H3CNE综合实验之五角星
H3CNE综合实验之五角星
实验拓扑图
交换机地址规划表:
| SW6 | G1/0/1 | Vlan100:10.1.3.2/24 |
|---|---|---|
| G1/0/2 | Vlan90:10.1.4.2/24 | |
| G1/0/3 | Vlan50:10.1.5.1/24 | |
| G1/0/4 | Vlan60:10.1.6.1/24 | |
| SW7 | G1/0/1 | Vlan50:10.1.5.2/24 |
| G1/0/2 | Vlan30:192.168.3.1/24 | |
| G1/0/6 | Vlan70:10.1.1.2/24 | |
| G1/0/3-5做聚合组为1 | Vlan110:192.168.5.1/24 | |
| SW8 | G1/0/1 | Vlan60:10.1.6.2/24 |
| G1/0/2 | Vlan40:192.168.4.1/24 | |
| G1/0/6 | Vlan80:10.1.2.2/24 | |
| G1/0/3-5做聚合组为1 | Vlan110:192.168.5.2/24 | |
| SW9 | G1/0/1 | Vlan30:192.168.3.2/24 |
| G1/0/2 | Vlan40:192.168.4.2/24 | |
| G1/0/3 | Vlan10:192.168.1.254/24 | |
| G1/0/4 | Vlan20:192.168.2.254/24 | |
| PC10 | G0/1 | 192.168.1.1/24 网关:192.168.1.254 |
| PC11 | G0/1 | 192.168.2.1/24 网关:192.168.2.254 |
实验需求
-
按照图示配置IP地址。
-
Sw7和sw8之间的直连链路配置链路聚合。
-
公司内部业务网段为vlan10和vlan20,vlan10是市场部,vlan20是技术部,要求对vlan进行命名以便区分识别;pc10属于vlan10,pc11属于vlan20,其中vlan30,vlan40,vlan50,vlan60,vlan70,vlan80,vlan90,vlan100,vlan110,vlan120,vlan130,vlan140,vlan150用于交换机之间建立rip动态路由协议及互联vlan。
-
所有交换机相连的端口配置为trunk,允许相关流量通过。
-
交换机连接pc的端口配置为边缘端口。
-
将sw9选举为生成树的根网桥。
-
在sw9上配置dhcp服务,为vlan10和20的pc动态分配IP地址、网关和dns地址,要求vlan10的网关是192.168.1.254,vlan20的网关是192.168.2.254。
-
按照图示区域将sw7-9之间用静态路由打通。
-
按照图示分区域配置ospf协议,环回口宣告进对应区域中。
-
按照图示区域配置rip协议,环回口宣告进对应区域中,业务网段不允许出现协议报文。
-
要求实现内网全网互通。
-
R1和R2之间通过双线连接到互联网配置ppp-mp,并配置双向chap验证。
-
配置easy ip只有业务网段192.168.1.0/24和192.168.2.0/24的数据流可以通过R2和R3访问互联网。
1.按照图示配置IP地址(部分略)
[R1]int MP-group 1
[R1-MP-group1]ip ad 202.100.1.1 24
[R1-MP-group1]int s1/0
[R1-Serial1/0]ppp mp MP-group 1[R1-Serial1/0]int s2/0
[R1-Serial2/0]ppp mp MP-group 1
[R1-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 202.100.2.1/24 -- --
GE0/1 down down -- -- --
GE0/2 down down -- -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 1.1.1.1/32 -- --
MP1 down down 202.100.1.1/24 -- --
Ser1/0 up up -- -- --
Ser2/0 up up -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R2]int MP-group 1
[R2-MP-group1]ip ad 202.100.1.2 24
[R2-MP-group1]int s1/0
[R2-Serial1/0]ppp mp MP-group 1
[R2-Serial1/0]int s2/0
[R2-Serial2/0]ppp mp MP-group 1
[R2-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.2.2/24 -- --
GE0/1 up up 172.16.1.2/24 -- --
GE0/2 up up 172.16.5.2/24 -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 2.2.2.2/32 -- --
MP1 up up 202.100.1.2/24 -- --
Ser1/0 up up -- -- --
Ser2/0 up up -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R3-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.2.3/24 -- --
GE0/1 up up 172.16.3.3/24 -- --
GE0/2 up up 172.16.7.3/24 -- --
GE5/0 up up -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 3.3.3.3/24 -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R4]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.1.4/24 -- --
GE0/1 up up 172.16.4.4/24 -- --
GE0/2 up up 10.1.3.4/24 -- --
GE5/0 up up 10.1.1.4/24 -- --
GE5/1 up up 172.16.6.4/24 -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 4.4.4.4/32 -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R5-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.4.5/24 -- --
GE0/1 up up 172.16.3.5/24 -- --
GE0/2 up up 10.1.4.5/24 -- --
GE5/0 up up 10.1.2.5/24 -- --
GE5/1 up up 172.16.8.5/24 -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 5.5.5.5/32 -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[SW6]vlan 100
[SW6-vlan100]int vlan 100
[SW6-Vlan-interface100]ip ad 10.1.3.2 24
[SW6-Vlan-interface100]vlan 90
[SW6-vlan90]int vlan 90
[SW6-Vlan-interface90]ip address 10.1.4.2 24
[SW6-Vlan-interface90]vlan 50
[SW6-vlan50]int vlan 50
[SW6-Vlan-interface50]ip ad 10.1.5.1 24
[SW6-Vlan-interface50]
[SW6-Vlan-interface50]vlan 60
[SW6-vlan60]int vlan 60
[SW6-Vlan-interface60]ip ad 10.1.6.1 24
[SW6-Vlan-interface60]quit
[SW6]int lo0
[SW6-LoopBack0]ip ad 6.6.6.6 32
[SW6-LoopBack0]quit
[SW6]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP Address Description
Loop0 up up(s) 6.6.6.6 --
MGE0/0/0 down down -- --
Vlan50 down down 10.1.5.1 --
Vlan60 down down 10.1.6.1 --
Vlan90 down down 10.1.4.2 --
Vlan100 down down 10.1.3.2 --
[SW7]vlan 50
[SW7-vlan50]int vlan 50
[SW7-Vlan-interface50]ip ad 10.1.5.2 24
[SW7-Vlan-interface50]vlan 30
[SW7-vlan30]int vlan 30
[SW7-Vlan-interface30]ip ad 192.168.3.1 24
[SW7-Vlan-interface30]vlan 70
[SW7-vlan70]int vlan 70
[SW7-Vlan-interface70]ip ad 10.1.1.2 24
[SW7-Vlan-interface70]vlan 110
[SW7-vlan110]int vlan 110
[SW7-Vlan-interface110]ip ad 192.168.5.1 24
[SW7-Vlan-interface110]quit
[SW7]int lo0
[SW7-LoopBack0]ip ad 7.7.7.7 32
[SW7-LoopBack0]
[SW7-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP Address Description
Loop0 up up(s) 7.7.7.7 --
MGE0/0/0 down down -- --
Vlan30 down down 192.168.3.1 --
Vlan50 down down 10.1.5.2 --
Vlan70 up up 10.1.1.2 --
Vlan110 down down 192.168.5.1 --
[SW8]vlan 60
[SW8-vlan60]int vlan 60
[SW8-Vlan-interface60]ip ad 10.1.6.2 24
[SW8-Vlan-interface60]vlan 40
[SW8-vlan40]int vlan 40
[SW8-Vlan-interface40]ip ad 192.168.4.1 24
[SW8-Vlan-interface40]vlan 80
[SW8-vlan80]int vlan 80
[SW8-Vlan-interface80]ip ad 10.1.2.2 24
[SW8-Vlan-interface80]quit
[SW8]vlan 110
[SW8-vlan110]int vlan 110
[SW8-Vlan-interface110]ip address 192.168.5.2 24
[SW8]int lo0
[SW8-LoopBack0]ip ad 8.8.8.8 32
[SW8-LoopBack0]quit
[SW8-Vlan-interface110]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP Address Description
Loop0 up up(s) 8.8.8.8 --
MGE0/0/0 down down -- --
Vlan40 down down 192.168.4.1 --
Vlan60 down down 10.1.6.2 --
Vlan80 down down 10.1.2.2 --
Vlan110 down down 192.168.5.2 --
[SW9]int lo0
[SW9-LoopBack0]ip ad 9.9.9.9 32
[SW9-LoopBack0]quit
[SW9]vlan 30
[SW9-vlan30]int vlan 30
[SW9-Vlan-interface30]ip ad 192.168.3.2 24
[SW9-Vlan-interface30]vlan 40
[SW9-vlan40]int vlan 40
[SW9-Vlan-interface40]ip ad 192.168.4.2 24
[SW9-Vlan-interface40]vlan 10
[SW9-vlan10]int vlan 10
[SW9-Vlan-interface10]ip ad 192.168.1.254 24
[SW9-Vlan-interface10]vlan 20
[SW9-vlan20]int vlan 20
[SW9-Vlan-interface20]ip ad 192.168.2.254 24
[SW9-Vlan-interface20]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP Address Description
Loop0 up up(s) 9.9.9.9 --
MGE0/0/0 down down -- --
Vlan10 down down 192.168.1.254 --
Vlan20 down down 192.168.2.254 --
Vlan30 down down 192.168.3.2 --
Vlan40 down down 192.168.4.2 --
[R12-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.5.12/24 -- --
GE0/1 up up 172.16.6.12/24 -- --
GE0/2 down down -- -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 12.12.12.12/32 -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R13-LoopBack0]dis ip int b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 172.16.7.13/24 -- --
GE0/1 up up 172.16.8.13/24 -- --
GE0/2 down down -- -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Loop0 up up(s) 13.13.13.13/32 -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
2.SW7和SW8之间的直连链路配置链路聚合
[SW7]int Bridge-Aggregation 1
[SW7-Bridge-Aggregation1]int range g1/0/3 to g1/0/5
[SW7-if-range]port link-aggregation group 1
[SW8]int Bridge-Aggregation 1
[SW8-Bridge-Aggregation1]int range g1/0/3 to g1/0/5
[SW8-if-range]port link-aggregation group 1
3.给PC10和PC11划分vlan
[SW9]vlan 10
[SW9-vlan10]port g1/0/3
[SW9-vlan10]name shichangbu
[SW9-vlan10]vlan 20
[SW9-vlan20]port g1/0/4
[SW9-vlan20]name jishubu
4.所有交换机相连的端口配置为trunk,允许相关流量通过
[SW6]int g1/0/1
[SW6-GigabitEthernet1/0/1]port access vlan 100
[SW6-GigabitEthernet1/0/1]int g1/0/2
[SW6-GigabitEthernet1/0/2]port access vlan 90
[SW6-GigabitEthernet1/0/2]int g1/0/3
[SW6-GigabitEthernet1/0/3]port link-type trunk
[SW6-GigabitEthernet1/0/3]port trunk permit vlan all
[SW6-GigabitEthernet1/0/3]port trunk pvid vlan 50
[SW6-GigabitEthernet1/0/3]int g1/0/4
[SW6-GigabitEthernet1/0/4]port link-type trunk
[SW6-GigabitEthernet1/0/4]port trunk permit vlan all
[SW6-GigabitEthernet1/0/4]port trunk pvid vlan 60
[SW7]int g1/0/6
[SW7-GigabitEthernet1/0/6]port access vlan 70
[SW7-GigabitEthernet1/0/6]int g1/0/1
[SW7-GigabitEthernet1/0/1]port link-type trunk
[SW7-GigabitEthernet1/0/1]port trunk permit vlan all
[SW7-GigabitEthernet1/0/1]port trunk pvid vlan 50
[SW7-GigabitEthernet1/0/1]int g1/0/2
[SW7-GigabitEthernet1/0/2]port link-type trunk
[SW7-GigabitEthernet1/0/2]port trunk permit vlan all
[SW7-GigabitEthernet1/0/2]port trunk pvid vlan 30
[SW7]int Bridge-Aggregation 1
[SW7-Bridge-Aggregation1]port link-type trunk
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW7-Bridge-Aggregation1]port trunk permit vlan all
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW7-Bridge-Aggregation1]port trunk pvid vlan 110
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW7-Bridge-Aggregation1]
[SW8]int g1/0/6
[SW8-GigabitEthernet1/0/6]port access vlan 80
[SW8-GigabitEthernet1/0/6]int g1/0/1
[SW8-GigabitEthernet1/0/1]port link-type trunk
[SW8-GigabitEthernet1/0/1]port trunk permit vlan all
[SW8-GigabitEthernet1/0/1]port trunk pvid vlan 60
[SW8-GigabitEthernet1/0/1]int g1/0/2
[SW8-GigabitEthernet1/0/2]port link-type trunk
[SW8-GigabitEthernet1/0/2]port trunk permit vlan all
[SW8-GigabitEthernet1/0/2]port trunk pvid vlan 40
[SW8]int Bridge-Aggregation 1
[SW8-Bridge-Aggregation1]port link-type trunk
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW8-Bridge-Aggregation1]port trunk permit vlan all
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW8-Bridge-Aggregation1]port trunk pvid vlan 110
Configuring GigabitEthernet1/0/3 done.
Configuring GigabitEthernet1/0/4 done.
Configuring GigabitEthernet1/0/5 done.
[SW8-Bridge-Aggregation1]
[SW9]int g1/0/1
[SW9-GigabitEthernet1/0/1]port link-type trunk
[SW9-GigabitEthernet1/0/1]port trunk permit vlan all
[SW9-GigabitEthernet1/0/1]port trunk pvid vlan 30
[SW9-GigabitEthernet1/0/1]int g1/0/2
[SW9-GigabitEthernet1/0/2]port link-type trunk
[SW9-GigabitEthernet1/0/2]port trunk permit vlan all
[SW9-GigabitEthernet1/0/2]port trunk pvid vlan 40
5.交换机连接pc的端口配置为边缘端口
[SW9-GigabitEthernet1/0/2]int g1/0/3
[SW9-GigabitEthernet1/0/3]stp edg
[SW9-GigabitEthernet1/0/3]stp edged-port
[SW9-GigabitEthernet1/0/3]int g1/0/4
[SW9-GigabitEthernet1/0/4]stp edged-port
6.将sw9选举为生成树的根网桥
[SW9]stp priority 4096
[SW9]display stp brief MST ID Port Role STP State Protection0 GigabitEthernet1/0/1 DESI FORWARDING NONE0 GigabitEthernet1/0/2 DESI FORWARDING NONE
7.在sw9上配置dhcp服务,为vlan10和20的pc动态分配IP地址、网关和dns地址,要求vlan10的网关是192.168.1.254,vlan20的网关是192.168.2.254
[SW9]dhcp server ip-pool 1
[SW9-dhcp-pool-1]network 192.168.1.0 24
[SW9-dhcp-pool-1]gateway-list 192.168.1.254
[SW9-dhcp-pool-1]dns-list 114.114.114.114
[SW9-dhcp-pool-1]quit
[SW9]dhcp server ip-pool 2
[SW9-dhcp-pool-2]network 192.168.2.0 24
[SW9-dhcp-pool-2]gateway-list 192.168.2.254
[SW9-dhcp-pool-2]dns-list 114.114.114.114
[SW9]display dhcp server ip-in-use
IP address Client identifier/ Lease expiration TypeHardware address
192.168.1.1 0035-6338-392e-3834- Jul 17 18:44:25 2025 Auto(C) 3331-2e30-6130-362d- 4745-302f-302f-31
192.168.2.1 0035-6338-392e-3839- Jul 17 18:44:31 2025 Auto(C) 6664-2e30-6230-362d- 4745-302f-302f-31
9.按照图示分区域配置ospf协议,环回口宣告进对应区域中
10.按照图示区域配置rip协议,环回口宣告进对应区域中
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 172.16.2.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]area 1
[R2-ospf-1-area-0.0.0.1]network 172.16.5.0 0.0.0.255
[R2-ospf-1-area-0.0.0.1]quit
[R2-ospf-1]dis th
#
ospf 1 router-id 2.2.2.2area 0.0.0.0network 2.2.2.2 0.0.0.0network 172.16.1.0 0.0.0.255network 172.16.2.0 0.0.0.255area 0.0.0.1network 172.16.5.0 0.0.0.255
#
return
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 172.168.2.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 172.168.3.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]area 2
[R3-ospf-1-area-0.0.0.2]network 172.16.7.0 0.0.0.255
[R3-ospf-1-area-0.0.0.2]quit
[R3-ospf-1]dis th
#
ospf 1 router-id 3.3.3.3area 0.0.0.0network 3.3.3.3 0.0.0.0network 172.168.2.0 0.0.0.255network 172.168.3.0 0.0.0.255area 0.0.0.2network 172.16.7.0 0.0.0.255
#
return
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 172.16.4.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]area 1
[R4-ospf-1-area-0.0.0.1]network 172.16.6.0 0.0.0.255
[R4-ospf-1-area-0.0.0.1]quit
[R4-ospf-1]dis th
#
ospf 1 router-id 4.4.4.4area 0.0.0.0network 4.4.4.4 0.0.0.0network 172.16.1.0 0.0.0.255network 172.16.4.0 0.0.0.255area 0.0.0.1network 172.16.6.0 0.0.0.255
#
return
[R4-ospf-1]quit
[R4]rip 1
[R4-rip-1]undo summary
[R4-rip-1]version 2
[R4-rip-1]network 10.1.1.0
[R4-rip-1]dis th
#
rip 1undo summaryversion 2network 10.0.0.0
#
return
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 172.16.4.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 172.16.3.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]area 2
[R5-ospf-1-area-0.0.0.2]network 172.16.8.0 0.0.0.255
[R5-ospf-1-area-0.0.0.2]quit
[R5-ospf-1]dis th
#
ospf 1 router-id 5.5.5.5area 0.0.0.0network 5.5.5.5 0.0.0.0network 172.16.3.0 0.0.0.255network 172.16.4.0 0.0.0.255area 0.0.0.2network 172.16.8.0 0.0.0.255
#
return
[R5-ospf-1]quit
[R5]rip
[R5-rip-1]
[R5-rip-1]undo summary
[R5-rip-1]version 2
[R5-rip-1]network 10.0.0.0
[R5-rip-1]dis th
#
rip 1undo summaryversion 2network 10.0.0.0
#
return
[SW6]rip 1
[SW6-rip-1]undo summary
[SW6-rip-1]version 2
[SW6-rip-1]network 10.0.0.0
[SW6-rip-1]network 6.6.6.6
[SW6-rip-1]dis th
#
rip 1undo summaryversion 2network 6.0.0.0network 10.0.0.0
#
return
[SW7]rip 1
[SW7-rip-1]undo summary
[SW7-rip-1]version 2
[SW7-rip-1]network 10.0.0.0
[SW7-rip-1]network 192.168.3.0
[SW7-rip-1]network 192.168.5.0
[SW7-rip-1]network 7.7.7.7
[SW7-rip-1]dis th
#
rip 1undo summaryversion 2network 7.0.0.0network 10.0.0.0network 192.168.3.0network 192.168.5.0
#
return
[SW8]rip 1
[SW8-rip-1]undo summary
[SW8-rip-1]version 2
[SW8-rip-1]network 10.0.0.0
[SW8-rip-1]network 192.168.5.0
[SW8-rip-1]network 192.168.6.0
[SW8-rip-1]network 8.8.8.8
[SW8-rip-1]dis th
#
rip 1undo summaryversion 2network 8.0.0.0network 10.0.0.0network 192.168.5.0network 192.168.6.0
#
return
[SW9]rip 1
[SW9-rip-1]undo summary
[SW9-rip-1]version 2
[SW9-rip-1]network 192.168.1.0
[SW9-rip-1]network 192.168.2.0
[SW9-rip-1]network 192.168.3.0
[SW9-rip-1]network 192.168.4.0
[SW9-rip-1]network 9.9.9.9
[SW9-rip-1]dis th
#
rip 1undo summaryversion 2network 9.0.0.0network 192.168.1.0network 192.168.2.0network 192.168.3.0network 192.168.4.0
#
return
[R12]ospf 1 router-id 12.12.12.12
[R12-ospf-1]area 1
[R12-ospf-1-area-0.0.0.1]network 172.16.5.0 0.0.0.255
[R12-ospf-1-area-0.0.0.1]network 172.16.6.0 0.0.0.255
[R12-ospf-1-area-0.0.0.1]network 12.12.12.12 0.0.0.0
[R12-ospf-1-area-0.0.0.1]quit
[R12-ospf-1]dis th
#
ospf 1 router-id 12.12.12.12area 0.0.0.1network 12.12.12.12 0.0.0.0network 172.16.5.0 0.0.0.255network 172.16.6.0 0.0.0.255
#
return
[R13]ospf 1 router-id 13.13.13.13
[R13-ospf-1]
[R13-ospf-1]ae
[R13-ospf-1]ar
[R13-ospf-1]area 2
[R13-ospf-1-area-0.0.0.2]net
[R13-ospf-1-area-0.0.0.2]network 172.16.7.0 0.0.0.255
[R13-ospf-1-area-0.0.0.2]network 172.16.8.0 0.0.0.255
[R13-ospf-1-area-0.0.0.2]network 13.13.13.13 0.0.0.0
[R13-ospf-1-area-0.0.0.2]quit
[R13-ospf-1]dis th
#
ospf 1 router-id 13.13.13.13area 0.0.0.2network 13.13.13.13 0.0.0.0network 172.16.7.0 0.0.0.255network 172.16.8.0 0.0.0.255
#
return
进行路由引入
[R4]ospf
[R4-ospf-1]import-route rip 1
[R4-ospf-1]rip 1
[R4-rip-1]import-route ospf 1
[R5]ospf 1
[R5-ospf-1]import-route rip 1
[R5-ospf-1]rip 1
[R5-rip-1]import-route ospf 1
业务网段不允许出现协议报文
[SW9-rip-1]silent-interface vlan 10
[SW9-rip-1]silent-interface vlan 20
11.要求实现内网全网互通
<R2>ping 192.168.1.1
Ping 192.168.1.1 (192.168.1.1): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.1.1: icmp_seq=0 ttl=250 time=6.581 ms
56 bytes from 192.168.1.1: icmp_seq=1 ttl=250 time=5.797 ms
56 bytes from 192.168.1.1: icmp_seq=2 ttl=250 time=3.946 ms
56 bytes from 192.168.1.1: icmp_seq=3 ttl=250 time=4.257 ms
56 bytes from 192.168.1.1: icmp_seq=4 ttl=250 time=2.901 ms--- Ping statistics for 192.168.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.901/4.696/6.581/1.322 ms
<R2>%Jul 16 19:18:35:004 2025 R2 PING/6/PING_STATISTICS: Ping statistics for 192.168.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 2.901/4.696/6.581/1.322 ms.<R3>ping 192.168.1.1
Ping 192.168.1.1 (192.168.1.1): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.1.1: icmp_seq=0 ttl=250 time=5.560 ms
56 bytes from 192.168.1.1: icmp_seq=1 ttl=250 time=4.636 ms
56 bytes from 192.168.1.1: icmp_seq=2 ttl=250 time=7.531 ms
56 bytes from 192.168.1.1: icmp_seq=3 ttl=250 time=3.438 ms
56 bytes from 192.168.1.1: icmp_seq=4 ttl=250 time=3.127 ms--- Ping statistics for 192.168.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.127/4.858/7.531/1.594 ms
%Jul 16 19:16:37:797 2025 R3 PING/6/PING_STATISTICS: Ping statistics for 192.168.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 3.127/4.858/7.531/1.594 ms.<R4>ping 192.168.1.1
Ping 192.168.1.1 (192.168.1.1): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.1.1: icmp_seq=0 ttl=253 time=2.397 ms
56 bytes from 192.168.1.1: icmp_seq=1 ttl=253 time=2.156 ms
56 bytes from 192.168.1.1: icmp_seq=2 ttl=253 time=3.792 ms
56 bytes from 192.168.1.1: icmp_seq=3 ttl=253 time=2.890 ms
56 bytes from 192.168.1.1: icmp_seq=4 ttl=253 time=2.528 ms--- Ping statistics for 192.168.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.156/2.753/3.792/0.571 ms
<R4>%Jul 16 19:24:41:993 2025 R4 PING/6/PING_STATISTICS: Ping statistics for 192.168.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 2.156/2.753/3.792/0.571 ms.
此时除R1之外都可全网互通
12.R1和R2之间通过双线连接到互联网配置ppp-mp,并配置双向chap验证
[R1]local-user stw class network
New local user added.
[R1-luser-network-stw]password simple 123456
[R1-luser-network-stw]service-type ppp
[R1-luser-network-stw]quit
[R1]int s1/0
[R1-Serial1/0]ppp authentication-mode chap
[R1-Serial1/0]ppp chap user stw
[R1-Serial1/0]int s2/0
[R1-Serial2/0]ppp authentication-mode chap
[R1-Serial2/0]ppp chap user stw
[R2]local-user stw class network
New local user added.
[R2-luser-network-stw]password simple 123456
[R2-luser-network-stw]service-type ppp
[R2-luser-network-stw]quit
[R2]int s1/0
[R2-Serial1/0]ppp authentication-mode chap
[R2-Serial1/0]ppp chap user stw
[R2-Serial1/0]int s2/0
[R2-Serial2/0]ppp authentication-mode chap
[R2-Serial2/0]ppp chap user stw
13.配置easy ip只有业务网段192.168.1.0/24和192.168.2.0/24的数据流可以通过R2和R3访问互联网
[R1]ip route-static 0.0.0.0 0 202.100.1.2
[R1]ip route-static 0.0.0.0 0 202.100.2.3
[R2]ospf 1
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 202.100.1.0 0.0.0.255
[R3]ospf 1
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 202.100.2.0 0.0.0.255
[R2]acl basic 2000
[R2-acl-ipv4-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R2-acl-ipv4-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[R2]int MP-group 1
[R2-MP-group1]nat outbound 2000
[R3]acl basic 2000
[R3-acl-ipv4-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[R3-acl-ipv4-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[R3-acl-ipv4-basic-2000]quit
[R3]int g5/0
[R3-GigabitEthernet5/0]nat outbound 2000
测试效果
<R1>ping 192.168.1.1
Ping 192.168.1.1 (192.168.1.1): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.1.1: icmp_seq=0 ttl=251 time=3.508 ms
56 bytes from 192.168.1.1: icmp_seq=1 ttl=251 time=2.343 ms
56 bytes from 192.168.1.1: icmp_seq=2 ttl=251 time=7.452 ms
56 bytes from 192.168.1.1: icmp_seq=3 ttl=251 time=3.752 ms
56 bytes from 192.168.1.1: icmp_seq=4 ttl=251 time=5.218 ms--- Ping statistics for 192.168.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.343/4.455/7.452/1.756 ms
<R1>%Jul 16 19:46:41:278 2025 R1 PING/6/PING_STATISTICS: Ping statistics for 192.168.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 2.343/4.455/7.452/1.756 ms.<R1>
<R1>ping 192.168.2.1
Ping 192.168.2.1 (192.168.2.1): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.2.1: icmp_seq=0 ttl=251 time=3.734 ms
56 bytes from 192.168.2.1: icmp_seq=1 ttl=251 time=5.233 ms
56 bytes from 192.168.2.1: icmp_seq=2 ttl=251 time=4.275 ms
56 bytes from 192.168.2.1: icmp_seq=3 ttl=251 time=4.518 ms
56 bytes from 192.168.2.1: icmp_seq=4 ttl=251 time=4.158 ms--- Ping statistics for 192.168.2.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.734/4.384/5.233/0.495 ms
<R1>%Jul 16 19:46:47:532 2025 R1 PING/6/PING_STATISTICS: Ping statistics for 192.168.2.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 3.734/4.384/5.233/0.495 ms.