实验要求
1.r6为isp,接口IP地址均为公有地址,该设备只能配置ip地址,之后不能在对其进行任何配置;
2.r1-r5为局域网,私有ip地址192.168.1.0/24,请合理分配;
3.所有路由器上环回,均代表链接用户的接口,
4.r3下的两台pc通过DHCP自动获取IP地址;
5.选路最佳,路由器尽量小,避免环路;
6.r1-r5均可访问r6的环回
7.r6 telnet r5的共有IP时,实际登录到r1上
8.r4与r5正常通过1000链路,故障时通过100兆链路;
网络规划
先将192.168.1.0/24先划分成192.168.1.0/27、192.168.1.32/27、192.168.1.64/27、192.168.96/27
192.168.128/27、192.168.160/27六个网段。
再将192.168.1.0/27划分成192.168.1.0/30、192.168.1.4/30、192.168.1.8/30、192.168.1.12/30
192.168.1.16/30、192.168.1.20/30、192.168.1.24/30这七个网段。
R1环回:将192.168.1.32/27划分成192.168.1.32/28和192.168.1.48/28
R2环回:将192.168.1.64/27划分成192.168.1.64/28和192.168.1.80/28
R3DHCP:将192.168.1.96/27划分成192.168.1.96/28和192.168.1.112/28
R4环回:将192.168.1.128/27划分成192.168.1.128/28和192.168.1.144/28
R5环回:将192.168.1.160/27划分成192.168.1.160/28和192.168.1.176/28
配置路由
R1
GigabitEthernet0/0/0 ip address 192.168.1.1 255.255.255.252
GigabitEthernet0/0/2 ip address 192.168.1.9 255.255.255.252
interface LoopBack1 ip address 192.168.1.33 255.255.255.240
interface LoopBack2 ip address 192.168.1.49 255.255.255.240
空接口防环路由:
ip route-static 192.168.1.32 255.255.255.224 NULL0
缺省路由:
ip route-static 0.0.0.0 0.0.0.0 192.168.1.2
ip route-static 0.0.0.0 0.0.0.0 192.168.1.10
静态路由:
ip route-static 192.168.1.4 255.255.255.252 192.168.1.2
ip route-static 192.168.1.12 255.255.255.252 192.168.1.10
ip route-static 192.168.1.16 255.255.255.248 192.168.1.2
ip route-static 192.168.1.16 255.255.255.248 192.168.1.10
ip route-static 192.168.1.64 255.255.255.224 192.168.1.2
ip route-static 192.168.1.96 255.255.255.224 192.168.1.10
ip route-static 192.168.1.128 255.255.255.224 192.168.1.2
ip route-static 192.168.1.128 255.255.255.224 192.168.1.10
[r1]aaa
[r1-aaa]local-user xixi password cipher 123456
[r1-aaa]local-user xixi service-type telnet
[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r5]int g0/0/1
[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.1 23
Warning:The port 23 is well-known port. If you continue it may cause function failure.
Are you sure to continue?[Y/N]:y
R2
GigabitEthernet0/0/0 ip address 192.168.1.2 255.255.255.252
GigabitEthernet0/0/1 ip address 192.168.1.5 255.255.255.252
interface LoopBack1 ip address 192.168.1.65 255.255.255.240
interface LoopBack2 ip address 192.168.1.81 255.255.255.240
空接口防环路由:
ip route-static 192.168.1.64 255.255.255.224 NULL0
缺省路由:
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
ip route-static 0.0.0.0 0.0.0.0 192.168.1.6
静态路由:
ip route-static 192.168.1.8 255.255.255.252 192.168.1.1
ip route-static 192.168.1.12 255.255.255.252 192.168.1.6
ip route-static 192.168.1.16 255.255.255.248 192.168.1.6
ip route-static 192.168.1.24 255.255.255.248 192.168.1.6
ip route-static 192.168.1.32 255.255.255.224 192.168.1.1
ip route-static 192.168.1.96 255.255.255.224 192.168.1.1
ip route-static 192.168.1.96 255.255.255.224 192.168.1.6
ip route-static 192.168.1.128 255.255.255.224 192.168.1.6
R3
GigabitEthernet0/0/2 ip address 192.168.1.10 255.255.255.252(30)
GigabitEthernet0/0/0 ip address 192.168.1.13 255.255.255.252(30)
GigabitEthernet0/0/1 ip address 192.168.1.25 255.255.255.248(30)
interface LoopBack1 ip address 192.168.1.97 255.255.255.240(28)
interface LoopBack2 ip address 192.168.1.113 255.255.255.240(28)
DHCP配置
[R3]dhcp enable
[R3]ip pool czc
[R3-ip-pool-czc]network 192.168.1.24 mask 29
[R3-ip-pool-czc]gateway-list 192.168.1.25
[R3-ip-pool-czc]dns-list 8.8.8.8 1.1.1.1
[R3-ip-pool-czc]int g 0/0/1
[R3-GigabitEthernet0/0/1]dhcp select global
空接口防环路由:
ip route-static 192.168.1.96 255.255.255.224 NULL0
缺省路由:
ip route-static 0.0.0.0 0.0.0.0 192.168.1.9
ip route-static 0.0.0.0 0.0.0.0 192.168.1.14
静态路由:
ip route-static 192.168.1.0 255.255.255.252 192.168.1.9
ip route-static 192.168.1.4 255.255.255.252 192.168.1.14
ip route-static 192.168.1.16 255.255.255.248 192.168.1.14
ip route-static 192.168.1.32 255.255.255.224 192.168.1.9
ip route-static 192.168.1.64 255.255.255.224 192.168.1.9
ip route-static 192.168.1.64 255.255.255.224 192.168.1.14
ip route-static 192.168.1.128 255.255.255.224 192.168.1.14
R4
GigabitEthernet0/0/0 ip address 192.168.1.14 255.255.255.252
GigabitEthernet0/0/1 ip address 192.168.1.6 255.255.255.252
GigabitEthernet0/0/2 ip address 192.168.1.17 255.255.255.252
Ethernet4/0/0 ip address 192.168.1.21 255.255.255.252
interface LoopBack1 ip address 192.168.1.129 255.255.255.240
interface LoopBack2 ip address 192.168.1.145 255.255.255.240
空接口防环路由:
ip route-static 192.168.1.128 255.255.255.224 NULL0
缺省路由:
ip route-static 0.0.0.0 0.0.0.0 192.168.1.18
ip route-static 0.0.0.0 0.0.0.0 192.168.1.22 preference 61
静态路由:
ip route-static 192.168.1.0 255.255.255.252 192.168.1.5
ip route-static 192.168.1.8 255.255.255.252 192.168.1.13
ip route-static 192.168.1.24 255.255.255.248 192.168.1.13
ip route-static 192.168.1.32 255.255.255.224 192.168.1.5
ip route-static 192.168.1.32 255.255.255.224 192.168.1.13
ip route-static 192.168.1.64 255.255.255.224 192.168.1.5
ip route-static 192.168.1.96 255.255.255.224 192.168.1.13
R5
GigabitEthernet0/0/2 ip address 192.168.1.18 255.255.255.252
Ethernet4/0/0 ip address 192.168.1.22 255.255.255.252
GigabitEthernet0/0/1 ip address 56.1.1.1 255.255.255.0
interface LoopBack1 ip address 192.168.1.161 255.255.255.240
interface LoopBack2 ip address 192.168.1.177 255.255.255.240
空接口防环路由:
ip route-static 192.168.1.160 255.255.255.224 NULL0
缺省路由:
ip route-static 0.0.0.0 0.0.0.0 56.1.1.2
静态路由:
ip route-static 192.168.1.0 27 192.168.1.17
ip route-static 192.168.1.0 27 192.168.1.21 preference 61
ip route-static 192.168.1.32 255.255.255.224 192.168.1.17
ip route-static 192.168.1.32 255.255.255.224 192.168.1.21 preference 61
ip route-static 192.168.1.64 255.255.255.192 192.168.1.17
ip route-static 192.168.1.64 255.255.255.192 192.168.1.21 preference 61
ip route-static 192.168.1.128 255.255.255.224 192.168.1.17
ip route-static 192.168.1.128 255.255.255.224 192.168.1.21 preference 61
nat配置
在R5上设置acl,让192.168.1.0/24里的接口及PC都能访问出去
[R5]acl 2000
[R5-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255
[R5-acl-basic-2000]int g 0/0/0
[R5-GigabitEthernet0/0/1]nat outbound 2000
端口映射
[R5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface telnet inside 192.168.1.33 telnet
Are you sure to continue?[Y/N]:y
R6
GigabitEthernet0/0/1 ip address 56.1.1.2 255.255.255.0
interface LoopBack0 ip address 6.6.6.1 255.255.255.0
pc1 ping r6回环
R1 ping R6环回
R6telent R5 登录R1
扫一扫
2272
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
