实验需求
1、全网可达
2、拓扑中所需地址全部基于192.168.0.0/24划分所得
3、静态路由(不许使用其他动态)
4、R1的有三个环回,需要汇总
DNS、http部分属于扩展部分,模拟网页访问,了解即可
实验拓扑
分析过程
这个实验要求使用静态路由,所以配置比较繁琐,需要写多条静态路由,干就完事了
首先根据这个拓扑图可以看出他需要内网需要11个网段,外网需要2个网段
仔细思考,其实我们只需要把192.168.0.0/24划分四个网段即可
划分如下:
192.168.0.0/24
192.168.0.0/26 --- 骨干链路
192.168.0.0/30
192.168.0.4/30
192.168.0.8/30
192.168.0.12/30
192.168.0.16/30
192.168.0.20/30
192.168.0.24/30
192.168.0.28/30 --- 剩下的方便后期扩展
...
192.168.0.64/26 --- vlan2
192.168.0.128/26 --- vlan3
192.168.0.192/26 --- r1的三个环回
192.168.0.192/28
192.168.0.208/28
192.168.0.224/28
注:vlan2和vlan3可以只需要使用192.168.0.64/26网段,再把该网段划分为两个子网
192.168.0.128/26 可以方便后期扩展Tips:一般点对点我们可以划分为/30,MA可以划分/29,合理规划ip,避免地址浪费
因为这个拓扑中使用到了NAT网络地址转换,内网的所以路由需要写一条缺省路由到达边界,边界也需要一条缺省路由到达服务器
配置内容
【R1】
【配置接口ip】
#
interface GigabitEthernet0/0/0
ip address 192.168.0.1 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.0.9 255.255.255.252
#
interface GigabitEthernet0/0/2
#
interface NULL0
【配置r1的三个环回】
#
interface LoopBack0
ip address 192.168.0.193 255.255.255.240
#
interface LoopBack1
ip address 192.168.0.209 255.255.255.240
#
interface LoopBack2
ip address 192.168.0.225 255.255.255.240
#
【用静态路由到达每个网段,形成路由表】
格式:ip route-static 到达网段 下一跳
ip route-static 0.0.0.0 0.0.0.0 192.168.0.2
ip route-static 0.0.0.0 0.0.0.0 192.168.0.10 ------ 负载均衡
ip route-static 192.168.0.4 255.255.255.252 192.168.0.2
ip route-static 192.168.0.12 255.255.255.252 192.168.0.10
ip route-static 192.168.0.16 255.255.255.252 192.168.0.2
ip route-static 192.168.0.16 255.255.255.252 192.168.0.10
ip route-static 192.168.0.20 255.255.255.252 192.168.0.10
ip route-static 192.168.0.20 255.255.255.252 192.168.0.2
ip route-static 192.168.0.64 255.255.255.192 192.168.0.10
ip route-static 192.168.0.128 255.255.255.192 192.168.0.10【R2】
【配置接口ip】
#
interface GigabitEthernet0/0/0
ip address 192.168.0.2 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.0.5 255.255.255.252
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
【写路由表】
ip route-static 0.0.0.0 0.0.0.0 192.168.0.6
ip route-static 192.168.0.8 255.255.255.252 192.168.0.1
ip route-static 192.168.0.12 255.255.255.252 192.168.0.6
ip route-static 192.168.0.16 255.255.255.252 192.168.0.6
ip route-static 192.168.0.20 255.255.255.252 192.168.0.6
ip route-static 192.168.0.64 255.255.255.192 192.168.0.1
ip route-static 192.168.0.128 255.255.255.192 192.168.0.6
ip route-static 192.168.0.192 255.255.255.192 192.168.0.1【R3】
R3路由包括下面的交换机连接的各个pc,它们被划分了vlan2和vlan3,一个vlan等于一个网段,一个网段等于一个广播域,所以这里用到了 单臂路由技术 ,会用到DHCP动态分发地址给不同网段的PC端。
dhcp enable
【vlan2的地址池】
#
ip pool 2
gateway-list 192.168.0.65
network 192.168.0.64 mask 255.255.255.192
dns-list 114.114.114.114 8.8.8.8
#
【vlan3的地址池】
ip pool 3
gateway-list 192.168.0.129
network 192.168.0.128 mask 255.255.255.192
dns-list 114.114.114.114 8.8.8.8
【配置接口ip】
#
interface GigabitEthernet0/0/0
ip address 192.168.0.13 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.0.10 255.255.255.252
【在接口启用DHCP服务】
#
interface GigabitEthernet0/0/2
dhcp select global
#
interface GigabitEthernet0/0/2.2
dot1q termination vid 2
ip address 192.168.0.65 255.255.255.192
arp broadcast enable
dhcp select global
#
interface GigabitEthernet0/0/2.3
dot1q termination vid 3
ip address 192.168.0.129 255.255.255.192
arp broadcast enable
dhcp select global
#
interface NULL0
【生成路由表】
ip route-static 0.0.0.0 0.0.0.0 192.168.0.14
ip route-static 192.168.0.0 255.255.255.252 192.168.0.9
ip route-static 192.168.0.4 255.255.255.252 192.168.0.14
ip route-static 192.168.0.16 255.255.255.252 192.168.0.14
ip route-static 192.168.0.20 255.255.255.252 192.168.0.14
ip route-static 192.168.0.192 255.255.255.192 192.168.0.9【R4】
r4连接r5路由需要做一个浮动静态,正常走1000M,备用走100M。
【配置接口ip】
interface GigabitEthernet0/0/0
ip address 192.168.0.6 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.0.14 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 192.168.0.17 255.255.255.252
#
interface GigabitEthernet4/0/0
ip address 192.168.0.21 255.255.255.252
#
interface NULL0
【生成路由表】
ip route-static 0.0.0.0 0.0.0.0 192.168.0.18
ip route-static 0.0.0.0 0.0.0.0 192.168.0.22
ip route-static 100.1.1.0 255.255.255.0 192.168.0.22
ip route-static 100.1.1.0 255.255.255.0 192.168.0.18 preference 61 ---- 浮动静态
ip route-static 192.168.0.0 255.255.255.252 192.168.0.5
ip route-static 192.168.0.8 255.255.255.252 192.168.0.13
ip route-static 192.168.0.64 255.255.255.192 192.168.0.13
ip route-static 192.168.0.128 255.255.255.192 192.168.0.13
ip route-static 192.168.0.192 255.255.255.192 192.168.0.13
ip route-static 192.168.0.192 255.255.255.192 192.168.0.5【R5】
r5作为边界路由,用作NAT网络地址转换,还需要做一个端口映射,区分http服务器的端口
【定义私有地址范围,通俗来说私网内要上网的ip有哪些】
acl number 2000
rule 5 permit source 192.168.0.0 0.0.0.255 # 子网掩码使用反掩码
【配置接口ip】
interface GigabitEthernet0/0/0
ip address 192.168.0.18 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 100.1.1.1 255.255.255.0
【配置端口映射】
nat server protocol tcp global current-interface 80 inside 100.1.2.2 80
nat server protocol tcp global current-interface 8888 inside 100.1.2.3 80
【在出接口调用acl规则】
nat outbound 2000
#
interface GigabitEthernet0/0/2
ip address 192.168.0.22 255.255.255.252
#
interface NULL0
#
【生成路由表】
格式:ip route-static 到达网段 出接口 下一跳
ip route-static 0.0.0.0 0.0.0.0 100.1.1.2
ip route-static 192.168.0.0 255.255.255.252 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.0 255.255.255.252 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.4 255.255.255.252 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.4 255.255.255.252 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.8 255.255.255.252 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.8 255.255.255.252 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.12 255.255.255.252 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.12 255.255.255.252 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.64 255.255.255.192 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.64 255.255.255.192 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.128 255.255.255.192 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.128 255.255.255.192 GigabitEthernet0/0/2 192.168.0.21
ip route-static 192.168.0.192 255.255.255.192 GigabitEthernet0/0/0 192.168.0.17
ip route-static 192.168.0.192 255.255.255.192 GigabitEthernet0/0/2 192.168.0.21【ISP】
r6作为运营商
【配置接口ip】
interface GigabitEthernet0/0/0
ip address 100.1.1.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 100.1.2.1 255.255.255.0 【SW1】
【创建两个vlan】
vlan batch 2 to 3
【g0/0/1和g0/0/2口作为trunk口】
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 3
【以下接口作为access口】
interface Ethernet0/0/3
port link-type access
port default vlan 2
#
interface Ethernet0/0/4
port link-type access
port default vlan 3
#
interface Ethernet0/0/5
port link-type access
port default vlan 2
#
interface Ethernet0/0/6
port link-type access
port default vlan 2【SW2】
vlan batch 2 to 3
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
interface Ethernet0/0/2
port link-type access
port default vlan 2
#
interface Ethernet0/0/3
port link-type access
port default vlan 3 【http1】
【http2】
【DNS】
注意: DNS需要手动启动
Client端配置如下,需要写上DNS服务器地址
测试
PC1访问公网地址100.1.1.2
用Client端访问www.baidu.com
用R1的环回ping公网地址
本文含有隐藏内容,请 开通VIP 后查看