目录
5、SW1为实例1、0的主根,实例2的备份根,SW2为实例2的主根,实例1、0的备份根
一、实验内容
实验要求:
1、内网IP地址172.16.0.0/16合理分配
2、SW1/SW2之间互为备份
3、VRRP、STP、VLAN和Trunk均使用
4、所有PC通过DHCP获取IP地址
二、实验分析及步骤
分析:先合理分配IP地址并在相应地方配置;创建VLAN,配置接口链路类型,所有access接口配置为边缘接口,设置BPDU保护,SW1-SW2之间做链路聚合。启用802.1S生成树,设置相应实例的主备根;配置VRRP,监控上行链路。配置DHCP服务,使终端可自动获取IP地址;三层链路启用OSPF动态路由协议,配置沉默接口、汇总和防环空接口。配置缺省路由和NAT地址转换,达到访问公网的目的。
1、IP基于基于172.16.0.0/16合理分配
【1】用于链路连接IP
172.16.0.0/24
172.16.0.0/30
172.16.0.4/30
【2】用于交换机 VLANif 的IP
VLANif 2
172.16.2.0/24
VLANif 3
172.16.3.0/24
2、配置SW1-SW2之间链路聚合
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/2
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/3
[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/2
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/3
3、创建VLAN,配置接口类型
【1】创建VLAN
SW1:
[SW1]vlan batch 2 3
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]port link-type trunk
[SW1-Eth-Trunk1]port trunk allow-pass vlan 2 3
[SW1-GigabitEthernet0/0/4]port link-type trunk
[SW1-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 3
[SW1-GigabitEthernet0/0/5]port link-type trunk
[SW1-GigabitEthernet0/0/5]port trunk allow-pass vlan 2 3
SW2:
[SW2]vlan batch 2 3
[SW2-Eth-Trunk1]port link-type trunk
[SW2-Eth-Trunk1]port trunk allow-pass vlan 2 3
[SW2-GigabitEthernet0/0/4]port link-type trunk
[SW2-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 3
[SW2-GigabitEthernet0/0/5]port link-type trunk
[SW2-GigabitEthernet0/0/5]port trunk allow-pass vlan 2 3
SW3:
[SW3]vlan batch 2 3
[SW3-GigabitEthernet0/0/1]port link-type trunk
[SW3-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 3
[SW3-GigabitEthernet0/0/2]port link-type trunk
[SW3-GigabitEthernet0/0/2]port trunk allow-pass vlan 2 3
[SW3-GigabitEthernet0/0/3]port link-type access
[SW3-GigabitEthernet0/0/3]port default vlan 2
[SW3-GigabitEthernet0/0/4]port link-type access
[SW3-GigabitEthernet0/0/4]port default vlan 3
SW4:
[SW4]vlan batch 2 3
[SW4-GigabitEthernet0/0/1]port link-type trunk
[SW4-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 3
[SW4-GigabitEthernet0/0/2]port link-type trunk
[SW4-GigabitEthernet0/0/2]port trunk allow-pass vlan 2 3
[SW4-GigabitEthernet0/0/3]port link-type access
[SW4-GigabitEthernet0/0/3]port default vlan 2
[SW4-GigabitEthernet0/0/4]port link-type access
[SW4-GigabitEthernet0/0/4]port default vlan 3
4、所有access设为边缘接口,配置BPDU保护
【2】配置边缘端口和BPDU保护
SW3:
[SW3]port-group group-member g0/0/3 g0/0/4
[SW3-port-group]stp edged-port enable
[SW3-GigabitEthernet0/0/3]stp edged-port enable
[SW3-GigabitEthernet0/0/4]stp edged-port enable
[SW3]stp bpdu-protection
SW4:
[SW4]port-group group-member g0/0/3 g0/0/4
[SW4-port-group]stp edged-port enable
[SW4-GigabitEthernet0/0/3]stp edged-port enable
[SW4-GigabitEthernet0/0/4]stp edged-port enable
[SW4]stp bpdu-protection
4、MSTP
SW1:
[SW1]stp mode mstp
[SW1]stp region-configuration
[SW1-mst-region]region-name SQC
[SW1-mst-region]revision-level 10
[SW1-mst-region]instance 1 vlan 2
[SW1-mst-region]instance 2 vlan 3
[SW1-mst-region]active region-configuration
SW2:
[SW2]stp mode mstp
[SW2]stp region-configuration
[SW2-mst-region] region-name SQC
[SW2-mst-region] revision-level 10
[SW2-mst-region] instance 1 vlan 2
[SW2-mst-region] instance 2 vlan 3
[SW2-mst-region] active region-configuration
SW3:
[SW3]stp mode mstp
[SW3]stp region-configuration
[SW3-mst-region] region-name SQC
[SW3-mst-region] revision-level 10
[SW3-mst-region] instance 1 vlan 2
[SW3-mst-region] instance 2 vlan 3
[SW3-mst-region] active region-configuration
SW4:
[SW4]stp mode mstp
[SW4]stp region-configuration
[SW4-mst-region] region-name SQC
[SW4-mst-region] revision-level 10
[SW4-mst-region] instance 1 vlan 2
[SW4-mst-region] instance 2 vlan 3
[SW4-mst-region] active region-configuration
5、SW1为实例1、0的主根,实例2的备份根,SW2为实例2的主根,实例1、0的备份根
[SW1]stp instance 1 root primary
[SW1]stp instance 0 root primary
[SW1]stp instance 2 root secondary
[SW2]stp instance 0 root secondary
[SW2]stp instance 1 root secondary
[SW2]stp instance 2 root primary
6、配置VRRP
SW1为 VLANif 2 的master,SW2为backup,SW2为 VLANif 3 的master,SW1为backup;SW1 与 SW2的VRRP需监控上行链路,上行down时切换网关,抢占延时为20s
SW1:
SW2:
7、DHCP
SW1:
[SW1]dhcp enable
[SW1]ip pool 22
[SW1-ip-pool-v2]network 172.16.2.0 mask 24
[SW1-ip-pool-v2]gateway-list 172.16.2.254
[SW1-ip-pool-v2]dns-list 114.114.114.114
[SW1]ip pool 33
[SW1-ip-pool-v3]network 172.16.3.0 mask 24
[SW1-ip-pool-v3]gateway-list 172.16.3.254
[SW1-ip-pool-v3]dns-list 114.114.114.114
[SW1]interface Vlanif 2
[SW1-Vlanif2]dhcp select global
[SW1]interface Vlanif 3
[SW1-Vlanif3]dhcp select global
SW2:
[SW2]dhcp enable
[SW2]ip pool 22
[SW2-ip-pool-v2]network 172.16.2.0 mask 24
[SW2-ip-pool-v2]gateway-list 172.16.2.254
[SW2-ip-pool-v2]dns-list 114.114.114.114
[SW2]ip pool 33
[SW2-ip-pool-v3]network 172.16.3.0 mask 24
[SW2-ip-pool-v3]gateway-list 172.16.3.254
[SW2-ip-pool-v3]dns-list 114.114.114.114
[SW2]interface Vlanif 2
[SW2-Vlanif2]dhcp select global
[SW2]interface Vlanif 3
[SW2-Vlanif3]dhcp select global
8、OSPF
【1】配置IP地址
R1:
ISP:
SW1:
[SW1]vlan 100
[SW1]interface Vlanif 100
[SW1-Vlanif99]ip address 172.16.0.2 30
[SW1]interface g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 100
SW2:
[SW2]vlan 100
[SW2]interface Vlanif 100
[SW2-Vlanif99]ip address 172.16.0.6 30
[SW2]interface g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 100
【2】配置OSPF
R1:
SW1:
SW2:
查看结果:
【3】沉默接口
SW1:
[SW1-ospf-1]silent-interface all
[SW1-ospf-1]undo silent-interface GigabitEthernet 0/0/1
[SW1-ospf-1]undo silent-interface Eth-Trunk 1
[SW1-ospf-1]undo silent-interface Vlanif 2
[SW1-ospf-1]undo silent-interface Vlanif 100
SW2:
[SW2-ospf-1]silent-interface all
[SW2-ospf-1]undo silent-interface GigabitEthernet 0/0/1
[SW2-ospf-1]undo silent-interface Eth-Trunk 1
[SW2-ospf-1]undo silent-interface Vlanif 2
[SW2-ospf-1]undo silent-interface Vlanif 100
【4】汇总、空接口防环
[SW1-ospf-1-area-0.0.0.1]abr-summary 172.16.0.0 255.255.0.0
[SW1]ip route-static 172.16.0.0 16 NULL 0
[SW2-ospf-1-area-0.0.0.1]abr-summary 172.16.0.0 255.255.0.0
[SW2]ip route-static 172.16.0.0 16 NULL 0
9、缺省路由、NAT地址转换
[R1]ip route-static 0.0.0.0 0 10.1.1.1
[R1]ospf 1
[R1-ospf-1]default-route-advertise
[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]nat outbound 2000
三、实验测试
1、同VLAN间互通
PC1-PC3:
PC2-PC4:
2、不同VLAN间互通
PC1-PC4:
PC2-PC3:
3、访问公网:
4、检测SW1 上行链路断开时是否切换网关
PC1原本路径:
断开G0/0/1:
且恢复正常后在20s内网关不立即切换
至此,实验成功完成-。-!
原文地址:https://www.jb51.cc/wenti/3288278.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
