目录
DHCP
案例
拓扑
配置过程
PC1、PC2
acsw
coresw
检验
ACL
案例
拓扑
具体配置过程
PC Server
AR1
AR2
验证
DHCP
案例
目的: 对交换机配置DHCP,实现PC自动获取IP地址。
设备概述: 设置两个vlan,分别为vlan10 和 vlan 20。然后将两个PC分别划分到两个vlan里。设置两个交换机S5700,分别为辅助交换机(acsw)和核心交换机(coresw)。
拓扑
配置过程
PC1、PC2一样:
acsw:
<Huawei>system-view //进入系统视图
[Huawei]undo info-center enable // 关闭日志通知
[Huawei]sysname acsw //命名为acsw
[acsw]vlan batch 10 20 //批量创建vlan
[acsw] interface gigabitethernet0/0/1 // 或者 [acsw]int g0/0/1 //命令直接简写
[acsw-GigabitEthernet0/0/1]port link-type access // 配置acsw与PC1连接方式为access
[acsw-GigabitEthernet0/0/1]port default vlan 10 // 默认vlan为vlan 10
[acsw-GigabitEthernet0/0/1]quit
[acsw]interface gigabitethernet0/0/2
[acsw-GigabitEthernet0/0/2]port link-type access
[acsw-GigabitEthernet0/0/2]port default vlan 20
[acsw-GigabitEthernet0/0/2]quit
[acsw]interface gigabitethernet0/0/3
[acsw-GigabitEthernet0/0/3]port link-type trunk
[acsw-GigabitEthernet0/0/3]port trunk allow-pass vlan 10 20
[acsw-GigabitEthernet0/0/3]q
coresw:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname coresw
[coresw]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[coresw]int g0/0/1
[coresw-GigabitEthernet0/0/1]port link-type trunk
[coresw-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20
[coresw-GigabitEthernet0/0/1]q
[coresw]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[coresw]ip pool vlan10
Info:It's successful to create an IP address pool.
[coresw-ip-pool-vlan10]?
ip-pool view commands:
configuration Configuration interlock
display Display current system information
dns-list Configure DNS servers
domain-name Configure domain name
excluded-ip-address Mark disable IP addresses
gateway-list Configure the gateway
lease Configure the lease of the IP pool
lock Lock the IP pool
mtrace Trace route to multicast source
nbns-list Configure the windows's netbios name servers
netbios-type Netbios node type
network Add a network
next-server The address of the server to use in the next step of the
client's bootstrap process.
option Configure the DHCP options
option121 DHCP option 121
option184 DHCP option 184
ping Send echo messages
quit Exit from current command view
reset Reset operation
return Exit to user view
screen-width Set screen width
set Set
stack Stack
static-bind Static bind
test-aaa Accounts test
[coresw-ip-pool-vlan10]network 192.168.10.0 mask 24
[coresw-ip-pool-vlan10]gateway-list 192.168.10.254 // 设置vlan10的网关
[coresw-ip-pool-vlan10]excluded-ip-address 192.168.10.150 192.168.10.200 // 设置不用于分配的IP范围
[coresw-ip-pool-vlan10]lease day 3 // 也可以同时设置 hour、minute
[coresw-ip-pool-vlan10]dns-list 8.8.8.8
[coresw-ip-pool-vlan10]q
[coresw]interface vlanif 10
[coresw-Vlanif10]ip address 192.168.10.254 24
[coresw-Vlanif10]q
[coresw]interface vlanif 20
[coresw-Vlanif20]ip address 192.168.20.254 24
[coresw-Vlanif20]q
[coresw]ip pool vlan20
Info:It's successful to create an IP address pool.
[coresw-ip-pool-vlan20]network 192.168.20.0 mask 255.255.255.0
[coresw-ip-pool-vlan20]gateway-list 192.168.20.254
[coresw-ip-pool-vlan20]dns-list 8.8.8.8
[coresw-ip-pool-vlan20]excluded-ip-address 192.168.20.150 192.168.20.200
[coresw-ip-pool-vlan20]lease day 0 hour 23
[coresw-ip-pool-vlan20]quit
[coresw]int vlanif10
[coresw-Vlanif10]dhcp select global // 选择全局地址池
[coresw-Vlanif10]q
[coresw]int vlanif20
[coresw-Vlanif20]dhcp select global
[coresw-Vlanif20]
检验
DHCP默认将最大的可分配IP分配给当前主机:192.168.10.253
ACL
案例
要求:
设备概述:
设置两台PC,分别属于不同子网,要求PC1所在子网不得访问服务器,PC2所在子网可以访问服务器。同时外界网络无法访问服务器。设置一台服务器。设置两台路由器AR2220。其中AR2220端口不够的可以自行添加:
拓扑
具体配置过程
PC Server
AR1
<Huawei>system
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1
[AR1]undo info-center enable
Info: Information center is disabled.
[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip address 192.168.2.254 24
[AR1-GigabitEthernet0/0/0]q
[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip address 192.168.3.254 24
[AR1-GigabitEthernet0/0/1]q
[AR1]int g2/0/0
[AR1-GigabitEthernet2/0/0]ip address 10.10.10.1 24
[AR1-GigabitEthernet2/0/0]q
[AR1]acl 3000
[AR1-acl-adv-3000]rule 10 deny ip source 192.168.2.0 0.0.0.255 destination 192.1
68.4.4 0
[AR1-acl-adv-3000]rule 20 permit ip source 192.168.3.0 0.0.0.255 destination
192.168.4.4 0
[AR1-acl-adv-3000]rule 30 deny ip source any destination 192.168.4.4 0
[AR1-acl-adv-3000]q
[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip address 192.168.4.254 24
[AR1-GigabitEthernet0/0/2]traffic-filter outbound acl 3000
[AR1-GigabitEthernet0/0/2]q
[AR1]display acl all
Total quantity of nonempty ACL number is 1
Advanced ACL 3000, 3 rules
Acl's step is 5
rule 10 deny ip source 192.168.2.0 0.0.0.255 destination 192.168.4.4 0
rule 20 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.4.4 0
rule 30 deny ip destination 192.168.4.4 0
AR2
<Huawei>system
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname AR2
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip address 10.10.10.2 24
[AR2-GigabitEthernet0/0/0]q
[AR2]
验证
文章来源:https://www.toymoban.com/news/detail-459438.html
文章来源地址https://www.toymoban.com/news/detail-459438.html
到了这里,关于ENSP路由交换机配置的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
![[eNSP]解决路由器以及交换机一直处于##,无法启动的问题](https://imgs.yssmx.com/Uploads/2024/02/506955-1.png)
