网络组建

Posted on 2021-10-21 22:18  Alobo  阅读(415)  评论(0编辑  收藏  举报

 

 

《数据网络组建》

实验报告

(实验名称 :网络设备基本配置)

 

 

 

 

 

                               

 

实验目的

掌握路由器的基本配置;

掌握路由器的双网络出口配置;

掌握路由器的NAT配置、ACL配置、DHCP配置;

掌握路由器静态路由和动态路由配置;

了解路由器发展方向和软路由知识;

掌握交换机的基本配置;

掌握交换机VLAN划分配置;

掌握三层交换机DHCP配置;

了解交换机的发展方向和地址绑定功能配置;

掌握VLAN三层互通配置;

掌握IP地址规划;

一、   实验内容

假如有一个学校新建网络,你是该项目网络工程师,该学校有两套网络,分别是互联网Internet和教育专网,请你设计方案,让学校的电脑能够正常办公。拓扑图如下

 

 

需求分析:

现在学校有两套网络,分别是教育专网和Internet互联网,分别通过出口路由器连接各路由器。

教育专网地址:10.91.103.1/24,网关地址10.91.103.2,互联网地址:183.223.104.1/30,网关地址183.223.104.2

学校内部有2个部门,分别是教师部门和学生部门,分别分布在教学楼和学生区。教师部门电脑数量80台,学生部门电脑数量200台。

要求内部电脑通过DHCP自动获取地址上网,少数领导电脑静态绑定。

其中网络设备可以远程管理及登录。

二、   实验环境

       PC+ensp软件+WORD工具

四、实验操作步骤

1.拓扑图:

 

2.地址规划:

出口路由器

10.91.103.2/24

(GE 0/0/1)

183.223.104.2/30

(GE 0/0/2)

172.16.1.1/16

(GE 0/0/0)

核心交换机

192.168.1.1/25

(GE 0/0/1)

192.168.2.1/24

(GE 0/0/2)

172.16.1.2/16

(GE 0/0/24)

教师部门

VLAN 2

192.168.1.0/25

192.168.1.1(网关)

学生部门

VLAN 3

192.168.2.0/24

192.168.2.1(网关)

预留部门

VLAN 4

192.168.3.0/24

192.168.3.1(网关)

 

3.配置

(1)出口路由器

//配置NAT

[out_router]acl 2000

[out_router-acl-basic-2000]rule 5 permit

[out_router-acl-basic-2000]int g0/0/1

[out_router-GigabitEthernet0/0/1]nat outbound 2000

[out_router-GigabitEthernet0/0/1]int g0/0/2

[out_router-GigabitEthernet0/0/2]nat outbound 2000

//配置ip地址

[out_router]interface g 0/0/0

[out_router-GigabitEthernet0/0/0]ip address 172.16.1.1 255.255.0.0

[out_router-GigabitEthernet0/0/0]int g0/0/1

[out_router-GigabitEthernet0/0/1]ip address 10.91.103.2 255.255.255.0

[out_router-GigabitEthernet0/0/1]int g0/0/2

[out_router-GigabitEthernet0/0/2]ip address 183.223.104.2 255.255.255.252

 

//配置telnet

[out_router]telnet server enable

[out_router]aaa

[out_router-aaa]

[out_router-aaa]local-user xx password cipher 123456

[out_router-aaa]local-user xx privilege level 15

[out_router-aaa] local-user xx service-type telnet

[out_router]user-interface vty 0 4

[out_router-ui-vty0-4]authentication-mode aaa

//配置静态路由

[out_router]ip route-static 0.0.0.0 0.0.0.0 183.223.104.1

[out_router]ip route-static 10.91.103.0 255.255.255.0 10.91.103.1

[out_router]ip route-static 192.168.0.0 255.255.252.0 172.16.1.2

 

(2)核心交换机

//创建vlan、配置IP地址

[core_sw]vlan 2

[core_sw-vlan2]description jiaoshi_vlan

[core_sw-vlan2]int vlan 2

[core_sw-Vlanif2]ip address 192.168.1.1 255.255.255.0

[core_sw-Vlanif2]vlan 3

[core_sw-vlan3]description xuesheng_vlan

[core_sw-vlan3]int vlan 3

[core_sw-Vlanif3]ip address 192.168.2.1 255.255.255.0

[core_sw-Vlanif3]vlan 4

[core_sw-vlan4]description link_yuliu

[core_sw-vlan4]int vlan 4

[core_sw-Vlanif4]ip address 192.168.3.1 255.255.255.0

[core_sw]int vlan 1

[core_sw-Vlanif1]ip address 172.16.1.2 255.255.0.0

//修改接口状态

[core_sw]int g0/0/1

[core_sw-GigabitEthernet0/0/1]port link-type trunk

[core_sw-GigabitEthernet0/0/1]undo port trunk allow-pass vlan 1

[core_sw-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 to 4

[core_sw-GigabitEthernet0/0/1]int g0/0/2

[core_sw-GigabitEthernet0/0/2]port link-type trunk

[core_sw-GigabitEthernet0/0/2]undo port trunk allow-pass vlan 1

[core_sw-GigabitEthernet0/0/2]port trunk allow-pass vlan 2 to 4

[core_sw-GigabitEthernet0/0/2]int g0/0/24

[core_sw-GigabitEthernet0/0/24]port link-type access

//配置DHCP

[core_sw]dhcp enable

[core_sw]int vlan 2

[core_sw-Vlanif2]dhcp select interface

[core_sw-Vlanif2]dhcp server dns-list 8.8.8.8

[core_sw-Vlanif2]dhcp server static-bind ip-address 192.168.1.10 mac-address  5489-98B4-74F1

[core_sw-Vlanif2]int vlan 3

[core_sw-Vlanif3]dhcp select interface

[core_sw-Vlanif3]dhcp server dns-list 8.8.8.8

//配置默认路由

[core_sw]ip route-static 0.0.0.0 0.0.0.0 172.16.1.1

//配置telnet

[core_sw]telnet server enable

[core_sw]aaa

[core_sw-aaa]local-user xx password simple 123

[core_sw-aaa]local-user xx privilege level 15

[core_sw-aaa]local-user xx service-type telnet

[core_sw]user-interface vty 0 4

[core_sw-ui-vty0-4]authentication-mode aaa

(3)教学楼交换机

//创建VLAN

[jiaoxue_sw]vlan batch 2 to 4

//修改接口状态

[jiaoxue_sw]int g0/0/

[jiaoxue_sw-GigabitEthernet0/0/1]port link-type access

[jiaoxue_sw-GigabitEthernet0/0/1]port default vlan 2

[jiaoxue_sw-GigabitEthernet0/0/1]int g0/0/2

[jiaoxue_sw-GigabitEthernet0/0/2]port link-type access

[jiaoxue_sw-GigabitEthernet0/0/2]port default vlan 2

[jiaoxue_sw-GigabitEthernet0/0/2]int g0/0/24

[jiaoxue_sw-GigabitEthernet0/0/24]description jiaoxue_link_CoreSwich

[jiaoxue_sw-GigabitEthernet0/0/24]port link-type trunk

[jiaoxue_sw-GigabitEthernet0/0/24]port trunk allow-pass vlan 2 to 4

(4)学生区交换机

//创建VLAN

[jiaoxue_sw]vlan batch 2 to 4

//修改接口状态

[xuesheng_sw_switch]int g0/0/

[xuesheng_sw-GigabitEthernet0/0/1]port link-type access

[xuesheng_sw-GigabitEthernet0/0/1]port default vlan 3

[xuesheng_sw-GigabitEthernet0/0/1]int g0/0/2

[xuesheng_sw-GigabitEthernet0/0/2]port link-type access

[xuesheng_sw-GigabitEthernet0/0/2]port default vlan 3

[xuesheng_sw-GigabitEthernet0/0/2]int g0/0/24

[xuesheng_sw-GigabitEthernet0/0/24]description jiaoshi_vlan

[xuesheng_sw-GigabitEthernet0/0/24]port link-type trunk

[xuesheng_sw-GigabitEthernet0/0/24]port trunk allow-pass vlan 2 to 4

(5)修改教师电脑1的IP地址为DHCP自动获取——点击应用

 

 

 

五、实验结果

(1)教师电脑1自动获取IP地址并且能ping通路由器地址

 

 

 

(2)出口路由器能被远程登陆

 

 

 

 

(3)教师电脑2能获取静态绑定的IP地址

 

六、实验总结

掌握了改变接口类型(undo时需要依次关闭才能改变)