華為DHCP、ACL、RIP、獨臂路由匯總小實驗
實驗要求:
1、全網使用RIP技術互通
2、計算機地址由DHCP分發
3、PC4和PC5之間不能互通
4、vlan10網關在SW1上
5、vlan20網關在R1上
6、vlan30/40網關在SW2上
7、vlan50/60網關在R2上
實驗步驟:
在SW1上的操作如下:
<huawei>system
[huawei]sysname SW1 //修改交換機名稱為SW1
[SW1]vlan batch 10 20
[SW1]interface gi0/0/1
[SW1]interface g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access //接口改為加入模式
[SW1-GigabitEthernet0/0/1]port default vlan 10 //把接口加入vlan 10
[SW1-GigabitEthernet0/0/1]q
[SW1]interface g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access //接口改為加入模式
[SW1-GigabitEthernet0/0/2]port default vlan 20 //把接口加入vlan20
[SW1]interface g0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access //接口改為加入模式
[SW1-GigabitEthernet0/0/3]port default vlan 20 //把接口加入vlan20
[SW1-GigabitEthernet0/0/3]q
[SW1]interface vlan 10
[SW1-Vlanif10]ip address 192.168.10.254 24 //給vlan 10配置網關
[SW1-Vlanif10]undo shutdown
[SW1-Vlanif10]q
[SW1-Vlanif20]ip address 192.168.20.2 24 //給vlan 20配置ip地址
[SW1-Vlanif20]undo shutdown
[SW1-Vlanif20]q
[SW1]rip //創建並進入rip1
[SW1-rip-1]version 2 //版本2
[SW1-rip-1]network 192.168.10.0 //宣告已經網段
[SW1-rip-1]network 192.168.20.0
[SW1-rip-1]q
[SW1]dhcp enable //開啟 DHCP功能
[SW1]interface vlan 10 //進入vlan10
[SW1-Vlanif10]dhcp select relay //建立dhcp中繼
[SW1-Vlanif10]dhcp relay server-ip 192.168.100.1//寫入dhcp 中繼服務地址
在R1上的操作如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]vlan batch 10 20 100 //創建vlan10/20/100
[Huawei]interface g0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 192.168.20.254 24 //給vlan20配置網關
[Huawei-GigabitEthernet0/0/0]undo shutdown
[Huawei-GigabitEthernet0/0/0]q
[Huawei]interface g0/0/1 //給g0/0/1端口配置IP
[Huawei-GigabitEthernet0/0/1]ip address 192.168.1.1 24
[Huawei-GigabitEthernet0/0/1]undo shutdown
[Huawei-GigabitEthernet0/0/1]q
[Huawei]interface g0/0/2
[Huawei-GigabitEthernet0/0/2]ip address 192.168.100.254 24 //給vlan100配置網關
[Huawei-GigabitEthernet0/0/2]undo shutdown
[Huawei-GigabitEthernet0/0/2]q
[Huawei]rip // 建立並進入rip
[Huawei-rip-1]version 2 //版本2
[Huawei-rip-1]network 192.168.20.0 //宣告自己知道的網段
[Huawei-rip-1]network 192.168.1.0
[Huawei-rip-1]network 192.168.100.0
[Huawei-rip-1]q
[R1]dhcp enable //開啟dhcp服務
[R1]interface g0/0/0
[R1-GigabitEthernet0/0/0]dhcp select relay //在g0/0/0端口建立dhcp中繼
[R1-GigabitEthernet0/0/0]dhcp relay server-ip 192.168.100.1 //中繼地址為 192.168.100.1
在R2上的配置如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]sysname R2
[R2]interface g0/0/0.1 //進入子端口0.1
[R2-GigabitEthernet0/0/0.1]ip address 192.168.50.254 24 //配置vlan50的網關地址
[R2-GigabitEthernet0/0/0.1]dot1q termination vid 50 //把dot1q協議封裝到vlan50中
[R2-GigabitEthernet0/0/0.1]arp broadcast enable //開啟 arp 廣播
[R2-GigabitEthernet0/0/0.1]q
[R2]interface g0/0/0.2
[R2-GigabitEthernet0/0/0.2]ip address 192.168.60.254 24
[R2-GigabitEthernet0/0/0.2]dot1q termination vid 60
[R2-GigabitEthernet0/0/0.2]arp broadcast enable
[R2-GigabitEthernet0/0/0.2]q
[R2]interface g0/0/1
[R2-GigabitEthernet0/0/1]ip address 192.168.1.2 24
[R2-GigabitEthernet0/0/1]undo shutdown
[R2-GigabitEthernet0/0/1]q
[R2]rip
[R2-rip-1]version 2
[R2-rip-1]network 192.168.1.0
[R2-rip-1]network 192.168.50.0
[R2-rip-1]network 192.168.60.0
[R2-rip-1]q
[R2]dhcp enable //開啟DHCP功能
[R2]interface g0/0/0.1
[R2-GigabitEthernet0/0/0.1]dhcp select relay // 建立dhcp中繼
[R2-GigabitEthernet0/0/0.1]dhcp relay server-ip 192.168.100.1 //建立dhcp 服務地址
[R2-GigabitEthernet0/0/0.1]q
在SW2上配置如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]sysname SW2
[SW2]vlan batch 30 40 50 60 //創建 vlan 30/40/50/60
[SW2]interface g0/0/3
[SW2-GigabitEthernet0/0/3]port link-type access //把g0/0/3端口加入vlan30
[SW2-GigabitEthernet0/0/3]port default vlan 30
[SW2-GigabitEthernet0/0/3]q
[SW2]interface g0/0/4
[SW2-GigabitEthernet0/0/4]port link-type access //把g0/0/4端口加入vlan40
[SW2-GigabitEthernet0/0/4]port default vlan 40
[SW2-GigabitEthernet0/0/4]q
[SW2]interface g0/0/5
[SW2-GigabitEthernet0/0/5]port link-type access //把g0/0/5端口加入vlan50
[SW2-GigabitEthernet0/0/5]port default vlan 50
[SW2-GigabitEthernet0/0/5]q
[SW2]interface g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access //把g0/0/5端口加入vlan60
[SW2-GigabitEthernet0/0/2]port default vlan 60
[SW2-GigabitEthernet0/0/2]q
[SW2]interface vlan 30 //配置vlan30的網關
[SW2-Vlanif30]ip address 192.168.30.254 24
[SW2-Vlanif30]undo shutdown
[SW2-Vlanif30]q
[SW2]interface vlan 40 //配置vlan40的網關
[SW2-Vlanif40]ip address 192.168.40.254 24
[SW2-Vlanif40]undo shutdown
[SW2-Vlanif40]q
[SW2]interface vlan 50 //配置vlan50的ip
[SW2-Vlanif50]ip address 192.168.50.2 24
[SW2-Vlanif50]q
[SW2]interface vlan 60 //配置vlan60的ip
[SW2-Vlanif60]ip address 192.168.60.2 24
[SW2-Vlanif60]q
[SW2]rip //宣告已知的網段
[SW2-rip-1]version 2
[SW2-rip-1]network 192.168.30.0
[SW2-rip-1]network 192.168.40.0
[SW2-rip-1]network 192.168.50.0
[SW2-rip-1]network 192.168.60.0
[SW2-rip-1]q
[SW2]interface g0/0/1 //把g0/0/1端口設為trunk 模式並且允許所有vlan通過
[SW2-GigabitEthernet0/0/1]port link-type trunk
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[SW2-GigabitEthernet0/0/1]q
[SW2]dhcp enable //開啟DHCP功能
[SW2]interface vlan 30 //建立dhcp中繼
[SW2-Vlanif30]dhcp select relay
[SW2-Vlanif30]dhcp relay server-ip 192.168.100.1
[SW2-Vlanif30]q
[SW2]interface vlan 40
[SW2-Vlanif40]dhcp select relay
[SW2-Vlanif40]dhcp relay server-ip 192.168.100.1
[SW2]acl 3999 //搭建並進入acl 3999(高級acl)
[SW2-acl-adv-3999]rule deny ip source 192.168.40.0 0.0.0.255 destination 192.168 //建立規則 不允許50網段的任何數據包進入40網段
.50.0 0.0.0.255
[SW2-acl-adv-3999]q
[SW2]interface g0/0/4 //在g0/0/4端口配置入站流量過濾規則為 acl 3999
[SW2-GigabitEthernet0/0/4]traffic-filter inbound acl 3999
[SW2-GigabitEthernet0/0/4]q
在DHCP上配置如下:
<HUAWEI>system
[HUAWEI]sye name DHCP
[DHCP]vlan 100
[DHCP]dhcp enable // 開啟dhcp功能
[DHCP]interface vlan 100
[DHCP-Vlanif100]ip address 192.168.100.1 24 //配置vlan100地址
[DHCP-Vlanif100]dhcp select global //選擇本地設備上的的dhcp地址池
[DHCP-Vlanif100]q
[DHCP]interface g0/0/1 //把g0/0/1端口加入vlan100
[DHCP-GigabitEthernet0/0/1]port link-type access
[DHCP-GigabitEthernet0/0/1]port default vlan 100
[DHCP-GigabitEthernet0/0/1]q
[DHCP]rip //rip宣告已知地址
[DHCP-rip-1]network 192.168.100.1
[DHCP-rip-1]q
[DHCP]ip pool 10 //建立並進入地址池 10
[DHCP-ip-pool-10]network 192.168.10.0 mask 255.255.255.0 //地址池內網段為 10網段
[DHCP-ip-pool-10]dns-list 8.8.8.8 //域名解析地址為 8.8.8.8
[DHCP-ip-pool-10]gateway-list 192.168.10.254 //地址池網段地址網關為254
[DHCP-ip-pool-10]q
[DHCP]ip pool 20
[DHCP-ip-pool-20]network 192.168.20.0 mask 255.255.255.0
[DHCP-ip-pool-20]dns-list 9.9.9.9
[DHCP-ip-pool-20]gateway-list 192.168.20.254
[DHCP-ip-pool-20]q
[DHCP]ip pool 30
[DHCP-ip-pool-30]dns-list 3.3.3.3
[DHCP-ip-pool-30]gateway-list 192.168.30.254
[DHCP-ip-pool-30]network 192.168.30.0 mask 255.255.255.0
[DHCP-ip-pool-30]q
[DHCP]ip pool 40
[DHCP-ip-pool-40]network 192.168.40.0 mask 255.255.255.0
[DHCP-ip-pool-40]dns-list 4.4.4.4
[DHCP-ip-pool-40]gateway-list 192.168.40.254
[DHCP-ip-pool-40]q
[DHCP]ip pool 50
[DHCP-ip-pool-50]network 192.168.50.0 mask 255.255.255.0
[DHCP-ip-pool-50]dns-list 5.5.5.5
[DHCP-ip-pool-50]gateway-list 192.168.50.254
[DHCP-ip-pool-50]q
在PC機上先選擇DHCP點擊應用再輸入ipconfig /renew 我們選擇兩臺PC機進行驗證如圖:
同時我們選擇驗證PC1與PC2之間是否互通,在PC1上輸入命令:ping 192.168.20.251進行驗證如圖:
初次連接會有 Request timeout !的提示,不要慌,穩住,第一次連接扔了5個包丟了一個包還是可以理解的哈 0.0!
剩下的我就不多做驗證了,相信結果都是一樣的,但由於任務需求需要斷絕40網段和50網段之間的聯系我們還需要驗證一下PC4能否ping的通PC5
驗證PC4和PC5的不通如圖:
結果真的是不通,如願以償啊,美滋滋 - -!可能會有人會問ping不通怎麽還美滋滋,我也不知道我是什麽心理,反正我完成任務了,哈哈,好劍!!!
以上就是今天這個實驗的所有步驟,希望能幫助到您,謝謝您的觀看,我們過兩天再見0.0!
華為DHCP、ACL、RIP、獨臂路由匯總小實驗