网络从基础开始

作者:林小熊

1、vlan的基本配置:

创建vlan    vlan vlan-id[alias vlan-alias]

删除vlan    undo vlan vlan-id

vlan视图下配置一个或一组端口属于某个VLAN

  port interface-type{interface-num[to interface-num]}$<1-10>

借口视图下配置盖端口属于某个VLAN  port access vlan-id

2、trunk的基本配置

指定端口类型:trunk,access,hybrid

            port link-type{trunk/access/hybrid}

取消端口类型的设置   

            undo port-type{trunk/access/hybrid}

设置trunk端口可以通过的VLAN

[undo]port trunk permit vlan{{vlan-id[to vlan-id]}$<1-10>|all}

显示VLAN的信息 

          display vlan vlan-id

3、配置参考

路由器A的配置

[RTA]interface Ethernet 0/0

[RTA-Ethernet0/0]ip address 10.1.1.1. 30

[RTA-Ethernet0/0]quit

[RTA]interface LoopBack1

[RTA-LoopBack1]ip address 1.1.1.1 32

[RTA-LoopBack1]quit

[RTA]ip route-static 2.2.2.2 32 10.1.1.2

路由器B的配置

[RTB]interface Ethernet0/0

[RTB-Ethernet0/0]ip address 10.1.1.2 30

[RTB-Ethernet0/0]quit

[RTB]interface LoopBack1

[RTB-LoopBack1]ip address 2.2.2.2 32

[RTB-LoopBAck1]quit

[RTB]ip route-static 0.0.0.0 10.1.1.1

RIP协议配置

参考配置:

路由器A的配置:

[RTA]inetrface Ethernet 0/0

[RTA-Etnernet0/0]ip address 10.1.1.1 30

[RTA-Ethernet0/0]rip version2 multicast

[RTA-Ethernet0/0]quit

[RTA]interface LoopBack 0

[RTA-LoopBack1]ip address 1.1.1.1.1 32

[RTA-LoopBack1]rip version 2 multicast

[RTA-LoopBack]quit

[RTA]rip

[RTA-rip]network 1.1.1.1

[RTA-rip]network 10.1.1.0

[RTA-rip]undo summary

路由器B的配置

[RTB]interface Ethernet0/0

[RTB-Ethernet0/0]ip address 10.1.1.2 30

[RTB-Ethernet0/0]rip version 2 multicast

[RTB-Ethernet0/0]quit

[RTB]interface LoopBack 0

[RTB-LoopBack1]ip address 2.2.2.2 32

[RTB-LoopBack1]rip version 2multicast

[RTB-LoopBack1]quit

[RTB]interface Ethernet 0/1

[RTB-Serial1/0]ip address 192.2.2.1 30

[RTB-Serial1/0]rip varsion 2 multicast

[RTB-Serial1/0]rip authentication-mode md5 uaual Huawei

[RTB-Serial1/0]quit

[RTB]rip

[RTB-rip]network 192.2.2.0

[RTB-rip]network 2.2.2.2

[RTB-rip]network 10.1.1.0

[RTB-rip]undo summary

路由器C的配置:

[RTC]interface Ethernet 0/1

[RTC-Serial1/0]ip address 192.2.2.2 30

[RTC-Serial1/0]rip version 2 multicast

[RTC-Serial1/0]rip authentication-mode md5 usual Huawei

[RTC-Serial1/0]quit

[RTC]interface LoopBack 0

[RTC-LoopBack1]ip address 3.3.3.3 32

[RTC-LoopBack1]rip version 2 mutilcast

[RTC-LoopBack1]quit

[RTC]rip

[RTC-rip]network 3.3.3.3

[RTC-rip]network 192.2.2.0

[RTC-rip]undo summary

OSPF协议配置(最短路径选择路由协议)

四台路由器RTA,RTB,RTC以及RTD,RTA与RTB属于Area1,RTB与RTC属于Area0,RTC与RTD属于Area2.

配置步骤:

1、指定Router ID

在system-view视图下,指定一个RouterID,

2、运行OSPF

在system-view视图下,采用默认的进程1

3、创建区域

在OSPF视图下创建一个骨干区域Area0

4、通告网络

在Area视图下通告相应的网络

参考配置1、端口配置 配置RTAsystem-view

[Quidway]sysname RTA

[RTA]interface loopback 0

[RTA-LoopBack0]ip address 1.1.1.1 255.255.255.255

[RTA-LoopBack0]quit

[RTA]interface ethernet 0/0

[RTA-Ethernet0/0]ip address 10.1.1.1 255.255.255.252

[RTA-Ethernet0/0]quit

[RTA]interface serial 2/0

[RTA-Serial2/0]ip address 192.1.1.1 255.255.555.252

[RTA-Serial2/0]quit

配置RTBsystem-view

[Quidway]sysname RTB

[RTB]interface loopback 0

[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255

[RTB-LoopBack0]quit

[RTB]interface Ethernet 0/0

[RTB-Ethernet0/0]ip address 10.1.1.2 255.255.255.252

[RTB-Ethernet0/0]quit

[RTB]interface serial 2/0

[RTB-Serial2/0]ip address 192.2.2.2 255.255.255.252

[RTB-Serial2/0]quit

配置RTCsystem-view

[Quidway]sysname RTC

[RTC]interface loopback 0

[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255

[RTC-LoopBack0]quit

[RTC]interface Ethernet 0/0

[RTC-Ethernet0/0]ip address 10.2.2.2 255.255.255.252

[RTC-Ethernet0/0]quit

[RTC]interface serial 2/0

[RTC-Serial2/0]ip address 192.2.2.1 255.255.255.252

[RTC-Serial2/0]quit

配置RTDsystem-view

[Quidway]sysname RTD

[RTD]interface loopback 0

[RTD-LoopBack0]ip address 4.4.4.4 255.255.255.255

[RTD-LoopBack0]quit

[RTD]interface ethernet0/0

[RTD-Ethernet0/0]ip address 10.2.2.1 255.255.255.252

[RTD-Ethernet0/0]quit

[RTD]interface serial2/0

[RTD-Serial2/0]ip address 192.1.1.2 255.255.255.252

[RTD-Serial2/0]quit

OSPF配置

配置RTA

指定Router ID

[RTA]router id 1.1.1.1

运行OSPF

[RTA]opsf

创建区域0

[RTA-opsf-1]area 0

在区域0视图下通告网络

[RTA-ospf-1-area-0.0.0.0]net 10.1.1.0. 0.0.0.3

[RTA-opsf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3

[RTA-opsf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0

配置RTB

指定Router ID

[RTB]router id 2.2.2.2

运行opsf

[RTB]opsf

创建区域0

[RTB-ospf-1]area 0

在区域0视图下通告网络

[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.3

[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3

[RTB-opsf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0

配置RTC

指定Router ID

[RTCrouter id 3.3.3.3

运行OSPF

[RTC]ospf

创建区域0

[RTC-ospf-1]area 0

在区域0视图下通告网络

[RTC-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3

[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3

[RTC-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0

配置RTD

指定Router ID

[RTD]router id 4.4.4.4

运行ospf

[RTD]ospf

创建区域0

[RTD-ospf-1]area 0

在区域0视图下通告网络

[RTD-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3

[RTD-ospf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3

[RTD-ospf-1-area-0.0.0.0]net 4.4.4.0 0.0.0.0

ospf多区域试验配置配置参考配置RTAsystem-view

[RTA]int loopback 0

[RTA-LoopBack0]ip add 1.1.1.1 255.255.255.255

[RTA-LoopBAck0]quit

[RTA]int ethernet 0/0

[RTA-Ethernet0/0]ip add 10.1.1.1 255.255.255.252

[RTA-Ethernet0/0]undo shutdown

配置RTB

system-view

[RTB]int loopback 0

[RTB-LoopBack0]ip add 2.2.2.2 255.255.255.252

[RTB]int ethernet 0/0

[RTB-Ethernet0/0]ip add 10.1.1.2 255.255.255.252

[RTB-Ethernet0/0]undo shutdown

[RTB]int serial 2/0

[RTB-Serial2/0]ip add 192.2.2.2 255.255.255.252

配置RTC

system-view

[RTC]int loopback 0

[RTC-LoopBack0]ip add 3.3.3.3 255.255.255.252

[RTC]int ethernet 0/0

[RTC-Ethernet0/0]ip add 10.2.2.2 255.255.255.252

[RTC-Ethernet0/0]undo shutdowm

[RTC]int  serial 2/0

[RTC-Serial2/0]ip add 192.2.2.1 255.255.255.252

[RTC-Serial2/0]undo shutdown

配置RTD

system-view

[RTD]int loopback 0

[RTD-LoopBack0]ip add 10.10.1.4 255.255.255.255

[RTD]int ethernet 0/0

[RTD-Ethernet0/0]ip add 10.2.2.1 255.255.255.252

[RTD-Ethernet0/0]undo shutdown

ospf配置

配置RTA

指定Router ID

[RTA]router id 1.1.1.1

运行OSPF

[RTA]ospf

创建区域1

[RTA-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3

[RTA-ospf-1-area-0.0.0.1]network 1.1.1.1 0.0.0.0

配置RTB

指定Router ID

[RTB]router id 2.2.2.2

运行OSPF

[RTB]ospf

创建区域0

[RTB-ospf-1]area 0

创建区域1

[RTB-ospf-1]area 1

在区域0视图下通告网络

[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3

在区域1视图下通告网络

[RTB-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3

[RTB-ospf-1-area-0.0.0.1]network 2.2.2.2 0.0.0.0

配置RTC

指定Router ID

[RTC]router id 3.3.3.3

运行ospf

[RTC]ospf

创建区域0

[RTC-ospf-1]area 0

创建区域2

[RTC-ospf-1]area 2

在区域0视图下通告网络

[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3

在区域2视图下通告网络

[RTC-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3

[RTC-ospf-1-area-0.0.0.2]network 3.3.3.3 0.0.0.0

配置RTD

指定Router ID

[RTD]router id 10.10.1.4

运行ospf

[RTD]ospf

创建区域2

[RTD-ospf-1]area 2

在区域2视图下通告网络

[RTD-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3

[RTD-ospf-1-area-0.0.0.2]network 4.4.4.4 0.0.0.0

acl基本配置配置参考1.RTA的配置配置接口system-view

[Quidway]sysname RTA

[RTA]interface Ethernet 0/0

[RTA-Ethernet0/0]ip add 30.1.1.1 30

[RTA-Ethernet0/0]quit

[RTA]interface LoopBack 0

[RTA-LoopBack0]ip address 1.1.1.1 32

[RTA-loopBack0]quit

[RTA-ospf-1]area 0

[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3

[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0

2、RTB的配置配置接口sysname-view

[Quidway]sysname RTB

[RTB]interface Rthernet 0/0

[RTB-Ethernet0/0]ip add 30.1.1.2 30

[RTB-Ethernet0/0]quit

[RTB]interface Ethernet 0/1

[RTB-Ethernet0/1]ip add 20.1.1.1 30

[RTB-Ethernet0/1]quit

[RTB-ospf-1]area 0

[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3

[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3

创建ACL并配置规则

[RTB]acl number 2000 match-order auto

[RTB-acl-basic-2000]rule permit source 10.1.1.0 0.0.0.255

[RTB-acl-basic-2000]rule permit source 20.1.1.0 0.0.0.3

[RTB-acl-basic-2000]rule permit deny source any

启用防火墙

[RTB]firewall enable

在接口上应用防火墙

[RTB]interface Ethernet 0/1

[RTB-Ethernet0/1]firewall packet-fillter 2000 inbound

2、交换机的配置system-view

[Quidway]vlan 2

[Quidway-vlan2]port Ethernet 0/5 to Ethernet 0/8

[Quidway-vlan2]vlan 3

[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12

[Quidway-vlan3]vlan 4

[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16

[Quidway]interface vlan 1

[Quidway-Vlan-interface1]ip address 20.1.1.2 25.255.255.0

[Quidway-Vlan-interface1]quit

[Quidway]interface vlan 2

[Quidway-Vlan-interface2]ip address 10.1.1.2 255.255.255.0

[Quidway-Vlan-interface2]quit

[Quidway]interface Vlan-interface 3

[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0

[Quidway-Vlan-interface3]quit

[Quidway]interface Vlan-interface 4

[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0

[Quidway-Vlan-interface4]quit

配置高级ACL业务配置配置步骤1、配置组网图中相关接口2、设备之间启用ospf,使用个网段可以互通3、启用acl,并进行规则配置4、在相应接口应用acl配置参考1、RTA的配置 配置接口system-view

[Quidway]sysname RTA

[RTA]interface Ethernet 0/0

[RTA-Ethernet0/0]ip address 30.1.1.1 30

[RTA-Ethernet0/0]quit

[RTA]interface LoopBack 0

[RTA-LoopBack0]ip address 1.1.1.1 32

[RTA-LoopBack0]quit

[RTA]ospf

[RTA-ospf-1]area 0

[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3

[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0

[RTA]ftp server enable

[RTA]local-user huawei password simple huawei

[RTA]local-user huawei service-type ftp

2、RTB的配置配置接口system-view

[Quidway]sysname RTB

[RTB]int Ethernet 0/0

[RTB-Ethernet0/0]ip address 30.1.1.1 30

[RTB-Ethernet0/0]quit

[RTB]interface Ethernet 0/1

[RTB-Ethernet0/1]ip address 20.1.1.1 30

[RTB-Ethernet0/1]quit

[RTB]ospf

[RTB-ospf-1]area 0

[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3

[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3

创建ACL并配置规则

[RTB]acl number 3000

[RTB-acl-adv-3000]rule permit ospf

[RTB-acl-adv-3000]rule permit tcp source 10.1.1.0 .0.0.0.255

destination 1.1.1.0 destination-port eq ftp

[RTB-acl-adv-3000]rule deny tcp source any destination any

启用防火墙

[RTB]firewall enable

在接口上应用防火墙

[RTB]interface Ethernet 0/1

[RTB Ethernet 0/1]firewall packet-filter 3000 inbound

3、配置交换机

[Quidway]system-view

[Quiday]vlan 2

[Quidway-valn2]port Ethernet 0/5 to Ethernet 0/8

[Quidway-vlan2]vlan3

[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12

[Quidway-valn3]vlan4

[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16

[Quidway]interface vlan1

[Quidway-Vlan-interface1]ip address 20.1.1.2 255.255.255.0

[Quidway-Vlan-interface1]quit

[Quidway]interface vlan2

[Quidway-Vlan-interface2]ip address 10.1.1.1 255.255.255.0

[Quidway-Vlan-interface2]quit

[Quidway]interface Vlan-interface 3

[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0

[Quidway-Vlan-interface3]quit

[Quidway]interface Vlan-interface 4

[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0

[Quidway-Vlan-interface4]quit

地址转换配置

1、基本配置

配置RTA NAT出口路由器

配置内网网关

[RTA-Ethernet0/1]ip address 192.168.1.1 255.255.255.0

配置出接口地址

[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0

配置公网IGP路由

[RTA]interface LoopBack 0

[RTA-LoopBack0]ip addr 1.1.1.1 255.255.255.255

[RTA]router id 1.1.1.1

[RTA]ospf

[RTA-ospf-1]area 0

[RTA-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255

配置RTB公网路由器

配置接口地址

[RTB-Ethernet0/0]ip addr 10.1.1.2 255.255.255.0

[RTB-Ethernet12/0]ip address 192.2.2.2 255.255.255.252

[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255

配置IGP路由

[RTB]router id 2.2.2.2

[RTB]ospf

[RTB-ospf-1]area 0

[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3

[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.255

配置RTC公网路由器

配置接口地址

[RTC-Serial3/0]ip addr 192.2.2.1 255.255.255.252

[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255

配置IGP路由

[RTC]router id 3.3.3.3

[RTC]ospf

[RTC-ospf-1]area 0

[RTC-ospf-area-0.0.0.0]net 192.2.2.0 0.0.0.3

配置RTD内网FTP服务器RTD

使能FTP SERVER

[RTD]ftp server enable

配置FTP用户

[RTD]local-user huawei password simple Huawei

[RTD]local-user huawei server-type ftp

[RTD]local-user huawei ftp-directory flash:/

配置接口与路由

[RTD-Ethernet0/0]ip addr 192.168.1.2 255.255.255.0

[RTD]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1

NAT配置

配置EASY IP方式的NAT

配置ACL

[RTA]acl number 2001

[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255

[RTA-acl-basic-2001]rule deny

配置出接口NAT转换

[RTA-Ethernet0/0]nat outbound 2001

配置IP POOL方式的NAT

配置ACL

[RTA]acl number 2001

[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255

[RTA-acl-basic-2001]rule deny

配置NAT转换的地址池

[RTA]nat address-group 1 10.1.1.3 10.1.1.10

配置出接口NAT转换

[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0

[RTA-Ethernet0/0]nat outbound 2001 address-group 1

DHCP配置配置参考端口配置:

system-view

[RTA]int ethernet 0/0

[RTA-Ethernet0/0]ip addr 192.168.1.1 255.255.255.

DHCP配置

启动DHCP服务

[Quidway]dhcp enable

配置不参与自动分配的IP地址(出口网关地址)

[Quidway]dhcp server forbidden-ip 192.168.1.2 255.255.255.0

配置DHCP地址池1的共有属性

[Quidway]interface vlan 1

[Quidway-Vlan-interface1]

[Quidway-Vlan-interface1]ip address 192.168.1.2 255.255.255.0

[Quidway]dhcp server ip-pool 1

[Quidway-dhcp-pool-1]network 192.168.1.0 mask 255.255.255.0

[Quidway-dhcp-pool-1]gateway-list 192.168.1.1

[Quidway-dhcp-pool-1]dns-list 202.106.196.152 202.106.196.115

[Quidway-dhcp-pool-1]domain-name huawei.com

[Quidway]quitsave

              VLAN配置示例

S1(S2(PC1,PC3),S3(PC2,PC4),S4(PC5,PC6))

PC1和PC2,PC3、PC4、PC5,PC6单独。为了阻断不同区域之间的二层通信,划分了3个VLAN,分别为VLAN10、VLAN20、VLAN30。

配置步骤:

在交换机上创建VLAN。

配置交换机上连接PC的端口Access模式,并加入相应的VLAN。

配置交换机之间互联的端口为Trunk模式,并加入VLAN。

VLAN10 具体配置:

要在交换机上配置VLAN,进入系统视图:

配置S2:

sysname-view

[S2]vlan 10

[S2-vlan10]quit

配置S3:

system-view

[S3]vlan 10

[S3-vlan10]quit

t配置S1:

system-view

[S1]vlan 10

[S1-vlan10]quit

配置S2:

[S2]interface gigabitethernet 1/0/1

[S2-Gigabitethernet1/0/1]port link-type access

[S2-Gigabitethernet1/0/1]port default vlan 10

[S2-Gigabitethernet1/0/1]quit

[S2]interface gigabitethernet1/0/2

[S2-Gigabitethernet1/0/2]port link-type trunk

[S2-Gigabitethernet1/0/2]port thrunk allow-pass vlan 10

[S2-Gigabitethernet1/0/2]quit

配置S3

[S3]interface gigabitethernet 1/0/1

[S3-Gigabitethernet1/0/1]port link-type access

[S3-Gigabitethernet1/0/1]port default vlan10

[S3-Gigabitethernet1/0/1]quit

[S3]interface gigabitethernet 1/0/2

[S3-Gigabitethernet1/0/2]port link-type trunk

[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan 10

[S3-Gigabitethernet1/0/2]quit

配置S1:

[S1]interface gigabitethernet 1/0/1

[S1-Gigabitethernet1/0/1]port link-type trunk

[S1-Gigabitethernet1/0/1]port trunk allow-pass vlan 10

[S1-Gigabitethernet1/0/1]quit

[S1]interface gigabitethernet 1/0/2

[S1-Gigabitethernet1/0/2]port link-type trunk

[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan 10

[S1-Gigabitethernet1/0/2]quit

为了对配置好的VLAN进行display port vlan 命令来查看交换机当前各端口的类型及加入的VLAN

GVRP配置示例

1、在每台交换机的全局及端口使能功能

2、配置交换机的二层连通性,即将交换机的某些端口配置Trunk端口并配置允许相应的vlan帧通过。

3、在交换机S1和S4上配置静态vlan1000

配置步骤

在交换机的系统视图下执行命令gvrp来使能GVRP功能。

配置S1,在S1上全局使能GVRP功能。system-view

[Quidway]sysname S1

[S1]gvrp

配置S2,在S2上全局使能GVRP功能system-view

[Quidway]sysname S2

[S2]gvrp

配置S3,在S3上全局使能GVRP功能system-view

[Quidway]sysname S3

[S3]gvrp

配置S4,在S4上全局使能GVRP功能system-view

[Quidway]sysname S4

[S4]gvrp

配置相关的端口为Trunk端口,并允许相应的VLAN通过,GVRP功能只能配置在Trunk类型的端口上

配置S1的端口:

[S1]interface gigabitethernet 1/0/1

[S1-Gigabitethernet1/0/1]port link-type access

[S1-Gigabitethernet1/0/1]port default vlan 1000

[S1-Gigabitethernet1/0/1]quit

[S1]interface gigabitethernet1/0/2

[S1-Gigabitethernet1/0/2]gvrp

[S1-Gigabitethernet1/0/2]port link-type trunk

[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan

[S1-Gigabitethernet1/0/2]quit

配置S2的端口

[S2]interface gigabitethernet 1/0/1

[S2-Gigabitethernet1/0/1]gvrp

[S2-Gigabitethernet1/0/1]port link-type trunk

[S2-Gigabitethernet1/0/1]port trunk allow-pass vlan all

[S2-Gigabitethernet1/0/1]quit

[S2]interface gigabitethernet 1/0/2

[S2-Gigabitethernet1/0/2]gvrp

[S2-Gigabitethernet1/0/2]port link-type trunk

[S2-Gigabitethernet1/0/2]port trunk allow-pass vlan all

[S2-Gigabitethernet1/0/2]quit

配置S3的端口

[S3]interface gigabitethernet 1/0/1

[S3-Gigabitethernet1/0/1]gvrp

[S3-Gigabitethernet1/0/1]port link-type trunk

[S3-Gigabitethernet1/0/1]port trunk allow-pass vlan all

[S3-Gigabitethernet1/0/1]quit

[S3]interface gigabitethernet 1/0/2

[S3-Gigabitethernet1/0/2]port link-type trunk 

[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan all

[S3-Gigabitethernet1/0/2]quit

配置S4的端口

[S4]interface gigabitethernet 1/0/1

[S4-Gigabitethernet1/0/1]gvrp

[S4-Gigabitethernet1/0/1]port link-type trunk

[S4-Gigabitethernet1/0/1]port trunk allow-pass vlan all

[S4-Gigabitethernet1/0/1]quit

[S4]interface gigabitethernet1/0/2

[S4-Gigabitethernet1/0/2]gvrp

[S4-Gigabitethernet1/0/2]port link-type access

[S4-Gigabitethernet1/0/2]port default vlan 1000

[S4-Gigabitethernet1/0/2]quit

路由协议:

默认路由的配置:

R3----->R1(------>S1(PC1,PC2))----->R2---->S2(PC3,PC4))

配置思路:

在路由器R1上配置一条静态路由,目的地掩码为2.0.0.0/8,下一跳地址为R2的GE1/0/1接口的IP地址12.0.0.2

出接口为R1的GE1/0/1接口。另外,在R1上配置一条默认路由,该默认路由的下一跳IP地址为R3的GE2/0/0接口的IP地址

23.0.0.1

在路由器R2上配置一条静态路由,目的掩码为1.0.0.0/8,下一跳IP地址为R1的GE1/0/1接口的IP地址12.0.0.1,出口为R2的GE1/0/1接口。另外,在R2上配置一条默认路由,该默认路由的下一跳IP地址为R1的GE1/0/1接口的IP地址12.0.0.1

出接口为R2的GE1/0/1接口

在R3上配置分配一条去往1.0.0.0/8和2.0.0.0/8的静态路由,下一跳IP地址均为R1的GE2/0/0接口的IP地址23.0.0.2,出街口均为R3的GE2/0/0接口

配置步骤R1system-view

[R1]ip route-static 2.0.0.8 12.0.0.2 gigabitethernet 1/0/1

[R1]ip route-static 0.0.0.0 23.0.0.1 gigabitethernet 2/0/0

配置R2system-view

[R2]ip route-static 1.0.0.0 8 12.0.0.1 gigabitethernet 1/0/1

[R2]ip route-static 0.0.0.0 0 12.0.0.1 gigabitethernet 1/0/1

配置R3system-view

[R3]ip route-static 1.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0

[R3]ip route-static 2.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0

RIP协议(路由信息协议):R2(R1,R3)

路由协议两大类:一类IGP(内部网关协议),一类EGP(外部网关协议)

配置思路

在个路由器上启动RIP进程,在RIP进程中发布网段信息

配置步骤

要在路由器上配置RIP,必须进入系统视图,然后执行命令rip[process-id]

以启动RIP进程,并进入RIP视图。

配置R1:system-view

[R1]rip

[R1-rip-1]

配置R2:system-view

[R2]rip

[R2-rip-1]

配置R3:system-view

[R3]rip

[R3rip-1]

启动RIP进程之后,还需要通过network network-address 命令发布指定的网段,

其中network-address必须是一个自然网段地址

配置R1

[R1-rip-1]network 12.0.0.0

[R1-rip-1]network 172.16.0.0

配置R2:

[R2-rip-1]network 12.0.0.0

[R2-rip-1]network 23.0.0.0

[R2-rip-1]network 2.0.0.0

配置R3:

[R3-rip-1]network 23.0.0.0

[R3-rip-1]network 192.168.0.0

[R3-rip-1]network 192.168.1.0

[R3-rip-1]network 192.168.2.0

[R3-rip-1]network 192.168.3.0

VLANIF 接口配置示例S1(S2(PC1,PC2),S3(PC3,PC4))启用S1的三层交换功能,并通过在三层交换机S1上配置VLANIF接口,实现不同VLAN间用户的三层通信。1、配置思路在交换机上S1创建VLAN(S2和S3无需创建VLAN)。配置交换机S1的端口在交换机S1上创建VLANIF接口并配置IP地址,实现不同VLAN之间的三层互通2、配置步骤s1上创建VLAN10和VLAN20

system-view

[S1]vlan batch 10 20

S1上进行端口配置

[S1]interface gigabitethernet 0/0/1

[S1-Gigabitethernet0/0/1]port link-type access

[S1-Gigabitethernet0/0/1]port default vlan 10

[S1-Gigabitethernet0/0/1]quit

[S1]interface gigabitethernet 0/0/2

[S1-Gigabitethernet0/0/2]port link-type access

[S1-Gigabitethernet0/0/2]port default vlan 20

[S1-Gigabitethernet0/0/2]quit

S1上配置VLANIF接口

[S1]interface vlanif 10

[S1-Vlanif10]ip address 192.168.100.1 24

[S1-Vlanif10]quit

[S1]interface vlanif 20

[S1-Vlanif20]ip address 192.168.200.1 24

[S1-Vlanif20]quit

你可能感兴趣的:(网络从基础开始)