实验要求:
-
R6为isp,接口IP地址均为公有地址;该设备只能配置IP地址,之后不能再对其他任何配置
-
R1-R5为局域网,私有IP地址192.168.1.0/24,请合理分配
-
R1,R2,R4,各有两个环回地址;R5,R6各有一个环回地址;所有路由器上环回均代表连接用户的接口
-
R3下的两台PC通过DHCP自动获取IP地址
-
选路最佳,路由表尽量小,避免环路
-
R1-R5均可访问R6的环回
-
R6telnetR5的公有IP地址时,实际登陆到R1上
- R4与R5正常通过1000m链路,故障时通过100m链路
IP规划:
骨干区域划分:
- 子网掩码为255.255.255.224,子网掩码为/27。
- 骨干区域的网络地址为192.168.1.0/27。
R1:
- 网络地址为192.168.1.32/27。
- 子网1为192.168.1.32/28
- 子网2为192.168.1.48/28
R2:
- 网络地址为192.168.1.64/27。
- 子网1为192.168.1.64/28
- 子网2为192.168.1.80/28
R3:
- 网络地址为192.168.1.96/27。
- 子网1为192.168.1.96/28
- 子网2为192.168.1.112/28
R4:
- 网络地址为192.168.1.128/27。
- 子网1为192.168.1.128/28
- 子网2为192.168.1.144/28
R1的环回地址:
- 环回地址1为192.168.1.160/32。
- 环回地址2为192.168.1.161/32。
R2的环回地址:
- 环回地址1为192.168.1.162/32。
- 环回地址2为192.168.1.163/32。
R4的环回地址:
- 环回地址1为192.168.1.164/32。
- 环回地址2为192.168.1.165/32。
R3上的两台PC:
-通过DHCP自动获取IP地址。
实验配置:
IP配置
R1:
<Huawei>sys
[Huawei]sys R1
[R1]int G0/0/0
[R1-GigabitEthernet0/0/0]ip ad 192.168.1.1 30
[R1-GigabitEthernet0/0/0]int G0/0/1
[R1-GigabitEthernet0/0/1]ip ad 192.168.1.5 30
R2:
<Huawei>sys
[Huawei]sys R2
[R2]int G0/0/0
[R2-GigabitEthernet0/0/0]ip ad 192.168.1.2 30
[R2-GigabitEthernet0/0/0]int G0/0/1
[R2-GigabitEthernet0/0/1]ip ad 192.168.1.9 30
R3:
<Huawei>sys
[Huawei]sys R3
[R3]int G0/0/0
[R3-GigabitEthernet0/0/0]ip ad 192.168.1.6 30
[R3-GigabitEthernet0/0/0]int G0/0/1
[R3-GigabitEthernet0/0/1]ip ad 192.168.1.13 30
R4:
<Huawei>sys
[Huawei]sys R4
[R4]int G0/0/0
[R4-GigabitEthernet0/0/0]ip ad 192.168.1.10 30
[R4-GigabitEthernet0/0/0]int G0/0/1
[R4-GigabitEthernet0/0/1]ip ad 192.168.1.14 30
[R4-GigabitEthernet0/0/1]int G0/0/2
[R4-GigabitEthernet0/0/2]ip ad 192.168.1.17 30
[R4-GigabitEthernet0/0/2]int G4/0/0
[R4-GigabitEthernet4/0/0]ip ad 192.168.1.21 30
R5:
<Huawei>sys
[Huawei]sys R5
[R5]int G0/0/0
[R5-GigabitEthernet0/0/0]ip ad 192.168.1.18 30
[R5-GigabitEthernet0/0/0]int G0/0/1
[R5-GigabitEthernet0/0/1]ip ad 192.168.1.22 30
[R5-GigabitEthernet0/0/1]int G0/0/2
[R5-GigabitEthernet0/0/2]ip ad 12.0.0.1 24
R6:
<Huawei>sys
[Huawei]sys R6
[R6]int G0/0/0
[R6-GigabitEthernet0/0/0]ip ad 192.168.1.26 30
配置环回接口IP
R1
[R1]int LoopBack 0
[R1-LoopBack0]ip ad 192.168.1.33 28
[R1-LoopBack0]int LoopBack 1
[R1-LoopBack1]ip ad 192.168.1.49 28
R2
[R2]int l0
[R2-LoopBack0]ip ad 192.168.1.65 28
[R2-LoopBack0]int l1
[R2-LoopBack1]ip ad 192.168.1.81 28
R4
[R4]int l0
[R4-LoopBack0]ip ad 192.168.1.129 28
[R4-LoopBack0]int l1
[R4-LoopBack1]ip ad 192.168.1.145 28
R5
[R5]int l0
[R5-LoopBack0]ip ad 192.168.1.161 27
R6
[R6]int l0
[R6-LoopBack0]ip ad 1.1.1.1 24
开启DHCP协议
R3
[R3]dhcp enable
[R3]ip pool R3
[R3-ip-pool-R3]network 192.168.1.96 mask 27
[R3-ip-pool-R3]gateway-list 192.168.1.126
[R3-ip-pool-R3]dns-list 114.114.114.114
[R3-ip-pool-R3]int G0/0/2
[R3-GigabitEthernet0/0/2]ip ad 192.168.1.126 27
[R3-GigabitEthernet0/0/2]dhcp select global
配置缺省路由
R1
[R1]ip route-static 0.0.0.0 0 192.168.1.2
[R1]ip route-static 192.168.1.96 27 192.168.1.6
[R1]ip route-static 192.168.1.12 30 192.168.1.6
R2
[R2]ip route-static 0.0.0.0 0 192.168.1.10
[R2]ip route-static 192.168.1.32 27 192.168.1.1
[R2]ip route-static 192.168.1.4 30 192.168.1.1
R3
[R3]ip route-static 0.0.0.0 0 192.168.1.14
[R3]ip route-static 192.168.1.32 27 192.168.1.5
[R3]ip route-static 192.168.1.0 30 192.168.1.5
R4
[R4]ip route-static 0.0.0.0 0 192.168.1.22 preference 70
[R4]ip route-static 192.168.1.0 30 102.168.1.9
[R4]ip route-static 192.168.1.64 27 192.168.1.9
[R4]ip route-static 192.168.1.4 30 192.168.1.13
[R4]ip route-static 192.168.1.32 27 192.168.1.13
[R4]ip route-static 192.168.1.96 27 192.168.1.13
R5
[R5]ip route-static 192.168.1.0 24 192.168.1.17
[R5]ip route-static 192.168.1.0 24 192.168.1.21 preference 70
[R5]ip route-static 0.0.0.0 0 12.0.0.2
配置空接口
R5
[R5]ip route-static 192.168.1.24 29 null 0
[R5]ip route-static 192.168.1.192 27 null 0
[R5]ip route-static 192.168.1.224 27 null 0
配置NATP
R5
[R5]acl 2000
[R5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R5-acl-basic-2000]int G0/0/2
[R5-GigabitEthernet0/0/2]nat outbound 2000
开启Telnet服务,并配置端口映射
R1
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]aaa
[R1-aaa]local-user admin password cipher admin privilege level 15
[R1-aaa]local-user admin service-type telnet
在 R5 的 g 0/0/2 接口做端口映射
R5
[R5]int G0/0/2
[R5-GigabitEthernet0/0/2]nat server protocol tcp global current-interface 23 ins
ide 192.168.1.1 telnet
Are you sure to continue?[Y/N]:y
[R5-GigabitEthernet0/0/2]