拓扑图
1、 SW1为PC1和PC2的DHCP服务器,AR2为PC3和PC4的DHCP服务器
2、PC1、PC2、PC3、PC4能够访问外网
3、外网能够访问内网的HTTP服务器和FTP服务器
SW1配置
system-view
sysname SW1
vlan batch 10 20 50 101
//各vlanif的IP地址配置如下:
[SW1]display ip interface brief
Interface IP Address/Mask Physical Protocol
LoopBack0 44.44.44.44/32 up up(s)
Vlanif10 192.168.10.254/24 up up
Vlanif20 192.168.20.254/24 up up
Vlanif50 192.168.50.254/24 up up
Vlanif101 192.168.101.1/30 up up
//各端口配置
[SW1]interface GigabitEthernet0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 101
[SW1]interface GigabitEthernet0/0/2
[SW1-GigabitEthernet0/0/2]port hybrid pvid vlan 10
[SW1-GigabitEthernet0/0/2]port hybrid untagged vlan 10
[SW1]interface GigabitEthernet0/0/3
[SW1-GigabitEthernet0/0/3]port hybrid pvid vlan 20
[SW1-GigabitEthernet0/0/3]port hybrid untagged vlan 20
[SW1]interface GigabitEthernet0/0/23
[SW1-GigabitEthernet0/0/23]port link-type access
[SW1-GigabitEthernet0/0/23]port default vlan 50
[SW1]interface GigabitEthernet0/0/24
[SW1-GigabitEthernet0/0/24]port link-type access
[SW1-GigabitEthernet0/0/24]port default vlan 50
//DHCP配置
[SW1]dhcp enable
[SW1]ip pool vlanif10
[SW1-ip-pool-vlanif10]gateway-list 192.168.10.254
[SW1-ip-pool-vlanif10]network 192.168.10.0 mask 24
[SW1-ip-pool-vlanif10]lease day 2
[SW1-ip-pool-vlanif10]dns-list 114.114.114.114
[SW1]interface Vlanif10
[SW1-Vlanif10]ip address 192.168.10.254 24
[SW1-Vlanif10]dhcp select global //基于全局DHCP
[SW1]interface Vlanif20
[SW1-Vlanif20]ip address 192.168.20.254 24
[SW1-Vlanif20]dhcp select interface //基于接口DHCP
[SW1-Vlanif20]dhcp server lease day 2
[SW1-Vlanif20]dhcp server dns-list 114.114.114.114
//OSPF配置
[SW1]router id 44.44.44.44
[SW1]ospf 1
[SW2-ospf-1]area 1
[SW2-ospf-1-area-0.0.0.1]network 192.168.101.1 0.0.0.0
[SW2-ospf-1-area-0.0.0.1]network 192.168.10.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.1]network 192.168.20.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.1]network 192.168.50.0 0.0.0.255
SW2配置
[SW2]vlan batch 30 40 102
//各vlanif的IP地址配置如下:
[SW2]display ip interface brief
Interface IP Address/Mask Physical Protocol
LoopBack0 55.55.55.55/32 up up(s)
Vlanif30 192.168.30.254/24 up up
Vlanif40 192.168.40.254/24 up up
Vlanif102 192.168.102.1/30 up up
//各端口配置
[SW2]interface GigabitEthernet0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 102
[SW2]interface GigabitEthernet0/0/2
[SW2-GigabitEthernet0/0/2]port hybrid pvid vlan 30
[SW2-GigabitEthernet0/0/2]port hybrid untagged vlan 30
[SW2]interface GigabitEthernet0/0/3
[SW2-GigabitEthernet0/0/3]port hybrid pvid vlan 40
[SW2-GigabitEthernet0/0/3]port hybrid untagged vlan 40
//DHCP中继配置
[SW2]interface Vlanif30
[SW2-Vlanif30]ip address 192.168.30.254 24
[SW2-Vlanif30]dhcp select relay
[SW2-Vlanif30]dhcp relay server-ip 192.168.102.2
[SW2]interface Vlanif40
[SW2-Vlanif40]ip address 192.168.40.254 24
[SW2-Vlanif40]dhcp select relay
[SW2-Vlanif40]dhcp relay server-ip 192.168.102.2
//OSPF配置
[SW2]router id 55.55.55.55
[SW2]ospf 1
[SW2-ospf-1]area 2
[SW2-ospf-1-area-0.0.0.2]network 192.168.102.1 0.0.0.0
[SW2-ospf-1-area-0.0.0.2]network 192.168.30.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.2]network 192.168.40.0 0.0.0.255
AR1配置
//各端口IP地址配置如下:
[AR1]display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.13.2/30 up up
GigabitEthernet0/0/1 172.16.12.1/30 up up
GigabitEthernet0/0/2 192.168.101.2/30 up up
LoopBack0 11.11.11.11/32 up up(s)
//OSPF配置
[AR1]router id 11.11.11.11
[AR1]ospf 1
[AR1-ospf-1]area 0
[AR1-ospf-1-area-0.0.0.0]authentication-mode hmac-md5 1 plain 123456
[AR1-ospf-1-area-0.0.0.0]network 172.16.12.1 0.0.0.0
[AR1-ospf-1-area-0.0.0.0]network 172.16.13.2 0.0.0.0
[AR1-ospf-1]area 1
[AR1-ospf-1-area-0.0.0.1]network 192.168.101.2 0.0.0.0
AR2配置
//各端口IP地址配置如下:
[AR2]display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.23.2/30 up up
GigabitEthernet0/0/1 172.16.12.2/30 up up
GigabitEthernet0/0/2 192.168.102.2/30 up up
LoopBack0 22.22.22.22/32 up up(s)
//DHCP地址池配置:
[AR2]dhcp enable
[AR2]ip pool vlanif30
[AR2-vlanif30]gateway-list 192.168.30.254
[AR2-vlanif30]network 192.168.30.0 mask 24
[AR2-vlanif30]lease day 2
[AR2-vlanif30]dns-list 114.114.114.114
[AR2]ip pool vlanif40
[AR2-vlanif40]gateway-list 192.168.40.254
[AR2-vlanif40]network 192.168.40.0 mask 24
[AR2-vlanif40]lease day 2
[AR2-vlanif40]dns-list 114.114.114.114
[AR2]interface GigabitEthernet0/0/2
[AR2-GigabitEthernet0/0/2]dhcp select global
//OSPF配置
[AR2]router id 22.22.22.22
[AR2]ospf 1
[AR2-ospf-1]area 0
[AR2-ospf-1-area-0.0.0.0]authentication-mode hmac-md5 1 plain 123456
[AR2-ospf-1-area-0.0.0.0]network 172.16.12.2 0.0.0.0
[AR2-ospf-1-area-0.0.0.0]network 172.16.23.2 0.0.0.0
[AR2-ospf-1]area 2
[AR2-ospf-1-area-0.0.0.2]network 192.168.102.2 0.0.0.0
AR3配置
1、内网PC1、PC2、PC3、PC4能够访问外网
2、外网Client通过公网IP访问内网HTTP服务器和FTP服务器
//各端口IP地址配置如下:
[AR3]display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 100.1.1.2/24 up up
GigabitEthernet0/0/1 172.16.13.1/30 up up
GigabitEthernet0/0/2 172.16.23.1/30 up up
LoopBack0 33.33.33.33/32 up up(s)
//OSPF配置
[AR3]router id 33.33.33.33
[AR3]ospf 1
[AR3-ospf-1]default-route-advertise always //引入静态路由
[AR3-ospf-1]area 0
[AR3-ospf-1-area-0.0.0.0]authentication-mode hmac-md5 1 plain 123456 //区域认证
[AR3-ospf-1-area-0.0.0.0]network 172.16.13.1 0.0.0.0
[AR3-ospf-1-area-0.0.0.0]network 172.16.23.1 0.0.0.0
//默认静态路由配置
[AR3]ip route-static 0.0.0.0 0.0.0.0 100.1.1.1
//ACL + NAT配置
[AR3]acl number 2000
[AR3-acl-basic-2000]rule 5 permit source 192.168.10.0 0.0.0.255
[AR3-acl-basic-2000]rule 10 permit source 192.168.20.0 0.0.0.255
[AR3-acl-basic-2000]rule 15 permit source 192.168.30.0 0.0.0.255
[AR3-acl-basic-2000]rule 20 permit source 192.168.40.0 0.0.0.255
[AR3-acl-basic-2000]rule 25 deny source any
[AR3]interface GigabitEthernet0/0/0
[AR3-GigabitEthernet0/0/0]ip address 100.1.1.2 24
[AR3-GigabitEthernet0/0/0]nat server protocol tcp global current-interface www inside 192.168.50.1 www //外网Client可以通过IP:100.1.1.2访问内网的HTTP服务器
[AR3-GigabitEthernet0/0/0]nat server protocol tcp global current-interface ftp inside 192.168.50.2 ftp //外网Client可以通过IP:100.1.1.2访问内网的FTP服务器
[AR3-GigabitEthernet0/0/0]nat outbound 2000 //对数据流进行NAT
[AR3]nat alg ftp enable //开启FTP的NAT ALG
ISP配置
//各端口IP地址配置如下:
[ISP]display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 100.1.1.1/24 up up
GigabitEthernet0/0/1 200.1.1.1/24 up up
实验验证:
查看AR3
<AR1>display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 23 Routes : 24
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Static 60 0 RD 100.1.1.1 GigabitEthernet0/0/0
33.33.33.33/32 Direct 0 0 D 127.0.0.1 LoopBack0
100.1.1.0/24 Direct 0 0 D 100.1.1.2 GigabitEthernet0/0/0
100.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
100.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.16.12.0/30 OSPF 10 2 D 172.16.23.2 GigabitEthernet0/0/2
OSPF 10 2 D 172.16.13.2 GigabitEthernet0/0/1
172.16.13.0/30 Direct 0 0 D 172.16.13.1 GigabitEthernet0/0/1
172.16.13.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
172.16.13.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
172.16.23.0/30 Direct 0 0 D 172.16.23.1 GigabitEthernet0/0/2
172.16.23.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/2
172.16.23.3/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/2
192.168.10.0/24 OSPF 10 3 D 172.16.13.2 GigabitEthernet0/0/1
192.168.20.0/24 OSPF 10 3 D 172.16.13.2 GigabitEthernet0/0/1
192.168.30.0/24 OSPF 10 3 D 172.16.23.2 GigabitEthernet0/0/2
192.168.40.0/24 OSPF 10 3 D 172.16.23.2 GigabitEthernet0/0/2
192.168.50.0/24 OSPF 10 3 D 172.16.13.2 GigabitEthernet0/0/1
192.168.101.0/30 OSPF 10 2 D 172.16.13.2 GigabitEthernet0/0/1
192.168.102.0/30 OSPF 10 2 D 172.16.23.2 GigabitEthernet0/0/2
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
<AR1>
*************************************************************************************
<AR1>display ospf lsdb
OSPF Process 1 with Router ID 33.33.33.33
Link State Database
Area: 0.0.0.0
Type LinkState ID AdvRouter Age Len Sequence Metric
Router 11.11.11.11 11.11.11.11 1415 48 80000012 1
Router 22.22.22.22 22.22.22.22 1425 48 80000011 1
Router 33.33.33.33 33.33.33.33 908 48 8000000D 1
Network 172.16.23.2 22.22.22.22 1425 32 80000008 0
Network 172.16.13.2 11.11.11.11 1415 32 80000007 0
Network 172.16.12.2 22.22.22.22 1694 32 80000008 0
Sum-Net 192.168.10.0 11.11.11.11 726 28 80000008 2
Sum-Net 192.168.20.0 11.11.11.11 726 28 80000008 2
Sum-Net 192.168.30.0 22.22.22.22 138 28 80000008 2
Sum-Net 192.168.50.0 11.11.11.11 1322 28 80000007 2
Sum-Net 192.168.102.0 22.22.22.22 299 28 80000008 1
Sum-Net 192.168.40.0 22.22.22.22 1678 28 80000008 2
Sum-Net 192.168.101.0 11.11.11.11 727 28 80000008 1
AS External Database
Type LinkState ID AdvRouter Age Len Sequence Metric
External 0.0.0.0 33.33.33.33 908 36 80000007 1
<AR1>
*************************************************************************************
<AR1>display nat server
Nat Server Information:
Interface : GigabitEthernet0/0/0
Global IP/Port : current-interface/80(www) (Real IP : 100.1.1.2)
Inside IP/Port : 192.168.50.1/80(www)
Protocol : 6(tcp)
VPN instance-name : ----
Acl number : ----
Description : ----
Global IP/Port : current-interface/21(ftp) (Real IP : 100.1.1.2)
Inside IP/Port : 192.168.50.2/21(ftp)
Protocol : 6(tcp)
VPN instance-name : ----
Acl number : ----
Description : ----
Total : 2
<AR1>
HTTP服务器
外网Client访问HTTP服务器
FTP服务器
外网Client访问FTP服务器
PC1
PC2
PC3
PC4文章来源:https://www.toymoban.com/news/detail-507897.html
文章来源地址https://www.toymoban.com/news/detail-507897.html
到了这里,关于eNSP综合实验:OSPF、DHCP、NAT等技术运用的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!