Comprehensive experimental requirements for the course "Network Foundation"
1. The purpose of the experiment
1. Master and be familiar with the configuration methods of VLAN, routing switching, dynamic routing OSPF, NAT address translation and access control list;
2. Master the ability to use the above network configuration comprehensively;
2. Experimental content
1. Topological structure diagram
See the file "Network Basic Comprehensive Experimental Network Topological Structure Diagram.doc".
2. Experimental requirements
(1) Plan the IP address of each router port and the IP address of each VLAN of the switch, and build the network topology, and mark the IP address and subnet of each port or VLAN on the topology diagram Mask, connection port, etc., the interconnection IP between routers or between routers and switches uses the 192.168.100.0/24 address range. In addition, in the topology diagram, the teacher has assigned the IP address and asked not to change it.
Tip: When planning the interconnection IP between routers or between routers and switches, the subnet mask should be set to 255.255.255.252.
R1
R2
R3
R4
R5
Switch0
The configuration of Switch1-Switch5 is similar to that of Switch0
.
(2) Use OSPF dynamic routing between the entire network to realize network interconnection and intercommunication.
Tip: After realizing that all network segments can ping each other, proceed to the next step, otherwise, check the problem first.
OSPF dynamic routing configuration
R1
The configuration of R2-R4 is similar to that of R1
.
R5
Switch0
The configuration of Switch1-Switch5 is similar to that of Switch0
.
(3) Set up WWW and FTP applications on the servers of 192.168.2.10 and 192.168.1.10.
At the same time, configure ACL on router R4 to prohibit hosts on the 192.168.3.0 and 192.168.4.0 network segments from accessing the WWW application of 192.168.1.10 and the FTP application of 192.168.2.10, and other network segments are allowed. The network segments 192.168.5.0/24 and 192.168.6.0/24 are forbidden to PING these two servers.
Tip: The extended ACL should be used to achieve the functions required in step 3.
Configure ACL on router R4
The result is as follows
(4) Open the DNS service on the 192.168.1.10 server, and establish the mapping relationship between the website www.jyu.edu.cn and 192.168.2.10 on the DNS, requiring all hosts on the intranet (except the 192.168.3.0/24 network segment) ) It is possible to visit the WWW website on 192.168.1.2.10 through the website http://www.jyu.edu.cn.
(5) It is required to realize the remote login to all routers in the intranet on the server of 192.168.1.10. The remote login password of all routers is not configured as "123456", and the
configuration is as follows:
Telnet to the router:
Except the 192.168.1.10 server, other hosts or servers can remotely log in to all routers in the intranet.
Tip: The extended ACL should be used to achieve the functions required in step 5.
The configuration is as follows:
(6) NAT address rotation on router R3 requires the conversion of internal network address and external network address.
Tip: It can be realized by NAT port multiplexing.
The configuration is as follows:
But only the three network segments 192.168.8.0, 192.168.9.0 and 192.168.10.0 are allowed to access the external network, and other internal network segments are not allowed to access the external network.
PC5 sends data packets to PC10, and the packet capture situation is as follows
PC6 sends data packets to PC10, and the packet capture situation is as follows
(7) To test the connectivity of the network, it is required to realize the functions required by the above requirements, and realize the functions required by the above ACL and NAT at the same time.
(8) Write the experiment report, record the configuration process and test results in detail, put the configuration information of each router in the experiment report, and submit the PKA file of the experiment at the same time.