华为mstp、vrrp、ospf、isis、bgp等综合一起排错

最终实现左边私网和右边私网全部ping通

SW1

vlan batch 12 34

stp region-configuration //mstp配置

region-name test

instance 12 vlan 12

instance 34 vlan 34

active region-configuration

interface GigabitEthernet0/0/3

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/10

port link-type access

port default vlan 12

interface GigabitEthernet0/0/11

port link-type access

port default vlan 12

SW2

vlan batch 12 34

stp region-configuration

region-name test

instance 12 vlan 12

instance 34 vlan 34

active region-configuration

interface GigabitEthernet0/0/3

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/10

port link-type access

port default vlan 34

interface GigabitEthernet0/0/11

port link-type access

port default vlan 34

SW3

vlan batch 12 to 13 34

stp instance 12 root primary //设置为主根

stp instance 34 root secondary //设置为备根

stp region-configuration

region-name test

instance 12 vlan 12

instance 34 vlan 34

active region-configuration

interface Vlanif12

ip address 192.168.12.3 255.255.255.0

vrrp vrid 1 virtual-ip 192.168.12.254 //vrrp配置

vrrp vrid 1 priority 150

interface Vlanif13

ip address 10.0.13.3 255.255.255.0

interface Vlanif34

ip address 192.168.34.3 255.255.255.0

vrrp vrid 2 virtual-ip 192.168.34.254

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type access

port default vlan 13

interface GigabitEthernet0/0/2

interface GigabitEthernet0/0/3

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 12 34

ip route-static 0.0.0.0 0.0.0.0 10.0.13.1

SW4

vlan batch 12 14 34

stp instance 12 root secondary

stp instance 34 root primary

stp region-configuration

region-name test

instance 12 vlan 12

instance 34 vlan 34

active region-configuration

interface Vlanif12

ip address 192.168.12.4 255.255.255.0

vrrp vrid 1 virtual-ip 192.168.12.254

interface Vlanif14

ip address 10.0.14.4 255.255.255.0

interface Vlanif34

ip address 192.168.34.4 255.255.255.0

vrrp vrid 2 virtual-ip 192.168.34.254

vrrp vrid 2 priority 150

interface MEth0/0/1

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

port link-type access

port default vlan 14

interface GigabitEthernet0/0/3

port link-type trunk

port trunk allow-pass vlan 12 34

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 12 34

ip route-static 0.0.0.0 0.0.0.0 10.0.14.1

R1

interface GigabitEthernet0/0/0

ip address 10.0.12.1 255.255.255.0

interface GigabitEthernet0/0/1

ip address 10.0.13.1 255.255.255.0

interface GigabitEthernet0/0/2

ip address 10.0.14.1 255.255.255.0

interface LoopBack0

ip address 10.0.1.1 255.255.255.255

bgp 100

router-id 10.0.1.1

peer 10.0.2.2 as-number 100

peer 10.0.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

import-route static //导入静态,刚好静态通过ip route-static查看只有12、34段

peer 10.0.2.2 enable

peer 10.0.2.2 next-hop-local

ospf 1 router-id 10.0.1.1

area 0.0.0.0

network 10.0.1.1 0.0.0.0

network 10.0.12.1 0.0.0.0

ip route-static 192.168.12.0 255.255.255.0 10.0.13.3

ip route-static 192.168.12.0 255.255.255.0 10.0.14.4 preference 70

ip route-static 192.168.34.0 255.255.255.0 10.0.13.3 preference 70

ip route-static 192.168.34.0 255.255.255.0 10.0.14.4

//让12和34段的回去的包走原来出去的路径回包,源进源出

R2

isis 1

cost-style wide

network-entity 49.0001.0000.0000.0002.00

import-route ospf 1 level-1 //右边和r3建立的是级别1,这里导入ospf必须选择级别1

interface GigabitEthernet0/0/0

ip address 10.0.12.2 255.255.255.0

interface GigabitEthernet0/0/1

ip address 10.0.23.2 255.255.255.0

isis enable 1

isis circuit-level level-1 //只和右边r3建立的是级别1,所以不让这个口发级别2的包出

interface LoopBack0

ip address 10.0.2.2 255.255.255.255

isis enable 1

bgp 100

router-id 10.0.2.2

peer 10.0.1.1 as-number 100

peer 10.0.1.1 connect-interface LoopBack0

peer 10.0.3.3 as-number 100

peer 10.0.3.3 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 10.0.1.1 enable

peer 10.0.1.1 reflect-client

peer 10.0.3.3 enable

peer 10.0.3.3 reflect-client

ospf 1 router-id 10.0.2.2

import-route isis 1

area 0.0.0.0

network 10.0.2.2 0.0.0.0

network 10.0.12.2 0.0.0.0

R3

dhcp enable

ip pool test

gateway-list 192.168.56.254

network 192.168.56.0 mask 255.255.255.0

excluded-ip-address 192.168.56.6

dns-list 192.168.1.1

isis 1

is-level level-1

cost-style wide

network-entity 49.0001.0000.0000.0003.00

firewall zone Local

priority 15

interface GigabitEthernet0/0/0

interface GigabitEthernet0/0/1

ip address 10.0.23.3 255.255.255.0

isis enable 1

interface GigabitEthernet0/0/2.35 //用子接口

dot1q termination vid 35

ip address 10.0.35.3 255.255.255.0

arp broadcast enable

dhcp select global

interface LoopBack0

ip address 10.0.3.3 255.255.255.255

isis enable 1

bgp 100

router-id 10.0.3.3

peer 10.0.2.2 as-number 100

peer 10.0.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

import-route static //导入静态,刚好静态通过ip route-static查看只有56段

peer 10.0.2.2 enable

peer 10.0.2.2 next-hop-local

ip route-static 192.168.56.0 255.255.255.0 10.0.35.5

SW5

vlan batch 35 56

dhcp enable

interface Vlanif35

ip address 10.0.35.5 255.255.255.0

interface Vlanif56

ip address 192.168.56.254 255.255.255.0

dhcp select relay //中继R3上面的dhcp地址池

dhcp relay server-ip 10.0.35.3

interface GigabitEthernet0/0/2

port link-type trunk

port trunk allow-pass vlan 35

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 56

ip route-static 0.0.0.0 0.0.0.0 10.0.35.3

SW6

vlan batch 56

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 56

interface GigabitEthernet0/0/10

port link-type access

port default vlan 56

interface GigabitEthernet0/0/11

port link-type access

port default vlan 56

相关推荐
脑子缺根弦31 分钟前
融合优势:SIP 广播对讲联动华为会议 全场景沟通响应提速
华为·音视频·广播对讲系统
2301_780789663 小时前
UDP和TCP的主要区别是什么
服务器·网络协议·web安全·网络安全·udp
_丿丨丨_5 小时前
XSS(跨站脚本攻击)
前端·网络·xss
一只栖枝6 小时前
HCIA-Security 认证精讲!网络安全理论与实战全掌握
网络·web安全·网络安全·智能路由器·hcia·it·hcia-security
FileLink跨网文件交换6 小时前
文件摆渡系统十大软件|文件摆渡系统如何构建网络安全呢?
网络
一个龙的传说6 小时前
linux 常用命令
linux·服务器·zookeeper
斯是 陋室8 小时前
在CentOS7.9服务器上安装.NET 8.0 SDK
运维·服务器·开发语言·c++·c#·云计算·.net
晨欣9 小时前
大型语言模型(LLM)在网络安全中最具商业价值的应用场景(Grok3 回答 DeepSearch模式)
网络·web安全·语言模型
有书Show9 小时前
个人IP的塑造方向有哪些?
网络·网络协议·tcp/ip
HHRL-yx9 小时前
C++网络编程 5.TCP套接字(socket)通信进阶-基于多线程的TCP多客户端通信
网络·c++·tcp/ip