三层架构实验

最新推荐文章于 2022-08-14 15:17:09 发布

莫尼热

最新推荐文章于 2022-08-14 15:17:09 发布

阅读量135

点赞数

分类专栏：笔记文章标签：架构网络运维

本文链接：https://blog.csdn.net/qq_56970600/article/details/123001812

版权

笔记专栏收录该内容

29 篇文章 0 订阅

订阅专栏

三层架构实验

实验要求

1.内网IP地址172.16.0.0/16合理分配
2、SW1/2之间互为备份
3、VRRP/STP/TRUNK均使用
4、所有PC通过DHCP获取ip地址

拓扑搭建
在这里插入图片描述
划分IP

172.16.0.0/27 R1与sw1之间
172.16.1.32/27 R1与sw2之间
172.16.0.64/27 vlan1
172.16.0.66/27 vlan1的网关
172.16.0.96/27 vlan2
172.16.0.98/27 vlan2的网关 R1与R2之间公有地址12.1.1.0/24网段，ISP环回地址为4.4.4.0/24.

实验过程
在SW1上配置DHCP，并且作为主网关使所有PC可以通过DHCP获取IP地址

[sw1]vlan 2
[sw1]interface Vlanif 1
[sw1-Vlanif1]ip address 172.16.0.65 27
[sw1-Vlanif1]vrrp vrid 1 virtual-ip 172.16.0.66
[sw1-Vlanif1]vrrp vrid 1 priority 120
[sw1-Vlanif1]vrrp vrid 1 preempt-mode timer delay 20
[sw1-Vlanif1]vrrp vrid 1 track interface GigabitEthernet 0/0/1 reduced 30
[sw1]dhcp enable
[sw1]ip pool 1
[sw1-ip-pool-1]network 172.16.0.64 mask 27
[sw1-ip-pool-1]gateway-list 172.16.0.66
[sw1-ip-pool-1]dns-list 8.8.8.8
[sw1]interface Vlanif 1
[sw1-Vlanif1]dhcp select global
[sw1]interface GigabitEthernet 0/0/4
[sw1-GigabitEthernet0/0/4]port hybrid tagged vlan 1 to 2
[sw1]interface GigabitEthernet 0/0/5
[sw1-GigabitEthernet0/0/5]port hybrid tagged vlan 1 to 2

同理创建对VLAN2进行配置

[sw3]interface Eth0/0/1
[sw3-Ethernet0/0/1]port link-type trunk
[sw3-Ethernet0/0/1]port trunk allow-pass vlan 1 to 2
[sw3]vlan 2
[sw3]port-group group-member Ethernet 0/0/3 to Ethernet 0/0/5
[sw3-port-group]port link-type access
[sw3]interface Eth0/0/4
[sw3-Ethernet0/0/4]port default vlan 2

[sw4]interface Eth0/0/1
[sw4-Ethernet0/0/1]port link-type trunk
[sw4-Ethernet0/0/1]port trunk allow-pass vlan 1 to 2
[sw4-Ethernet0/0/1]quit
[sw4]vlan 2
[sw4]port-group group-member Ethernet 0/0/3 to Ethernet 0/0/4
[sw4-port-group]port link-type access
[sw4]interface Eth0/0/3
[sw4-Ethernet0/0/3]port default vlan 2

在SW2上进行配置，使作为备份网关，并且SW1与SW2之间的链路进行叠加。

[sw2]vlan 2
[sw2]interface Vlanif 1
[sw2-Vlanif1]ip address 172.16.0.67 27
[sw2-Vlanif1]vrrp vrid 1 virtual-ip 172.16.0.66
[sw2]dhcp enable
[sw2]ip pool 1
[sw2-ip-pool-1]network 172.16.0.64 mask 27
[sw2-ip-pool-1]gateway-list 172.16.0.66
[sw2-ip-pool-1]dns-list 8.8.8.8
[sw2]interface Vlanif 1
[sw2-Vlanif1]dhcp select global

同理创建对VLAN2进行配置

[sw4]interface Eth0/0/2
[sw4-Ethernet0/0/2]port link-type trunk
[sw4-Ethernet0/0/2]port trunk allow-pass vlan 1 to 2

[sw3]interface Eth0/0/2
[sw3-Ethernet0/0/2]port link-type trunk
[sw3-Ethernet0/0/2]port trunk allow-pass vlan 1 to 3

链路叠加：

[sw1]interface Eth-Trunk 0
[sw1]interface GigabitEthernet 0/0/2
[sw1-GigabitEthernet0/0/2]eth-trunk 0
[sw1]interface GigabitEthernet 0/0/3
[sw1-GigabitEthernet0/0/3]eth-trunk 0
[sw1]interface Eth-Trunk 0
[sw1-Eth-Trunk0]port link-type hybrid
[sw1-Eth-Trunk0]port hybrid tagged vlan 1 to 3

[sw2]interface Eth-Trunk 0
[sw2]interface GigabitEthernet 0/0/2
[sw2-GigabitEthernet0/0/2]eth-trunk 0
[sw2]interface GigabitEthernet 0/0/3
[sw2-GigabitEthernet0/0/3]eth-trunk 0
[sw2]interface Eth-Trunk 0
[sw2-Eth-Trunk0]port link-type hybrid
[sw2-Eth-Trunk0]port hybrid tagged vlan 1 to 2

配置MSTP，VLAN1划入组1，VLAN2划入组2，且主根为SW1，备份根为SW2。

[sw1]stp mode mstp
[sw1]stp enable
[sw1]stp region-configuration
[sw1-mst-region]region-name a
[sw1-mst-region]instance 1 vlan 1
[sw1-mst-region]instance 2 vlan 2
[sw1-mst-region]active region-configuration
[sw1]stp instance 1 root primary
[sw1]stp instance 2 root primary

[sw2]stp instance 1 root secondary
[sw2]stp instance 2 root secondary

[sw3]stp mode mstp
[sw3]stp enable
[sw3]stp region-configuration
[sw3-mst-region]region-name a
[sw3-mst-region]instance 1 vlan 1
[sw3-mst-region]instance 2 vlan 2
[sw3-mst-region]active region-configuration

在SW1和SW2上给物理接口配置IP地址来让SW1和SW2能与R1进行访问。

注：由于ENSP上的三层交换机在模拟器上不能直接给物理接口配置IP地址（真机可以），所以需要换思路：将需要配置IP地址的接口改为access模式并且划分到一个VLAN中，然后给该VLAN配置IP地址即可达到相同的效果。

[sw1]vlan 10
[sw1]interface GigabitEthernet 0/0/1
[sw1-GigabitEthernet0/0/1]port link-type access
[sw1-GigabitEthernet0/0/1]port default vlan 10
[sw1]interface Vlanif 10
[sw1-Vlanif10]ip address 172.16.0.2 27

[sw2]vlan 10
[sw2]interface GigabitEthernet 0/0/1
[sw2-GigabitEthernet0/0/1]port link-type access
[sw2-GigabitEthernet0/0/1]port default vlan 10
[sw2]interface Vlanif 10
[sw2-Vlanif10]ip address 172.16.0.34 27

[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]ip address 172.16.0.1 27
[r1]interface GigabitEthernet 0/0/2
[r1-GigabitEthernet0/0/2]ip address 172.16.0.33 27

在R1上配置VLAN1、2、3的静态路由，下一跳分别为SW1和SW2连接R1的物理接口，且下一跳为SW2连接R1的接口的路由为备份路由，优先级数值较大。

[r1]ip route-static 172.16.0.64 27 172.16.0.2
[r1]ip route-static 172.16.0.96 27 172.16.0.2
[r1]ip route-static 172.16.0.128 27 172.16.0.2
[r1]ip route-static 172.16.0.64 27 172.16.0.34 preference 61
[r1]ip route-static 172.16.0.96 27 172.16.0.34 preference 61
[r1]ip route-static 172.16.0.128 27 172.16.0.34 preference 61

在R1和R2上配置公网地址，并通过NAT实现所有PC可以访问ISP环回

[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 12.1.1.1 24
[r1]acl 2000
[r1-acl-basic-2000]rule 5 permit source 172.16.0.0 0.0.0.255
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]nat outbound 2000
[r1]ip route-static 0.0.0.0 0 12.1.1.2

[sw1]ip route-static 0.0.0.0 0 172.16.0.1

[sw2]ip route-static 0.0.0.0 0 172.16.0.33

测试
在这里插入图片描述

莫尼热

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
三层架构实验

三层架构实验实验要求1.内网IP地址172.16.0.0/16合理分配2、SW1/2之间互为备份3、VRRP/STP/TRUNK均使用4、所有PC通过DHCP获取ip地址拓扑搭建划分IP172.16.0.0/27 R1与sw1之间172.16.1.32/27 R1与sw2之间172.16.0.64/27 vlan1172.16.0.66/27 vlan1的网关172.16.0.96/27 vlan2172.16.0.98/27 vlan2的网关 R1与R2之间公有地址12.
复制链接

扫一扫