三层交换与路由的综合配置经典案例
|
模拟器可以模拟 # Simple lab
autostart = False
[localhost] `7200` p_w_picpath = D:\路由器\7200.bin # Full path to 7200 IOS p_w_picpath file. This is the fully qualified path relative to the system running dynamips. ram = 128 # Amount of Virtual RAM to allocate to each router instance nvram = 96 # Size of NVRAM disk0 = 64 # Set size of PCMCIA ATA disk0 disk1 = 64 # Set size of PCMCIA ATA disk1 cnfg = None # Configuration file to import. This is the fully qualified path relative to the system running dynamips. confreg = 0x2102 # Set the configuration register clock = 2 # Clock divisor (should no longer been needed as of dynamips 0.2.5 RC1) mmap = True # Set to false to use real memory rather than a disk file for router vitural memory. Conserves RAM at the expense of performance. Defaults to True exec_area = 64 # Set the exec area size `ROUTER r1` model = 7200 f2/0 = NIO_gen_eth:\Device\NPF_{CA4642AB-4C39-4131-9968- B653B0C61FD8} #s1/0 = r2 s1/0 f0/0 = r2 f0/13 idlepc = 0x6072d4b4 `ROUTER r2` model = 3640 console = 2001 p_w_picpath = D:\路由器\3640.bin slot0 = NM-16ESW 注意这里是16 个交换端口 f0/14 = r3 f0/0 f0/15 = r4 f0/0 idlepc = 0x604ec6d8 #f0/0 = r3 f0/0 #s1/1 = r3 s1/1 #idlepc = 0xffffffff80009f94
`ROUTER r3` model = 7200 #f2/0 = r4 f2/0 #s1/0 = r4 s1/0 idlepc = 0xffffffff8000ae84 `ROUTER r4` model = 7200 idlepc = 0x6072d2dc #f0/0 = r5 f0/0 要求:分三个vlan,vlan2,vlan3 vlan 100.Vlan100 与路器通信,vlan2 网关为192.168.2.1 vlan3 为192.168.3.1 vlan100 为192.168.1.1,路由器f0/0 接口为192.168.1.1 。 怎么配置才能让pc1 pc2 能与外网通信。路由器配置与外网认为以配置好. 配置命令 r1(config)#int f0/0 r1(config-if)#no sh r1(config-if)#du fu r1(config-if)#ip add 192.168.1.1 255.255.255.0 r1(config-if)#no sh r1(config-if)#end r1(config)#int lo0 r1(config-if)#ip add 1.1.1.1 255.255.255.0 r1(config-if)#no sh r1(config-if)#end 配置vlan,将端口分入vlan r2#vlan da r2(vlan)#vlan 100 name 100 VLAN 100 added: Name: 100 r2(vlan)#vlan 2 name 2 VLAN 2 modified: Name: 2 r2(vlan)#vlan 3 name 3 VLAN 3 added: Name: 3
r2(vlan)#exit APPLY completed. Exiting.... r2(config)#int vlan 100 r2(config-if)#ip add 192.168.1.2 255.255.255.0 r2(config-if)#no sh r2(config-if)#int vlan 2 r2(config-if)#no sh r2(config-if)#ip add 192.168.2.1 255.255.255.0 r2(config-if)#int vlan 3 r2(config-if)#ip add 192.168.3.1 255.255.255.0 r2(config-if)#no sh r2(config-if)#end r2(config)#int f0/13 r2(config-if)#no sh r2(config-if)#du fu r2(config-if)#sp 100 r2(config-if)#swi mode acc r2(config-if)#swi acc vlan 100 r2(config-if)#end r2(config)#int f0/14 r2(config-if)#no sh r2(config-if)#du fu r2(config-if)#sp 100 r2(config-if)#swi mode acc r2(config-if)#swi acc vlan 2 r2(config-if)#int f0/15 r2(config-if)#no sh r2(config-if)#du fu r2(config-if)#sp 100 r2(config-if)#swi mode acc r2(config-if)#swi acc vlan 3 r2(config-if)#end R3 模拟pc,注意去路由功能,还有设置网关,地址。 r3(config)#no ip routi r3(config)#int f0/0 r3(config-if)#no sh r3(config-if)#du fu r3(config-if)#ip add 192.168.2.2 255.255.255.0
r3(config-if)#end r3(config)#ip default-g 192.168.2.1 r4(config)#no ip routi r4(config)#int f0/0 r4(config-if)#no sh r4(config-if)#du fu r4(config-if)#ip add 192.168.3.2 255.255.255.0 r4(config-if)#no sh r4(config-if)#end r4(config)#ip default-g 192.168.3.1 在这里设置完成,但是能ping 通网关ping 不通对vlan2 的主机,原因没有打开交换机的 路由功能。在高端交换机,路由功能是默认打开,但是35 等是关闭。手工打开。 r4#ping 192.168.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/24/40 ms r4#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) r2(config)#ip routi 路由功能打开,可以ping 通vlan 主机。 r4#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/34/68 ms 但是ping 不通路由器的地址。因为交换机没有到达路由器的路由。 r4#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) 设置到达路由器的静态路由。 r2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1 r2(config)#end 设置路由器到达交换机的两条回程路由。不然,pc 直能有去的路由,没有回来的路由。仍 然不通。 r1#conf t r1(config)#ip route 192.168.2.0 255.255.255.0 192.168.1.2 r1(config)#ip route 192.168.3.0 255.255.255.0 192.168.1.2 r1(config)#end r4#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/60 ms r4#ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/54/68 ms 在这个实验中,两点应当注意,就是交换机与路由器上的几个静态路由。当然,路由器要与 外面通信,还要配置接口地址,还要配置nat。三层交换机不能直接与外网通信的一个主要问题就是不支持nat |
模拟器可以模拟
# Simple lab
autostart = False
[localhost]
`7200`
p_w_picpath = D:\路由器\7200.bin # Full path to 7200 IOS p_w_picpath file. This is
the fully qualified path relative to the system running dynamips.
ram = 128 # Amount of Virtual RAM to allocate to each router
instance
nvram = 96 # Size of NVRAM
disk0 = 64 # Set size of PCMCIA ATA disk0
disk1 = 64 # Set size of PCMCIA ATA disk1
cnfg = None # Configuration file to import. This is the fully qualified
path relative to the system running dynamips.
confreg = 0x2102 # Set the configuration register
clock = 2 # Clock divisor (should no longer been needed as of
dynamips 0.2.5 RC1)
mmap = True # Set to false to use real memory rather than a disk file
for router vitural memory. Conserves RAM at the expense of performance.
Defaults to True
exec_area = 64 # Set the exec area size
`ROUTER r1`
model = 7200
f2/0 = NIO_gen_eth:\Device\NPF_{CA4642AB-4C39-4131-9968-
B653B0C61FD8}
#s1/0 = r2 s1/0
f0/0 = r2 f0/13
idlepc = 0x6072d4b4
`ROUTER r2`
model = 3640
console = 2001
p_w_picpath = D:\路由器\3640.bin
slot0 = NM-16ESW 注意这里是16 个交换端口
f0/14 = r3 f0/0
f0/15 = r4 f0/0
idlepc = 0x604ec6d8
#f0/0 = r3 f0/0
#s1/1 = r3 s1/1
[localhost]
`7200`
p_w_picpath = D:\路由器\7200.bin # Full path to 7200 IOS p_w_picpath file. This is
the fully qualified path relative to the system running dynamips.
ram = 128 # Amount of Virtual RAM to allocate to each router
instance
nvram = 96 # Size of NVRAM
disk0 = 64 # Set size of PCMCIA ATA disk0
disk1 = 64 # Set size of PCMCIA ATA disk1
cnfg = None # Configuration file to import. This is the fully qualified
path relative to the system running dynamips.
confreg = 0x2102 # Set the configuration register
clock = 2 # Clock divisor (should no longer been needed as of
dynamips 0.2.5 RC1)
mmap = True # Set to false to use real memory rather than a disk file
for router vitural memory. Conserves RAM at the expense of performance.
Defaults to True
exec_area = 64 # Set the exec area size
`ROUTER r1`
model = 7200
f2/0 = NIO_gen_eth:\Device\NPF_{CA4642AB-4C39-4131-9968-
B653B0C61FD8}
#s1/0 = r2 s1/0
f0/0 = r2 f0/13
idlepc = 0x6072d4b4
`ROUTER r2`
model = 3640
console = 2001
p_w_picpath = D:\路由器\3640.bin
slot0 = NM-16ESW 注意这里是16 个交换端口
f0/14 = r3 f0/0
f0/15 = r4 f0/0
idlepc = 0x604ec6d8
#f0/0 = r3 f0/0
#s1/1 = r3 s1/1
#idlepc = 0xffffffff80009f94
`ROUTER r3`
model = 7200
#f2/0 = r4 f2/0
#s1/0 = r4 s1/0
idlepc = 0xffffffff8000ae84
`ROUTER r4`
model = 7200
idlepc = 0x6072d2dc
#f0/0 = r5 f0/0
要求:分三个vlan,vlan2,vlan3 vlan 100.Vlan100 与路器通信,vlan2 网关为192.168.2.1
vlan3 为192.168.3.1 vlan100 为192.168.1.1,路由器f0/0 接口为192.168.1.1 。
怎么配置才能让pc1 pc2 能与外网通信。路由器配置与外网认为以配置好.
配置命令
r1(config)#int f0/0
r1(config-if)#no sh
r1(config-if)#du fu
r1(config-if)#ip add 192.168.1.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#end
r1(config)#int lo0
r1(config-if)#ip add 1.1.1.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#end
配置vlan,将端口分入vlan
r2#vlan da
r2(vlan)#vlan 100 name 100
VLAN 100 added:
Name: 100
r2(vlan)#vlan 2 name 2
VLAN 2 modified:
Name: 2
r2(vlan)#vlan 3 name 3
VLAN 3 added:
`ROUTER r3`
model = 7200
#f2/0 = r4 f2/0
#s1/0 = r4 s1/0
idlepc = 0xffffffff8000ae84
`ROUTER r4`
model = 7200
idlepc = 0x6072d2dc
#f0/0 = r5 f0/0
要求:分三个vlan,vlan2,vlan3 vlan 100.Vlan100 与路器通信,vlan2 网关为192.168.2.1
vlan3 为192.168.3.1 vlan100 为192.168.1.1,路由器f0/0 接口为192.168.1.1 。
怎么配置才能让pc1 pc2 能与外网通信。路由器配置与外网认为以配置好.
配置命令
r1(config)#int f0/0
r1(config-if)#no sh
r1(config-if)#du fu
r1(config-if)#ip add 192.168.1.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#end
r1(config)#int lo0
r1(config-if)#ip add 1.1.1.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#end
配置vlan,将端口分入vlan
r2#vlan da
r2(vlan)#vlan 100 name 100
VLAN 100 added:
Name: 100
r2(vlan)#vlan 2 name 2
VLAN 2 modified:
Name: 2
r2(vlan)#vlan 3 name 3
VLAN 3 added:
Name: 3
r2(vlan)#exit
APPLY completed.
Exiting....
r2(config)#int vlan 100
r2(config-if)#ip add 192.168.1.2 255.255.255.0
r2(config-if)#no sh
r2(config-if)#int vlan 2
r2(config-if)#no sh
r2(config-if)#ip add 192.168.2.1 255.255.255.0
r2(config-if)#int vlan 3
r2(config-if)#ip add 192.168.3.1 255.255.255.0
r2(config-if)#no sh
r2(config-if)#end
r2(config)#int f0/13
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 100
r2(config-if)#end
r2(config)#int f0/14
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 2
r2(config-if)#int f0/15
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 3
r2(config-if)#end
R3 模拟pc,注意去路由功能,还有设置网关,地址。
r3(config)#no ip routi
r3(config)#int f0/0
r3(config-if)#no sh
r3(config-if)#du fu
r2(vlan)#exit
APPLY completed.
Exiting....
r2(config)#int vlan 100
r2(config-if)#ip add 192.168.1.2 255.255.255.0
r2(config-if)#no sh
r2(config-if)#int vlan 2
r2(config-if)#no sh
r2(config-if)#ip add 192.168.2.1 255.255.255.0
r2(config-if)#int vlan 3
r2(config-if)#ip add 192.168.3.1 255.255.255.0
r2(config-if)#no sh
r2(config-if)#end
r2(config)#int f0/13
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 100
r2(config-if)#end
r2(config)#int f0/14
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 2
r2(config-if)#int f0/15
r2(config-if)#no sh
r2(config-if)#du fu
r2(config-if)#sp 100
r2(config-if)#swi mode acc
r2(config-if)#swi acc vlan 3
r2(config-if)#end
R3 模拟pc,注意去路由功能,还有设置网关,地址。
r3(config)#no ip routi
r3(config)#int f0/0
r3(config-if)#no sh
r3(config-if)#du fu
r3(config-if)#ip add 192.168.2.2 255.255.255.0
r3(config-if)#end
r3(config)#ip default-g 192.168.2.1
r4(config)#no ip routi
r4(config)#int f0/0
r4(config-if)#no sh
r4(config-if)#du fu
r4(config-if)#ip add 192.168.3.2 255.255.255.0
r4(config-if)#no sh
r4(config-if)#end
r4(config)#ip default-g 192.168.3.1
在这里设置完成,但是能ping 通网关ping 不通对vlan2 的主机,原因没有打开交换机的
路由功能。在高端交换机,路由功能是默认打开,但是35 等是关闭。手工打开。
r4#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
8/24/40 ms
r4#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2
seconds:
.....
Success rate is 0 percent (0/5)
r2(config)#ip routi
路由功能打开,可以ping 通vlan 主机。
r4#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2
r3(config-if)#end
r3(config)#ip default-g 192.168.2.1
r4(config)#no ip routi
r4(config)#int f0/0
r4(config-if)#no sh
r4(config-if)#du fu
r4(config-if)#ip add 192.168.3.2 255.255.255.0
r4(config-if)#no sh
r4(config-if)#end
r4(config)#ip default-g 192.168.3.1
在这里设置完成,但是能ping 通网关ping 不通对vlan2 的主机,原因没有打开交换机的
路由功能。在高端交换机,路由功能是默认打开,但是35 等是关闭。手工打开。
r4#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
8/24/40 ms
r4#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2
seconds:
.....
Success rate is 0 percent (0/5)
r2(config)#ip routi
路由功能打开,可以ping 通vlan 主机。
r4#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
8/34/68 ms
但是ping 不通路由器的地址。因为交换机没有到达路由器的路由。
r4#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2
seconds:
.....
Success rate is 0 percent (0/5)
设置到达路由器的静态路由。
r2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
r2(config)#end
设置路由器到达交换机的两条回程路由。不然,pc 直能有去的路由,没有回来的路由。仍
然不通。
r1#conf t
r1(config)#ip route 192.168.2.0 255.255.255.0 192.168.1.2
r1(config)#ip route 192.168.3.0 255.255.255.0 192.168.1.2
r1(config)#end
r4#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
16/38/60 ms
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
8/34/68 ms
但是ping 不通路由器的地址。因为交换机没有到达路由器的路由。
r4#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2
seconds:
.....
Success rate is 0 percent (0/5)
设置到达路由器的静态路由。
r2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
r2(config)#end
设置路由器到达交换机的两条回程路由。不然,pc 直能有去的路由,没有回来的路由。仍
然不通。
r1#conf t
r1(config)#ip route 192.168.2.0 255.255.255.0 192.168.1.2
r1(config)#ip route 192.168.3.0 255.255.255.0 192.168.1.2
r1(config)#end
r4#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
16/38/60 ms
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
32/54/68 ms
在这个实验中,两点应当注意,就是交换机与路由器上的几个静态路由。当然,路由器要与
外面通信,还要配置接口地址,还要配置nat。三层交换机不能直接与外网通信的一个主要问题就是不支持nat
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max =
32/54/68 ms
在这个实验中,两点应当注意,就是交换机与路由器上的几个静态路由。当然,路由器要与
外面通信,还要配置接口地址,还要配置nat。三层交换机不能直接与外网通信的一个主要问题就是不支持nat
本文出自 “清枫阁” 博客,转载请与作者联系!
转载于:https://blog.51cto.com/517055/308182