当前位置: 首页 > news >正文

NE综合实验3:链路聚合、VLAN与Trunk、STP、DHCP、OSPF及PPP整合部署

NE综合实验3

链路聚合:通过LACP或静态聚合提升带宽与冗余性
VLAN与Trunk:跨交换机VLAN通信及Trunk端口配置
STP:生成树协议优化网络拓扑防环
DHCP:动态地址分配与中继配置
OSPF:动态路由协议实现多区域互联
默认路由:边界设备外网流量引导
PPP:广域网链路认证与封装

一、实验拓扑

请添加图片描述

二、实验需求
  1. IP地址配置如图,公司网络通过R1连接互联网
  2. SW1和SW2之间的直连链路配置链路聚合
  3. 公司内部业务网段为vlan10和vlan20;PC1属于vlan10,PC2属于vlan20,vlan30用于SW1和SW2建立OSPF邻居;vlan111为SW1和R1的互联vlan,vlan222为SW2和R2的互联vlan
  4. 所有交换机相连的端口配置为trunk,不允许无关流量通过
  5. 交换区域配置生成树,要求SW2为根网桥,闭塞端口在SW3上
  6. 交换机连接PC的端口配置为边缘端口
  7. 在SW1配置DHCP服务,为vlan10和vlan20的PC动态分配IP地址、网关和DNS地址;要求vlan10的网关是192.168.1.252,vlan20的网关是192.168.2.253
  8. 按图示分区域配置OSPF实现公司内部网络全网互通,R1和R2的环回口宣告进骨干区域;业务网段不允许出现协议报文(即配置静默接口)
  9. R1上配置默认路由指向互联网,并引入到OSPF
  10. R1通过双线连接到互联网,配置MP-GROUP,并配置双向chap验证
  11. 只有业务网段192.168.1.0/24和192.168.2.0/24的数据流可以通过R1访问互联网
  12. R1开启TELNET远程管理
三、实验步骤
  1. IP地址配置如图,公司网络通过R1连接互联网

    [R1]int g0/0
    [R1-GigabitEthernet0/0]ip add 10.0.0.5 30
    [R1-GigabitEthernet0/0]int g0/1
    [R1-GigabitEthernet0/1]ip add 10.0.0.1 30
    [R1-GigabitEthernet0/1]int g0/2
    [R1-GigabitEthernet0/2]ip add 10.0.0.14 30
    [R1-GigabitEthernet0/2]int lo0
    [R1-LoopBack0]ip add 10.1.1.1 32
    [R1-LoopBack0]qu
    
    [R2]int g0/0
    [R2-GigabitEthernet0/0]ip add 10.0.0.9 30
    [R2-GigabitEthernet0/0]int g0/1
    [R2-GigabitEthernet0/1]ip add 10.0.0.18 30
    [R2-GigabitEthernet0/1]int g0/2
    [R2-GigabitEthernet0/2]ip add 10.0.0.2 30
    [R2-GigabitEthernet0/2]int lo0
    [R2-LoopBack0]ip add 10.1.1.2 32
    [R2-LoopBack0]qu
    
    [R3]int g0/0
    [R3-GigabitEthernet0/0]ip add 10.0.0.13 30
    [R3-GigabitEthernet0/0]int g0/1
    [R3-GigabitEthernet0/1]ip add 10.0.0.17 30
    [R3-GigabitEthernet0/1]int g0/2
    [R3-GigabitEthernet0/2]ip add 192.168.3.254 24
    [R3-GigabitEthernet0/2]int lo0
    [R3-LoopBack0]ip add 10.1.1.3 32
    [R3-LoopBack0]qu
    
    [SW1]vlan 10
    [SW1-vlan10]vlan 20
    [SW1-vlan20]vlan 30
    [SW1-vlan30]vlan 111
    [SW1-vlan111]int vlan 10
    [SW1-Vlan-interface10]ip add 192.168.1.252 24
    [SW1-Vlan-interface10]int vlan 20
    [SW1-Vlan-interface20]ip add 192.168.2.252 24
    [SW1-Vlan-interface20]int vlan 30
    [SW1-Vlan-interface30]ip add 10.1.2.1 30
    [SW1-Vlan-interface30]int vlan 111
    [SW1-Vlan-interface111]ip add 10.0.0.6 30
    [SW1-Vlan-interface111]int lo0
    [SW1-LoopBack0]ip add 10.1.1.11 32
    [SW1-LoopBack0]qu
    
    [SW2]vlan 10
    [SW2-vlan10]vlan 20
    [SW2-vlan20]vlan 30
    [SW2-vlan30]vlan 222
    [SW2-vlan222]int vlan 10
    [SW2-Vlan-interface10]ip add 192.168.1.253 24
    [SW2-Vlan-interface10]int vlan 20
    [SW2-Vlan-interface20]ip add 192.168.2.253 24
    [SW2-Vlan-interface20]int vlan 30
    [SW2-Vlan-interface30]ip add 10.1.2.2 30
    [SW2-Vlan-interface30]int vlan 222
    [SW2-Vlan-interface222]ip add 10.0.0.10 30
    [SW2-Vlan-interface222]int lo0
    [SW2-LoopBack0]ip add 10.1.1.12 32
    [SW2-LoopBack0]qu
    
  2. SW1和SW2之间的直连链路配置链路聚合

    [SW1]int Bridge-Aggregation 1
    [SW1-Bridge-Aggregation1]qu
    [SW1]int g1/0/1
    [SW1-GigabitEthernet1/0/1]port link-aggregation group 1
    [SW1-GigabitEthernet1/0/1]int g1/0/2
    [SW1-GigabitEthernet1/0/2]port link-aggregation group 1
    [SW1-GigabitEthernet1/0/2]qu
    
    [SW2]int Bridge-Aggregation 1
    [SW2-Bridge-Aggregation1]qu
    [SW2]int g1/0/1
    [SW2-GigabitEthernet1/0/1]port link-aggregation group 1
    [SW2-GigabitEthernet1/0/1]int g1/0/2
    [SW2-GigabitEthernet1/0/2]port link-aggregation group 1
    [SW2-GigabitEthernet1/0/2]qu
    
  3. PC1属于vlan10,PC2属于vlan20

    [SW3]vlan 10
    [SW3-vlan10]port g1/0/3
    [SW3-vlan10]vlan 20
    [SW3-vlan20]port g1/0/4
    [SW3-vlan20]qu
    
  4. vlan111为SW1和R1的互联vlan,vlan222为SW2和R2的互联vlan

    [SW1]vlan 111
    [SW1-vlan111]port g1/0/4
    [SW1-vlan111]qu
    
    [SW2]vlan 222
    [SW2-vlan222]port g1/0/4
    [SW2-vlan222]qu
    
  5. 所有交换机相连的端口配置为trunk,不允许无关流量通过

    [SW1]int Bridge-Aggregation 1
    [SW1-Bridge-Aggregation1]port link-type trunk 
    [SW1-Bridge-Aggregation1]port trunk permit vlan 10 20 30
    [SW1-Bridge-Aggregation1]qu
    [SW1]int g1/0/3
    [SW1-GigabitEthernet1/0/3]port link-type trunk 
    [SW1-GigabitEthernet1/0/3]port trunk permit vlan 10 20 
    [SW1-GigabitEthernet1/0/3]qu
    
    [SW2]int Bridge-Aggregation 1
    [SW2-Bridge-Aggregation1]port link-type trunk 
    [SW2-Bridge-Aggregation1]port trunk permit vlan 10 20 30
    [SW2-Bridge-Aggregation1]qu
    [SW2]int g1/0/3
    [SW2-GigabitEthernet1/0/3]port link-type trunk 
    [SW2-GigabitEthernet1/0/3]port trunk permit vlan 10 20 
    [SW2-GigabitEthernet1/0/3]qu
    
    [SW3]int g1/0/1
    [SW3-GigabitEthernet1/0/1]port link-type trunk 
    [SW3-GigabitEthernet1/0/1]port trunk permit vlan 10 20
    [SW3-GigabitEthernet1/0/1]int g1/0/2
    [SW3-GigabitEthernet1/0/2]port link-type trunk 
    [SW3-GigabitEthernet1/0/2]port trunk permit vlan 10 20
    [SW3-GigabitEthernet1/0/4]qu
    
  6. 交换区域配置生成树,要求SW2为根网桥,闭塞端口在SW3上

    [SW2]stp priority 4096
    
    <SW1>dis stp brMST ID   Port                                Role  STP State   Protection0        Bridge-Aggregation1                 ROOT  FORWARDING  NONE0        GigabitEthernet1/0/3                DESI  FORWARDING  NONE0        GigabitEthernet1/0/4                DESI  FORWARDING  NONE
    
    [SW2]dis stp brMST ID   Port                                Role  STP State   Protection0        Bridge-Aggregation1                 DESI  FORWARDING  NONE0        GigabitEthernet1/0/3                DESI  FORWARDING  NONE0        GigabitEthernet1/0/4                DESI  FORWARDING  NONE
    
    [SW3]dis stp brMST ID   Port                                Role  STP State   Protection0        GigabitEthernet1/0/1                ALTE  DISCARDING  NONE0        GigabitEthernet1/0/2                ROOT  FORWARDING  NONE0        GigabitEthernet1/0/3                DESI  FORWARDING  NONE0        GigabitEthernet1/0/4                DESI  FORWARDING  NONE
    
  7. 交换机连接PC的端口配置为边缘端口

    [SW3-GigabitEthernet1/0/2]int g1/0/3
    [SW3-GigabitEthernet1/0/3]stp edg
    [SW3-GigabitEthernet1/0/3]int g1/0/4
    [SW3-GigabitEthernet1/0/4]stp edg
    [SW3-GigabitEthernet1/0/4]qu
    
  8. 在SW1配置DHCP服务,为vlan10和vlan20的PC动态分配IP地址、网关和DNS地址;要求vlan10的网关是192.168.1.252,vlan20的网关是192.168.2.253

    [SW1]dhcp enable 
    [SW1]dhcp server ip-pool 1
    [SW1-dhcp-pool-1]net 192.168.1.0 24
    [SW1-dhcp-pool-1]gateway-list 192.168.1.252
    [SW1-dhcp-pool-1]dns-list 114.114.114.114
    [SW1-dhcp-pool-1]expired day 1
    [SW1-dhcp-pool-1]qu
    [SW1]dhcp server ip-pool 2
    [SW1-dhcp-pool-2]net 192.168.2.0 24
    [SW1-dhcp-pool-2]gateway-list 192.168.2.253
    [SW1-dhcp-pool-2]dns-list 114.114.114.114
    [SW1-dhcp-pool-2]expired day 1
    [SW1-dhcp-pool-2]qu
    
    [SW1]dis dhcp server ip-in-use 
    IP address       Client identifier/    Lease expiration      TypeHardware address
    192.168.1.1      0035-3666-662e-3462-  Jul 16 18:56:39 2025  Auto(C)            3836-2e30-3830-362d-                                           4745-302f-302f-31                                              
    192.168.2.1      0035-3666-662e-3464-  Jul 16 18:56:44 2025  Auto(C)            3736-2e30-3930-362d-                                           4745-302f-302f-31                                              
    
  9. 按图示分区域配置OSPF实现公司内部网络全网互通,R1和R2的环回口宣告进骨干区域

    [R1]ospf 1 router-id 10.1.1.1
    [R1-ospf-1]a 0
    [R1-ospf-1-area-0.0.0.0]net 10.0.0.1 0.0.0.0
    [R1-ospf-1-area-0.0.0.0]net 10.0.0.14 0.0.0.0
    [R1-ospf-1-area-0.0.0.0]net 10.1.1.1 0.0.0.0
    [R1-ospf-1-area-0.0.0.0]a 1
    [R1-ospf-1-area-0.0.0.1]net 10.0.0.5 0.0.0.0
    [R1-ospf-1-area-0.0.0.1]qu
    [R1-ospf-1]qu
    
    [R2]ospf 1 router-id 10.1.1.2
    [R2-ospf-1]a 0
    [R2-ospf-1-area-0.0.0.0]net 10.0.0.18 0.0.0.0
    [R2-ospf-1-area-0.0.0.0]net 10.0.0.2 0.0.0.0
    [R2-ospf-1-area-0.0.0.0]net 10.1.1.2 0.0.0.0
    [R2-ospf-1-area-0.0.0.0]a 1
    [R2-ospf-1-area-0.0.0.1]net 10.0.0.9 0.0.0.0
    [R2-ospf-1-area-0.0.0.1]qu
    [R2-ospf-1]qu
    
    [R3]ospf 1 router-id 10.1.1.3
    [R3-ospf-1]a 0
    [R3-ospf-1-area-0.0.0.0]net 10.0.0.13 0.0.0.0
    [R3-ospf-1-area-0.0.0.0]net 10.0.0.17 0.0.0.0
    [R3-ospf-1-area-0.0.0.0]net 192.168.3.254 0.0.0.255
    [R3-ospf-1-area-0.0.0.0]net 10.1.1.3 0.0.0.0
    [R3-ospf-1-area-0.0.0.0]qu
    [R3-ospf-1]qu
    
    [SW1]ospf 1 rou
    [SW1]ospf 1 router-id 10.1.1.11 
    [SW1-ospf-1]a 1
    [SW1-ospf-1-area-0.0.0.1]net 192.168.1.0 0.0.0.255
    [SW1-ospf-1-area-0.0.0.1]net 192.168.2.0 0.0.0.255
    [SW1-ospf-1-area-0.0.0.1]net 10.1.2.1 0.0.0.0
    [SW1-ospf-1-area-0.0.0.1]net 10.0.0.6 0.0.0.0
    [SW1-ospf-1-area-0.0.0.1]net 10.1.1.11 0.0.0.0
    [SW1-ospf-1-area-0.0.0.1]qu
    [sw1-ospf-1]qu
    
    [SW2]ospf 1 router-id 10.1.1.12
    [SW2-ospf-1]a 1
    [SW2-ospf-1-area-0.0.0.1]net 192.168.1.0 0.0.0.255
    [SW2-ospf-1-area-0.0.0.1]net 192.168.2.0 0.0.0.255
    [SW2-ospf-1-area-0.0.0.1]net 10.1.2.2 0.0.0.0
    [SW2-ospf-1-area-0.0.0.1]net 10.0.0.10 0.0.0.0
    [SW2-ospf-1-area-0.0.0.1]net 10.1.1.12 0.0.0.0
    [SW2-ospf-1-area-0.0.0.1]qu
    [SW2-ospf-1]qu
    
  10. 业务网段不允许出现协议报文(即配置静默接口)

    [SW1]ospf 1
    [SW1-ospf-1]silent-interface Vlan 10
    [SW1-ospf-1]silent-interface Vlan 20
    [SW1-ospf-1]qu
    
    [SW2]ospf 1
    [SW2-ospf-1]silent-interface Vlan 10
    [SW2-ospf-1]silent-interface Vlan 20
    [SW2-ospf-1]qu
    
    [R3]ospf
    [R3-ospf-1]silent-interface g0/2
    [R3-ospf-1]qu
    
  11. R1上配置默认路由指向互联网,并引入到OSPF

    [R1]ip route-static 0.0.0.0 0 202.100.1.1
    [R1]ospf 1
    [R1-ospf-1]default-route-advertise 
    [R1-ospf-1]qu
    
  12. R1通过双线连接到互联网,配置MP-GROUP,并配置双向chap验证

    [R1]int MP-group 1
    [R1-MP-group1]qu
    [R1]local-user wiltjer class network 
    New local user added.
    [R1-luser-network-wiltjer]password simple 123456
    [R1-luser-network-wiltjer]service-type ppp
    [R1-luser-network-wiltjer]qu[R1]int s1/0
    [R1-Serial1/0]ppp mp MP-group 1
    [R1-Serial1/0]ppp chap user wiltjer1
    [R1-Serial1/0]int s2/0
    [R1-Serial2/0]ppp mp MP-group 1
    [R1-Serial2/0]ppp chap user wiltjer1
    [R1-Serial2/0]qu
    
    [INTERNET]int MP-group 1
    [INTERNET-MP-group1]qu
    [INTERNET]local-user wiltjer class network 
    New local user added.
    [INTERNET-luser-network-wiltjer]password simple 123456
    [INTERNET-luser-network-wiltjer]service-type ppp
    [INTERNET-luser-network-wiltjer]qu[INTERNET]int s1/0
    [INTERNET-Serial1/0]ppp mp MP-group 1
    [INTERNET-Serial1/0]ppp chap user wiltjer
    [INTERNET-Serial1/0]int s2/0
    [INTERNET-Serial2/0]ppp mp MP-group 1
    [INTERNET-Serial2/0]ppp chap user wiltjer
    [INTERNET-Serial2/0]qu
    
  13. 只有业务网段192.168.1.0/24和192.168.2.0/24的数据流可以通过R1访问互联网

    [R1]acl basic 2000
    [R1-acl-ipv4-basic-2000]rule permit source 192.168.1.0 0.0.0.255
    [R1-acl-ipv4-basic-2000]rule permit source 192.168.2.0 0.0.0.255
    [R1-acl-ipv4-basic-2000]qu[R1]int MP-group 1
    [R1-MP-group1]nat outbound 2000
    [R1-MP-group1]qu
    
  14. R1开启TELNET远程管理

    [R1]local-user wiltjer class manage 
    New local user added.
    [R1-luser-manage-wiltjer]password simple 123456.com
    [R1-luser-manage-wiltjer]authorization-attribute user-role level-15
    [R1-luser-manage-wiltjer]service-type telnet
    [R1-luser-manage-wiltjer]qu[R1]user-interface vty 0 4
    [R1-line-vty0-4]authentication-mode scheme 
    [R1-line-vty0-4]qu

文章转载自:
http://chaqueta.lbooon.cn
http://ceres.lbooon.cn
http://dromometer.lbooon.cn
http://berlin.lbooon.cn
http://ravenously.lbooon.cn
http://electioneer.lbooon.cn
http://sperm.lbooon.cn
http://galore.lbooon.cn
http://germanomania.lbooon.cn
http://voltameter.lbooon.cn
http://june.lbooon.cn
http://pyrogallol.lbooon.cn
http://probatory.lbooon.cn
http://leukemia.lbooon.cn
http://rhino.lbooon.cn
http://duma.lbooon.cn
http://terebrate.lbooon.cn
http://dehydrogenize.lbooon.cn
http://piamater.lbooon.cn
http://transcriptor.lbooon.cn
http://profaneness.lbooon.cn
http://albumose.lbooon.cn
http://angelological.lbooon.cn
http://declaimer.lbooon.cn
http://weasel.lbooon.cn
http://senescent.lbooon.cn
http://cilantro.lbooon.cn
http://prosoma.lbooon.cn
http://parting.lbooon.cn
http://trihedron.lbooon.cn
http://www.dtcms.com/a/280775.html

相关文章:

  • Redis 数据持久化
  • 渲染设计图的空间革命:可视化技术如何重塑设计决策
  • WPF中ListView控件详解
  • 阿里云ssh证书过期,如果更换并上传到服务器
  • 3D数据:从数据采集到数据表示,再到数据应用
  • 服务器、花生壳一个端口部署前后端分离项目
  • 微算法科技技术突破:用于前馈神经网络的量子算法技术助力神经网络变革
  • 从基础到进阶:MyBatis-Plus 分页查询封神指南
  • 暑期算法训练.1
  • redis的安装
  • 【Docker基础】Dockerfile指令速览:高级构建指令详解
  • Flink Watermark原理与实战
  • [Pytest][Part 5]单条测试和用例集测试
  • 工业喷涂机器人的革新:艾利特协作机器人引领人机交互新纪元
  • 基于强化学习的智能体设计与实现:以CartPole平衡任务为例
  • 物联网系统中“时序数据库(TSDB)”和“关系型数据库(RDBMS)”
  • GD32VW553-IOT LED呼吸灯项目
  • 软考高级网络规划设计师2009-2024历年真题合集下载
  • AWS中国区资源成本优化全面指南:从理论到实践
  • 板凳-------Mysql cookbook学习 (十一--------11)
  • QT——QComboBox组合框控件
  • Filter(过滤器)
  • Kruskal重构树
  • AutoSQT 2025 第二届汽车软件质量与测试峰会开启报名!
  • wkhtmltopdf导出pdf调试参数
  • 无法判断项目进度中的关键路径,如何进行关键路径分析
  • 创客匠人:创始人 IP 的破局思维,重构知识变现的深层逻辑
  • 基于redis的分布式锁 lua脚本解决原子性
  • easy-ui中的相对路径和绝对路径问题
  • ARM GCC内联汇编