当前位置: 首页 > news >正文

MSTP+VRRP+DHCP(ENSP)

news 来源:原创 2025/4/30 4:58:59

下载链接

通过网盘分享的文件:MSTP+VRRP+DHCP拓扑图
链接: https://pan.baidu.com/s/1ehRwRQ-WzKC8PsUHsTe70Q?pwd=345d 提取码: 345d

PC1

PC2

PC5

AR1

为AR1各端口配置IP地址
<Huawei>sys
[Huawei]un in en
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 1.1.1.1 24
[Huawei-GigabitEthernet0/0/0]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip add 2.2.2.1 24
[Huawei-GigabitEthernet0/0/1]int g0/0/2
[Huawei-GigabitEthernet0/0/2]ip add 6.6.6.1 24设置两条静态让所有地址发向2,3
[Huawei]ip route-static 0.0.0.0 0 6.6.6.2
[Huawei]ip route-static 0.0.0.0 0 6.6.6.3OSPF多区域通信,使各设备遇到陌生IP都发往AR1
[Huawei]ospf
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]default-route-advertise always 
[Huawei-ospf-1]q激活dhcp协议,设立两种地址池
[Huawei]dhcp en
[Huawei]ip pool 10
[Huawei-ip-pool-10]network 192.168.10.0 mask 24
[Huawei-ip-pool-10]gateway-list 192.168.10.254
[Huawei-ip-pool-10]dns-list 1.2.4.8 8.8.8.8
[Huawei-ip-pool-10]q
[Huawei]ip pool 20	
[Huawei-ip-pool-20]network 192.168.20.0 mask 24
[Huawei-ip-pool-20]gateway-list 192.168.20.254
[Huawei-ip-pool-20]dns-list 1.2.4.8 8.8.8.8
[Huawei-ip-pool-20]q建立全局通信,使不同vlan都可以通过全局DHCP服务器获取 IP,实现跨网段地址分配。
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]dhcp select global 
[Huawei-GigabitEthernet0/0/0]int g0/0/1	
[Huawei-GigabitEthernet0/0/1]dhcp select global 
[Huawei-GigabitEthernet0/0/1]q
[Huawei]dis cu

SW4


创建不同vlan,并为其配置IP地址
<Huawei>SYS
[Huawei]un in en
[Huawei]vlan batch 10 20 100 300
[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.1 24
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.1 24
[Huawei-Vlanif20]int vlan 100
[Huawei-Vlanif100]ip add 1.1.1.2 24
[Huawei-Vlanif100]int vlan 300
[Huawei-Vlanif300]ip add 3.3.3.1 24
[Huawei-Vlanif300]q修改各端口的连接类型
[Huawei]int g0/0/5
[Huawei-GigabitEthernet0/0/5]port li ac
[Huawei-GigabitEthernet0/0/5]port default vlan 300
[Huawei-GigabitEthernet0/0/5]q
[Huawei]int g0/0/4
[Huawei-GigabitEthernet0/0/4]port li tr
[Huawei-GigabitEthernet0/0/4]po tr al vl al
[Huawei-GigabitEthernet0/0/4]int g0/0/1
[Huawei-GigabitEthernet0/0/1]po li ac
[Huawei-GigabitEthernet0/0/1]port default vlan 100
[Huawei-GigabitEthernet0/0/1]q建立OSPF多区域通信
[Huawei]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]q激活DHCP协议,配置为中继模式
[Huawei]dhcp en
[Huawei]int vlan 10
[Huawei-Vlanif10]dhcp select relay 	
[Huawei-Vlanif10]dhcp relay  server-ip 1.1.1.1
[Huawei-Vlanif10]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]dhcp select relay 
[Huawei-Vlanif20]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif20]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif20]q链路聚合,是通信更安全
[Huawei]int eth 1
[Huawei-Eth-Trunk1]mode manual load-balance 
[Huawei-Eth-Trunk1]trunkport  GigabitEthernet 0/0/2 to 0/0/3
[Huawei-Eth-Trunk1]por l t
[Huawei-Eth-Trunk1]po t al vl al
[Huawei-Eth-Trunk1]q

SW5


操作类型同上
<Huawei>sys
[Huawei]un in en
[Huawei]vlan batch 10 20 200
[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.2 24
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.2 24
[Huawei-Vlanif20]int vlan 200
[Huawei-Vlanif200]ip add 2.2.2.2 24
[Huawei-Vlanif200]q[Huawei]int g0/0/1	
[Huawei-GigabitEthernet0/0/1]po l ac
[Huawei-GigabitEthernet0/0/1]po de vl 200
[Huawei-GigabitEthernet0/0/1]q
[Huawei]int g0/0/4
[Huawei-GigabitEthernet0/0/4]po l t
[Huawei-GigabitEthernet0/0/4]po tr al vl al
[Huawei-GigabitEthernet0/0/4]q[Huawei]ospf 
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]q[Huawei]dhcp en
[Huawei]int vlan 10
[Huawei-Vlanif10]dhcp select relay
[Huawei-Vlanif10]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif10]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]dhcp select relay 
[Huawei-Vlanif20]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif20]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif20]q[Huawei]int eth 1
[Huawei-Eth-Trunk1]mode manual load-balance 	
[Huawei-Eth-Trunk1]trunkport GigabitEthernet 0/0/2 to 0/0/3
[Huawei-Eth-Trunk1]port l t
[Huawei-Eth-Trunk1]po tr al vl al
[Huawei-Eth-Trunk1]q

SW6

创建不同vlan,修改各端口的连接类型
<Huawei>sys
[Huawei]un in en
[Huawei]vlan batch 10 20
[Huawei]int e0/0/1
[Huawei-Ethernet0/0/1]po li t
[Huawei-Ethernet0/0/1]po t al vl al(10 20)
[Huawei-Ethernet0/0/1]int e0/0/2
[Huawei-Ethernet0/0/2]po li t
[Huawei-Ethernet0/0/2]po t al vl al(10 20)
[Huawei-Ethernet0/0/2]q
[Huawei]int e0/0/4
[Huawei-Ethernet0/0/4]po li ac
[Huawei-Ethernet0/0/4]po de vlan 10
[Huawei-Ethernet0/0/4]int e0/0/3
[Huawei-Ethernet0/0/3]port li ac
[Huawei-Ethernet0/0/3]po de vl 10
[Huawei-Ethernet0/0/3]int e0/0/5
[Huawei-Ethernet0/0/5]po li ac
[Huawei-Ethernet0/0/5]po de vl 20

SW4,SW5,SW6均需要配置

配置生成树协议,并激活
stp mode mstp
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 10
instance 2 vlan 20
active region-configuration

SW4


1主要,2备用
[Huawei-mst-region]q
[Huawei]stp instance 1 root primary 
[Huawei]stp instance 2 root secondary

SW5


1备用,2主要
[Huawei-mst-region]q
[Huawei]stp instance 1 root secondary 	
[Huawei]stp instance 2 root primary

SW6

配置边缘端口,拒绝bpdu发送进来
[Huawei-mst-region]q
[Huawei]int e0/0/3
[Huawei-Ethernet0/0/3]stp edged-port  enable 
[Huawei-Ethernet0/0/3]int e0/0/4
[Huawei-Ethernet0/0/4]stp edged-port enable
[Huawei-Ethernet0/0/4]int e0/0/5
[Huawei-Ethernet0/0/5]stp edged-port enable
[Huawei-Ethernet0/0/5]q
[Huawei]stp bpdu-protection	
[Huawei]dis stp instance 1 brief 
[Huawei]dis stp instance 2 brief

SW4


设置虚拟网关,修改优先级,启用抢占模式
[Huawei]int vlan 10
[Huawei-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[Huawei-Vlanif10]vrrp vrid 10 priority 150	
[Huawei-Vlanif10]vrrp vrid 10 preempt-mode timer delay 1
[Huawei-Vlanif10]vrrp vrid 10 track int g0/0/1 reduced 100
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[Huawei-Vlanif20]vrrp vrid 20 preempt-mode timer delay 1
[Huawei]dis vrrp brief

SW5


设置虚拟网关,修改优先级,启用抢占模式
<Huawei>sys
[Huawei]int vlan 10
[Huawei-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[Huawei-Vlanif10]vrrp vrid  10 preempt-mode timer delay 1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[Huawei-Vlanif20]vrrp vrid 20 preempt-mode timer delay 1
[Huawei-Vlanif20]vrrp vrid 20 priority 150
[Huawei-Vlanif20]vrrp vrid 20 track int g0/0/1 reduced 100
[Huawei-Vlanif20]q
[Huawei]dis vrrp brief

AR1


设置环回
<Huawei>sys
[Huawei]int lo 5
[Huawei-LoopBack1]ip address 5.5.5.1 24

PC2


测试
ipconfig
ping 5.5.5.1

Server1启动服务

Client2

AR1

建立ACL,拒绝FTP访问,NAT内网转外网
<Huawei>sys
[Huawei]acl 3000
[Huawei-acl-adv-3000]rule permit ip source any destination 6.6.6.1 0.0.0.255
[Huawei-acl-adv-3000]rule deny tcp source 6.6.6.2 0.0.0.0 destination 3.3.3.100 0.0.0.0 destination-port eq 21
[Huawei-acl-adv-3000]rule permit tcp destination 6.6.6.100 0.0.0.0 destination-port eq 80
[Huawei-acl-adv-3000]q
[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2]nat outbound 3000
[Huawei-GigabitEthernet0/0/2]nat server protocol tcp global 6.6.6.100 www inside 3.3.3.1 www

PC2

测试
ping 6.6.6.3

Client4

注意:FTPClient登录失败则为实验成功

**“如果这篇文章对你有帮助,请点个赞支持一下!你的每一个点赞和评论,都是我继续分享的动力~”**
- **“感谢每一位阅读到这里的朋友!如果觉得有用,请点个赞或留个评论,让我知道你的想法~”**
- **“你们的支持是我最大的动力!如果这篇文章对你有帮助,别忘了点赞和评论哦~”**

相关文章:

  • docker 部署服务工具记录
  • 1. python开发小笔记
  • Python(23)Python异常处理完全指南:从防御到调试的工程实践
  • Jenkins 简易使用记录
  • 天梯赛数据结构合集
  • Qt官方案例知识点总结(图形视图——Colliding Mice)
  • 极狐GitLab 账号限制有哪些?
  • 从数字化到智能化,百度 SRE 数智免疫系统的演进和实践
  • 第 5 期(进阶版):训练第一个 DDPM 模型(使用 CIFAR-10 数据集)
  • Kafka 时间轮
  • 杭州小红书代运营公司-品融电商:全域增长策略的实践者
  • U盘实现——双盘符实现
  • AI当前状态:有哪些新技术
  • 深入理解分布式缓存 以及Redis 实现缓存更新通知方案
  • Leetcode 2158. 每天绘制新区域的数量【Plus题】
  • 复现SCI图像增强(Toward fast, flexible, and robust low-light image enhancement.)
  • 高安全低功耗MCU:机器人控制系统的智能化与可靠性提升
  • Kubernetes》》k8s》》Namespace
  • 评测 Doubao-1.5-thinking-pro | 豆包·深度思考模型
  • 工程化实践:Flutter项目结构与规范
  • 中国人保聘任田耕为副总裁,此前为工行浙江省分行行长
  • 发布亮眼一季度报后,东阿阿胶股价跌停:现金流隐忧引发争议
  • 新华每日电讯:从上海街区经济看账面、市面、人面、基本面
  • 伊朗南部港口火势蔓延,部分集装箱再次发生爆炸
  • 榆林市委常委王华胜已任榆林市政协党组书记
  • 六朝文物草连空——丹阳句容南朝石刻考察纪