华为网络规划

配置完成后，client 1和client 5可以ping通 172.16.18.101也就是说可以联通外网

路由器AR1配置：

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]display curr

[Huawei]display current-configuration 

[V200R003C00]

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone Indian Standard Time minus 05:13:20

 clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23

 00:00 2005 2005 

#

portal local-server load portalpage.zip

#

 drop illegal-mac alarm

#

 set cpu-usage threshold 80 restore 75

#

acl number 2000  

 rule 1 permit source 10.86.2.0 0.0.0.255 

 rule 2 permit source 10.86.3.0 0.0.0.255 

 rule 3 permit source 10.86.4.0 0.0.0.255 

 rule 4 permit source 10.86.5.0 0.0.0.255 

 rule 5 permit source 10.86.6.0 0.0.0.255 

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 10.86.6.1 255.255.255.0 

#

interface GigabitEthernet0/0/1

 ip address 172.16.18.100 255.255.255.0 

 nat outbound 2000

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 172.16.18.101

ip route-static 10.86.2.0 255.255.255.0 10.86.6.254

ip route-static 10.86.3.0 255.255.255.0 10.86.6.254

ip route-static 10.86.4.0 255.255.255.0 10.86.6.254

ip route-static 10.86.5.0 255.255.255.0 10.86.6.254

ip route-static 10.86.6.0 255.255.255.0 10.86.6.254

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

核心交换机LSW1配置：

[Huawei]display current-configuration 

#

sysname Huawei

#

vlan batch 2 to 6

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

dhcp enable

#

diffserv domain default

#

drop-profile default

#

ip pool dhcpvlan2

 gateway-list 10.86.2.254

 network 10.86.2.0 mask 255.255.255.0

 excluded-ip-address 10.86.2.1 10.86.2.49

#

ip pool dhcpvlan3

 gateway-list 10.86.3.254

 network 10.86.3.0 mask 255.255.255.0

 excluded-ip-address 10.86.3.1 10.86.3.49

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface Vlanif2

 ip address 10.86.2.254 255.255.255.0

 dhcp select global

#

interface Vlanif3

 ip address 10.86.3.254 255.255.255.0

 dhcp select global

#

interface Vlanif4

 ip address 10.86.4.254 255.255.255.0

#

interface Vlanif5

 ip address 10.86.5.254 255.255.255.0

#

interface Vlanif6

 ip address 10.86.6.254 255.255.255.0

#

interface MEth0/0/1

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 6

#

interface GigabitEthernet0/0/2

 port link-type trunk

#

interface GigabitEthernet0/0/3

 port link-type trunk

#

interface GigabitEthernet0/0/4

 port link-type trunk

#

interface GigabitEthernet0/0/5

 port link-type trunk

#

interface GigabitEthernet0/0/6

 port link-type trunk

#

interface GigabitEthernet0/0/7

 port link-type trunk

#

interface GigabitEthernet0/0/8

 port link-type trunk

#

interface GigabitEthernet0/0/9

 port link-type trunk

#

interface GigabitEthernet0/0/10

 port link-type trunk

#

interface GigabitEthernet0/0/11

 port link-type trunk

#

interface GigabitEthernet0/0/12

 port link-type trunk

#

interface GigabitEthernet0/0/13

 port link-type trunk

#

interface GigabitEthernet0/0/14

 port link-type trunk

#

interface GigabitEthernet0/0/15

 port link-type trunk

#

interface GigabitEthernet0/0/16

 port link-type trunk

#

interface GigabitEthernet0/0/17

 port link-type trunk

#

interface GigabitEthernet0/0/18

 port link-type trunk

#

interface GigabitEthernet0/0/19

 port link-type trunk

#

interface GigabitEthernet0/0/20

 port link-type trunk

#

interface GigabitEthernet0/0/21

 port link-type trunk

#

interface GigabitEthernet0/0/22

 port link-type trunk

#

interface GigabitEthernet0/0/23

 port link-type trunk

#

interface GigabitEthernet0/0/24

 port link-type access

 port default vlan 6

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 10.86.6.1

#

user-interface con 0

user-interface vty 0 4

#

port-group 1//设置group1 把所有端口加进来

 group-member GigabitEthernet0/0/1

 group-member GigabitEthernet0/0/2

 group-member GigabitEthernet0/0/3

 group-member GigabitEthernet0/0/4

 group-member GigabitEthernet0/0/5

 group-member GigabitEthernet0/0/6

 group-member GigabitEthernet0/0/7

 group-member GigabitEthernet0/0/8

 group-member GigabitEthernet0/0/9

 group-member GigabitEthernet0/0/10

 group-member GigabitEthernet0/0/11

 group-member GigabitEthernet0/0/12

 group-member GigabitEthernet0/0/13

 group-member GigabitEthernet0/0/14

 group-member GigabitEthernet0/0/15

 group-member GigabitEthernet0/0/16

 group-member GigabitEthernet0/0/17

 group-member GigabitEthernet0/0/18

 group-member GigabitEthernet0/0/19

 group-member GigabitEthernet0/0/20

 group-member GigabitEthernet0/0/21

 group-member GigabitEthernet0/0/22

 group-member GigabitEthernet0/0/23

接入层交换机LSW2配置：

[Huawei]display current-configuration 

#

sysname Huawei

#

vlan batch 2 to 6

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface Vlanif2

 ip address 10.86.2.253 255.255.255.0

#

interface Vlanif3

 ip address 10.86.3.253 255.255.255.0

#

interface Vlanif4

 ip address 10.86.4.253 255.255.255.0

#

interface Vlanif5

 ip address 10.86.5.253 255.255.255.0

#

interface Vlanif6

 ip address 10.86.6.253 255.255.255.0

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 2

#

interface Ethernet0/0/2

 port link-type access

 port default vlan 3

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 6

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

转载于:https://blog.51cto.com/211399/1540940