设计目标:组建可扩展的局域网和广域(内联)网<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

用户需求

某学校由新校区和老校区组成。新校区由办公楼和教学楼(楼层均为三层)组成,办公楼与教学楼之间距离为300米;老校区由办公楼和教学楼组成。

新校区:要求组建内部局域网。办公楼一层有15个信息点,办公楼二层有16个信息点,办公楼三层有20个信息点;教学楼一层有17个信息点,教学楼二层有12个信息点,教学楼三层有18个信息点。核心交换机安装在网络中心,位于办公楼二层。办公楼汇聚交换机也位于核心机房,教学楼汇聚机房位于二层。要求在教学楼汇聚交换机上划分如下VLAN:教学楼一层要求划分2个VLAN,分别给教室和办公室使用,教学楼二层划分3个VLAN,分别给教室、实验室和办公室使用,教学楼三层划分1个VLAN,给教室使用。即教学楼共需6个业务VLAN,每层的教室、实验室和办公室的计算机如果出现病毒引发大量广播,不会传播到其它的楼层。

核心层设备与汇聚层设备之间使用路由协议互联,既可以使用静态路由、也可以使用动态路由。

如果机器性能允许运行9台Dynamips虚拟机(至少需要1G内存),则可以将办公楼的汇聚层交换机和接入层交换机也设计进网络中,(即实现局域网网络规模的扩展)办公楼每层划分1个VLAN,共3个业务VLAN。

老校区:暂不要求划分VLAN,能和新校区连通就可以。

新老校之间使用电信租用DDN线路互联,组成一个Intranet。(如果将来还有其他校区,也能够与现在的新校区实现互联,实现内联网网络规模的扩展。)

要求新校办公楼二层核心设备、教学楼一层、二层、三层和老校的所有联网计算机都可以互相通信。

 
核心交换机上联一台防火墙,防火墙采用城域网专线接入Internet,防火墙的内口地址为192.168.0.1/30,要求所有机器都能ping通此接口地址。(不要求配置防火墙,也不要求配置NAT)

设计要求:

需求分析(详述用户网络组建需求)

拓扑图(全网拓扑,使用Visio绘制)

逻辑设计(网络互联方法、VLAN划分、路由协议选择等)

地址规划(合理规划IP地址分配)

设备选型(可使用各厂商的网络设备)

 

 

 

 

R1 F0/0 192.168.255.1/30
      F0/1 192.168.255.5/30
 
R2 F0/0 192.168.255.2/30
      F0/1 192.168.7.1/24

hexin F0/1 192.168.255.6/30
          F0/2 192.168.255.9/30
          F0/3 192.168.255.13/30
         F0/4 192.168.0.2/30
 
jiaoxue F0/1 192.168.255.10/30

bangong F0/1 192.168.255.14/30
 
防火墙 F0/0 192.168.0.1/30
pc7    192.168.7.0/24
 
 配置如下:
S1
 
S2
 
 
S3
 
 
S4
Switch>en
Switch#config
Switch(config)#hostname S4
S4(config)#ex
S4#vlan da
S4(vlan)#vtp domain bangong
Domain name already set to bangong.
S4(vlan)#vtp password bangong
Setting device VLAN database password to bangong
S4(vlan)#vtp client
Setting device to VTP CLIENT mode.
S4(vlan)#ex
APPLY completed.
Exiting....
S4#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
S4(config)#int range f0/2 - 24
S4(config-if-range)#switc
S4(config-if-range)#switchport acc vlan 18
S4(config-if-range)#ex
S4(config)#int f 0/1 
S4(config-if)#switch mode trun
S4(config-if)#ex
 
办公
Switch>en
Switch#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname bangong
bangong(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
bangong#vlan data
% Warning: It is recommended to configure VLAN from config mode,
  as VLAN database mode is being deprecated. Please consult user
  documentation for configuring VTP/VLAN in config mode.
bangong(vlan)#vtp doma bangong
Changing VTP domain name from NULL to bangong
bangong(vlan)#vtp pass bangong
Setting device VLAN database password to bangong
bangong(vlan)#vtp server
Device mode already VTP SERVER.
bangong(vlan)#vlan 18
VLAN 18 added:
    Name: VLAN0018
bangong(vlan)#vlan 19
VLAN 19 added:
    Name: VLAN0019
bangong(vlan)#vlan 20
VLAN 20 added:
    Name: VLAN0020
bangong(vlan)#exit
APPLY completed.
Exiting....
bangong#
bangong#config
jiaoxue(config-if)#int vlan 18
jiaoxue(config-if)#ip address 192.168.18.1 255.255.255.0
jiaoxue(config-if)#int vlan 19
jiaoxue(config-if)#ip address 192.168.19.1 255.255.255.0
jiaoxue(config-if)#int vlan 20
jiaoxue(config-if)#ip address 192.168.20.1 255.255.255.0
jiaoxue(config-if)#
bangong(config-if)#int f0/2
bangong(config-if)#switch mode trun
bangong(config-if)#int f0/3
bangong(config-if)#swit mode trun
bangong(config-if)#int f0/4
bangong(config-if)#swit mode trun
bangong(config)#int f0/1
bangong(config-if)#no switchport
bangong(config-if)#ip add 192.168.255.14 255.255.255.252
bangong(config-if)#exi
bangong(config)#exi
%SYS-5-CONFIG_I: Configured from console by console
bangong#wr
Building configuration...
[OK]
bangong#

config
ip routing
router ospf 1
 network 192.168.18.0 0.0.0.255 area 0
 network 192.168.19.0 0.0.0.255 area 0
 network 192.168.20.0 0.0.0.255 area 0
 network 192.168.255.12 0.0.0.3 area 0
 
教学楼汇聚交换机
Switch>en
Switch#config
Switch(config)#host jiaoxue
jiaoxue(config)#end
jiaoxue#vlan database
jiaoxue(vlan)#vtp domain jiaoxue
jiaoxue(vlan)#vtp password jiaoxue
Setting device VLAN database password to jiaoxue
jiaoxue(vlan)#vtp server
Device mode already VTP SERVER.

jiaoxue(vlan)#vlan 11
VLAN 11 added:
    Name: VLAN0011
jiaoxue(vlan)#vlan 12
VLAN 12 added:
    Name: VLAN0012
jiaoxue(vlan)#vlan 13
VLAN 13 added:
    Name: VLAN0013
jiaoxue(vlan)#vlan 14
VLAN 14 added:
    Name: VLAN0014
jiaoxue(vlan)#vlan 15
VLAN 15 added:
    Name: VLAN0015
jiaoxue(vlan)#vlan 16
VLAN 16 added:
    Name: VLAN0016

jiaoxue(vlan)#exit
APPLY completed.
Exiting....
jiaoxue#
jiaoxue#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
jiaoxue(config)#int vlan 11
jiaoxue(config-if)#ip address 192.168.11.1 255.255.255.0
jiaoxue(config-if)#int vlan 12
jiaoxue(config-if)#ip address 192.168.12.1 255.255.255.0
jiaoxue(config-if)#int vlan 13
jiaoxue(config-if)#ip address 192.168.13.1 255.255.255.0
jiaoxue(config-if)#int vlan 14
jiaoxue(config-if)#ip address 192.168.14.1 255.255.255.0
jiaoxue(config-if)#
jiaoxue(config-if)#ip address 192.168.14.1 255.255.255.0
jiaoxue(config-if)#int vlan 15

jiaoxue(config-if)#ip address 192.168.15.1 255.255.255.0
jiaoxue(config-if)#int vlan 16

jiaoxue(config-if)#ip address 192.168.16.1 255.255.255.0

jiaoxue(config-if)#end
jiaoxue#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
jiaoxue(config)#int f0/2
jiaoxue(config-if)#switchport mode trunk
jiaoxue(config-if)#int f0/3
jiaoxue(config-if)#switchport mode trunk
jiaoxue(config-if)#int f0/4
jiaoxue(config-if)#switchport mode trunk
jiaoxue(config)#int f0/1
jiaoxue(config-if)#no switchport
jiaoxue(config-if)#ip add 192.168.255.10 255.255.255.252
 

config
ip routing
router ospf 1
 network 192.168.11.0 0.0.0.255 area 0
 network 192.168.12.0 0.0.0.255 area 0
 network 192.168.13.0 0.0.0.255 area 0
 network 192.168.14.0 0.0.0.255 area 0
 network 192.168.15.0 0.0.0.255 area 0
 network 192.168.16.0 0.0.0.255 area 0
 network 192.168.255.8 0.0.0.3 area 0
 
核心交换机
Switch>en
Switch#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname hexin
hexin(config)#no ip domain-lookup
hexin(config)#int f0/1
hexin(config-if)#no switchport
hexin(config-if)#ip add 192.168.255.6 255.255.255.252
hexin(config-if)#int f0/2
hexin(config-if)#no switchport
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
hexin(config-if)#ip add 192.168.255.9 255.255.255.252
hexin(config-if)#int f0/3
hexin(config-if)#no switchport
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down
hexin(config-if)#ip add 192.168.255.13 255.255.255.252
hexin(config-if)#int f0/4
 
hexin(config-if)#no switchport
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
hexin(config-if)#ip add 192.168.0.1 255.255.255.252
hexin(config-if)#exit

config
ip routing
router ospf 1
network 192.168.255.8 0.0.0.3 area 0
network 192.168.255.12 0.0.0.3 area 0
 
s5 s6 配置与s4类似此处省略
R1 R2 只需配置好每个端口ip然后配置ospf协议,端口ip和路由协议配置与核心交换机类似此处省略。

 总结
1.题目要求可扩展的局域网组建
实验过程用了vtp
vtp是思科私有协议,若扩展使用别的厂商设备如华为就达不到可扩展性的要求
其实完全可以自己手工划分下vlan,使用vtp只是为了方便
2.使用三层交换的时候记得两条条命令
ip routing
和no shut
我在配置了ospf协议后彼此之间学习不到路由信息
郁闷了半天才发现忘了ip routing 来启用三层交换的路由功能