Cisco综合网络搭建
拓扑图
整体网络比较复杂
我们将拓扑拆分成三个大块来完成整体网络的规划就会较为简单
#1 站点1的规划
[R1]
配置子接口,开启vrrp,运行rip动态路由
interface Ethernet0/0 no ip address ! interface Ethernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.252 255.255.255.0 vrrp 10 ip 192.168.10.254 ! interface Ethernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.252 255.255.255.0 vrrp 20 ip 192.168.20.254 ! interface Ethernet0/1 ip address 172.16.1.1 255.255.255.0 ! interface Ethernet0/2 no ip address shutdown ! interface Ethernet0/3 no ip address shutdown ! router rip version 2 network 172.16.0.0 network 192.168.0.0 network 192.168.10.0 network 192.168.20.0 no auto-summary
[R2]
配置子接口,开启vrrp,运行rip
interface Ethernet0/0 no ip address ! interface Ethernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.253 255.255.255.0 vrrp 10 ip 192.168.10.254 ! interface Ethernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.253 255.255.255.0 vrrp 20 ip 192.168.20.254 ! interface Ethernet0/1 ip address 172.16.2.2 255.255.255.0 ! interface Ethernet0/2 no ip address shutdown ! interface Ethernet0/3 no ip address shutdown ! router rip version 2 network 172.16.0.0 network 192.168.0.0 network 192.168.10.0 network 192.168.20.0 no auto-summary
[R3]
配置接口,运行rip
interface Ethernet0/0 ip address 172.16.1.3 255.255.255.0 ip virtual-reassembly ! interface Ethernet0/1 ip address 172.16.2.3 255.255.255.0 ip virtual-reassembly ! router rip version 2 network 172.16.0.0 no auto-summary
[SW1]
设置vlan,配置trunk链接方式
interface Ethernet0/0 switchport trunk encapsulation dot1q switchport mode trunk ! interface Ethernet0/1 switchport trunk encapsulation dot1q switchport mode trunk ! interface Ethernet0/2 switchport access vlan 10 switchport trunk encapsulation dot1q switchport mode access ! interface Ethernet0/3 switchport access vlan 20 switchport mode access ! interface Vlan10 ip address 192.168.10.254 255.255.255.0 ! interface Vlan20 ip address 192.168.20.254 255.255.255.0
[PC1]/[PC2]
配置接口地址
[PC1] interface Ethernet0/0 ip address 192.168.10.1 255.255.255.0 no ip route-cache [PC2] interface Ethernet0/0 ip address 192.168.20.1 255.255.255.0 no ip route-cache
此时站点1全站互通
#2 站点2的规划
[SW2]
设置vlan、dhcp、rip和聚合链路的配置,关闭e0/0交换功能配置接口ip
ip dhcp pool dhcp3 network 192.168.30.0 255.255.255.0 default-router 192.168.30.254 ! interface Port-channel2 switchport trunk encapsulation dot1q switchport mode trunk ! interface Ethernet0/0 no switchport ip address 172.16.3.10 255.255.255.0 ! interface Ethernet0/1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode on ! interface Ethernet0/2 switchport access vlan 30 switchport mode access ! interface Ethernet0/3 switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode on ! interface Vlan30 ip address 192.168.30.252 255.255.255.0 vrrp 10 ip 192.168.30.254 vrrp 10 priority 120 vrrp 10 track 1 decrement 50 ! interface Vlan40 ip address 192.168.40.252 255.255.255.0 vrrp 10 ip 192.168.40.254 vrrp 10 priority 120 vrrp 10 track 1 decrement 50 ! router rip version 2 network 172.16.0.0 network 192.168.30.0 network 192.168.40.0 no auto-summary
[SW3]
配置和SW2同理
ip dhcp pool dhcp4 network 192.168.40.0 255.255.255.0 default-router 192.168.40.254 interface Port-channel2 switchport trunk encapsulation dot1q switchport mode trunk ! interface Ethernet0/0 no switchport ip address 172.16.4.10 255.255.255.0 ! interface Ethernet0/1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode on ! interface Ethernet0/2 switchport access vlan 40 switchport mode access ! interface Ethernet0/3 switchport trunk encapsulation dot1q switchport mode trunk channel-group 2 mode on ! interface Vlan30 ip address 192.168.30.253 255.255.255.0 vrrp 10 ip 192.168.30.254 ! interface Vlan40 ip address 192.168.40.253 255.255.255.0 vrrp 10 ip 192.168.40.254 ! router rip version 2 network 172.16.0.0 network 192.168.30.0 network 192.168.40.0 no auto-summary
[PC3]/[PC4]
3和4配置相同
no ip routing ! interface Ethernet0/0 ip address dhcp no ip route-cache
[R6]
配置接口,运行rip
interface Ethernet0/2 ip address 172.16.3.254 255.255.255.0 ip nat inside ip virtual-reassembly ! interface Ethernet0/3 ip address 172.16.4.254 255.255.255.0 ip nat inside ip virtual-reassembly ! router rip version 2 network 172.16.0.0 no auto-summary
配置完成后站点2可以全站互通
#3
建立ospf、bgp
[R4]
[R4] interface Loopback0 ip address 4.4.4.4 255.255.255.0 ! interface Ethernet0/0 ip address 34.0.0.4 255.255.255.0 ! interface Ethernet0/1 ip address 46.0.0.4 255.255.255.0 ! interface Ethernet0/2 ip address 45.0.0.4 255.255.255.0 ! router ospf 10 router-id 4.4.4.4 log-adjacency-changes network 4.4.4.0 0.0.0.255 area 0 network 34.0.0.0 0.0.0.255 area 0 network 45.0.0.0 0.0.0.255 area 0 network 46.0.0.0 0.0.0.255 area 0 ! router bgp 45 no synchronization bgp router-id 4.4.4.4 bgp log-neighbor-changes neighbor 5.5.5.5 remote-as 45 neighbor 5.5.5.5 update-source Loopback0 neighbor 5.5.5.5 next-hop-self neighbor 34.0.0.3 remote-as 3 neighbor 46.0.0.6 remote-as 6 no auto-summary
[R5]
[R5] interface Loopback0 ip address 5.5.5.5 255.255.255.0 ! interface Ethernet0/0 ip address 35.0.0.5 255.255.255.0 ! interface Ethernet0/1 ip address 56.0.0.5 255.255.255.0 ! interface Ethernet0/2 ip address 45.0.0.5 255.255.255.0 ! router ospf 10 router-id 5.5.5.5 log-adjacency-changes network 5.5.5.0 0.0.0.255 area 0 network 35.0.0.0 0.0.0.255 area 0 network 45.0.0.0 0.0.0.255 area 0 network 56.0.0.0 0.0.0.255 area 0 ! router bgp 45 no synchronization bgp router-id 5.5.5.5 bgp log-neighbor-changes neighbor 4.4.4.4 remote-as 45 neighbor 4.4.4.4 update-source Loopback0 neighbor 4.4.4.4 next-hop-self neighbor 35.0.0.3 remote-as 3 neighbor 56.0.0.6 remote-as 6 no auto-summary
R3和R6在建立bgp后还要配置NAT和GRE隧道
[R3]
[R3] interface Loopback0 ip address 3.3.3.3 255.255.255.0 !
#(建立Tunnl隧道) interface Tunnel0 ip address 36.0.0.1 255.255.255.0 tunnel source 3.3.3.3 tunnel destination 6.6.6.6 ! interface Ethernet0/0
#(设置nat接口方向) ip nat inside ! interface Ethernet0/1 ip nat inside ! interface Ethernet0/2 ip address 34.0.0.3 255.255.255.0 ip nat outside ip virtual-reassembly ! interface Ethernet0/3 ip address 35.0.0.3 255.255.255.0 ip nat outside ip virtual-reassembly ! router bgp 3 no synchronization bgp router-id 3.3.3.3 bgp log-neighbor-changes network 3.3.3.0 mask 255.255.255.0 neighbor 34.0.0.4 remote-as 45 neighbor 35.0.0.5 remote-as 45 no auto-summary
#(配置nat)
ip nat inside source list 1 interface Ethernet0/3 overload
!
access-list 1 permit 192.168.0.0 0.0.255.25
[R6]
interface Loopback0 ip address 6.6.6.6 255.255.255.0 ! interface Tunnel0 ip address 36.0.0.6 255.255.255.0 tunnel source 6.6.6.6 tunnel destination 3.3.3.3 ! interface Ethernet0/0 ip address 56.0.0.6 255.255.255.0 ip nat outside ip virtual-reassembly ! interface Ethernet0/1 ip address 46.0.0.6 255.255.255.0 ip nat outside ! interface Ethernet0/2 ip nat inside ! interface Ethernet0/3 ip nat inside ! router rip network 36.0.0.0 ! router bgp 6 no synchronization bgp router-id 6.6.6.6 bgp log-neighbor-changes network 6.6.6.0 mask 255.255.255.0 neighbor 46.0.0.4 remote-as 45 neighbor 56.0.0.5 remote-as 45 no auto-summary ip nat inside source list 1 interface Ethernet0/1 overload ! access-list 1 permit 192.168.0.0 0.0.255.255
站点1和2互通