华为ENSP综合实验①

学习新思想，争做新青年。今天学习ENSP综合实验①！

实验拓扑

实验需求

1.PC机使用DHCP连接

2.三层和二层交换机配置MSTP、VRRP

3.三层交换机和路由器使用OSPF协议

4.在出口路由去R1上配置静态ACL和NAT

实验配置

接入交换机配置

sw3交换机配置

sysname LSW3

vlan batch 10 20 30 40

stp region-configuration

region-name huawei

instance 1 vlan 10 20

instance 2 vlan 30 40

active region-configuration

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 30 40

interface Ethernet0/0/3

port link-type access

port default vlan 10

stp edged-port enable

interface Ethernet0/0/4

port link-type access

port default vlan 20

stp edged-port enable

sw4交换机配置

sysname LSW4

vlan batch 10 20 30 40

stp region-configuration

region-name huawei

instance 1 vlan 10 20

instance 2 vlan 30 40

active region-configuration

interface Ethernet0/0/2

port link-type trunk

port trunk allow-pass vlan 30 40

interface Ethernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20

interface Ethernet0/0/3

port link-type access

port default vlan 30

stp edged-port enable

interface Ethernet0/0/4

port link-type access

port default vlan 40

stp edged-port enable

核心交换机配置

sw1交换机配置

sysname LSW1

二层配置

vlan batch 10 20 30 40 66

stp instance 1 root primary

stp instance 2 root secondary

stp region-configuration

region-name huawei

instance 1 vlan 10 20

instance 2 vlan 30 40

active region-configuration

interface Eth-Trunk1

port link-type trunk

port trunk allow-pass vlan 10 20 30 40

interface GigabitEthernet0/0/1

port link-type access

port default vlan 66

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 10 20

interface GigabitEthernet0/0/5

port link-type trunk

port trunk allow-pass vlan 30 40

interface GigabitEthernet0/0/2

eth-trunk 1

interface GigabitEthernet0/0/3

eth-trunk 1

dhcp配置

dhcp enable

ip pool vlan10

gateway-list 192.168.10.252

network 192.168.10.0 mask 255.255.255.0

ip pool vlan20

gateway-list 192.168.20.252

network 192.168.20.0 mask 255.255.255.0

ip pool vlan30

gateway-list 192.168.30.252

network 192.168.30.0 mask 255.255.255.0

ip pool vlan40

gateway-list 192.168.40.252

network 192.168.40.0 mask 255.255.255.0

三层网关及vrrp配置

interface Vlanif10

ip address 192.168.10.252 255.255.255.0

vrrp vrid 10 virtual-ip 192.168.10.254

vrrp vrid 10 priority 120

dhcp select global

interface Vlanif20

ip address 192.168.20.252 255.255.255.0

vrrp vrid 20 virtual-ip 192.168.20.254

vrrp vrid 20 priority 120

dhcp select global

interface Vlanif30

ip address 192.168.30.252 255.255.255.0

vrrp vrid 30 virtual-ip 192.168.30.254

dhcp select global

interface Vlanif40

ip address 192.168.40.252 255.255.255.0

vrrp vrid 40 virtual-ip 192.168.40.254

dhcp select global

interface Vlanif66

ip address 192.168.66.2 255.255.255.252

三层路由配置

ospf 1 router-id 1.1.1.1

area 0.0.0.0

network 192.168.10.0 0.0.0.255

network 192.168.20.0 0.0.0.255

network 192.168.30.0 0.0.0.255

network 192.168.40.0 0.0.0.255

network 192.168.66.0 0.0.0.255

sw2交换机配置

sysname LSW2

二层配置

vlan batch 10 20 30 40 88

stp instance 1 root secondary

stp instance 2 root primary

stp region-configuration

region-name huawei

instance 1 vlan 10 20

instance 2 vlan 30 40

active region-configuration

interface Eth-Trunk1

port link-type trunk

port trunk allow-pass vlan 10 20 30 40

interface GigabitEthernet0/0/1

port link-type access

port default vlan 88

interface GigabitEthernet0/0/5

port link-type trunk

port trunk allow-pass vlan 10 20

interface GigabitEthernet0/0/4

port link-type trunk

port trunk allow-pass vlan 30 40

interface GigabitEthernet0/0/2

eth-trunk 1

interface GigabitEthernet0/0/3

eth-trunk 1

dhcp配置

dhcp enable

ip pool vlan10

gateway-list 192.168.10.254

network 192.168.10.0 mask 255.255.255.0

ip pool vlan20

gateway-list 192.168.20.254

network 192.168.20.0 mask 255.255.255.0

ip pool vlan30

gateway-list 192.168.30.254

network 192.168.30.0 mask 255.255.255.0

ip pool vlan40

gateway-list 192.168.40.254

network 192.168.40.0 mask 255.255.255.0

三层网关及vrrp配置

interface Vlanif10

ip address 192.168.10.253 255.255.255.0

vrrp vrid 10 virtual-ip 192.168.10.254

dhcp select global

interface Vlanif20

ip address 192.168.20.253 255.255.255.0

vrrp vrid 20 virtual-ip 192.168.20.254

dhcp select global

interface Vlanif30

ip address 192.168.30.253 255.255.255.0

vrrp vrid 30 virtual-ip 192.168.30.254

vrrp vrid 30 priority 120

dhcp select global

interface Vlanif40

ip address 192.168.40.253 255.255.255.0

vrrp vrid 40 virtual-ip 192.168.40.254

vrrp vrid 40 priority 120

dhcp select global

interface Vlanif 88

ip address 192.168.88.2 255.255.255.252

路由配置

ospf 1 router-id 1.1.1.2

area 0.0.0.0

network 192.168.10.0 0.0.0.255

network 192.168.20.0 0.0.0.255

network 192.168.30.0 0.0.0.255

network 192.168.40.0 0.0.0.255

network 192.168.88.0 0.0.0.255

路由器配置

R1配置

sysname AR1

acl number 2000

rule 5 permit source 192.168.10.0 0.0.0.255

rule 10 permit source 192.168.20.0 0.0.0.255

rule 15 permit source 192.168.30.0 0.0.0.255

rule 20 permit source 192.168.40.0 0.0.0.255

interface GigabitEthernet0/0/0

ip address 192.168.88.1 255.255.255.252

interface GigabitEthernet0/0/1

ip address 192.168.66.1 255.255.255.252

interface GigabitEthernet0/0/3

ip address 100.1.1.1 255.255.255.252

nat outbound 2000

ospf 1 router-id 1.1.1.3

default-route-advertise

area 0.0.0.0

network 192.168.66.0 0.0.0.255

network 192.168.88.0 0.0.0.255

ip route-static 0.0.0.0 0.0.0.0 100.1.1.2

R2配置

interface GigabitEthernet0/0/3

ip address 100.1.1.2 255.255.255.252

配置完毕

–