文章目录
一、实验环境
5台交换机,7台交换机,1台服务器,7台电脑连接成如下拓扑图。
绿色部分为互联网(外网),黄色部分为公司网络(内网),粉色方形部分为OSPF域,粉色椭圆形域为RIP区域。
二、实验目的
2.1 实验目的1
配置完成后,在路由器或三层交换机中,输入dis ip routing-table,查看路由信息表,是否学习到私网全网的路由器的路由信息。
2.2 实验目的2
用PC1、PC2、PC3、PC4、PC5、PC6去ping PC7,查看连通性。
2.3 实验目的3
抓包查看内网地址在访问外网地址被转换成外网地址进行通信的过程。
三、实验过程
从右边往左配
3.1 配置R5
<Huawei>sys
[Huawei]sysn R5
[R5]int g0/0/2
[R5-GigabitEthernet0/0/2]ip add 10.1.135.2 24
[R5-GigabitEthernet0/0/2]un sh
[R5-GigabitEthernet0/0/2]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 10.1.100.1 24
[R5-GigabitEthernet0/0/0]un sh
[R5-GigabitEthernet0/0/0]int loo 0
[R5-LoopBack0]ip add 5.5.5.5 32
[R5-LoopBack0]q
[R5]rip 1 ###启动RIP,进程为1
[R5-rip-1]version 2 ###宣告版本号为2
[R5-rip-1]network 10.0.0.0 ####宣告主网络号
[R5-rip-1]network 5.0.0.0
3.2 配置R4
<Huawei>sys
[Huawei]sysn R4
[R4]int loo 0
[R4-LoopBack0]ip add 4.4.4.4 32
[R4-LoopBack0]int g0/0/2
[R4-GigabitEthernet0/0/2]ip add 10.1.135.1 24
[R4-GigabitEthernet0/0/2]un sh
[R4-GigabitEthernet0/0/2]int g0/0/1
[R4-GigabitEthernet0/0/1]ip add 10.1.134.2 24
[R4-GigabitEthernet0/0/1]un sh
[R4-GigabitEthernet0/0/1]int g0/0/0.21
[R4-GigabitEthernet0/0/0.21]d t v 21
[R4-GigabitEthernet0/0/0.21]ip add 10.1.21.1 24
[R4-GigabitEthernet0/0/0.21]a b e
[R4-GigabitEthernet0/0/0.21]int g0/0/0.22
[R4-GigabitEthernet0/0/0.22]ip add 10.1.22.1 24
[R4-GigabitEthernet0/0/0.22]d t v 22
[R4-GigabitEthernet0/0/0.22]a b e
[R4-GigabitEthernet0/0/0.22]q
[R4]rip 1 ###启动RIP,进程为1
[R4-rip-1]version 2 ###宣告版本号为2
[R4-rip-1]network 10.0.0.0 ####宣告主网络号
[R4-rip-1]network 4.0.0.0
3.3 配置SW7
<Huawei>sys
[Huawei]sysn SW7
[SW7]v b 21 22
[SW7]int e0/0/10
[SW7-Ethernet0/0/10]p l t
[SW7-Ethernet0/0/10]p t a v 21 22
[SW7-Ethernet0/0/10]un sh
[SW7-Ethernet0/0/10]dis th
[SW7-Ethernet0/0/10]int e0/0/1
[SW7-Ethernet0/0/1]p l a
[SW7-Ethernet0/0/1]p d v 21
[SW7-Ethernet0/0/1]un sh
[SW7-Ethernet0/0/1]int e0/0/2
[SW7-Ethernet0/0/2]p l a
[SW7-Ethernet0/0/2]p d v 22
[SW7-Ethernet0/0/2]un sh
3.4 配置R3
<Huawei>sys
[Huawei]sysn R3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 10.1.113.2 24
[R3-GigabitEthernet0/0/0]un sh
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 10.1.134.1 24
[R3-GigabitEthernet0/0/1]un sh
[R3-GigabitEthernet0/0/1]int loo 0
[R3-LoopBack0]ip add 3.3.3.3 32
[R3-LoopBack0]q
[R3]ospf 1 router-id 3.3.3.3 ###启动ospf,进程为1,配置router-id
[R3-ospf-1]area 0 ###进入区域0
[R3-ospf-1-area-0.0.0.0]network 10.1.113.0 0.0.0.255 ###宣告网段、反掩码
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]q
[R3-ospf-1]q
[R3]rip 1 ###启动RIP,进程为1
[R3-rip-1]version 2 ###宣告版本号为2
[R3-rip-1]network 10.0.0.0 ####宣告主网络号
[R3]ospf 1 ###进入ospf
[R3-ospf-1]import-route rip 1 type 1 cost 5 ###将RIP路由引入OSPF域内,配置类型为1,初始开销为5
[R3-ospf-1]q
[R3]rip 1 ####进入RIP 1
[R3-rip-1]import-route ospf 1 ####将OSPF路由引入到RIP域内
3.5 配置R2
<Huawei>sys
[Huawei]sysn R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 10.1.113.1 24
[R2-GigabitEthernet0/0/0]un sh
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 10.1.111.1 24
[R2-GigabitEthernet0/0/1]un sh
[R2-GigabitEthernet0/0/1]int g0/0/2
[R2-GigabitEthernet0/0/2]ip add 10.1.112.1 24
[R2-GigabitEthernet0/0/2]un sh
[R2-GigabitEthernet0/0/2]int g6/0/0
[R2-GigabitEthernet6/0/0]ip add 202.2.12.2 24
[R2-GigabitEthernet6/0/0]un sh
[R2-GigabitEthernet6/0/0]int loo 0
[R2-LoopBack0]ip add 2.2.2.2 32
[R2-LoopBack0]q
[R2]ospf 1 router-id 2.2.2.2 ###启动ospf,进程为1,配置router-id
[R2-ospf-1]a 0 ###进入区域0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0 ###宣告网段、反掩码
[R2-ospf-1-area-0.0.0.0]network 10.1.113.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 10.1.111.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 10.1.112.0 0.0.0.255
3.6 配置SW1
<Huawei>sys
[Huawei]sysn SW1
[SW1]v b 11 12 1000 1001
[SW1]int g0/0/21
[SW1-GigabitEthernet0/0/21]p l a
[SW1-GigabitEthernet0/0/21]p d v 11
[SW1-GigabitEthernet0/0/21]un sh
[SW1-GigabitEthernet0/0/21]int g0/0/22
[SW1-GigabitEthernet0/0/22]p l a
[SW1-GigabitEthernet0/0/22]p d v 12
[SW1-GigabitEthernet0/0/22]un sh
[SW1-GigabitEthernet0/0/22]int g0/0/1
[SW1-GigabitEthernet0/0/1]p l a
[SW1-GigabitEthernet0/0/1]p d v 1001
[SW1-GigabitEthernet0/0/1]un sh
[SW1]int Eth-Trunk 1 ###配置链路聚合
[SW1-Eth-Trunk1]trunkport g 0/0/11 t 0/0/12
[SW1-Eth-Trunk1]p l a
[SW1-Eth-Trunk1]p d v 1000
[SW1-Eth-Trunk1]un sh
[SW1-Eth-Trunk1]q
[SW1]int vlanif 11
[SW1-Vlanif11]ip add 10.1.11.1 24
[SW1-Vlanif11]int vlanif 12
[SW1-Vlanif12]ip add 10.1.12.1 24
[SW1-Vlanif12]int vlanif 1000
[SW1-Vlanif1000]ip add 10.1.122.11 24
[SW1-Vlanif1000]int vlanif 1001
[SW1-Vlanif1001]ip add 10.1.111.12 24
[SW1-Vlanif1001]int loo 0
[SW1-LoopBack0]ip add 11.11.11.11 32
[SW1-LoopBack0]q
[SW1]ospf 1 router-id 11.11.11.11 ###启动ospf,进程为1,配置router-id
[SW1-ospf-1]a 0 ###进入区域0
[SW1-ospf-1-area-0.0.0.0]network 10.1.11.0 0.0.0.25 ###宣告网段、反掩码
[SW1-ospf-1-area-0.0.0.0]network 10.1.12.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 10.1.122.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 10.1.111.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 11.11.11.11 0.0.0.0
[SW1]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 22 Routes : 22
Destination/Mask Proto Pre Cost Flags NextHop Interface
2.2.2.2/32 OSPF 10 1 D 10.1.111.1 Vlanif1001
3.3.3.3/32 OSPF 10 2 D 10.1.111.1 Vlanif1001
4.4.4.4/32 O_ASE 150 7 D 10.1.111.1 Vlanif1001
5.5.5.5/32 O_ASE 150 7 D 10.1.111.1 Vlanif1001
10.1.11.0/24 Direct 0 0 D 10.1.11.1 Vlanif11
10.1.11.1/32 Direct 0 0 D 127.0.0.1 Vlanif11
10.1.12.0/24 Direct 0 0 D 10.1.12.1 Vlanif12
10.1.12.1/32 Direct 0 0 D 127.0.0.1 Vlanif12
10.1.21.0/24 O_ASE 150 7 D 10.1.111.1 Vlanif1001
10.1.22.0/24 O_ASE 150 7 D 10.1.111.1 Vlanif1001
10.1.100.0/24 O_ASE 150 7 D 10.1.111.1 Vlanif1001
10.1.111.0/24 Direct 0 0 D 10.1.111.12 Vlanif1001
10.1.111.12/32 Direct 0 0 D 127.0.0.1 Vlanif1001
10.1.112.0/24 OSPF 10 2 D 10.1.111.1 Vlanif1001
10.1.113.0/24 OSPF 10 2 D 10.1.111.1 Vlanif1001
10.1.122.0/24 Direct 0 0 D 10.1.122.11 Vlanif1000
10.1.122.11/32 Direct 0 0 D 127.0.0.1 Vlanif1000
10.1.134.0/24 O_ASE 150 7 D 10.1.111.1 Vlanif1001
10.1.135.0/24 O_ASE 150 7 D 10.1.111.1 Vlanif1001
11.11.11.11/32 Direct 0 0 D 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
3.7 配置SW2
<Huawei>sys
[Huawei]sysn SW2
[SW2]v b 13 14 1000 1002
[SW2]int g0/0/2
[SW2-GigabitEthernet0/0/2]p l a
[SW2-GigabitEthernet0/0/2]p d v 1002
[SW2-GigabitEthernet0/0/2]un sh
[SW2-GigabitEthernet0/0/2]int g0/0/23
[SW2-GigabitEthernet0/0/23]p l a
[SW2-GigabitEthernet0/0/23]p d v 13
[SW2-GigabitEthernet0/0/23]un sh
[SW2-GigabitEthernet0/0/23]int g0/0/24
[SW2-GigabitEthernet0/0/24]p l a
[SW2-GigabitEthernet0/0/24]p d v 14
[SW2-GigabitEthernet0/0/24]un sh
[SW2-GigabitEthernet0/0/24]q
[SW2]int Eth-Trunk 1 ####配置为链路聚合
[SW2-Eth-Trunk1]trunkport g 0/0/11 t 0/0/12
[SW2-Eth-Trunk1]p l a
[SW2-Eth-Trunk1]p d v 1000
[SW2-Eth-Trunk1]un sh
[SW2-Eth-Trunk1]int vlanif 13 ####配置虚拟接口IP地址
[SW2-Vlanif13]ip add 10.1.13.1 24
[SW2-Vlanif13]int vlanif 14
[SW2-Vlanif14]ip add 10.1.14.1 24
[SW2-Vlanif14]int vlanif 1000
[SW2-Vlanif1000]ip add 10.1.122.12 24
[SW2-Vlanif1000]int vlanif 1002
[SW2-Vlanif1002]ip add 10.1.112.12 24
[SW2-Vlanif1002]int loo 0 ####配置环回口IP地址
[SW2-LoopBack0]ip add 22.22.22.22 32
[SW2-LoopBack0]q
[SW2]ospf 1 router-id 22.22.22.22 ###启动ospf,进程为1,配置router-id
[SW2-ospf-1]a 0 ###进入区域0
[SW2-ospf-1-area-0.0.0.0]network 10.1.13.0 0.0.0.255 ###宣告网段、反掩码
[SW2-ospf-1-area-0.0.0.0]network 10.1.14.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 10.1.122.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 10.1.112.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 22.22.22.22 0.0.0.0
3.8 配置SW3
<Huawei>sys
[Huawei]sysn SW3
[SW3]v b 11
[SW3]int g0/0/1
[SW3-GigabitEthernet0/0/1]p l a
[SW3-GigabitEthernet0/0/1]p d v 11
[SW3-GigabitEthernet0/0/1]un sh
[SW3-GigabitEthernet0/0/1]int e0/0/1
[SW3-Ethernet0/0/1]p l a
[SW3-Ethernet0/0/1]p d v 11
[SW3-Ethernet0/0/1]un sh
3.9 配置SW4
<Huawei>sys
[Huawei]sysn SW4
[SW4]v b 12
[SW4]int g0/0/1
[SW4-GigabitEthernet0/0/1]p l a
[SW4-GigabitEthernet0/0/1]p d v 12
[SW4-GigabitEthernet0/0/1]un sh
[SW4-GigabitEthernet0/0/1]int e0/0/1
[SW4-Ethernet0/0/1]p l a
[SW4-Ethernet0/0/1]p d v 12
[SW4-Ethernet0/0/1]un sh
3.10 配置SW5
<Huawei>sys
[Huawei]sysn SW5
[SW5]v b 13
[SW5]int g0/0/1
[SW5-GigabitEthernet0/0/1]p l a
[SW5-GigabitEthernet0/0/1]p d v 13
[SW5-GigabitEthernet0/0/1]un sh
[SW5-GigabitEthernet0/0/1]int e0/0/1
[SW5-Ethernet0/0/1]p l a
[SW5-Ethernet0/0/1]p d v 13
[SW5-Ethernet0/0/1]un sh
3.11 配置SW6
<Huawei>sys
[Huawei]sysn SW6
[SW6]v b 14
[SW6]int g0/0/1
[SW6-GigabitEthernet0/0/1]p l a
[SW6-GigabitEthernet0/0/1]p d v 14
[SW6-GigabitEthernet0/0/1]un sh
[SW6-GigabitEthernet0/0/1]int e0/0/1
[SW6-Ethernet0/0/1]p l a
[SW6-Ethernet0/0/1]p d v 14
[SW6-Ethernet0/0/1]un sh
3.12 在R2上配置默认路由
配置默认:
[R2]ip route-static 0.0.0.0 0.0.0.0 202.2.12.1
3.13 在R2上下发默认,R3上引路由
下发默认:
R2:
[R2]ospf 1
[R2-ospf-1]default-route-advertise ###将本路由器发布的默认路由引入到域内其他路由器,其他路由器学习到这条路由后,下一跳就是指向发布这条路由的路由器。
引路由:
R3:
[R3]rip 1
[R3-rip-1]default-route originate
3.14 在R2上配置EasyIP并映射出去
配置easyIP:
[R2]acl 2000
[R2-acl-basic-2000]rule permit source 10.1.0.0 0.0.255.255 ###允许源地址为 10.1.0.0-10.1.255.254 的数据包通过
映射出去:
[R2]int g6/0/0
[R2-GigabitEthernet6/0/0]nat outbound 2000 ###对访问控制列表2000上的进行地址转换
[R2-GigabitEthernet6/0/0]nat server protocol tcp global 202.2.12.3 www inside 10
.1.100.100 www ###在出接口上将私网服务器地址和公网地址做一对NAT映射绑定
3.15 配置R1
<Huawei>sys
[Huawei]sysn R1
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 202.2.12.1 24
[R1-GigabitEthernet0/0/1]un sh
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 202.2.2.1 24
[R1-GigabitEthernet0/0/0]un sh
三、实验验证
3.1 验证目的1
在R5上输入dis ip routing-table
可以学习到RIP域里的路由
在R2上可以学习到其他路由信息
3.2 验证目的2
PC1可以ping通PC7
PC2可以ping通PC7
PC3可以ping通PC7
PC4可以ping通PC7
PC5可以ping通PC7
PC6可以ping通PC7
3.3 验证目的3
抓包查看地址转换:
实验完成!