Hello, everyone, I am the vernacular chat network-Junzi, working experience: 7 years network worker, HCIE-16660

Today I will share with you the test questions of the small enterprise network. If you are interested, you can private message or Vx number: 18812668402

Test points: vlan, vlanif, ospf, static, decentralized default routing, nat, nat mapping

For the basic network, small, medium, enterprise network, campus network, this is nothing more than setting a tall label for the question. Any network is formed by accumulating these knowledge points one by one. The exam is to assess and test your understanding of these Whether the knowledge points can be used flexibly.

Topology

Test content

1. Complete the configuration of the IP address, subnet mask and default gateway of each device.

2. Divide VLANs on SW1 and SW2, and use Trunk technology for cascading links between switches.

3. The internal network uses the SVI technology of the three-layer switch SW1 to realize the communication between VLANs.

4. Use the dynamic routing protocol OSPF to realize intranet communication.

5. Configure the default route and route redistribution on the egress router R1 to provide routes for internal network users to access the external network.

6. Configure Easy IP to allow only computers in VLAN10 and VLAN20 of the internal network to access the external network. A screenshot of the interface that will ping Server2 on PC1 and PC2.

7. Configure NAT Server on R1 so that extranet users can use http:// 199.1.1.14 to access the www service on Server1. A screenshot of the interface that will successfully access the www service on Server1 on client1.

It seems that the pictures are simple and the questions are simple, but the content is still relatively rich

Configuration idea

Create a vlan, set the interface connected to the pc as an acc port to encapsulate and identify the vlan tag, tell SW1-SW2 to use a trunk port, and release the corresponding vlan.

sysname SW2
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/12
port link-type access
port default vlan 20

The SW1 device is the termination device of each vlan, that is, a three-layer vlanif interface is needed to identify and strip off the vlan tag. It is worth noting that the interface connecting SW1 and the router is in access mode. Finally, the ospf process is created and the address is declared. segment

sysname SW1
#
vlan batch 10 20 50 60
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 60
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 50
#
interface Vlanif10
ip address 192.168.1.254 255.255.255.0
#
interface Vlanif20
ip address 192.168.101.254 255.255.255.0
#
interface Vlanif50
ip address 192.168.50.254 255.255.255.0
#
interface Vlanif60
ip address 192.168.60.254 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.101.0 0.0.0.255
network 192.168.50.0 0.0.0.255
network 192.168.60.0 0.0.0.255

R1 is the border device, which goes out through the default route, performs NAT address translation on the external network port, and at the same time transfers the default route to ospf, so that the default route of 0.0.0.0 can be learned in the routing table of the three-layer device below the border router Routing, if the default routing is not distributed, all three-layer devices below the boundary need to manually write static routes, which requires a large amount of configuration

sysname R1
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
rule 10 permit source 192.168.101.0 0.0.0.255
#
interface GigabitEthernet0/0/0
ip address 192.168.60.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 199.1.1.1 255.255.255.240
nat server protocol tcp global 199.1.1.14 www inside 192.168.50.1 www
nat outbound 2000
#
ip route-static 0.0.0.0 0.0.0.0 199.1.1.2
#
ospf 1
default-route-advertise
area 0.0.0.0
network 192.168.60.0 0.0.0.255

External network equipment can be equipped with ip
sysname R2
#
interface GigabitEthernet0/0/0
ip address 172.16.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 199.1.1.2 255.255.255.240