数通A+实训

博主：远方
发布时间：2021 年 08 月 20 日
1460 次浏览
1 条评论
5834字数
分类：数通中级

批注 2021-08-20 161810.png

ABC公司简介
公司下属两个部门（VLAN11,VLAN12）
ABC公司网络需求
公司的两个部门之间可以互访，可以访问Internet，
ABC公司网络建设要求

一.网络VLAN和IP地址。

二.第二层技术：

VLAN。
Trunk（封装为802.1Q）。
定制STP Root实现负载均衡。
使用Eth-Trunk。
使用MSTP

三.第三层技术：

路由：使用动态或静态路由。
DHCP Server：为所有IP网段分配IP。
使用NAT访问Internet。
用VRRP实现负载均衡和冗余。
VLAN 11 通过 ISP1（6.6.6.6）访问internet。
VLAN 12 通过 ISP2（7.7.7.7）访问internet。

syst
sysn ASW1
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q

user-interf con 0
idle-t 0 0
q

syst
sysn ASW2
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
quser-interf con 0
idle-t 0 0
q

syst
sysn DSW1
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 110q
dhcp enable
ip pool vlan11
network 10.0.11.0 mask 255.255.255.0
gateway-list 10.0.11.254
dns-list 100.100.100.100

MSTP

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 4096
stp instance 2 prio 8192int vlanif 11
ip add 10.0.11.1 24
vrrp vrid 11 virtual-ip 10.0.11.254
vrrp vrid 11 prio 110
dhcp select global
int vlanif 12
ip add 10.0.12.1 24
vrrp vrid 12 virtual-ip 10.0.12.254int vlanif 110
ip add 10.1.1.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q

syst
sysn DSW2
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 120
dhcp enable
ip pool vlan12
network 10.0.12.0 mask 255.255.255.0
gateway-list 10.0.12.254
dns-list 100.100.100.100

MSTP

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 8192
stp instance 2 prio 4096int vlanif 11
ip add 10.0.11.2 24
vrrp vrid 11 virtual-ip 10.0.11.254
int vlanif 12
ip add 10.0.12.2 24
vrrp vrid 12 virtual-ip 10.0.12.254
vrrp vrid 12 prio 110
dhcp select globalint vlanif 120
ip add 10.1.2.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q

CR1

syst
sysn CR1
int g0/0/0
ip add 10.1.1.2 24
int g0/0/1
ip add 10.2.1.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.1.1

CR2

syst
sysn CR2
int g0/0/0
ip add 10.1.2.2 24
int g0/0/1
ip add 10.2.2.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.2.1

syst
sys FW1
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.1.1 24
int g0/0/1
ip add 6.6.6.5 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
return

NAT

sys
nat address-group 1 6.6.6.5 6.6.6.5
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 6.6.6.6ip ttl-expires enable
ip unreachables enabledisplay firewall session table

syst
sys FW2
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.2.1 24
int g0/0/1
ip add 7.7.7.6 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
returnsys
nat address-group 1 7.7.7.6 7.7.7.6
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 7.7.7.7
ip ttl-expires enable
ip unreachables enabledisplay firewall session table

ISP1

syst
sysn ISP1
dhcp enable
int g0/0/0
ip add 5.0.13.1 24
int g0/0/1
ip add 6.6.6.6 24
dhcp select int
bgp 100
peer 5.0.13.3 as-number 300
network 6.6.6.0 255.255.255.0
return

ISP2

syst
sysn ISP2
dhcp enable
int g0/0/0
ip add 5.0.23.2 24
int g0/0/1
ip add 7.7.7.7 24
dhcp select int
bgp 200
peer 5.0.23.3 as-number 300
network 7.7.7.0 255.255.255.0
return

ISP3

syst
sysn ISP3
int g0/0/0
ip add 5.0.13.3 24
int g0/0/1
ip add 100.100.100.1 24
int g0/0/2
ip add 5.0.23.3 24
bgp 300
peer 5.0.13.1 as-number 100
peer 5.0.23.2 as-number 200
network 100.100.100.0 255.255.255.0
returndis ip int br
dis ip rout

最后修改：2024 年 06 月 05 日

如果觉得我的文章对你有用，请随意赞赏

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

评论 *

私密评论

名称 *

🎲

邮箱 *

地址

1 条评论

gmxqkyelmi
January 6th, 2025 at 02:06 pm

哈哈哈，写的太好了https://www.lawjida.com/

回复

数通A+实训

远方 • 2021 年 08 月 20 日

<p><img src="https://www.runyf.cn/usr/uploads/2021/08/3079974723.png" alt="批注 2021-08-20 161810.png" title="批注 2021-08-20 161810.png" style=""><br><div class="tab-container post_tab box-shadow-wrap-lg">
<ul class="nav no-padder b-b scroll-hide" role="tablist">
<li class='nav-item active' role="presentation"><a class='nav-link active' style="" data-toggle="tab" 
aria-controls='tabs-ff7203059750c6f066a95c7c2a756856910' role="tab" data-target='#tabs-ff7203059750c6f066a95c7c2a756856910'>需求</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-5d82edca97feda374806f6ca28877ba4661' role="tab" data-target='#tabs-5d82edca97feda374806f6ca28877ba4661'>ASW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-0ad9c8ed8d82abe09b86f280c13ff545402' role="tab" data-target='#tabs-0ad9c8ed8d82abe09b86f280c13ff545402'>ASW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-028c574c9b0c84364219206d36c8ecc1493' role="tab" data-target='#tabs-028c574c9b0c84364219206d36c8ecc1493'>DSW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-57f060c0848a14983a6632b962828bad364' role="tab" data-target='#tabs-57f060c0848a14983a6632b962828bad364'>DSW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-bbf6490714e5032e16737fd6a5c85e2d285' role="tab" data-target='#tabs-bbf6490714e5032e16737fd6a5c85e2d285'>CR1 CR2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-ac59ddb730e319690d58fbbb6809cceb36' role="tab" data-target='#tabs-ac59ddb730e319690d58fbbb6809cceb36'>FW1</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-ac5a8decc181d614312500883e98dabc227' role="tab" data-target='#tabs-ac5a8decc181d614312500883e98dabc227'>FW2</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" 
aria-controls='tabs-e94746af96c9ea481ec373cdfaf48a17398' role="tab" data-target='#tabs-e94746af96c9ea481ec373cdfaf48a17398'>ISP</a></li>
</ul>
<div class="tab-content no-border">
<div role="tabpanel" id='tabs-ff7203059750c6f066a95c7c2a756856910' class="tab-pane fade active in">
            <br>ABC公司简介<br>公司下属两个部门（VLAN11,VLAN12）<br>ABC公司网络需求<br>公司的两个部门之间可以互访，可以访问Internet，<br>ABC公司网络建设要求</p><h4>一.网络VLAN和IP地址。</h4><h4>二.第二层技术：</h4><ol><li>VLAN。</li><li>Trunk（封装为802.1Q）。</li><li>定制STP Root实现负载均衡。</li><li>使用Eth-Trunk。</li><li>使用MSTP</li></ol><h4>三.第三层技术：</h4><ol><li>路由：使用动态或静态路由。</li><li>DHCP Server：为所有IP网段分配IP。</li><li>使用NAT访问Internet。</li><li>用VRRP实现负载均衡和冗余。</li><li>VLAN 11 通过 ISP1（6.6.6.6）访问internet。<br>VLAN 12 通过 ISP2（7.7.7.7）访问internet。</li></ol><p></div><div role="tabpanel" id='tabs-5d82edca97feda374806f6ca28877ba4661' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn ASW1
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12

stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q

user-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-0ad9c8ed8d82abe09b86f280c13ff545402' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn ASW2
vlan ba 11 12
int ether 0/0/1
port link-ty tr
port trunk all vlan all
int ether 0/0/2
port link-ty tr
port trunk all vlan all
int ether 0/0/11
port link-ty acce
port default vlan 11
int ether 0/0/12
port link-ty acce
port default vlan 12stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-028c574c9b0c84364219206d36c8ecc1493' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn DSW1
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 110q
dhcp enable
ip pool vlan11
network 10.0.11.0 mask 255.255.255.0
gateway-list 10.0.11.254
dns-list 100.100.100.100</code></pre><h4>MSTP</h4><pre><code class="lang-shell">stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 4096
stp instance 2 prio 8192int vlanif 11
ip add 10.0.11.1 24
vrrp vrid 11 virtual-ip 10.0.11.254
vrrp vrid 11 prio 110
dhcp select global
int vlanif 12
ip add 10.0.12.1 24
vrrp vrid 12 virtual-ip 10.0.12.254int vlanif 110
ip add 10.1.1.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-57f060c0848a14983a6632b962828bad364' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sysn DSW2
vlan ba 11 12 110 120
int eth-trunk 1
port link-ty tr
port trunk all vlan all
int g0/0/1
eth-trunk 1
int g0/0/2
eth-trunk 1
int g0/0/3
port link-ty tr
port trunk all vlan all
int g0/0/4
port link-ty tr
port trunk all vlan all
int g0/0/10
port link-ty access
port default vlan 120
dhcp enable
ip pool vlan12
network 10.0.12.0 mask 255.255.255.0
gateway-list 10.0.12.254
dns-list 100.100.100.100</code></pre><h4>MSTP</h4><pre><code class="lang-shell">stp enable
stp mode mstp
stp region-c
region-name yh
revision-l 1
instance 1 vlan 11
instance 2 vlan 12
active region-c
q
stp instance 1 prio 8192
stp instance 2 prio 4096int vlanif 11
ip add 10.0.11.2 24
vrrp vrid 11 virtual-ip 10.0.11.254
int vlanif 12
ip add 10.0.12.2 24
vrrp vrid 12 virtual-ip 10.0.12.254
vrrp vrid 12 prio 110
dhcp select globalint vlanif 120
ip add 10.1.2.1 24ospf 1
ar 0
net 10.0.0.0 0.255.255.255
quser-interf con 0
idle-t 0 0
q</code></pre><p></div><div role="tabpanel" id='tabs-bbf6490714e5032e16737fd6a5c85e2d285' class="tab-pane fade  ">
            </p><h4>CR1</h4><pre><code class="lang-shell">syst
sysn CR1
int g0/0/0
ip add 10.1.1.2 24
int g0/0/1
ip add 10.2.1.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.1.1</code></pre><h4>CR2</h4><pre><code class="lang-shell">syst
sysn CR2
int g0/0/0
ip add 10.1.2.2 24
int g0/0/1
ip add 10.2.2.2 24ospf 1
area 0
net 10.0.0.0 0.255.255.255
default-route-advertise type 1
quitip route-s 0.0.0.0 0 10.2.2.1</code></pre><p></div><div role="tabpanel" id='tabs-ac59ddb730e319690d58fbbb6809cceb36' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sys FW1
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.1.1 24
int g0/0/1
ip add 6.6.6.5 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
return</code></pre><h4>NAT</h4><pre><code class="lang-shell">sys
nat address-group 1 6.6.6.5 6.6.6.5
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 6.6.6.6ip ttl-expires enable
ip unreachables enabledisplay firewall session table</code></pre><p></div><div role="tabpanel" id='tabs-ac5a8decc181d614312500883e98dabc227' class="tab-pane fade  ">
            </p><pre><code class="lang-shell">syst
sys FW2
firewall zone untrust
add int g0/0/1
returnsyst
int g0/0/0
ip add 10.2.2.1 24
int g0/0/1
ip add 7.7.7.6 24
returnsys
policy interzone trust untrust outbound
policy 1
action permit
returnsys
nat address-group 1 7.7.7.6 7.7.7.6
nat-policy interzone  trust  untrust outbound
policy 1
action source-nat
address-group 1
returnsys
ospf 1
area 0
net 10.0.0.0 0.255.255.255ip route-s 0.0.0.0 0 7.7.7.7
ip ttl-expires enable
ip unreachables enabledisplay firewall session table</code></pre><p></div><div role="tabpanel" id='tabs-e94746af96c9ea481ec373cdfaf48a17398' class="tab-pane fade  ">
            </p><h4>ISP1</h4><pre><code class="lang-shell">syst
sysn ISP1
dhcp enable
int g0/0/0
ip add 5.0.13.1 24
int g0/0/1
ip add 6.6.6.6 24
dhcp select int
bgp 100
peer 5.0.13.3 as-number 300
network 6.6.6.0 255.255.255.0
return</code></pre><h4>ISP2</h4><pre><code class="lang-shell">syst
sysn ISP2
dhcp enable
int g0/0/0
ip add 5.0.23.2 24
int g0/0/1
ip add 7.7.7.7 24
dhcp select int
bgp 200
peer 5.0.23.3 as-number 300
network 7.7.7.0 255.255.255.0
return</code></pre><h4>ISP3</h4><pre><code class="lang-shell">syst
sysn ISP3
int g0/0/0
ip add 5.0.13.3 24
int g0/0/1
ip add 100.100.100.1 24
int g0/0/2
ip add 5.0.23.3 24
bgp 300
peer 5.0.13.1 as-number 100
peer 5.0.23.2 as-number 200
network 100.100.100.0 255.255.255.0
returndis ip int br
dis ip rout</code></pre><p></div>
</div>
</div></p>

数通A+实训

一.网络VLAN和IP地址。

二.第二层技术：

三.第三层技术：

MSTP

MSTP

CR1

CR2

NAT

ISP1

ISP2

ISP3

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

1 条评论

ZXV10 B860AV3.2-M机顶盒刷armbian教程

给360t7路由器刷OpenWrt，130元左右的路由器价格体验如何

使用bat批处理快速切换网卡配置脚本

IC847 PLUS主板使用体验记录

ELK安装教程

数通A+实训

使用bat批处理语言实时ping监控主机

iStoreOS中搭建wg-easy教程实现异地组网

bat批处理语言转exe

迪普交换机自动登录后台免输入验证码账户密码

数通A+实训

一.网络VLAN和IP地址。

二.第二层技术：

三.第三层技术：

MSTP

MSTP

CR1

CR2

NAT

ISP1

ISP2

ISP3

发表评论 取消回复 使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

1 条评论

数通A+实训

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款