Hello, everyone, I am the vernacular chat network-Junzi, working experience: 7 years network worker, HCIE-16660
Today I will share with you the test questions of the small enterprise network. If you are interested, you can private message or Vx number: 18812668402
Test points: vlan, vlanif, ospf, static, decentralized default routing, nat, nat mapping
For the basic network, small, medium, enterprise network, campus network, this is nothing more than setting a tall label for the question. Any network is formed by accumulating these knowledge points one by one. The exam is to assess and test your understanding of these Whether the knowledge points can be used flexibly.
Topology
Test content
1. Complete the configuration of the IP address, subnet mask and default gateway of each device.
2. Divide VLANs on SW1 and SW2, and use Trunk technology for cascading links between switches.
3. The internal network uses the SVI technology of the three-layer switch SW1 to realize the communication between VLANs.
4. Use the dynamic routing protocol OSPF to realize intranet communication.
5. Configure the default route and route redistribution on the egress router R1 to provide routes for internal network users to access the external network.
6. Configure Easy IP to allow only computers in VLAN10 and VLAN20 of the internal network to access the external network. A screenshot of the interface that will ping Server2 on PC1 and PC2.
7. Configure NAT Server on R1 so that extranet users can use http:// 199.1.1.14 to access the www service on Server1. A screenshot of the interface that will successfully access the www service on Server1 on client1.
It seems that the pictures are simple and the questions are simple, but the content is still relatively rich
Configuration idea
Create a vlan, set the interface connected to the pc as an acc port to encapsulate and identify the vlan tag, tell SW1-SW2 to use a trunk port, and release the corresponding vlan.
sysname SW2
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/12
port link-type access
port default vlan 20
The SW1 device is the termination device of each vlan, that is, a three-layer vlanif interface is needed to identify and strip off the vlan tag. It is worth noting that the interface connecting SW1 and the router is in access mode. Finally, the ospf process is created and the address is declared. segment
sysname SW1
#
vlan batch 10 20 50 60
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 60
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 50
#
interface Vlanif10
ip address 192.168.1.254 255.255.255.0
#
interface Vlanif20
ip address 192.168.101.254 255.255.255.0
#
interface Vlanif50
ip address 192.168.50.254 255.255.255.0
#
interface Vlanif60
ip address 192.168.60.254 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.101.0 0.0.0.255
network 192.168.50.0 0.0.0.255
network 192.168.60.0 0.0.0.255
R1 is the border device, which goes out through the default route, performs NAT address translation on the external network port, and at the same time transfers the default route to ospf, so that the default route of 0.0.0.0 can be learned in the routing table of the three-layer device below the border router Routing, if the default routing is not distributed, all three-layer devices below the boundary need to manually write static routes, which requires a large amount of configuration
sysname R1
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
rule 10 permit source 192.168.101.0 0.0.0.255
#
interface GigabitEthernet0/0/0
ip address 192.168.60.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 199.1.1.1 255.255.255.240
nat server protocol tcp global 199.1.1.14 www inside 192.168.50.1 www
nat outbound 2000
#
ip route-static 0.0.0.0 0.0.0.0 199.1.1.2
#
ospf 1
default-route-advertise
area 0.0.0.0
network 192.168.60.0 0.0.0.255
External network equipment can be equipped with ip
sysname R2
#
interface GigabitEthernet0/0/0
ip address 172.16.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 199.1.1.2 255.255.255.240
Verification Test
1. Layer 3 vlan configuration of SW1
2. Verification of ospf
3. Routing table verification
Connectivity test
Intranet test (pc ping server)
External network test
NAT address translation succeeded
The external network is mapped to the internal network through nat