2. 科技
    3. 网络前期针对多方面部分配置应用-----综合项目

    网络前期针对多方面部分配置应用-----综合项目

    科技2023-09-17  104

    网络部分 综合实验

    文章目录

    前言一、综合项目1.1 项目需求1.2 项目解析1.3 项目流程 总结

    前言

    对网络部分进行部分范围综合实验

    一、综合项目

    设备:6个PC机,6个交换机,5个路由器,2个服务器

    1.1 项目需求

    全网通信,可以访问服务器,并进行数据下载。

    1.2 项目解析

    二层交换机——三层交换机(底层配置)——路由协议——特性(过滤)

    首先中间是二层交换机直连IP设置,到三层交换机时设置三层链路捆绑,mstp多生成树协议,vrrp;之后单臂路由,到ospf多区域设置。最后与R1的外内网络设置。

    1.3 项目流程

    在AR1上

    sysname R1 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load flash:/portalpage.zip # drop illegal-mac alarm # wlan ac-global carrier id other ac id 0 # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # nat alg ftp enable # interface GigabitEthernet0/0/0 ip address 202.10.102.1 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 210.10.101.1 255.255.255.0 # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 authentication-mode password idle-timeout 0 0 user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return

    在AR2上

    sysname R2 # board add 0/2 1GEC # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load flash:/portalpage.zip # drop illegal-mac alarm # wlan ac-global carrier id other ac id 0 # set cpu-usage threshold 80 restore 75 # acl number 2000 rule 5 permit source 192.168.0.0 0.0.31.255 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # nat alg ftp enable # interface GigabitEthernet0/0/0 ip address 210.10.101.2 255.255.255.0 nat outbound 2000 # interface GigabitEthernet0/0/1 ip address 192.168.15.2 255.255.255.0 # interface GigabitEthernet0/0/2 ip address 192.168.16.2 255.255.255.0 # interface GigabitEthernet2/0/0 ip address 192.168.10.2 255.255.255.0 # interface NULL0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # ospf 110 router-id 2.2.2.2 default-route-advertise always cost 0 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 192.168.10.0 0.0.0.255 network 192.168.15.0 0.0.0.255 network 192.168.16.0 0.0.0.255 # ip route-static 0.0.0.0 0.0.0.0 210.10.101.1 # user-interface con 0 authentication-mode password idle-timeout 0 0 user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return

    在AR3上

    sysname R3 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load flash:/portalpage.zip # drop illegal-mac alarm # wlan ac-global carrier id other ac id 0 # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # nat alg ftp enable # interface GigabitEthernet0/0/0 ip address 192.168.10.3 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.20.3 255.255.255.0 # interface GigabitEthernet0/0/2 # interface NULL0 # interface LoopBack0 ip address 3.3.3.3 255.255.255.255 # ospf 110 router-id 3.3.3.3 import-route rip 1 cost 10 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 192.168.10.0 0.0.0.255 # rip 1 undo summary default-route originate version 2 network 192.168.20.0 import-route ospf 110 cost 0 # user-interface con 0 authentication-mode password idle-timeout 0 0 user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return

    在AR4上

    sysname R4 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load flash:/portalpage.zip # drop illegal-mac alarm # wlan ac-global carrier id other ac id 0 # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # nat alg ftp enable # interface GigabitEthernet0/0/0 ip address 192.168.20.4 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.30.4 255.255.255.0 # interface GigabitEthernet0/0/2 # interface NULL0 # interface LoopBack0 ip address 4.4.4.4 255.255.255.255 # rip 1 undo summary version 2 network 4.0.0.0 network 192.168.20.0 network 192.168.30.0 # user-interface con 0 authentication-mode password idle-timeout 0 0 user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return

    在AR5上

    sysname R5 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load flash:/portalpage.zip # drop illegal-mac alarm # wlan ac-global carrier id other ac id 0 # set cpu-usage threshold 80 restore 75 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # nat alg ftp enable # interface GigabitEthernet0/0/0 ip address 192.168.30.5 255.255.255.0 # interface GigabitEthernet0/0/1 # interface GigabitEthernet0/0/1.1 dot1q termination vid 500 ip address 192.168.5.1 255.255.255.0 arp broadcast enable # interface GigabitEthernet0/0/1.2 dot1q termination vid 600 ip address 192.168.6.1 255.255.255.0 arp broadcast enable # interface GigabitEthernet0/0/2 # interface NULL0 # interface LoopBack0 ip address 5.5.5.5 255.255.255.255 # rip 1 undo summary version 2 network 5.0.0.0 network 192.168.30.0 network 192.168.5.0 network 192.168.6.0 # user-interface con 0 authentication-mode password idle-timeout 0 0 user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return

    在SW1上

    sysname SW1 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 # interface Ethernet0/0/2 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # return

    在SW2上

    sysname SW2 # vlan batch 100 200 300 400 555 # stp instance 0 root primary stp instance 1 root primary stp instance 2 root secondary stp instance 3 root primary stp instance 4 root secondary # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # stp region-configuration region-name huawei revision-level 1 instance 1 vlan 100 instance 2 vlan 200 instance 3 vlan 300 instance 4 vlan 400 active region-configuration # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface Vlanif100 ip address 192.168.1.10 255.255.255.0 vrrp vrid 1 virtual-ip 192.168.1.1 vrrp vrid 1 priority 105 vrrp vrid 1 track interface GigabitEthernet0/0/1 # interface Vlanif200 ip address 192.168.2.10 255.255.255.0 vrrp vrid 2 virtual-ip 192.168.2.1 # interface Vlanif300 ip address 192.168.3.10 255.255.255.0 vrrp vrid 3 virtual-ip 192.168.3.1 vrrp vrid 3 priority 105 vrrp vrid 3 track interface GigabitEthernet0/0/1 # interface Vlanif400 ip address 192.168.4.10 255.255.255.0 vrrp vrid 4 virtual-ip 192.168.4.1 # interface Vlanif555 ip address 192.168.15.10 255.255.255.0 # interface MEth0/0/1 # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/1 port link-type access port default vlan 555 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/3 eth-trunk 1 # interface GigabitEthernet0/0/4 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/5 eth-trunk 1 # interface GigabitEthernet0/0/6 eth-trunk 1 # interface GigabitEthernet0/0/7 eth-trunk 1 # interface GigabitEthernet0/0/8 # interface GigabitEthernet0/0/9 # interface GigabitEthernet0/0/10 # interface GigabitEthernet0/0/11 # interface GigabitEthernet0/0/12 # interface GigabitEthernet0/0/13 # interface GigabitEthernet0/0/14 # interface GigabitEthernet0/0/15 # interface GigabitEthernet0/0/16 # interface GigabitEthernet0/0/17 # interface GigabitEthernet0/0/18 # interface GigabitEthernet0/0/19 # interface GigabitEthernet0/0/20 # interface GigabitEthernet0/0/21 # interface GigabitEthernet0/0/22 # interface GigabitEthernet0/0/23 # interface GigabitEthernet0/0/24 # interface NULL0 # ospf 110 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 network 192.168.15.0 0.0.0.255 network 192.168.3.0 0.0.0.255 network 192.168.4.0 0.0.0.255 network 192.168.0.0 0.0.255.255 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # return

    在SW3上

    sysname SW3 # vlan batch 100 200 300 400 666 # stp instance 1 root secondary stp instance 2 root primary stp instance 3 root secondary stp instance 4 root primary # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # stp region-configuration region-name huawei revision-level 1 instance 1 vlan 100 instance 2 vlan 200 instance 3 vlan 300 instance 4 vlan 400 active region-configuration # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface Vlanif100 ip address 192.168.1.11 255.255.255.0 vrrp vrid 1 virtual-ip 192.168.1.1 # interface Vlanif200 ip address 192.168.2.11 255.255.255.0 vrrp vrid 2 virtual-ip 192.168.2.1 vrrp vrid 2 priority 105 vrrp vrid 2 track interface GigabitEthernet0/0/1 # interface Vlanif300 ip address 192.168.3.11 255.255.255.0 vrrp vrid 3 virtual-ip 192.168.3.1 # interface Vlanif400 ip address 192.168.4.11 255.255.255.0 vrrp vrid 4 virtual-ip 192.168.4.1 vrrp vrid 4 priority 105 vrrp vrid 4 track interface GigabitEthernet0/0/1 # interface Vlanif666 ip address 192.168.16.10 255.255.255.0 # interface MEth0/0/1 # interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/1 port link-type access port default vlan 666 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/3 eth-trunk 1 # interface GigabitEthernet0/0/4 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/5 eth-trunk 1 # interface GigabitEthernet0/0/6 eth-trunk 1 # interface GigabitEthernet0/0/7 eth-trunk 1 # interface GigabitEthernet0/0/8 # interface GigabitEthernet0/0/9 # interface GigabitEthernet0/0/10 # interface GigabitEthernet0/0/11 # interface GigabitEthernet0/0/12 # interface GigabitEthernet0/0/13 # interface GigabitEthernet0/0/14 # interface GigabitEthernet0/0/15 # interface GigabitEthernet0/0/16 # interface GigabitEthernet0/0/17 # interface GigabitEthernet0/0/18 # interface GigabitEthernet0/0/19 # interface GigabitEthernet0/0/20 # interface GigabitEthernet0/0/21 # interface GigabitEthernet0/0/22 # interface GigabitEthernet0/0/23 # interface GigabitEthernet0/0/24 # interface NULL0 # ospf 1 # ospf 11 # ospf 110 area 0.0.0.0 network 192.168.16.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 network 192.168.3.0 0.0.0.255 network 192.168.4.0 0.0.0.255 network 192.168.0.0 0.0.255.255 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # return

    在SW4上

    sysname SW4 # vlan batch 100 200 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # stp region-configuration region-name huawei revision-level 1 instance 1 vlan 100 instance 2 vlan 200 instance 3 vlan 300 instance 4 vlan 400 active region-configuration # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type access port default vlan 100 # interface Ethernet0/0/2 port link-type access port default vlan 200 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface NULL0 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # return

    在SW5上

    sysname SW5 # vlan batch 300 400 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # stp region-configuration region-name huawei revision-level 1 instance 1 vlan 100 instance 2 vlan 200 instance 3 vlan 300 instance 4 vlan 400 active region-configuration # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type access port default vlan 300 # interface Ethernet0/0/2 port link-type access port default vlan 400 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface NULL0 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # return

    在SW6上

    sysname SW6 # vlan batch 500 600 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type access port default vlan 500 # interface Ethernet0/0/2 port link-type access port default vlan 600 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 # interface GigabitEthernet0/0/2 # interface NULL0 # user-interface con 0 idle-timeout 0 0 user-interface vty 0 4 # port-group q # return

    完成以上操作查看通信情况 在R1上

    在AR5上进行服务器的访问与数据下载

    总结

    本次项目对网络方面,路由协议方面进行了综合的测试,需要对动静态路由,VRRP,ACL,NAT等有较为熟悉与应用理解方面有一些要求。

    Processed: 0.019, SQL: 8