Article Directory
- 1. Experiment preparation
- 2. Experimental process
-
- Experimental topology
- Configuration of LSW4 (Layer 2 switch)
- Configuration of LSW5 (Layer 2 switch)
- Configuration of LSW6 (Layer 2 switch)
- Configuration of LSW1 (Layer 3 switch)
- Configuration of LSW2 (Layer 3 switch)
- AR1 configuration
- AR2 configuration
- AR3 configuration
- AR4 configuration
- AR5 configuration
- 3. Experimental results
- 4. Experimental conclusion
1. Experiment preparation
Experimental requirements
The internal network requires intercommunication; the
internal network can connect to the external server; the
router can obtain the services of the external server; the
public network server cannot connect to the internal host.
Experimental technical support
OSPF: Link State Routing Protocol
RIP: Distance Vector Routing Protocol
NAT: Network Address Translation Protocol
ACL: Access Control List
VRRP: Virtual Router Redundancy Protocol
MSTP: Multi-area Spanning Tree Protocol
ospf and rip redistribution
Single-arm routing
Link aggregation
2. Experimental process
Experimental topology
Configuration of LSW4 (Layer 2 switch)
# ## 创建vlan
vlan batch 100 200
# ## 设置不同接口属性及属于不同vlan
interface Ethernet0/0/1
port link-type access
port default vlan 100
#
interface Ethernet0/0/2
port link-type access
port default vlan 200
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
# ## mstp多生成树协议
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root primary
stp instance 2 root primary
stp instance 3 root secondary
stp instance 4 root secondary
#
Configuration of LSW5 (Layer 2 switch)
The configuration above LSW5 refers to the configuration of LSW5
#
vlan batch 300 400
#
interface Ethernet0/0/1
port link-type access
port default vlan 300
#
interface Ethernet0/0/2
port link-type access
port default vlan 400
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root secondary
stp instance 2 root secondary
stp instance 3 root primary
stp instance 4 root primary
#
Configuration of LSW6 (Layer 2 switch)
# ## 创建vlan
vlan batch 500 600
# ## 设置不同接口属性及属于不同vlan
interface Ethernet0/0/1
port link-type access
port default vlan 500
#
interface Ethernet0/0/2
port link-type access
port default vlan 600
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
Configuration of LSW1 (Layer 3 switch)
# ## 创建vlan
vlan batch 100 200 300 400 555
# ## 设置接口属性及vlan
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
# ## 配置接口ip地址及创建vrrp
interface Vlanif100
ip address 192.168.1.10 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
vrrp vrid 1 priority 105
vrrp vrid 1 track interface GigabitEthernet0/0/1
#
interface Vlanif200
ip address 192.168.2.10 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.2
#
interface Vlanif300
ip address 192.168.3.10 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.3
vrrp vrid 3 priority 105
vrrp vrid 3 track interface GigabitEthernet0/0/1
#
interface Vlanif400
ip address 192.168.4.10 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.4
#
interface Vlanif555
ip address 192.168.15.100 255.255.255.0
#
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Eth-Trunk1 ## 创建链路聚合
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
eth-trunk 1
#
interface GigabitEthernet0/0/5
eth-trunk 1
#
interface GigabitEthernet0/0/6
eth-trunk 1
#
interface GigabitEthernet0/0/7
eth-trunk 1
#
stp region-configuration ## 多区域生成树协议
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root primary
stp instance 2 root secondary
stp instance 3 root secondary
stp instance 4 root secondary
#
interface GigabitEthernet0/0/1 ## 配置接口IP地址及配置ospf路由协议
port link-type access
port default vlan 555
#
interface Vlanif555
ip address 192.168.15.100 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.15.0 0.0.0.255
network 192.168.0.0 0.0.255.255
#
Configuration of LSW2 (Layer 3 switch)
The configuration commands on LSW2 refer to the configuration commands of LSW1
#
vlan batch 100 200 300 400 666
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Vlanif100
ip address 192.168.1.20 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
#
interface Vlanif200
ip address 192.168.2.20 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.2
vrrp vrid 2 priority 105
vrrp vrid 2 track interface GigabitEthernet0/0/3
#
interface Vlanif300
ip address 192.168.3.20 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.3
#
interface Vlanif400
ip address 192.168.4.20 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.4
vrrp vrid 4 priority 105
vrrp vrid 4 track interface GigabitEthernet0/0/3
#
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 100
instance 2 vlan 200
instance 3 vlan 300
instance 4 vlan 400
active region-configuration
#
stp instance 1 root secondary
stp instance 2 root primary
stp instance 3 root secondary
stp instance 4 root primary
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
eth-trunk 1
#
interface GigabitEthernet0/0/5
eth-trunk 1
#
interface GigabitEthernet0/0/6
eth-trunk 1
#
interface GigabitEthernet0/0/7
eth-trunk 1
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 666
#
interface Vlanif666
ip address 192.168.16.100 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.16.0 0.0.0.255
network 192.168.0.0 0.0.255.255
#
AR1 configuration
# ## 配置接口IP地址
interface GigabitEthernet0/0/0
ip address 202.10.101.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 202.10.102.1 255.255.255.0
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR2 configuration
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 202.10.101.2 255.255.255.0
nat outbound 2000
#
interface GigabitEthernet0/0/1
ip address 192.168.10.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 192.168.15.2 255.255.255.0
#
interface GigabitEthernet4/0/0
ip address 192.168.16.2 255.255.255.0
# ## 配置ospf协议
ospf 1
default-route-advertise always
area 0.0.0.0
network 192.168.0.0 0.0.255.255
network 192.168.10.0 0.0.0.255
network 192.168.15.0 0.0.0.255
network 192.168.16.0 0.0.0.255
# ## 建立默认路由
ip route-static 0.0.0.0 0.0.0.0 202.10.101.1
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR3 configuration
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.10.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.20.3 255.255.255.0
# ## 配置ospf协议
ospf 1
import-route rip 1 cost 10
area 0.0.0.0
network 192.168.10.0 0.0.0.255
# ## 配置rip协议
rip 1
undo summary
default-route originate
version 2
network 192.168.20.0
import-route ospf 1 cost 0
# ## 开启ftp数据端口服务
nat alg ftp enable
#
AR4 configuration
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.20.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.30.4 255.255.255.0
# ## 配置rip协议
rip 1
undo summary
version 2
network 192.168.20.0
network 192.168.30.0
# ## 开启ftp数据端口服务
nat alg ftp enable
AR5 configuration
# ## 配置接口ip地址
interface GigabitEthernet0/0/0
ip address 192.168.30.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 500
ip address 192.168.5.5 255.255.255.0
arp broadcast enable
#
interface GigabitEthernet0/0/1.2
dot1q termination vid 600
ip address 192.168.6.6 255.255.255.0
arp broadcast enable
# ## 配置rip协议
rip 1
undo summary
version 2
network 192.168.30.0
network 192.168.5.0
network 192.168.6.0
#
3. Experimental results
Verify intranet interoperability
Verify that the internal network host can access the external network server
Verify that the external server cannot access the internal host
Get the server-enabled service on the router
The following content is displayed as a successful acquisition:
4. Experimental conclusion
After the above experiments, we can fully understand and master the functions and usage of each hardware. It can also sort out which protocols need to be used between different network types to build a network structure. At the same time, programmers need to be able to clearly know the content of each step of the experiment and the results that need to be displayed.