1.配置所有设备主机名,名称见“网络拓扑”。启用所有设备的ssh服务,用户名和明文密码均为admin;配置所有设备ssh连接超时为9分钟,console 连接超时为30分钟。
SW1
ssh-server enable
ssh-server timeout 540
exec-timeout 30
SW2
ssh-server enable
ssh-server timeout 540
exec-timeout 30
SW3
ssh-server enable
ssh-server timeout 540
exec-timeout 30
RT1
ip sshd enable
line vty 0 4
exec-timeout 9
!
line console 0
exec-timeout 30
!
RT2
ip sshd enable
line vty 0 4
exec-timeout 9
!
line console 0
exec-timeout 30
!
AC1
ssh-server enable
2.配置所有设备的时区为GMT+08:00。调整 SW1时间为实际时间,SW1配置为ntp server,其他设备为ntp client,请求报文时间间隔 1分钟,用SW1Loopback1 IPv6 地址作为ntp server 地址。
SW1
clock timezone GMT add 8 0
clock set 时:分:秒 年:月:日
ntp enable
ntp-service refclock-master 1
SW2
clock timezone GMT add 8 0
ntp enable
ntp syn-interval 60
ntp server 2001:10:10:1::1
SW3
clock timezone GMT add 8 0
ntp enable
ntp syn-interval 60
ntp server 2001:10:10:1::1
RT1
time-zone GMT 8 0
ntp query-interval 60
ntp server 2001:10:10:1::1
RT2
time-zone GMT 8 0
ntp query-interval 60
ntp server 2001:10:10:1::1
FW1
clock zone GMT 8 0
ntp enable
ntp query-interval 1
ntp max-adjustment 0
ntp server 2001:10:10:1::1
FW2
clock zone GMT 8 0
ntp enable
ntp query-interval 1
ntp max-adjustment 0
ntp server 2001:10:10:1::1
AC1
clock timezone GMT add 8 0
ntp enable
ntp syn-interval 60
ntp server 2001:10:10:1::1
3.SW2配置DHCPv4和DHCPv6,分别为总公司产品1段、总公司产品2段、分公司Vlan130、分公司Vlan140和分公司Vlan150分配地址。IPv4地址池名称分别为Poolv4-Vlan11、Poolv4-Vlan21、Poolv4-Vlan130、Poolv4-Vlan140、Poolv4-Vlan150,排除网关,DNS为10.1.210.101和10.1.220.101。IPv6地址池名称分别为Poolv6-Vlan11、Poolv6-Vlan21、Poolv6-Vlan130、Poolv6-Vlan140、Poolv6-Vlan150,IPv6地址池用网络前缀表示,排除网关,DNS为2400:3200::1。PC1保留地址10.1.11.9和2001:10:1:11::9,PC2保留地址10.1.21.9和2001:10:1:21::9,AP1保留地址10.1.130.9和2001:10:1:130::9。SW1、AC1中继地址为SW2 Loopback1地址,SW1启用DHCPv4和DHCPv6 snooping,如果E1/0/1连接dhcpv4服务器,则关闭该端口,恢复时间为10分钟。
SW2
ip dhcp pool Poolv4-Vlan11
network-address 10.1.11.0 255.255.255.0
default-router 10.1.11.1
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool Poolv4-Vlan21
network-address 10.1.21.0 255.255.255.0
default-router 10.1.21.1
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool Poolv4-Vlan130
network-address 10.1.130.0 255.255.255.0
default-router 10.1.130.1
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool Poolv4-Vlan140
network-address 10.1.140.0 255.255.255.0
default-router 10.1.140.1
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool Poolv4-Vlan150
network-address 10.1.150.0 255.255.255.0
default-router 10.1.150.1
dns-server 10.1.210.101 10.1.220.101
!
排除网关
ip dhcp excluded-address 10.1.11.1
ip dhcp excluded-address 10.1.21.1
ip dhcp excluded-address 10.1.130.1
ip dhcp excluded-address 10.1.140.1
ip dhcp excluded-address 10.1.150.1
!
ip dhcp pool AP1
host 10.1.130.9 255.255.255.0
hardware-address 00-03-0f-ea-eb-90 AP的物理地址
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool PC1
host 10.1.11.9 255.255.255.0
hardware-address 00-03-0f-ea-eb-90 PC1的物理地址
dns-server 10.1.210.101 10.1.220.101
!
ip dhcp pool PC2
host 10.1.21.9 255.255.255.0
hardware-address 00-03-0f-ea-eb-90 PC2物理地址
dns-server 10.1.210.101 10.1.220.101
!
ipv6 dhcp pool Poolv6-Vlan11
network-address 2001:10:1:11:: 64 地址池网络前缀
static-binding 2001:10:1:11::9 00-03-0f-ea-eb-90 PC1的物理地址
excluded-address 2001:10:1:11::1 排除网关
dns-server 2400:3200::1
!
ipv6 dhcp pool Poolv6-Vlan21
network-address 2001:10:1:21:: 64 地址池网络前缀
static-binding 2001:10:1:21::9 00-03-0f-ea-eb-90 PC2物理地址
excluded-address 2001:10:1:21::1 排除网关
dns-server 2400:3200::1
!
ipv6 dhcp pool Poolv6-Vlan130
network-address 2001:10:1:130:: 64 地址池网络前缀
static-binding 2001:10:1:130::9 00-03-0f-ea-eb-90 AP1物理地址
excluded-address 2001:10:1:130::1 排除网关
dns-server 2400:3200::1
!
ipv6 dhcp pool Poolv6-Vlan140
network-address 2001:10:1:140:: 64 地址池网络前缀
excluded-address 2001:10:1:140::1 排除网关
dns-server 2400:3200::1
!
ipv6 dhcp pool Poolv6-Vlan150
network-address 2001:10:1:150:: 64 地址池网络前缀
excluded-address 2001:10:1:150::1 排除网关
dns-server 2400:3200::1
SW1
Ser dhcp
Ser dhcpv6
ip forward-protocol udp bootps
ip dhcp snooping enable
Int e1/0/1
ip dhcp snooping action shutdown recovery 600
Int vlan 10
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ip helper-address 10.1.2.1
ipv6 dhcp relay destination 2001:10:1:2::1
AC1
Ser dhcp
Ser dhcpv6
ip forward-protocol udp bootps
Int vlan 130
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ip helper-address 10.1.2.1
ipv6 dhcp relay destination 2001:10:1:2::1
Int vlan 140
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ip helper-address 10.1.2.1
ipv6 dhcp relay destination 2001:10:1:2::1
Int vlan 150
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ip helper-address 10.1.2.1
ipv6 dhcp relay destination 2001:10:1:2::1
4.(1)SW1、SW2、SW3、RT1、RT2、FW1 之间 OSPFv2 和 OSPFv3 协议,process 1,area 0,分别发布 Loopback1 地址路由和产品路由,FW1 通告 type1默认路由。
SW1,SW2
router ospf 1
router-id 10.4.1.1(10.4.2.1)
network 10.4.255.14(10.4.255.22) 255.255.255.252 area 0
network 10.4.255.5(10.4.255.9) 255.255.255.252 area 0
Network10.4.255.1(10.4.255.2) 255.255.255.252 area 0
network 10.4.1.1(10.4.2.1) 255.255.255.252 area 0
exit
interface lo1
ipv6 router ospf tag 1 area 0
exit
int vlan 1019
ipv6 router ospf tag 1 area 0
exit
int vlan 1020
ipv6 router ospf tag 1 area 0
exit
int vlan 1023
ipv6 router ospf tag 1 area 0
Exit
SW3
router ospf 1
router-id 10.4.3.1
network 10.4.255.6 255.255.255.252 area 0
network 10.4.255.10 255.255.255.252 area 0
exit
interface lo1
ipv6 router ospf tag 1 area 0
exit
int vlan 1019
ipv6 router ospf tag 1 area 0
exit
int vlan 1020
ipv6 router ospf tag 1 area 0
Exit
RT1
router ospf 1
router-id 10.4.5.1
network 10.4.255.33 255.255.255.252 area 0
network 10.4.255.18 255.255.255.252 area 0
network 10.4.255.21 255.255.255.255 area 0
network 10.4.255.37 255.255.255.255 area 0
network 10.4.255.41 255.255.255.255 area 0
exi
int lo1
ipv6 ospf 1 area 0
int g0/0
ipv6 ospf 1 area 0
int g0/1
ipv6 ospf 1 area 0
int g0/2
ipv6 ospf 1 area 0
int s1/0
ipv6 ospf 1 area 0
int s1/1
ipv6 ospf 1 area 0
RT2
router ospf 1
router-id 10.13.6.2
network 10.4.255.34 255.255.255.252 area 0
network 10.4.255.42 255.255.255.252 area 0
network 10.4.255.38 255.255.255.252 area 0
int lo1
ipv6 ospf 1 area 0
int g0/0
ipv6 ospf 1 area 0
int s1/0
ipv6 ospf 1 area 0
int s1/1
ipv6 ospf 1 area 0
FW1:
ip vrouter trust-vr
ip route 0.0.0.0/0 200.200.200.1
router ospf
router-id 10.4.7.1
network 10.4.255.39/30 area 0
network 10.4.255.17/30 area 0
network 10.4.7.1 area 0
default-information originate type 2
exit
exit
ip vrouter trust-vr
ipv6 router ospf router-id 10.4.7.1
exit
exit
interface loopback1
ipv6 ospf area 0
exit
interface ethernet0/1
ipv6 ospf area 0
exit
interface ethernet0/2
ipv6 ospf area 0
exi
(2)RT2 与 AC1 之间运行 OSPFv2 协议,process 1,area 1 nssa no summary;AC1 发布 Loopback1 地址路由、管理、产品和营销路由用 prefix-list 重发布 Loopback3,prefix-list 名称AC1-Loopback3-IPv4。
RT1
router ospf 1
netw 10.4.255.21 255.255.255.252 area 1
area 1 nass no-summary
Exi
AC1
router ospf 1
network 10.4.4.1/32 area 1
network 10.4.4.2/32 area 1
network 10.4.4.3/32area 1
network 10.4.255.46/30 area 1
area 1 nssa no-summary
exi
Int lo3
exi
ip prefix-list AC1-Loopback3-IPv4 permit 10.4.4.3/32
ip prefix-list AC1-Loopback3-IPv4 permit any
route-map loopback3 permit 10
match ip address prefix-list loopback3
exit
route-map loopback3 permit 1
exi
router ospf 1
redistribute connected route-map loopback3
exit
(4)修改 ospf cost 为 100,实现 SW1 分别与 RT2、FW2 之间 IPv4 和 IPv6 互访流量优先通过 SW1-SW2-RT1 链路转发,SW2 访问Internet IPv4 和 IPv6 流量优先通过 SW2-SW1-FW1 链路转发。
SW1
router ospf 1
interface e1/0/19
ip ospf cost 100
Exit
ip access-list extended IPV4_ACL
permit ip any any
Exi
RT1
route-map IPV4_ROUTE_MAP permit 10
match ip address IPV4_ACL
set ip next-hop <SW2的IP地址>
interface GigabitEthernet0/1文章来源:https://www.toymoban.com/news/detail-785193.html
ip policy route-map IPV4_ROUTE_MAP
ipv6 access-list IPV6_ACL
permit ipv6 any any
route-map IPV6_ROUTE_MAP permit 10
match ipv6 address IPV6_ACL
set ipv6 next-hop <SW2的IPv6地址>
interface GigabitEthernet0/1
ipv6 policy route-map IPV6_ROUTE_MAP文章来源地址https://www.toymoban.com/news/detail-785193.html
RT1
ip access-list extended IPV4_ACL
permit ip any any
Exi
route-map IPV4_ROUTE_MAP permit 10
match ip address IPV4_ACL
set ip next-hop <SW1的IP地址>
interface GigabitEthernet0/1
ip policy route-map IPV4_ROUTE_MAP
ipv6 access-list IPV6_ACL
permit ipv6 any any
route-map IPV6_ROUTE_MAP permit 10
match ipv6 address IPV6_ACL
set ipv6 next-hop <SW1的IPv6地址>
interface GigabitEthernet0/1
ipv6 policy route-map IPV6_ROUTE_MAP
到了这里,关于zz016网络建设与运维正式赛卷(路由)的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
