云计算HCIP园区网作业

拓扑图:

需求：

需求分析：

1.进行VLAN和IP的地址规划，创建VLAN，配置各接口的IP                                      

 2.生成树配置:LSW1:VLAN2/3的根桥，VLAN20/30的备份，LSW2:VLAN20/30的根桥，VLAN2/3的备份                                                                                                                                                

3.网关冗余:VLAN2/3:LSW1为master,LSW2为backup,VLAN20/30:LSW2为master,LSW1backup  

 4.使用ospf协议进行配置                                                                                                                  

 5.访问外网，设置缺省路由，源NAT

配置：

先进行链路聚合

LSW1

interface Eth-Trunk 1
mode lacp-static
trunkport GigabitEthernet 0/0/1 to 0/0/2
port trunk allow-pass vlan 2 3 20 30
system-viewvlan batch 2 3 20 30
interface GigabitEthernet  0/0/3
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
interface GigabitEthernet  0/0/4
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
lacp priority 100

LSW2

interface Eth-Trunk 1
mode lacp-static
trunkport GigabitEthernet 0/0/1 to 0/0/2
port trunk allow-pass vlan 2 3 20 30
system-viewvlan batch 2 3 20 30
interface GigabitEthernet  0/0/3
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
interface GigabitEthernet  0/0/4
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
lacp priority 200

再配置vlan

LSW3

system-view
vlan batch 2 3 20 30
interface GigabitEthernet  0/0/1
port link-type access
port default vlan 2 
q
interface GigabitEthernet  0/0/2
port link-type access
port default vlan 3

interface GigabitEthernet  0/0/3
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
q
interface GigabitEthernet  0/0/4
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30

stp enable
stp mode mstp
[sw3]stp region-configuration 
[sw3-mst-region]region-name aa 
[sw3-mst-region]revision-level 100  
[sw-3mst-region]instance 1 vlan 2 3 
[sw3-mst-region]instance 2 vlan 20 30
[sw3-mst-region]active region-configuration  

LSW4

system-view
vlan batch 2 3 20 30
interface GigabitEthernet  0/0/1
port link-type access
port default vlan 20 
q
interface GigabitEthernet  0/0/2
port link-type access
port default vlan 30

interface GigabitEthernet  0/0/3
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30
q
interface GigabitEthernet  0/0/4
port link-type trunk 
port trunk allow-pass vlan 2 3 20 30

stp enable
stp mode mstp
[sw4]stp region-configuration 
[sw4-mst-region]region-name aa 
[sw4-mst-region]revision-level 100 
[sw-4mst-region]instance 1 vlan 2 3 
[sw4-mst-region]instance 2 vlan 20 30
[sw4-mst-region]active region-configuration 

LSW1

stp enable
stp mode mstp
[sw1]stp region-configuration
[sw1-mst-region]region-name aa  
[sw1-mst-region]revision-level 100 
[sw-4mst-region]instance 1 vlan 2 3  
[sw1-mst-region]instance 2 vlan 20 30
[sw1-mst-region]active region-configuration

[sw1]stp region-configuration
[sw1-mst-region]region-name aa
[sw1-mst-region]revision-level 100
[sw-1mst-region]instance 1 vlan 2 3
[sw1-mst-region]instance 2 vlan 20 30
[sw1-mst-region]active region-configuration
[sw1]stp instance 1 root primary
[sw1]stp instance 2 root secondary

LSW2

stp enable
stp mode mstp
[sw2]stp instance 2 root primary
[sw2]stp instance 1 root secondary

配置vlanif

LSW1

interface Vlanif 2
ip address 10.0.2.1 255.255.255.0
vrrp vrid 1 virtual-ip 10.0.0.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
interface Vlanif 3
ip address 10.0.3.1 255.255.255.0
vrrp vrid 1 virtual-ip 10.0.0.254
vrrp vrid 1 priority 120 
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

LSW2

interface Vlanif 20
ip address 10.0.20.2 24
vrrp vrid 1 virtual-ip 10.0.20.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
ip address 10.0.30.2 24
vrrp vrid 1 virtual-ip 10.0.30.254
vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

vrrp vrid 1 preempt-mode timer delay 20
vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

interface Vlanif 2
ip address 10.0.2.1 24
vrrp vrid 1 virtual-ip 10.0.2.254
q
interface Vlanif 3
ip address 10.0.3.1 24
vrrp vrid 1 virtual-ip 10.0.3.254

配置dhcp和ospf

LSW1

dhcp enable
ip policy-based-route
ip pool vlan2
network 10.0.2.0 mask 24
gateway-list 10.0.2.254
dns-list 8.8.8.8

vlan 11
q
interface GigabitEthernet 0/0/5
port link-type access
port default vlan 11
q
interface Vlanif 11
ip address 10.0.11.1 30

ospf 1
area 0
network 10.0.2.1 0.0.0.0
network 10.0.3.1 0.0.0.0
network 10.0.11.1 0.0.0.0
network 10.0.20.1 0.0.0.0
network 10.0.30.1 0.0.0.0

LSW2

dhcp enable
ip policy-based-route
ip pool vlan2
network 10.0.2.0 mask 24
gateway-list 10.0.2.254
dns-list 8.8.8.8
excluded-ip-address 10.0.2.3 10.0.2.128

vlan 12
q
interface GigabitEthernet 0/0/5
port link-type access
port default vlan 12
q
interface Vlanif 12
ip address 10.0.12.1 30

AR1

Iinterface GigabitEthernet 0/0/1
ip address 10.0.11.2 30
q
int g 0/0/2
ip address 10.0.12.2 30

ospf 1
area 0
network 10.0.11.2 0.0.0.0
network 10.0.12.2 0.0.0.0
network 10.0.11.1 0.0.0.0

配置AR1ip

interface GigabitEthernet 0/0/0
ip address 202.1.1.1 30
q
interface GigabitEthernet 0/0/1
ip address 10.0.0.1 30
q
interface GigabitEthernet 0/0/2
ip address 10.0.0.4 30
q

interface LoopBack 0
ip address 100.100.100.100 32

interface GigabitEthernet 0/0/0
ip address 202.1.1.1 30
q

acl 2000
rule permit source 10.0.0.0 0.0.255.255 
interface GigabitEthernet 0/0/0
nat outbound 2000

通过pc2去ping ISP