数通A+实训

博主：远方
发布时间：2021 年 08 月 20 日
713 次浏览
暂无评论
5856字数
分类：数通中级

批注 2021-08-20 161810.png

ABC公司简介
公司下属两个部门（VLAN11,VLAN12）
ABC公司网络需求
公司的两个部门之间可以互访，可以访问Internet，
ABC公司网络建设要求

一.网络VLAN和IP地址。

二.第二层技术：

VLAN。
Trunk（封装为802.1Q）。
定制STP Root实现负载均衡。
使用Eth-Trunk。
使用MSTP

三.第三层技术：

路由：使用动态或静态路由。
DHCP Server：为所有IP网段分配IP。
使用NAT访问Internet。
用VRRP实现负载均衡和冗余。
VLAN 11 通过 ISP1（6.6.6.6）访问internet。
VLAN 12 通过 ISP2（7.7.7.7）访问internet。

syst
sysn ASW1
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q

user-interf con 0
idle-t 0 0
q

syst
sysn ASW2
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
quser-interf con 0
idle-t 0 0
q

syst
sysn DSW1
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 110q
dhcp enable
ip pool vlan11
network 10.0.11.0 mask 255.255.255.0
gateway-list 10.0.11.254
dns-list 100.100.100.100

MSTP

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 4096
stp instance 2 prio 8192int vlanif 11
ip add 10.0.11.1 24
vrrp vrid 11 virtual-ip 10.0.11.254
vrrp vrid 11 prio 110
dhcp select global
int vlanif 12
ip add 10.0.12.1 24
vrrp vrid 12 virtual-ip 10.0.12.254int vlanif 110
ip add 10.1.1.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q

syst
sysn DSW2
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 120
dhcp enable
ip pool vlan12
network 10.0.12.0 mask 255.255.255.0
gateway-list 10.0.12.254
dns-list 100.100.100.100

MSTP

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 8192
stp instance 2 prio 4096int vlanif 11
ip add 10.0.11.2 24
vrrp vrid 11 virtual-ip 10.0.11.254
int vlanif 12
ip add 10.0.12.2 24
vrrp vrid 12 virtual-ip 10.0.12.254
vrrp vrid 12 prio 110
dhcp select globalint vlanif 120
ip add 10.1.2.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q

CR1

syst
sysn CR1
int g0/0/0
ip add 10.1.1.2 24
int g0/0/1
ip add 10.2.1.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.1.1

CR2

syst
sysn CR2
int g0/0/0
ip add 10.1.2.2 24
int g0/0/1
ip add 10.2.2.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.2.1

syst
sys FW1
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.1.1 24
int g0/0/1
ip add 6.6.6.5 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
return

NAT

sys
nat address-group 1 6.6.6.5 6.6.6.5
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 6.6.6.6ip ttl-expires enable
ip unreachables enabledisplay firewall session table

syst
sys FW2
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.2.1 24
int g0/0/1
ip add 7.7.7.6 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
returnsys
nat address-group 1 7.7.7.6 7.7.7.6
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 7.7.7.7
ip ttl-expires enable
ip unreachables enabledisplay firewall session table

ISP1

syst
sysn ISP1
dhcp enable
int g0/0/0
ip add 5.0.13.1 24
int g0/0/1
ip add 6.6.6.6 24
dhcp select int
bgp 100
peer 5.0.13.3 as-number 300
network 6.6.6.0 255.255.255.0
return

ISP2

syst
sysn ISP2
dhcp enable
int g0/0/0
ip add 5.0.23.2 24
int g0/0/1
ip add 7.7.7.7 24
dhcp select int
bgp 200
peer 5.0.23.3 as-number 300
network 7.7.7.0 255.255.255.0
return

ISP3

syst
sysn ISP3
int g0/0/0
ip add 5.0.13.3 24
int g0/0/1
ip add 100.100.100.1 24
int g0/0/2
ip add 5.0.23.3 24
bgp 300
peer 5.0.13.1 as-number 100
peer 5.0.23.2 as-number 200
network 100.100.100.0 255.255.255.0
returndis ip int br
dis ip rout

最后修改：2023 年 05 月 02 日

如果觉得我的文章对你有用，请随意赞赏

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

评论 *

私密评论

名称 *

🎲

邮箱 *

地址

刚下飞机的打工人
感谢分享；2.1的可以刷吗
按时鉴定会
感谢分享
453698
很好
4+32刷了armbian
我也是刷了2.75G，根据op大的说法是uboot适配问题，跟...
hong
感谢分享

VLAN实验
浏览次数: 618
防火墙firewalld
浏览次数: 651
序号命名BAT
浏览次数: 771
配置本地源
浏览次数: 421
实验环境介绍与搭建
浏览次数: 621

数通A+实训

远方 • 2021 年 08 月 20 日

<p><img src="https://www.runyf.cn/usr/uploads/2021/08/3079974723.png" alt="批注 2021-08-20 161810.png" title="批注 2021-08-20 161810.png" style=""><br><div class="tab-container post_tab box-shadow-wrap-lg">
<ul class="nav no-padder b-b scroll-hide" role="tablist">
<li class='nav-item active' role="presentation"><a class='nav-link active' style="" data-toggle="tab" 
aria-controls='tabs-657760711ae13d0c19c6ebc117e390bf490' role="tab" data-target='#tabs-657760711ae13d0c19c6ebc117e390bf490'>需求</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-8aed7b10dbfa969bc10f48903f43301c441' role="tab" data-target='#tabs-8aed7b10dbfa969bc10f48903f43301c441'>ASW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-05dd69e7228b09599a2a40be63ee22ff322' role="tab" data-target='#tabs-05dd69e7228b09599a2a40be63ee22ff322'>ASW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-f1fa01e2d18bb1408736d7dc32af8176523' role="tab" data-target='#tabs-f1fa01e2d18bb1408736d7dc32af8176523'>DSW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-18cb1df2cdb712618f3f63a7a574ebd6494' role="tab" data-target='#tabs-18cb1df2cdb712618f3f63a7a574ebd6494'>DSW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-c51382c821a9635fdea2d44c90cf9a25945' role="tab" data-target='#tabs-c51382c821a9635fdea2d44c90cf9a25945'>CR1 CR2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-3167109331779fc32d29a45d531a7230436' role="tab" data-target='#tabs-3167109331779fc32d29a45d531a7230436'>FW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-8644ed47ece8a81500ba379f05e7b34b267' role="tab" data-target='#tabs-8644ed47ece8a81500ba379f05e7b34b267'>FW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-e903d20ee54ce3832ae57f7f1805c965858' role="tab" data-target='#tabs-e903d20ee54ce3832ae57f7f1805c965858'>ISP</a></li>
</ul>
<div class="tab-content no-border">
<div role="tabpanel" id='tabs-657760711ae13d0c19c6ebc117e390bf490' class="tab-pane fade active in">
            <br>ABC公司简介<br>公司下属两个部门（VLAN11,VLAN12）<br>ABC公司网络需求<br>公司的两个部门之间可以互访，可以访问Internet，<br>ABC公司网络建设要求</p><h4>一.网络VLAN和IP地址。</h4><h4>二.第二层技术：</h4><ol><li>VLAN。</li><li>Trunk（封装为802.1Q）。</li><li>定制STP Root实现负载均衡。</li><li>使用Eth-Trunk。</li><li>使用MSTP</li></ol><h4>三.第三层技术：</h4><ol><li>路由：使用动态或静态路由。</li><li>DHCP Server：为所有IP网段分配IP。</li><li>使用NAT访问Internet。</li><li>用VRRP实现负载均衡和冗余。</li><li>VLAN 11 通过 ISP1（6.6.6.6）访问internet。<br>VLAN 12 通过 ISP2（7.7.7.7）访问internet。</li></ol><p></div><div role="tabpanel" id='tabs-8aed7b10dbfa969bc10f48903f43301c441' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn ASW1
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q

user-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-05dd69e7228b09599a2a40be63ee22ff322' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn ASW2
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-f1fa01e2d18bb1408736d7dc32af8176523' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn DSW1
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 110q
dhcp enable
ip pool vlan11
network 10.0.11.0 mask 255.255.255.0
gateway-list 10.0.11.254
dns-list 100.100.100.100</code></pre><h4>MSTP</h4><pre><code class="lang-shell">stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 4096
stp instance 2 prio 8192int vlanif 11
ip add 10.0.11.1 24
vrrp vrid 11 virtual-ip 10.0.11.254
vrrp vrid 11 prio 110
dhcp select global
int vlanif 12
ip add 10.0.12.1 24
vrrp vrid 12 virtual-ip 10.0.12.254int vlanif 110
ip add 10.1.1.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-18cb1df2cdb712618f3f63a7a574ebd6494' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn DSW2
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 120
dhcp enable
ip pool vlan12
network 10.0.12.0 mask 255.255.255.0
gateway-list 10.0.12.254
dns-list 100.100.100.100</code></pre><h4>MSTP</h4><pre><code class="lang-shell">stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 8192
stp instance 2 prio 4096int vlanif 11
ip add 10.0.11.2 24
vrrp vrid 11 virtual-ip 10.0.11.254
int vlanif 12
ip add 10.0.12.2 24
vrrp vrid 12 virtual-ip 10.0.12.254
vrrp vrid 12 prio 110
dhcp select globalint vlanif 120
ip add 10.1.2.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-c51382c821a9635fdea2d44c90cf9a25945' class="tab-pane fade  ">
            </p><h4>CR1</h4><pre><code class="lang-shell">syst
sysn CR1
int g0/0/0
ip add 10.1.1.2 24
int g0/0/1
ip add 10.2.1.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.1.1</code></pre><h4>CR2</h4><pre><code class="lang-shell">syst
sysn CR2
int g0/0/0
ip add 10.1.2.2 24
int g0/0/1
ip add 10.2.2.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.2.1</code></pre><p></div><div role="tabpanel" id='tabs-3167109331779fc32d29a45d531a7230436' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sys FW1
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.1.1 24
int g0/0/1
ip add 6.6.6.5 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
return</code></pre><h4>NAT</h4><pre><code class="lang-shell">sys
nat address-group 1 6.6.6.5 6.6.6.5
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 6.6.6.6ip ttl-expires enable
ip unreachables enabledisplay firewall session table</code></pre><p></div><div role="tabpanel" id='tabs-8644ed47ece8a81500ba379f05e7b34b267' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sys FW2
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.2.1 24
int g0/0/1
ip add 7.7.7.6 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
returnsys
nat address-group 1 7.7.7.6 7.7.7.6
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 7.7.7.7
ip ttl-expires enable
ip unreachables enabledisplay firewall session table</code></pre><p></div><div role="tabpanel" id='tabs-e903d20ee54ce3832ae57f7f1805c965858' class="tab-pane fade  ">
            </p><h4>ISP1</h4><pre><code class="lang-shell">syst
sysn ISP1
dhcp enable
int g0/0/0
ip add 5.0.13.1 24
int g0/0/1
ip add 6.6.6.6 24
dhcp select int
bgp 100
peer 5.0.13.3 as-number 300
network 6.6.6.0 255.255.255.0
return</code></pre><h4>ISP2</h4><pre><code class="lang-shell">syst
sysn ISP2
dhcp enable
int g0/0/0
ip add 5.0.23.2 24
int g0/0/1
ip add 7.7.7.7 24
dhcp select int
bgp 200
peer 5.0.23.3 as-number 300
network 7.7.7.0 255.255.255.0
return</code></pre><h4>ISP3</h4><pre><code class="lang-shell">syst
sysn ISP3
int g0/0/0
ip add 5.0.13.3 24
int g0/0/1
ip add 100.100.100.1 24
int g0/0/2
ip add 5.0.23.3 24
bgp 300
peer 5.0.13.1 as-number 100
peer 5.0.23.2 as-number 200
network 100.100.100.0 255.255.255.0
returndis ip int br
dis ip rout</code></pre><p></div>
</div>
</div></p>

数通A+实训

一.网络VLAN和IP地址。

二.第二层技术：

三.第三层技术：

MSTP

MSTP

CR1

CR2

NAT

ISP1

ISP2

ISP3

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

ZXV10 B860AV3.2-M机顶盒刷armbian教程

ELK安装教程

给360t7路由器刷OpenWrt，130元左右的路由器价格体验如何

使用bat批处理快速切换网卡配置脚本

迪普交换机修改账户密码为默认

VLAN实验

防火墙firewalld

序号命名BAT

配置本地源

实验环境介绍与搭建

数通A+实训

一.网络VLAN和IP地址。

二.第二层技术：

三.第三层技术：

MSTP

MSTP

CR1

CR2

NAT

ISP1

ISP2

ISP3

发表评论 取消回复 使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

数通A+实训

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款