【HCIP第一次实验-静态综合实验】

1 R6为isp,接口ip地址均为公有地址﹔该设备只能配置ip地址，之后不能再对其进行其他任何配置﹔
2 R1-R5为局域网，私有Ip地址192.168.1.0/24，请合理分配;
3 R1，R2，R4，各有两个环回地址;R5，R6各有一个环回地址﹔所有路由器上环回均代表连接用户的接口;
4 R3下的两台Pc通过DHCP自动获取iP地址;
5 选路最佳，路由表尽量小，避免环路;
6 R1-R5均可以访问R6的环回;
7 R6telnetR5的公有IP地址时，实际登陆到R1上;
8 R4与R5正常通过1000M链路，故障时通过100M链路;

IP划分

将192.168.1.0/24划分为：
192.168.1.0/27 用于骨干，划分为：
  192.168.1.0/30
  192.168.1.4/30
  192.168.1.8/30
  192.168.1.12/30
  192.168.1.16/30
  192.168.1.20/30
  192.168.1.24/30（多余不用）
  192.168.1.28/30（多余不用）
192.168.1.32/27 用于R1的环回，继续划分为192.168.1.32/28和192.168.1.48/28
192.168.1.64/27 用于R2的环回，继续划分为192.168.1.64/28和192.168.1.80/28
192.168.1.96/27 用于R3
192.168.1.128/27 用于R4的环回，继续划分为192.168.1.128/28和192.168.1.144/28
192.168.1.160/27 用于R5的环回
192.168.1.192/27 （多余不用）
192.168.1.224/27 （多余不用）

最优路径

R1到R2的环回和192.168.1.8/30这个网段需要走上面
R1到R3及其底下的PC和192.168.1.12/30这个网段需要走下面
R2到R1的环回和192.168.1.4/30这个网段走左边，到192.168.1.96/27均可
R3同理

代码

配置IP

[r1]int lo0
[r1-LoopBack0]ip ad 192.168.1.33 28
[r1-LoopBack0]int lo1
[r1-LoopBack1]ip ad 192.168.1.49 28
[r2]int lo0
[r2-LoopBack0]ip ad 192.168.1.65 28
[r2-LoopBack0]int lo1
[r2-LoopBack1]ip ad 192.168.1.81 28
[r3]int g0/0/2
[r3-GigabitEthernet0/0/2]ip ad 192.168.1.97 27
[r3]dhcp enable
[r3]ip pool qq
[r3-ip-pool-qq]network 192.168.1.96 mask 27
[r3-ip-pool-qq]gateway-list 192.168.1.97
[r3-ip-pool-qq]dns-list 114.114.114.114 8.8.8.8
[r3-ip-pool-qq]q
[r3]int g0/0/2
[r3-GigabitEthernet0/0/2]dhcp select global
[r4]int lo0
[r4-LoopBack0]ip ad 192.168.1.129 28
[r4-LoopBack0]int lo1
[r4-LoopBack1]ip ad 192.168.1.145 28
[r5]int lo0
[r5-LoopBack0]ip ad 192.168.1.161 27
[r6]int lo0
[r6-LoopBack0]ip ad 6.6.6.6 24
[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]ip ad 192.168.1.1 30
[r1-GigabitEthernet0/0/1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip ad 192.168.1.5 30
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip ad 192.168.1.2 30
[r2-GigabitEthernet0/0/0]int g0/0/1
[r2-GigabitEthernet0/0/1]ip ad 192.168.1.9 30
[r3]int g0/0/1
[r3-GigabitEthernet0/0/1]ip ad 192.168.1.6 30
[r3-GigabitEthernet0/0/1]int g0/0/0
[r3-GigabitEthernet0/0/0]ip ad 192.168.1.13 30
[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip ad 192.168.1.10 30
[r4-GigabitEthernet0/0/0]int g0/0/1
[r4-GigabitEthernet0/0/1]ip ad 192.168.1.14 30
[r4-GigabitEthernet0/0/1]int g0/0/2
[r4-GigabitEthernet0/0/2]ip ad 192.168.1.17 30
[r4-GigabitEthernet0/0/2]int g4/0/0
[r4-GigabitEthernet4/0/0]ip ad 192.168.1.21 30
[r5]int g0/0/2
[r5-GigabitEthernet0/0/2]ip ad 192.168.1.18 30
[r5-GigabitEthernet0/0/2]int g0/0/0
[r5-GigabitEthernet0/0/0]ip ad 192.168.1.22 30
[r5-GigabitEthernet0/0/0]int g0/0/1
[r5-GigabitEthernet0/0/1]ip ad 56.1.1.1 24
[r6]int g0/0/0
[r6-GigabitEthernet0/0/0]ip ad 56.1.1.2 24

到R6的缺省

[r5]ip route-static 0.0.0.0 0 56.1.1.2
[r4]ip route-static 0.0.0.0 0 192.168.1.18
[r2]ip route-static 0.0.0.0 0 192.168.1.10
[r3]ip route-static 0.0.0.0 0 192.168.1.14
[r1]ip route-static 0.0.0.0 0 192.168.1.2
[r1]ip route-static 0.0.0.0 0 192.168.1.6

最优路径

R1

[r1]ip route-static 192.168.1.64 27 192.168.1.2
[r1]ip route-static 192.168.1.8 30 192.168.1.2
[r1]ip route-static 192.168.1.96 27 192.168.1.6
[r1]ip route-static 192.168.1.12 30 192.168.1.6

R2

[r2]ip route-static 192.168.1.32 27 192.168.1.1
[r2]ip route-static 192.168.1.4 30 192.168.1.1
[r2]ip route-static 192.168.1.96 27 192.168.1.1
[r2]ip route-static 192.168.1.96 27 192.168.1.10

R3

[r3]ip route-static 192.168.1.32 27 192.168.1.5
[r3]ip route-static 192.168.1.0 30 192.168.1.5
[r3]ip route-static 192.168.1.64 27 192.168.1.5
[r3]ip route-static 192.168.1.64 27 192.168.1.14

R4

[r4]ip route-static 192.168.1.0 30 192.168.1.9
[r4]ip route-static 192.168.1.64 27 192.168.1.9
[r4]ip route-static 192.168.1.4 30 192.168.1.13
[r4]ip route-static 192.168.1.96 27 192.168.1.13
[r4]ip route-static 192.168.1.32 27 192.168.1.13
[r4]ip route-static 192.168.1.32 27 192.168.1.9

R5

[r5]ip route-static 192.168.1.128 27 192.168.1.17
[r5]ip route-static 192.168.1.64 27 192.168.1.17
[r5]ip route-static 192.168.1.96 27 192.168.1.17
[r5]ip route-static 192.168.1.32 27 192.168.1.17
[r5]ip route-static 192.168.1.0 30 192.168.1.17
[r5]ip route-static 192.168.1.4 30 192.168.1.17
[r5]ip route-static 192.168.1.8 30 192.168.1.17
[r5]ip route-static 192.168.1.12 30 192.168.1.17

NAT

（有出去的路由，没回来的路由，做个nat，网络地址转换，将内部所有IP（用192.168.1.0拆分的）从R5的g0/0/1出去的时候变成56.1.1.1----一对多）
[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r5-acl-basic-2000]int g0/0/1
[r5-GigabitEthernet0/0/1]nat outbound 2000

避免环路

（当r1上环回关闭，r2不知道，甩向r1，r1没有这个环回便通过缺省甩回r2，形成环路，所以做过汇总的要避免环路）
[r1]ip route-static 192.168.1.32 27 NULL 0
[r2]ip route-static 192.168.1.64 27 NULL 0
[r4]ip route-static 192.168.1.128 27 NULL 0

正常通过1000M，故障通过100M

（正常通过1000M，故障通过100M，所以将100M的优先级改为61。将r4上以r5上的g0/0/2为下一跳的路由再以r5上的g0/0/0为下一跳，注意考虑回来，回来的时候将r5上以r4的g0/0/2为下一跳的路由再以r4上的g4/0/0为下一跳）

[r4]ip route-static 0.0.0.0 0 192.168.1.22 preference 61
[r5]ip route-static 192.168.1.0 255.255.255.252 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.4 255.255.255.252 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.8 255.255.255.252 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.12 255.255.255.252 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.32 255.255.255.224 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.64 255.255.255.224 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.96 255.255.255.224 192.168.1.21 pr 61
[r5]ip route-static 192.168.1.128 255.255.255.224 192.168.1.21 pr 61

R6telnetR5登陆到R1

[r1]aaa
[r1-aaa]local-user xixi password cipher 123456
[r1-aaa]local-user xixi service-type telnet
[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r5]int g0/0/1
[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.1 23
Warning:The port 23 is well-known port. If you continue it may cause function failure.
Are you sure to continue?[Y/N]:y

运行截图

PC1pingR6的环回

R1pingR6的环回

R6telnetR5登陆到R1