静态路由的配置
1、要求:
现有两台防火墙,一台路由器,三台PC机,每台PC机代表一个区域网络,不同区域不同一个网段。要求模拟搭建一个网络,通过使用静态路由协议使三个不同的网络区域能够相互通信。
2、网络拓扑图
网络拓扑图的绘制如图1所示:
图1:网络拓扑图
3、设备的配置
(1)R1的配置
这里用一台防火墙模拟R1,具体配置如下:
<FW-3>system-view
System View: return to User View with Ctrl+Z.
[FW-3]sys
[FW-3]sysname R1
[R1-Ethernet0/0]ip address 192.168.4.1 24
[R1-Ethernet0/1]ip address 192.168.1.1 24
[R1-Ethernet0/1]loo
[R1-Ethernet0/1]loopback
[R1-Ethernet0/2]ip add
[R1-Ethernet0/2]ip address 192.168.5.1 24
[R1-Ethernet0/2]undo shutd
[R1-Ethernet0/2]undo shutdown
[R1]ip route-static 192.168.2.0 24 192.168.4.2 //配置静态路由
[R1]ip route-s
[R1]ip route-static 192.168.3.0 24 192.168.5.2
[R1]firewall zone un //把接口加入防火墙区域里
[R1]firewall zone untrust
[R1-zone-untrust]add in
[R1-zone-untrust]add interface et0/0
The interface has been added to trust security zone.
[R1-zone-untrust]add interface et0/1
(2)R2的配置
这里用另一台防火墙模拟R1,具体配置如下:
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]sy
[H3C]sysname R2
[R2]int et0/0
[R2-Ethernet0/0]ip add
[R2-Ethernet0/0]ip address 192.168.4.2 24
[R2-Ethernet0/0]int et0/1
[R2-Ethernet0/1]ip ad
[R2-Ethernet0/1]ip address 192.168.2.1 24
[R2-Ethernet0/1]loopback
[R2]ip route-static 192.168.1.0 24 192.168.4.1
[R2]ip route-static 192.168.5.0 24 192.168.4.1
[R2]ip route-static 192.168.3.0 24 192.168.4.1
[R2]firewall zone un //把接口加入防火墙区域里
[R2]firewall zone untrust
[R2-zone-untrust]add int
[R2-zone-untrust]add interface et0/0
[R2-zone-untrust]add interface et0/1
(3)R3的配置
Router]sys R1
[R1]sys R3
[R3]
R3]int et0
[R3-Ethernet0]ip add 192.168.5.2 24
[R3]int loo 1
[R3-LoopBack1]ip add 192.168.3.1 25
[R3]ip route-static 192.168.1.0 24 192.168.5.1
[R3]ip route-static 192.168.4.0 24 192.168.5.1
[R3]ip route-static 192.168.2.0 24 192.168.5.1
4、验证:
(1)查看R1的路由表
[R1]dis ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.1.0/24 DIRECT 0 0 192.168.1.1 Ethernet0/1
192.168.1.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.2.0/24 STATIC 60 0 192.168.4.2 Ethernet0/0
192.168.4.0/24 DIRECT 0 0 192.168.4.1 Ethernet0/0
192.168.4.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.3.0/24 STATIC 60 0 192.168.5.2 Ethernet0/0
(2)查看R2的路由表
[R2]display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.1.0/24 STATIC 60 0 192.168.4.1 Ethernet0/0
192.168.2.0/24 DIRECT 0 0 192.168.2.1 Ethernet0/1
192.168.2.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.3.0/24 STATIC 60 0 192.168.4.1 Ethernet0/0
192.168.4.0/24 DIRECT 0 0 192.168.4.2 Ethernet0/0
192.168.4.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.5.0/24 STATIC 60 0 192.168.4.1 Ethernet0/0
(3)查看R3的路由表
[R3]display ip routing
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.1.0/24 Static 60 0 192.168.5.1 Ethernet0
192.168.2.0/24 Static 60 0 192.168.5.1 Ethernet0
192.168.3.0/25 Direct 0 0 192.168.3.1 LoopBack1
192.168.3.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.4.0/24 Static 60 0 192.168.5.1 Ethernet0
192.168.5.0/24 Direct 0 0 192.168.5.2 Ethernet0
192.168.5.2/32 Direct 0 0 127.0.0.1 LoopBack0
(4)在R1上ping192.168.1.1
[R1]ping 192.168.1.1
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=255 time=12 ms
Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=255 time=5 ms
Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=255 time=5 ms
Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=255 time=5 ms
Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=255 time=5 ms
--- 192.168.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 5/6/12 ms
转载于:https://blog.51cto.com/tyjhz/1394113
5390
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
