ip 静态路由的综合实验

静态综合实验

一、实验要求：

1. R6为ISP，接口IP地址均为公有地址，该设备只能配置IP地址，之后不能冉对其进行任何配置
2. R1-R5为局域网，私有Ip地址192.168.1.0/24，请合理分配;
3. R1、R2、R4，各有两个环回IP地址;R5,R6各有一个环回地址;所有路由器上环回均代表连接用户的接口
4. R3下面的两台Pc通过DHCP自动获取IP地址;
5. 选路最佳，路由表尽量小，避免环路
6. R1-R5均可以访问R6的环回
7. 在R1上配置te1net服务，使R6能通过R5的公有地址te1net到R1上;
8. R4与R5正常通过1000M链路，故障时通过10gm链路;

• 实验思路：

1. 用IP地址192.168.1.0/24来分配对应的IP地址：

骨干：192.168.1.000 00000/27

R1-R2:192.168.1.000000 00/30--192.168.1.0/30

R1-R3:192.168.1.000001 00/30--192.168.1.4/30

R2-R4:192.168.1.000010 00/30--192.168.1.8/30

R3-R4:192.168.1.000011 00/30--192.168.1.12/30

R4-R5:192.168.1.000100 00/30--192.168.1.16/30

R5-R4:192.168.1.000101 00/30--192.168.1.20/30

R1环回：192.168.1.001 00000 /27--192.168.1.32/27

L0：192.168.1.0010 0000 /27--192.168.1.32/28

L1：192.168.1.0011 0000 /27--192.168.1.48/28

R2环回：192.168.1.01 000000 /27--192.168.1.64/27

L0：192.168.1.0010 0000 /27--192.168.1.64/28

L1：192.168.1.0011 0000 /27--192.168.1.80/28

R3环回：192.168.1.011 00000 /27--192.168.1.96/27

R4环回：192.168.1.100 00000 /27--192.168.1.128/27

L0：192.168.1.0010 0000 /27--192.168.1.128/28

L1：192.168.1.0011 0000 /27--192.168.1.144/28

R5环回：192.168.1. 101 00000/27--192.168.1.160/27

L0：192.168.1.0010 0000 /27--192.168.1.160/28

2.手工配置路由表，并且选择最短路径

3.做汇总，做防环，做黑洞路由配置

4.在r3上开启DHCP协议，时下面两台pc可以通过DHCP自动获取IP地址

5.在r5的边界接口上配置缺省路由，实现到 1.0.0.0/24互通。此时实现内网通；

在RS路由器上配置 nat，可用esay ip,此时实现全网通

6.R6 telnet  R5 的公有地址时，实际登录到RI 上，在R1 上配置 telet

服务，通过nat server 发布到RS的公网接口。

7.改变路由条目优先级实现，当1000Mb's 链路故障时，数据能否走 100Mb/s链路。

                                                

三、相关步骤

1.按要求配置各个IP地址：

如新的图

用dhcp来获取pc1和pc2的IP地址

[r3]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[r3]ip policy-based-route

[r3]ip pool aa

Info: It's successful to create an IP address pool.

[r3-ip-pool-aa]network 192.168.1.96 mask 27

[r3-ip-pool-aa]gateway-list 192.168.1.97

[r3-ip-pool-aa]dns-list 8.8.8.8

[r3-GigabitEthernet0/0/2]dhcp  select global

2.手工配置各个路由器的路由表

[r1]ip route-static 192.168.1.8 30 192.168.1.2

[r1]ip route-static 192.168.1.64 27 192.168.1.2

[r1]ip route-static 192.168.1.16 30 192.168.1.2

[r1]ip route-static 192.168.1.16 30 192.168.1.6

[r1]ip route-static 192.168.1.20 30 192.168.1.6

[r1]ip route-static 192.168.1.20 30 192.168.1.2

[r1]ip route-static 192.168.1.160 27 192.168.1.2

[r1]ip route-static 192.168.1.160 27 192.168.1.6

[r1]ip route-static 192.168.1.128 27 192.168.1.6

[r1]ip route-static 192.168.1.128 27 192.168.1.2

[r1]ip route-static 192.168.1.96 27 192.168.1.6

[r1]ip route-static 192.168.1.12 30 192.168.1.6

[r1]

[r2]ip route-static 192.168.1.128 27 192.168.1.10

[r2]ip route-static 192.168.1.16 30 192.168.1.10

[r2]ip route-static 192.168.1.20 30 192.168.1.10

[r2]ip route-static 192.168.1.160 27 192.168.1.10

[r2]ip route-static 192.168.1.12 30 192.168.1.10

[r2]ip route-static 192.168.1.96 27 192.168.1.10

[r2]ip route-static 192.168.1.96 27 192.168.1.1

[r2]ip route-static 192.168.1.4 30 192.168.1.1

[r2]ip route-static 192.168.1.32 27 192.168.1.1

[r3]ip route-static 192.168.1.32 27 192.168.1.5

[r3]ip route-static 192.168.1.0 30 192.168.1.5

[r3]ip route-static 192.168.1.64 27 192.168.1.5

[r3]ip route-static 192.168.1.64 27 192.168.1.14

[r3]ip route-static 192.168.1.8 30 192.168.1.14

[r3]ip route-static 192.168.1.16 30 192.168.1.14

[r3]ip route-static 192.168.1.20 30 192.168.1.14

[r3]ip route-static 192.168.1.128 27 192.168.1.14

[r3]ip route-static 192.168.1.160 27 192.168.1.14

[r3]

[r4]ip route-static 192.168.1.96 27 192.168.1.13

[r4]ip route-static 192.168.1.4 30 192.168.1.13

[r4]ip route-static 192.168.1.32 27 192.168.1.13

[r4]ip route-static 192.168.1.32 27 192.168.1.19

[r4]undo ip route-static 192.168.1.32 27 192.168.1.19

[r4]ip route-static 192.168.1.32 27 192.168.1.9

[r4]ip route-static 192.168.1.0 30 192.168.1.9

[r4]ip route-static 192.168.1.64 27 192.168.1.9

[r5]ip route-static 192.168.1.128 27 192.168.1.17

[r5]ip route-static 192.168.1.128 27 192.168.1.21

[r5]ip route-static 192.168.1.12 30 192.168.1.21

[r5]ip route-static 192.168.1.12 30 192.168.1.17

[r5]ip route-static 192.168.1.96 27 192.168.1.17

[r5]ip route-static 192.168.1.96 27 192.168.1.21

[r5]ip route-static 192.168.1.4 30 192.168.1.21

[r5]ip route-static 192.168.1.4 30 192.168.1.17

[r5]ip route-static 192.168.1.32 27 192.168.1.17

[r5]ip route-static 192.168.1.32 27 192.168.1.21

[r5]ip route-static 192.168.1.0 30 192.168.1.21

[r5]ip route-static 192.168.1.0 30 192.168.1.17

[r5]ip route-static 192.168.1.64 27 192.168.1.17

[r5]ip route-static 192.168.1.64 27 192.168.1.21

[r5]ip route-static 192.168.1.8 30 192.168.1.21

[r5]ip route-static 192.168.1.8 30 192.168.1.17

现在已经实现了内网互通；

3.为避免出现环路：

[r1]ip route-static 192.168.1.32 27 NULL 0

[r2]ip route-static 192.168.1.64 27 NULL 0

[r4]ip route-static 192.168.1.128 27 NULL 0

1. R1-R5均可以访问R6的环回

在r5上配置缺省路由来让私网与公网相联通

[r5]ip route-static 0.0.0.0 0 12.0.0.2

现在实现了与公网联通

在r5上配置easy IP来实现利用acl抓取私网流量

[r5]acl 2000

[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255

[r5-acl-basic-2000]inter g 0/0/2

[r5-GigabitEthernet0/0/2]nat outbound 2000

在r1-r4上配置相关的缺省路由

[r1]ip route-static 0.0.0.0 0 192.168.1.2

[r1]ip route-static 0.0.0.0 0 192.168.1.6

[r2]ip route-static 0.0.0.0 0 192.168.1.10

[r3]ip route-static 0.0.0.0 0 192.168.1.14

[r4]ip route-static 0.0.0.0 0 192.168.1.18

[r4]ip route-static 0.0.0.0 0 192.168.1.22

现在r1-r5都可以访问r6;

1. 在R1上配置te1net服务，使R6能通过R5的公有地址te1net到R1上;

在r1上开启telnet服务

[r1-aaa]local-user wangdaye service-type telnet

[r1]user-interface vty 0 4

[r1-ui-vty0-4]authentication-mode aaa

在r5上用net的端口映射

[r5-GigabitEthernet0/0/2]nat server protocol  tcp global current-interface 23 inside 192.168.1.1 23

Warning:The port 23 is well-known port. If you continue it may cause function fa

ilure.

Are you sure to continue?[Y/N]:y

1. R4与R5正常通过1000M链路，故障时通过10gm链路;

在r4/r5上配置改变100mb/s的优先级，

[r4]ip route-static 0.0.0.0 0 192.168.1.22 preference 61

[r5]ip route-static 192.168.1.128 27 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.12 30 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.96 27 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.4 30 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.32 27 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.0 30 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.64 27 192.168.1.21 preference 61

Info: Succeeded in modifying route.

[r5]

[r5]ip route-static 192.168.1.8 30 192.168.1.21 preference 61

将为1000mb/s的链路给关闭看是否是经过100mb/s