eNSP综合小实验:VRRP、MSTP、Eth-Trunk、NAT、DHCP等技术应用

Vanilla-li2023-08-26 1:09

完成下图要求:

拓扑图:

配置命令:

由于交换机日志太多不便于复制,所以就复制命令。大概步骤如下:

第一步先分配IP地址,在sw1和sw2上创建VLAN100用于e0/0/3口配IP,在sw1、sw2、sw3、sw4上创建VLAN2,在sw1、sw2上创建vlanif1和vlanif2。建树组2,将sw1设为VLAN1的root,VLAN2的备份,将sw2设为VLAN2的root,VLAN1的备份。搭ospf使全网通,在sw1和sw2上vrrp建邻,解决网关冗余。配置DHCP,在vlanif1和vlanif2下开启全局地址分配。在r1上做nat和ospf缺省路由。再写一条静态缺省指向ISP。结束!

SW1:

复制代码 
[SW1]disp current-configuration 
#
sysname SW1
#
vlan batch 2 100
#
stp instance 0 root primary
stp instance 2 root secondary
#
dhcp enable
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
drop-profile default
#
ip pool vlan1
 gateway-list 172.16.1.250
 network 172.16.1.0 mask 255.255.255.0
#
ip pool vlan2
 gateway-list 172.16.2.250
 network 172.16.2.0 mask 255.255.255.0
#
interface Vlanif1
 ip address 172.16.1.1 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.1.250
 vrrp vrid 1 priority 101
 dhcp select global
#
interface Vlanif2
 ip address 172.16.2.1 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.2.250
 vrrp vrid 2 priority 99
 dhcp select global
#
interface Vlanif100
 ip address 172.16.0.2 255.255.255.252
#
interface MEth0/0/1
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
interface NULL0
#
ospf 1
 area 0.0.0.0
  network 172.16.1.0 0.0.0.255
  network 172.16.2.0 0.0.0.255
  network 172.16.0.2 0.0.0.0

SW2:

复制代码 
[SW2]disp current-configuration 
#
sysname SW2
#
vlan batch 2 100
#
stp instance 0 root secondary
stp instance 2 root primary
#
dhcp enable
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
ip pool vlan1
 gateway-list 172.16.1.250
 network 172.16.1.0 mask 255.255.255.0
#
ip pool vlan2
 gateway-list 172.16.2.250
 network 172.16.2.0 mask 255.255.255.0
#
interface Vlanif1
 ip address 172.16.1.2 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.1.250
 dhcp select global
#
interface Vlanif2
 ip address 172.16.2.2 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.2.250
 dhcp select global
#
interface Vlanif100
 ip address 172.16.0.6 255.255.255.252
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
ospf 1
 area 0.0.0.0
  network 172.16.1.2 0.0.0.0
  network 172.16.2.2 0.0.0.0
  network 172.16.0.6 0.0.0.0

SW3:

复制代码 
[SW3]dis current-configuration 
#
sysname SW3
#
vlan batch 2
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
interface Vlanif1
#
interface Ethernet0/0/1
 port link-type access
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

SW4:

复制代码 
[SW4]disp current-configuration 
#
sysname SW4
#
vlan batch 2
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
interface Vlanif1
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

R1:

复制代码 
<Huawei>sys
[Huawei]sys r1
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip add 172.16.0.1 30
[r1-GigabitEthernet0/0/0]int g 0/0/1
[r1-GigabitEthernet0/0/1]ip add 172.16.0.5 30
[r1-GigabitEthernet0/0/1]int g 0/0/2
[r1-GigabitEthernet0/0/2]ip add 12.1.1.1 24

[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 12.1.1.1 0.0.0.0

[r1-ospf-1]default-route-advertise always 

acl number 2000  
 rule 5 permit source 172.16.0.0 0.0.255.255 

interface GigabitEthernet0/0/2
 nat outbound 2000

ISP:

复制代码 
<Huawei>sys
[Huawei]sys ISP
[ISP]int g 0/0/0
[ISP-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[ISP-GigabitEthernet0/0/0]int lo0
[ISP-LoopBack0]ip add 2.2.2.2 24

实验结果:






相关推荐
汤愈韬3 小时前
ACL概述、ACL原理、基本ACL应用及配置
网络·网络协议·网络安全
微露清风3 小时前
系统性学习Linux-第二讲-基础开发工具
linux·运维·学习
不会代码的小猴3 小时前
Linux环境编程第六天笔记--system-V IPC
linux·笔记
阳光九叶草LXGZXJ3 小时前
达梦数据库-学习-48-DmDrs控制台命令(同步之Manager、CPT模块)
linux·运维·数据库·sql·学习
诸神缄默不语3 小时前
Linux命令行教程
linux
小二李5 小时前
第11章 nestjs服务端开发:登录鉴权
运维·服务器
i建模6 小时前
如何在Arch Linux中重设忘记的root密码
linux·运维·服务器
码刘的极客手记6 小时前
VCAP4-DCA Beta 考试体验分享与 esxcli 自动化实战(第二、三部分)
网络·esxi·vmware·虚拟机
kida_yuan7 小时前
【Linux】运维实战笔记 — 我常用的方法与命令
linux·运维·笔记
@syh.7 小时前
【linux】进程控制
linux
热门推荐
01GitHub 镜像站点02Clawdbot 中文汉化版 接入微信、飞书03OpenCode 入门教程:介绍 · 安装 · 配置第三方 API (如 Claude)04OpenClaw部署与配置教程:在Mac mini上接入国产大模型与飞书05Claude Code + GLM4.7 避坑指南:解决 Unable to connect to Anthropic services06UV安装并设置国内源072026美赛A题智能手机电池续航时间预测的连续时间数学模型08Claude Code Skills 实用使用手册09Linux下V2Ray安装配置指南10在Trae中使用Pencil MCP