题目
根据上图,可得需求为:
1.配置交换机上的VLAN及IP地址。
2.设置SW1为VLAN 2/3的主根桥,设置SW2为VLAN 20/30的主根桥,且两台交换机互为主备。
3.可以使用super vlan。
4.上层通过静态路由协议完成数据通信过程。
5.AR1作为企业出口路由器。
6.要求全网可达。
根据要求搭建拓扑图:
步骤一:在交换机上建立VLAN并分配接口到相应的VLAN与IP地址:
LSW1:
<Huawei> system-view
[Huawei] sysname LSW1
[LSW1] vlan batch 2 to 3
[LSW1] interface vlanif 2
[LSW1-Vlanif2] ip address 10.0.2.8 24
[LSW1-Vlanif2] quit
[LSW1] interface vlanif 3
[LSW1-Vlanif3] ip address 10.0.3.8 24
[LSW1-Vlanif3] quit
[LSW1] interface GigabitEthernet 0/0/1
[LSW1-GigabitEthernet0/0/1] port link-type access
[LSW1-GigabitEthernet0/0/1] port default vlan 2
[LSW1-GigabitEthernet0/0/1] quit
[LSW1] interface GigabitEthernet 0/0/2
[LSW1-GigabitEthernet0/0/2] port link-type access
[LSW1-GigabitEthernet0/0/2] port default vlan 3
[LSW1-GigabitEthernet0/0/2] quit
LSW2:
<Huawei> system-view
[Huawei] sysname LSW2
[LSW2] vlan batch 20 to 30
[LSW2] interface vlanif 20
[LSW2-Vlanif20] ip address 10.0.20.8 24
[LSW2-Vlanif20] quit
[LSW2] interface vlanif 30
[LSW2-Vlanif30] ip address 10.0.30.8 24
[LSW2-Vlanif30] quit
[LSW2] interface GigabitEthernet 0/0/1
[LSW2-GigabitEthernet0/0/1] port link-type access
[LSW2-GigabitEthernet0/0/1] port default vlan 20
[LSW2-GigabitEthernet0/0/1] quit
[LSW2] interface GigabitEthernet 0/0/2
[LSW2-GigabitEthernet0/0/2] port link-type access
[LSW2-GigabitEthernet0/0/2] port default vlan 30
[LSW2-GigabitEthernet0/0/2] quit
分别为PC1 2 3 4分配IP地址
以PC1为例:
IP地址:10.0.2.2
子网掩码:255.255.255.0
默认网关:10.0.2.8
步骤二:配置STP
配置STP来确保交换机之间的冗余路径不会产生环路,并且配置主备关系
LSW1:
[LSW1] stp enable
[LSW1] stp mode stp
[LSW1] stp instance 0
[LSW1-stp-0] stp root primary
[LSW1-stp-0] stp priority 0
[LSW1-stp-0] quit
[LSW1] stp instance 1
[LSW1-stp-1] stp root primary
[LSW1-stp-1] stp priority 4096
[LSW1-stp-1] quit
LWS2:
[LSW2] stp enable
[LSW2] stp mode stp
[LSW2] stp instance 0
[LSW2-stp-0] stp root secondary
[LSW2-stp-0] stp priority 8192
[LSW2-stp-0] quit
[LSW2] stp instance 2
[LSW2-stp-2] stp root primary
[LSW2-stp-2] stp priority 0
[LSW2-stp-2] quit
[LSW2] stp instance 3
[LSW2-stp-3] stp root primary
[LSW2-stp-3] stp priority 4096
[LSW2-stp-3] quit
在LSW1上配置两个STP实例,实例0对应VLAN 2,实例1对应VLAN 3。 stp root primary 命令将LSW1配置为主根桥, stp priority 设置优先级,较低的优先级意味着较高的选举优先级。
在LSW2上配置两个STP实例,实例0对应VLAN 20,实例2对应VLAN 30。 stp root secondary 命令将LSW2配置为VLAN 20的备份根桥,而 stp root primary 将LSW2配置为VLAN 30的主根桥。
步骤三:super vlan
在LSW1上为VLAN 2和VLAN 3定义Super VLAN,并在LSW2上为VLAN 20和VLAN 30定义Super VLAN。
LSW1:
[LSW1] vlan 100 # 创建Super VLAN 100
[LSW1-vlan100] super vlan
[LSW1-vlan100] subvlan 2 3 # 将VLAN 2和VLAN 3作为子VLAN添加到Super VLAN 100
[LSW1-vlan100] quit
[LSW1] interface vlanif 100
[LSW1-Vlanif100] ip address 10.0.2.8 24 # 配置Super VLAN的IP地址作为网关
[LSW1-Vlanif100] quit
LSW2:
[LSW2] vlan 200 # 创建Super VLAN 200
[LSW2-vlan200] super vlan
[LSW2-vlan200] subvlan 20 30 # 将VLAN 20和VLAN 30作为子VLAN添加到Super VLAN 200
[LSW2-vlan200] quit
[LSW2] interface vlanif 200
[LSW2-Vlanif200] ip address 10.0.20.8 24 # 配置Super VLAN的IP地址作为网关
[LSW2-Vlanif200] quit
步骤四:上层通过静态路由协议完成数据通信过程
AR1:
[AR1] ip route-static 10.0.2.0 24 10.0.0.1 # 配置到LSW1的Super VLAN 100的静态路由
[AR1] ip route-static 10.0.20.0 24 10.0.0.5 # 配置到LSW2的Super VLAN 200的静态路由
LSW1:
[LSW1] ip route-static 0.0.0.0 0 10.0.0.2
LSW2:
[LSW2] ip route-static 0.0.0.0 0 10.0.0.6
步骤五:AR1为企业出口路由器
AR1:
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 202.1.1.1 30
[AR1] ip route - static 0.0.0.0 0.0.0.0 202.1.1.2
在AR1上配置VLAN子接口以VLAN2为例
[AR1] interface GigabitEthernet 0/0/0.2
[AR1 - GigabitEthernet0/0/0.2] dot1q termination vid 2
[AR1 - GigabitEthernet0/0/0.2] ip address 10.0.2.1 24
[AR1 - GigabitEthernet0/0/0.2] arp broadcast enable
配置NAT:
[AR1] acl number 2000
[AR1 - acl - basic - 2000] rule permit source 10.0.0.0 0.0.255.255
[AR1] interface GigabitEthernet 0/0/1
[AR1 - GigabitEthernet0/0/1] nat outbound 2000
配置OSPF:
[AR1] ospf 1
[AR1 - ospf - 1] area 0
[AR1 - ospf - 1 - area - 0] network 10.0.2.0 0.0.0.255
[AR1 - ospf - 1 - area - 0] network 10.0.3.0 0.0.0.255
[AR1 - ospf - 1 - area - 0] network 10.0.20.0 0.0.0.255
[AR1 - ospf - 1 - area - 0] network 10.0.30.0 0.0.0.255
