华为R&W典型园区网络设计
PS:本人正在学习HCIP中,想到一个典型的园区网络就自己用ENSP搭建了一个典型拓扑分享给大家一起学习
拓扑图如下:
要求已经写在拓扑结构下下方文本框中请自行查看!
配置如下(没有专门的命令插入我就直接用C#的插入命令了):
以下按顺序从SW1的核心层、SW2和SW3的汇聚层、SW4-SW6的接入层分别做了配置,由于接入层配置较为简单我就把SW4-SW6的配置做到一个代码段落中了!
sys sys sw1 dhcp enable stp mode mstp vlan batch 10 20 30 100 int vlanif 10 ip add 192.168.10.254 24 int vlanif 20 ip add 192.168.20.254 24 int vlanif 30 ip add 192.168.30.254 24 int vlanif 100 ip add 100.1.1.100 8 qu ip route-static 0.0.0.0 0 100.1.1.101 ip pool vlan10 network 192.168.10.0 mask 24 gateway-list 192.168.10.10 dns-list 114.114.114.114 excluded-ip-address 192.168.10.1 192.168.10.9 ip pool vlan20 network 192.168.20.0 mask 24 gateway-list 192.168.20.10 dns-list 114.114.114.114 excluded-ip-address 192.168.20.1 192.168.20.9 ip pool vlan30 network 192.168.30.0 mask 24 gateway-list 192.168.30.10 dns-list 114.114.114.114 excluded-ip-address 192.168.30.1 192.168.30.9 int vlanif 10 dhcp select global int vlanif 20 dhcp select global int vlanif 30 dhcp select global int g0/0/4 p l t p t a vlan 10 20 30 int g0/0/6 p l t p t a vlan 10 20 30
sys sys sw2 stp mode mstp int eth-trunk 1 mode lacp max active-linkn 2 lacp preempt enable lacp priority 1 int g0/0/21 eth-trunk 1 int g0/0/22 eth-trunk 1 int g0/0/23 eth-trunk 1 int g0/0/24 eth-trunk 1 vlan batch 10 20 30 int vlanif 10 ip add 192.168.10.1 24 vrrp vrid 10 virtual-ip 192.168.10.10 vrrp vrid 10 pri 200 int vlanif 20 ip add 192.168.20.1 24 vrrp vrid 20 virtual-ip 192.168.20.10 vrrp vrid 20 pri 200 int vlanif 30 ip add 192.168.30.1 24 vrrp vrid 30 virtual-ip 192.168.30.10 int g0/0/4 p l t p t a vlan 10 20 30 int g0/0/3 p l t p t a vlan 10 int g0/0/5 p l t p t a vlan 20 int g0/0/10 p l t p t a vlan 30 int eth-trunk 1 p l t p t a vlan 10 20 30 qu stp region-configuration region-name sw2 revision-level 1 instance 1 vlan 10 instance 2 vlan 20 instance 3 vlan 30 stp instance 1 root primary stp instance 2 root primary stp instance 3 root sec stp priority 0 ip route-s 0.0.0.0 192.168.10.254 ip route-s 0.0.0.0 192.168.20.254 ip route-s 0.0.0.0 192.168.30.254
sys sys sw3 stp mode mstp int eth-trunk 1 mode lacp max active-linkn 2 lacp preempt enable int g0/0/21 eth-trunk 1 int g0/0/22 eth-trunk 1 int g0/0/23 eth-trunk 1 int g0/0/24 eth-trunk 1 vlan batch 10 20 30 int vlanif 10 ip add 192.168.10.2 24 vrrp vrid 10 virtual-ip 192.168.10.10 int vlanif 20 ip add 192.168.20.2 24 vrrp vrid 20 virtual-ip 192.168.20.10 int vlanif 30 ip add 192.168.30.2 24 vrrp vrid 30 virtual-ip 192.168.30.10 vrrp vrid 30 pri 200 int g0/0/5 p l t p t a vlan 10 20 30 int g0/0/10 p l t p t a vlan 10 int g0/0/6 p l t p t a vlan 20 int g0/0/3 p l t p t a vlan 30 int eth-trunk 1 p l t p t a vlan 10 20 30 qu stp region-configuration region-name sw3 revision-level 1 instance 1 vlan 10 instance 2 vlan 20 instance 3 vlan 30 stp instance 1 root sec stp instance 2 root sec stp instance 3 root primary ip route-s 0.0.0.0 192.168.10.254 ip route-s 0.0.0.0 192.168.20.254 ip route-s 0.0.0.0 192.168.30.254
sw4: sys sys sw4 stp mode mstp vlan batch 10 20 30 int g0/0/3 p l t p t a vlan 10 int g0/0/10 p l t p t a vlan 10 int g0/0/1 p l t p t a vlan 10 20 30 int g0/0/2 p l a p d vlan 10 stp edged-port enable sw5: sys sys sw5 stp mode mstp vlan batch 10 20 30 int g0/0/5 p l t p t a vlan 20 int g0/0/6 p l t p t a vlan 20 int g0/0/1 p l t p t a vlan 10 20 30 int g0/0/2 p l t p t a vlan 10 20 30 int g0/0/3 p l a p d vlan 20 stp edged-port enable sw6: sys sys sw6 stp mode mstp vlan batch 10 20 30 int g0/0/3 p l t p t a vlan 30 int g0/0/10 p l t p t a vlan 30 int g0/0/2 p l t p t a vlan 10 20 30 int g0/0/1 p l a p d vlan 30 stp edged-port enable
下面是较为简单的验证:
以上是对典型园区网络的拓扑规划及其详细配置,可以用到一些实际的网络环境中,在此说明一下我的设计有些缺陷,特别是DHCP那里网关和核心交换机用的是不同IP这是因为VRRP那里的缘故其实也大可不必这样!所以我在后续SW2和SW3中分别加入了上行核心层的默认路由!
关于边缘端口我图省事除了上行链路以外只做了PC对应的端口的边缘端口配置未把除上行端口以外的所有端口做为边缘端口这个配置很简单一个是全局一个是详细端口下配置我就不做过多演示了!
注意一点做VRRP的主备的时候最好把VRRP的master角色与MSTP的主根桥做成同一台交换机这样做的好处是避免链路或者设备出现故障时产生不必要的次优路径!
路由器没有做过多的配置就做了一条默认路由以及配置了地址,也就是为了一个简单的验证而已把它看做外网或者运营商网络就行!
此设计较为简单,但是可以作为一个标准化的园区网络的设计,有学生做网络相关毕业设计或者有人在规划园区网络时可以参考一下,后续我还会在这个拓扑的基础上添加更多的安全以及路由的一些设计进去!
