复杂园区网基本分支的构建

目录

• • • 1、各主机进行网络配置。
    • 2、交换机配置。
    • 3、配置路由交换，进行测试。
    • 4、配置路由器接口和静态路由，进行测试。
    • 5、最后测试任意两台主机通信情况

模拟环境链接

拓扑结构

说明：

VLAN标签在上面的一定是GigabitEthernet接口的，左边的标签是交换机连接左边的接口，右边的标签是交换机连接右边的接口。每个交换机有连接三处就划分了三处VLAN。

主机：

Host-1的ip为192.168.100.11/24，网关为192.168.100.254；

Host-2的ip为192.168.101.12/24，网关为192.168.101.254；

Host-3的ip为192.168.102.21/24，网关为192.168.102.254；

Host-4的ip为192.168.103.22/24，网关为192.168.103.254；

Host-5的ip为192.168.104.13/24，网关为192.168.104.254；

Host-6的ip为192.168.105.14/24，网关为192.168.105.254；

Host-7的ip为192.168.106.23/24，网关为192.168.106.254；

Host-8的ip为192.168.107.24/24，网关为192.168.107.254。

路由交换

RS-1的VLANIF11接口地址（VLAN 11接口地址）192.168.100.254/24；

RS-1的VLANIF12接口地址（VLAN 12接口地址）192.168.101.254/24；

RS-1的VLANIF100接口地址（VLAN 100接口地址）10.0.1.1/30；

RS-2的VLANIF13接口地址（VLAN 13接口地址）192.168.102.254/24；

RS-2的VLANIF14接口地址（VLAN 14接口地址）192.168.103.254/24；

RS-2的VLANIF100接口地址（VLAN 100接口地址）10.0.2.1/30；

RS-3的VLANIF15接口地址（VLAN 15接口地址）192.168.104.254/24；

RS-3的VLANIF16接口地址（VLAN 16接口地址）192.168.105.254/24；

RS-3的VLANIF100接口地址（VLAN 100接口地址）10.0.3.1/30；

RS-4的VLANIF17接口地址（VLAN 17接口地址）192.168.106.254/24；

RS-4的VLANIF18接口地址（VLAN 18接口地址）192.168.107.254/24；

RS-4的VLANIF100接口地址（VLAN 100接口地址）10.0.4.1/30。

静态路由规划：

RS的下一跳地址都是到对应路由器的接口ip，目的地址是0.0.0.0/0。

R-1的下一跳地址为RS-1VLAN 100的地址，目的地址为Host-1的地址。

R-1的下一跳地址为RS-2VLAN 100的地址，目的地址为Host-3的地址。

R-1的下一跳地址为R-2的GE 0/0/0的地址，目的地址为Host-5的地址。

R-2的下一跳地址为R-1的GE 0/0/0的地址，目的地址为Host-1的地址。

R-2的下一跳地址为R-3的GE 0/0/0的地址，目的地址为Host-5的地址。

R-3的下一跳地址为R-2的GE 0/0/1的地址，目的地址为Host-1的地址。

R-3的下一跳地址为RS-3VLAN 100的地址，目的地址为Host-5的地址。

R-3的下一跳地址为RS-4VLAN 100的地址，目的地址为Host-7的地址。

1、各主机进行网络配置。

2、交换机配置。

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-1
[SW-1]vlan batch 11 12
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-1]interface Ethernet 0/0/1
[SW-1-Ethernet0/0/1]port link-type access 
[SW-1-Ethernet0/0/1]port default vlan 11
[SW-1-Ethernet0/0/1]quit
[SW-1]interface Ethernet 0/0/2	
[SW-1-Ethernet0/0/2]port link-type access 	
[SW-1-Ethernet0/0/2]port default vlan 12
[SW-1-Ethernet0/0/2]quit
[SW-1]interface GigabitEthernet 0/0/1
[SW-1-GigabitEthernet0/0/1]port link-type trunk 
[SW-1-GigabitEthernet0/0/1]port trunk allow-pass vlan 11 12
[SW-1-GigabitEthernet0/0/1]quit
[SW-1]quit
<SW-1>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-1>

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-2
[SW-2]vlan batch 13 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-2]interface Ethernet 0/0/1
[SW-2-Ethernet0/0/1]port link-type access 
[SW-2-Ethernet0/0/1]port default vlan 13
[SW-2-Ethernet0/0/1]quit
[SW-2]interface Ethernet 0/0/2
[SW-2-Ethernet0/0/2]port link-type access 
[SW-2-Ethernet0/0/2]port default vlan 14
[SW-2-Ethernet0/0/2]quit
[SW-2]interface GigabitEthernet 0/0/1
[SW-2-GigabitEthernet0/0/1]port link-type trunk 
[SW-2-GigabitEthernet0/0/1]port trunk allow-pass vlan 13 14
[SW-2-GigabitEthernet0/0/1]quit
[SW-2]quit
<SW-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.

<Huawei>system-view 
Jan  6 2025 12:33:29-08:00 Huawei %%01PHY/1/PHY(l)[1]:    Ethernet0/0/2: change 
status to up
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-4
[SW-4]vlan batch 17 18
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-4]interface Ethernet 0/0/1
[SW-4-Ethernet0/0/1]port link-type access 
[SW-4-Ethernet0/0/1]port default vlan 17
[SW-4-Ethernet0/0/1]quit
[SW-4]interface Ethernet 0/0/2
[SW-4-Ethernet0/0/2]port link-type access 
[SW-4-Ethernet0/0/2]port default vlan 18
[SW-4-Ethernet0/0/2]quit
[SW-4]interface GigabitEthernet 0/0/1
[SW-4-GigabitEthernet0/0/1]port link-type trunk 
[SW-4-GigabitEthernet0/0/1]port trunk allow-pass vlan 17 18
[SW-4-GigabitEthernet0/0/1]quit
[SW-4]quit
<SW-4>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-4>

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-3
[SW-3]vlan batch 15 16
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-3]interface Ethernet 0/0/1
[SW-3-Ethernet0/0/1]port link-type access 
[SW-3-Ethernet0/0/1]port default vlan 15
[SW-3-Ethernet0/0/1]quit
[SW-3]interface Ethernet 0/0/2
[SW-3-Ethernet0/0/2]port link-type access 
[SW-3-Ethernet0/0/2]port default vlan 16
[SW-3-Ethernet0/0/2]quit
[SW-3]interface GigabitEthernet 0/0/1
[SW-3-GigabitEthernet0/0/1]port link-type trunk 
[SW-3-GigabitEthernet0/0/1]port trunk allow-pass vlan 15 16
[SW-3-GigabitEthernet0/0/1]quit
[SW-3]quit
<SW-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-3>

3、配置路由交换，进行测试。

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-1
[RS-1]vlan batch 11 12
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-1]interface vlanif 11
[RS-1-Vlanif11]ip address 192.168.100.254 255.255.255.0
[RS-1-Vlanif11]quit
[RS-1]interface vlanif 12
[RS-1-Vlanif12]ip address 192.168.101.254 255.255.255.0
[RS-1-Vlanif12]quit
[RS-1]interface GigabitEthernet 0/0/24
[RS-1-GigabitEthernet0/0/24]port link-type trunk 
[RS-1-GigabitEthernet0/0/24]port trunk allow-pass vlan 11 12
[RS-1-GigabitEthernet0/0/24]quit
[RS-1]vlan 100
[RS-1-vlan100]quit
[RS-1]interface Vlanif 100
[RS-1-Vlanif100]ip address 10.0.1.1 255.255.255.252
[RS-1-Vlanif100]quit
[RS-1]interface  GigabitEthernet 0/0/1	
[RS-1-GigabitEthernet0/0/1]port link-type access 
[RS-1-GigabitEthernet0/0/1]port default vlan 100
[RS-1-GigabitEthernet0/0/1]quit
[RS-1]ip route-static 0.0.0.0 0.0.0.0 10.0.1.2

测试VLAN10和VLAN11可以正常通信

设置所有数据包下一跳到R-1路由器。

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]vlan batch 13 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]sysname RS-2
[RS-2]interface Vlanif 13
[RS-2-Vlanif13]ip address 192.168.102.254 255.255.255.0
[RS-2-Vlanif13]quit
[RS-2]interface Vlanif 14
[RS-2-Vlanif14]ip address 192.168.103.254 255.255.255.0
[RS-2-Vlanif14]quit
[RS-2]interface GigabitEthernet 0/0/24
[RS-2-GigabitEthernet0/0/24]port link-type trunk 
[RS-2-GigabitEthernet0/0/24]port trunk allow-pass vlan 13 14
[RS-2-GigabitEthernet0/0/24]quit
[RS-2]vlan 100
[RS-2-vlan100]quit
[RS-2]interface Vlanif 100
[RS-2-Vlanif100]ip address 10.0.2.1 255.255.255.252
[RS-2-Vlanif100]quit
[RS-2]interface GigabitEthernet 0/0/1
[RS-2-GigabitEthernet0/0/1]port link-type access 
[RS-2-GigabitEthernet0/0/1]port default vlan 100
[RS-2-GigabitEthernet0/0/1]quit
[RS-2]ip route-static 0.0.0.0 0.0.0.0 10.0.2.2
[RS-2]quit
<RS-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-3
[RS-3]vlan batch 15 16
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-3]interface Vlanif 15
[RS-3-Vlanif15]ip address 192.168.104.254 255.255.255.0
[RS-3-Vlanif15]quit
[RS-3]interface Vlanif 16
[RS-3-Vlanif16]ip address 192.168.105.254 255.255.255.0
[RS-3-Vlanif16]quit
[RS-3]interface GigabitEthernet 0/0/24	
[RS-3-GigabitEthernet0/0/24]port link-type trunk 
[RS-3-GigabitEthernet0/0/24]port trunk allow-pass vlan 15 16
[RS-3-GigabitEthernet0/0/24]quit
[RS-3]vlan 100
[RS-3-vlan100]quit
[RS-3]interface Vlanif 100
[RS-3-Vlanif100]ip address 10.0.3.1 255.255.255.252
[RS-3-Vlanif100]quit
[RS-3]interface GigabitEthernet 0/0/1
[RS-3-GigabitEthernet0/0/1]port link-type access 
[RS-3-GigabitEthernet0/0/1]port default vlan 100
[RS-3-GigabitEthernet0/0/1]quit
[RS-3]ip route-static 0.0.0.0 0.0.0.0 10.0.3.2
[RS-3]quit
<RS-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.

<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-4
[RS-4]vlan batch 17 18
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-4]interface Vlanif 17
[RS-4-Vlanif17]ip address 192.168.106.254 255.255.255.0
[RS-4-Vlanif17]quit
[RS-4]interface Vlanif 18
[RS-4-Vlanif18]ip address 192.168.107.254 255.255.255.0
[RS-4-Vlanif18]quit
[RS-4]interface GigabitEthernet 0/0/24
[RS-4-GigabitEthernet0/0/24]port link-type trunk 
[RS-4-GigabitEthernet0/0/24]port trunk allow-pass vlan 17 18
[RS-4-GigabitEthernet0/0/24]quit
[RS-4]vlan 100
[RS-4-vlan100]quit
[RS-4]interface Vlanif 100
[RS-4-Vlanif100]ip address 10.0.4.1 255.255.255.252
[RS-4-Vlanif100]quit
[RS-4]interface GigabitEthernet 0/0/1
[RS-4-GigabitEthernet0/0/1]port link-type access 
[RS-4-GigabitEthernet0/0/1]port default vlan 100
[RS-4-GigabitEthernet0/0/1]quit
[RS-4]ip route-static 0.0.0.0 0.0.0.0 10.0.4.2
[RS-4]quit
<RS-4>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.

这步完成后，同一个交换机下的两台主机是可以互相通信的，其他情况则不可以。

4、配置路由器接口和静态路由，进行测试。

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-1
[R-1]interface GigabitEthernet 0/0/0
[R-1-GigabitEthernet0/0/0]ip address 10.0.0.1 255.255.255.252
[R-1-GigabitEthernet0/0/0]quit
[R-1]interface GigabitEthernet 0/0/1
[R-1-GigabitEthernet0/0/1]ip address 10.0.1.2 255.255.255.252
[R-1-GigabitEthernet0/0/1]quit
[R-1]interface GigabitEthernet 0/0/2
[R-1-GigabitEthernet0/0/2]ip address 10.0.2.2 255.255.255.252
[R-1-GigabitEthernet0/0/2]quit
[R-1]ip route-static 192.168.100.0 23 10.0.1.1
[R-1]ip route-static 192.168.102.0 23 10.0.2.1
[R-1]ip route-static 192.168.104.0 22 10.0.0.2   //注意子网掩码为22
[R-1]quit
<R-1>save 

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-2
[R-2]interface GigabitEthernet 0/0/0
[R-2-GigabitEthernet0/0/0]ip address 10.0.0.2 255.255.255.252
[R-2-GigabitEthernet0/0/0]quit
[R-2]interface GigabitEthernet 0/0/1
[R-2-GigabitEthernet0/0/1]ip address 10.0.0.5 255.255.255.252
[R-2-GigabitEthernet0/0/1]quit
[R-2]ip route-static 192.168.100.0 22 10.0.0.1
[R-2]ip route-static 192.168.104.0 22 10.0.0.6
[R-2]quit
<R-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 17.
Save the configuration successfully.

R-2路由比较特殊，因为是作为8台主机通信的总中转站，所以对静态路由的范围需要确认清楚，子网掩码需要合理分配。

<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-3
[R-3]interface GigabitEthernet 0/0/0
[R-3-GigabitEthernet0/0/0]ip address 10.0.0.6 255.255.255.252
[R-3-GigabitEthernet0/0/0]quit
[R-3]interface GigabitEthernet 0/0/1
[R-3-GigabitEthernet0/0/1]ip address 10.0.3.2 255.255.255.252
[R-3-GigabitEthernet0/0/1]quit
[R-3]interface GigabitEthernet 0/0/2
[R-3-GigabitEthernet0/0/2]ip address 10.0.4.2 255.255.255.252
[R-3-GigabitEthernet0/0/2]quit
[R-3]ip route-static 192.168.104.13 23 10.0.3.1
Info: The destination address and mask of the configured static route mismatched
, and the static route 192.168.104.0/23 was generated.
[R-3]ip route-static 192.168.104.0 23 10.0.3.1
Error: The route already exists.
[R-3]undo ip route-static 192.168.104.13 23 10.0.3.1
Warning: The destination address and the mask do not match, and thus the static 
route 192.168.104.0/23 will be deleted. Continue?[Y/N]:y
[R-3]ip route-static 192.168.104.0 23 10.0.3.1
[R-3]ip route-static 192.168.106.0 23 10.0.4.1
[R-3]ip route-static 192.168.100.0 22 10.0.0.5
[R-3]quit
<R-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 17.
Save the configuration successfully.

5、最后测试任意两台主机通信情况

配置没问题的情况下，最终测试结果是任意两台主机都可以相互通信的。

注意：

在路由器做静态路由的时候，可以看到R-1到Host-3的子网掩码给的是23位，目的是为了把Host-4的网段包含进去，也可以单独写Host-4，这时子网掩码写24位。

像R-2的路由，目的地址一般是包含四个网段的主机的，这时子网掩码写22位，同理也可以写24位，然后单独写给每一台主机。