实验拓扑:
- 实验需求:
- 1、R6为ISP,接口IP地址均为公有地址,该设备只能配置IP地址,
- 之后不能再对其进行任何配置;
- 2、R1-R5为局域网,私有IP地址192.168.1.0/24,请合理分配;
- 3、R1、R2、R4,各有两个环回IP地址;R5,R6各有一个环回地址;
- 所有路由器上环回均代表连接用户的接口;
- 4、R3下面的两台PC通过DHCP自动获取IP地址;
- 5、选路最佳,路由表尽量小,避免环路;
- 6、R1-R5均可以访问R6的环回;
- 7、R6 telnet R5的公有地址时,实际登录到R1上;
- 8、R4与R5正常通过1000M链路,故障时通过100m链路;
三、实验思路:
1、划分IP,分析:观察整个网络拓扑,可将192.168.1.0/24划分为6个大网段
分析:骨干链路有6条,然后继续将192.168.1.0/27网段划分成6个小网段。
,30位的掩码也可保证每条链路只有两个IP地址可配,节约IP地址。
192.168.1.0/30
192.168.1.4/30
192.168.1.8/30
192.168.1.12/30
192.168.1.16/30
192.168.1.20/30
(2)192.168.1.32/27----R1环回
分析:考虑到环回地址,最后需要汇总,为了汇总方便,可将192.168.1.32/27继续划分出两个连续的小网段,分别给两个环回口,同理R2/R4的环回划分也是一样的。
L0:192.168.1.32/28
L1:192.168.1.48/28
(3)192.168.1.64/27----R2环回
L0: 192.168.1.64/28
L1: 192.168.1.80/28
(4)192.168.1.96/27----R3环回
(5)192.168.1.128/27
L0: 192.168.1.128/28
L1:192.168.1.144/28
(6)192.168.1.160/27----R4环回
2、配置DHCP。使R3下面两台pc自动获取地址
3、编写除了到达1.0.0.0/24之外,到达其他网段的静态路由
4、配置缺省路由,实验到1.0.0.0/24互通,此时实现内网通在R5路由器上配置nat,可用easy ip此时实现全网可达
5、做汇总,做防环,做黑洞路由配置
6、做备份,通过改变路由条目优先级实现
7、测试,观察1000Mb/s链路故障时,数据能否走100Mb/s链路。
8、R6 telent R5的共有地址时,实际登录到R1上,在R1上配置telent 服务,通过nat server发布到R5的公网接口。
四、实验步骤:
1、配置IP地址
R1: system
Interface g0/0/0
Ip address 192.168.1.1 30
Interface g0/0/1
Ip address 192.168.1.9 30
R1环回地址:
Interface loopback 0
Ip address 192.168.1.33 28
Interface loopback 1
Ip address 192.168.1.49 28
R2:system
Interface g0/0/0
Ip address 192.168.1.2 30
Interface g0/0/1
Ip address 192.168.1.5 30
R2环回地址:
Interface loopback 0
Ip address 192.168.1.65 28
Interface loopback 1
Ip address 192.168.1.81 28
R3:system
Int g0/0/2
Ip address 192.168.1.97 27
Pc1:ip:192.168.1.126
Pc2:ip:192.168.1.125
R4:system
Int g0/0/0
Ip address 192.168.1.6 30
Int g0/0/1
Ip address 192.168.1.14 30
Int g0/0/2
Ip address 192.168.1.17 30
Int g0/0/3
Ip address 192.168.1.21 30
R4环回地址:
Int loopback 0
Ip address 192.168.1.129 28
Int loopback 1
Ip address 192.168.1.145 28
R5:system
Int g0/0/0
Ip address 192.168.1.18 30
Int g0/0/2
Ip address 192.168.1.22 30
Int g0/0/1
Ip address 12.0.0.1 24
R6:
Int g0/0/0
Ip address 12.0.0.2 24
R6环回地址:
Int loopback 0
Ip address 1.1.1.1 24
2、配置静态路由
过去:
R1到R4:
Ip route-static 192.168.1.4 30 192.168.1.2
Ip route-static 192.168.1.4 30 192.168.1.10
R1到R5:
Ip route-static 192.168.1.16 30 192.168.1.2
Ip route-static 192.168.1.20 30 192.168.1.2
Ip route-static 192.168.1.16 30 192.168.1.10
Ip route-static 192.168.1.20 30 192.168.1.10
R1到R6:
Ip route-static 12.0.0.0 24 192.168.1.2
Ip route-static 12.0.0.0 24 192.168.1.10
R1到R2环回:
Ip route-static 192.168.1.64 27 192.168.1.2
R1到R4环回:
Ip route-static 192.168.1.128 27 192.168.1.2
Ip route-static 192.168.1.128 27 192.168.1.10
R1到R5环回
Ip route-static 192.168.1.160 27 192.168.1.2
Ip route-static 192.168.1.160 27 192.168.1.10
R2到R5:
Ip route-static 192.168.1.16 30 192.168.1.6
Ip route-static 192.168.1.20 30 192.168.1.6
R2到R6:
Ip route-static 12.0.0.0 24 192.168.1.6
R2到R4环回:
Ip route-static 192.168.1.128 27 192.168.1.6
R2到R5环回:
Ip route-static 192.168.1.160 27 192.168.1.6
R3到R5:
Ip route-static 192.168.1.16 30 192.168.1.14
Ip route-static 192.168.1.20 30 192.168.1.14
R3到R6:
Ip route-static 12.0.0.0 24 192.168.1.14
R3到R4环回:
Ip route-static 192.168.1.128 27 192.168.1.14
R3到R5环回:
Ip route-static 192.168.1.160 27 192.168.1.14
R4到R6:
Ip route-static 12.0.0.0 24 192.168.1.18
Ip route-static 12.0.0.0 24 192.168.1.22
回来:
R5到R2:
Ip route-static 192.168.1.4 30 192.168.1.17
Ip route-static 192.168.1.4 30 192.168.1.21
R5到R3:
Ip route-static 192.168.1.12 30 192.168.1.17
Ip route-static 192.168.1.12 30 192.168.1.21
R5到R1:
Ip route-static 192.168.1.0 30 192.168.1.17
Ip route-static 192.168.1.0 30 192.168.1.21
Ip route-static 192.168.1.8 30 192.168.1.17
Ip route-static 192.168.1.8 30 192.168.1.21
R5到R1的环回:
Ip route-static 192.168.1.32 27 192.168.1.17
Ip route-static 192.168.1.32 27 192.168.1.21
R5到R2的环回:
Ip route-static 192.168.1.64 27 192.168.1.17
Ip route-static 192.168.1.64 27 192.168.1.21
R5到R4的环回:
Ip route-static 192.168.1.128 27 192.168.1.17
Ip route-static 192.168.1.128 27 192.168.1.21
R4到R1:
Ip route-static 192.168.1.0 30 192.168.1.5
Ip route-static 192.168.1.0 30 192.168.1.13
R4到R2的环回:
Ip route-static 192.168.1.64 27 192.168.1.5
R4到R1的环回:
Ip route-static 192.168.1.32 27 192.168.1.5
Ip route-static 192.168.1.32 27 192.168.1.13
2.5、给R5配缺省路由指ISP
Ip route-static 0.0.0.0 0 12.0.0.2
3、在环回接口配一个空接口避免环路
R1:ip route-static 192.168.1.32 27 Null 0
R2:ip route-static 192.168.1.64 27 Null 0
R4:ip route-static 192.168.1.128 27 Null 0
R5:ip route-static 192.168.1.160 27 Null 0
4、修改R1的优先级
[R1]ip route-static 192.168.1.16 30 192.168.1.2 preference 61
[R1]ip route-static 192.168.1.16 30 192.168.1.10 preference 61
修改R2的优先级
[R2]ip route-static 192.168.1.16 30 192.168.1.6 preference 61
修改R3的优先级
[R3]ip route-static 192.168.1.16 30 192.168.1.14 preference 61
5、R1-R5只能访问到R6
6、登录访问
R1:aaa
Local-user mj privilege level 15 password cipher 123
User-interface mj service-type telent
User-interface vty 0 4
Authentication-mode aaa
R5:int g0/0/1
Nat server protocol tcp global current-interface 23 inside 192.168.1.1 23