Experimental environment : GNS3-1.3.10 VMware Workstation
Purpose: to achieve the ultimate whole network interoperability, access and improve function. Through countless obstacles, to go far to see that side of you, let the mountains and rivers have become your help.
Experimental requirements:
1) sw1 is switcher (first mountain), respectively VLAN10 , VLAN20 , VLANs 100 three VLAN , F1 / 1-3 is an access link, F1 / 0 of the relay link (a river).
2) sw3 of three switches (a second mountain), respectively, three vlan provides a gateway, VLAN10: 192.168.10.1/24 , VLAN20: 192.168.20.1/24 , VLANs 100: 192.168.100.1/24, external network interface F1 /. 1 : 12.0.0.1/24
3) internal LAN Linux servers set up dhcp service functions vlan10 , vlan20 and vlan100 provide an address, the address range
Vlan10: 192.168.10.100 ~ 192.168.10.200 Subnet Mask: 255.255.255.0 Gateway 192.168.10.1/24
Vlan20: 192.168.20.100 ~ 192.168.20.200 Subnet Mask: 255.255.255.0 Gateway 192.168.20.1/24
Vlan100: 192.168.100.100 ~ 192.168.100.200 Subnet Mask: 255.255.255.0 Gateway 192.168.100.1/24
dns server address is: 192.168.100.100/24
4) internal LAN Linux servers set up DNS services resolve www.kgc.com and www.yun.com
Resolve address 14.0.0.14/24 external network WEB server, while providing pan-domain name resolution to resolve the address to 8.8.8.8
5) outside the network have a server2016 built WEB server, the establishment of a virtual machine host offers two websites, namely www.kgc.com and www.yun.com , custom-coded display content Home
6) to achieve the ultimate whole network interoperability, functionality and improve access
A mountain ~~~~~
Topology is as follows:
Experimental Procedure:
1, first of all as a good layout topology in GNS3, in VMware Workstation open four virtual machines, do two win10 pc machine, a centos7 do linxu server, a server2016 used to build web service, ready infrastructure. Then we begin to overcome the first mountain - SW1 switcher. First he added to it in a different vlan on the LAN can be interconnected (the first bridge). To f1 / 0 interfaces do trunk link second bridge structures.
sw1 # conf t Enter the global mode
sw1 (config) # v1an 10,20,100 add three vlan
sw1 C config-vlan)#ex
sw1 (config) #int f1 / 1 into the f1 / 1 Interface
sw1 (config-if) #sw mo acc acc enter Interface
sw1(config-if)#sw acc vlan 10 为接口配置vlan
sw1 (config-if)#ex
sw1 (config#int f1/2 进入f1/2接口,为接口配置vlan
sw1 (config-if)#sw mo acc
sw1(config-if)#sw acc vlan 20
sw1 (config-if)#ex
sw1 (config)#int f1/3 进入f1/3接口,为接口配置vlan
sw1 (config-if)#sw mo acc
sw1(config-if)#sw acc vlan 100
sw1 (config-if)#ex
sw1 (config)#do show v1an-sw b 查看配置情况
sw1 (config)#int f1/0 进入f1/0接口
sw1 (config-if)#sw mo t 进入trunk接口
sw1(config-if)#sw t
sw1 (config-if)#sw t en dot1q
sw1 (config-if)#ex
sw1 (config)#do show int f1/0 switchport 查看接口配置情况
sw1 (config)#no ip routing 关闭路由功能
2、攻克第二座山sw3三层交换,为三个vlan提供网关。为f1/0接口添加trunk链路。
sw3#conf t 进入全局模式
sw3(config)#v1an 10, 20,100 添加三个vlan
sw3 ( config-vlan) #ex
sw3(config)#int f1/0 进入f1/0接口为其配置trunk链路
sw3(config-if)#sw mo t
sw3(config-if)#sw t en do
sW3 (config-if)#sw t en dot1q
sw3 (config-if)#ex
sw3(config)#do show int f1/0 switchport 查看配置情况
sw3(config)#int vlan 10 进入vlan10,为vlan10配置IP,配置虚拟接口
sw3(config-if)#ip add 192. 168.10.1 255. 255.255.0
sw3(config-if)#ip he1per-address 192. 168.100.100
sw3( config-if)#no shut
sw3 C config-if)#ex
sw3 (config)#int v1an 20 进入vlan20,为vlan10配置IP,配置虚拟接口
sw3(config-if)#ip add 192. 168.20.1255. 255.255.0
sw3 (config-if)#ip he1per-address 192. 168.100.100
sw3( config-if)#no shut
sw3 ( config-if)#ex
sw3 (config)#int v1an 100 进入vlan100,为vlan10配置IP,配置虚拟接口
sw3(config-if)#ip add 192. 168.100.1 255. 255.255.0
sw3(config-if)#ip he1per-address 192. 168.100.100
sw3 (conf ig-if)#no shut
sw3 C config-if)#ex
sw3 (config)#so show ip int b 查看配置情况
3、建第三座桥,进入f1/1接口,配置IP,双工及速率匹配,连接到我们的路由R1
sw3(config)#int f1/1 进入接口
sw3(config-if)#no switchport 开启二层交换
sw3(config-if)#no shut
sw3(config-if)#ip add 12.0.0.1 255. 255.255.0 配置IP
sw3 ( config-if)#no shut
sw3 (config- if) #speed 100 双工速率匹配
sw3(config-if)#duplex fu11
sw3 ( config-if)#ex
sw3(config)#do show ip toute 查看配置情况
4、配置R1路由,攻克第三座山,为接口f0/0配置IP,f0/1配置IP 。 配置默认路由
R1#conf t 进入全局模式
R1 (config)#int f0/0 进入接口f0/0
R1(config-if)#ip add 12.0.0.2 255. 255.255.0 配置IP
R1 (config-if)#no shut 开启
R1 (config-if)#ex
Rl(config)#int f0/1 进入接口f0/1
R1(config-if)#ip add 14.0.0.1 255. 255.255.0 配置IP
R1(config-if)#no shut 开启
R1(config-if) #ex
R1 (config)#ip route 192.168.0. 0255. 255.0. 012.0.0.1 配置默认路由
5、配置linux,配置dhcp服务,dns服务,首先在net联网模式下安装好dhcp,dns工具包。然后切换为仅主机模式绑定网卡 VMnet8,依要求配置静态IP,配置DHCP服务
a、用yum仓库下载安装DHCP软件包
[root@localhost ~]# yum install dhcp -y 安装DHCP软件包
[root@localhost ~]# yum install bind -y 安装bind工具
b、切换为自定义模式绑定vmnet8
c、配置静态IP,并重启network服务
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 更改配置静态IP
d、配置dhcp服务器,此时DHCP服务的文件为空的,需要找到模板并将模板复制到DHCP配置文件中,然后进行配置,配置完成后启动DHCP服务。
[root@localhost ~]# rpm -qc dhcp 查看dhcp主配置文件路径
[root@localhost ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf 将dhcp的主配置文件模板覆盖到自己的dhcp文件目录中
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf 配置dhcp服务
[root@localhost ~]# systemctl start dhcpd 启动dhcpd服务
e、配置dns服务
[root@localhost ~]# rpm -qc bind 查看配置文件
f、配置主配置文件,修改listen-on地址,及访问权限
[root@localhost ~]# vim /etc/namde.conf 配置主配置文件
g、配置区域配置文件,添加要解析的域名,及区域数据配置文件所在的路径,
[root@localhost ~]# vim /etc/named.rfc1912.zones 配置区域配置文件
f、将系统自带的区域数据配置文件(named.localhost)复制到你要解析自身配置的区域数据文件(kgc.com.zone/yun.com.zone)中,
注意保留原有权限,然后进入你的区域数据文件中进行编辑,配置你的解析数据。
root@localhost ~]# cd /var/named/
[root@localhost ~]# cp -p named.localhost kgc.com.zone 保留原有权限复制到kgc.com.zone
[root@localhost ~]# vim kgc.com.zone
[root@localhost ~]# cp -p kgc.com.zone yun.com.zone 保留原有权限复制到yun.com.zone
i、关闭防火墙,关闭增强安全性的功能
[root@localhost named] # systemctl stop fi rewalld. service 关闭防火墙
[root@localhost named] # setenforce 0 关闭增强安全性的功能
j、dns正向解析搭建完成,本地进行测试查看实验是否成功。使用host命令。
6、将两台pc机的也设置为仅主机模式,wein10-1绑定vmnet1,将win10-2改为自定义模式,绑定vmnet2.分别cmd查看是否能自动获得10/20网段的地址
b、打开win10-1输入cmd命令 输入ipconfig ,查看IP地址
打开win10-2输入cmd命令 输入ipconfig ,查看IP地址
c、ping测试网络是否通畅
7、打开sever2016搭建web服务,首先将其设置为自定义绑定网卡vmnet3,为其配置IP(14.0.0.14).
a、设置网络网卡
b、设置固定IP14.0.0.14
c、搭建web服务
d、配置www.kgc.com.
8、不同服务器之间进行通讯,查看实验结果。
a, pc machine to access web pages - Success
b, pc machine ping server2016-- success
c, pc machine verification dns resolve the domain name service set up - success
d, win10-2 ping win10-2 see two pc machine communication - success
Successful experiment ended. With determination forward, any obstruction is not a problem, we will eventually reach the end successfully.