组网实训实现

nixiaoge2025-01-05 17:02

小型单元网络实现

IP划分:

外网:172.1.1.0/24

172.1.2.0/24

内网:基于192.168.3.0/24的子网划分

综合办公楼:192.168.3.00 000000 /26(192.168.3.0-192.168.3.63)

综合一楼:192.168.3.0000 0000 /28(.0-.15) vlan10

综合二楼:192.168.3.0001 0000 /28(.16-.31) vlan20

综合三楼:192.168.3.0010 0000 /28(.32-.47) vlan30

综合楼预留地址:192.168.3.0011 0000 /28(.48-.63)

女生公寓: 192.168.3.01 000000 /26(192.168.3.64-192.168.3.127)

女生一楼: 192.168.3.01 000 000 /29(.64-.71) vlan 40

女生二楼: 192.168.3.01 001 000 /29(.72-.79) vlan 50

女生三楼: 192.168.3.01 010 000 /29(.80-.87) vlan 60

女生四楼: 192.168.3.01 011 000 /29(.88-.95) vlan 70

女生五楼: 192.168.3.01 100 000 /29(.96-.103) vlan 80

女生六楼: 192.168.3.01 101 000 /29(.104-.111)vlan 90

女生公寓预留地址:192.168.3.0111 0 000 /29(.112-.127)

男生公寓: 192.168.3.10 000000 /26(192.168.3.128-192.168.3.191)

男生一楼:192.168.3.10 000 000 /29(.128-.135) vlan 100

男生二楼:192.168.3.10 001 000 /29(.136-.143) vlan 110

男生三楼:192.168.3.10 010 000 /29(.144-.151) vlan 120

男生四楼:192.168.3.10 011 000 /29(.152-.159) vlan 130

男生五楼:192.168.3.10 100 000 /29(.160-.167) vlan 140

男生六楼:192.168.3.10 101 000 /29(.168-.175) vlan 150

男生公寓预留地址:192.168.3.10 11 0 000 /28(.176-.191)

业务管理: 192.168.3.110 00000 /27(192.168.3.192-192.168.3.223)

HTTP管理一:192.168.3.110 00 000 /29(.192-.199) vlan 300

FTP 管理二:192.168.3.110 01 000 /29(.200-.207) vlan 310

DNS 管理三:192.168.3.110 10 000 /29(.208-.215) vlan 320

管理预留地址:192.168.3.110 11 000 /29(.216-.223)

vlanif200: 192.168.3.1110 0000/28(.224-.239)

vlanif210: 192.168.3.11110 000/29(.240-.247)

内网总预留地址: 192.168.3.11111 000/29(.248-.255)

undo info-center enable // 关闭自动弹出的信息

LSW2:

  1. LSW1,LSW2之间链路做聚合

[LSW1]interface Eth-Trunk 1

[LSW1-Eth-Trunk1]mode manual load-balance

[LSW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/2 0/0/22

[LSW2]interface Eth-Trunk 1

[LSW2-Eth-Trunk1]mode manual load-balance

[LSW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/2 0/0/22

综合办公楼:

LSW5:

[LSW5]vlan 10

[LSW5-vlan10]q

[LSW5]interface GigabitEthernet 0/0/1

[LSW5-GigabitEthernet0/0/1]port link-type access

[LSW5-GigabitEthernet0/0/1]port default vlan 10

[LSW5-GigabitEthernet0/0/1]q

[LSW5]interface GigabitEthernet 0/0/5

[LSW5-GigabitEthernet0/0/5]port link-type trunk

[LSW5-GigabitEthernet0/0/5]port trunk allow-pass vlan all

LSW6:

[LSW6]vlan 20

[LSW6-vlan20]q

[LSW6]interface GigabitEthernet 0/0/1

[LSW6-GigabitEthernet0/0/1]port link-type access

[LSW6-GigabitEthernet0/0/1]port default vlan 20

[LSW6-GigabitEthernet0/0/1]q

[LSW6]interface GigabitEthernet 0/0/6

[LSW6-GigabitEthernet0/0/6]port link-type trunk

[LSW6-GigabitEthernet0/0/6]port trunk allow-pass vlan all

LSW7:

[LSW7]vlan 30

[LSW7-vlan20]q

[LSW7]interface GigabitEthernet 0/0/1

[LSW7-GigabitEthernet0/0/1]port link-type access

[LSW7-GigabitEthernet0/0/1]port default vlan 30

[LSW7-GigabitEthernet0/0/1]q

[LSW7]interface GigabitEthernet 0/0/7

[LSW7-GigabitEthernet0/0/6]port link-type trunk

[LSW7-GigabitEthernet0/0/6]port trunk allow-pass vlan all

LSW2:

[LSW2]vlan batch 10 20 30 200

[LSW2]interface Vlanif200

[LSW2-Vlanif200]ip address 192.168.3.225 255.255.255.240

[LSW2]interface GigabitEthernet 0/0/5

[LSW2-GigabitEthernet0/0/5]port link-type trunk

[LSW2-GigabitEthernet0/0/5]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/5]int vlanif 10

[LSW2-Vlanif10]ip address 192.168.3.14 28

[LSW2-Vlanif10]q

[LSW2]interface GigabitEthernet 0/0/6

[LSW2-GigabitEthernet0/0/6]port link-type trunk

[LSW2-GigabitEthernet0/0/6]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/6]int vlanif 20

[LSW2-Vlanif20]ip address 192.168.3.30 28

[LSW2-Vlanif20]q

[LSW2]interface GigabitEthernet 0/0/7

[LSW2-GigabitEthernet0/0/7]port link-type trunk

[LSW2-GigabitEthernet0/0/7]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/7]int vlanif 30

[LSW2-Vlanif30]ip address 192.168.3.46 28

[LSW2]interface GigabitEthernet 0/0/2

[LSW2-GigabitEthernet0/0/2]port link-type trunk

[LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/2]q

[LSW2]interface GigabitEthernet 0/0/22

[LSW2-GigabitEthernet0/0/22]port link-type trunk

[LSW2-GigabitEthernet0/0/22]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/22]q

[LSW2]ip route-static 0.0.0.0 0.0.0.0 192.168.3.238

测试:

LSW1核心交换机:

[LSW1]vlan batch 10 20 30 200 210

[LSW1]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LSW1]int vlanif 10

[LSW1-Vlanif10]ip address 192.168.3.14 28

[LSW1-Vlanif10]dhcp select interface

[LSW1-Vlanif10]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1]int vlanif 20

[LSW1-Vlanif20]ip address 192.168.3.30 28

[LSW1-Vlanif20]dhcp select interface

[LSW1-Vlanif20]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif20]q

[LSW1]int vlanif 30

[LSW1-Vlanif30]ip address 192.168.3.46 28

[LSW1-Vlanif30]dhcp select interface

[LSW1-Vlanif30]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif30]q

[LSW1]int vlanif 200

[LSW1-Vlanif200]ip address 192.168.3.238 28

[LSW1-Vlanif200]q

[LSW1]interface GigabitEthernet 0/0/2

[LSW1-GigabitEthernet0/0/2]port link-type trunk

[LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/2]q

[LSW1]interface GigabitEthernet 0/0/22

[LSW1-GigabitEthernet0/0/22]port link-type trunk

[LSW1-GigabitEthernet0/0/22]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/22]q

[LSW1]interface GigabitEthernet 0/0/1

[LSW1-GigabitEthernet0/0/1]port link-type access

[LSW1-GigabitEthernet0/0/1]port default vlan 210

[LSW1-GigabitEthernet0/0/1]q

[LSW1]int vlanif 210

[LSW1-Vlanif210]ip address 192.168.3.246 28

[LSW1]ip route-static 0.0.0.0 0.0.0.0 192.168.3.241

R1出口路由的配置:

[R1]interface GigabitEthernet0/0/0

[R1-GigabitEthernet0/0/0]ip address 192.168.3.241 29

[R1]ip route-static 192.168.3.14 255.255.255.240 192.168.3.246

[R1]ip route-static 192.168.3.30 255.255.255.240 192.168.3.246

[R1]ip route-static 192.168.3.46 255.255.255.240 192.168.3.246

[R1]ip route-static 192.168.3.238 255.255.255.240 192.168.3.246

测试:

nat:

[R1-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255

[R1-acl-basic-2000]q

[R1]interface GigabitEthernet0/0/1

[R1-GigabitEthernet0/0/1]ip address 172.1.1.1 24

[R1-GigabitEthernet0/0/1]nat address-group 1 172.1.1.5 172.1.1.10

[R1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1 no-pat

测试:

地址静态绑定,打印机场景。

[LSW1]dhcp snooping en

[LSW1]vlan 10

[LSW1-vlan10]dhcp snooping enable

[LSW1-vlan10]ip source check user-bind en

测试:

女生公寓部分:

LSW8:

[LSW8]vlan 40

[LSW8-vlan40]q

[LSW8]interface GigabitEthernet 0/0/1

[LSW8-GigabitEthernet0/0/1]port link-type access

[LSW8-GigabitEthernet0/0/1]port default vlan 40

[LSW8-GigabitEthernet0/0/1]q

[LSW8]interface GigabitEthernet 0/0/8

[LSW8-GigabitEthernet0/0/8]port link-type trunk

[LSW8-GigabitEthernet0/0/8]port trunk allow-pass vlan all

LSW9:

[LSW9]vlan 50

[LSW9-vlan50]q

[LSW9]interface GigabitEthernet 0/0/1

[LSW9-GigabitEthernet0/0/1]port link-type access

[LSW9-GigabitEthernet0/0/1]port default vlan 50

[LSW9-GigabitEthernet0/0/1]q

[LSW9]interface GigabitEthernet 0/0/9

[LSW9-GigabitEthernet0/0/9]port link-type trunk

[LSW9-GigabitEthernet0/0/9]port trunk allow-pass vlan all

LSW10:

[LSW10]vlan 60

[LSW10-vlan60]q

[LSW10]interface GigabitEthernet 0/0/1

[LSW10-GigabitEthernet0/0/1]port link-type access

[LSW10-GigabitEthernet0/0/1]port default vlan 60

[LSW10-GigabitEthernet0/0/1]q

[LSW10]interface GigabitEthernet 0/0/10

[LSW10-GigabitEthernet0/0/10]port link-type trunk

[LSW10-GigabitEthernet0/0/10]port trunk allow-pass vlan all

LSW11:

[LSW11]vlan 70

[LSW11-vlan70]q

[LSW11]interface GigabitEthernet 0/0/1

[LSW11-GigabitEthernet0/0/1]port link-type access

[LSW11-GigabitEthernet0/0/1]port default vlan 70

[LSW11-GigabitEthernet0/0/1]q

[LSW11]interface GigabitEthernet 0/0/11

[LSW11-GigabitEthernet0/0/11]port link-type trunk

[LSW11-GigabitEthernet0/0/11]port trunk allow-pass vlan all

LSW12:

[LSW12]vlan 80

[LSW12-vlan80]q

[LSW12]interface GigabitEthernet 0/0/1

[LSW12-GigabitEthernet0/0/1]port link-type access

[LSW12-GigabitEthernet0/0/1]port default vlan 80

[LSW12-GigabitEthernet0/0/1]q

[LSW12]interface GigabitEthernet 0/0/12

[LSW12-GigabitEthernet0/0/12]port link-type trunk

[LSW12-GigabitEthernet0/0/12]port trunk allow-pass vlan all

LSW13:

[LSW13]vlan 90

[LSW13-vlan90]q

[LSW13]interface GigabitEthernet 0/0/1

[LSW13-GigabitEthernet0/0/1]port link-type access

[LSW13-GigabitEthernet0/0/1]port default vlan 90

[LSW13-GigabitEthernet0/0/1]q

[LSW13]interface GigabitEthernet 0/0/13

[LSW13-GigabitEthernet0/0/13]port link-type trunk

[LSW13-GigabitEthernet0/0/13]port trunk allow-pass vlan all

LSW3:

[LSW3]vlan batch 40 50 60 70 80 90 200

[LSW3-Vlanif200]ip address 192.168.3.226 28

[LSW3-Vlanif200]q

[LSW3]int g 0/0/8

[LSW3-GigabitEthernet0/0/8]port link-type trunk

[LSW3-GigabitEthernet0/0/8]port trunk allow-pass vlan

[LSW3-GigabitEthernet0/0/8]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/8]int vlanif40

[LSW3-Vlanif40]ip address 192.168.3.70 29

[LSW3]int g 0/0/9

[LSW3-GigabitEthernet0/0/9]port link-type trunk

[LSW3-GigabitEthernet0/0/9]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/9]int vlanif50

[LSW3-Vlanif50]ip address 192.168.3.78 29

[LSW3]interface GigabitEthernet 0/0/10

[LSW3-GigabitEthernet0/0/10]port link-type trunk

[LSW3-GigabitEthernet0/0/10]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/10]int vlanif60

[LSW3-Vlanif60]ip address 192.168.3.86 29

[LSW3-Vlanif60]q

[LSW3]interface GigabitEthernet 0/0/11

[LSW3-GigabitEthernet0/0/11]port link-type trunk

[LSW3-GigabitEthernet0/0/11]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/11]int vlanif 70

[LSW3-Vlanif70]ip address 192.168.3.94 29

[LSW3-Vlanif70]q

[LSW3]interface GigabitEthernet 0/0/12

[LSW3-GigabitEthernet0/0/12]port link-type trunk

[LSW3-GigabitEthernet0/0/12]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/12]int vlanif 80

[LSW3-Vlanif80]ip address 192.168.3.102 29

[LSW3-Vlanif80]q

[LSW3]interface GigabitEthernet 0/0/13

[LSW3-GigabitEthernet0/0/13]port link-type trunk

[LSW3-GigabitEthernet0/0/13]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/13]int vlanif 90

[LSW3-Vlanif90]ip address 192.168.3.110 29

[LSW3-Vlanif90]q

[LSW3]interface GigabitEthernet 0/0/3

[LSW3-GigabitEthernet0/0/3]port link-type trunk

[LSW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/3]q

[LSW3]interface GigabitEthernet 0/0/23

[LSW3-GigabitEthernet0/0/23]port link-type trunk

[LSW3-GigabitEthernet0/0/23]port trunk allow-pass vlan all

[LSW3]ip route-static 0.0.0.0 0.0.0.0 192.168.3.238

测试:

LSW1核心交换机:

[LSW1]vlan batch 40 50 60 70 80 90

interface Vlanif40

ip address 192.168.3.70 255.255.255.248

[LSW1-Vlanif40]dhcp select interface

[LSW1-Vlanif40]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif40]q

[LSW1]int vlanif 50

interface Vlanif50

ip address 192.168.3.78 255.255.255.248

[LSW1-Vlanif50]dhcp select interface

[LSW1-Vlanif50]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif50]q

[LSW1]int vlanif 60

[LSW1-Vlanif60]ip address 192.168.3.86 29

[LSW1-Vlanif60]dhcp select interface

[LSW1-Vlanif60]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif60]q

[LSW1]int vlanif 70

[LSW1-Vlanif70]ip address 192.168.3.94 29

[LSW1-Vlanif70]dhcp select interface

[LSW1-Vlanif70]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif70]q

[LSW1]int vlanif 80

[LSW1-Vlanif80]ip address 192.168.3.102 29

[LSW1-Vlanif80]dhcp select interface

[LSW1-Vlanif80]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif80]q

[LSW1]int vlanif 90

[LSW1-Vlanif90]ip address 192.168.3.110 29

[LSW1-Vlanif90]dhcp select interface

[LSW1-Vlanif90]dhcp server dns-list 114.114.114.114 8.8.8.8

[LSW1-Vlanif90]q

[LSW1]interface GigabitEthernet 0/0/3

[LSW1-GigabitEthernet0/0/3]port link-type trunk

[LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/3]q

[LSW1]interface GigabitEthernet 0/0/23

[LSW1-GigabitEthernet0/0/23]port link-type trunk

[LSW1-GigabitEthernet0/0/23]port trunk allow-pass vlan all

R1出口路由的配置:

[AR1]ip route-static 192.168.3.70 255.255.255.248 192.168.3.246

[AR1]ip route-static 192.168.3.78 255.255.255.248 192.168.3.246

[AR1]ip route-static 192.168.3.86 255.255.255.248 192.168.3.246

[AR1]ip route-static 192.168.3.94 255.255.255.248 192.168.3.246

[AR1]ip route-static 192.168.3.102 255.255.255.248 192.168.3.246

[AR1]ip route-static 192.168.3.110 255.255.255.248 192.168.3.246

测试:

ospf:

AR1:

[AR1]ospf 1

[AR1-ospf-1]area 0

[AR1-ospf-1-area-0.0.0.0]network 172.1.1.0 0.0.0.255

AR2:

[AR2-GigabitEthernet0/0/0]ip address 172.1.2.1 24

[AR2-GigabitEthernet0/0/0]q

[AR2]ospf 1

[AR2-ospf-1]area 0

[AR2-ospf-1-area-0.0.0.0]network 172.1.1.0 0.0.0.255

[AR2-ospf-1-area-0.0.0.0]network 172.1.2.0 0.0.0.255

http,ftp,dns服务器部分:

LSW20:

[LSW20]vlan batch 300 310 320

[LSW20]int

[LSW20]interface g

[LSW20]interface GigabitEthernet 0/0/1

[LSW20-GigabitEthernet0/0/1]port link-type access

[LSW20-GigabitEthernet0/0/1]port default vlan 300

[LSW20-GigabitEthernet0/0/1]int g 0/0/2

[LSW20-GigabitEthernet0/0/2]port link-type access

[LSW20-GigabitEthernet0/0/2]port default vlan 310

[LSW20-GigabitEthernet0/0/2]int g 0/0/3

[LSW20-GigabitEthernet0/0/3]port link-type access

[LSW20-GigabitEthernet0/0/3]port default vlan 320

[LSW20-GigabitEthernet0/0/3]q

[LSW20]int g 0/0/10

[LSW20-GigabitEthernet0/0/10]port link-type trunk

[LSW20-GigabitEthernet0/0/10]port trunk allow-pass vlan all

[LSW20-GigabitEthernet0/0/10]int g 0/0/20

[LSW20-GigabitEthernet0/0/20]port link-type trunk

[LSW20-GigabitEthernet0/0/20]port trunk allow-pass vlan all

LSW1:

[LSW1]int g 0/0/10

[LSW1-GigabitEthernet0/0/10]port link-type trunk

[LSW1-GigabitEthernet0/0/10]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/10]int g 0/0/20

[LSW1-GigabitEthernet0/0/20]port link-type trunk

[LSW1-GigabitEthernet0/0/20]port trunk allow-pass vlan all

[LSW1]vlan batch 300 310 320

[LSW1-Vlanif320]int vlanif 300

[LSW1-Vlanif300]ip address 192.168.3.198 29

[LSW1-Vlanif300]int vlanif 310

[LSW1-Vlanif310]ip address 192.168.3.206 29

[LSW1-Vlanif310]int vlanif 320

[LSW1-Vlanif320]ip address 192.168.3.214 29

dns:

http:

ftp:

用Client3测试:

http:

ftp:

telnet:

[AR1]user-interface vty 0 4

[AR1-ui-vty0-4]authentication-mode aaa

[AR1]aaa

[AR1-aaa]local-user xiao privilege level 15 password cipher 22060503

[AR1-aaa]local-user xiao service-type telnet

[AR1-acl-adv-3000]rule deny tcp source 192.168.3.64 0.0.0.192 destination 192.16

8.3.241 0.0.0.0 destination-port eq 23

[AR1]int GigabitEthernet 0/0/1

[AR1-GigabitEthernet0/0/1]traffic-filter inbound acl 3000

测试:

相关推荐
莫问alicia3 分钟前
苍穹外卖 项目记录 day03
java·开发语言·spring boot·maven
Bucai_不才4 分钟前
【C++】构造函数与析构函数
开发语言·c++
DevOpsDojo4 分钟前
Haskell语言的学习路线
开发语言·后端·golang
weixin_470729987 分钟前
匹配一个文件夹下的所有excel——python
开发语言·python·excel
草原上唱山歌16 分钟前
轻量级适合阅读的优秀 C++ 开源项目
开发语言·c++·开源
大G哥23 分钟前
Python实现应用决策树的实例程序
开发语言·python·算法·决策树·机器学习
ByteBlossom6661 小时前
R语言的语法糖
开发语言·后端·golang
黑客Ash1 小时前
网络信息安全概述
网络·web安全·php
lgily-12251 小时前
Python常用算法
开发语言·python·算法
Tiger Z1 小时前
R 语言科研绘图第 14 期 --- 柱状图-分组堆叠
开发语言·程序人生·r语言·贴图
热门推荐
01渗透测试之SQLMAP工具详解 kali自带SQLmap解释 重点sqlmap --tamper 使用方式详解 搞完你就很nice了02半导体应用系统一些小知识收集(strip&wafer mapping,EAP&scada)03HCIA-datacom数通题库和录播视频资料04音频——I2S TDM 模式(六)05新手学习VR全景需要知道的几个问题06校验 GPT-4 真实性的三个经典问题:快速区分 GPT-3.5 与 GPT-4,并提供免费测试网站07【bug记录】清除僵尸进程,释放GPU显存08ubuntu22.04.5本地apt源部署09优化手机性能,解决卡顿问题:关闭这3个微信开关,释放内存空间10【模型压缩】 LPPN论文阅读笔记