第一步:规划IP地址
一、子网划分
192.168.1.0/24
192.168.1.0/27 (骨干)192.168.1.0/30 192.168.1.4/30 192.168.1.8/30 192.168.1.12/30 192.168.1.16/30 192.168.1.20/30 192.168.1.24/30 (备用) 192.168.1.28/30 (备用)
192.168.1.32/27 (R1环回)192.168.1.32/28 192.168.1.48/28
192.168.1.64/27 (R2环回)192.168.1.64/28 192.168.1.80/28
192.168.1.96/27 (R3环回)
192.168.1.128/27 (R4环回)192.168.1.128/28 192.168.1.144/28
192.168.1.160/27 (R5环回)
192.168.1.196/27 (预留地址)
192.168.1.224/27 (预留地址
三、配置接口IP
配置各个接口ip
R1
R2
R3
R4
R5
R6
为满足要求四:R3下的两台PC通过DHCP自动获取IP地址
配置R3的DHCP如图
四、配置路由
1.配置R1-R5的缺省路由
[R1]ip route-static 0.0.0.0 0 192.168.1.2
[R1]ip route-static 0.0.0.0 0 192.168.1.6
[R2]ip route-static 0.0.0.0 0 192.168.1.10
[R3]ip route-static 0.0.0.0 0 192.168.1.14
[R4]ip route-static 0.0.0.0 0 192.168.1.18
[R4]ip route-static 0.0.0.0 0 192.168.1.22 preference 61
[R5]ip route-static 0.0.0.0 0 56.1.1.2
这样就形成了从左至右的缺省
2.开始补静态路由,空接口避免环路
R1:
空接口防环路由:ip route-static 192.168.1.32 27 NULL 0
静态路由:
ip route-static 192.168.1.8 255.255.255.252 192.168.1.2
ip route-static 192.168.1.12 255.255.255.252 192.168.1.6
ip route-static 192.168.1.64 255.255.255.224 192.168.1.2
ip route-static 192.168.1.96 255.255.255.224 192.168.1.6
R2:
空接口防环路由:ip route-static 192.168.1.64 27 NULL 0
静态路由:
ip route-static 192.168.1.4 255.255.255.252 192.168.1.1
ip route-static 192.168.1.32 255.255.255.224 192.168.1.1
ip route-static 192.168.1.96 255.255.255.224 192.168.1.1
ip route-static 192.168.1.96 255.255.255.224 192.168.1.10
R3:
静态路由:
ip route-static 192.168.1.0 255.255.255.252 192.168.1.5
ip route-static 192.168.1.32 255.255.255.224 192.168.1.5
ip route-static 192.168.1.64 255.255.255.224 192.168.1.5
ip route-static 192.168.1.64 255.255.255.224 192.168.1.14
R4:
空接口防环路由:ip route-static 192.168.1.128 27 NULL 0
静态路由:
ip route-static 192.168.1.0 255.255.255.252 192.168.1.9
ip route-static 192.168.1.4 255.255.255.252 192.168.1.13
ip route-static 192.168.1.32 255.255.255.224 192.168.1.9
ip route-static 192.168.1.32 255.255.255.224 192.168.1.13
ip route-static 192.168.1.64 255.255.255.224 192.168.1.9
ip route-static 192.168.1.96 255.255.255.224 192.168.1.13
R5:
静态路由:
ip route-static 192.168.1.0 255.255.255.252 192.168.1.17
ip route-static 192.168.1.0 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.4 255.255.255.252 192.168.1.17
ip route-static 192.168.1.4 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.8 255.255.255.252 192.168.1.17
ip route-static 192.168.1.8 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.12 255.255.255.252 192.168.1.17
ip route-static 192.168.1.12 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.32 255.255.255.224 192.168.1.17
ip route-static 192.168.1.32 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.64 255.255.255.224 192.168.1.17
ip route-static 192.168.1.64 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.96 255.255.255.224 192.168.1.17
ip route-static 192.168.1.96 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.128 255.255.255.224 192.168.1.17
ip route-static 192.168.1.128 255.255.255.224 192.168.1.21 preference 61
这样就实现了全网可达,避免环路
五、在R5上配置NAT
测试:
可以看到成功访问R6
为实现要求7我们先在R5上进行端口映射
然后再R1上配置登录账号和密码
[R1]aaa
[R1-aaa]local-user 123456 privilege level 15 password cipher 666666
[R1-aaa]local-user 123456 service-type telnet
[R1-aaa]q
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
测试:
可以看到已经成功登入
已经满足所有要求
至此,实验结束