H3c实验室-(OSPF,Nat,STP,Dhcp,Acl)v.1)
本实验纯属学习记录性质,如有错误,请大哥帮忙提出,马上改正谢谢~
还有学习H3c心态要好,他有超级多的bug!!!!
先说明一下RTA-RTB的线路是Ser线,一定要他,要不然ppp协议没法做,一切白给!!!!!
<H3C>sys [H3C]sysn SWA [SWA]vlan 10 [SWA-vlan10]port g 1/0/1 [SWA-vlan10]vlan 20 [SWA-vlan20]port g 1/0/2 [SWA-vlan20]vlan 30 [SWA-vlan30]port g 1/0/3 [SWA-vlan30]qu [SWA]int vlan 10 [SWA-Vlan-interface10]ip add 10.1.1.2 30 [SWA-Vlan-interface10]int vlan 20 [SWA-Vlan-interface20]ip add 10.2.1.254 24 [SWA-Vlan-interface20]int vlan 30 [SWA-Vlan-interface30]ip add 10.3.1.254 24 [SWA-Vlan-interface30]qu [SWA]stp g en [SWAint g 1/0/2 [SWA-GigabitEthernet1/0/2]port link-type trunk [SWA-GigabitEthernet1/0/2]port trunk per vlan all [SWA-GigabitEthernet1/0/2]int g 1/0/3 [SWA-GigabitEthernet1/0/3]port link-type trunk [SWA-GigabitEthernet1/0/3]port trunk per vlan all
<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn SWB [SWB]vlan 20 [SWB-vlan20]port g 1/0/3 [SWB-vlan20]int g 1/0/1 [SWB-GigabitEthernet1/0/1]port li [SWB-GigabitEthernet1/0/1]port link-t [SWB-GigabitEthernet1/0/1]port link-type t [SWB-GigabitEthernet1/0/1]port link-type trunk [SWB-GigabitEthernet1/0/1]port tr per vlan all [SWB-GigabitEthernet1/0/1]int g 1/0/2 [SWB-GigabitEthernet1/0/2]port link-type trunk [SWB-GigabitEthernet1/0/2]port tr per vlan all [SWB-GigabitEthernet1/0/2]qu [SWB]stp g en
<H3C>ping 10.2.1.254 Ping 10.2.1.254 (10.2.1.254): 56 data bytes, press CTRL_C to break 56 bytes from 10.2.1.254: icmp_seq=0 ttl=255 time=3.000 ms 56 bytes from 10.2.1.254: icmp_seq=1 ttl=255 time=2.000 ms 56 bytes from 10.2.1.254: icmp_seq=2 ttl=255 time=2.000 ms 56 bytes from 10.2.1.254: icmp_seq=3 ttl=255 time=1.000 ms 56 bytes from 10.2.1.254: icmp_seq=4 ttl=255 time=1.000 ms --- Ping statistics for 10.2.1.254 ---
证明这时候的PCA已经vlan20了
<H3C>sys [H3C]sysn SWC [SWC]vlan 30 [SWC-vlan30]port g 1/0/3 [SWC-vlan30]int g 1/0/1 [SWC-GigabitEthernet1/0/1]port link-type trunk [SWC-GigabitEthernet1/0/1]port t per vlan all [SWC-GigabitEthernet1/0/1]int g 1/0/2 [SWC-GigabitEthernet1/0/2]port link-type trunk [SWC-GigabitEthernet1/0/2]port t per vlan all [SWC-GigabitEthernet1/0/2]qu [SWC]stp g en
ping 10.2.1.1 Ping 10.2.1.1 (10.2.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 10.2.1.1: icmp_seq=0 ttl=254 time=3.000 ms 56 bytes from 10.2.1.1: icmp_seq=1 ttl=254 time=2.000 ms 56 bytes from 10.2.1.1: icmp_seq=2 ttl=254 time=2.000 ms 56 bytes from 10.2.1.1: icmp_seq=3 ttl=254 time=2.000 ms 56 bytes from 10.2.1.1: icmp_seq=4 ttl=254 time=3.000 ms --- Ping statistics for 10.2.1.1 ---
到这一步说明,配置已经非常成功了,已经让一个地方的ping通了
[SWA]ospf [SWA-ospf-1]a 1 [SWA-ospf-1-area-0.0.0.1]netw 10.2.1.0 0.0.0.255 [SWA-ospf-1-area-0.0.0.1]netw 10.3.1.0 0.0.0.255 [SWA-ospf-1-area-0.0.0.1]netw 10.1.1.0 0.0.0.3 [SWA-ospf-1-area-0.0.0.1]qu
<H3C>sys [H3C]sysn RTA [RTA]int g0/1 [RTA-GigabitEthernet0/1]ip add 10.1.1.1 30 [RTA-GigabitEthernet0/1]int g 0/0 [RTA-GigabitEthernet0/0]ip add 100.1.1.2 24 [RTA-GigabitEthernet0/0]int s 1/0 [RTA-Serial1/0]ip add 10.1.1.5 30 [RTA-Serial1/0]qu
[RTA]ospf [RTA-ospf-1]area 1 [RTA-ospf-1-area-0.0.0.1]net 10.1.1.0 0.0.0.3 [RTA-ospf-1-area-0.0.0.1]qu [RTA-ospf-1]qu
这时候PCA,PCB可以pingRTA 证明Ospf 区域1成功
ping 10.1.1.1 Ping 10.1.1.1 (10.1.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 10.1.1.1: icmp_seq=0 ttl=254 time=2.000 ms 56 bytes from 10.1.1.1: icmp_seq=1 ttl=254 time=1.000 ms 56 bytes from 10.1.1.1: icmp_seq=2 ttl=254 time=1.000 ms 56 bytes from 10.1.1.1: icmp_seq=3 ttl=254 time=2.000 ms 56 bytes from 10.1.1.1: icmp_seq=4 ttl=254 time=1.000 ms --- Ping statistics for 10.1.1.1 ---
<H3C>sys [H3C]sysn RTC [RTC]dhcp en [RTC]dhcp server forbidden-ip 10.4.1.254 [RTC]dhcp serv ip-pool pool1 [RTC-dhcp-pool-pool1]network 10.4.1.0 24 [RTC-dhcp-pool-pool1]gateway-list 10.4.1.254 [RTC-dhcp-pool-pool1]qu [RTC]int g 0/1 [RTC-GigabitEthernet0/1]ip add 10.4.1.254 24 [RTC-GigabitEthernet0/1]int g 0/0 [RTC-GigabitEthernet0/0]ip add 10.1.1.10 30 [RTC-GigabitEthernet0/0]qu
[RTC]ospf [RTC-ospf-1]a [RTC-ospf-1]area 2 [RTC-ospf-1-area-0.0.0.2]net 10.1.1.8 0.0.0.3 [RTC-ospf-1-area-0.0.0.2]net 10.4.1.0 0.0.0.255 [RTC-ospf-1-area-0.0.0.2]qu [RTC-ospf-1]qu
<H3C>sys [H3C]sysn RTB [RTB]int s 1/0 [RTB-Serial1/0]ip add 10.1.1.6 30 [RTB-Serial1/0]int g 0/1 [RTB-GigabitEthernet0/1]ip add 10.1.1.9 30 [RTB-GigabitEthernet0/1]qu
[RTB]ospf [RTB-ospf-1]a [RTB-ospf-1]area 2 [RTB-ospf-1-area-0.0.0.2]net 10.1.1.8 0.0.0.3 [RTB-ospf-1-area-0.0.0.2]qu [RTB-ospf-1]qu
这时候要是成功了PCC中就可以Ping到RTB
<H3C>ping 10.1.1.9 Ping 10.1.1.9 (10.1.1.9): 56 data bytes, press CTRL_C to break 56 bytes from 10.1.1.9: icmp_seq=0 ttl=254 time=1.000 ms 56 bytes from 10.1.1.9: icmp_seq=1 ttl=254 time=1.000 ms 56 bytes from 10.1.1.9: icmp_seq=2 ttl=254 time=0.000 ms 56 bytes from 10.1.1.9: icmp_seq=3 ttl=254 time=1.000 ms 56 bytes from 10.1.1.9: icmp_seq=4 ttl=254 time=2.000 ms --- Ping statistics for 10.1.1.9 ---
[RTB]ospf [RTB-ospf-1]a 0 [RTB-ospf-1-area-0.0.0.0]net 10.1.1.4 0.0.0.3 [RTB-ospf-1-area-0.0.0.0]qu [RTB-ospf-1]qu
[RTA]ospf [RTA-ospf-1]a 0 [RTA-ospf-1-area-0.0.0.0]net 10.1.1.4 0.0.0.3 [RTA-ospf-1-area-0.0.0.0]qu [RTA-ospf-1]qu
这时候就可以去PCC电脑上Ping到PCA
[H3C]ping 10.2.1.1 Ping 10.2.1.1 (10.2.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 10.2.1.1: icmp_seq=0 ttl=251 time=4.000 ms 56 bytes from 10.2.1.1: icmp_seq=1 ttl=251 time=3.000 ms 56 bytes from 10.2.1.1: icmp_seq=2 ttl=251 time=3.000 ms 56 bytes from 10.2.1.1: icmp_seq=3 ttl=251 time=2.000 ms 56 bytes from 10.2.1.1: icmp_seq=4 ttl=251 time=2.000 ms --- Ping statistics for 10.2.1.1 ---
[RTA]local-user username class network New local user added. [RTA-luser-network-username]password simple password [RTA-luser-network-username]service-type ppp [RTA-luser-network-username]qu [RTA]int s 1/0 [RTA-Serial1/0]ppp authentication-mode chap [RTA-Serial1/0]qu
[RTB]int s 1/0 [RTB-Serial1/0]ppp chap user username [RTB-Serial1/0]ppp chap password simple password [RTB-Serial1/0]qu
这样ppp就成功啦~~
<H3C>sys [H3C]sysn Internet [Internet]int g 0/0 [Internet-GigabitEthernet0/0]ip add 100.1.1.1 24 [Internet-GigabitEthernet0/0]int loop 1 [Internet-LoopBack1]ip add 200.1.1.1 32 [Internet-LoopBack1]qu [Internet]ip route-static 100.1.1.0 24 100.1.1.2
[RTA]acl basic 2000 [RTA-acl-ipv4-basic-2000]rule 0 permit source 10.2.1.0 0.0.0.255 [RTA-acl-ipv4-basic-2000]rule 1 permit source 10.3.1.0 0.0.0.255 [RTA-acl-ipv4-basic-2000]qu [RTA]nat add [RTA]nat address-group 1 [RTA-address-group-1]add 100.1.1.3 100.1.1.13 [RTA-address-group-1]qu [RTA] [RTA]int g 0/0 [RTA-GigabitEthernet0/0]nat outbound 2000 address-group 1 [RTA-GigabitEthernet0/0]qu [RTA]ospf [RTA-ospf-1]default-route-advertise [RTA-ospf-1]qu [RTA]ip route-static 0.0.0.0 0.0.0.0 100.1.1.1
然后就能看到PCA
ping 100.1.1.2 Ping 100.1.1.2 (100.1.1.2): 56 data bytes, press CTRL_C to break 56 bytes from 100.1.1.2: icmp_seq=0 ttl=254 time=2.000 ms 56 bytes from 100.1.1.2: icmp_seq=1 ttl=254 time=1.000 ms 56 bytes from 100.1.1.2: icmp_seq=2 ttl=254 time=3.000 ms 56 bytes from 100.1.1.2: icmp_seq=3 ttl=254 time=2.000 ms 56 bytes from 100.1.1.2: icmp_seq=4 ttl=254 time=2.000 ms --- Ping statistics for 100.1.1.2 ---
PCB
<H3C>ping 200.1.1.1 Ping 200.1.1.1 (200.1.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 200.1.1.1: icmp_seq=0 ttl=253 time=3.000 ms 56 bytes from 200.1.1.1: icmp_seq=1 ttl=253 time=2.000 ms 56 bytes from 200.1.1.1: icmp_seq=2 ttl=253 time=3.000 ms 56 bytes from 200.1.1.1: icmp_seq=3 ttl=253 time=2.000 ms 56 bytes from 200.1.1.1: icmp_seq=4 ttl=253 time=2.000 ms --- Ping statistics for 200.1.1.1 ---
PCC
ping 200.1.1.1 Ping 200.1.1.1 (200.1.1.1): 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out --- Ping statistics for 200.1.1.1 ---
[RTC]acl advanced 3000 [RTC-acl-ipv4-adv-3000]rule deny icmp source 10.2.1.0 0.0.0.255 destination 10.4.1.0 0.0.0.255 [RTC-acl-ipv4-adv-3000]rule deny icmp source 10.4.1.0 0.0.0.255 destination 10.2.1.0 0.0.0.255 [RTC-acl-ipv4-adv-3000]qu [RTC]int g 0/0 [RTC-GigabitEthernet0/0]packet-filter 3000 inbound [RTC-GigabitEthernet0/0]qu
这样PCC就不能PingPCA,但PCC可以PingPCB
这一篇,就是单纯记录自己学习进程,说实话H3C,模拟器太真实了,还会给我模拟线路脱落一下up,一下down。
完~~谢谢观看
王婆卖瓜,自卖自夸,哈哈哈,欢迎大家来一起探讨问题~~~