案例六

droppercauseΔίκτυα και Επικοινωνίες

28 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

73 εμφανίσεις

案例六

拓扑结构






运用到的功能

1


整个网络中的路由和三层交换机使用
OSPF
协议让它
畅通


2
整个网络是模拟公司通过
R4F0/0
端口与公网相连接。通过
使用
NAT
技术可以让私有
IP
地址转换成一个公网上的合法
IP
地址。

3
为了扩展
带宽
,实现负载均衡。。把几个交换机物理连接捆
绑在一起形成一个简单的逻辑连接。


4
.通过使用
ACL
功能
可以让指定的
PC
受到访问控制

5
.使用
VLAN
对端口进行划分

6.
使用
CHAP
认证

7.
使用了帧中继



设备配置及测试结果

Router0


Router#sh run

B
uilding configuration...


Current configuration : 776 bytes

!

version 12.2

no service password
-
encryption

!

hostname Router


ip ssh version 1

!

!

interface Loopback0


ip address 9.9.9.9 255.255.255.0

!

interface FastEthernet0/0


ip address 192.168.1.1 255.
255.255.0


duplex auto


speed auto

!

interface FastEthernet1/0


ip address 192.168.11.1 255.255.255.0


duplex auto


speed auto

shutdown

!!

router ospf 1


router
-
id 9.9.9.9


log
-
adjacency
-
changes


network 192.168.1.0 0.0.0.255 area 4


network 192.168.11.0 0
.0.0.255 area 0

!

ip classless

!


access
-
list 2 permit 192.168.50.0 0.0.0.255

line con 0

line vty 0 4


login

end


Router#sh ip route

Codes: C
-

connected, S
-

static, I
-

IGRP, R
-

RIP, M
-

mobile, B
-

BGP


D
-

EIGRP, EX
-

EIGRP external, O
-

OSPF, I
A
-

OSPF inter area


N1
-

OSPF NSSA external type 1, N2
-

OSPF NSSA external type 2


E1
-

OSPF external type 1, E2
-

OSPF external type 2, E
-

EGP


i
-

IS
-
IS, L1
-

IS
-
IS level
-
1, L2
-

IS
-
IS level
-
2, ia
-

IS
-
IS inter area


*
-

candid
ate default, U
-

per
-
user static route, o
-

ODR


P
-

periodic downloaded static route


Gateway of last resort is not set



9.0.0.0/24 is subnetted, 1 subnets

C 9.9.9.0 is directly connected, Loopback0

C 192.168.1.0/24 is directly connect
ed, FastEthernet0/0

O IA 192.168.2.0/24 [110/2] via 192.168.11.3, 00:32:42, FastEthernet1/0

O IA 192.168.3.0/24 [110/2] via 192.168.11.3, 00:32:42, FastEthernet1/0

C 192.168.11.0/24 is directly connected, FastEthernet1/0

O 192.168.33.0/24 [110/5] via

192.168.11.3, 00:32:52, FastEthernet1/0

O 192.168.34.0/24 [110/5] via 192.168.11.3, 00:32:52, FastEthernet1/0

O 192.168.50.0/24 [110/4] via 192.168.11.3, 00:32:52, FastEthernet1/0

O 192.168.51.0/24 [110/4] via 192.168.11.3, 00:32:52, FastEthernet
1/0



Router3

Router#sh run

Building configuration...


Current configuration : 1188 bytes

!

version 12.2

no service password
-
encryption

!

hostname Router

ip ssh version 1

interface Loopback0


ip address 6.6.6.6 255.255.255.0

!

interface FastEthernet0/0


ip

address 192.168.100.1 255.255.255.0


ip nat inside


duplex auto


speed auto

!

interface FastEthernet1/0.10


encapsulation dot1Q 2


ip address 192.168.33.1 255.255.255.0

!

interface FastEthernet1/0.20


encapsulation dot1Q 3


ip address 192.168.34.1 255.255
.255.0

!

interface Serial2/0


ip address 200.201.202.1 255.255.255.0


ip nat outside


clock rate 64000

!

router ospf 1


router
-
id 6.6.6.6


log
-
adjacency
-
changes


network 192.168.33.0 0.0.0.255 area 0


network 192.168.34.0 0.0.0.255 area 0


network 192.168.
100.0 0.0.0.255 area 0


network 200.201.202.0 0.0.0.255 area 0

!

ip nat pool YJ 200.201.202.1 200.201.202.50 netmask 255.255.255.0

ip nat inside source list 1 pool YJ

ip classless

!

access
-
list 1 permit 192.168.0.0 0.0.255.255

!

line con 0

line vty 0 4


lo
gin


end


Router#sh ip route

Codes: C
-

connected, S
-

static, I
-

IGRP, R
-

RIP, M
-

mobile, B
-

BGP


D
-

EIGRP, EX
-

EIGRP external, O
-

OSPF, IA
-

OSPF inter area


N1
-

OSPF NSSA external type 1, N2
-

OSPF NSSA external type 2


E1
-

OS
PF external type 1, E2
-

OSPF external type 2, E
-

EGP


i
-

IS
-
IS, L1
-

IS
-
IS level
-
1, L2
-

IS
-
IS level
-
2, ia
-

IS
-
IS inter area


*
-

candidate default, U
-

per
-
user static route, o
-

ODR


P
-

periodic downloaded static route


Gateway of
last resort is not set



6.0.0.0/24 is subnetted, 1 subnets

C 6.6.6.0 is directly connected, Loopback0

O IA 192.168.1.0/24 [110/5] via 192.168.100.2, 00:36:00, FastEthernet0/0

O IA 192.168.2.0/24 [110/4] via 192.168.100.2, 00:35:50, FastEthernet0
/0

O IA 192.168.3.0/24 [110/4] via 192.168.100.2, 00:36:00, FastEthernet0/0

O 192.168.11.0/24 [110/4] via 192.168.100.2, 00:36:00, FastEthernet0/0

C 192.168.33.0/24 is directly connected, FastEthernet1/0.10

C 192.168.34.0/24 is directly connected,

FastEthernet1/0.20

O 192.168.50.0/24 [110/4] via 192.168.100.2, 00:36:00, FastEthernet0/0

O 192.168.51.0/24 [110/4] via 192.168.100.2, 00:36:00, FastEthernet0/0

O 192.168.52.0/24 [110/4] via 192.168.100.2, 00:36:00, FastEthernet0/0

O 192.168.9
8.0/24 [110/3] via 192.168.100.2, 00:36:00, FastEthernet0/0


Router#sh access
-
lists

Standard IP access list 1


permit 192.168.0.0 0.0.255.255 (6 match(es))






ROUTE



Router#sh run

Building configuration...

Current configuration : 738 bytes


versio
n 12.2

no service password
-
encryption

hostname Router

ip ssh version 1

!

!

interface Loopback0


ip address 7.7.7.7 255.255.255.0

!

interface FastEthernet0/0


ip address 192.168.101.1 255.255.255.0


duplex auto


speed auto

!

!

interface Serial2/0


ip addres
s 200.201.202.2 255.255.255.0

!

router ospf 1


router
-
id 7.7.7.7


log
-
adjacency
-
changes


network 200.201.202.0 0.0.0.255 area 0


network 192.168.101.0 0.0.0.255 area 0

!

ip classless

line con 0

line vty 0 4


login

!

End


Router#sh ip route

Codes: C
-

conne
cted, S
-

static, I
-

IGRP, R
-

RIP, M
-

mobile, B
-

BGP


D
-

EIGRP, EX
-

EIGRP external, O
-

OSPF, IA
-

OSPF inter area


N1
-

OSPF NSSA external type 1, N2
-

OSPF NSSA external type 2


E1
-

OSPF external type 1, E2
-

OSPF external type 2
, E
-

EGP


i
-

IS
-
IS, L1
-

IS
-
IS level
-
1, L2
-

IS
-
IS level
-
2, ia
-

IS
-
IS inter area


*
-

candidate default, U
-

per
-
user static route, o
-

ODR


P
-

periodic downloaded static route


Gateway of last resort is not set



7.0.0.0/24 is su
bnetted, 1 subnets

C 7.7.7.0 is directly connected, Loopback0

O IA 192.168.1.0/24 [110/786] via 200.201.202.1, 00:40:42, Serial2/0

O IA 192.168.2.0/24 [110/785] via 200.201.202.1, 00:40:32, Serial2/0

O IA 192.168.3.0/24 [110/785] via 200.201.202.1, 0
0:40:32, Serial2/0

O 192.168.11.0/24 [110/785] via 200.201.202.1, 00:40:42, Serial2/0

O 192.168.33.0/24 [110/782] via 200.201.202.1, 00:41:32, Serial2/0

O 192.168.34.0/24 [110/782] via 200.201.202.1, 00:41:32, Serial2/0

O 192.168.50.0/24 [110/7
85] via 200.201.202.1, 00:10:35, Serial2/0

O 192.168.51.0/24 [110/785] via 200.201.202.1, 00:10:35, Serial2/0

O 192.168.52.0/24 [110/785] via 200.201.202.1, 00:10:35, Serial2/0

O 192.168.98.0/24 [110/784] via 200.201.202.1, 00:40:42, Serial2/0


Mu
ltiLayer Switch0

Switch#sh run

Building configuration...


Current configuration : 1351 bytes

!

version 12.2

no service password
-
encryption

!

hostname Switch

ip ssh version 1

!

port
-
channel load
-
balance src
-
mac

!

interface Loopback0


ip address 5.5.5.5 255.
255.255.0

!

interface FastEthernet0/1


no switchport


ip address 192.168.103.1 255.255.255.0


duplex auto


speed auto

!

interface FastEthernet0/24


no switchport


ip address 192.168.100.2 255.255.255.0


duplex auto


speed auto

!

interface GigabitEthernet0/
1

!

interface GigabitEthernet0/2

!

interface Vlan1


no ip address


shutdown

!

router ospf 1


router
-
id 5.5.5.5


log
-
adjacency
-
changes


network 192.168.103.0 0.0.0.255 area 0


network 192.168.100.0 0.0.0.255 area 0

!

router rip

!

ip classless


line con 0

li
ne vty 0 4


login

end


MultiLayer Switch1


Switch#sh run

Building configuration...


Current configuration : 1901 bytes

!

version 12.2

no service password
-
encryption

!

hostname Switch

!

ip ssh version 1

!

port
-
channel load
-
balance src
-
mac

!

interface Loopba
ck0


ip address 1.1.1.1 255.255.255.0

!

interface FastEthernet0/1


no switchport


ip address 192.168.50.1 255.255.255.0


duplex auto


speed auto

!

interface FastEthernet0/2


no switchport


ip address 192.168.51.1 255.255.255.0


ip access
-
group 1 out


duple
x auto


speed auto

!

interface FastEthernet0/3


no switchport


ip address 192.168.52.1 255.255.255.0


duplex auto


speed auto

!

interface FastEthernet0/4


channel
-
group 1 mode on

!

interface FastEthernet0/5


channel
-
group 1 mode on

!

interface Port
-
channel

1


no switchport


ip address 192.168.111.1 255.255.255.0

!

interface Vlan1


no ip address


shutdown

!

router ospf 1


router
-
id 1.1.1.1


log
-
adjacency
-
changes


network 192.168.111.0 0.0.0.255 area 0


network 192.168.50.0 0.0.0.255 area 0


network 192.168.5
1.0 0.0.0.255 area 0


network 192.168.52.0 0.0.0.255 area 0

!

router ospf 100


log
-
adjacency
-
changes


network 192.168.50.0 0.0.0.255 area 0


network 192.168.111.0 0.0.0.255 area 0


network 192.168.51.0 0.0.0.255 area 1


network 192.168.52.0 0.0.0.255 area
2

!

router rip

!

ip classless

!

access
-
list 1 permit 192.168.3.0 0.0.0.255

line con 0

line vty 0 4


login

!

!

End



Switch#sh access
-
lists

Standard IP access list 1


permit 192.168.3.0 0.0.0.255 (9 match(es))



MultiLayer Switch2

Switch#sh run

Building co
nfiguration...


Current configuration : 1776 bytes

!

version 12.2

no service password
-
encryption

!

hostname Switch

ip ssh version 1

!

port
-
channel load
-
balance src
-
mac

!

interface Loopback0


ip address 8.8.8.8 255.255.255.0

!

interface FastEthernet0/1


no
switchport


ip address 192.168.11.3 255.255.255.0


duplex auto


speed auto

!

interface FastEthernet0/2


switchport access vlan 3

!

interface FastEthernet0/3


switchport access vlan 4

!

!

interface FastEthernet0/23


no switchport


ip address 192.168.98.1 25
5.255.255.0


duplex auto


speed auto

!

interface FastEthernet0/24


no switchport


ip address 192.168.97.1 255.255.255.0


duplex auto


speed auto

!

!

interface Vlan3


ip address 192.168.2.1 255.255.255.0


ip access
-
group 2 out

!

interface Vlan4


ip address
192.168.3.1 255.255.255.0

!

router ospf 1


router
-
id 8.8.8.8


log
-
adjacency
-
changes


network 192.168.2.0 0.0.0.255 area 1


network 192.168.3.0 0.0.0.255 area 2


network 192.168.98.0 0.0.0.255 area 0


network 192.168.11.0 0.0.0.255 area 0

!

router rip

!

ip
classless

!

!

access
-
list 2 permit 192.168.50.0 0.0.0.255

!

line con 0

line vty 0 4


login

!

!

End


Switch#sh vlan


VLAN Name Status Ports

----

--------------------------------

---------

-------------------------------

1 d
efault active Fa0/1, Fa0/4, Fa0/5, Fa0/6


Fa0/7, Fa0/8, Fa0/9, Fa0/10


Fa0/11, Fa0/12, Fa0/13, Fa0/14



Fa0/15, Fa0/16, Fa0/17, Fa0/18


Fa0/19, Fa0/20, Fa0/21, Fa0/22


Fa0/23, Fa0/24, Gig0/1, Gig0/2

3 VLAN0003 active Fa0
/2

4 VLAN0004 active Fa0/3

1002 fddi
-
default active

1003 token
-
ring
-
default active

1004 fddinet
-
default active

1005 trnet
-
default active


VL
AN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

----

-----

----------

-----

------

------

--------

----

--------

------

------

1 enet 100001 1500
-

-

-

-

-

0 0

3 enet 100003 1500

-

-

-

-

-

0 0

4 enet 100004 1500
-

-

-

-

-

0 0

1002 enet 101002 1500
-

-

-

-

-

0 0



Switch#sh access
-
lists

Standard IP access list 2

permit 1
92.168.50.0 0.0.0.255




Router
2

Router#sh in s2/0

Serial2/0 is up, line protocol is up (connected)


Hardware is HD64570


Internet address is 20.1.1.1/24


MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, rely 255/255, load 1/255


Encapsulation PPP, loopbac
k not set, keepalive set (10 sec)


LCP Open


Open: IPCP, CDPCP


Last input never, output never, output hang never


Last clearing of "show interface" counters never


Input queue: 0/75/0 (size/max/drops); Total output drops: 0


Queueing strategy: weigh
ted fair


Output queue: 0/1000/64/0 (size/max total/threshold/drops)


Conversations 0/0/256 (active/max active/max total)


Reserved Conversations 0/0 (allocated/max allocated)


5 minute input rate 1 bits/sec, 0 packets/sec


5 minute output rate

1 bits/sec, 0 packets/sec


5 packets input, 200 bytes, 0 no buffer


Received 0 broadcasts, 0 runts, 0 giants, 0 throttles


0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort


5 packets output, 200 bytes, 0 underruns


0 output errors, 0 collisions, 1 interface resets


0 output buffer failures, 0 output buffers swapped out


0 carrier transitions


DCD=up DSR=up DTR=up RTS=up CTS=up





测试结果

1


除了
PC1

PC6
之外。其余都可以与
SERVER
相连接
,,
所有
PC
机与帧中继处的路由器
不相通






2


PC6
只有
PC2
才能
PING
通,




3


PC1
只有
PC3
能够
PING