三层架构实验

实验内容
三层架构实验_第1张图片
实验拓扑图
三层架构实验_第2张图片
划分ip地址

将172.16.0.0/16进行划分,实验两个三层交换机各需要一个网段,VLAN1和2也需要两个网段,所以此实验共需要两个网段。。
左边骨干:172.16.0.0/30
右边骨干:172.16.0.4/30
VLAN1:172.16.1.0/24
VLAN2:172.16.2.0/24

交换部分——在三层交换机上配置Eth-Trunk

[LSW1]interface Eth-Trunk 1
[LSW1-Eth-Trunk1]int g 0/0/4
[LSW1-GigabitEthernet0/0/4]eth-trunk 1
[LSW1-GigabitEthernet0/0/4]inter g 0/0/3
[LSW1-GigabitEthernet0/0/3]eth-trunk 1

1.在每台LSW上面创建VLAN2,因为默认有VLAN1
[LSW1]vlan 2
[LSW1-vlan2]

2.每台LSW与LSW之间创建trunk允许所有VLAN通过,以及连接PC接口配置为access模式

[LSW1]interface GigabitEthernet 0/0/2
[LSW1-GigabitEthernet0/0/2]port link-type trunk
[LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[LSW1-GigabitEthernet0/0/2]q
[LSW1]interface GigabitEthernet 0/0/5
[LSW1-GigabitEthernet0/0/5]port link-type trunk
[LSW1-GigabitEthernet0/0/5]port trunk allow-pass vlan all

LSW3和LSW4连接两个PC
[LSW3]interface Eth0/0/1
[LSW3-Ethernet0/0/1]port link-type access
[LSW3-Ethernet0/0/1]port default vlan 1
[LSW3-Ethernet0/0/1]q
[LSW3]interface Eth0/0/2
[LSW3-Ethernet0/0/2]port link-type access
[LSW3-Ethernet0/0/2]port default vlan 2

3.选用mstp生成树

[LSW1]stp enable
[LSW1]stp mode mstp
[LSW1]stp region-configuration
[LSW1-mst-region]region-name lyh
[LSW1-mst-region]instance 1 vlan 1
[LSW1-mst-region]instance 2 vlan 2
[LSW1-mst-region]active region-configuration

配置完成后 查看stp关系
三层架构实验_第3张图片
发现LSW1上有存在根接口,说明LSW1不是根网桥,此时可以修改优先级来将LSW1选为根网桥。
LSW1上:
[LSW1]interface vlan 1
[LSW1-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.100
[LSW1-Vlanif1]vrrp vrid 1 priority 101
[LSW1-Vlanif1]vrrp vrid 1 track interface GigabitEthernet 0/0/1 reduced 10
[LSW1-Vlanif1]q
[LSW1]interface vlan 2
[LSW1-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.100

LSW2上:
[LSW2]interface vlan 2
[LSW2-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.100
[LSW2-Vlanif2]vrrp vrid 1 priority 101
[LSW2-Vlanif2]vrrp vrid 1 track interface GigabitEthernet 0/0/1
[LSW2-Vlanif2]q
[LSW2]interface vlan 1
[LSW2-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.100

创建dhcp池塘给pc下放IP地址

[LSW1]dhcp enable
[LSW1]ip pool vlan1
[LSW1-ip-pool-vlan1]network 172.16.1.0 mask 24
[LSW1-ip-pool-vlan1]gateway-list 172.16.1.100
[LSW1-ip-pool-vlan1]dns-list 114.114.114.114 8.8.8.8
[LSW1]ip pool vlan2
[LSW1-ip-pool-vlan2]network 172.16.2.0 mask 24
[LSW1-ip-pool-vlan2]dns-list 8.8.8.8
[LSW1-ip-pool-vlan2]gateway-list 172.16.2.100
[LSW1]interface vlan2
[LSW1-Vlanif2]dhcp select global
[LSW1-Vlanif2]q
[LSW1]interface vlan 1
[LSW1-Vlanif1]dhcp select global

[LSW2]dhcp enable
[LSW2]ip pool vlan1
[LSW2-ip-pool-vlan1]network 172.16.1.0 mask 24
[LSW2-ip-pool-vlan1]gateway-list 172.16.1.100
[LSW2-ip-pool-vlan1]dns-list 114.114.114.114 8.8.8.8
[LSW2-ip-pool-vlan1]q
[LSW2]ip pool vlan2
[LSW2-ip-pool-vlan2]network 172.16.2.0 mask 24
[LSW2-ip-pool-vlan2]dns-list 8.8.8.8
[LSW2-ip-pool-vlan2]gateway-list 172.16.2.100
[LSW2-ip-pool-vlan2]q
[LSW2]interface vlan1
[LSW2-Vlanif1]dhcp select global
[LSW2-Vlanif1]q
[LSW2]interface vlan 2
[LSW2-Vlanif2]dhcp select global

在pc上打开dhcp服务,所有PC都正常获取到ip地址

三层架构实验_第4张图片

三层架构实验_第5张图片

三层架构实验_第6张图片
三层架构实验_第7张图片

交换部分进行优化

[LSW3]interface Eth0/0/1
[LSW3-Ethernet0/0/1]stp edged-port enable
[LSW3-Ethernet0/0/1]interface Eth0/0/2
[LSW3-Ethernet0/0/2]stp edged-port enable

[LSW4]interface Eth0/0/1
[LSW4-Ethernet0/0/1]stp edged-port enable
[LSW4-Ethernet0/0/2]stp edged-port enable

配置路由地址

[LSW1]vlan 3
[LSW1]interface vlan 3
[LSW1-Vlanif3]ip address 172.16.0.1 30
[LSW1-Vlanif3]interface g0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type access
[LSW1-GigabitEthernet0/0/1]port default vlan 3

[LSW2]vlan 4
[LSW2]interface vlan 4
[LSW2-Vlanif4]ip address 172.16.0.5 30
[LSW2-Vlanif4]q
[LSW2]interface GigabitEthernet 0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type access
[LSW2-GigabitEthernet0/0/1]port default vlan 4

R1:
[R1]interface GigabitEthernet 2/0/0
[R1-GigabitEthernet2/0/0]ip address 172.16.0.6 30
[R1-GigabitEthernet0/0/0]ip address 172.16.0.2 30

动态路由协议
[R1]ospf 10 router-id 1.1.1.1
[R1-ospf-10]area 0
[R1-ospf-10-area-0.0.0.0]network 172.16.0.0 0.0.255.255

runk上面也多了一个邻居,另外LSW1和LSW的下行链路有发给接入层设备的hello包
[LSW1]ospf 10
[LSW1-ospf-10]silent-interface GigabitEthernet 0/0/5
[LSW1-ospf-10]silent-interface GigabitEthernet 0/0/2

[LSW2]ospf 10
[LSW2-ospf-10]silent-interface GigabitEthernet 0/0/5
[LSW2-ospf-10]silent-interface GigabitEthernet 0/0/2

公网部分路由

[R1]ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet 0/0/1 12.1.1.2

[R1]ospf 10
[R1-ospf-10]default-route-advertise always

使用acl抓取数据,使用nat进行地址转换
[R1]acl 2000
[R1-acl-basic-2000]rule 0 permit source 172.16.0.0 0.0.255.255
[R1-acl-basic-2000]q

[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]nat outbound 2000

测试
三层架构实验_第8张图片
PC1成功ping通ISP的环回,上网成功

断开左边LSW1,在3秒内 LSW2备份成功

你可能感兴趣的:(架构,网络)