静态综合实验

一、实验要求及拓扑图

1、R6为isp，接口IP地址均为公有地址；该设备只能配置IP地址，之后不能冉对其进行其他任何配置
2、R1-R5为局域网，私有IP地址192.168.1.0/24，请合理分配;
3、R1，R2，R4，各有两个环回地址;R5，R6各有一个环回地址;所有路由器上环回均代表连接用户的接口;
4、R3下的两台PC通过DHCP自动获取IP地址;
5、选路最佳，路由表尽量小，避免环路;
6、R1-R5均可以访问R6的环回;
7、R6telnetR5的公有IP地址时，实际登陆到R1上;
8、R4与R5正常通过1000M链路，故障时通过100M链路;

 二、IP规划

由实验要求可知，主要分为骨干链路和环回所需的IP，其中骨干链路需要七个网段，环回需要五个网段 。

具体分配如下：

192.168.1.0 24

192.168.1.0 25
  192.168.1.0 28
  192.168.1.16 28
  192.168.1.32 28
  192.168.1.48 28
  192.168.1.64 28
  192.168.1.80 28
  192.168.1.96 28
  192.168.1.112 28

192.168.1.128 25
  192.168.1.128 27
     192.168.1.128 28
     192.168.1.144 28
  192.168.1.160 27
     192.168.1.160 28     
     192.168.1.176 28
  192.168.1.192 27
     192.168.1.192 28
     192.168.1.208 28
  192.168.224 27

三、配置IP及环回

 

 

 

 四、使用DHCP协议下放IP

[r3]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[r3]ip pool 1
Info: It's successful to create an IP address pool.
[r3-ip-pool-1]network 192.168.1.0 mask 28  
[r3-ip-pool-1]gateway-list 192.168.1.1
[r3-ip-pool-1]dns-list 114.114.114.114
[r3-ip-pool-1]q
[r3]int g0/0/2  
[r3-GigabitEthernet0/0/2]dhcp select global 

五、配置静态路由和缺省路由，使全网可达

[r1]ip route-static 0.0.0.0 0 192.168.1.50

[r2]ip route-static 192.168.1.48 28 192.168.1.17 
[r2]ip route-static 192.168.1.0 28 192.168.1.17 
[r2]ip route-static 0.0.0.0 0 192.168.1.34
[r2]ip route-static 192.168.1.128 27 192.168.1.17
[r2]ip route-static 192.168.1.128 27 NULL 0

[r3]ip route-static 192.168.1.16 28 192.168.1.49 
[r3]ip route-static 0.0.0.0 0 192.168.1.66
[r3]ip route-static 192.168.1.128 27 192.168.1.49  
[r3]ip route-static 192.168.1.128 27 NULL 0
[r3]ip route-static 192.168.1.160 27 192.168.1.49
[r3]ip route-static 192.168.1.160 27 NULL 0

[r4]ip route-static 192.168.1.16 28 192.168.1.33
[r4]ip route-static 192.168.1.0 28 192.168.1.65
[r4]ip route-static 192.168.1.48 28 192.168.1.65
[r4]ip route-static 0.0.0.0 0 192.168.1.82
[r4]ip route-static 0.0.0.0 0 192.168.1.98
[r4]ip route-static 192.168.1.160 27 192.168.1.33
[r4]ip route-static 192.168.1.160 27 NULL 0
[r4]ip route-static 192.168.1.128 27 192.168.1.65
[r4]ip route-static 192.168.1.128 27 NULL 0
 

[r5]ip route-static 192.168.1.0 24 192.168.1.81
[r5]ip route-static 192.168.1.0 24 192.168.1.97 
[r5]ip route-static 1.0.0.0 24 12.1.1.2

 

六、改变优先级，使R4与R5正常通过1000M链路，故障时通过100M链路;

[r4]ip route-static 192.168.1.0 255.255.255.0 192.168.1.98 preference 70

七、R6telnetR5的公有IP地址时，实际登陆到R1上;

1、为访问公网，在边界路由器上做动态NAT

[r5]acl 2000
[r5-acl-basic-2000]rule permit source 192.168.1.0 0.0.255.255
[r5-acl-basic-2000]q
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]nat o    
[r5-GigabitEthernet0/0/1]nat outbound 2000

2、开启telnet

[r1]user-interface vty 0 4
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]q
[r1]aaa
[r1-aaa]local-user jyy password cipher 123456
Info: Add a new user. 
[r1-aaa]local-user jyy privilege level 15
[r1-aaa]local-user jyy service-type telnet

3、边界路由器端口映射，使R6登录R1

[r5]int g0/0/1
[r5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 ins
ide 192.168.1.1 23
Warning:The port 23 is well-known port. If you continue it may cause function fa
ilure.
Are you sure to continue?[Y/N]:y