第一天实验（静态综合实验）

Emotional*

已于 2022-07-23 22:29:47 修改

阅读量187

点赞数

分类专栏： HCIP 文章标签：网络

于 2022-07-06 23:17:14 首次发布

本文链接：https://blog.csdn.net/weixin_53283555/article/details/125631036

版权

HCIP 专栏收录该内容

26 篇文章 2 订阅

订阅专栏

在这里插入图片描述

1、R6为isp，接口IP地址均为公有地址，该设备只能配置IP地址，之后不能再对其他进行任何配置，R6配置地址12.0.0.0/24后不进行其他任何配置

[r6]int g0/0/0
[r6-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[r6-GigabitEthernet0/0/0]int loopback0
[r6-LoopBack0]ip add 6.6.6.6 24

2、R1-R5为局域网，私有IP地址192.168.1.0/24，请合理分配

R1：

[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.1 30
[r1-GigabitEthernet0/0/0]int g0/0/1           
[r1-GigabitEthernet0/0/1]ip add 192.168.1.22 30

R2：

[r2]INT G0/0/0
[r2-GigabitEthernet0/0/0]ip add 192.168.1.1 30
[r2-GigabitEthernet0/0/0]int g0/0/1
[r2-GigabitEthernet0/0/1]ip add 192.168.1.5 30

R3:

[r3]int g0/0/1
[r3-GigabitEthernet0/0/1]ip add 192.168.1.18 30
[r3-GigabitEthernet0/0/1]int g0/0/0
[r3-GigabitEthernet0/0/0]ip add 192.168.1.21 30

R4:

[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip add 192.168.1.6 30
[r4-GigabitEthernet0/0/0]int g0/0/2
[r4-GigabitEthernet0/0/2]ip add 192.168.1.9 30
[r4-GigabitEthernet0/0/2]int g0/0/3
[r4-GigabitEthernet0/0/3]ip add 192.168.1.14 30
[r4-GigabitEthernet0/0/3]int g0/0/1
[r4-GigabitEthernet0/0/1]ip add 192.168.1.17 30

R5:

[r5]int g0/0/0
[r5-GigabitEthernet0/0/0]ip add 192.168.1.10 30
[r5-GigabitEthernet0/0/0]int g0/0/2
[r5-GigabitEthernet0/0/2]ip add 192.168.1.13 30
[r5-GigabitEthernet0/0/2]int g0/0/1
[r5-GigabitEthernet0/0/1]ip add 12.1.1.1 24

3、R1、R2、R4各有两个环回地址；R5、R6各有一个环回地址；所有路由器上环回均代表连接用户的接口

R1：

[r1]int lo0        
[r1-LoopBack0]ip add 192.168.1.33 28
[r1-LoopBack0]int lo1
[r1-LoopBack1]ip add 192.168.1.49 28

R2：

[r2]int lo0
[r2-LoopBack0]ip add 192.168.1.65 28
[r2-LoopBack0]int lo1
[r2-LoopBack1]ip add 192.168.1.81 28

R4：

[r4]int lo0
[r4-LoopBack0]ip add 192.168.1.97 28
[r4-LoopBack0]int lo1
[r4-LoopBack1]ip add 192.168.1.113 28

R5：

[r5]int lo0
[r5-LoopBack0]ip add 192.168.1.129 27

4、R3下的两台PC通过DHCP自动获取IP地址

先创建VLAN，然后划分到 2 台PC上

[Huawei]vlan batch 2 3
[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2]port link-type access
[Huawei-GigabitEthernet0/0/2]port default vlan 2
[Huawei-GigabitEthernet0/0/2]q
[Huawei]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type access
[Huawei-GigabitEthernet0/0/3]port default vlan 3

R3创建虚拟子接口：

[r3]int g0/0/2.1
[r3-GigabitEthernet0/0/2.1]ip add 192.168.1.161 28
[r3-GigabitEthernet0/0/2.1]dot1q termination vid 2
[r3-GigabitEthernet0/0/2.1]arp broadcast enable
[r3-GigabitEthernet0/0/2.1]q
[r3]int g0/0/2.2
[r3-GigabitEthernet0/0/2.2]ip add 192.168.1.177 28
[r3-GigabitEthernet0/0/2.2]dot1q termination vid 3
[r3-GigabitEthernet0/0/2.2]arp broadcast enable

R3创建地址池

[r3]ip pool class_A
Info:It's successful to create an IP address pool.
[r3-ip-pool-class_A]network 192.168.1.160 mask 28
[r3-ip-pool-class_A]gateway-list 192.168.1.161
[r3-ip-pool-class_A]dns-list 8.8.8.8
[r3-ip-pool-class_A]q
[r3]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[r3]int g0/0/2.1
[r3-GigabitEthernet0/0/2.1]dhcp select global
[r3-GigabitEthernet0/0/2.1]q
[r3]ip pool class_B
Info:It's successful to create an IP address pool.
[r3-ip-pool-class_B]dns-list 8.8.8.8network 192.168.1.76
[r3-ip-pool-class_B]dns-list 8.8.8.8gateway-list 192.168.1.177
[r3-ip-pool-class_B]dns-list 8.8.8.8
[r3-ip-pool-class_B]q
[r3]int g0/0/2.2
[r3-GigabitEthernet0/0/2.2]dhcp select global

实现R3和交换机LSW通信：

[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type trunk
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all

然后点击 2 台PC的DHCP查看：
在这里插入图片描述

5、选路最佳，路由表尽量少，避免环路（局域网内静态路由配置）

R1：

[r1]ip route-static 192.168.1.64 27 192.168.1.2
[r1]ip route-static 192.168.1.96 27 192.168.1.2
[r1]ip route-static 192.168.1.128 27 192.168.1.2
[r1]ip route-static 192.168.1.128 27 192.168.1.21
[r1]ip route-static 192.168.1.160 27 192.168.1.21
[r1]ip route-static 192.168.1.4 30 192.168.1.2
[r1]ip route-static 192.168.1.8 30 192.168.1.2
[r1]ip route-static 192.168.1.12 30 192.168.1.21
[r1]ip route-static 192.168.1.16 30 192.168.1.21

R2：

[r2]ip route-static 192.168.1.32 27 192.168.1.1
[r2]ip route-static 192.168.1.96 27 192.168.1.6  
[r2]ip route-static 192.168.1.128 27 192.168.1.6
[r2]ip route-static 192.168.1.160 27 192.168.1.1
[r2]ip route-static 192.168.1.8 30 192.168.1.6  
[r2]ip route-static 192.168.1.12 30 192.168.1.6
[r2]ip route-static 192.168.1.16 30 192.168.1.6
[r2]ip route-static 192.168.1.20 30 192.168.1.1

R3：

[r3]ip route-static 192.168.1.32 27 192.168.1.22
[r3]ip route-static 192.168.1.64 27 192.168.1.22
[r3]ip route-static 192.168.1.64 27 192.168.1.17
[r3]ip route-static 192.168.1.96 27 192.168.1.17
[r3]ip route-static 192.168.1.128 27 192.168.1.17
[r3]ip route-static 192.168.1.0 30 192.168.1.22  
[r3]ip route-static 192.168.1.4 30 192.168.1.17
[r3]ip route-static 192.168.1.8 30 192.168.1.17
[r3]ip route-static 192.168.1.12 30 192.168.1.17

R4：

[r4]ip route-static 192.168.1.32 27 192.168.1.5
[r4]ip route-static 192.168.1.32 27 192.168.1.18
[r4]ip route-static 192.168.1.64 27 192.168.1.5 
[r4]ip route-static 192.168.1.128 27 192.168.1.10
[r4]ip route-static 192.168.1.128 27 192.168.1.13
[r4]ip route-static 192.168.1.160 27 192.168.1.18
[r4]ip route-static 192.168.1.0 30 192.168.1.5   
[r4]ip route-static 192.168.1.20 30 192.168.1.18

R5：

[r5]ip route-static 192.168.1.32 27 192.168.1.9
[r5]ip route-static 192.168.1.32 27 192.168.1.14
[r5]ip route-static 192.168.1.64 27 192.168.1.9 
[r5]ip route-static 192.168.1.96 27 192.168.1.9
[r5]ip route-static 192.168.1.96 27 192.168.1.14
[r5]ip route-static 192.168.1.160 27 192.168.1.14
[r5]ip route-static 192.168.1.0 30 192.168.1.9
[r5]ip route-static 192.168.1.0 30 192.168.1.14
[r5]ip route-static 192.168.1.4 30 192.168.1.14
[r5]ip route-static 192.168.1.4 30 192.168.1.9 
[r5]ip route-static 192.168.1.16 30 192.168.1.14
[r5]ip route-static 192.168.1.20 30 192.168.1.14

6、R1-R5均可访问R6的环回

路由缺省配置：

[r1]ip route-static 0.0.0.0 0 192.168.1.2
[r1]ip route-static 0.0.0.0 0 192.168.1.21
[r2]ip route-static 0.0.0.0 0 192.168.1.6  
[r3]ip route-static 0.0.0.0 0 192.168.1.17
[r4]ip route-static 0.0.0.0 0 192.168.1.10    
[r4]ip route-static 0.0.0.0 0 192.168.1.13

空接口防环路由配置：

[r1]ip route-static 192.168.1.32 27 NULL 0
[r2]ip route-static 192.168.1.64 27 NULL 0
[r3]ip route-static 192.168.1.160 27 NULL 0
[r4]ip route-static 192.168.1.96 27 NULL 0
[r5]ip route-static 192.168.1.128 27 NULL 0
[r5]ip route-static 0.0.0.0 0 192.168.1.9

R5的外网接口能给运营商ISP发送数据包：

[r5]ip route-static 0.0.0.0 0 12.1.1.2

网络地址转换：

[r5]acl 2000
[r5-acl-basic-2000]rule permit source any 
[r5]int g0/0/2
[r5-GigabitEthernet0/0/2]nat outbound 2000

7、R6 telnet R5的公有IP地址时，实际登录到R1上

给R1配置远程登录：

[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]aaa
[r1-aaa]local-user huawei password cipher huawei
Info: Add a new user.
[r1-aaa]local-user huawei privilege level 15
[r1-aaa]local-user huawei service-type telnet

静态NAT配置：

[r5]nat static global 12.1.1.3 inside 192.168.1.1

8、R4与R5正常通过1000兆链路，故障时通过100兆链路

修改优先级：

[r4]ip route-static 192.168.1.128 27 192.168.1.13 preference 80