实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)


一、实验拓扑


实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第1张图片


二、实验要求


请完成以下需求:
1、PC1和PC3为实例1走sw1为主路(Master),PC2和PC4为实例2走sw2为备用路(Backup);
2、链路聚合要求:2条活跃,1条备用;
3、AS100做RIP,AS200做OSPF、AS300做静态路由;
4、使用BGP协议,使得主机可以正常和服务器Server通信;
5、Client1 可以通过公网上的R6 g/0/01接口访问Server1的8080接口;
6、R5为DHCP服务器,R6为DHCP中继服务器,通过相关配置使得PC5 和PC6 可以自动获取IP地址;
7、要求R1到R6的数据在R2处选择从R4走,R6到R1的数据在R处选择从R3走。


三、实验配置过程


Ⅰ、第一部分:链路集合、MSTP、VRRP和RIP
SW3:
下列为创建vlan和设置vlan的类型:
sysname SW3

vlan batch 10 20

interface GigabitEthernet0/0/3
port link-type access
port default vlan 10

interface GigabitEthernet0/0/4
port link-type access
port default vlan 20

interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan all

interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan all

SW4:
下列为创建vlan和设置vlan的类型:
sysname SW4

vlan batch 10 20

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan all

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan all

interface GigabitEthernet0/0/3
port link-type access
port default vlan 30

interface GigabitEthernet0/0/4
port link-type access
port default vlan 40

SW1:
下列为创建vlan和设置vlan的类型:
sysname SW1

vlan batch 10 20 30 40 99

interface GigabitEthernet0/0/1
port link-type access
port default vlan 99

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan all

interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan all

下列为配置三层交换机vlan对应的ip地址:
interface Vlanif10
ip address 192.168.110.10 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.110.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 6
vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 30

interface Vlanif20
ip address 192.168.120.10 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.120.254
vrrp vrid 2 priority 115

interface Vlanif30
ip address 192.168.130.10 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.130.254
vrrp vrid 3 priority 120
vrrp vrid 3 preempt-mode timer delay 6
vrrp vrid 3 track interface GigabitEthernet0/0/1

interface Vlanif40
ip address 192.168.140.10 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.140.254
vrrp vrid 4 priority 115

interface Vlanif99
ip address 10.0.0.10 255.255.255.0

interface LoopBack0
ip address 11.11.11.11 255.255.255.255

下列为创建链路聚合及设置活跃数:
lacp priority 1000
#interface Eth-Trunk1
bpdu enable
mode lacp-static
max active-linknumber 2
trunkport GigabitEthernet 0/0/3
trunkport GigabitEthernet 0/0/4
trunkport GigabitEthernet 0/0/7
port link-type trunk
port trunk allow-pass vlan all

下列为创建MSTP设置实例优先级:
Stp mode mstp

stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 10 30
instance 2 vlan 20 40
active region-configuration

stp instance 1 root primary
stp instance 2 root secondary

下列为创建VRRP设置master和backup:
interface Vlanif10
vrrp vrid 1 virtual-ip 192.168.110.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 6
vrrp vrid 1 track interface GigabitEthernet0/0/1 reduced 30

interface Vlanif20
vrrp vrid 2 virtual-ip 192.168.120.254
vrrp vrid 2 priority 115

interface Vlanif30
vrrp vrid 3 virtual-ip 192.168.130.254
vrrp vrid 3 priority 120
vrrp vrid 3 preempt-mode timer delay 6
vrrp vrid 3 track interface GigabitEthernet0/0/1

interface Vlanif40
vrrp vrid 4 virtual-ip 192.168.140.254
vrrp vrid 4 priority 115

下列为创建动态路由RIP和宣告:
interface LoopBack0
ip address 11.11.11.11 255.255.255.255

rip 1
undo summary
version 2
network 192.168.110.0
network 192.168.120.0
network 192.168.130.0
network 192.168.140.0
network 10.0.0.0
network 11.0.0.0

SW2:
创建和设置vlan、配置vlan对应的相应ip两部分省略,请参考SW1。

下列为创建链路聚合及设置活跃数:
lacp priority 1000
#interface Eth-Trunk1
bpdu enable
mode lacp-static
max active-linknumber 2
trunkport GigabitEthernet 0/0/3
trunkport GigabitEthernet 0/0/4
trunkport GigabitEthernet 0/0/7
port link-type trunk
port trunk allow-pass vlan all

下列为创建MSTP设置实例优先级:
Stp mode mstp

stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 10 30
instance 2 vlan 20 40
active region-configuration

stp instance 1 root secondary
stp instance 2 root primary

下列为创建VRRP设置master和backup:
interface Vlanif10
ip address 192.168.110.20 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.110.254
vrrp vrid 1 priority 115

interface Vlanif20
ip address 192.168.120.20 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.120.254
vrrp vrid 2 priority 120
vrrp vrid 4 preempt-mode timer delay 6
vrrp vrid 4 track interface GigabitEthernet0/0/1 reduced 30

interface Vlanif30
ip address 192.168.130.20 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.130.254
vrrp vrid 3 priority 115

interface Vlanif40
ip address 192.168.140.20 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.140.254
vrrp vrid 4 priority 120
vrrp vrid 4 preempt-mode timer delay 6
vrrp vrid 4 track interface GigabitEthernet0/0/1 reduced 30

下列为创建动态路由RIP和宣告:
interface LoopBack0
ip address 22.22.22.22 255.255.255.255

rip 1
undo summary
version 2
network 192.168.110.0
network 192.168.120.0
network 192.168.130.0
network 192.168.140.0
network 15.0.0.0
network 22.0.0.0

第一部分测试结果:
1.链路聚合活跃为2,备用为1。
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第2张图片

2、sw1上pc1和pc3为master,sw2上pc2和pc4为master。
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第3张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第4张图片

Ⅱ、第二部分:RIP、OSPF和BGP
SW1:
为指定对等体的环回口IP地址及其所属的AS编号:
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 22.22.22.22 as-number 100
peer 22.22.22.22 connect-interface LoopBack0

下列为宣告bgp上所有网段:
bgp 100
network 10.0.0.0 255.255.255.0
network 192.168.110.0
network 192.168.120.0
network 192.168.130.0
network 192.168.140.0

SW2配置请参考SW1。

R1:
为创建接口IP和环回地址部分省略。

下列为创建动态路由RIP:
interface LoopBack0
ip address 1.1.1.1 255.255.255.255

rip 1
undo summary
version 2
network 20.0.0.0
network 15.0.0.0
network 10.0.0.0
network 1.0.0.0

下列为指定对等体的环回口IP地址及其所属的AS编号:
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 11.11.11.11 as-number 100
peer 11.11.11.11 connect-interface LoopBack0
peer 22.22.22.22 as-number 100
peer 22.22.22.22 connect-interface LoopBack0

R2:
为创建接口IP和环回地址部分省略。
下列为创建动态路由RIP:

interface LoopBack0
ip address 2.2.2.2 255.255.255.255

rip 1
undo summary
version 2
network 20.0.0.0
network 30.0.0.0
network 40.0.0.0
network 2.0.0.0

下列为指定对等体的环回口IP地址及其所属的AS编号:
bgp 100
peer 11.11.11.11 as-number 100
peer 11.11.11.11 connect-interface LoopBack 0
peer 22.22.22.22 as-number 100
peer 22.22.22.22 connect-interface LoopBack 0
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack 0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack 0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack 0
peer 11.11.11.11 next-hop-local
peer 22.22.22.22 next-hop-local
peer 1.1.1.1 next-hop-local
peer 3.3.3.3 ebgp-max-hop 2
peer 4.4.4.4 ebgp-max-hop 2

下列为不同AS之间配置静态路由:
ip route-static 3.3.3.3 255.255.255.255 30.0.0.2
ip route-static 4.4.4.4 255.255.255.255 40.0.0.2

下列为宣告bgp所有路由器环回地址和直连网段(在EBGP上宣告):
bgp 100
network 1.1.1.1 32
network 11.11.11.11 32
network 22.22.22.22 32
network 20.0.0.0 24
network 30.0.0.0 24
network 40.0.0.0 24

R3:
为创建接口IP和环回地址部分省略。

下列为创建动态路由OSPF:
interface LoopBack0
ip address 3.3.3.3 255.255.255.255

ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 30.0.0.0 0.0.0.255
network 70.0.0.0 0.0.0.255

下列为指定对等体的环回口IP地址及其所属的AS编号:
bgp 200
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack 0
peer 5.5.5.5 as-number 200
peer 5.5.5.5 connect-interface LoopBack 0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack 0
peer 2.2.2.2 ebgp-max-hop 2
peer 5.5.5.5 next-hop-local

下列为不同AS之间配置静态路由:
ip route-static 2.2.2.2 255.255.255.255 30.0.0.1

下列为宣告bgp所有路由器环回地址和直连网段(在EBGP上宣告):
bgp 200
network 2.2.2.2 32
network 5.5.5.5 32
network 4.4.4.4 32
network 3.3.3.3 32
network 30.0.0.0 24
network 70.0.0.0 24

R4、R5、R6配置此处省略,参考R1、R2、R3。

第二部分测试结果:
1、各主机都可以正常和服务器Server1通信。
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第5张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第6张图片

Ⅲ、第三部分:DHCP、NATServer和AS-PATH
R6:
下列为将服务器IP映射到公网接口上:
interface GigabitEthernet0/0/0
nat server protocol tcp global current-interface 8080 inside 192.168.160.2 80

R5:
下列为DHCP配置:
dhcp enable
interface GigabitEthernet0/0/2
dhcp select global

ip pool 1
gateway-list 192.168.6.6
network 192.168.6.0 mask 255.255.255.0
lease day 3 hour 0 minute 0
dns-list 8.8.8.8

R6:
下列为DHCP中继配置:
dhcp enable

interface GigabitEthernet0/0/2
dhcp select relay
dhcp relay server-ip 80.0.0.1

R3:
下列为AS-PATH配置:
route-policy as permit node 10
apply as-path 123 123 123 additive
q
bgp 200
peer 2.2.2.2 route-policy as export
q
q
refresh bgp all export

第三部分测试结果:
1、如下图所示,服务器上开启80端口后,Client可以通过访问服务器映射在公网的IP地址正常访问服务器,达到隐藏服务器的真实IP效果。
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第7张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第8张图片

2、如下图所示:PC5和PC6可以通过DHCP服务器自动获取IP地址,由于华为系统默认排序从大到小,所以PC5和PC6的IP地址分别为:192.168.6.253和192.168.6.254
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第9张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第10张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第11张图片

3、在未配置AS-PATH之前,R1到R6数据来回都是选择从R3传递,配置完AS-PATH后R1到R6的数据在R2处选择从R4走了,R6到R1的数据在R5处选择从R3走了。
实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第12张图片

实验:mstp、vrrp、bgp、dhcp综合实验(华为模拟器)_第13张图片

你可能感兴趣的:(网络交换与路由,华为,网络,bgp,smtp)