任务要求
使用到VLAN 技术,VTP技术,STP生成树,以太网通道,HSRP技术,还有DHCP技术自动分配地址以及OSPF动态路由;
配置指令如下:
2.VTP:域名为CISCO,密码为cisco
DSW1为server 模式
DSW2,ASWx都为client模式
DSW1
vtp domain CISCO
vtp password cisco
vtp mode server
!
DSW2
vtp domain CISCO
vtp password cisco
vtp mode client
CSW1
vtp domain CISCO
vtp password cisco
vtp mode client
CSW2
vtp domain CISCO
vtp password cisco
vtp mode client
ASW1
vtp domain CISCO
vtp password cisco
vtp mode client
ASW2
vtp domain CISCO
vtp password cisco
vtp mode client
ASW3
vtp domain CISCO
vtp password cisco
vtp mode client
ASW4
vtp domain CISCO
vtp password cisco
vtp mode client
1.VLAN:
VLAN10:PC1,PC3
VLAN20:PC2,PC5
VLAN30:PC4,PC8
VLAN40:PC6,PC7
VLAN50:WEB Server
VLAN60:DHCP Server
VLAN70 DNS Server
建立VLAN
DSW1
vlan 10
vlan 20
vlan 30
vlan 40
vlan 50
vlan 60
vlan 70
在四台三层交换机上开启端口的dot1q功能,将端口划为trunk
DSW1
int range f0/1-f0/4
switchport trunk encapsulation dot1q
switchport mode trunk
DSW2
int range f0/1-f0/4
switchport trunk encapsulation dot1q
switchport mode trunk
也得在四台二层交换机上将于三层交换机连接的接口划为trunk,将于PC机上连接的接口类型划为access。
ASW1
int rang f0/1-f0/2
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 20
switchport mode access
ASW2
int rang f0/1-f0/2
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
ASW3
int rang f0/1-f0/2
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 40
switchport mode access
ASW4
int rang f0/1-f0/2
switchport mode trunk
!
interface FastEthernet0/10
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
将于三台服务器连接的接口划分VLAN和配置IP地址
CSW1
int range f0/1-f0/3
switchport mode access
int f0/1
no switchport
ip address 10.1.5.254
int f0/2
no switchport
ip address 10.1.6.254
int f0/3
no switchport
ip address 7.7.7.254
4.以太通道:
DSW1-DSW2 二层以太通道,使用静态绑定。
DSW1-CSW1 三层以太通道,地址为10.1.1.0/24
DSW2-CSW2 三层以太通道,地址为20.1.1.0/24
CSW1-CSW2 三层以太通道,地址为30.1.1.0/24
配置以太网通道
DSW1
interface Port-channel 1
exit
int rang f0/11-f0/12
channel-group 1 mode on
exit
interface Port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
exit!
interface Port-channel 2
exit
int rang f0/13-f0/14
channel-group 2 mode on
exit
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
DSW2
interface Port-channel 1
exit
int rang f0/11-f0/12
channel-group 1 mode on
exit
interface Port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
exit!
interface Port-channel 2
exit
int rang f0/13-f0/14
channel-group 2 mode on
exit
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
exit!
CSW1
interface Port-channel 1
exit
int rang f0/11-f0/12
channel-group 1 mode on
exit
interface Port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
exit
interface Port-channel 2
exit
int rang f0/13-f0/14
channel-group 2 mode on
exit
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
CSW2
interface Port-channel 1
exit
int rang f0/11-f0/12
channel-group 1 mode on
exit
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
interface Port-channel 2
exit
int rang f0/13-f0/14
channel-group 2 mode on
exit
interface Port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
DSW1
interface Port-channel 2
no switchport
ip add 10.1.1.1 255.255.255.0
CSW1
interface Port-channel 2
no switchport
ip add 10.1.1.2 255.255.255.0
!
interface Port-channel 1
no switchport
ip add 30.1.1.1 255.255.255.0
!
CSW2
interface Port-channel 1
no switchport
ip add 30.1.1.2 255.255.255.0
!
interface Port-channel 2
no switchport
ip add 20.1.1.2 255.255.255.0
3.STP:
DSW1为VLAN10,VLAN30的根桥和网关
DSW2为VLAN20,VLAN40的根桥和网关
STP生成树配置
DSW1:
spanning-tree mode rapid-pvst
spanning-tree vlan 10,30 priority 0
spanning-tree vlan 20,40 priority 4096
DSW2:
spanning-tree mode rapid-pvst
spanning-tree vlan 20,40 priority 0
spanning-tree vlan 10,30 priority 4096
ASW1-4:
Spanning-tree mode rapid-pvst
Spanning-tree vlan 10-40 priority 8192
- HSRP
DSW1的接口地址为10.1.X.2/24,DSW2的接口地址为10.1.X.3/24
部署冗余网关协议,使得DSW1成为Active设备,负责转发数据,
优先级为120
先配置虚接口SVI
5.配置核心交换机虚接口SVI
DSW1:
int vlan 10
ip add 10.1.10.2 255.255.255.0
!
int vlan 20
ip add 10.1.20.2 255.255.255.0
!
int vlan 30
ip add 10.1.30.2 255.255.255.0
!
int vlan 40
ip add 10.1.40.2 255.255.255.0
DSW2:
int vlan 10
ip add 10.1.10.3 255.255.255.0
!
int vlan 20
ip add 10.1.20.3 255.255.255.0
!
int vlan 30
ip add 10.1.30.3 255.255.255.0
!
int vlan 40
ip add 10.1.40.3 255.255.255.0
6.配置核心交换机HSRP高可用
DSW1:
ip routing
int vlan 10
standby 1 ip 10.1.10.254
standby 1 priority 120
standby 1 preempt
standby 1 track fa 0/1
!
int vlan 20
standby 1 ip 10.1.20.254
standby 1 preempt
standby 1 track fa 0/2
!
int vlan 30
standby 1 ip 10.1.30.254
standby 1 priority 120
standby 1 preempt
standby 1 track fa 0/3
!
int vlan 40
standby 1 ip 10.1.40.254
standby 1 preempt
standby 1 track fa 0/4
DSW2:
ip routing
int vlan 10
standby 1 ip 10.1.10.254
standby 1 preempt
standby 1 track fa 0/1
!
int vlan 20
standby 1 ip 10.1.20.254
standby 1 priority 120
standby 1 preempt
standby 1 track fa 0/2
!
int vlan 30
standby 1 ip 10.1.30.254
standby 1 preempt
standby 1 track fa 0/3
!
int vlan 40
standby 1 ip 10.1.40.254
standby 1 priority 120
standby 1 preempt
standby 1 track fa 0/4
6.DHCP:
DHCP服务器分配地址:
VLAN10:10.1.10.0/24
VLAN20:10.1.20.0/24
VLAN30:10.1.30.0/24
VLAN40:10.1.40.0/24
网关地址都为X.X.X.254
DSW1
interface Vlan10
ip helper-address 10.1.6.10
!
interface Vlan20
ip helper-address 10.1.6.10
!
interface Vlan30
ip helper-address 10.1.6.10
!
interface Vlan40
ip helper-address 10.1.6.10
DSW2
interface Vlan10
ip helper-address 10.1.6.10
!
interface Vlan20
ip helper-address 10.1.6.10
!
interface Vlan30
ip helper-address 10.1.6.10
!
interface Vlan40
ip helper-address 10.1.6.10
8.配置服务器
8.1)配置DHCP服务器
DHCP服务器主要作用在于给接入网络的终端自动分配IP地址。
新建DHCP服务器,选“Service”,将除DHCP、NTP以外的其他功能关闭;
设置DHCP配置,将需要DHCP的网段都加入到里面。
打开其中一台PC,如GZ-IT1,IP配置选择DHCP,然后在cmd窗口输入ipconfig查看是否已经能够自动获取IP地址。
7.OSPF
DSW1,DSW2,CSW1,CSW2使用OSPF协议
实现所有终端都可以通过域名访问www.abc.com
DSW1
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.1.1.1 0.0.0.0 area 0
network 10.1.10.2 0.0.0.0 area 0
network 10.1.20.2 0.0.0.0 area 0
network 10.1.30.2 0.0.0.0 area 0
network 10.1.40.2 0.0.0.0 area 0
DSW2
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 20.1.1.1 0.0.0.0 area 0
network 10.1.10.3 0.0.0.0 area 0
network 10.1.20.3 0.0.0.0 area 0
network 10.1.30.3 0.0.0.0 area 0
network 10.1.40.3 0.0.0.0 area 0
CSW1
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 10.1.1.2 0.0.0.0 area 0
network 30.1.1.1 0.0.0.0 area 0
network 10.1.5.0 0.0.0.255 area 0
network 10.1.6.0 0.0.0.255 area 0
network 7.7.7.0 0.0.0.255 area 0
CSW2
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
network 30.1.1.2 0.0.0.0 area 0
network 20.1.1.2 0.0.0.0 area 0
DNS服务器的配置
测试PC使用DHCP自动获取地址
测试PC访问www.acb.com
测试各vlan 的PC访问服务
可以实验完成