拓扑图

题目要求

实验要求：

1、PC1\PC2\PC3\PC4采用DHCP自动获取IP地址，SW5作为服务器，SW3和SW4作为中继

创建地址池ip pool huawei1和ip pool huawei2，租期都为2天

2、SW3与SW4做链路聚合，采用LACP模式。SW3作为主交换机，优先级为0

抢占延时时间为10秒

让G0/0/4接口成为非活跃链路，优先级为65000

3、在SW3\SW4\SW5构成的环形链路中，让SW5为主交换机，优先级为4096

4、在AR1位置做地址转换，采用NAPT方式，地址池范围200.1.1.10-200.1.1.20

client访问内网服务器server1时，采用NAT server，用公网ip200.1.1.100替代10.1.3.1

实现client可以ping通200.1.1.100

5、配置全网，实现内网PC可以访问外网client202.1.1.1

解析

LSW1：

[Huawei]sy LSW1
[LSW1]v b 10
[LSW1]int e0/0/1
[LSW1-Ethernet0/0/1]port link-t a
[LSW1-Ethernet0/0/1]po de v 10
[LSW1-Ethernet0/0/1]int e0/0/2
[LSW1-Ethernet0/0/2]port link-t a
[LSW1-Ethernet0/0/2]po de v 10
[LSW1-Ethernet0/0/2]int e0/0/3
[LSW1-Ethernet0/0/3]port link-t t
[LSW1-Ethernet0/0/3]po t a v 101.2.3.4.5.6.7.8.9.10.11.

LSW2：

[LSW2]v b 20
[LSW2]int e0/0/1
[LSW2-Ethernet0/0/1]po link-t a
[LSW2-Ethernet0/0/1]po de v 20
[LSW2-Ethernet0/0/1]int e0/0/2
[LSW2-Ethernet0/0/2]po link-t a
[LSW2-Ethernet0/0/2]po de v 20
[LSW2-Ethernet0/0/2]int e0/0/3
[LSW2-Ethernet0/0/3]po link-t t
[LSW2-Ethernet0/0/3]po t a v 201.2.3.4.5.6.7.8.9.10.

LSW3：

[LSW3]int et 1
[LSW3-Eth-Trunk1]mode lacp-static
[LSW3-Eth-Trunk1]trunkport g0/0/3
[LSW3-Eth-Trunk1]trunkport g0/0/4
[LSW3-Eth-Trunk1]trunkport g0/0/5
[LSW3-Eth-Trunk1]q
[LSW3]lacp priority 0
[LSW3]int et 1
[LSW3-Eth-Trunk1]lacp preempt enable
[LSW3-Eth-Trunk1]lacp preempt delay 10
[LSW3-Eth-Trunk1]max active-linknumber 2
[LSW3-GigabitEthernet0/0/3]int g0/0/4
[LSW3-GigabitEthernet0/0/4]lacp priority 65000
[LSW3-GigabitEthernet0/0/4]int et 1
[LSW3-Eth-Trunk1]port link-type t
[LSW3-Eth-Trunk1]po t a v 34
[LSW3-Eth-Trunk1]int v 34
[LSW3-Vlanif34]ip ad 34.1.1.3 24

[LSW3]stp mode stp
[LSW3]ip route-static 0.0.0.0 0 30.1.1.51.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16.17.18.19.20.21.22.

LSW4：

[LSW4]v b 20 34 40
[LSW4]int g0/0/1
[LSW4-GigabitEthernet0/0/1]po link-t t
[LSW4-GigabitEthernet0/0/1]po t a v 20
[LSW4-GigabitEthernet0/0/1]int g0/0/2
[LSW4-GigabitEthernet0/0/2]po link-t t
[LSW4-GigabitEthernet0/0/2]po t a v 40
[LSW4-GigabitEthernet0/0/2]q
[LSW4]dhcp enable
[LSW4]dhcp server group bosai2
[LSW4-dhcp-server-group-bosai2]dhcp-server 40.1.1.5
[LSW4-dhcp-server-group-bosai2]int vlan 40
[LSW4-Vlanif40]ip ad 40.1.1.4 24
[LSW4-Vlanif40]int vlan 20
[LSW4-Vlanif20]ip ad 10.1.2.254 24
[LSW4-Vlanif20]dhcp select relay
[LSW4-Vlanif20]dhcp relay server-select bosai2
[LSW4-Vlanif20]q
[LSW4]ospf router-id 4.4.4.4
[LSW4-ospf-1]a 1
[LSW4-ospf-1-area-0.0.0.1]net 10.1.2.0 0.0.0.255
[LSW4-ospf-1-area-0.0.0.1]net 40.1.1.0 0.0.0.255
[LSW4-ospf-1-area-0.0.0.1]net 34.1.1.0 0.0.0.255
[LSW4-ospf-1-area-0.0.0.1]int et 1
[LSW4-Eth-Trunk1]mode lacp-static
[LSW4-Eth-Trunk1]trunkport g0/0/3
[LSW4-Eth-Trunk1]trunkport g0/0/4
[LSW4-Eth-Trunk1]trunkport g0/0/5
[LSW4-Eth-Trunk1]lacp preempt enable
[LSW4-Eth-Trunk1]lacp preempt delay 10
[LSW4-Eth-Trunk1]max active-linknumber 2
[LSW4-Eth-Trunk1]q
[LSW4]int et 1
[LSW4-Eth-Trunk1]po link-t t
[LSW4-Eth-Trunk1]po t a v 34
[LSW4-Eth-Trunk1]int vlan 34
[LSW4-Vlanif34]ip ad 34.1.1.4 24

[LSW4]stp mode stp
[LSW4]ip route-static 0.0.0.0 0 40.1.1.51.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16.17.18.19.20.21.22.23.24.25.26.27.28.29.30.31.32.33.34.35.36.37.38.39.40.

LSW5：

[LSW5]int g0/0/1
[LSW5-GigabitEthernet0/0/1]po link-t t
[LSW5-GigabitEthernet0/0/1]po t a v 30
[LSW5-GigabitEthernet0/0/1]int g0/0/2
[LSW5-GigabitEthernet0/0/2]po link-t t
[LSW5-GigabitEthernet0/0/2]po t a v 40
[LSW5]v b 30 40 15
[LSW5]int g0/0/3
[LSW5-GigabitEthernet0/0/3]po link-t a
[LSW5-GigabitEthernet0/0/3]po de v 15
[LSW5-GigabitEthernet0/0/3]q
[LSW5]dhcp enable
[LSW5]ip pool huawei1
[LSW5-ip-pool-huawei1]gateway-list 10.1.1.254
[LSW5-ip-pool-huawei1]network 10.1.1.0 mask 24
[LSW5-ip-pool-huawei1]int vlan 30
[LSW5-Vlanif30]ip ad 30.1.1.5 24
[LSW5-Vlanif30]dhcp select global
[LSW5-Vlanif30]q
[LSW5]ospf router-id 5.5.5.5
[LSW5-ospf-1]a 1
[LSW5-ospf-1-area-0.0.0.1]net 30.1.1.0 0.0.0.255
[LSW5-ospf-1-area-0.0.0.1]net 15.1.1.0 0.0.0.255
[LSW5-ospf-1-area-0.0.0.1]q
[LSW5-ospf-1]q
[LSW5]ip route-static 10.1.1.0 24 30.1.1.3
[LSW5]ip pool huawei2
[LSW5-ip-pool-huawei2]gateway-list 10.1.2.254
[LSW5-ip-pool-huawei2]network 10.1.2.0 mask 24
[LSW5-ip-pool-huawei2]int vlan 40
[LSW5-Vlanif40]ip ad 40.1.1.5 24
[LSW5-Vlanif40]dhcp select global
[LSW5-Vlanif40]q
[LSW5]ip route-static 10.1.2.0 24 40.1.1.4
[LSW5]ip pool huawei1
[LSW5-ip-pool-huawei1]lease day 2
[LSW5-ip-pool-huawei1]q
[LSW5]ip pool huawei2
[LSW5-ip-pool-huawei2]lease day 2
[LSW5-ip-pool-huawei2]int vlan 15
[LSW5-Vlanif15]ip ad 15.1.1.5 24
[LSW5-Vlanif15]ospf ro 5.5.5.5
[LSW5-ospf-1]a 1
[LSW5-ospf-1-area-0.0.0.1]net 40.1.1.0 0.0.0.255

[LSW5]stp mode stp
[LSW5]stp priority 4096
[LSW5]iproutestatic0.0.0.0015.1.1.11.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16.17.18.19.20.21.22.23.24.25.26.27.28.29.30.31.32.33.34.35.36.37.38.39.40.41.42.43.44.45.46.47.48.49.

R1：

[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip ad 15.1.1.1 24
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip ad 12.1.1.1 24
[R1-GigabitEthernet0/0/1]int g0/0/2
[R1-GigabitEthernet0/0/2]ip ad 10.1.3.254 24
[R1-GigabitEthernet0/0/2]q
[R1]ospf router-id 11.1.1.1
[R1-ospf-1]a 1
[R1-ospf-1-area-0.0.0.1]net 12.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.1]net 10.1.3.0 0.0.0.255
[R1-ospf-1-area-0.0.0.1]net 15.1.1.0 0.0.0.255
[R1]ip route-static 0.0.0.0 0 12.1.1.21.2.3.4.5.6.7.8.9.10.11.12.13.

R2：

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip ad 12.1.1.2 24
[R2-GigabitEthernet0/0/0]int g0/0/1
[R2-GigabitEthernet0/0/1]ip ad 23.1.1.2 24
[R2-GigabitEthernet0/0/1]int g0/0/2
[R2-GigabitEthernet0/0/2]ip ad 24.1.1.2 24
[R2-GigabitEthernet0/0/2]q
[R2]ospf ro 22.1.1.1
[R2-ospf-1]a 1
[R2-ospf-1-area-0.0.0.1]net 12.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.1]q
[R2-ospf-1]a 0
[R2-ospf-1-area-0.0.0.0]net 23.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]net 24.1.1.0 0.0.0.255

[R2]ip route-static 0.0.0.0 0 23.1.1.3
[R2]ip route-static 0.0.0.0 0 24.1.1.41.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16.17.

R3：

[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip ad 23.1.1.3 24
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]ip ad 35.1.1.3 24
[R3-GigabitEthernet0/0/1]q
[R3]ospf ro 33.1.1.1
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]net 23.1.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]net 35.1.1.0 0.0.0.255

[R3]ip route-static 0.0.0.0 0 35.1.1.51.2.3.4.5.6.7.8.9.10.11.12.

R4：

[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip ad 24.1.1.4 24
[R4-GigabitEthernet0/0/0]int g0/0/1
[R4-GigabitEthernet0/0/1]ip ad 45.1.1.4 24
[R4-GigabitEthernet0/0/1]q
[R4]ospf ro 44.1.1.1
[R4-ospf-1]a 0
[R4-ospf-1-area-0.0.0.0]net 24.1.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]net 45.1.1.0 0.0.0.255

[R4]ip route-static 0.0.0.0 0 45.1.1.51.2.3.4.5.6.7.8.9.10.11.12.

R5：

[R5]ip route-static 0.0.0.0 0 51.1.1.11.

LSW6：

[LSW6]int e0/0/1
[LSW6-Ethernet0/0/1]q
[LSW6]v b 50 60
[LSW6]int e0/0/1
[LSW6-Ethernet0/0/1]po link-t t
[LSW6-Ethernet0/0/1]po t a v 50 60
[LSW6-Ethernet0/0/1]int e0/0/2
[LSW6-Ethernet0/0/2]po link-t a
[LSW6-Ethernet0/0/2]po de v 50
[LSW6-Ethernet0/0/2]int e0/0/3
[LSW6-Ethernet0/0/3]po link-t a
[LSW6-Ethernet0/0/3]po de v 601.2.3.4.5.6.7.8.9.10.11.12.

[AR1-acl-basic-2000]rule permit source 10.1.1.0 0.0.0.255
[AR1-acl-basic-2000]rule permit source 10.1.2.0 0.0.0.255
[AR1-acl-basic-2000]rule permit source 10.1.3.0 0.0.0.255
[AR1-acl-basic-2000]rule permit source 60.1.1.0 0.0.0.255
[AR1-acl-basic-2000]rule permit source 50.1.1.0 0.0.0.255
[AR1-acl-basic-2000]q
[AR1]nat address-group 1 200.1.1.10 200.1.1.20
[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]nat outbound 2000 address-group 1
[AR1-GigabitEthernet0/0/1]nat server global 200.1.1.100 inside 10.1.3.11.2.3.4.5.6.7.8.9.10.

AR2：
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip ad 200.1.1.2 24
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]ip ad 202.1.1.254 241.2.3.4.5.

转载:https://blog.51cto.com/u_15964895/6839898