小型园区网实验作业

发布于:2025-04-08 ⋅ 阅读:(33) ⋅ 点赞:(0)

 

拓扑搭建:

 

实验需求:

1、按照图示的VLAN及IP地址需求,完成相关配置
2、要求SW1为VLAN 2/3的主根及网关
       SW2 为VLAN 20/30 的主根及主网关
    SW1和SW2互为备份
3、可以使用super vlan
4、上层通过静态路由协议完成数据通信过程
5、AR1为企业出口路由器
6、要求全网可达

 

需求分析:

1.生成树与网关设置:让 SW1 成为 VLAN 2/3 的主根及主网关,意味着在生成树协议(STP)中,SW1 在 VLAN 2/3 内优先级最高,且作为这两个 VLAN 内主机的默认网关 。使 SW2 成为 VLAN 20/30 的主根及主网关,原理同 SW1 在 VLAN 2/3 的设置 。SW1 和 SW2 互为备份,即当主根交换机出现故障时,备份交换机能迅速接替工作,需通过配置 STP 的备份机制(如设置合适的优先级、根路径开销等)来实现 。
2.路由配置:采用静态路由协议,在路由器 AR1 及相关设备上配置路由条目,确保不同网段(包括企业内部 VLAN 网段、与 ISP 连接网段)间数据能够正确转发 。
3.企业出口设置:将 AR1 配置为企业出口路由器,需设置 NAT(网络地址转换)功能,使企业内部私有 IP 地址能够转换为合法公网 IP 地址,实现与 ISP 网络及外部网络的通信。
 

配置命令:

AR1:
int g 0/0/1
ip address  10.0.11.2 30
int g 0/0/2
ip address 10.0.12.2 30
q
ping 10.0.11.1
通
ping 10.0.12.1
通
ospf 1
a 0
network 10.0.11.2 0.0.0.0
network 10.0.12.2 0.0.0.0
q
ip route-static 0.0.0.0 0 202.1.1.2
ospf 1
default-route-advertise
q
acl 2000
rule permit source 10.0.0.0 0.0.255.255
interface g 0/0/0
nat outbound 2000



ISP:
sys
interface g 0/0/0
ip address  202.1.1.2 30
q
interface LoopBack 0
ip address 100.100.100 32
q



LSW1:
vlan batch 2 3 20 30
interface Eth-Trunk 0
trunkport g 0/0/1 to 0/0/2
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
q
int g 0/0/3
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
int g 0/0/4
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
q
display vlan
stp enable
stp mode mstp
stp region-configuration
region-name aa
revision-level 100
instance 1 vlan 2 3
instance 2 vlan 20 30
active region-configuration
dispaly stp brief
stp instance 1 root primary
stp instance 2 root secondary
dispaly stp brief
interface Eth-Trunk 0
q
int g 0/0/3
stp root-protection
q
interface Vlanif 2
ip address 10.0.2.1 24
vrrp vrid 1virtual-ip 10.0.2.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface g 0/0/5 reduced 30
q
interface Vlanif 2
display this
q
interface Vlanif 3
ip address 10.0.3.1 24
vrrp vrid 1 virtual-ip 10.0.3.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface g 0/0/5 reduced 30
display this
interface Vlanif 20
ip address 10.0.20.1 24
vrrp vrid 1 virtual-ip 10.0.20.254
int v 30
ip address 10.0.30.1 24
vrrp vrid 1 virtual-ip 10.0.30.254
q
display vrrp brief
dhcp enable
ip pool vlan 2
network 10.0.2.0 mask 24
gateway-list 10.0.2.254
dns-list 8.8.8.8
undo network 
network 10.0.2.0 mask 25
undo gateway-list 10.0.2.254
network 10.0.2.0 mask 25
gateway-list 10.0.2.100
interface vlanif 2
vrrp vrid 1 virtual-ip 10.0.2.100
q
interface Vlanif 2
dhcp select global
q
vlan 11
q
interface g 0/0/5
port link-type access
port default vlan 11
q
interface Vlanif 11
ip address 10.0.11.1 30
q
ospf 1
area 0
network 10.0.2.1 0.0.0.0
network 10.0.3.1 0.0.0.0
network 10.0.11.1 0.0.0.0
network 10.0.20.1 0.0.0.0
network 10.0.30.1 0.0.0.0
q
silent-interface Vlanif 2
silent-interface Vlanif 3
silent-interface Vlanif 20
silent-interface Vlanif 30
vlan 13
q
interface Eth-Trunk 0
port trunk allow-pass vlan 13
dis this
interface Vlanif 13
ip address 10.0.13.1 30
ospf 1
network 10.0.13.1 0.0.0.0
q



LSW2:
vlan batch 2 3 20 30
interface Eth-Trunk 0
trunkport g 0/0/1 to 0/0/2
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
q
int g 0/0/3
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
int g 0/0/4
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
q
stp enable
stp mode mstp
stp region-configuration
region-name aa
revision-level 100
instance 1 vlan 2 3
instance 2 vlan 20 30
active region-configuration
stp instance 1 root secondary
stp instance 2 root primary
interface Vlanif 2
ip address 10.0.2.2 24
vrrp vrid 1 virtual-ip 10.0.2.254
q
interface Vlanif 3
ip address 10.0.3.2 24
vrrp vrid 1 virtual-ip 10.0.3.254
interface Vlanif 20
ip address 10.0.20.2 24
vrrp vrid 1 virtual-ip 10.0.20.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface g 0/0/5 reduced 30
int v 30
ip address 10.0.30.1 24
vrrp vrid 1 virtual-ip 10.0.30.254
display vrrp brief
undo network 
network 10.0.2.128 mask 25
vlan 12
q
int g 0/0/5
po li a
po de v 12
q
interface Vlanif 12
ip address 10.0.12.1 30
ospf 1
area 0
network 10.0.2.2 0.0.0.0
network 10.0.3.2 0.0.0.0
network 10.0.30.2 0.0.0.0
network 10.0.12.1 0.0.0.0
q
silent-interface Vlanif 2
silent-interface Vlanif 3
silent-interface Vlanif 20
silent-interface Vlanif 30
vlan 13
q
interface Eth-Trunk 0
po t alk
po t al v 13
q
interface Vlanif 13
ip address 10.0.13.2 30
q
ospf 1
network 10.0.13.2 0.0.0.0
q
stp instance 0 root secondary
ping 10.0.13.1
通



LSW3:
vlan batch 2 3 20 30
interface g 0/0/1
port link-type access
port default vlan 2
int g 0/0/2
port link-type access
port default vlan 3
q
int g 0/0/3
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
int g 0/0/4
port link-type trunk
port trunk all v 2 3 20 30
q
stp enable
stp mode mstp
stp region-configuration
region-name aa
revision-level 100
instance 1 vlan 2 3
instance 2 vlan 20 30
active region-configuration
display this
int g 0/0/1
stp edged-port enable



LSW4:
vlan batch 2 3 20 30
interface g 0/0/1
port link-type access
port default vlan 20
int g 0/0/2
port link-type access
port default vlan 30
int g 0/0/3
port link-type trunk
port trunk allow-pass vlan 2 3 20 30
int g 0/0/4
port link-type trunk
port trunk all v 2 3 20 30
q
stp enable
stp mode mstp
stp region-configuration
region-name aa
revision-level 100
instance 1 vlan 2 3
instance 2 vlan 20 30
active region-configuration

 

测试结果:

PC1:
ping 10.0.2.254
通
ping  10.0.3.10
通
ping 10.0.20.10
通
ping 10.0.30.10
通
ping 100.100.100.100
通
AR1:
ping 10.0.11.1
通
ping 10.0.12.1
通
LSW2:
ping 10.0.13.1
通

 

实验感悟:

        通过此次网络实验,收获颇丰。在VLAN与IP配置环节,精确规划与设置是网络有序通信的基石,任何疏漏都可能导致网络不通,这让我深知基础配置严谨性的关键。生成树与网关设置极具挑战,既要明确各交换机在不同VLAN中的主根与备份角色,又要保障切换的及时性与稳定性。这不仅考验对生成树原理的理解,更需具备将理论转化为实际可靠配置的能力,让我对网络冗余备份机制有了更深刻认知。静态路由配置过程中,梳理各网段间的路径走向,准确设置路由条目,使我对网络层数据转发原理有了更透彻的领悟。而NAT配置实现内外网通信,仿佛搭建起一座连接企业与外部世界的桥梁,进一步拓宽了我对网络互联的认识。此次实验是理论与实践的深度交融,每一步配置都是对知识掌握程度的检验,每一次故障排查都是经验的积累。它不仅提升了我的实操能力,更让我学会从全局视角审视网络架构,为未来在网络领域的学习和工作筑牢根基。 

 

网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布