ensp三层架构实验

ensp三层架构实验

需求:

ensp三层架构实验_第1张图片

拓扑图:

ensp三层架构实验_第2张图片
思路:
IP规划
172.16.2.0/24 vlan1
172.16.3.0/24 vlan2
172.16.0.0/24 骨干链路

(1)首先配置Eth-Trunk

SW1和SW2配置相同

#
interface Eth-Trunk1
#
interface GigabitEthernet0/0/4
 eth-trunk 1
#
interface GigabitEthernet0/0/5
 eth-trunk 1

(2)划分vlan,配置trunk

SW1,2,3,4上需要Trunk的地方都需要设置trunk或者hybrid

vlan batch 2
#
interface Eth-Trunk1
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface GigabitEthernet0/0/2
 port hybrid tagged vlan 2
#
interface GigabitEthernet0/0/3
 port hybrid tagged vlan 2
#

(3)起mstp协议

#
stp region-configuration
 region-name a
 instance 1 vlan 1
 instance 2 vlan 2
 active region-configuration
#


将连接PC的接口设置为边缘接口,并且将接口划入对应VLAN
#
interface GigabitEthernet0/0/3
 port link-type access
 stp edged-port enable
#
interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 2
 stp edged-port enable
#

(4)SVI

#
interface Vlanif1
 ip address 172.16.2.253 255.255.255.0
#
interface Vlanif2
 ip address 172.16.3.253 255.255.255.0

(5)VRRP

#
interface Vlanif1
 ip address 172.16.2.253 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.2.250
 vrrp vrid 1 priority 120
 vrrp vrid 1 timer advertise 30
 vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 30
#
interface Vlanif2
 ip address 172.16.3.253 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.3.250



#
interface Vlanif1
 ip address 172.16.2.254 255.255.255.0
 vrrp vrid 1 virtual-ip 172.16.2.250

#
interface Vlanif2
 ip address 172.16.3.254 255.255.255.0
 vrrp vrid 2 virtual-ip 172.16.3.250
 vrrp vrid 2 priority 120
 vrrp vrid 2 timer advertise 30
 vrrp vrid 2 track interface GigabitEthernet0/0/1 reduced 30

(6)DHCP

全局开启DHCP
DHCP enable

设置DHCP池塘
#
ip pool v1
 gateway-list 172.16.2.250
 network 172.16.2.0 mask 255.255.255.0
 dns-list 8.8.8.8 114.114.114.114
#
ip pool v2
 gateway-list 172.16.3.250
 network 172.16.3.0 mask 255.255.255.0
 dns-list 8.8.8.8 114.114.114.114
#

在接口开启DHCP全局模式
#
interface Vlanif1
 dhcp select global
#
interface Vlanif2
 dhcp select global

(7)配置骨干链路

ensp三层架构实验_第3张图片

(8)建立ospf邻居

SW1

#
ospf 1 router-id 1.1.1.1
 silent-interface GigabitEthernet0/0/3
 silent-interface GigabitEthernet0/0/2
 area 0.0.0.0
  network 172.16.0.2 0.0.0.0
 area 0.0.0.1
  abr-summary 172.16.2.0 255.255.254.0
  network 172.16.2.0 0.0.0.255
  network 172.16.3.0 0.0.0.255
#

SW2

#
ospf 1
 silent-interface GigabitEthernet0/0/3
 silent-interface GigabitEthernet0/0/2
 area 0.0.0.0
  network 172.16.0.6 0.0.0.0
 area 0.0.0.1
  abr-summary 172.16.2.0 255.255.254.0
  network 172.16.2.0 0.0.0.255
  network 172.16.3.0 0.0.0.255
#

R1

要与外界接通内部需要缺省,所以由R1下放一条五类缺省
#
ospf 1 router-id 11.11.11.11 
 default-route-advertise
 area 0.0.0.0 
  network 172.16.0.0 0.0.255.255 
#

(9)NAT

边界路由器设置缺省指向运营商

#
acl number 2000  
 rule 5 permit source 172.16.0.0 0.0.255.255 
#
interface GigabitEthernet0/0/2
 ip address 12.1.1.2 255.255.255.0 
 nat outbound 2000

(10)测试

ensp三层架构实验_第4张图片
ensp三层架构实验_第5张图片

你可能感兴趣的:(网络)