下载链接
通过网盘分享的文件:MSTP+VRRP+DHCP拓扑图
链接: https://pan.baidu.com/s/1ehRwRQ-WzKC8PsUHsTe70Q?pwd=345d 提取码: 345d
PC1
PC2
PC5
AR1
为AR1各端口配置IP地址
<Huawei>sys
[Huawei]un in en
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 1.1.1.1 24
[Huawei-GigabitEthernet0/0/0]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip add 2.2.2.1 24
[Huawei-GigabitEthernet0/0/1]int g0/0/2
[Huawei-GigabitEthernet0/0/2]ip add 6.6.6.1 24设置两条静态让所有地址发向2,3
[Huawei]ip route-static 0.0.0.0 0 6.6.6.2
[Huawei]ip route-static 0.0.0.0 0 6.6.6.3OSPF多区域通信,使各设备遇到陌生IP都发往AR1
[Huawei]ospf
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]default-route-advertise always
[Huawei-ospf-1]q激活dhcp协议,设立两种地址池
[Huawei]dhcp en
[Huawei]ip pool 10
[Huawei-ip-pool-10]network 192.168.10.0 mask 24
[Huawei-ip-pool-10]gateway-list 192.168.10.254
[Huawei-ip-pool-10]dns-list 1.2.4.8 8.8.8.8
[Huawei-ip-pool-10]q
[Huawei]ip pool 20
[Huawei-ip-pool-20]network 192.168.20.0 mask 24
[Huawei-ip-pool-20]gateway-list 192.168.20.254
[Huawei-ip-pool-20]dns-list 1.2.4.8 8.8.8.8
[Huawei-ip-pool-20]q建立全局通信,使不同vlan都可以通过全局DHCP服务器获取 IP,实现跨网段地址分配。
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]dhcp select global
[Huawei-GigabitEthernet0/0/0]int g0/0/1
[Huawei-GigabitEthernet0/0/1]dhcp select global
[Huawei-GigabitEthernet0/0/1]q
[Huawei]dis cuSW4
创建不同vlan,并为其配置IP地址
<Huawei>SYS
[Huawei]un in en
[Huawei]vlan batch 10 20 100 300
[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.1 24
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.1 24
[Huawei-Vlanif20]int vlan 100
[Huawei-Vlanif100]ip add 1.1.1.2 24
[Huawei-Vlanif100]int vlan 300
[Huawei-Vlanif300]ip add 3.3.3.1 24
[Huawei-Vlanif300]q修改各端口的连接类型
[Huawei]int g0/0/5
[Huawei-GigabitEthernet0/0/5]port li ac
[Huawei-GigabitEthernet0/0/5]port default vlan 300
[Huawei-GigabitEthernet0/0/5]q
[Huawei]int g0/0/4
[Huawei-GigabitEthernet0/0/4]port li tr
[Huawei-GigabitEthernet0/0/4]po tr al vl al
[Huawei-GigabitEthernet0/0/4]int g0/0/1
[Huawei-GigabitEthernet0/0/1]po li ac
[Huawei-GigabitEthernet0/0/1]port default vlan 100
[Huawei-GigabitEthernet0/0/1]q建立OSPF多区域通信
[Huawei]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]q激活DHCP协议,配置为中继模式
[Huawei]dhcp en
[Huawei]int vlan 10
[Huawei-Vlanif10]dhcp select relay
[Huawei-Vlanif10]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif10]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]dhcp select relay
[Huawei-Vlanif20]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif20]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif20]q链路聚合,是通信更安全
[Huawei]int eth 1
[Huawei-Eth-Trunk1]mode manual load-balance
[Huawei-Eth-Trunk1]trunkport GigabitEthernet 0/0/2 to 0/0/3
[Huawei-Eth-Trunk1]por l t
[Huawei-Eth-Trunk1]po t al vl al
[Huawei-Eth-Trunk1]qSW5
操作类型同上
<Huawei>sys
[Huawei]un in en
[Huawei]vlan batch 10 20 200
[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.2 24
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.2 24
[Huawei-Vlanif20]int vlan 200
[Huawei-Vlanif200]ip add 2.2.2.2 24
[Huawei-Vlanif200]q[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]po l ac
[Huawei-GigabitEthernet0/0/1]po de vl 200
[Huawei-GigabitEthernet0/0/1]q
[Huawei]int g0/0/4
[Huawei-GigabitEthernet0/0/4]po l t
[Huawei-GigabitEthernet0/0/4]po tr al vl al
[Huawei-GigabitEthernet0/0/4]q[Huawei]ospf
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 0.0.0.0 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]q[Huawei]dhcp en
[Huawei]int vlan 10
[Huawei-Vlanif10]dhcp select relay
[Huawei-Vlanif10]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif10]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]dhcp select relay
[Huawei-Vlanif20]dhcp relay server-ip 1.1.1.1
[Huawei-Vlanif20]dhcp relay server-ip 2.2.2.1
[Huawei-Vlanif20]q[Huawei]int eth 1
[Huawei-Eth-Trunk1]mode manual load-balance
[Huawei-Eth-Trunk1]trunkport GigabitEthernet 0/0/2 to 0/0/3
[Huawei-Eth-Trunk1]port l t
[Huawei-Eth-Trunk1]po tr al vl al
[Huawei-Eth-Trunk1]qSW6
创建不同vlan,修改各端口的连接类型
<Huawei>sys
[Huawei]un in en
[Huawei]vlan batch 10 20
[Huawei]int e0/0/1
[Huawei-Ethernet0/0/1]po li t
[Huawei-Ethernet0/0/1]po t al vl al(10 20)
[Huawei-Ethernet0/0/1]int e0/0/2
[Huawei-Ethernet0/0/2]po li t
[Huawei-Ethernet0/0/2]po t al vl al(10 20)
[Huawei-Ethernet0/0/2]q
[Huawei]int e0/0/4
[Huawei-Ethernet0/0/4]po li ac
[Huawei-Ethernet0/0/4]po de vlan 10
[Huawei-Ethernet0/0/4]int e0/0/3
[Huawei-Ethernet0/0/3]port li ac
[Huawei-Ethernet0/0/3]po de vl 10
[Huawei-Ethernet0/0/3]int e0/0/5
[Huawei-Ethernet0/0/5]po li ac
[Huawei-Ethernet0/0/5]po de vl 20SW4,SW5,SW6均需要配置
配置生成树协议,并激活
stp mode mstp
stp region-configuration
region-name huawei
revision-level 1
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
SW4
1主要,2备用
[Huawei-mst-region]q
[Huawei]stp instance 1 root primary
[Huawei]stp instance 2 root secondary
SW5
1备用,2主要
[Huawei-mst-region]q
[Huawei]stp instance 1 root secondary
[Huawei]stp instance 2 root primary SW6
配置边缘端口,拒绝bpdu发送进来
[Huawei-mst-region]q
[Huawei]int e0/0/3
[Huawei-Ethernet0/0/3]stp edged-port enable
[Huawei-Ethernet0/0/3]int e0/0/4
[Huawei-Ethernet0/0/4]stp edged-port enable
[Huawei-Ethernet0/0/4]int e0/0/5
[Huawei-Ethernet0/0/5]stp edged-port enable
[Huawei-Ethernet0/0/5]q
[Huawei]stp bpdu-protection
[Huawei]dis stp instance 1 brief
[Huawei]dis stp instance 2 brief
SW4
设置虚拟网关,修改优先级,启用抢占模式
[Huawei]int vlan 10
[Huawei-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[Huawei-Vlanif10]vrrp vrid 10 priority 150
[Huawei-Vlanif10]vrrp vrid 10 preempt-mode timer delay 1
[Huawei-Vlanif10]vrrp vrid 10 track int g0/0/1 reduced 100
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[Huawei-Vlanif20]vrrp vrid 20 preempt-mode timer delay 1
[Huawei]dis vrrp brief SW5
设置虚拟网关,修改优先级,启用抢占模式
<Huawei>sys
[Huawei]int vlan 10
[Huawei-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
[Huawei-Vlanif10]vrrp vrid 10 preempt-mode timer delay 1
[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
[Huawei-Vlanif20]vrrp vrid 20 preempt-mode timer delay 1
[Huawei-Vlanif20]vrrp vrid 20 priority 150
[Huawei-Vlanif20]vrrp vrid 20 track int g0/0/1 reduced 100
[Huawei-Vlanif20]q
[Huawei]dis vrrp brief
AR1
设置环回
<Huawei>sys
[Huawei]int lo 5
[Huawei-LoopBack1]ip address 5.5.5.1 24PC2
测试
ipconfig
ping 5.5.5.1Server1启动服务
Client2
AR1
建立ACL,拒绝FTP访问,NAT内网转外网
<Huawei>sys
[Huawei]acl 3000
[Huawei-acl-adv-3000]rule permit ip source any destination 6.6.6.1 0.0.0.255
[Huawei-acl-adv-3000]rule deny tcp source 6.6.6.2 0.0.0.0 destination 3.3.3.100 0.0.0.0 destination-port eq 21
[Huawei-acl-adv-3000]rule permit tcp destination 6.6.6.100 0.0.0.0 destination-port eq 80
[Huawei-acl-adv-3000]q
[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2]nat outbound 3000
[Huawei-GigabitEthernet0/0/2]nat server protocol tcp global 6.6.6.100 www inside 3.3.3.1 wwwPC2
测试
ping 6.6.6.3Client4
注意:FTPClient登录失败则为实验成功
**“如果这篇文章对你有帮助,请点个赞支持一下!你的每一个点赞和评论,都是我继续分享的动力~”**
- **“感谢每一位阅读到这里的朋友!如果觉得有用,请点个赞或留个评论,让我知道你的想法~”**
- **“你们的支持是我最大的动力!如果这篇文章对你有帮助,别忘了点赞和评论哦~”**
)
)
![[数据结构]2. 顺序表](http://pic.xiahunao.cn/[数据结构]2. 顺序表)
Swift笔记20250418)
