将172.16.0.0/16进行划分,实验两个三层交换机各需要一个网段,VLAN1和2也需要两个网段,所以此实验共需要两个网段。。
左边骨干:172.16.0.0/30
右边骨干:172.16.0.4/30
VLAN1:172.16.1.0/24
VLAN2:172.16.2.0/24
交换部分——在三层交换机上配置Eth-Trunk
[LSW1]interface Eth-Trunk 1
[LSW1-Eth-Trunk1]int g 0/0/4
[LSW1-GigabitEthernet0/0/4]eth-trunk 1
[LSW1-GigabitEthernet0/0/4]inter g 0/0/3
[LSW1-GigabitEthernet0/0/3]eth-trunk 1
1.在每台LSW上面创建VLAN2,因为默认有VLAN1
[LSW1]vlan 2
[LSW1-vlan2]
2.每台LSW与LSW之间创建trunk允许所有VLAN通过,以及连接PC接口配置为access模式
[LSW1]interface GigabitEthernet 0/0/2
[LSW1-GigabitEthernet0/0/2]port link-type trunk
[LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[LSW1-GigabitEthernet0/0/2]q
[LSW1]interface GigabitEthernet 0/0/5
[LSW1-GigabitEthernet0/0/5]port link-type trunk
[LSW1-GigabitEthernet0/0/5]port trunk allow-pass vlan all
LSW3和LSW4连接两个PC
[LSW3]interface Eth0/0/1
[LSW3-Ethernet0/0/1]port link-type access
[LSW3-Ethernet0/0/1]port default vlan 1
[LSW3-Ethernet0/0/1]q
[LSW3]interface Eth0/0/2
[LSW3-Ethernet0/0/2]port link-type access
[LSW3-Ethernet0/0/2]port default vlan 2
3.选用mstp生成树
[LSW1]stp enable
[LSW1]stp mode mstp
[LSW1]stp region-configuration
[LSW1-mst-region]region-name lyh
[LSW1-mst-region]instance 1 vlan 1
[LSW1-mst-region]instance 2 vlan 2
[LSW1-mst-region]active region-configuration
配置完成后 查看stp关系
发现LSW1上有存在根接口,说明LSW1不是根网桥,此时可以修改优先级来将LSW1选为根网桥。
LSW1上:
[LSW1]interface vlan 1
[LSW1-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.100
[LSW1-Vlanif1]vrrp vrid 1 priority 101
[LSW1-Vlanif1]vrrp vrid 1 track interface GigabitEthernet 0/0/1 reduced 10
[LSW1-Vlanif1]q
[LSW1]interface vlan 2
[LSW1-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.100
LSW2上:
[LSW2]interface vlan 2
[LSW2-Vlanif2]vrrp vrid 1 virtual-ip 172.16.2.100
[LSW2-Vlanif2]vrrp vrid 1 priority 101
[LSW2-Vlanif2]vrrp vrid 1 track interface GigabitEthernet 0/0/1
[LSW2-Vlanif2]q
[LSW2]interface vlan 1
[LSW2-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.100
创建dhcp池塘给pc下放IP地址
[LSW1]dhcp enable
[LSW1]ip pool vlan1
[LSW1-ip-pool-vlan1]network 172.16.1.0 mask 24
[LSW1-ip-pool-vlan1]gateway-list 172.16.1.100
[LSW1-ip-pool-vlan1]dns-list 114.114.114.114 8.8.8.8
[LSW1]ip pool vlan2
[LSW1-ip-pool-vlan2]network 172.16.2.0 mask 24
[LSW1-ip-pool-vlan2]dns-list 8.8.8.8
[LSW1-ip-pool-vlan2]gateway-list 172.16.2.100
[LSW1]interface vlan2
[LSW1-Vlanif2]dhcp select global
[LSW1-Vlanif2]q
[LSW1]interface vlan 1
[LSW1-Vlanif1]dhcp select global
[LSW2]dhcp enable
[LSW2]ip pool vlan1
[LSW2-ip-pool-vlan1]network 172.16.1.0 mask 24
[LSW2-ip-pool-vlan1]gateway-list 172.16.1.100
[LSW2-ip-pool-vlan1]dns-list 114.114.114.114 8.8.8.8
[LSW2-ip-pool-vlan1]q
[LSW2]ip pool vlan2
[LSW2-ip-pool-vlan2]network 172.16.2.0 mask 24
[LSW2-ip-pool-vlan2]dns-list 8.8.8.8
[LSW2-ip-pool-vlan2]gateway-list 172.16.2.100
[LSW2-ip-pool-vlan2]q
[LSW2]interface vlan1
[LSW2-Vlanif1]dhcp select global
[LSW2-Vlanif1]q
[LSW2]interface vlan 2
[LSW2-Vlanif2]dhcp select global
在pc上打开dhcp服务,所有PC都正常获取到ip地址
交换部分进行优化
[LSW3]interface Eth0/0/1
[LSW3-Ethernet0/0/1]stp edged-port enable
[LSW3-Ethernet0/0/1]interface Eth0/0/2
[LSW3-Ethernet0/0/2]stp edged-port enable
[LSW4]interface Eth0/0/1
[LSW4-Ethernet0/0/1]stp edged-port enable
[LSW4-Ethernet0/0/2]stp edged-port enable
配置路由地址
[LSW1]vlan 3
[LSW1]interface vlan 3
[LSW1-Vlanif3]ip address 172.16.0.1 30
[LSW1-Vlanif3]interface g0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type access
[LSW1-GigabitEthernet0/0/1]port default vlan 3
[LSW2]vlan 4
[LSW2]interface vlan 4
[LSW2-Vlanif4]ip address 172.16.0.5 30
[LSW2-Vlanif4]q
[LSW2]interface GigabitEthernet 0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type access
[LSW2-GigabitEthernet0/0/1]port default vlan 4
R1:
[R1]interface GigabitEthernet 2/0/0
[R1-GigabitEthernet2/0/0]ip address 172.16.0.6 30
[R1-GigabitEthernet0/0/0]ip address 172.16.0.2 30
动态路由协议
[R1]ospf 10 router-id 1.1.1.1
[R1-ospf-10]area 0
[R1-ospf-10-area-0.0.0.0]network 172.16.0.0 0.0.255.255
runk上面也多了一个邻居,另外LSW1和LSW的下行链路有发给接入层设备的hello包
[LSW1]ospf 10
[LSW1-ospf-10]silent-interface GigabitEthernet 0/0/5
[LSW1-ospf-10]silent-interface GigabitEthernet 0/0/2
[LSW2]ospf 10
[LSW2-ospf-10]silent-interface GigabitEthernet 0/0/5
[LSW2-ospf-10]silent-interface GigabitEthernet 0/0/2
公网部分路由
[R1]ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet 0/0/1 12.1.1.2
[R1]ospf 10
[R1-ospf-10]default-route-advertise always
使用acl抓取数据,使用nat进行地址转换
[R1]acl 2000
[R1-acl-basic-2000]rule 0 permit source 172.16.0.0 0.0.255.255
[R1-acl-basic-2000]q
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]nat outbound 2000
断开左边LSW1,在3秒内 LSW2备份成功