7.综合实验

综合项目实战

网络拓扑

7.综合实验-tuopu

项目需求

1.按照图示配置ip地址,R1,R2,SW1创建Loopback0口用于OSPF的Router-id,INTERNET创建Loopback0口用于模拟互联网
2.SW2和SW3作为接入交换机,分别把PC1接入到Vlan10,把PC2接入到Vlan20
3.SW1和SW2/SW3分别连接两条线缆配置链路聚合
4.交换机之间相连的链路配置为Trunk,并放行相关Vlan
5.SW1作为汇聚交换机,创建Vlan三层接口,作为Vlan10和Vlan20的网关
6.SW1与R1,R2配置单区域OSPF协议,使内网IP互通,使用Loopback0口地址作为Router-id
7.R1和R2上分别配置EASY IP,使Vlan10和Vlan20的PC可以访问互联网(PC1和PC2可以ping通INTERNET的Loopback0口)

项目解法

1.在SW1,SW2,SW3上配置VLAN和链路聚合

步骤1:在SW2上配置VLAN 10,以及链路聚合

1
2
[SW2]vlan 10
[SW2-vlan20]port g1/0/3
1
2
3
4
5
6
7
8
[SW2]interface Bridge-Aggregation 1
[SW2-Bridge-Aggregation1]interface g1/0/1
[SW2-GigabitEthernet1/0/1]port link-aggregation group 1
[SW2-GigabitEthernet1/0/1]interface g1/0/2
[SW2-GigabitEthernet1/0/2]port link-aggregation group 1
[SW2]interface bridge 1
[SW2-Bridge-Aggregation1]port link-type trunk
[SW2-Bridge-Aggregation1]port trunk permit vlan 10

步骤2:在SW3上配置VLAN 20,以及链路聚合

1
2
[SW3]vlan 20
[SW3-vlan20]port g1/0/3
1
2
3
4
5
6
7
8
[SW3]int b 1
[SW3-Bridge-Aggregation1]int g1/0/1
[SW3-GigabitEthernet1/0/1]port link-a group 1
[SW3-GigabitEthernet1/0/1]int g1/0/2
[SW3-GigabitEthernet1/0/2]port link-a group 1
[SW3-vlan20]int b 1
[SW3-Bridge-Aggregation1]port link-t tr
[SW3-Bridge-Aggregation1]port tr per vlan 20

步骤3:在SW1上配置VLAN 10,VLAN 20以及链路聚合

1
2
3
4
5
6
7
8
9
10
[SW1]int bri 1
[SW1-Bridge-Aggregation1]int bri 2
[SW1-Bridge-Aggregation2]int g1/0/3
[SW1-GigabitEthernet1/0/3]port link-a group 1
[SW1-GigabitEthernet1/0/3]int g1/0/4
[SW1-GigabitEthernet1/0/4]port link-a group 1
[SW1-GigabitEthernet1/0/4]int g1/0/5
[SW1-GigabitEthernet1/0/5]port link-a group 2
[SW1-GigabitEthernet1/0/5]int g1/0/6
[SW1-GigabitEthernet1/0/6]port link-a group 2
1
2
3
4
5
6
7
8
[SW1]vlan 10
[SW1-vlan10]vlan 20
[SW1]int bri 1
[SW1-Bridge-Aggregation1]port link-t tr
[SW1-Bridge-Aggregation1]port tr per vlan 10
[SW1-Bridge-Aggregation1]int bri 2
[SW1-Bridge-Aggregation2]port link-t tr
[SW1-Bridge-Aggregation2]port tr per vlan 20

步骤4:在SW1上配置VLAN 10和VLAN 20的网关

1
2
3
4
[SW1]int vlan 10
[SW1-Vlan-interface10]ip add 192.168.10.254 24
[SW1-Vlan-interface10]int vlan 20
[SW1-Vlan-interface20]ip add 192.168.20.254 24

此时PC1可以Ping 192.168.10.254,PC2可以Ping 192.168.20.254

7.综合实验-PC1

7.综合实验-PC2

7.综合实验-SW所有VLAN

2.配置SW1,R1,R2的OSPF协议,使内网互通

步骤1:在SW1上创建VLAN 111,VLAN 112并配置IP以及环回地址

1
2
3
4
5
6
7
8
9
10
[SW1]vlan 111
[SW1-vlan111]port g1/0/1
[SW1-vlan111]vlan 112
[SW1-vlan112]port g1/0/2
[SW1]interface vlan 111
[SW1-Vlan-interface111]ip address 10.0.0.6 30
[SW1-Vlan-interface111]interface vlan 112
[SW1-Vlan-interface112]ip address 10.0.0.10 30
[SW1]int L0
[SW1-LoopBack0]ip add 10.1.1.11 32

步骤2:在SW1上配置OSPF协议

1
2
3
4
5
6
7
[SW1]ospf router-id 10.1.1.11
[SW1-ospf-1]area 0
[SW1-ospf-1-area-0.0.0.0]network 10.0.0.4 0.0.0.3
[SW1-ospf-1-area-0.0.0.0]network 10.0.0.8 0.0.0.3
[SW1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 10.1.1.11 0.0.0.0

步骤3:在R1上配置接口IP及OSPF协议

1
2
3
4
5
6
7
8
[R1]int g0/0
[R1-GigabitEthernet0/0]ip add 10.0.0.5 30
[R1-GigabitEthernet0/0]int g0/1
[R1-GigabitEthernet0/1]ip add 202.1.1.1 30
[R1-GigabitEthernet0/1]int g0/2
[R1-GigabitEthernet0/2]ip add 10.0.0.1 30
[R1-GigabitEthernet0/2]int L0
[R1-LoopBack0]ip add 10.1.1.1 32
1
2
3
4
5
[R1]ospf router 10.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]net 10.0.0.4 0.0.0.3
[R1-ospf-1-area-0.0.0.0]net 10.0.0.0 0.0.0.3
[R1-ospf-1-area-0.0.0.0]net 10.1.1.1 0.0.0.0

步骤4:在R2上配置接口IP及OSPF协议

1
2
3
4
5
6
7
8
[R2]int g0/0
[R2-GigabitEthernet0/0]ip add 10.0.0.9 30
[R2-GigabitEthernet0/0]int g0/1
[R2-GigabitEthernet0/1]ip add 67.1.1.1 30
[R2-GigabitEthernet0/1]int g0/2
[R2-GigabitEthernet0/2]ip add 10.0.0.2 30
[R2-GigabitEthernet0/2]int L0
[R2-LoopBack0]ip add 10.1.1.2 32
1
2
3
4
5
[R2]ospf router-id 10.1.1.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]net 10.0.0.8 0.0.0.3
[R2-ospf-1-area-0.0.0.0]net 10.0.0.0 0.0.0.3
[R2-ospf-1-area-0.0.0.0]net 10.1.1.2 0.0.0.0

步骤5:此时可以在SW1上查看OSPF邻居,而且PC1和PC2都可以Ping通10.1.1.1和10.1.1.2,内网是全通的

1
2
3
4
[SW1]display ospf peer
 Router ID       Address         Pri Dead-Time  State             Interface
 10.1.1.1        10.0.0.5        1   32         Full/BDR          Vlan111
 10.1.1.2        10.0.0.9        1   39         Full/BDR          Vlan112

3.配置R1和R2的静态路由和NAT协议

步骤1:配置INTERNET的接口IP和环回地址

1
2
3
4
5
6
[INTERNET]int g0/0
[INTERNET-GigabitEthernet0/0]ip add 202.1.1.2 30
[INTERNET-GigabitEthernet0/0]int g0/1
[INTERNET-GigabitEthernet0/1]ip add 67.1.1.2 30
[INTERNET-GigabitEthernet0/1]int L0
[INTERNET-LoopBack0]ip add 100.1.1.1 32

步骤2:在R1和R2上配置静态路由

1
[R1]ip route-static 0.0.0.0 0 202.1.1.2
1
[R2]ip route-static 0.0.0.0 0 67.1.1.2

此时R1和R2都可以Ping通100.1.1.1(INTERNET的环回地址)

步骤3:在R1上配置EASY IP

1
2
3
4
5
[R1]acl bas 2000                                                     
[R1-acl-ipv4-basic-2000]rule permit source 192.168.10.0 0.0.0.255
[R1-acl-ipv4-basic-2000]rule permit source 192.168.20.0 0.0.0.255
[R1-acl-ipv4-basic-2000]int g0/1
[R1-GigabitEthernet0/1]nat outbound 2000

步骤4:在R2上配置EASY IP

1
2
3
4
5
[R2]acl bas 2000
[R2-acl-ipv4-basic-2000]rule per sou 192.168.10.0 0.0.0.255
[R2-acl-ipv4-basic-2000]rule per sou 192.168.20.0 0.0.0.255
[R2-acl-ipv4-basic-2000]int g0/1
[R2-GigabitEthernet0/1]nat outbound 2000

步骤5:在R1和R2上配置

1
2
[R1]ospf
[R1-ospf-1]default-route-advertise
1
2
[R2]ospf
[R2-ospf-1]default-route-advertise

此时[SW1]dis ip rout,可看到顶部有如下内容

1
2
3
Destination/Mask   Proto   Pre   Cost        NextHop      Interface
0.0.0.0/0          O_ASE2  150   1           10.0.0.5     Vlan111
                                             10.0.0.9     Vlan112

此时PC1和PC2都可以Ping通100.1.1.1(外网)