HCIP综合实验练习

实验要求如图

实验拓扑如图

一 先做r1 r2公网部分 r1记得做acl转换地址（私有转公有ip）
acl 2000
rule 1 permit source 172.16.0.0 0.0.255.255
int g0/0/0
nat outbound 2000

配置基本IP地址 然后启动ospf宣告路由即可
确保r1能够访问r2环回
r1上
ospf 1 router-id 1.1.1.1
area 0
network 172.16.0.0 0.0.255.255
network 10.1.1.0 0.0.0.255

r2上
ospf 1 router-id 2.2.2.2
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255

测试 r1 ping r2 环回
交换机弹日志 不好截图 直接复制密令
Sw1上
sysname sw1
vlan batch 2 100 创建vlan2 100
stp instance 1 root primary 设置根网桥
stp instance 2 root secondary

dhcp enable

stp region-configuration 生成树配置
region-name a
instance 1 vlan 1 分组 ，每个组一个生成树
instance 2 vlan 2
active region-configuration 激活

ip pool vlan1 定义地址池
gateway-list 172.16.128.3
network 172.16.128.0 mask 255.255.224.0
dns-list 8.8.8.8

ip pool vlan2
gateway-list 172.16.96.3
network 172.16.96.0 mask 255.255.224.0
dns-list 8.8.8.8

interface Vlanif1
ip address 172.16.128.1 255.255.224.0
vrrp vrid 1 virtual-ip 172.16.128.3
vrrp vrid 1 priority 120 改大优先级，当主网关
vrrp vrid 1 track interface Ethernet0/0/3 reduced 30 上行链路追踪，如果检查到该接口断了，则优先级减30
dhcp select global

interface Vlanif2
ip address 172.16.96.1 255.255.224.0
vrrp vrid 1 virtual-ip 172.16.96.3
vrrp vrid 1 track interface Ethernet0/0/5 reduced 30
dhcp select global

interface Vlanif100
华为模拟器接口改为三层时配不了地址，所以用vlan100代替
ip address 172.16.32.2 255.255.224.0

interface Eth-Trunk0
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/1 调trunk链路
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/3
port link-type access
port default vlan 100

interface GigabitEthernet0/0/1 接口二合一
eth-trunk 0

interface GigabitEthernet0/0/2
eth-trunk 0

ospf 1
silent-interface all 沉默接口
undo silent-interface Vlanif100
undo silent-interface Eth-Trunk0
undo silent-interface Vlanif2
area 0.0.0.0
network 172.16.32.2 0.0.0.0
area 0.0.0.1
abr-summary 172.16.0.0 255.255.0.0 区域1路由汇总
network 172.16.128.1 0.0.0.0
network 172.16.96.1 0.0.0.0

Sw2上
sysname sw2

vlan batch 2 100 创建vlan

stp instance 1 root secondary 设置根网桥
stp instance 2 root primary

dhcp enable

stp region-configuration 生成树
region-name a
instance 1 vlan 1
instance 2 vlan 2
active region-configuration

ip pool vlan1 地址池
gateway-list 172.16.128.3
network 172.16.128.0 mask 255.255.224.0
lease day 0 hour 2 minute 0
dns-list 8.8.8.8

ip pool vlan2
gateway-list 172.16.96.3
network 172.16.96.0 mask 255.255.224.0
dns-list 114.114.114.144 114.114.114.114

interface Vlanif1
ip address 172.16.128.2 255.255.224.0
vrrp vrid 1 virtual-ip 172.16.128.3
dhcp select global

interface Vlanif2
ip address 172.16.96.2 255.255.224.0
vrrp vrid 1 virtual-ip 172.16.96.3
vrrp vrid 1 priority 120
vrrp vrid 1 track interface Ethernet0/0/5 reduced 30 上行链路追踪改优先级
dhcp select global

interface Vlanif100
ip address 172.16.64.2 255.255.224.0

interface Eth-Trunk0
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/1
port link-type trunk 调trunk链路
port trunk allow-pass vlan 2

interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/3
port link-type access
port default vlan 100

interface GigabitEthernet0/0/1
eth-trunk 0

interface GigabitEthernet0/0/2
eth-trunk 0

ospf 1 router-id 2.2.2.2
silent-interface all
undo silent-interface Vlanif100
undo silent-interface Vlanif2
undo silent-interface Eth-Trunk0
area 0.0.0.0
network 172.16.64.2 0.0.0.0
area 0.0.0.1
area 0.0.0.2
abr-summary 172.16.0.0 255.255.0.0
network 172.16.96.2 0.0.0.0
network 172.16.128.2 0.0.0.0

Sw3上
sysname sw3

vlan batch 2

stp region-configuration
region-name a
instance 1 vlan 1
instance 2 vlan 2
active region-configuration

interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/3
port link-type access
stp edged-port enable

interface Ethernet0/0/4
port link-type access
port default vlan 2
stp edged-port enable

Sw4上
sysname sw4

vlan batch 2

stp region-configuration
region-name a
instance 1 vlan 1
instance 2 vlan 2
active region-configuration

interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2

interface Ethernet0/0/3
port link-type access
stp edged-port enable

interface Ethernet0/0/4
port link-type access
port default vlan 2
stp edged-port enable