静态路由、VLAN、NAT综合实验

实验需求

1.按如图所示完成拓扑。

2.全网可达。

3.拓扑中所需网段基于192.168.0.0/24划分。

4.静态路由（不使用其他动态）。

5.R1有3个环回

6.R6公网网段100.1.1.0/24

 实验步骤

一、按要求划分网段

192.168.0.00000000/24

192.168.0.0/26            骨干

              192.168.0.0/29     192.168.0.8/29     192.168.0.16/29   192.168.0.24/29

              192.168.0.32/29   192.168.0.40/29   192.168.0.48/29   192.168.0.56/29

192.168.0.64/26          R1

              192.168.0.64/28   192.168.0.80/28   192.168.0.96/28   192.168.0.112/28

192.168.0.128/26         R4

              192.168.0.128/27  192.168.0.160/27

192.168.0.192/26

二、配置环回以及各路由接口ip

[R1]int lo0
[R1-LoopBack0]ip a 192.168.0.65 28
[R1-LoopBack0]int lo1
[R1-LoopBack1]ip a 192.168.0.81 28
[R1-LoopBack1]int lo2
[R1-LoopBack2]ip a 192.168.0.97 28
[R1-LoopBack2]int g0/0/0
[R1-GigabitEthernet0/0/0]ip a 192.168.0.1 29
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip a 192.168.0.26 29

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip a 192.168.0.2 29
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip a 192.168.0.9 29

[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip a 192.168.0.10 29
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip a 192.168.0.17 29
[R3-GigabitEthernet0/0/1]int g0/0/2
[R3-GigabitEthernet0/0/2]ip a 192.168.0.33 29
[R3-GigabitEthernet0/0/2]int g4/0/0
[R3-GigabitEthernet4/0/0]ip a 192.168.0.41 29

[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip a 192.168.0.18 29
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip a 192.168.0.25 29

[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip a 192.168.0.34 29
[R5-GigabitEthernet0/0/0]int g0/0/1
[R5-GigabitEthernet0/0/1]ip a 192.168.0.42 29
[R5-GigabitEthernet0/0/1]int g0/0/2
[R5-GigabitEthernet0/0/2]ip a 100.1.1.1 24

[ISP]int g0/0/0
[ISP-GigabitEthernet0/0/0]ip a 100.1.1.2 24

三、配置静态路由

[R1]ip route-static 192.168.0.8 29 192.168.0.2 
[R1]ip route-static 192.168.0.32 29 192.168.0.2
[R1]ip route-static 192.168.0.16 29 192.168.0.25
[R1]ip route-static 192.168.0.128 26 192.168.0.25

[R2]ip route-static 192.168.0.64 26 192.168.0.1
[R2]ip route-static 192.168.0.128 26 192.168.0.1
[R2]ip route-static 192.168.0.24 29 192.168.0.1
[R2]ip route-static 192.168.0.32 29 192.168.0.10    
[R2]ip route-static 192.168.0.16 29 192.168.0.10

[R3]ip route-static 192.168.0.0 29 192.168.0.9
[R3]ip route-static 192.168.0.24 29 192.168.0.18
[R3]ip route-static 192.168.0.64 26 192.168.0.18
[R3]ip route-static 192.168.0.128 26 192.168.0.18

[R4]ip route-static 192.168.0.64 26 192.168.0.26
[R4]ip route-static 192.168.0.0 29 192.168.0.26 
[R4]ip route-static 192.168.0.8 29 192.168.0.17
[R4]ip route-static 192.168.0.32 29 192.168.0.17

[R5]ip route-static 192.168.0.0 29 192.168.0.33
[R5]ip route-static 192.168.0.8 29 192.168.0.33 
[R5]ip route-static 192.168.0.16 29 192.168.0.33
[R5]ip route-static 192.168.0.24 29 192.168.0.33
[R5]ip route-static 192.168.0.64 26 192.168.0.33
[R5]ip route-static 192.168.0.128 26 192.168.0.33
[R5]ip route-static 192.168.0.0 29 192.168.0.41 
[R5]ip route-static 192.168.0.8 29 192.168.0.41
[R5]ip route-static 192.168.0.16 29 192.168.0.41
[R5]ip route-static 192.168.0.24 29 192.168.0.41
[R5]ip route-static 192.168.0.64 26 192.168.0.41
[R5]ip route-static 192.168.0.128 26 192.168.0.41

四、配置缺省路由以及空接口

[R1]ip route-static 0.0.0.0 0 192.168.0.2
[R1]ip route-static 0.0.0.0 0 192.168.0.25       
[R1]ip route-static 192.168.0.64 26 NULL 0

[R2]ip route-static 0.0.0.0 0 192.168.0.10

[R3]ip route-static 0.0.0.0 0 192.168.0.34
[R3]ip route-static 0.0.0.0 0 192.168.0.42

[R4]ip route-static 0.0.0.0 0 192.168.0.17
[R4]ip route-static 192.168.0.128 26 NULL 0

五、配置浮动静态

[R1]ip route-static 192.168.0.40 29 192.168.0.25 preference 70

[R2]ip route-static 192.168.0.40 29 192.168.0.10 preference 70

[R4]ip route-static 192.168.0.40 29 192.168.0.17 preference 70

六、配置R4路由所连接的VLAN

[SW1]vlan batch 2 3
[SW1]int e0/0/1
[SW1-Ethernet0/0/1]port link-type trunk
[SW1-Ethernet0/0/1]port trunk allow-pass vlan 2 3
[SW1-Ethernet0/0/1]int e0/0/4
[SW1-Ethernet0/0/4]port link-type trunk
[SW1-Ethernet0/0/4]port trunk allow-pass vlan 2 3
[SW1-Ethernet0/0/4]int e0/0/2
[SW1-Ethernet0/0/2]port link-type access
[SW1-Ethernet0/0/2]port default vlan 2
[SW1-Ethernet0/0/2]int e0/0/3
[SW1-Ethernet0/0/3]port link-type access
[SW1-Ethernet0/0/3]port default vlan 3

[SW2]vlan batch 2 3
[SW2]int e0/0/3
[SW2-Ethernet0/0/3]port link-type trunk
[SW2-Ethernet0/0/3]port trunk allow-pass vlan 2 3
[SW2-Ethernet0/0/3]int e0/0/1
[SW2-Ethernet0/0/1]port link-type access
[SW2-Ethernet0/0/1]port default vlan 2
[SW2-Ethernet0/0/1]int e0/0/2
[SW2-Ethernet0/0/2]port link-type access
[SW2-Ethernet0/0/2]port default vlan 3

[R4]int g0/0/2.1
[R4-GigabitEthernet0/0/2.1]dot1q termination vid 2
[R4-GigabitEthernet0/0/2.1]ip a 192.168.0.129 27	
[R4-GigabitEthernet0/0/2.1]arp broadcast enable 
[R4-GigabitEthernet0/0/2.1]int g0/0/2.2
[R4-GigabitEthernet0/0/2.2]dot1q termination vid 3
[R4-GigabitEthernet0/0/2.2]ip a 192.168.0.161 27
[R4-GigabitEthernet0/0/2.2]arp broadcast enable

七、在R4上配置DHCP

[R4]dhcp enable
[R4]ip pool v2
[R4-ip-pool-v2]network 192.168.0.128 mask 27
[R4-ip-pool-v2]gateway-list 192.168.0.129
[R4-ip-pool-v2]dns-list 8.8.8.8
[R4-ip-pool-v2]int g0/0/2.1  
[R4-GigabitEthernet0/0/2.1]dhcp select global 
[R4-GigabitEthernet0/0/2.1]q
[R4]ip pool v3       
[R4-ip-pool-v3]network 192.168.0.160 mask 27
[R4-ip-pool-v3]gateway-list 192.168.0.161
[R4-ip-pool-v3]dns-list 8.8.8.8
[R4-ip-pool-v3]int g0/0/2.2
[R4-GigabitEthernet0/0/2.2]dhcp select global

八、在边界路由器R5配置NAT

[R5]acl 2000
[R5-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[R5-acl-basic-2000]int g0/0/2
[R5-GigabitEthernet0/0/2]nat outbound 2000

实验测试