华为交换机综合实验

最新推荐文章于 2024-08-04 10:00:00 发布

小时候不乖的

最新推荐文章于 2024-08-04 10:00:00 发布

阅读量2.3k

点赞数 11

分类专栏： hcip 文章标签：华为交换机网络

本文链接：https://blog.csdn.net/weixin_53049621/article/details/118990079

版权

hcip 专栏收录该内容

15 篇文章 0 订阅

订阅专栏

该配置案例展示了如何在交换机Sw1和Sw2之间建立VRRP备份，确保VLAN1和VLAN2流量分别通过左侧和右侧路径，使用OSPFA进行全网可达性，并通过生成树和DHCP分配IP地址。Sw1和Sw2的VRRP配置保证了网关高可用性，同时R1作为边界路由器通过OSPF发布路由。

摘要由CSDN通过智能技术生成

1.内网IP地址为172.16.0.0/16 合理分配
2.sw1/2之间互为备份
3.vlan1流量全部走左边，vlan2流量全部走右边
4.使用VRRP 实现网关备份
5.使用生成树，所有设备通过DHCP获取地址
6.r1,sw1,sw2运行ospf实现全网可达
在这里插入图片描述

Sw1
sysname sw1
#
vlan batch 2 100
#
stp instance 1 root primary                          //设置根网桥
stp instance 2 root secondary
#
dhcp enable
#
stp region-configuration                            //生成树配置
 region-name a
 instance 1 vlan 1                                  // 分组 ，每个组一个生成树
 instance 2 vlan 2
 active region-configuration                    //激活配置
#
ip pool vlan1
 gateway-list 172.16.128.3
 network 172.16.128.0 mask 255.255.224.0
 lease day 0 hour 2 minute 0
 dns-list 8.8.8.8
#
ip pool vlan2
 gateway-list 172.16.96.3
 network 172.16.96.0 mask 255.255.224.0
 dns-list 114.114.114.144 114.114.114.114
#
interface Vlanif1
 ip address 172.16.128.1 255.255.224.0
 vrrp vrid 1 virtual-ip 172.16.128.3
 vrrp vrid 1 priority 120                                  //优先级越大，谁将是主网关
 vrrp vrid 1 track interface Ethernet0/0/3 reduced 30  //上行链路追踪，如果检查到该接口断了，则优先级减30
 dhcp select global
#
interface Vlanif2
 ip address 172.16.96.1 255.255.224.0
 vrrp vrid 1 virtual-ip 172.16.96.3
 vrrp vrid 1 track interface Ethernet0/0/5 reduced 30
 dhcp select global
#
interface Vlanif100                        //由于华为模拟器接口改为三层时配不了地址，所以用vlan100代替
 ip address 172.16.32.2 255.255.224.0
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1                  //把二个物理接口虚拟成一个接口
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
ospf 1
 silent-interface all                               //沉默接口，如果网络中vlan很多，链路中会收发大量的hello包，占用大量链路资源，所以选择沉默一些接口
 undo silent-interface Vlanif100
 undo silent-interface Eth-Trunk0
 undo silent-interface Vlanif2
 area 0.0.0.0
  network 172.16.32.2 0.0.0.0
 area 0.0.0.1
  abr-summary 172.16.0.0 255.255.0.0                              //区域1路由汇总
  network 172.16.128.1 0.0.0.0
  network 172.16.96.1 0.0.0.0

Sw2
sysname sw2
#
vlan batch 2 100
#
stp instance 1 root secondary
stp instance 2 root primary
#
dhcp enable
#
stp region-configuration
 region-name a
 instance 1 vlan 1
 instance 2 vlan 2
 active region-configuration
#
ip pool vlan1
 gateway-list 172.16.128.3
 network 172.16.128.0 mask 255.255.224.0
 lease day 0 hour 2 minute 0
 dns-list 8.8.8.8
#
ip pool vlan2
 gateway-list 172.16.96.3
 network 172.16.96.0 mask 255.255.224.0
 dns-list 114.114.114.144 114.114.114.114
#
interface Vlanif1
 ip address 172.16.128.2 255.255.224.0
 vrrp vrid 1 virtual-ip 172.16.128.3
 dhcp select global
#
interface Vlanif2
 ip address 172.16.96.2 255.255.224.0
 vrrp vrid 1 virtual-ip 172.16.96.3
 vrrp vrid 1 priority 120
 vrrp vrid 1 track interface Ethernet0/0/5 reduced 30
 dhcp select global
#
interface Vlanif100
 ip address 172.16.64.2 255.255.224.0
#
interface Eth-Trunk0
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/1
 eth-trunk 0
#
interface GigabitEthernet0/0/2
 eth-trunk 0
#
ospf 1 router-id 2.2.2.2
 silent-interface all
 undo silent-interface Vlanif100
 undo silent-interface Vlanif2
 undo silent-interface Eth-Trunk0
 area 0.0.0.0
  network 172.16.64.2 0.0.0.0
 area 0.0.0.1
 area 0.0.0.2
  abr-summary 172.16.0.0 255.255.0.0
  network 172.16.96.2 0.0.0.0
  network 172.16.128.2 0.0.0.0

Sw3
sysname sw3
#
vlan batch 2
#
stp region-configuration
 region-name a
 instance 1 vlan 1
 instance 2 vlan 2
 active region-configuration
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/3
 port link-type access
 stp edged-port enable
#
interface Ethernet0/0/4
 port link-type access
 port default vlan 2
 stp edged-port enable

Sw4
sysname sw4
#
vlan batch 2
#
stp region-configuration
 region-name a
 instance 1 vlan 1
 instance 2 vlan 2
 active region-configuration
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2
#
interface Ethernet0/0/3
 port link-type access
 stp edged-port enable
#
interface Ethernet0/0/4
 port link-type access
 port default vlan 2
 stp edged-port enable

R1
sysname r1 
#
acl number 2000  
 rule 5 permit source 172.16.0.0 0.0.255.255 
#
interface GigabitEthernet0/0/0
 ip address 172.16.32.1 255.255.224.0 
#
interface GigabitEthernet0/0/1
 ip address 10.1.1.1 255.255.255.0 
 nat outbound 2000
#
interface GigabitEthernet0/0/2
 ip address 172.16.64.1 255.255.224.0 
#
ospf 1 router-id 1.1.1.1 
 default-route-advertise                       //下放本地静态缺省
 area 0.0.0.0 
  network 10.1.1.0 0.0.0.255 
  network 172.16.0.0 0.0.255.255 
  network 172.16.32.0 0.0.0.255 
  network 172.16.64.1 0.0.0.0 
#
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2

R2
sysname LSP
#
interface GigabitEthernet0/0/0
 ip address 10.1.1.2 255.255.255.0 
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.0