拓扑:

 

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析 

R1配置:

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 12.1.1.1 255.255.255.0
!
interface FastEthernet1/0
ip address 13.1.1.1 255.255.255.0

R2配置:

van 100

vlan 200

interface FastEthernet0/0
no switchport
ip address 12.1.1.2 255.255.255.0
ip nat outside
ip virtual-reassembly
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan100
ip address 192.168.100.100 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 100 ip 192.168.100.254
standby 100 preempt
!
interface Vlan200
ip address 192.168.200.200 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 200 ip 192.168.200.254
standby 200 preempt
!
ip route 0.0.0.0 0.0.0.0 12.1.1.1
!
ip nat inside source list 100 interface FastEthernet0/0 overload
ip nat inside source list 101 interface FastEthernet0/0 overload
!
access-list 100 permit ip 192.168.100.0 0.0.0.255 any
access-list 101 permit ip 192.168.200.0 0.0.0.255 any

R3配置:

vlan 100

vlan 200

interface FastEthernet0/0
switchport mode trunk
!
interface FastEthernet0/1
no switchport
ip address 13.1.1.3 255.255.255.0
ip nat outside
ip virtual-reassembly

interface FastEthernet0/15
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan100
ip address 192.168.100.101 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 100 ip 192.168.100.254
standby 100 preempt
!
interface Vlan200
ip address 192.168.200.201 255.255.255.0
ip nat inside
ip virtual-reassembly
standby 200 ip 192.168.200.254
standby 200 preempt
!
ip route 0.0.0.0 0.0.0.0 13.1.1.1
!
ip nat inside source list 100 interface FastEthernet0/1 overload
ip nat inside source list 101 interface FastEthernet0/1 overload
!
access-list 100 permit ip 192.168.100.0 0.0.0.255 any
access-list 101 permit ip 192.168.200.0 0.0.0.255 any

R4配置:

vlan 100

vlan 200

interface FastEthernet0/0
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 100
!
interface FastEthernet0/3
switchport access vlan 200

R5配置:

no ip routing

interface FastEthernet0/0
ip address 192.168.100.5 255.255.255.0
!
ip default-gateway 192.168.100.254

R6配置:

no ip routing

interface FastEthernet0/0
ip address 192.168.200.6 255.255.255.0
!
ip default-gateway 192.168.200.254

分析:

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

从上图可以看出R5的路径是

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

VLAN 100中的数据包是正常的。

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

VLAN 200 中的数据包路径是

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

可以看出VLAN 200中的数据包走了次优路径。

造成这个次优路径的原因是根交换机和ACTIVE不一致。

我做下面的调整

R2:

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

R3:

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析 

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析 

分析:

STP HSRP和NAT结合实现网络出口的冗余和次优路径分析 STP HSRP和NAT结合实现网络出口的冗余和次优路径分析 STP HSRP和NAT结合实现网络出口的冗余和次优路径分析

可以看出已经符合我们开始拓扑的要求了。