1. easy ipを使用してr1のサーバーにアクセスし、プライベートネットワークでサーバーにアクセスする必要があり、r6でNATサーバーをセットアップします。R5-r6は静的ルーティングを使用しますr5、r3、r4はospf構成を使用します。
2. NAT:変換にEasyIpを使用して、Client1がR1のg0 / 0/2インターフェイスのIPを使用して外部ネットワークにアクセスできるようにします。NAT-Serverを使用して、Client1がアクセス時にR6のg0 / 0/1インターフェイスのIPを使用できるようにします。 Server1のWebサービスポート8080でのアクセス
3.BGPパス属性ルーティング:データ伝送パスは、BGPパス属性を介したR1-> R2-> R4-> R5-> R6-> R5-> R3-> R2-> R1です。結果を確認するには、R2およびR5でdis bgprouting-tableを使用します。
4. DHCP:R5はDHCPサーバーであり、R6はDHCPリレーエージェントです。PC5とPC6に動的IP割り当てサービスを提供するには、R5とR6の間に静的ルーティングが必要です。
ipconfigを使用して、PC5とPC6で結果を確認します。
5. VRRP:通常の状況では、VLAN10とVLAN20のマスターはSW1である必要があり、VLAN30とVLAN40のマスターはSW2です。
disvrrpを使用して結果を確認します。
6. MSTP:通常の状況では、各VLANのトラフィックパス要件は次のとおりです
。VLAN10:SW3-> SW1-> R1; VLAN20:SW3-> SW1-> R1; VLAN30:SW4-> SW2-> R1; VLAN40 :SW4-> SW2-> R1。
dis stp briefを使用して、結果を確認します。
7。リンクアグリゲーション:SW1とSW2はリンクアグリゲーションを使用して相互接続されており、2つはアクティブで、1つはスタンバイである必要があります。
dis trunkmembership eth-trunk 1を使用して、結果を確認します。8
。相互運用性!!!
sw3
sw3とsw4は比較的単純で、トランクとスイッチのアクセスを構成するだけで済みます。
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname sw3
[sw3]user-interface console 0
[sw3-ui-console0]idle-timeout 0 0
[sw3]vlan bat 10 20 30 40 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw3]int e0/0/1
[sw3-Ethernet0/0/1]p l a
[sw3-Ethernet0/0/1]p d v 10
[sw3-Ethernet0/0/1]int e0/0/2
[sw3-Ethernet0/0/2]p l a
[sw3-Ethernet0/0/2]p d v 20
[sw3-Ethernet0/0/2]int g0/0/1
[sw3-GigabitEthernet0/0/1]p l t
[sw3-GigabitEthernet0/0/1]p t a v a
[sw3-GigabitEthernet0/0/1]int g0/0/2
[sw3-GigabitEthernet0/0/2]p l t
[sw3-GigabitEthernet0/0/2]p t a v a
[sw3-GigabitEthernet0/0/2]
[sw3-GigabitEthernet0/0/2]q
[sw3]stp mode mstp
[sw3]stp region-configuration
[sw3-mst-region]region-name huawei
[sw3-mst-region]revision-level 1
[sw3-mst-region]instance 1 vlan 10 20
[sw3-mst-region]instance 2 vlan 30 40
[sw3-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw3-mst-region]q
[sw3]dis stp brief
MSTID Port Role STP State Protection
0 Ethernet0/0/1 DESI FORWARDING NONE
0 Ethernet0/0/2 DESI FORWARDING NONE
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/2 ALTE DISCARDING NONE
1 Ethernet0/0/1 DESI FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
1 GigabitEthernet0/0/1 ROOT FORWARDING NONE
1 GigabitEthernet0/0/2 ALTE DISCARDING NONE
2 GigabitEthernet0/0/1 ALTE DISCARDING NONE
2 GigabitEthernet0/0/2 ROOT FORWARDING NONE
[sw3]
[sw3]
[sw3] dis stp brief view mstpportsのステータスインスタンス1の無効化されたポートとインスタンス2の無効化されたポートは、ループ防止とバックアップリンクの役割を果たすことができます。
sw4
The device is running!
<Huawei>
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname sw4
[sw4]user-interface console 0
[sw4-ui-console0]idle-timeout 0 0
[sw4]vlan bat 10 20 30 40 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw4]int e0/0/1
[sw4-Ethernet0/0/1]p l a
[sw4-Ethernet0/0/1]p d v 30
[sw4-Ethernet0/0/1]int e0/0/2
[sw4-Ethernet0/0/2]p l a
[sw4-Ethernet0/0/2]p d v 40
[sw4-Ethernet0/0/2]int g0/0/1
[sw4-GigabitEthernet0/0/1]p l t
[sw4-GigabitEthernet0/0/1]p t a v a
[sw4-GigabitEthernet0/0/1]int g0/0/2
[sw4-GigabitEthernet0/0/2]p l t
[sw4-GigabitEthernet0/0/2]p t a v a
[sw4-GigabitEthernet0/0/2]q
[sw4]stp mode mstp
[sw4]stp region-configuration
[sw4-mst-region]region-name huawei
[sw4-mst-region]revision-level 1
[sw4-mst-region]instance 1 vlan 10 20
[sw4-mst-region]instance 2 vlan 30 40
[sw4-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw4-mst-region]q
[sw4]dis stp brief
MSTID Port Role STP State Protection
0 Ethernet0/0/1 DESI FORWARDING NONE
0 Ethernet0/0/2 DESI FORWARDING NONE
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 DESI FORWARDING NONE
1 GigabitEthernet0/0/1 ROOT FORWARDING NONE
1 GigabitEthernet0/0/2 ALTE DISCARDING NONE
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 DESI FORWARDING NONE
2 GigabitEthernet0/0/1 ALTE DISCARDING NONE
2 GigabitEthernet0/0/2 ROOT FORWARDING NONE
[sw4]
[sw4]
sw1
3層スイッチには3層ルーティング機能があります。bgpアナウンスネットワークセグメントもsw1とsw2で構成する必要があります。eth-trunkを構成する場合は、トランクモードを構成する必要があります。vrrp:vlan1020はsw1をマスタールート、vlan30 40はマスターとしてsw2を使用しますvrrp構成をルーティングするときは、sw1のvlan10の構成に注意してから、sw2でvlan10を構成します。sw1vlan1020を一度に構成しないでください。
<Huawei>
<Huawei>
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname sw1
[sw1]user-interface console 0
[sw1-ui-console0]idle-timeout 0 0
[sw1-ui-console0]q
[sw1]vlan bat 10 20 30 40 100
[sw1]int g0/0/1
[sw1-GigabitEthernet0/0/1]p l t
[sw1-GigabitEthernet0/0/1]p t a v a
[sw1-GigabitEthernet0/0/1]int g0/0/6
[sw1-GigabitEthernet0/0/6]p l a
[sw1-GigabitEthernet0/0/6]p d v 100
[sw1-GigabitEthernet0/0/6]int g0/0/2
[sw1-GigabitEthernet0/0/2]p l t
[sw1-GigabitEthernet0/0/2]p t a v a
[sw1-GigabitEthernet0/0/2]q
[sw1]lacp priority 1000
[sw1]int Eth-Trunk 1
[sw1-Eth-Trunk1]bpdu enable
[sw1-Eth-Trunk1]mode la
[sw1-Eth-Trunk1]mode lacp-static
[sw1-Eth-Trunk1]trunkport GigabitEthernet 0/0/3 to 0/0/5
[sw1-Eth-Trunk1]max active-linknumber 2
[sw1-Eth-Trunk1]p l t
[sw1-Eth-Trunk1]p t a v a
[sw1-Eth-Trunk1]q
[sw1]stp mode mstp
[sw1]stp region-configuration
[sw1-mst-region]region-name huawei
[sw1-mst-region]revision-level 1
[sw1-mst-region]instance 1 vlan 10 20
[sw1-mst-region]instance 2 vlan 30 40
[sw1-mst-region]active region-configuration
[sw1-mst-region]q
[sw1]stp instance 1 root primary
[sw1]stp instance 2 root secondary
[sw1]dis stp brief
省略!!!
[sw1]
[sw1]int vlan 10
[sw1-Vlanif10]ip add 192.168.1.1 24
[sw1-Vlanif10]int vlan 20
[sw1-Vlanif20]ip add 192.16.2.1 24
[sw1-Vlanif20]int vlan 30
[sw1-Vlanif30]ip add 192.168.3.1 24
[sw1-Vlanif30]int vlan 40
[sw1-Vlanif40]ip add 192.168.4.1 24
[sw1-Vlanif40]int vlan 100
[sw1-Vlanif100]ip add 10.0.0.10 24
[sw1-Vlanif100]int vlan 10
[sw1-Vlanif10]ip add 192.168.1.10 24
[sw1-Vlanif10]int vlan 20
[sw1-Vlanif20]ip add 192.168.2.10 24
[sw1-Vlanif20]int vlan 30
[sw1-Vlanif30]ip add 192.168.3.10 24
[sw1-Vlanif30]int vlan 40
[sw1-Vlanif40]ip add 192.168.4.10 24
[sw1-Vlanif40]int vlan 100
[sw1-Vlanif100]ip add 10.0.0.10 24
Error: The address already exists.
[sw1-Vlanif100]int vlan 10
[sw1-Vlanif10]dis this
interface Vlanif10
ip address 192.168.1.10 255.255.255.0
return
[sw1-Vlanif10]
[sw1-Vlanif10]vrrp vrid 10 virtual-ip 192.168.1.1
[sw1-Vlanif10]vrrp vrid 10 priority 120
[sw1-Vlanif10]vrrp vrid 10 track interface g0/0/6 reduced 30
[sw1-Vlanif10]
[sw1-Vlanif10]int vlan 20
[sw1-Vlanif20]vrrp vrid 20 vir
[sw1-Vlanif20]vrrp vrid 20 virtual-ip 192.168.2.1
[sw1-Vlanif20]vrrp vrid 20 priority 120
[sw1-Vlanif20]vrrp vrid 20 track interface g0/0/6 reduced 30
[sw1-Vlanif20]dis this
interface Vlanif20
ip address 192.168.2.10 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.2.1
vrrp vrid 20 priority 120
vrrp vrid 20 track interface GigabitEthernet0/0/6 reduced 30
return
[sw1-Vlanif20]int vlan 30
[sw1-Vlanif30]vrrp vrid 30 virtual-ip 192.168.3.1
[sw1-Vlanif30]vrrp vrid 30 priority 115
[sw1-Vlanif30]int vlan 40
[sw1-Vlanif40]vrrp vrid 40 virtual-ip 192.168.4.1
[sw1-Vlanif40]vrrp vrid 40 priority 115
[sw1-Vlanif40]
[sw1-Vlanif40]int loop0
[sw1-LoopBack0]ip add 7.7.7.7 32
[sw1-LoopBack0]
[sw1-LoopBack0]
[sw1-LoopBack0]rip
[sw1-rip-1]version 2
[sw1-rip-1]undo summary
[sw1-rip-1]net 10.0.0.0
[sw1-rip-1]net 192.168.1.0
[sw1-rip-1]net 192.168.2.0
[sw1-rip-1]net 7.0.0.0
[sw1-rip-1]q
[sw1]bgp 100
[sw1-bgp]peer 1.1.1.1 as-number 100
[sw1-bgp]peer 1.1.1.1 connect-interface
[sw1-bgp]peer 1.1.1.1 connect-interface loop0
[sw1-bgp]peer 8.8.8.8 as-number 100
[sw1-bgp]peer 8.8.8.8 connect-interface loop0
[sw1-bgp]peer 2.2.2.2 as-number 100
[sw1-bgp]peer 2.2.2.2 connect-interface loop0
[sw1-bgp]
[sw1-bgp]net 1.1.1.1 32
[sw1-bgp]net 8.8.8.8 32
[sw1-bgp]net 7.7.7.7 32
[sw1-bgp]net 2.2.2.2 32
sw2
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname sw2
[sw2]user-interface console 0
[sw2-ui-console0]idle-timeout 0 0
[sw2]vlan bat 10 20 30 40 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw2]int g0/0/6
[sw2-GigabitEthernet0/0/6]p l a
[sw2-GigabitEthernet0/0/6]p d v 100
[sw2-GigabitEthernet0/0/6]int g0/0/1
[sw2-GigabitEthernet0/0/1]p l t
[sw2-GigabitEthernet0/0/1]p t a v a
[sw2-GigabitEthernet0/0/1]int g0/0/2
[sw2-GigabitEthernet0/0/2]p l t
[sw2-GigabitEthernet0/0/2]p t a v a
[sw2-GigabitEthernet0/0/2]q
[sw2]lacp priority 1000
[sw2]int Eth-Trunk 1
[sw2-Eth-Trunk1]bpdu enable
[sw2-Eth-Trunk1]mode lacp-static
[sw2-Eth-Trunk1]trunkport GigabitEthernet 0/0/3 to 0/0/5
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw2-Eth-Trunk1]max active-linknumber 2
[sw2-Eth-Trunk1]p l t
[sw2-Eth-Trunk1]p t a v a
[sw2-Eth-Trunk1]q
[sw2]stp mode mstp
[sw2]stp region-configuration
[sw2-mst-region]region-name huawei
[sw2-mst-region]revision-level 1
[sw2-mst-region]instance 1 vlan 10 20
[sw2-mst-region]instance 2 vlan 30 40
[sw2-mst-region]active region-configuration
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw2-mst-region]q
[sw2]stp instance 1 root secondary
[sw2]stp instance 2 root primary
[sw2]dis stp b
[sw2]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/6 DESI FORWARDING NONE
0 Eth-Trunk1 ALTE DISCARDING NONE
1 GigabitEthernet0/0/1 DESI FORWARDING NONE
1 GigabitEthernet0/0/2 DESI FORWARDING NONE
1 Eth-Trunk1 ROOT FORWARDING NONE
2 GigabitEthernet0/0/1 DESI FORWARDING NONE
2 GigabitEthernet0/0/2 DESI FORWARDING NONE
2 Eth-Trunk1 DESI FORWARDING NONE
[sw2]
[sw2]int vlan 10
[sw2-Vlanif10]ip add 192.168.1.20 24
[sw2-Vlanif10]int vlan 20
[sw2-Vlanif20]ip add 192.168.2.20 24
[sw2-Vlanif20]int vlan 30
[sw2-Vlanif30]ip add 192.168.3.20 24
[sw2-Vlanif30]int vlan 40
[sw2-Vlanif40]ip add 192.168.4.20 24
[sw2-Vlanif40]int vlan 100
[sw2-Vlanif100]ip add 11.0.0.20 24
[sw2-Vlanif100]
[sw2-Vlanif100]int vlan 10
[sw2-Vlanif10]vrrp vrid 10 virtual-ip 192.168.1.1
[sw2-Vlanif10]vrrp vrid 10 priority 115
[sw2-Vlanif10]int vlan 20
[sw2-Vlanif20]vrrp vrid 20 virtual-ip 192.168.2.1
[sw2-Vlanif20]vrrp vrid 20 priority 115
[sw2-Vlanif20]int vlan 30
[sw2-Vlanif30]vrrp vrid 30 virtual-ip 192.168.3.1
[sw2-Vlanif30]vrrp vrid 30 priority 120
[sw2-Vlanif30]vrrp vrid 30 track interface GigabitEthernet 0/0/6 reduced 30
[sw2-Vlanif30]int vlan 40
[sw2-Vlanif40]vrrp vrid 40 virtual-ip 192.168.4.1
[sw2-Vlanif40]vrrp vrid 40 priority 120
[sw2-Vlanif40]vrrp vrid 40 track interface g0/0/6 reduced 30
[sw2-Vlanif40]
[sw2-Vlanif40]int loop0
[sw2-LoopBack0]ip add 8.8.8.8 32
[sw2-LoopBack0]
[sw2-LoopBack0]rip
[sw2-rip-1]version 2
[sw2-rip-1]undo summary
[sw2-rip-1]net 11.0.0.0
[sw2-rip-1]net 192.168.3.0
[sw2-rip-1]net 192.168.4.0
[sw2-rip-1]net 8.0.0.0
[sw2-rip-1]
[sw2-rip-1]bgp 100
[sw2-bgp]peer 1.1.1.1 as-number 100
[sw2-bgp]peer 1.1.1.1 connect-interface loop0
[sw2-bgp]peer 7.7.7.7 as-number 100
[sw2-bgp]peer 7.7.7.7 connect-interface loop0
[sw2-bgp]peer 2.2.2.2 as-number 100
[sw2-bgp]peer 2.2.2.2 connect-interface loop0
[sw2-bgp]
[sw2-bgp]net 1.1.1.1 32
[sw2-bgp]net 7.7.7.7 32
[sw2-bgp]net 8.8.8.8 32
[sw2-bgp]net 2.2.2.2 32
R1
コマンドが多すぎて表示が不完全なため、disccuコマンドを使用して構成を表示します。r1は、r2、sw1、sw2とのibgpピア関係を確立する必要があります。
[r1]dis cu
[V200R003C00]
#
sysname r1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
#
acl number 3000
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 11.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 12.0.0.1 255.255.255.0
nat outbound 2000
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 7.7.7.7 as-number 100
peer 7.7.7.7 connect-interface LoopBack0
peer 8.8.8.8 as-number 100
peer 8.8.8.8 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 2.2.2.2 255.255.255.255
network 7.7.7.7 255.255.255.255
network 8.8.8.8 255.255.255.255
peer 2.2.2.2 enable
peer 7.7.7.7 enable
peer 8.8.8.8 enable
#
rip 1
undo summary
version 2
network 12.0.0.0
network 10.0.0.0
network 11.0.0.0
network 1.0.0.0
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
r2
r2は、r1、sw1、およびsw2とのibgpピア関係を確立し、ネクストホップをそれ自体にポイントします。r3およびr4とのebgpピア関係を確立し、ホップの最大数を2ホップに変更します。インターフェイスはg0 / 0/2でeasyipを使用するため、ネットワークセグメントを宣言します。したがって、12.0.0.0 / 24ネットワークセグメントを宣言する必要があります。そうしないと、サーバーの56.0.0.6ポート8080サービスを取得できません。
[r2]dis cu
[V200R003C00]
#
sysname r2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 23.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 24.0.0.2 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 ebgp-max-hop 2
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 ebgp-max-hop 2
peer 4.4.4.4 connect-interface LoopBack0
peer 7.7.7.7 as-number 100
peer 7.7.7.7 connect-interface LoopBack0
peer 8.8.8.8 as-number 100
peer 8.8.8.8 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 7.7.7.7 255.255.255.255
network 8.8.8.8 255.255.255.255
network 12.0.0.0 255.255.255.0
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
peer 1.1.1.1 enable
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 4.4.4.4 route-policy lop import
peer 7.7.7.7 enable
peer 7.7.7.7 next-hop-local
peer 8.8.8.8 enable
peer 8.8.8.8 next-hop-local
#
rip 1
undo summary
version 2
network 12.0.0.0
network 2.0.0.0
#
route-policy lop permit node 10
apply local-preference 200
#
ip route-static 3.3.3.3 255.255.255.255 23.0.0.3
ip route-static 4.4.4.4 255.255.255.255 24.0.0.4
ip route-static 35.0.0.0 255.255.255.0 23.0.0.3
ip route-static 45.0.0.0 255.255.255.0 24.0.0.4
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
r3
[r3]dis cu
[V200R003C00]
#
sysname r3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 35.0.0.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 23.0.0.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 100
peer 2.2.2.2 ebgp-max-hop 2
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 200
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 200
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
network 56.0.0.0 255.255.255.0
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 5.5.5.5 enable
peer 6.6.6.6 enable
peer 6.6.6.6 next-hop-local
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 35.0.0.0 0.0.0.255
#
ip route-static 2.2.2.2 255.255.255.255 23.0.0.2
ip route-static 12.0.0.0 255.255.255.255 24.0.0.2
ip route-static 12.0.0.0 255.255.255.255 23.0.0.2
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
r4
[r4]dis cu
[V200R003C00]
#
sysname r4
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 45.0.0.4 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
ip address 24.0.0.4 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 100
peer 2.2.2.2 ebgp-max-hop 2
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 5.5.5.5 as-number 200
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 200
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 5.5.5.5 enable
peer 5.5.5.5 next-hop-local
peer 6.6.6.6 enable
peer 6.6.6.6 next-hop-local
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 45.0.0.0 0.0.0.255
#
ip route-static 2.2.2.2 255.255.255.255 23.0.0.2
ip route-static 2.2.2.2 255.255.255.255 24.0.0.2
ip route-static 12.0.0.0 255.255.255.0 24.0.0.2
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
r5
[r5]dis cu
[V200R003C00]
#
sysname r5
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
dhcp enable
#
ip pool 1
gateway-list 192.168.6.1
network 192.168.6.0 mask 255.255.255.0
dns-list 10.10.10.10
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 35.0.0.5 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 56.0.0.5 255.255.255.0
dhcp select global
#
interface GigabitEthernet0/0/2
ip address 45.0.0.5 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 6.6.6.6 as-number 200
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
network 56.0.0.0 255.255.255.0
network 192.168.5.0
network 192.168.6.0
peer 3.3.3.3 enable
peer 3.3.3.3 route-policy lop import
peer 3.3.3.3 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
peer 6.6.6.6 enable
peer 6.6.6.6 next-hop-local
#
ospf 1
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 35.0.0.0 0.0.0.255
network 45.0.0.0 0.0.0.255
#
route-policy lop permit node 20
apply local-preference 200
#
ip route-static 6.6.6.6 255.255.255.255 56.0.0.6
ip route-static 192.168.5.0 255.255.255.0 56.0.0.6
ip route-static 192.168.6.0 255.255.255.0 56.0.0.6
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
r6
[r6]dis cu
[V200R003C00]
#
sysname r6
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
dhcp enable
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.6.1 255.255.255.0
dhcp select relay
dhcp relay server-ip 56.0.0.5
#
interface GigabitEthernet0/0/1
ip address 56.0.0.6 255.255.255.0
nat server protocol tcp global current-interface 8080 inside 192.168.5.1 www
#
interface GigabitEthernet0/0/2
ip address 192.168.5.6 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
#
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 200
peer 5.5.5.5 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
peer 5.5.5.5 enable
peer 5.5.5.5 next-hop-local
#
ip route-static 0.0.0.0 0.0.0.0 56.0.0.5
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[r6]
実験結果