复杂园区网基本分支的构建

侬本多情。2025-01-08 10:19

目录

模拟环境链接

拓扑结构

说明:

VLAN标签在上面的一定是GigabitEthernet接口的,左边的标签是交换机连接左边的接口,右边的标签是交换机连接右边的接口。每个交换机有连接三处就划分了三处VLAN。

主机:

Host-1的ip为192.168.100.11/24,网关为192.168.100.254;

Host-2的ip为192.168.101.12/24,网关为192.168.101.254;

Host-3的ip为192.168.102.21/24,网关为192.168.102.254;

Host-4的ip为192.168.103.22/24,网关为192.168.103.254;

Host-5的ip为192.168.104.13/24,网关为192.168.104.254;

Host-6的ip为192.168.105.14/24,网关为192.168.105.254;

Host-7的ip为192.168.106.23/24,网关为192.168.106.254;

Host-8的ip为192.168.107.24/24,网关为192.168.107.254。

路由交换

RS-1的VLANIF11接口地址(VLAN 11接口地址)192.168.100.254/24;

RS-1的VLANIF12接口地址(VLAN 12接口地址)192.168.101.254/24;

RS-1的VLANIF100接口地址(VLAN 100接口地址)10.0.1.1/30;

RS-2的VLANIF13接口地址(VLAN 13接口地址)192.168.102.254/24;

RS-2的VLANIF14接口地址(VLAN 14接口地址)192.168.103.254/24;

RS-2的VLANIF100接口地址(VLAN 100接口地址)10.0.2.1/30;

RS-3的VLANIF15接口地址(VLAN 15接口地址)192.168.104.254/24;

RS-3的VLANIF16接口地址(VLAN 16接口地址)192.168.105.254/24;

RS-3的VLANIF100接口地址(VLAN 100接口地址)10.0.3.1/30;

RS-4的VLANIF17接口地址(VLAN 17接口地址)192.168.106.254/24;

RS-4的VLANIF18接口地址(VLAN 18接口地址)192.168.107.254/24;

RS-4的VLANIF100接口地址(VLAN 100接口地址)10.0.4.1/30。

静态路由规划:

RS的下一跳地址都是到对应路由器的接口ip,目的地址是0.0.0.0/0。

R-1的下一跳地址为RS-1VLAN 100的地址,目的地址为Host-1的地址。

R-1的下一跳地址为RS-2VLAN 100的地址,目的地址为Host-3的地址。

R-1的下一跳地址为R-2的GE 0/0/0的地址,目的地址为Host-5的地址。

R-2的下一跳地址为R-1的GE 0/0/0的地址,目的地址为Host-1的地址。

R-2的下一跳地址为R-3的GE 0/0/0的地址,目的地址为Host-5的地址。

R-3的下一跳地址为R-2的GE 0/0/1的地址,目的地址为Host-1的地址。

R-3的下一跳地址为RS-3VLAN 100的地址,目的地址为Host-5的地址。

R-3的下一跳地址为RS-4VLAN 100的地址,目的地址为Host-7的地址。

1、各主机进行网络配置。

2、交换机配置。

bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-1
[SW-1]vlan batch 11 12
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-1]interface Ethernet 0/0/1
[SW-1-Ethernet0/0/1]port link-type access 
[SW-1-Ethernet0/0/1]port default vlan 11
[SW-1-Ethernet0/0/1]quit
[SW-1]interface Ethernet 0/0/2	
[SW-1-Ethernet0/0/2]port link-type access 	
[SW-1-Ethernet0/0/2]port default vlan 12
[SW-1-Ethernet0/0/2]quit
[SW-1]interface GigabitEthernet 0/0/1
[SW-1-GigabitEthernet0/0/1]port link-type trunk 
[SW-1-GigabitEthernet0/0/1]port trunk allow-pass vlan 11 12
[SW-1-GigabitEthernet0/0/1]quit
[SW-1]quit
<SW-1>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-1>
bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-2
[SW-2]vlan batch 13 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-2]interface Ethernet 0/0/1
[SW-2-Ethernet0/0/1]port link-type access 
[SW-2-Ethernet0/0/1]port default vlan 13
[SW-2-Ethernet0/0/1]quit
[SW-2]interface Ethernet 0/0/2
[SW-2-Ethernet0/0/2]port link-type access 
[SW-2-Ethernet0/0/2]port default vlan 14
[SW-2-Ethernet0/0/2]quit
[SW-2]interface GigabitEthernet 0/0/1
[SW-2-GigabitEthernet0/0/1]port link-type trunk 
[SW-2-GigabitEthernet0/0/1]port trunk allow-pass vlan 13 14
[SW-2-GigabitEthernet0/0/1]quit
[SW-2]quit
<SW-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
bash 复制代码 
<Huawei>system-view 
Jan  6 2025 12:33:29-08:00 Huawei %%01PHY/1/PHY(l)[1]:    Ethernet0/0/2: change 
status to up
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-4
[SW-4]vlan batch 17 18
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-4]interface Ethernet 0/0/1
[SW-4-Ethernet0/0/1]port link-type access 
[SW-4-Ethernet0/0/1]port default vlan 17
[SW-4-Ethernet0/0/1]quit
[SW-4]interface Ethernet 0/0/2
[SW-4-Ethernet0/0/2]port link-type access 
[SW-4-Ethernet0/0/2]port default vlan 18
[SW-4-Ethernet0/0/2]quit
[SW-4]interface GigabitEthernet 0/0/1
[SW-4-GigabitEthernet0/0/1]port link-type trunk 
[SW-4-GigabitEthernet0/0/1]port trunk allow-pass vlan 17 18
[SW-4-GigabitEthernet0/0/1]quit
[SW-4]quit
<SW-4>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-4>
bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname SW-3
[SW-3]vlan batch 15 16
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW-3]interface Ethernet 0/0/1
[SW-3-Ethernet0/0/1]port link-type access 
[SW-3-Ethernet0/0/1]port default vlan 15
[SW-3-Ethernet0/0/1]quit
[SW-3]interface Ethernet 0/0/2
[SW-3-Ethernet0/0/2]port link-type access 
[SW-3-Ethernet0/0/2]port default vlan 16
[SW-3-Ethernet0/0/2]quit
[SW-3]interface GigabitEthernet 0/0/1
[SW-3-GigabitEthernet0/0/1]port link-type trunk 
[SW-3-GigabitEthernet0/0/1]port trunk allow-pass vlan 15 16
[SW-3-GigabitEthernet0/0/1]quit
[SW-3]quit
<SW-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<SW-3>

3、配置路由交换,进行测试。

bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-1
[RS-1]vlan batch 11 12
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-1]interface vlanif 11
[RS-1-Vlanif11]ip address 192.168.100.254 255.255.255.0
[RS-1-Vlanif11]quit
[RS-1]interface vlanif 12
[RS-1-Vlanif12]ip address 192.168.101.254 255.255.255.0
[RS-1-Vlanif12]quit
[RS-1]interface GigabitEthernet 0/0/24
[RS-1-GigabitEthernet0/0/24]port link-type trunk 
[RS-1-GigabitEthernet0/0/24]port trunk allow-pass vlan 11 12
[RS-1-GigabitEthernet0/0/24]quit
[RS-1]vlan 100
[RS-1-vlan100]quit
[RS-1]interface Vlanif 100
[RS-1-Vlanif100]ip address 10.0.1.1 255.255.255.252
[RS-1-Vlanif100]quit
[RS-1]interface  GigabitEthernet 0/0/1	
[RS-1-GigabitEthernet0/0/1]port link-type access 
[RS-1-GigabitEthernet0/0/1]port default vlan 100
[RS-1-GigabitEthernet0/0/1]quit
[RS-1]ip route-static 0.0.0.0 0.0.0.0 10.0.1.2

测试VLAN10和VLAN11可以正常通信

设置所有数据包下一跳到R-1路由器。

bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]vlan batch 13 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]sysname RS-2
[RS-2]interface Vlanif 13
[RS-2-Vlanif13]ip address 192.168.102.254 255.255.255.0
[RS-2-Vlanif13]quit
[RS-2]interface Vlanif 14
[RS-2-Vlanif14]ip address 192.168.103.254 255.255.255.0
[RS-2-Vlanif14]quit
[RS-2]interface GigabitEthernet 0/0/24
[RS-2-GigabitEthernet0/0/24]port link-type trunk 
[RS-2-GigabitEthernet0/0/24]port trunk allow-pass vlan 13 14
[RS-2-GigabitEthernet0/0/24]quit
[RS-2]vlan 100
[RS-2-vlan100]quit
[RS-2]interface Vlanif 100
[RS-2-Vlanif100]ip address 10.0.2.1 255.255.255.252
[RS-2-Vlanif100]quit
[RS-2]interface GigabitEthernet 0/0/1
[RS-2-GigabitEthernet0/0/1]port link-type access 
[RS-2-GigabitEthernet0/0/1]port default vlan 100
[RS-2-GigabitEthernet0/0/1]quit
[RS-2]ip route-static 0.0.0.0 0.0.0.0 10.0.2.2
[RS-2]quit
<RS-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-3
[RS-3]vlan batch 15 16
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-3]interface Vlanif 15
[RS-3-Vlanif15]ip address 192.168.104.254 255.255.255.0
[RS-3-Vlanif15]quit
[RS-3]interface Vlanif 16
[RS-3-Vlanif16]ip address 192.168.105.254 255.255.255.0
[RS-3-Vlanif16]quit
[RS-3]interface GigabitEthernet 0/0/24	
[RS-3-GigabitEthernet0/0/24]port link-type trunk 
[RS-3-GigabitEthernet0/0/24]port trunk allow-pass vlan 15 16
[RS-3-GigabitEthernet0/0/24]quit
[RS-3]vlan 100
[RS-3-vlan100]quit
[RS-3]interface Vlanif 100
[RS-3-Vlanif100]ip address 10.0.3.1 255.255.255.252
[RS-3-Vlanif100]quit
[RS-3]interface GigabitEthernet 0/0/1
[RS-3-GigabitEthernet0/0/1]port link-type access 
[RS-3-GigabitEthernet0/0/1]port default vlan 100
[RS-3-GigabitEthernet0/0/1]quit
[RS-3]ip route-static 0.0.0.0 0.0.0.0 10.0.3.2
[RS-3]quit
<RS-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.
bash 复制代码 
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname RS-4
[RS-4]vlan batch 17 18
Info: This operation may take a few seconds. Please wait for a moment...done.
[RS-4]interface Vlanif 17
[RS-4-Vlanif17]ip address 192.168.106.254 255.255.255.0
[RS-4-Vlanif17]quit
[RS-4]interface Vlanif 18
[RS-4-Vlanif18]ip address 192.168.107.254 255.255.255.0
[RS-4-Vlanif18]quit
[RS-4]interface GigabitEthernet 0/0/24
[RS-4-GigabitEthernet0/0/24]port link-type trunk 
[RS-4-GigabitEthernet0/0/24]port trunk allow-pass vlan 17 18
[RS-4-GigabitEthernet0/0/24]quit
[RS-4]vlan 100
[RS-4-vlan100]quit
[RS-4]interface Vlanif 100
[RS-4-Vlanif100]ip address 10.0.4.1 255.255.255.252
[RS-4-Vlanif100]quit
[RS-4]interface GigabitEthernet 0/0/1
[RS-4-GigabitEthernet0/0/1]port link-type access 
[RS-4-GigabitEthernet0/0/1]port default vlan 100
[RS-4-GigabitEthernet0/0/1]quit
[RS-4]ip route-static 0.0.0.0 0.0.0.0 10.0.4.2
[RS-4]quit
<RS-4>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 0.
Save the configuration successfully.

这步完成后,同一个交换机下的两台主机是可以互相通信的,其他情况则不可以。

4、配置路由器接口和静态路由,进行测试。

bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-1
[R-1]interface GigabitEthernet 0/0/0
[R-1-GigabitEthernet0/0/0]ip address 10.0.0.1 255.255.255.252
[R-1-GigabitEthernet0/0/0]quit
[R-1]interface GigabitEthernet 0/0/1
[R-1-GigabitEthernet0/0/1]ip address 10.0.1.2 255.255.255.252
[R-1-GigabitEthernet0/0/1]quit
[R-1]interface GigabitEthernet 0/0/2
[R-1-GigabitEthernet0/0/2]ip address 10.0.2.2 255.255.255.252
[R-1-GigabitEthernet0/0/2]quit
[R-1]ip route-static 192.168.100.0 23 10.0.1.1
[R-1]ip route-static 192.168.102.0 23 10.0.2.1
[R-1]ip route-static 192.168.104.0 22 10.0.0.2   //注意子网掩码为22
[R-1]quit
<R-1>save
bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-2
[R-2]interface GigabitEthernet 0/0/0
[R-2-GigabitEthernet0/0/0]ip address 10.0.0.2 255.255.255.252
[R-2-GigabitEthernet0/0/0]quit
[R-2]interface GigabitEthernet 0/0/1
[R-2-GigabitEthernet0/0/1]ip address 10.0.0.5 255.255.255.252
[R-2-GigabitEthernet0/0/1]quit
[R-2]ip route-static 192.168.100.0 22 10.0.0.1
[R-2]ip route-static 192.168.104.0 22 10.0.0.6
[R-2]quit
<R-2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 17.
Save the configuration successfully.

R-2路由比较特殊,因为是作为8台主机通信的总中转站,所以对静态路由的范围需要确认清楚,子网掩码需要合理分配。

bash 复制代码 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable 
Info: Information center is disabled.
[Huawei]sysname R-3
[R-3]interface GigabitEthernet 0/0/0
[R-3-GigabitEthernet0/0/0]ip address 10.0.0.6 255.255.255.252
[R-3-GigabitEthernet0/0/0]quit
[R-3]interface GigabitEthernet 0/0/1
[R-3-GigabitEthernet0/0/1]ip address 10.0.3.2 255.255.255.252
[R-3-GigabitEthernet0/0/1]quit
[R-3]interface GigabitEthernet 0/0/2
[R-3-GigabitEthernet0/0/2]ip address 10.0.4.2 255.255.255.252
[R-3-GigabitEthernet0/0/2]quit
[R-3]ip route-static 192.168.104.13 23 10.0.3.1
Info: The destination address and mask of the configured static route mismatched
, and the static route 192.168.104.0/23 was generated.
[R-3]ip route-static 192.168.104.0 23 10.0.3.1
Error: The route already exists.
[R-3]undo ip route-static 192.168.104.13 23 10.0.3.1
Warning: The destination address and the mask do not match, and thus the static 
route 192.168.104.0/23 will be deleted. Continue?[Y/N]:y
[R-3]ip route-static 192.168.104.0 23 10.0.3.1
[R-3]ip route-static 192.168.106.0 23 10.0.4.1
[R-3]ip route-static 192.168.100.0 22 10.0.0.5
[R-3]quit
<R-3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Now saving the current configuration to the slot 17.
Save the configuration successfully.

5、最后测试任意两台主机通信情况

配置没问题的情况下,最终测试结果是任意两台主机都可以相互通信的。

注意:

在路由器做静态路由的时候,可以看到R-1到Host-3的子网掩码给的是23位,目的是为了把Host-4的网段包含进去,也可以单独写Host-4,这时子网掩码写24位。

像R-2的路由,目的地址一般是包含四个网段的主机的,这时子网掩码写22位,同理也可以写24位,然后单独写给每一台主机。

相关推荐
高梦轩1 小时前
MySQL高可用
android·运维·数据库
孟章豪4 小时前
《SQL拼接 vs 参数化,为什么公司禁止拼接SQL?(附真实案例)》
服务器·数据库·sql
hsjcjh5 小时前
Nodemailer使用教程:在Node.js中发送电子邮件
linux·运维·node.js
没有梦想的咸鱼185-1037-16635 小时前
北斗高精度数据解算:破解城市峡谷/长基线/无网区难题,从毫米级定位到自动化交付——(GAMIT/GLOBK底层核心解算技术方法)
运维·arcgis·数据分析·自动化
不怕犯错,就怕不做6 小时前
linux 如何查看自己的帐号密码及samba的帐号和密码
linux·运维·服务器
实在智能RPA6 小时前
Agent 在物流行业能实现哪些自动化?——深度拆解 AI Agent 驱动的智慧物流新范式
运维·人工智能·ai·自动化
张3236 小时前
Linux 启动过程
linux·运维
李彦亮老师(本人)6 小时前
Rocky Linux 9.x 新特性详解
linux·运维·服务器·centos·rocky linux
NiKick6 小时前
在Linux系统上使用nmcli命令配置各种网络(有线、无线、vlan、vxlan、路由、网桥等)
linux·服务器·网络
热门推荐
01GitHub 镜像站点022026年3月AI领域大事件:DeepSeek引领开源风暴03Qwen3.5-Omni与Qwen3.6模型全面解析(含测评/案例/使用教程)04Claude Code + GLM4.7 避坑指南:解决 Unable to connect to Anthropic services05UV安装并设置国内源06如何解决 OpenClaw “Pairing required” 报错:两种官方解决方案详解07让 Trae IDE 智能体 “读懂”文档 Excel+PDF+DOCX :mcp-documents-reader 工具使用指南08深扒 Claude Code Buddy 模式:一只仙人掌背后的确定性随机算法09AI 编程效率翻倍:Superpowers Skills 上手清单 + 完整指南10“wsl --install -d Ubuntu-22.04”下载慢,中国地区离线安装 Ubuntu 22.04 WSL方法(亲测2025年5月6日)