HCIA综合实验

学习新思想,争做新青年。今天学习的是HCIA综合实验!

实验拓扑

实验需求

总部:

1、除了SW8 SW9是三层交换机,其他交换机均为2层交换机。

2、GW为总部的出口设备,使用单臂路由技术,VLAN10,20,100的网关都在GW上

3、总部、分支8、分支9之间互有专线连接,目标:GW与SW8与SW9三台建立OSPF

互相宣告互为邻居,进程号200,区域0,达到企业内网全网互通。

4、在SW8和SW9建立的邻居中,SW8的互联接口要永远成为DR

5、要求DHCP服务器在路由追踪PC8的时候,路径中必须包含SW9

特性:

6、VLAN10,20的PC均由DHCP服务器提供IP地址,DHCP服务器的地址池配置如下

VLAN10:192.168.10.0/24 GW:192.168.10.254 DNS:8.8.8.8 租期:8天

VLAN20:192.168.20.0/24 GW:192.168.20.254 DNS:8.8.8.8 租期:8天

PC2是老板的PC,老板要求通过DHCP给他固定IP:192.168.20.100/24其他与地址池一致

由于员工区存在打印机,需要排除掉192.168.10.240~254;192.168.20.240~254

7、GW路由器使用NAT技术,配置EASY IP技术让内部设备可以上网,在Internet路由器上使用

环回接口模拟公网地址,让所有PC可以Ping通100.1.1.1

8、服务器区有一台HTTP服务器,将其80端口发布至Internet网络,在Internet路由器上使用

telnet 70.1.1.1 80 来验证是否成功

分支8:

1、PC8配置静态IP,PC8可以通过总部GW上网,ping 100.1.1.1

分支9:

1、PC9配置静态IP,PC9可以通过总部GW上网,ping 100.1.1.1

实验配置

GW

登录后复制

plain 复制代码
sysname GW

#

undo info-center enable

#

vlan batch 10 20 100 200 to 202

#

dhcp enable   //使能DHCP

#

acl number 2000   //创建ACL

rule 5 permit

#

interface Eth-Trunk1   //创建聚合口1

undo portswitch           //切换为三层接口

#

interface Eth-Trunk1.10    //进入聚合口的子接口

dot1q termination vid 10  

ip address 192.168.10.254 255.255.255.0

arp broadcast enable    //使能arp广播

dhcp select relay      //使能子接口DHCP中继

dhcp relay server-ip 192.168.100.100  //配置DHCP服务器地址

#

interface Eth-Trunk1.20

dot1q termination vid 20

ip address 192.168.20.254 255.255.255.0

arp broadcast enable

dhcp select relay

dhcp relay server-ip 192.168.100.100

#

interface Eth-Trunk1.100

dot1q termination vid 100

ip address 192.168.100.254 255.255.255.0

arp broadcast enable

#

interface Eth-Trunk1.200

dot1q termination vid 200

ip address 60.30.1.2 255.255.255.248

arp broadcast enable

nat server protocol tcp global 70.1.1.1 www inside 192.168.100.101 www   //配置NAT转换

nat outbound 2000

#

interface Eth-Trunk1.201

dot1q termination vid 201

ip address 192.168.201.1 255.255.255.0

ospf cost 3    //修改路径开销为3

arp broadcast enable

#

interface Eth-Trunk1.202

dot1q termination vid 202

ip address 192.168.202.1 255.255.255.0

arp broadcast enable

#

interface GigabitEthernet0/0/0

eth-trunk 1

#

interface GigabitEthernet0/0/1

eth-trunk 1

#

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

#

ospf 100 router-id 1.1.1.1

area 0.0.0.0

  network 1.1.1.1 0.0.0.0

  network 60.30.1.0 0.0.0.255

  network 192.168.10.0 0.0.0.255

  network 192.168.20.0 0.0.0.255

  network 192.168.100.0 0.0.0.255

  network 192.168.201.0 0.0.0.255

  network 192.168.202.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 60.30.1.1

#

return

L2-Core-SW

登录后复制

plain 复制代码
sysname L2-Core-SW

#

undo info-center enable

#

vlan batch 10 20 100 200 to 202

#

interface Eth-Trunk1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface Eth-Trunk2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 201

#

interface GigabitEthernet0/0/2

 eth-trunk 1

#

interface GigabitEthernet0/0/3

 eth-trunk 1

#

interface GigabitEthernet0/0/4

 eth-trunk 2

#

interface GigabitEthernet0/0/5

 eth-trunk 2

#

interface GigabitEthernet0/0/6

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/7

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/8

 port hybrid tagged vlan 100

#

interface GigabitEthernet0/0/9

 port link-type access

 port default vlan 202

DHCP

登录后复制

plain 复制代码
sysname DHCP
#
 undo info-center enable
#
dhcp enable
#
ip pool VLAN10
 gateway-list 192.168.10.254 
 network 192.168.10.0 mask 255.255.255.0 
 excluded-ip-address 192.168.10.240 192.168.10.253 
 lease day 8 hour 0 minute 0 
 dns-list 8.8.8.8 
#
ip pool VLAN20
 gateway-list 192.168.20.254 
 network 192.168.20.0 mask 255.255.255.0 
 static-bind ip-address 192.168.20.100 mac-address 5489-9806-68e7 
 excluded-ip-address 192.168.20.240 192.168.20.253 
 lease day 8 hour 0 minute 0 
 dns-list 8.8.8.8 
#
interface GigabitEthernet0/0/0
 ip address 192.168.100.100 255.255.255.0 
 dhcp select global
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.254

ACC_SW

sysname ACC_SW # undo info-center enable # vlan batch 200 # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/1 port link-type access port default vlan 200 # interface GigabitEthernet0/0/2 eth-trunk 1 # interface GigabitEthernet0/0/3 eth-trunk 1

ACC-SW-Staff01

登录后复制

plain 复制代码
#

sysname ACC-SW-Staff01

#

undo info-center enable

#

vlan batch 10

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 10

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

ACC-SW-Staff02

登录后复制

plain 复制代码
#

sysname ACC-SW-Staff02

#

undo info-center enable

#

vlan batch 20

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk pvid vlan 20

 port trunk allow-pass vlan 20

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

ACC-SW-Server01

登录后复制

plain 复制代码
#

sysname ACC-SW-Server01

#

undo info-center enable

#

vlan batch 100

#

interface GigabitEthernet0/0/1

 port hybrid pvid vlan 100

 port hybrid untagged vlan 100

#

interface GigabitEthernet0/0/2

 port hybrid pvid vlan 100

 port hybrid untagged vlan 100

#

interface GigabitEthernet0/0/3

 port hybrid tagged vlan 100

SW8

登录后复制

plain 复制代码
#

sysname SW8

#

undo info-center enable

#

vlan batch 80 201 203

#

interface Vlanif80

 ip address 192.168.80.254 255.255.255.0

#

interface Vlanif201

 ip address 192.168.201.2 255.255.255.0

#

interface Vlanif203

 ip address 192.168.203.1 255.255.255.0

 ospf dr-priority 255  //修改ospf优先级

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 201

#

interface GigabitEthernet0/0/2

 port link-type access

 port default vlan 80

#

interface GigabitEthernet0/0/3

 port link-type access

 port default vlan 203

#

interface LoopBack0

 ip address 8.8.8.8 255.255.255.255

#

ospf 100 router-id 8.8.8.8

 area 0.0.0.0

  network 8.8.8.8 0.0.0.0

  network 192.168.201.0 0.0.0.255

  network 192.168.80.0 0.0.0.255

  network 192.168.203.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 192.168.201.1

#

return

SW9

登录后复制

plain 复制代码
#

sysname SW9

#

undo info-center enable

#

vlan batch 90 202 to 203

#

interface Vlanif90

 ip address 192.168.90.254 255.255.255.0

#

interface Vlanif202

 ip address 192.168.202.2 255.255.255.0

#

interface Vlanif203

 ip address 192.168.203.2 255.255.255.0

#

interface MEth0/0/1

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 202

#

interface GigabitEthernet0/0/2

 port link-type access

 port default vlan 90

#

interface GigabitEthernet0/0/3

 port link-type access

 port default vlan 203

#

interface LoopBack0

 ip address 9.9.9.9 255.255.255.255

#

ospf 100 router-id 9.9.9.9

 area 0.0.0.0

  network 9.9.9.9 0.0.0.0

  network 192.168.202.0 0.0.0.255

  network 192.168.90.0 0.0.0.255

  network 192.168.203.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 192.168.202.1

Internet

登录后复制

plain 复制代码
#

 sysname Internet

#

 undo info-center enable

#

vlan batch 200

#

interface GigabitEthernet0/0/0

 ip address 60.30.1.1 255.255.255.248

#

interface LoopBack0

 ip address 100.1.1.1 255.255.255.255

#

ip route-static 70.1.1.1 255.255.255.255 60.30.1.2

配置完毕,验证配置

PC1获取IP地址

PC2获取IP地址

PC1 Ping DHCP服务器

PC1 Ping Internet

PC1 Ping PC8

PC1 Ping PC9

验证完毕,全网互通。

相关推荐
柒烨带你飞4 小时前
路由器转发数据报的封装过程
网络·智能路由器
无线认证x英利检测2 天前
进网许可认证、交换路由设备检测项目更新25年1月起
网络·智能路由器
网络安全Jack2 天前
防火墙技术与网络安全
web安全·智能路由器·php
节点小宝3 天前
如何远程登录路由器
运维·服务器·网络·docker·智能路由器·远程工作
腾科张老师3 天前
BGP的六种状态分别是什么?
网络·智能路由器
Koi慢热3 天前
黑客术语3
网络·安全·网络安全·智能路由器·空间安全·网络空间测绘安全
坚持就是胜利19863 天前
内网穿透玩法之京东云亚瑟路由器刷神卓互联教程
网络·智能路由器·京东云
Hacker_LaoYi3 天前
网络地址转换NAT
网络·智能路由器
日日行不惧千万里3 天前
移动魔百盒中的 OpenWrt作为旁路由 安装Tailscale并配置子网路由实现在外面通过家里的局域网ip访问内网设备
网络·tcp/ip·智能路由器
hgdlip4 天前
手机静态ip地址怎么获取?方法全解析‌
tcp/ip·智能手机·智能路由器