease unlimited
dns-list 8.8.8.8

ip pool 2
gateway-list 20.1.1.254
network 20.1.1.0 mask 255.255.255.0
lease unlimited
dns-list 8.8.8.8
domain-name www.123.com

interface Vlanif1

interface Vlanif10
ip address 10.1.1.101 255.255.255.0
vrrp vrid 10 virtual-ip 10.1.1.254
dhcp select global

interface Vlanif20
ip address 20.1.1.101 255.255.255.0
vrrp vrid 20 virtual-ip 20.1.1.254
vrrp vrid 20 priority 150
dhcp select global

interface Vlanif100
ip address 192.168.20.1 255.255.255.0

interface MEth0/0/1

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094

interface GigabitEthernet0/0/3
port link-type access
port default vlan 100

ip route-static 0.0.0.0 0.0.0.0 192.168.20.2

***3.r1

nat address-group 1 172.16.1.1 172.16.1.2

interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 192.168.20.2 255.255.255.0

interface GigabitEthernet0/0/2
ip address 172.16.1.1 255.255.255.0
traffic-filter outbound acl 2000
nat outbound 2001
acl number 2000
rule 5 deny source 10.1.1.0 0.0.0.255
acl number 2001
rule 5 permit
ip route-static 10.1.1.0 255.255.255.0 192.168.1.1
ip route-static 20.1.1.0 255.255.255.0 192.168.20.1***

4.r2
ip route-static 0.0.0.0 0.0.0.0 172.16.1.1

相关推荐