【ensp】综合练习详细配置步骤

最新推荐文章于 2024-05-31 23:59:39 发布

Lee7538

最新推荐文章于 2024-05-31 23:59:39 发布

阅读量7k

点赞数 18

分类专栏：成长日记文章标签：华为网络协议

本文链接：https://blog.csdn.net/qq_44109510/article/details/124999625

版权

成长日记专栏收录该内容

2 篇文章 1 订阅

订阅专栏

综合练习.paper

@author：Lee.poch

@time: 2022/5/26

@software:Typora

配置要求

任务1：设备命名

修改设备名称与显示名称一致，注意大小写
任务2：链路聚合

为了保证链路的稳定性，在S1和S2之间配置链路聚合，请通过LACP模式实现二层链路聚合，聚合接口ID为5。
任务3：配置VLAN

按图示进行VLAN配置，并实现VLAN间通信。
任务4：VRRP配置

1.在S1和S2上创建两个虚拟组分配是11和12，11组上的虚拟组IP：10.11.11.254，12组上的虚拟组IP：10.12.12.254.

2.11组选择S1上为master，12组选择S2上的VLAN 12为master，优先级都设置为200，备用网关优先级默认。
任务5：RSTP配置

1.vlan 11和vlan12的流量进行负载分担。

2.S1为实例11跟桥，为实例12备用根桥（根桥优先级为4096和备份根桥优先级8192）。

3.S2为实例12根桥，为实例11备用根桥（根桥优先级为4096和备份根桥优先级8192）。

3.S3和S4连接用户的接口不要参与STP计算。

4.配置域名为scitc，并配置域内VLAN和实例的映射关系（VLAN11映射实例11，VLAN12 映射实例12）。
任务6：IP地址配置

1.按图示给各接口配置IP地址；

2.使用全局方式在DHCP设备上配置DHCP服务器，地址池分别为v11和v12，DNS：119.6.6.6，地址租约时间为90分钟。

3.设置DHCP中继转发。
任务7：通信配置
1. 内网使用RIPv2路由协议通信。
  
  2.出外网使用默认路由。
  
  3.将默认路由重分布进RIP
任务8：出口设计

1.将WWW服务器设置静态NAT，全局地址为200.1.1.3

2.PAT配置：全局地址编号为1，全局地址池为：200.1.1.4 -200.1.1.6，内网地址使用ACL2000指定范围，使用两个条件，让VLAN11和VLAN12内的主机上公网。
任务9：远程登录配置

开启FW远程登录，用户认证方为AAA，用户名为jw，密码为jw@2020,加密方式为cipher，服务类型为Telnet，配置服务器的用户权限等级为3级，设置同时在线人数为5人，认证方式为aaa。

拓扑图

配置详细过程

任务一：设备命名

S1:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname S1

S2:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname S2

S3:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname S3

S4:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname S4

DHCP:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname DHCP

FW:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname FW

ISP:

<Huawei>system-view
[Huawei]un in en
[Huawei]sysname ISP

任务二：链路聚合

S1：

[S1]interface Eth-Trunk 5
[S1-Eth-Trunk5]mode lacp-static
[S1-Eth-Trunk5]trunkport GigabitEthernet 0/0/2 to 0/0/3
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1-Eth-Trunk5]port link-type trunk
[S1-Eth-Trunk5]port trunk allow-pass vlan 11 to 14
[S1-Eth-Trunk5]q

S2：

[S2]interface Eth-Trunk 5
[S2-Eth-Trunk5]mode lacp-static
[S2-Eth-Trunk5]trunkport GigabitEthernet 0/0/2 to 0/0/3
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2-Eth-Trunk5]port link-type trunk
[S2-Eth-Trunk5]port trunk allow-pass vlan 11 to 14
[S2-Eth-Trunk5]q
[S2]display eth-trunk 5
Eth-Trunk5's state information is:
Local:
LAG ID: 5                   WorkingMode: STATIC                               
Preempt Delay: Disabled     Hash arithmetic: According to SIP-XOR-DIP         
System Priority: 32768      System ID: 4c1f-cc5f-3fab                         
Least Active-linknumber: 1  Max Active-linknumber: 8                          
Operate status: up          Number Of Up Port In Trunk: 2                     
--------------------------------------------------------------------------------
ActorPortName          Status   PortType PortPri PortNo PortKey PortState Weight
GigabitEthernet0/0/2   Selected 1GE      32768   3      1329    10111100  1     
GigabitEthernet0/0/3   Selected 1GE      32768   4      1329    10111100  1     

Partner:
--------------------------------------------------------------------------------
ActorPortName          SysPri   SystemID        PortPri PortNo PortKey PortState
GigabitEthernet0/0/2   32768    4c1f-cc8f-6c0c  32768   3      1329    10111100
GigabitEthernet0/0/3   32768    4c1f-cc8f-6c0c  32768   4      1329    10111100

任务三：配置VLAN

S1:

[S1]vlan batch 11 to 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1]int Vlanif 11
[S1-Vlanif11]ip address 10.11.11.1 24
[S1-Vlanif11]q
[S1]int Vlanif 12
[S1-Vlanif12]ip address 10.12.12.1 24
[S1-Vlanif12]q
[S1]int Vlanif 13
[S1-Vlanif13]ip address 10.13.13.1 24 
[S1-Vlanif13]q
[S1]int g 0/0/1
[S1-GigabitEthernet0/0/1]port link-type access
[S1-GigabitEthernet0/0/1]port default vlan 13
[S1-GigabitEthernet0/0/1]q
[S1]port-group group-member g 0/0/20 to g 0/0/21
[S1-port-group]port link-type trunk 
[S1-GigabitEthernet0/0/20]port link-type trunk 
[S1-GigabitEthernet0/0/21]port link-type trunk 
[S1-port-group]port trunk allow-pass vlan 11 to 14
[S1-GigabitEthernet0/0/20]port trunk allow-pass vlan 11 to 14
[S1-GigabitEthernet0/0/21]port trunk allow-pass vlan 11 to 14
[S1-port-group]q

S2:

[S2]vlan batch 11 to 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2]int Vlanif 11 
[S2-Vlanif11]ip address 10.11.11.2 24
[S2-Vlanif11]q
[S2]int Vlanif 12
[S2-Vlanif12]ip address 10.12.12.2 24
[S2-Vlanif12]q
[S2]int Vlanif 14 
[S2-Vlanif14]ip address 10.14.14.1 24
[S2-Vlanif14]q
[S2]int g 0/0/1
[S2-GigabitEthernet0/0/1]port link-type access 
[S2-GigabitEthernet0/0/1]port default vlan 14
[S2-GigabitEthernet0/0/1]q
[S2]port-group group-member g 0/0/20 to g 0/0/21
[S2-port-group]port link-type trunk
[S2-GigabitEthernet0/0/20]port link-type trunk
[S2-GigabitEthernet0/0/21]port link-type trunk
[S2-port-group]port trunk allow-pass vlan 11 to 14
[S2-GigabitEthernet0/0/20]port trunk allow-pass vlan 11 to 14
[S2-GigabitEthernet0/0/21]port trunk allow-pass vlan 11 to 14
[S2-port-group]q

S3:

[S3]vlan batch 11 to 14
Info: This operation may take a few seconds. Please wait for a moment...done.
[S3]port-group group-member e 0/0/20 to e 0/0/21
[S3-port-group]port link-type trunk 
[S3-Ethernet0/0/20]port link-type trunk 
[S3-Ethernet0/0/21]port link-type trunk 
[S3-port-group]port trunk allow-pass vlan 11 to 14
[S3-Ethernet0/0/20]port trunk allow-pass vlan 11 to 14
[S3-Ethernet0/0/21]port trunk allow-pass vlan 11 to 14
[S3-port-group]q
[S3]int e 0/0/1
[S3-Ethernet0/0/1]port link-type access
[S3-Ethernet0/0/1]port default vlan 11
[S3-Ethernet0/0/1]q
[S3]int e 0/0/11
[S3-Ethernet0/0/11]port link-type access
[S3-Ethernet0/0/11]port default vlan 12 
[S3-Ethernet0/0/11]q

S4:

[S4]vlan batch 11  to 14 
Info: This operation may take a few seconds. Please wait for a moment...done.
[S4]port-group group-member e 0/0/20 to e 0/0/21
[S4-port-group]port link-type trunk 
[S4-Ethernet0/0/20]port link-type trunk 
[S4-Ethernet0/0/21]port link-type trunk 
[S4-port-group]port trunk allow-pass vlan 11 to 14
[S4-Ethernet0/0/20]port trunk allow-pass vlan 11 to 14
[S4-Ethernet0/0/21]port trunk allow-pass vlan 11 to 14
[S4-port-group]q
[S4]int e 0/0/1
[S4-Ethernet0/0/1]port link-type access
[S4-Ethernet0/0/1]port default vlan 11
[S4-Ethernet0/0/1]q
[S4]int e 0/0/11
[S4-Ethernet0/0/11]port link-type access
[S4-Ethernet0/0/11]port default vlan 12 
[S4-Ethernet0/0/11]q

任务四：VRRP配置

S1：

[S1]int Vlanif 11
[S1-Vlanif11]vrrp vrid 11 virtual-ip 10.11.11.254
[S1-Vlanif11]vrrp vrid 11 priority 200
[S1-Vlanif11]q
[S1]int Vlanif 12 
[S1-Vlanif12]vrrp vrid 12 virtual-ip 10.12.12.254
[S1-Vlanif12]q

S2：

[S2]int Vlanif 11
[S2-Vlanif11]vrrp vrid 11 virtual-ip 10.11.11.254
[S2-Vlanif11]q
[S2]int Vlanif 12 
[S2-Vlanif12]vrrp vrid 12 virtual-ip 10.12.12.254
[S2-Vlanif12]vrrp vrid 12 priority 200
[S2-Vlanif12]q

任务五：MSTP配置

S1:

[S1]stp region-configuration
[S1-mst-region]region-name scitc
[S1-mst-region]instance 11 vlan 11
[S1-mst-region]instance 12 vlan 12
[S1-mst-region]active region-configuration 
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1-mst-region]q
[S1]stp instance 11 priority 4096
[S1]stp instance 12 priority 8192

S2:

[S2]stp region-configuration
[S2-mst-region]region-name scitc
[S2-mst-region]instance 11 vlan 11
[S2-mst-region]instance 12 vlan 12
[S2-mst-region]active region-configuration 
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2-mst-region]q
[S2]stp instance 11 priority 8192
[S2]stp instance 12 priority 4096

S3:

[S3]stp region-configuration 
[S3-mst-region]region-name scitc
[S3-mst-region]instance 11 vlan 11
[S3-mst-region]instance 12 vlan 12
[S3-mst-region]active region-configuration 
[S3-mst-region]q

S4:

[S4]stp region-configuration 
[S4-mst-region]region-name scitc
[S4-mst-region]instance 11 vlan 11
[S4-mst-region]instance 12 vlan 12 
[S4-mst-region]active region-configuration 
[S4-mst-region]q

任务六：IP地址配置

DHCP:

[DHCP]int g 0/0/0
[DHCP-GigabitEthernet0/0/0]ip address 10.20.20.20 24
[DHCP-GigabitEthernet0/0/0]q
[DHCP]dhcp enable 
[DHCP]ip pool v11
[DHCP-ip-pool-v11]network 10.11.11.0 mask 24
[DHCP-ip-pool-v11]gateway-list 10.11.11.254
[DHCP-ip-pool-v11]dns-list 119.6.6.6
Info:Part of the domain-name-server IP has already exist.
[DHCP-ip-pool-v11]lease day 0 hour 1 minute 30
[DHCP-ip-pool-v11]q
[DHCP]ip pool v12
[DHCP-ip-pool-v12]network 10.12.12.0 mask 24
[DHCP-ip-pool-v12]gateway-list 10.12.12.254
[DHCP-ip-pool-v12]dns-list 119.6.6.6
Info:Part of the domain-name-server IP has already exist.
[DHCP-ip-pool-v12]lease day 0 hour 1 minute 30
[DHCP-ip-pool-v12]q
[DHCP]int g 0/0/0
[DHCP-GigabitEthernet0/0/0]dhcp select global 
[DHCP-GigabitEthernet0/0/0]q

Core:

[Core]int g 0/0/0
[Core-GigabitEthernet0/0/0]ip address 10.13.13.2 24
[Core-GigabitEthernet0/0/0]int g 0/0/1 
[Core-GigabitEthernet0/0/1]ip address 10.14.14.2 24
[Core-GigabitEthernet0/0/1]int g 0/0/2
[Core-GigabitEthernet0/0/2]ip address 10.1.1.1 24
[Core-GigabitEthernet0/0/2]int g 4/0/0
[Core-GigabitEthernet4/0/0]ip address 10.20.20.1 24
[Core-GigabitEthernet4/0/0]q

FW:

[FW]int g 0/0/0
[FW-GigabitEthernet0/0/0]ip address 10.1.1.2 24
[FW-GigabitEthernet0/0/0]int g 0/0/1 
[FW-GigabitEthernet0/0/1]ip address 10.10.10.1 24
[FW-GigabitEthernet0/0/1]int g 0/0/2
[FW-GigabitEthernet0/0/2]ip address 200.1.1.1 29
[FW-GigabitEthernet0/0/2]q

ISP:

[ISP]int g 0/0/0
[ISP-GigabitEthernet0/0/0]ip address 200.1.1.2 29
[ISP-GigabitEthernet0/0/0]int g 0/0/1 
[ISP-GigabitEthernet0/0/1]ip address 201.1.1.1 30
[ISP-GigabitEthernet0/0/1]q

S1:

[S1]dhcp enable 
[S1]int Vlanif 11
[S1-Vlanif11]dhcp select relay 
[S1-Vlanif11]dhcp relay server-ip 10.20.20.20
[S1-Vlanif11]int vlan 12
[S1-Vlanif12]dhcp select relay 
[S1-Vlanif12]dhcp relay server-ip 10.20.20.20
[S1-Vlanif12]q

S2:

[S2]dhcp enable 
[S2]int Vlanif 11
[S2-Vlanif11]dhcp select relay 
[S2-Vlanif11]dhcp relay server-ip 10.20.20.20
[S2-Vlanif11]int vlan 12
[S2-Vlanif12]dhcp select relay 
[S2-Vlanif12]dhcp relay server-ip 10.20.20.20
[S2-Vlanif12]q

任务七：通信配置

Core

[Core]rip 1
[Core-rip-1]version 2
[Core-rip-1]un summary 
[Core-rip-1]network 10.0.0.0
[Core-rip-1]q

S1

[S1]rip 1
[S1-rip-1]version 2
[S1-rip-1]un summary 
[S1-rip-1]network 10.0.0.0
[S1-rip-1]q

S2

[S2]rip 1
[S2-rip-1]version 2
[S2-rip-1]un summary
[S2-rip-1]network 10.0.0.0
[S2-rip-1]q

FW

[FW]ip route-static 0.0.0.0 0 200.1.1.2
[FW]rip	1
[FW-rip-1]version 2
[FW-rip-1]un summary
[FW-rip-1]network 10.0.0.0
[FW-rip-1]default-route originate
[FW-rip-1]q

DHCP

[DHCP]rip 1
[DHCP]version 2
[DHCP]un summary
[DHCP]network 10.0.0.0
[DHCP]q

任务八: 出口设计

FW

[FW]int GigabitEthernet 0/0/2
[FW-GigabitEthernet0/0/2]nat static global 200.1.1.3 inside 10.10.10.10
[FW-GigabitEthernet0/0/2]q
[FW]nat address-group 1 200.1.1.4 200.1.1.6
[FW]acl 2000
[FW-acl-basic-2000]rule  permit source 10.11.11.0 0.0.0.255
[FW-acl-basic-2000]rule  permit source 10.12.12.0 0.0.0.255
[FW-acl-basic-2000]q
[FW]int GigabitEthernet 0/0/2
[FW-GigabitEthernet0/0/2]nat outbound 2000 address-group 1
[FW-GigabitEthernet0/0/2]q

任务九：远程登陆配置

FW

[FW]user-interface vty 0 4 
[FW-ui-vty0-4]authentication-mode aaa
[FW-ui-vty0-4]user privilege level 3 
[FW-ui-vty0-4]q
[FW]aaa  
[FW-aaa]local-user jw password cipher jw@2020
Info: Add a new user.
[FW-aaa]local-user  jw privilege level 3
[FW-aaa]local-user jw service-type telnet
[FW-aaa]q

Lee7538

关注

18
点赞
踩
106

收藏

觉得还不错? 一键收藏
8
评论
【ensp】综合练习详细配置步骤

综合练习.paper@author：Lee.poch@time: 2022/5/26@software:Typora配置要求任务1：设备命名修改设备名称与显示名称一致，注意大小写任务2：链路聚合为了保证链路的稳定性，在S1和S2之间配置链路聚合，请通过LACP模式实现二层链路聚合，聚合接口ID为5。任务3：配置VLAN按图示进行VLAN配置，并实现VLAN间通信。任务4：VRRP配置1.在S1和S2上创建两个虚拟组分配是11和12，11组上的虚拟组..
复制链接

扫一扫