试验拓扑
题目要求与试验要实现的现象
需求1:pc1、pc3属于人事部vlan10,pc2、pc4属于技术部vlan20
需求2:R2作为vlan10的网关,并且通过DHCP接口模式为vlan10主机分配地址
其中为pc分配一个固定ip地址192.168.1.1,预留192.168.1.100-150
同时ip地址的租期为3天,DNS服务地址为114.114.114.114
需求3:SW1作为vlan20的网关,并且实现vlan间互通
需求4:SW1和SW2之间通过链路聚合技术实现负载,并且G0/0/2为非活动链路
需求5:为满足pc5和Server的业务,通过vrrp和链路聚合技术实现流量的主备负载
需求6:在广域网中,R1通过PAP对R3进行认证,用户名为tech3,密码为tech3
同时R7通过CHAP对R4进行认证,用户名为tech4,密码为tech4
需求7:DHCP Server为pc6、pc7分配ip地址,其中pc7为打印机,为pc7分配一个固定ip地址172.16.1.7
DNS服务地址为8.8.8.8,地址租期为2.5天,R8作为网关
需求8:R1为公司A出口路由器,通过地址池模式为内网主机提供上网服务,地址池为:24.1.1.10-24.1.1.25
R7为公司B出口路由器,并且通过easy-ip为内网主机提供上网服务,pc7无访问外网需求
需求9:R3、R4、R5、R6之间运行路由协议实现路由互通,两个公司出口路由器连接运营商侧不使用路由协议
需求10:公司A内网使用路由协议实现互通,公司B内网使用静态路由实现互通
需求11:Server开启Tenlet服务,R1可以通过用户名为tech1,密码为tech1,登录到Server,并且拥有配置ip权限
R7通过用户名tech2,密码tech2登录到Server,只允许查看,并且允许同时在线人数为7人
现象1:vlan10、vlan20主机能够互通
现象2:vlan10、vlan20主机能够ping通pc5和Server
现象3:vlan10、vlan20主机能够ping通R4的G0/0/1口
现象4:vlan10、vlan20主机能够ping通R7的S4/0/0口
现象5:pc6、pc7能够ping通pc5、Server
现象6:pc6、pc7能够ping通R1的S4/0/0口
现象7:R1、R7能够telnet到Server
配置命令展示(disp cur 展示的命令 不一定可以直接粘贴 比如AAA)
R1
sysname R1
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
rule 10 permit source 192.168.2.0 0.0.0.255
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user tech3 password cipher %$%$B{=sPG=arO~Srf;p@&n~SZ:e%$%$
local-user tech3 service-type ppp
nat address-group 1 24.1.1.10 24.1.1.25
interface Serial4/0/0
link-protocol ppp
ppp authentication-mode pap
ppp pap local-user tech3 password cipher %$%$NM){YAa%*LOHX,7gQ$eS,"DU%$%$
ip address 10.1.13.1 255.255.255.0
nat outbound 2000 address-group 1
interface GigabitEthernet0/0/0
ip address 10.1.12.1 255.255.255.0
ospf 2
import-route direct
import-route static
area 0.0.0.0
network 10.1.12.0 0.0.0.255
ip route-static 0.0.0.0 0.0.0.0 Serial4/0/0
R2
sysname R2 dhcp enable interface GigabitEthernet0/0/0 ip address 10.1.12.2 255.255.255.0 interface GigabitEthernet0/0/1.1 dot1q termination vid 10 ip address 192.168.1.254 255.255.255.0 arp broadcast enable dhcp select interface dhcp server static-bind ip-address 192.168.1.1 mac-address 5489-98fe-611a dhcp server excluded-ip-address 192.168.1.100 192.168.1.150 dhcp server lease day 3 hour 0 minute 0 dhcp server dns-list 114.114.114.114 interface GigabitEthernet0/0/1.2 dot1q termination vid 20 ip address 192.168.2.253 255.255.255.0 arp broadcast enable ospf 2 area 0.0.0.0 network 10.1.12.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255
R3
sysname R3 interface Serial4/0/0 link-protocol ppp ppp pap local-user tech3 password cipher %$%$n16*3XpDQ29no*53a~aO,%M(%$%$ ip address 10.1.13.3 255.255.255.0 interface GigabitEthernet0/0/0 ip address 10.1.34.3 255.255.255.0 interface GigabitEthernet0/0/1 ip address 10.1.35.3 255.255.255.0 ospf 1 default-route-advertise import-route static area 0.0.0.0 network 10.1.13.0 0.0.0.255 network 10.1.34.0 0.0.0.255 network 10.1.35.0 0.0.0.255 ip route-static 24.1.1.0 255.255.255.0 Serial4/0/0 ip route-static 192.168.1.0 255.255.255.0 Serial4/0/0 ip route-static 192.168.2.0 255.255.255.0 Serial4/0/0
R4
sysname R4 interface Serial4/0/0 link-protocol ppp ppp chap user tech4 ppp chap password cipher %$%$9ec>ET=$u7~&D]"}+*oI,.@m%$%$ ip address 10.1.47.4 255.255.255.0 interface GigabitEthernet0/0/0 ip address 10.1.34.4 255.255.255.0 interface GigabitEthernet0/0/1 ip address 10.1.46.4 255.255.255.0 ospf 1 default-route-advertise always import-route direct import-route static area 0.0.0.0 network 10.1.34.0 0.0.0.255 network 10.1.46.0 0.0.0.255 network 10.1.47.0 0.0.0.255 ip route-static 0.0.0.0 0.0.0.0 Serial4/0/0
R5
sysname R5 interface Eth-Trunk1 undo portswitch ip address 10.1.56.253 255.255.255.0 vrrp vrid 10 virtual-ip 10.1.56.253 vrrp vrid 20 virtual-ip 10.1.56.254 interface GigabitEthernet0/0/0 ip address 10.1.35.5 255.255.255.0 interface GigabitEthernet0/0/1 eth-trunk 1 interface GigabitEthernet0/0/2 eth-trunk 1 ospf 1 area 0.0.0.0 network 10.1.35.0 0.0.0.255 network 10.1.56.0 0.0.0.255
R6
sysname R6 interface Eth-Trunk2 undo portswitch ip address 10.1.56.254 255.255.255.0 vrrp vrid 10 virtual-ip 10.1.56.253 vrrp vrid 20 virtual-ip 10.1.56.254 interface GigabitEthernet0/0/0 ip address 10.1.46.6 255.255.255.0 interface GigabitEthernet0/0/1 eth-trunk 2 interface GigabitEthernet0/0/2 eth-trunk 2 ospf 1 area 0.0.0.0 network 10.1.46.0 0.0.0.255 network 10.1.56.0 0.0.0.255
R7
sysname R7
acl number 2000
rule 5 permit source 172.16.1.0 0.0.0.255
rule 10 deny source 172.16.1.7 0
aaa
local-user tech4 password cipher %$%$".2FY/y@+@BS={GM+.;'ShV{%$%$
local-user tech4 service-type ppp
interface Serial4/0/0
link-protocol ppp
ppp authentication-mode chap
ppp chap user tech4
ppp chap password cipher %$%$E$LT,~nva.lM0z4S8_D;,%6g%$%$
ip address 10.1.47.7 255.255.255.0
nat outbound 2000
interface Serial4/0/1
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 10.1.78.7 255.255.255.0
ip route-static 10.1.13.0 255.255.255.0 Serial4/0/0
ip route-static 10.1.56.0 255.255.255.0 Serial4/0/0
ip route-static 24.1.1.0 255.255.255.0 Serial4/0/0
ip route-static 172.16.1.0 255.255.255.0 10.1.78.8
ip route-static 192.168.1.0 255.255.255.0 Serial4/0/0
ip route-static 192.168.2.0 255.255.255.0 Serial4/0/0
R8
sysname R8 interface GigabitEthernet0/0/0 ip address 10.1.78.8 255.255.255.0 interface GigabitEthernet0/0/1 ip address 172.16.1.254 255.255.255.0 ip route-static 10.1.13.0 255.255.255.0 10.1.78.7 ip route-static 10.1.56.0 255.255.255.0 10.1.78.7 ip route-static 10.1.78.0 255.255.255.0 10.1.78.7
DHCP Server
sysname DHCP Server dhcp enable ip pool 1 gateway-list 172.16.1.254 network 172.16.1.0 mask 255.255.255.0 static-bind ip-address 172.16.1.7 mac-address 5489-9896-47ff lease day 2 hour 12 minute 0 dns-list 8.8.8.8 interface GigabitEthernet0/0/0 ip address 172.16.1.1 255.255.255.0 dhcp select global
Server
sysname Server
aaa
local-user tech1 password cipher %$%$Y7GN"GCyoWxnzIV$65<%TbdH%$%$
local-user tech1 privilege level 15
local-user tech1 service-type telnet
local-user tech2 password cipher %$%$s,@]Kp>o./&7r{%u3I-LTd2c%$%$
local-user tech2 privilege level 0
local-user tech2 service-type telnet
interface GigabitEthernet0/0/0
ip address 10.1.56.2 255.255.255.0
ip route-static 0.0.0.0 0.0.0.0 10.1.56.254
user-interface maximum-vty 7
user-interface vty 0 6
authentication-mode aaa
SW1
sysname SW1 interface Vlanif20 ip address 192.168.2.254 255.255.255.0 interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 10 20 mode lacp-static max active-linknumber 3 interface GigabitEthernet0/0/1 eth-trunk 1 lacp priority 1000 interface GigabitEthernet0/0/2 eth-trunk 1 interface GigabitEthernet0/0/3 eth-trunk 1 lacp priority 1001 interface GigabitEthernet0/0/4 port link-type access port default vlan 10 interface GigabitEthernet0/0/5 port link-type access port default vlan 20 interface GigabitEthernet0/0/6 port link-type trunk port trunk allow-pass vlan 10 20 interface GigabitEthernet0/0/7 shutdown eth-trunk 1 lacp priority 1002 ip route-static 0.0.0.0 0.0.0.0 192.168.2.253 ip route-static 192.168.1.0 255.255.255.0 192.168.2.253
SW2
sysname SW2 interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 10 20 mode lacp-static max active-linknumber 3 interface GigabitEthernet0/0/1 eth-trunk 1 lacp priority 1000 interface GigabitEthernet0/0/2 eth-trunk 1 interface GigabitEthernet0/0/3 eth-trunk 1 lacp priority 1001 interface GigabitEthernet0/0/4 port link-type access port default vlan 10 interface GigabitEthernet0/0/5 port link-type access port default vlan 20 interface GigabitEthernet0/0/7 eth-trunk 1 lacp priority 1002
SW3
sysname SW3 interface Eth-Trunk1 interface Eth-Trunk2 interface GigabitEthernet0/0/1 eth-trunk 1 interface GigabitEthernet0/0/2 eth-trunk 1 interface GigabitEthernet0/0/3 eth-trunk 2 interface GigabitEthernet0/0/4 eth-trunk 2
SW4
NULL
我的微信
微信号已复制
我的微信
这是我的微信扫一扫
