企业项目拓扑3

最新推荐文章于 2024-07-19 17:35:15 发布

m0_57602298

最新推荐文章于 2024-07-19 17:35:15 发布

阅读量56

点赞数

文章标签：网络服务器运维负载均衡数据库

本文链接：https://blog.csdn.net/m0_57602298/article/details/129217200

版权

某知名企业及运营商网络拓扑图如下：

企业项目要如下：

实验要求： 1.如图所示蓝色区域为企业内网，红色区域为供应商网络； 2.运行MSTP协议，使得VLAN流量负载均衡； 3.SW1为vlan 10和20的主网关，SW1为30和40的备份网关； 4.SW2为vlan 30和40的主网关，SW2为10和20的备份网关； 5.DHCP服务器在vlan 66，网关在SW2上面； 6.企业内网运行静态路由协议或者OSPF路由协议； 7.所有PC机自动获取ip地址且可以与Server1互相ping通； 8.Client1仅可以访问Server1的www服务； 9.企业内网设备仅允许被IT部门远程管理。

第一步：配置基础网络；

SW1配置如下： sysname SW1 vlan batch 10 20 30 40 66 100 interface GigabitEthernet 0/0/1 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/2 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/3 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/4 port link-type access port default vlan 100 interface Vlanif 100 ip address 192.168.100.2 24 interface Vlanif 66 ip address 192.168.66.251 24 quit SW2配置如下： sysname SW2 vlan batch 10 20 30 40 66 200 interface GigabitEthernet 0/0/1 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/2 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/3 port link-type trunk port trunk allow-pass vlan all interface GigabitEthernet 0/0/4 port link-type access port default vlan 200 interface Vlanif 200 ip address 192.168.200.2 24 interface GigabitEthernet 0/0/5 port link-type access port default vlan 66 interface Vlanif 66 ip address 192.168.66.252 24 quit SW3配置如下 sysname SW3 vlan batch 10 20 30 40 interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan all interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan all interface Ethernet0/0/3 port link-type access port default vlan 10 interface Ethernet0/0/4 port link-type access port default vlan 20 interface Ethernet0/0/5 port link-type trunk port trunk allow-pass vlan all quit SW4配置如下： sysname SW4 vlan batch 10 20 30 40 interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan all interface Ethernet0/0/2 port link-type trunk port trunk allow-pass vlan all interface Ethernet0/0/3 port link-type access port default vlan 30 interface Ethernet0/0/4 port link-type access port default vlan 40 interface Ethernet0/0/5 port link-type trunk port trunk allow-pass vlan all quit R1配置如下： sysname R1 interface g0/0/0 ip address 192.168.100.1 24 interface g0/0/1 ip address 192.168.200.1 24 interface g0/0/2 ip address 100.1.1.2 24 quit R2配置如下： sysname R2 interface g0/0/0 ip address 100.1.1.1 24 interface g0/0/1 ip address 200.1.1.254 24 quit DHCP sysname DHCP dhcp enable interface g0/0/0 ip address 192.168.66.1 24 quit

第二步：配置接入层网络；
配置STP

SW1 stp region-configuration region-name ntd instance 12 vlan 10 20 instance 34 vlan 30 40 active region-configuration quit stp instance 12 priority 4096 stp instance 34 priority 8192 SW2 stp region-configuration region-name ntd instance 12 vlan 10 20 instance 34 vlan 30 40 active region-configuration quit stp instance 12 priority 8192 stp instance 34 priority 4096 SW3 stp region-configuration region-name ntd instance 12 vlan 10 20 instance 34 vlan 30 40 active region-configuration quit SW4 stp region-configuration region-name ntd instance 12 vlan 10 20 instance 34 vlan 30 40 active region-configuration quit

第三步：配置汇聚层网络；

配置VRRP SW1 interface Vlanif10 ip address 192.168.10.251 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.10.250 vrrp vrid 10 priority 200 interface Vlanif20 ip address 192.168.20.251 255.255.255.0 vrrp vrid 20 virtual-ip 192.168.20.250 vrrp vrid 20 priority 200 interface Vlanif30 ip address 192.168.30.251 255.255.255.0 vrrp vrid 30 virtual-ip 192.168.30.250 interface Vlanif40 ip address 192.168.40.251 255.255.255.0 vrrp vrid 40 virtual-ip 192.168.40.250 SW2 interface Vlanif10 ip address 192.168.10.252 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.10.250 interface Vlanif20 ip address 192.168.20.252 255.255.255.0 vrrp vrid 20 virtual-ip 192.168.20.250 interface Vlanif30 ip address 192.168.30.252 255.255.255.0 vrrp vrid 30 virtual-ip 192.168.30.250 vrrp vrid 30 priority 200 interface Vlanif40 ip address 192.168.40.252 255.255.255.0 vrrp vrid 40 virtual-ip 192.168.40.250 vrrp vrid 40 priority 200 验证查看VRRP配置： SW1 SW2 配置DHCP SW1 dhcp enable interface Vlanif 10 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 20 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 30 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 40 dhcp select relay dhcp relay server-ip 192.168.66.1 SW2 dhcp enable interface Vlanif 10 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 20 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 30 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 40 dhcp select relay dhcp relay server-ip 192.168.66.1 配置DHCP SW1 dhcp enable interface Vlanif 10 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 20 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 30 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 40 dhcp select relay dhcp relay server-ip 192.168.66.1 SW2 dhcp enable interface Vlanif 10 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 20 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 30 dhcp select relay dhcp relay server-ip 192.168.66.1 interface Vlanif 40 dhcp select relay dhcp relay server-ip 192.168.66.1 DHCP interface g0/0/0 dhcp select global ip pool p1 gateway-list 192.168.10.250 network 192.168.10.0 mask 255.255.255.0 excluded-ip-address 192.168.10.251 192.168.10.252 dns-list 8.8.8.8 ip pool p2 gateway-list 192.168.20.250 network 192.168.20.0 mask 255.255.255.0 excluded-ip-address 192.168.20.251 192.168.20.252 dns-list 8.8.8.8 ip pool p3 gateway-list 192.168.30.250 network 192.168.30.0 mask 255.255.255.0 excluded-ip-address 192.168.30.251 192.168.30.252 dns-list 8.8.8.8 ip pool p4 gateway-list 192.168.40.250 network 192.168.40.0 mask 255.255.255.0 excluded-ip-address 192.168.40.251 192.168.40.252 dns-list 8.8.8.8

第四步：配置核心层网络；

配置OSPF R1配置： ospf 1 area 0 network 192.168.100.0 0.0.0.255 network 192.168.200.0 0.0.0.255 default-route-advertise always quit quit ip route-static 0.0.0.0 0.0.0.0 100.1.1.1 SW1配置： ospf 1 area 0 network 192.168.100.0 0.0.0.255 area 10 network 192.168.10.0 0.0.0.255 area 20 network 192.168.20.0 0.0.0.255 area 30 network 192.168.30.0 0.0.0.255 area 40 network 192.168.40.0 0.0.0.255 area 66 network 192.168.66.0 0.0.0.255 stub no-summary quit quit SW2配置： ospf 1 area 0 network 192.168.10.0 0.0.0.255 area 10 network 192.168.10.0 0.0.0.255 area 20 network 192.168.20.0 0.0.0.255 area 30 network 192.168.30.0 0.0.0.255 area 40 network 192.168.40.0 0.0.0.255 area 66 network 192.168.66.0 0.0.0.255 stub no-summary quit quit stp instance 0 root primary DHCP ospf 1 area 66 network 192.168.66.0 0.0.0.255 stub quit quit 配置NAT和ACL R1 acl number 3000
rule 10 permit tcp source 192.168.20.0 0.0.0.255 destination 200.1.1.1 0 destin ation-port eq www rule 15 deny ip source 192.168.20.0 0.0.0.255 destination 200.1.1.1 0 rule 20 permit ip interface GigabitEthernet0/0/2 nat outbound 3000 acl number 2000 rule 10 permit source 192.168.10.0 0.0.0.255 interface GigabitEthernet0/0/2 acl 2000 inbound quit user-interface vty 0 4 acl 2000 inbound authentication-mode password 123 user privilege level 15

第五步：进行验证。

验证PC自动获取ip地址，且可以ping通server1服务器：

验证Client1可以访问Server1的www服务，但不可以ping通服务器

至此项目配置并验证成功。。。。。。

m0_57602298

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
企业项目拓扑3

某知名企业及运营商网络拓扑图如下：企业项目要如下：实验要求：1.如图所示蓝色区域为企业内网，红色区域为供应商网络；2.运行MSTP协议，使得VLAN流量负载均衡；3.SW1为vlan 10和20的主网关，SW1为30和40的备份网关；4.SW2为vlan 30和40的主网关，SW2为10和20的备份网关；5...
复制链接

扫一扫