HCIP第一天实验

t偷亲星星

已于 2024-01-28 10:03:07 修改

阅读量764

点赞数 20

文章标签：网络智能路由器

于 2024-01-23 14:08:56 首次发布

本文链接：https://blog.csdn.net/m0_74053853/article/details/135769129

版权

本文详细描述了一个网络环境中的IP地址分配、路由设置（包括默认路由、DHCP、负载均衡、静态路由和防止环路），以及边界路由器上的NAT服务和端口映射，旨在实现网络内部与外部的顺畅通信和安全隔离。

摘要由CSDN通过智能技术生成

思路：

1、划分网段，简化1个骨干网段+6个用户网段

2、r6配置IP，所以r1--r5上配置指向r6的缺省路由；

3、r3启动DHCP服务，自动获取IP

4、选路最佳需配置负载均衡；路由表尽量小则需进行汇总；避免环路需进行空接口配置

5、R1-R5为内网，R6为公网，需在边界路由器R5上配置nat服务

6、 R1上开启telnet服务，R5配置nat映射到R1的任意接口即可

7、R4与R5之间配置浮动静态路由，修改优先级

192.168.1.0 24 划分给6个，借3位

192.168.1.001 00000

192.168.1.0 27---骨干----30（2个ip）/29

划分：多借3位，共借6位

192.168.1.0 30

192.168.1.4 30

192.168.1.8 30

192.168.1.12 30

192.168.1.16 30

192.168.1.20 30

192.168.1.32（2的5次方） 27

划分：借一位，划分出2个

1.32 28 1.48 28

192.168.1.64 27

1.64 28 1.80 28

192.168.1.128 27

1.128 28

192.168.1.160 27

预留IP:

192.168.1.192 27

192.168.1.224 27

r1
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.1 30
[r1-GigabitEthernet0/0/0]q
[r1]int g 0/0/1
[r1-GigabitEthernet0/0/1]ip add 192.168.1.5 30
[r1-GigabitEthernet0/0/1]q
[r1]int l 0
[r1-LoopBack0]ip add 192.168.1.33 28
[r1-LoopBack0]int l 0
[r1-LoopBack0]ip add 192.168.1.49 28
[r1-LoopBack0]q

r2

[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip add 192.168.1.2 30
[r2-GigabitEthernet0/0/0]q
[r2]int g 0/0/1
[r2-GigabitEthernet0/0/1]ip add 192.168.1.9 30
[r2-GigabitEthernet0/0/1]q
[r2]int l 0
[r2-LoopBack0]ip add 192.168.1.65 28
[r2-LoopBack0]q
[r2]int l 1
[r2-LoopBack1]ip add 192.168.1.81 28
[r2-LoopBack1]q

r3

[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip add 192.168.1.9 30
[r3-GigabitEthernet0/0/0]q
[r3]int g 0/0/1
[r3-GigabitEthernet0/0/1]ip add 192.168.1.13 30
[r3-GigabitEthernet0/0/1]q

r4

[r4]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip add 192.168.1.10 30
[r4-GigabitEthernet0/0/0]q
[r4]int g 0/0/1
[r4-GigabitEthernet0/0/1]ip add 192.168.1.14 30
[r4-GigabitEthernet0/0/1]q
[r4]int g 0/0/2
[r4-GigabitEthernet0/0/2]ip add 192.168.1.17 30
[r4-GigabitEthernet0/0/2]q
[r4]int g 4/0/0
[r4-GigabitEthernet4/0/0]ip add 192.168.1.21 30
[r4-GigabitEthernet4/0/0]q
[r4]int l 0
[r4-LoopBack0]ip add 192.168.1.129 28
[r4-LoopBack0]q
[r4]int l 1
[r4-LoopBack1]ip add 192.168.1.145 28

r5

[r5]int g 0/0/0
[r5-GigabitEthernet0/0/0]ip add 192.168.1.18 30
[r5-GigabitEthernet0/0/0]q
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]ip add 12.0.0.1 24
[r5-GigabitEthernet0/0/1]q
[r5]int g 0/0/2
[r5-GigabitEthernet0/0/2]ip add 192.168.1.22 30
[r5-GigabitEthernet0/0/2]q
[r5]int l 0
[r5-LoopBack0]ip add 192.168.1.161 28
r6
[r6]int g 0/0/0
[r6-GigabitEthernet0/0/0]ip add 12.0.0.2 24
[r6-GigabitEthernet0/0/0]q
[r6]int l 0
[r6-LoopBack0]ip add 192.168.1.177 28

[r3]dhcp enable
[r3]ip pool aaa
[r3-ip-pool-aaa]network 192.168.1.192 mask 27
[r3-ip-pool-aaa]gateway-list 192.168.1.193

[r3-ip-pool-aaa]dns-list 8.8.8.8
[r3-ip-pool-aaa]q
[r3]int g 0/0/2
[r3-GigabitEthernet0/0/2]dhcp select global
[r3-GigabitEthernet0/0/2]q

r1

[r1]aaa
[r1-aaa]local-user aaa privilege level 15 password cipher 12345
[r1-aaa]
[r1-aaa]local-user aaa service-type telnet
[r1-aaa]q
[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]q

r1

[r1]ip route-static 0.0.0.0 0 192.168.1.2
[r1]ip route-static 0.0.0.0 0 192.168.1.6
[r1]ip route-static 192.168.1.64 27 g 0/0/0
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]arp-proxy enable
[r1-GigabitEthernet0/0/0]q

[r1]display bridge mac-address
[r1]arp static 192.168.1.2 00e0-fc07-3f30
[r1]ip route-static 192.168.1.96 27 g 0/0/1 192.168.1.6
[r1]ip route-static 192.168.1.8 30 g 0/0/0 192.168.1.2
[r1]ip route-static 192.168.1.12 30 g 0/0/1 192.168.1.6

r2

[r2]ip route-static 0.0.0.0 0 g 0/0/1 192.168.1.10
[r2]ip route-static 192.168.1.32 27 g 0/0/0 192.168.1.1
[r2]ip route-static 192.168.1.4 30 g 0/0/0 192.168.1.1
[r2]ip route-static 192.168.1.96 27 g 0/0/0 192.168.1.1
[r2]ip route-static 192.168.1.96 27 g 0/0/1 192.168.1.10
r3

[r3]ip route-static 192.168.1.32 27 g 0/0/1 192.168.1.5
[r3]ip route-static 192.168.1.0 30 g 0/0/1 192.168.1.5
[r3]ip route-static 192.168.1.64 27 g 0/0/1 192.168.1.5
[r3]ip route-static 192.168.1.64 27 g 0/0/0 192.168.1.14

r4、r5间浮动静态路由

[r4]ip route-static 0.0.0.0 0 192.168.1.18
[r4]ip route-static 0.0.0.0 0 192.168.1.22 preference 70
[r4]ip route-static 192.168.1.64 27 g 0/0/0 192.168.1.9
[r4]ip route-static 192.168.1.0 30 g 0/0/0 192.168.1.9
[r4]ip route-static 192.168.1.32 27 g 0/0/0 192.168.1.9
[r4]ip route-static 192.168.1.32 27 g 0/0/1 192.168.1.13
[r4]ip route-static 192.168.1.96 27 g 0/0/1 192.168.1.13
[r4]ip route-static 192.168.1.4 30 g 0/0/1 192.168.1.13

[r5]ip route-static 192.168.1.0 24 g 0/0/0 192.168.1.17
[r5]ip route-static 192.168.1.0 24 g 0/0/2 192.168.1.21 preference 70

防环：

r1
[r1]ip route-static 192.168.1.32 27 NULL 0
r2
[r2]ip route-static 192.168.1.64 27 NULL 0
r3
[r3]ip route-static 192.168.1.96 27 NULL 0
r4
[r4]ip route-static 192.168.1.128 27 NULL 0
r5
[r5]ip route-static 192.168.1.160 27 NULL 0
[r5]ip route-static 192.168.1.24 29 NULL 0
[r5]ip route-static 192.168.1.224 27 NULL 0

[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r5-acl-basic-2000]q
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]nat outbound 2000
[r5-GigabitEthernet0/0/1]q
端口映射

[r5]int g 0/0/1

[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 12345 inside 192.168.1.1 23

t偷亲星星

关注

20
点赞
踩
20

收藏

觉得还不错? 一键收藏
1
评论
HCIP第一天实验

4、选路最佳需配置负载均衡；路由表尽量小则需进行汇总；避免环路需进行空接口配置。6、 R1上开启telnet服务，R5配置nat映射到R1的任意接口即可。5、R1-R5为内网，R6为公网，需在边界路由器R5上配置nat服务。2、r6配置IP，所以r1--r5上配置指向r6的缺省路由；7、R4与R5之间配置浮动静态路由，修改优先级。1、划分网段，简化1个骨干网段+6个用户网段。3、r3启动DHCP服务，自动获取IP。r4、r5间浮动静态路由。
复制链接

扫一扫