eNSP综合小实验:VRRP、MSTP、Eth-Trunk、NAT、DHCP等技术应用

完成下图要求:

拓扑图:

配置命令:

由于交换机日志太多不便于复制,所以就复制命令。大概步骤如下:

第一步先分配IP地址,在sw1和sw2上创建VLAN100用于e0/0/3口配IP,在sw1、sw2、sw3、sw4上创建VLAN2,在sw1、sw2上创建vlanif1和vlanif2。建树组2,将sw1设为VLAN1的root,VLAN2的备份,将sw2设为VLAN2的root,VLAN1的备份。搭ospf使全网通,在sw1和sw2上vrrp建邻,解决网关冗余。配置DHCP,在vlanif1和vlanif2下开启全局地址分配。在r1上做nat和ospf缺省路由。再写一条静态缺省指向ISP。结束!

SW1:

复制代码
[SW1]disp current-configuration 
#
sysname SW1
#
vlan batch 2 100
#
stp instance 0 root primary
stp instance 2 root secondary
#
dhcp enable
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
drop-profile default
#
ip pool vlan1
 gateway-list 172.16.1.250
 network 172.16.1.0 mask 255.255.255.0
#
ip pool vlan2
 gateway-list 172.16.2.250
 network 172.16.2.0 mask 255.255.255.0
#
interface Vlanif1
 ip address 172.16.1.1 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.1.250
 vrrp vrid 1 priority 101
 dhcp select global
#
interface Vlanif2
 ip address 172.16.2.1 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.2.250
 vrrp vrid 2 priority 99
 dhcp select global
#
interface Vlanif100
 ip address 172.16.0.2 255.255.255.252
#
interface MEth0/0/1
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
interface NULL0
#
ospf 1
 area 0.0.0.0
  network 172.16.1.0 0.0.0.255
  network 172.16.2.0 0.0.0.255
  network 172.16.0.2 0.0.0.0

SW2:

复制代码
[SW2]disp current-configuration 
#
sysname SW2
#
vlan batch 2 100
#
stp instance 0 root secondary
stp instance 2 root primary
#
dhcp enable
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
ip pool vlan1
 gateway-list 172.16.1.250
 network 172.16.1.0 mask 255.255.255.0
#
ip pool vlan2
 gateway-list 172.16.2.250
 network 172.16.2.0 mask 255.255.255.0
#
interface Vlanif1
 ip address 172.16.1.2 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.1.250
 dhcp select global
#
interface Vlanif2
 ip address 172.16.2.2 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.2.250
 dhcp select global
#
interface Vlanif100
 ip address 172.16.0.6 255.255.255.252
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
ospf 1
 area 0.0.0.0
  network 172.16.1.2 0.0.0.0
  network 172.16.2.2 0.0.0.0
  network 172.16.0.6 0.0.0.0

SW3:

复制代码
[SW3]dis current-configuration 
#
sysname SW3
#
vlan batch 2
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
interface Vlanif1
#
interface Ethernet0/0/1
 port link-type access
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

SW4:

复制代码
[SW4]disp current-configuration 
#
sysname SW4
#
vlan batch 2
#
stp region-configuration
 region-name aa
 instance 2 vlan 2
 active region-configuration
#
interface Vlanif1
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 2
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

R1:

复制代码
<Huawei>sys
[Huawei]sys r1
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip add 172.16.0.1 30
[r1-GigabitEthernet0/0/0]int g 0/0/1
[r1-GigabitEthernet0/0/1]ip add 172.16.0.5 30
[r1-GigabitEthernet0/0/1]int g 0/0/2
[r1-GigabitEthernet0/0/2]ip add 12.1.1.1 24

[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 12.1.1.1 0.0.0.0

[r1-ospf-1]default-route-advertise always 

acl number 2000  
 rule 5 permit source 172.16.0.0 0.0.255.255 

interface GigabitEthernet0/0/2
 nat outbound 2000

ISP:

复制代码
<Huawei>sys
[Huawei]sys ISP
[ISP]int g 0/0/0
[ISP-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[ISP-GigabitEthernet0/0/0]int lo0
[ISP-LoopBack0]ip add 2.2.2.2 24

实验结果:






相关推荐
Andy杨2 小时前
20250718-1-Kubernetes 应用程序生命周期管理-应用部署、升级、弹性_笔记
linux·docker·容器
2301_780789664 小时前
UDP和TCP的主要区别是什么
服务器·网络协议·web安全·网络安全·udp
_丿丨丨_5 小时前
XSS(跨站脚本攻击)
前端·网络·xss
写写闲篇儿5 小时前
Python+MongoDB高效开发组合
linux·python·mongodb
一只栖枝6 小时前
HCIA-Security 认证精讲!网络安全理论与实战全掌握
网络·web安全·网络安全·智能路由器·hcia·it·hcia-security
FileLink跨网文件交换6 小时前
文件摆渡系统十大软件|文件摆渡系统如何构建网络安全呢?
网络
一个龙的传说7 小时前
linux 常用命令
linux·服务器·zookeeper
Ching·9 小时前
esp32使用ESP-IDF在Linux下的升级步骤,和遇到的坑Traceback (most recent call last):,及解决
linux·python·esp32·esp_idf升级
斯是 陋室9 小时前
在CentOS7.9服务器上安装.NET 8.0 SDK
运维·服务器·开发语言·c++·c#·云计算·.net