HCIP first experiment

Step 1: Land plot
192.168.1.0/24

129.168.1.0/27——Bone Dry Road
192.168.1.0/30
192.168.1.4/30
129.168.1.8/30
192.168.1.12/30
192.168.1.16/30
192.168.1.20/30< /span>

192.168.1.32/27——R1 round
192.168.1.32/28
192.168.1.48/28

192.168.1.64/27——R2 round
192.168.1.64/28
192.168.1.80/28

192.168.1.96/27——R4 round
192.168.1.96/28
192.168.1.112/28

192.168.1.128/27——R5 environment
192.168.1.160/27——R3 connection pc installation stage site

步骤二：配IP
【R1】
GigabitEthernet0/0/0 192.168.1.1/30
GigabitEthernet0/0/1 192.168.1.5/30
LoopBack0 192.168.1.33/28
LoopBack1 192.168.1.49/28
【R2】
GigabitEthernet0/0/0 192.168.1.2/30
GigabitEthernet0/0/1 192.168.1.9/30
LoopBack0 192.168.1.65/28
LoopBack1 192.168.1.81/28
【R3】
GigabitEthernet0/0/0 192.168.1.6/30
GigabitEthernet0/0/1 192.168.1.13/30
GigabitEthernet0/0/2 192.168.1.161/27
【R4】
GigabitEthernet0/0/0 192.168.1.10/30
GigabitEthernet0/0/1 192.168.1.14/30
GigabitEthernet0/0/2 192.168.1.21/30
GigabitEthernet4/0/0 192.168.1.17/30
LoopBack0 192.168.1.97/28
LoopBack1 192.168.1.113/28
【R5】
GigabitEthernet0/0/0 192.168.1.22/30
GigabitEthernet0/0/1 12.1.1.1/24
GigabitEthernet0/0/2 192.168.1.18/30
LoopBack0 192.168.1.129/27
【ISP】
GigabitEthernet0/0/0 12.1.1.2/24
LoopBack0 1.1.1.1/24

步骤三：静态路由
先配缺省，后静态，再空接口防环
【R1】
ip route-static 0.0.0.0 0.0.0.0 192.168.1.2
ip route-static 0.0.0.0 0.0.0.0 192.168.1.6
ip route-static 192.168.1.8 255.255.255.252 192.168.1.2
ip route-static 192.168.1.12 255.255.255.252 192.168.1.6
ip route-static 192.168.1.64 255.255.255.224 192.168.1.2
ip route-static 192.168.1.160 255.255.255.224 192.168.1.6
ip route-static 192.168.1.32 255.255.255.224 NULL0
【R2】
ip route-static 0.0.0.0 0.0.0.0 192.168.1.10
ip route-static 192.168.1.4 255.255.255.252 192.168.1.1
ip route-static 192.168.1.32 255.255.255.224 192.168.1.1
ip route-static 192.168.1.160 255.255.255.224 192.168.1.1
ip route-static 192.168.1.160 255.255.255.224 192.168.1.10
ip route-static 192.168.1.32 255.255.255.224 NULL0
【R3】
ip route-static 0.0.0.0 0.0.0.0 192.168.1.14
ip route-static 192.168.1.0 255.255.255.252 192.168.1.5
ip route-static 192.168.1.32 255.255.255.224 192.168.1.5
ip route-static 192.168.1.64 255.255.255.224 192.168.1.5
ip route-static 192.168.1.64 255.255.255.224 192.168.1.14
【R4】
ip route-static 0.0.0.0 0.0.0.0 192.168.1.18
ip route-static 0.0.0.0 0.0.0.0 192.168.1.22 preference 80
ip route-static 192.168.1.0 255.255.255.252 192.168.1.9
ip route-static 192.168.1.4 255.255.255.252 192.168.1.13
ip route-static 192.168.1.32 255.255.255.224 192.168.1.9
ip route-static 192.168.1.32 255.255.255.224 192.168.1.13
ip route-static 192.168.1.64 255.255.255.224 192.168.1.9
ip route-static 192.168.1.160 255.255.255.224 192.168.1.13
ip route-static 192.168.1.96 255.255.255.224 NULL0
ip route-static 192.168.1.0 255.255.255.0 NULL0
【R5】
ip route-static 0.0.0.0 0.0.0.0 12.1.1.2
ip route-static 192.168.1.0 255.255.255.0 192.168.1.17
ip route-static 192.168.1.0 255.255.255.0 192.168.1.21 preference 80

Problem 1:
R1 cannot ping the loopback of R5
The reason is the lookup rule of the routing table: recursive lookup, longest match< /span> [r4]ip route-static 192.168.1.128 27 192.168.1.22 preference 80 [r4]ip route -static 192.168.1.128 27 192.168.1.18 Configure another route to R5 loopback Solution:
R5 is configured with a summary route of 192.168.1.0/24, and R4 has an empty interface of 192.168.1.0/24 as a loop route, so R4 will match the empty interface first, resulting in data packets Lost, unable to ping R5

Question 2:
Shut down the interface 4/0/0, which should be the backup route, and use the network segment 1.20/ below, but it still doesn’t work.
The reason is that the outbound interface has become null0, because the next hop 192.168.1.18 also belongs to the summarized 192.168.1.0/24 range, and its outbound interface is null0, so the route will search recursively. Outbound interface, set the outbound interface to null0 (because static routing is the first way of writing)

Solution:
Use the third way of writing static routing, do not let it Use recursive search
[r4]undo ip route-static 0.0.0.0 0 192.168.1.18
[r4]ip route-static 0.0.0.0 0 GigabitEthernet 4/ 0/0 192.168.1.18

Step 4:
[R3] Configure DHCP to issue an IP address
[r3]dhcp enable
[ r3]ip pool aaa
[r3-ip-pool-aaa]network 192.168.1.160 mask 27
[r3-ip-pool-aaa]gateway-list 192.168.1.161
[r3]interface g0/0/2
[r3-GigabitEthernet0/0/2]dhcp select global
Obtain the address after turning on the DHCP function of the PC

Step 5:
R1-R5 can access the loopback of R6
Make Easy IP
[r5] acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r5]interface g0/0/1
[r5-GigabitEthernet0/0/1]nat outbound 2000

Step 6:
R6telnetR5’s public address, actually log in to R1
Do port mapping
First Enable the remote login function of R1
[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r1]aaa
[r1-aaa]local-user huawei privilege level 15
[r1-aaa]local-user huawei password cipher 123
[r1-aaa]local-user huawei service-type telnet
[r5]interface g0/0/1
[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.1 23