实验拓扑
知识点
vlan、trunk、vtp、stp、etherchannel、dhcp
vrrp、vlan间通信(三层交换、单臂路由)、静态路由
实验要求(使用GNS3模拟器)
1.左边局域网主机的网关为三层交换机SW1和SW2,三层交换机通过DHCP给主机分配IP地址
并实现不同vlan间的负载均衡,即vlan10网关为SW1,vlan20网关为SW2
2.所有主机所有网络设备都能互相通信
3.管理员可以远程管理所有网络设备
实验步骤
1.部署左边局域网的trunk和etherchannel(设备:SW1,SW2,SW3,SW4)
将交换机之间的所有链路配置为trunk并做链路捆绑
以SW1为例:
全局配置模式下:
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode on
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode on
interface FastEthernet0/3
switchport mode trunk
channel-group 2 mode on
interface FastEthernet0/4
switchport mode trunk
channel-group 2 mode on
interface FastEthernet0/5
switchport mode trunk
channel-group 3 mode on
interface FastEthernet0/6
switchport mode trunk
channel-group 3 mode on
2.部署vtp (设备:SW1,SW2,SW3,SW4)
设置SW1为vtp server,SW2,SW3,SW4为vtp client
以SW1为例:
用户模式下:
vlan database
vtp domain haha
vtp password 123
vtp server (除了SW1,其他设备为vtp client)
3.部署vlan和(设备:SW1)
在SW1的vlan database配置vlan10和vlan20
用户模式下:
vlan database
vlan 10
vlan 20
部署access vlan
将HOST1,HOST3划分进vlan10,HOST2,HOST4划分进vlan20(设备SW3,SW4)
SW3配置模式下:
int f0/7
switchport access vlan 10
int f0/8
switchport access vlan 20
4.部署STP (设备:SW1、SW2)
SW1作为PVST的vlan10的主根,vlan20的备份根,SW2作为PVST的vlan20的主根,vlan10的备份根
SW1配置模式下:
spanning-tree vlan 10 root primary
spanning-tree vlan 20 root secondary
SW2配置模式下:
spanning-tree vlan 20 root primary
spanning-tree vlan 10 root secondary
5.部署DHCP
划分在vlan10的主机(HOST1、HOST3)由它的网关SW1通过dhcp分配IP地址(主机地址范围1.1.1.1-1.1.1.127)
划分在vlan10的主机(HOST1、HOST3)由它的网关SW2通过dhcp分配IP地址(主机地址范围2.2.2.128-2.2.2.251)
SW1的vlan10真实网关1.1.1.252,SW2的vlan10真实网关1.1.1.253
SW1的vlan20真实网关2.2.2.252,SW2的vlan20真实网关2.2.2.253
SW1配置模式下:
ip dhcp excluded-address 1.1.1.128 1.1.1.254
ip dhcp excluded-address 2.2.2.128 2.2.2.254
int vlan 10
ip address 1.1.1.252 255.255.255.0
exit
ip dhcp pool vlan10
network 1.1.1.0 255.255.255.0
default-router 1.1.1.254
dns-server 8.8.8.8
int vlan 20
ip address 2.2.2.252 255.255.255.0
exit
ip dhcp pool vlan20
network 2.2.2.0 255.255.255.0
default-router 2.2.2.254
dns-server 8.8.8.8
SW2配置模式下:
ip dhcp excluded-address 1.1.1.1 1.1.1.127
ip dhcp excluded-address 2.2.2.1 2.2.2.127
int vlan 10
ip address 1.1.1.253 255.255.255.0
exit
ip dhcp pool vlan10
network 1.1.1.0 255.255.255.0
default-router 1.1.1.254
dns-server 8.8.8.8
int vlan 20
ip address 2.2.2.253 255.255.255.0
exit
ip dhcp pool vlan20
network 2.2.2.0 255.255.255.0
default-router 2.2.2.254
dns-server 8.8.8.8
6.部署VRRP
SW1的vlan10真实网关1.1.1.252,SW2的vlan10真实网关1.1.1.253,vrrp虚拟网关为1.1.1.254
SW1的vlan20真实网关2.2.2.252,SW2的vlan20真实网关2.2.2.253,vrrp虚拟网关为2.2.2.254
SW1配置模式下:
int vlan 10
vrrp 1 ip 1.1.1.254
vrrp 1 priority 200
int vlan 20
vrrp 2 ip 2.2.2.254
SW2配置模式下:
int vlan 10
vrrp 2 ip 1.1.1.254
int vlan 20
vrrp 2 ip 2.2.2.254
vrrp 2 priority 200
做完前面六步左边的局域网内所有主机能任意通信
----------------------------------------------------
7.部署右边局域网的单臂路由
首先给HOST5,HOST6,HOST7手工配置IP地址和网关分别在3.3.3.0和4.4.4.0和5.5.5.0网段
然在SW5创建vlan30,40,888
SW5用户模式下
vlan database
vlan 30
vlan 40
vlan 888
SW5的f0/2设置为access vlan30,f0/3设置为access vlan40,f0/4设置为access vlan888
SW5配置模式下:
int f0/2
switchport access vlan 30
int f0/3
switchport access vlan 40
int f0/4
switchport access vlan 888
SW5的f0/0设置为trunk
int f0/0
switchport mode trunk
接下来配置R3
进入f1/0 输入no shutdown打开接口之后进入f1/0的子接口配置
interface FastEthernet1/0.1
encapsulation dot1Q 30
ip address 3.3.3.254 255.255.255.0
no shutdown
!
interface FastEthernet1/0.2
encapsulation dot1Q 40
ip address 4.4.4.254 255.255.255.0
no shutdown
!
interface FastEthernet1/0.3
encapsulation dot1Q 888
ip address 5.5.5.254 255.255.255.0
no shutdown
做完第七步右边局域网所有主机能任意通信
--------------------------------------------
8.配置静态路由 (设备:SW1,SW2,R1,R2,R3)
以R2为例:
R2配置模式下
ip route 1.1.1.0 255.255.255.0 FastEthernet0/0
ip route 2.2.2.0 255.255.255.0 FastEthernet0/0
ip route 3.3.3.0 255.255.255.0 FastEthernet1/0
ip route 4.4.4.0 255.255.255.0 FastEthernet1/0
ip route 5.5.5.0 255.255.255.0 FastEthernet1/0
ip route 10.1.1.0 255.255.255.0 FastEthernet0/0
ip route 20.1.1.0 255.255.255.0 FastEthernet0/0
做完第八步整个拓扑所有主机和路由器能通信
----------------------------------------------
9.部署vty,使管理员可以远程配置拓扑任意设备
所有设备配置模式下
line vty 0 15
password xxx
然后管理员可以通过telnet服务登录除二层设备(SW3,SW4,SW5)的所有设备
若要管理SW3,SW4
可以进入SW3的vlan10 给它开启dhcp获取
int vlan 10
ip add dhcp
no shutdown
可以进入SW3的vlan20 给它开启dhcp获取
int vlan 20
ip add dhcp
no shutdown
这样就可以telnet它们获取的地址来管理
对于SW5,则进入SW5的vlan 888 给它配置个ip地址
SW5配置模式下
int vlan 888
ip address 8.8.8.1 255.255.255.0
管理员可以通过telnet ip 8.8.8.1来管理 SW5
做完第九步管理员可以管理拓扑的所有设备