2019-09-28
Computer networking technology lab report
| First, the purpose of the experiment L comprehensive design experiment on this course provided comprehensive training and examine students' ability to interconnect network design and configuration of the park. l grasp small network of IP and design methodology VLAN l embodiment and having the ability to design a small network exchange l having the design and implementation of a small network routing capabilities |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Second, the basic skill experiment content, requirements and environment An enterprise network topology shown in Figure, the enterprise application to a public address block 202.33.1.0/28, company decides to use an address within the private network, implemented using NAT internal network access to the Internet (note on the router R1: the figure represents the server and the Internet server hosts on the Internet). Please complete the following deployment and configuration tasks:
Please complete the following tasks in accordance with the above case: 1) Please set up according to the figure above the topology of the network environment, and is connected to the port marked inter-device, see the device name of the topology map) (10 points in the headquarters network configurator host name (host name) 2) In the headquarters, the need for LAN by sector into the management VLAN, the maximum number of each department name and the host have shown in Table 1: Table 1
And complete the configuration of the relevant VLAN. (16 points) 3) according to RFC1918, internally using private IP addresses 10. X.0.0 / 16, IP addressing should save as much as possible address space Note: A total of 60 branches hosts. (Note: "X" where the group number is set, for example, the address of the first group to be used is 10.1.0.0/16);(10 minutes) 4) Configure HTTP services and related management VLAN address of the switch SW3, ask the administrator can remotely log in from anywhere in the intranet to SW3, perform configuration and management. (10 points) 5)请对拓扑结构中的交换机SW3进行密码恢复操作。(10分) 6)进行路由的设计与实施,使得校园网内部可以相互通信(16分) 7)进行NAT的设计与实施,使得校园网内所有的主机均可以访问Internet,Internet的用户可以访问校园网中的EMAIL和WWW服务器(18分) 8)要求总部的LAN中,交换机SW1控制成为根树(4分) 9)将所有设备的配置文件捕获成文本保存在文本文件中,放到D盘自己组名目录下(6分)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 三、搭建的实验拓扑(请注明设备相连的端口) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 四、实验相关的规划 1.IP地址与VLAN的设计,相关的配置参数规划如表1:(管理VLAN也填写在此表中) 表1:IP地址与VLAN的设计
2.VLAN规划 表2:某大学各部门VLAN相对应的IP规划
3.交换机中继规划 表3:某大学园区网络中各交换机间中继的规划
4.IP编址规划 表4:与某大学各部门VLAN相对应的IP编址规划
表5:某大学园区网络中各主要互连网段的IP地址规划
5.路由规划 表6:某大学园区网络涉及的路由规划
6.NAT规划 表7:某大学园区网络涉及的NAT规划
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 五、实验配置与结果分析 使用ospf使得R1,R2,ISP之间互通。 仅仅展示R2的配置,其他三个基本相同。 Router>enable Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostn Router(config)#hostname R2 R2(config)#router osp R2(config)#router ospf 1 R2(config-router)# R2(config-router)#netw R2(config-router)#network 10.0.4.0 0.0.0.255 are 0 R2(config-router)#network 10.0.3.0 0.0.0.255 are 0 查看:
R1:
ISP:
配置nat: R1(config-if)# R1(config-if)#inter g0/1 R1(config-if)#ip na R1(config-if)#ip nat ou R1(config-if)#ip nat outside R1(config-if)#ip nat outside R1(config-if)#inter g0/2 R1(config-if)#ip nat inside R1(config-if)#inter g0/0 R1(config-if)#ip nat inside R1(config-if)#ex R1(config)#ip nat inside source static 202.33.2.2 10.0.3.3 查看:
IP地址与VLAN的划分配置如下: SW1> SW1>enab SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#int rage SW1(config)#int ran SW1(config)#int range f0/4-f0/6 SW1(config-if-range)#ex SW1(config)#vlan 10 SW1(config-vlan)#inter vlan 10 SW1(config-if)# %LINK-5-CHANGED: Interface Vlan10, changed state to up
SW1(config-if)#ip add SW1(config-if)#ip address 10.0.1.1 255.255.255.240 SW1(config-if)#ex SW1(config)#int range f0/4-f0/6 SW1(config-if-range)#sw mod ac SW1(config-if-range)#sw mod access SW1(config-if-range)#sw acc SW1(config-if-range)#sw access vlan 10 SW1(config-if-range)# SW1(config-if-range)#no shut SW1配置trunk SW1(config)#inter f0/2 SW1(config-if)#sw SW1(config-if)#switchport tr SW1(config-if)#switchport trunk en SW1(config-if)#switchport trunk encapsulation do SW1(config-if)#switchport trunk encapsulation dot1q SW1(config-if)#inter f0/3 SW1(config-if)#sw tr en do SW1(config-if)#sw tr en dot1q SW1(config-if)#no shut SW1(config-if)#
SW3的vlan分配。
SW3> SW3>enab SW3#conf t Enter configuration commands, one per line. End with CNTL/Z. SW3(config)# SW3(config)#vlan 30 SW3(config-vlan)#vlan 20 SW3(config-vlan)#int vlan 30 SW3(config-if)#ip address 10.0.0.31 255.255.255.224 SW3(config-if)#inter vlan 20 SW3(config-if)#ip add 10.0.0.21 255.255.255.224 SW3#CONF T Enter configuration commands, one per line. End with CNTL/Z. SW3(config)#int range f0/2-f0/10 SW3(config-if-range)#switchport mode acc SW3(config-if-range)#sw acc vlan 20 SW3(config-if-range)#ex SW3(config)#inter range f0/11-f0/14 SW3(config-if-range)#sw mo acc SW3(config-if-range)#sw acc vlan 30 SW3(config-if-range)#no shut SW3(config-if-range)#end 查看:
SW4的vlan分配为:
在SW4将vlan划分到指定的端口: SW4> SW4>enab SW4# SW4#conf t Enter configuration commands, one per line. End with CNTL/Z. SW4(config)# SW4(config)#inter ran f0/2-f0/8 SW4(config-if-range)#sw SW4(config-if-range)#switchport ac SW4(config-if-range)#switchport mode ac SW4(config-if-range)#switchport mode access SW4(config-if-range)#sw acc vlan 20 SW4(config-if-range)# SW4(config-if-range)#ex SW4(config)#inter range f0/9-f0/13 SW4(config-if-range)#sw mo acc SW4(config-if-range)#sw acc vlan 30 SW4(config-if-range)#ex SW4(config)#inter range f0/14-f0/19 SW4(config-if-range)#sw mo acc SW4(config-if-range)#sw acc vlan 40 SW4(config-if-range)#ex SW4(config)#inter rang SW4(config)#inter range f0/20-f0/24 SW4(config-if-range)#sw mode acc SW4(config-if-range)#sw acc vlan 50 SW4(config-if-range)#no shut SW4(config-if-range)# 对SW1进行相关配置
show running-config
使得子公司访问母公司: R2# R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#ip route 10.0.0.0 255.255.255.224 10.0.3.2 R2(config)# 内网与外网全通:
远程登陆:【演示主机为三层f0/4号和SW3的f0/13号】 Switch> Switch>enable Switch# Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# Switch(config)#enable pas Switch(config)#enable password 123456 Switch(config)#lin Switch(config)#line con Switch(config)#line console 0 Switch(config-line)#pas Switch(config-line)#password 123456 Switch(config-line)#login Switch(config-line)#exit Switch(config)#line vty 0 4 Switch(config-line)#pas Switch(config-line)#password 123456 Switch(config-line)#login Switch(config-line)#end Switch# %SYS-5-CONFIG_I: Configured from console by console
Switch#
Acl控制: R2(config)#access-list 1 deny host 10.0.4.5 R2(config)#access-list 1 al R2(config)#access-list 1 al? % Unrecognized command R2(config)#access-list 1 ? deny Specify packets to reject permit Specify packets to forward remark Access list entry comment R2(config)#access-list 1 per R2(config)#access-list 1 permit ? A.B.C.D Address to match any Any source host host A single host address R2(config)#access-list 1 permit any ? <cr> R2(config)#access-list 1 permit any R2(config)#inter f0/1 R2(config-if)#ip access-group 1 out R2(config-if)#no shut 测试如下:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
