今天的动静态综合实验依旧使用工具为ensp来完成比较之前的大静态综合实验要相对简单一些,但也没简单多少怎么说都是静态路由的配置量是真的大,话不多说下面来看一下实验要求:
一、实验要求分析
根据上图和要求来看,我们不难看出这是一个典型的私网和公网之间的路由配置问题,R6为ISP设备他连接公网,我们不能对他进行除了配置IP地址以外的任何配置,R1-R5也就是私网部分要在192.168.1.0/24这个网段进行合理的划分,然后要给个别路由器配置换回来模拟用户,使用DHCP服务进行IP地址的分配工作,然后就是配置静态路由实现全网可达,最优选路,防环,链路选择,然后就是telnet的登陆。
二、具体操作
1.IP地址的划分
192.168.1.0/27 | 用于主干拆分 |
192.168.1.32/27 | 用于用户拆分 |
192.168.1.64/27 | 用于用户拆分 |
192.168.1.96/27 | 用于用户拆分 |
192.168.1.128/27 | 用于用户拆分 |
192.168.1.160/27 | 用于用户拆分 |
192.168.1.192/27 | 预留用户 |
192.168.1.224/27 | 预留用户 |
这里的只有R1,R2,R4需要两个环回所以只需要对以下三个网段在进行子网划分,将其分解成两个个网段如下所示:
192.168.1.64/27
(192.168.1.64/28
192.168.1.80/28)
192.168.1.96/27
(192.168.1.96/28
192.168.1.112/28)
192.168.1.128/27
(192.168.1.128/28
192.168.1.144/28)
192.168.1.0/30 | 用于主干 |
192.168.1.4/30 | 用于主干 |
192.168.1.8/30 | 用于主干 |
192.168.1.12/30 | 用于主干 |
192.168.1.16/30 | 用于主干 |
192.168.1.20/30 | 用于主干 |
192.168.1.24/30 | 预留主干 |
192.168.1.28/30 | 预留主干 |
2.IP地址配置如图
三、路由器配置
这里的配置相对比较简单,有不懂的话可以去看之前的网络基础配置以了解代码段里的内容所代表的含义,话不多说下面就是R1-R6的具体配置信息:
一号路由器:
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user wangcai password cipher %$%$UQnaQHH[u7Q=6@VZgKj6<_'7%$%$
local-user wangcai privilege level 15
local-user wangcai service-type telnet
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.1.5 255.255.255.252
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.65 255.255.255.240
#
interface LoopBack2
ip address 192.168.1.81 255.255.255.240
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.2
ip route-static 0.0.0.0 0.0.0.0 192.168.1.6
ip route-static 192.168.1.8 255.255.255.252 192.168.1.2
ip route-static 192.168.1.12 255.255.255.252 192.168.1.6
ip route-static 192.168.1.16 255.255.255.252 192.168.1.2
ip route-static 192.168.1.16 255.255.255.252 192.168.1.6
ip route-static 192.168.1.20 255.255.255.252 192.168.1.2
ip route-static 192.168.1.20 255.255.255.252 192.168.1.6
ip route-static 192.168.1.32 255.255.255.224 192.168.1.6
ip route-static 192.168.1.64 255.255.255.224 NULL0
ip route-static 192.168.1.96 255.255.255.224 192.168.1.2
ip route-static 192.168.1.128 255.255.255.224 192.168.1.2
ip route-static 192.168.1.128 255.255.255.224 192.168.1.6
ip route-static 192.168.1.160 255.255.255.224 192.168.1.2
ip route-static 192.168.1.160 255.255.255.224 192.168.1.6
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
authentication-mode aaa
user-interface vty 16 20
#
wlan ac
#
return
二号路由器:
[V200R003C00]
#
sysname R2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.1.9 255.255.255.252
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.97 255.255.255.240
#
interface LoopBack2
ip address 192.168.1.113 255.255.255.240
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.10
ip route-static 192.168.1.4 255.255.255.252 192.168.1.1
ip route-static 192.168.1.12 255.255.255.252 192.168.1.10
ip route-static 192.168.1.16 255.255.255.252 192.168.1.10
ip route-static 192.168.1.20 255.255.255.252 192.168.1.10
ip route-static 192.168.1.32 255.255.255.224 192.168.1.1
ip route-static 192.168.1.32 255.255.255.224 192.168.1.10
ip route-static 192.168.1.64 255.255.255.224 192.168.1.1
ip route-static 192.168.1.96 255.255.255.224 NULL0
ip route-static 192.168.1.128 255.255.255.224 192.168.1.10
ip route-static 192.168.1.160 255.255.255.224 192.168.1.10
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
三号路由器:
[V200R003C00]
#
sysname R3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
dhcp enable
#
ip pool shuang
gateway-list 192.168.1.33
network 192.168.1.32 mask 255.255.255.224
dns-list 1.1.1.1
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.1.6 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.1.13 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 192.168.1.33 255.255.255.224
dhcp select global
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.14
ip route-static 192.168.1.0 255.255.255.252 192.168.1.5
ip route-static 192.168.1.8 255.255.255.252 192.168.1.14
ip route-static 192.168.1.16 255.255.255.252 192.168.1.14
ip route-static 192.168.1.20 255.255.255.252 192.168.1.14
ip route-static 192.168.1.32 255.255.255.224 NULL0
ip route-static 192.168.1.64 255.255.255.224 192.168.1.5
ip route-static 192.168.1.96 255.255.255.224 192.168.1.5
ip route-static 192.168.1.96 255.255.255.224 192.168.1.14
ip route-static 192.168.1.128 255.255.255.224 192.168.1.14
ip route-static 192.168.1.160 255.255.255.224 192.168.1.14
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
四号路由器:
[V200R003C00]
#
sysname R4
#
board add 0/4 2FE
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface Ethernet4/0/0
ip address 192.168.1.21 255.255.255.252
#
interface Ethernet4/0/1
#
interface GigabitEthernet0/0/0
ip address 192.168.1.10 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.1.14 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 192.168.1.17 255.255.255.252
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.129 255.255.255.240
#
interface LoopBack2
ip address 192.168.1.145 255.255.255.240
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.22
ip route-static 0.0.0.0 0.0.0.0 192.168.1.18
ip route-static 192.168.1.0 255.255.255.252 192.168.1.9
ip route-static 192.168.1.4 255.255.255.252 192.168.1.13
ip route-static 192.168.1.32 255.255.255.224 192.168.1.13
ip route-static 192.168.1.64 255.255.255.224 192.168.1.13
ip route-static 192.168.1.64 255.255.255.224 192.168.1.9
ip route-static 192.168.1.96 255.255.255.224 192.168.1.9
ip route-static 192.168.1.128 255.255.255.224 NULL0
ip route-static 192.168.1.160 255.255.255.224 192.168.1.18
ip route-static 192.168.1.160 255.255.255.224 192.168.1.22
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
五号路由器:
[V200R003C00]
#
sysname R5
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
acl number 2000
rule 5 permit source 192.168.0.0 0.0.255.255
acl number 2001
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.1.18 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 12.0.0.1 255.255.255.0
nat server protocol tcp global current-interface 8888 inside 192.168.1.1 www
nat server protocol tcp global current-interface www inside 192.168.1.90 www
nat server protocol tcp global current-interface telnet inside 192.168.1.1 telnet
nat outbound 2000
#
interface GigabitEthernet0/0/2
ip address 192.168.1.22 255.255.255.252
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.161 255.255.255.224
#
ip route-static 0.0.0.0 0.0.0.0 12.0.0.2
ip route-static 192.168.1.0 255.255.255.252 192.168.1.17
ip route-static 192.168.1.0 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.4 255.255.255.252 192.168.1.17
ip route-static 192.168.1.4 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.8 255.255.255.252 192.168.1.17
ip route-static 192.168.1.8 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.12 255.255.255.252 192.168.1.17
ip route-static 192.168.1.12 255.255.255.252 192.168.1.21 preference 61
ip route-static 192.168.1.32 255.255.255.224 192.168.1.17
ip route-static 192.168.1.32 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.64 255.255.255.224 192.168.1.17
ip route-static 192.168.1.64 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.96 255.255.255.224 192.168.1.17
ip route-static 192.168.1.96 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.128 255.255.255.224 192.168.1.17
ip route-static 192.168.1.128 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.160 255.255.255.224 NULL0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
六号路由器:
[V200R003C00]
#
sysname R6
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
四、实验结果展示
1.DHCP自动获取IP地址
2. 链路选择
(1) 正常千兆链路连接时,百兆链路未发现数据包
(2) 千兆链路异常断开时,百兆链路发现数据包
3.telnet的登陆