提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档
文章目录
前言
这个实验我尝试过很多次,在MSTP配置在整个拓扑图出现环路情况,不能正常获取到地址,开始以为是ensp系统bag,但经过多次排查后发现是MSTP配置问题,现在 实验步骤如下:
实验结果:PC1、PC2数据往LSW1走、PC3、PC4数据往LSW2走,当LW1设备g0/0/4断开,则切换到LW2上,PC1、PC2从LSW2路径走,往DHCP获取地址。当LW2设备g0/0/4链路断开,PC3、PC4能从LSW1链路走,往DHCP获取地址,具体配置如下(局域网dhcp服务器配置及负载分担)
1、eth-trunk配置:
LSW1:
sy
un in en (关闭信息提示)
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
trunkport g 0/0/1 to 0/0/3 加入端口
LSW2:
sy
un in en (关闭信息提示)
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
trunkport g 0/0/1 to 0/0/3
2、vlan二层配置:
LSW1:
vlan batch 10 20 30 40 100
int g0/0/4
port link-type access
port default vlan 100
int g0/0/5
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/6
port link-t trunk
port trunk allow-p vlan 30 40
LSW2:
vlan batch 10 20 30 40 101
int g0/0/4
port link-type access
port default vlan 101
int g0/0/5
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/6
port link-t trunk
port trunk allow-p vlan 30 40
JIERU1:
sy
un in en
vlan batch 10 20 30 40
int g0/0/1
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/2
port link-t trunk
port trunk allow-p vlan 10 20
int g0/0/3
port link-type access
port default vlan 10
int g0/0/4
port link-type access
port default vlan 20
JIERU2:
sy
un in en
vlan batch 10 20 30 40
int g0/0/1
port link-t trunk
port trunk allow-p vlan 30 40
int g0/0/2
port link-t trunk
port trunk allow-p vlan 30 40
int g0/0/3
port link-type access
port default vlan 30
int g0/0/4
port link-type access
port default vlan 40
3、MSTP配置:
LSW1:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
stp instance 1 root primary 主根桥
stp instance 2 root secondary 备用根桥
LSW2:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
stp instance 1 root secondary
stp instance 2 root primary
JIERU1:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
JIERU2:
stp enable
stp region-configuration
region-name 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
4、虚拟地址及vrrp配置:
LSW1:
interface Vlanif10
ip address 10.1.1.254 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1 vrrp虚拟网关
vrrp vrid 1 priority 120 vrrp优先级(越大越优先)
vrrp vrid 1 track interface GigabitEthernet0/0/4 reduced 50 端口监视
interface Vlanif20
ip address 20.1.1.254 255.255.255.0
vrrp vrid 2 virtual-ip 20.1.1.1
vrrp vrid 2 priority 120
vrrp vrid 2 track interface GigabitEthernet0/0/4 reduced 50
interface Vlanif30
ip address 30.1.1.254 255.255.255.0
vrrp vrid 3 virtual-ip 30.1.1.1
ip address 40.1.1.254 255.255.255.0
vrrp vrid 4 virtual-ip 40.1.1.1
int vlanif 100
ip address 100.1.1.1 24
LSW2:
interface Vlanif10
ip address 10.1.1.253 255.255.255.0
vrrp vrid 1 virtual-ip 10.1.1.1
interface Vlanif20
ip address 20.1.1.253 255.255.255.0
vrrp vrid 2 virtual-ip 20.1.1.1
interface Vlanif30
ip address 30.1.1.253 255.255.255.0
vrrp vrid 3 virtual-ip 30.1.1.1
vrrp vrid 3 priority 120
vrrp vrid 3 track interface GigabitEthernet0/0/4 reduced 50
interface Vlanif40
ip address 40.1.1.253 255.255.255.0
vrrp vrid 4 virtual-ip 40.1.1.1
vrrp vrid 4 priority 120
vrrp vrid 4 track interface GigabitEthernet0/0/4 reduced 50
interface vlanif 101
ip address 101.1.1.1 24
5、配置dhcp服务器、dhcp中继、dhcp snooping、静态路由策略:
DHCP服务器:
sy
un in en
sys DHCP
dhcp enable 开启服务
ip pool 10
gateway-list 10.1.1.1
network 10.1.1.0 mask 255.255.255.0
excluded-ip-address 10.1.1.253 10.1.1.254
dns-list 8.8.8.8
#
ip pool 20
gateway-list 20.1.1.1
network 20.1.1.0 mask 255.255.255.0
excluded-ip-address 20.1.1.253 20.1.1.254
dns-list 8.8.8.8
#
ip pool 30
gateway-list 30.1.1.1
network 30.1.1.0 mask 255.255.255.0
excluded-ip-address 30.1.1.253 30.1.1.254
dns-list 8.8.8.8
#
ip pool 40
gateway-list 40.1.1.1
network 40.1.1.0 mask 255.255.255.0
excluded-ip-address 40.1.1.253 40.1.1.254
dns-list 8.8.8.8
interface GigabitEthernet0/0/0
ip address 100.1.1.2 255.255.255.0
dhcp select global
#
interface GigabitEthernet0/0/1
ip address 101.1.1.2 255.255.255.0
dhcp select global
interface LoopBack0
ip address 5.5.5.5 255.255.255.0
#
ip route-static 10.1.1.0 255.255.255.0 100.1.1.1
ip route-static 10.1.1.0 255.255.255.0 101.1.1.1 preference 70
ip route-static 20.1.1.0 255.255.255.0 100.1.1.1
ip route-static 20.1.1.0 255.255.255.0 101.1.1.1 preference 70
ip route-static 30.1.1.0 255.255.255.0 100.1.1.1 preference 70
ip route-static 30.1.1.0 255.255.255.0 101.1.1.1
ip route-static 40.1.1.0 255.255.255.0 100.1.1.1 preference 70
ip route-static 40.1.1.0 255.255.255.0 101.1.1.1
LSW1中继:
dhcp en
int v 10
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 20
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 30
dhcp select relay
dhcp relay server-ip 100.1.1.2
int v 40
dhcp select relay
dhcp relay server-ip 100.1.1.2
ip route-static 0.0.0.0 0 100.1.1.2
LSW2中继:
dhcp en
int v 10
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 20
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 30
dhcp select relay
dhcp relay server-ip 101.1.1.2
int v 40
dhcp select relay
dhcp relay server-ip 101.1.1.2
ip route-static 0.0.0.0 0 101.1.1.2
JIERU1 DHCP snooping配置:
dhcp en
dhcp snooping en
vlan 10
dhcp snooping enable
vlan 20
dhcp snooping enable
int g/0/1
dhcp snooping enable
dhcp snooping trusted
int g0/0/2
dhcp snooping enable
dhcp snooping trusted
JIERU2 DHCP snooping配置:
dhcp en
dhcp snooping en
vlan 30
dhcp snooping enable
vlan 40
dhcp snooping enable
int g/0/1
dhcp snooping enable
dhcp snooping trusted
int g0/0/2
dhcp snooping enable
dhcp snooping trusted
配置完成:查看相关数据:
1、vrrp负载分担情况:
当断开LSW1g0/0/4端口时:
能完成自主切换主备。
当断开LSW2g0/0/4端口时:
也能进行主备切换。
2、查看PC获取地址情况:
均能获取地址,切访问到DHCP 回环网口5.5.5.5 实验完成
总结
这个实验结合了华为多种策略协议,适合做公司、部门内部网络规划,其中在在这个基础上可以添加ACL访问控制禁止部门互访,AC部署无线网络,也可以部署FTP、DNS、www服务器。在这个基础上可以增加多种网络元素,但也有不足之处,即没有做好核心部分下行的网络冗余及聚合链路的多样配置,当核心的下行接口故障,PC端则无法获取到地址,这个我目前还在寻找解决的方法,如有大神知晓,请留言相告,不胜感激。
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
