首页 > 代码库 > VLAN+VTP+STP+HSRP+ACL+NAT+OSPF综合

VLAN+VTP+STP+HSRP+ACL+NAT+OSPF综合

2024-07-12 21:28:31   220人阅读

wKiom1PJQK_zeJbOAAPfG9uWakA303.jpg 

如图所示,使用GN3搭建网络环境,交换机间均为Trunk链路。

2配置要求:

2.1

SW1SW2SW3上添加VLAN 10VLAN 20IP地址段分别为192.168.10.0/24192.168.20.0

2.2

配置SW1VLAN 10的根网桥,SW2VLAN 20的根网桥,实现链路的负载分担。

2.3

SW1SW2R1R2上配置OSPF路由协议,实现网络互通,Router-id使用管理IPLoopback地址。配置Area 1为完全末梢区域,Area 2NSSA区域,将R2的直连网段10.10.10.1重分发到OSPF区域。

2.4

R1设置密码benet,要求只有SW3以登录。

2.5

验证SW3可以pingR2Loopback0地址,验证SW3可以远程登录到R1

2.6

SW1SW2上配置HSRPSW1VLAN 10的活跃路由器VLAN20的备份路由,SW2VLAN 10的备份路由VLAN20的活跃路由,配置占先权和端口跟踪。

2.7

R2路由器是连接互联网的设备,现希望各区域主机访问Internet,则需要在R1上进行NAT配置,以此实现共享上网

 

SW1配置

 

interface FastEthernet0/0

 switchport mode trunk

!

interface FastEthernet0/1

 no switchport

 ip address 192.168.1.1 255.255.255.0

!

interface FastEthernet0/2

 switchport mode trunk

!

interface FastEthernet0/3

 

!

interface Vlan1

 no ip address

!

interface Vlan10

 ip address 192.168.10.1 255.255.255.0

 standby 10 ip 192.168.10.10

 standby 10 priority 150

 standby 10 preempt

 standby 10 track FastEthernet0/1 100

!

interface Vlan20

 ip address 192.168.20.1 255.255.255.0

 standby preempt

 standby 20 ip 192.168.20.20

!

router ospf 1

 router-id 1.1.1.1

 log-adjacency-changes

 area 1 stub no-summary

 redistribute connected subnets

 network 192.168.1.0 0.0.0.255 area 0

 network 192.168.10.0 0.0.0.255 area 1

 network 192.168.20.0 0.0.0.255 area 1

!

no ip http server

no ip http secure-server

!

!

!

SW2配置

interface FastEthernet0/0

 switchport mode trunk

!

interface FastEthernet0/1

 no switchport

 ip address 192.168.2.1 255.255.255.0

!

interface FastEthernet0/2

 switchport mode trunk

!

 

!

interface Vlan1

 no ip address

!

interface Vlan10

 ip address 192.168.10.2 255.255.255.0

 standby preempt

 standby 10 ip 192.168.10.10

!

interface Vlan20

 ip address 192.168.20.2 255.255.255.0

 standby 20 ip 192.168.20.20

 standby 20 priority 150

 standby 20 preempt

 standby 20 track FastEthernet0/1 100

!

router ospf 1

 router-id 2.2.2.2

 log-adjacency-changes

 area 1 stub no-summary

 network 192.168.2.0 0.0.0.255 area 0

 network 192.168.10.0 0.0.0.255 area 1

 network 192.168.20.0 0.0.0.255 area 1

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

 

SW3配置

 interface FastEthernet0/0

 switchport mode trunk

!

interface FastEthernet0/1

 switchport mode trunk

!

interface FastEthernet0/2

!

 

interface Vlan1

 no ip address

!

interface Vlan10

 ip address 192.168.10.3 255.255.255.0

!

interface Vlan20

 ip address 192.168.20.3 255.255.255.0

!

router ospf 1

 router-id 3.3.3.3

 log-adjacency-changes

 area 1 stub

 network 192.168.10.0 0.0.0.255 area 1

 network 192.168.20.0 0.0.0.255 area 1

!

no ip http server

no ip http secure-server

!

!

!

R1配置

interface FastEthernet0/0

 ip address 192.168.3.1 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 192.168.1.2 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 192.168.2.2 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet1/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

router ospf 1

 router-id 4.4.4.4

 log-adjacency-changes

 area 2 nssa no-summary

 network 192.168.1.0 0.0.0.255 area 0

 network 192.168.2.0 0.0.0.255 area 0

 network 192.168.3.0 0.0.0.255 area 2

!

ip classless

no ip http server

!

access-list 1 permit 192.168.10.3

access-list 1 permit 192.168.20.3

!

dial-peer cor custom

!

!

!

!

gatekeeper

 shutdown

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 access-class 1 in

 password cisco

 login

!

end

 

 

R2配置

 

interface Loopback0

 ip address 10.10.10.1 255.255.255.0

!

interface FastEthernet0/0

 ip address 192.168.3.2 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

router ospf 1

 router-id 5.5.5.5

 log-adjacency-changes

 area 2 nssa no-summary

 redistribute connected metric 10 subnets

 redistribute static metric 10 subnets

 network 192.168.3.0 0.0.0.255 area 2

 default-information originate

!

ip nat pool nat 10.10.10.1 10.10.10.1 netmask 255.255.255.0

ip nat inside source list 1 pool nat overload

ip classless

no ip http server

!

access-list 1 permit any

!

dial-peer cor custom

!

!

!

!

gatekeeper

 shutdown

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

end

 

VLAN+VTP+STP+HSRP+ACL+NAT+OSPF综合


联系
我们