基于DHCP,ACL的通信

发布于:2024-11-29 ⋅ 阅读:(18) ⋅ 点赞:(0)

该问题为华为的学习资料

1.首先把所有的PC机全部设置为DHCP

2.配置地址

3.ospf

4.dhcp

5.acl

AR1
dhcp en
interface GigabitEthernet0/0/0
 ip address 192.168.1.254 255.255.255.0 
 dhcp select global
interface GigabitEthernet0/0/1
 ip address 10.1.12.1 255.255.255.0 
 dhcp select global
ospf 1 router-id 1.1.1.1 
 area 0.0.0.1 
  network 10.1.12.1 0.0.0.0 
  network 192.168.1.254 0.0.0.0 
ip pool SW1
 gateway-list 192.168.1.254 
 network 192.168.1.0 mask 255.255.255.0 
 excluded-ip-address 192.168.1.3 192.168.1.253

AR2
dhcp en
interface GigabitEthernet0/0/0
 ip address 192.168.2.254 255.255.255.0 
 dhcp select global
interface GigabitEthernet0/0/1
 ip address 10.1.12.2 255.255.255.0 
 dhcp select global
ospf 1 router-id 2.2.2.2
 area 0.0.0.1 
  network 10.1.12.2 0.0.0.0 
  network 192.168.2.254 0.0.0.0 
ip pool SW2
 gateway-list 192.168.2.254 
 network 192.168.2.0 mask 255.255.255.0 

LSW2
time-range test 9:00 to 18:00 0
acl number 3002
 rule 5 permit ip source 192.168.1.1 0 destination 192.168.2.252 0
interface GigabitEthernet0/0/2 time-range text
int g 0/0/2
 traffic-filter outbound acl 3002

结果:

 

PC1无法ping通PC3,其他PC之间均是可以通信的

因个人能力有限,笔者发现,在使用acl时,不知在permit时间范围以外,pc1给pc3的报文是否是默认拒绝通过,还有待验证

如有问题,可以使用更好的时间范围,或者多个时间范围的联合

如有错误,还请指正