IA综合实验

最新推荐文章于 2024-03-19 23:36:30 发布

黄施愉

最新推荐文章于 2024-03-19 23:36:30 发布

阅读量243

点赞数

本文链接：https://blog.csdn.net/cnmgj/article/details/115055734

版权

在这里插入图片描述

sw1
vlan batch 100 200
inter e0/0/21
port link-type access
port default vlan 100
inter e0/0/22
port link-type access
port default vlan 200

inter e0/0/10
port link-type trunk
port trunk allow-pass vlan all

inter e0/0/1
port link-type trunk
port trunk allow-pass vlan all

sw2
vlan batch 100 200
inter e0/0/21
port link-type access
port default vlan 100
inter e0/0/22
port link-type access
port default vlan 200

inter e0/0/10
port link-type trunk
port trunk allow-pass vlan all

r1
dhcp enable
ip pool vlan100
network 192.168.1.0 mask 26
dns-list 8.8.8.8
gateway-list 192.168.1.1或192.168.1.62 //192.168.1.00 111110/26 掩码26位后面取最大但不能全1 32+16+8+4+2=62
ip pool vlan200
network 192.168.1.64 mask 26
dns-list 8.8.8.8
gateway-list 192.168.1.65或192.168.1.126
inter g0/0/0.100
ip ad 192.168.1.1 26
dot1q termination vid 100
arp broadcast enable
dhcp select global
inter g0/0/0.200
ip ad 192.168.1.65 26
dot1q termination vid 200
arp broadcast enable
dhcp select global
各pc机应用DHCP 命令行输入ipconfig 查看到获取到的ip

ospf 10 router-id 1.1.1.1
area 0
network 192.168.0.0 0.0.255.255 //相当于一次宣告所有或分别输入三条network 192.168.1.129 0.0.0.3 //掩码30位的反子网掩码是3 因为掩码30位剩两位取11
network 192.168.1.0 0.0.0.63 //掩码26位的反子网掩码是63 因为掩码26位剩六位取111111
network 192.168.1.64 0.0.0.63 //掩码26位的反子网掩码是63 因为掩码26位剩六位取111111

r2
ospf 10 router-id 2.2.2.2
area 0
network 192.168.1.130 0.0.0.3
等邻居建立到full状态 pc1: ping 192.168.1.130 通说明内网建立成功

acl 2000
rule permit source 192.168.1.0 0.0.0.63 //掩码26位的反子网掩码是63 因为掩码26位剩六位取111111
rule permit source 192.168.1.64 0.0.0.63
int g0/0/1
nat outbound 2000

ip route-static 0.0.0.0 0.0.0.0 23.1.1.2
ospf 10
default-route-advertise
此时pc1 Ping 100.1.1.1 通

r1
acl 3000
rule deny icmp source 192.168.1.0 0.0.0.63 destination 100.1.1.1 0.0.0.0 icmp-type echo
inter g0/0/0.100
traffic-filter inbound acl 3000
此时pc1 Ping 100.1.1.1 不通但Ping100.1.1.254等通因为只限制vlan100用户不能访问pc5