eNSP HCIP-Datacom 园区综合实验（上）

→b站传送门，感谢大佬←

→eNSP HCIP-Datacom 园区综合实验（中）←

→eNSP HCIP-Datacom 园区综合实验（下）←

某公司总部有ABC三部门，规划如图所示：
1.部署生成树协议放环，部门A为公司重要部门，部门vlan 10内的主机不能互相通信，不能访问外网。
1.1 在总部部署高权限的无线网络（直接转发模式），既可访问外网也可访问公司分部。
2.部署mstp+vrrp协议做网关冗余，ABC的部门有线默认走SW1，部门的无线走SW2，实现负载备份效果，充分利用。
3.vrrp联动bfd，实现对链路的监控。
4.所有部门的ip地址均由dhcp服务器分配。
5.汇聚设备部署链路聚合做链路冗余。
6.igp协议总部部署ospf，分部部署isis。
7.部署mpls vpn实现总部的三个部门的终端和分部通信。
8.经nat转换正常访问互联网。
9.分部做vlan聚合vlan10 20 用同一个地址作为网关。
10.分部vlan 30 40 200使用mux-vlan技术，实现vlan30不互通，vlan40互通，并能够与vlan200通信。
11.分部实现组播的简单部署，使到分部的部门都能使用组播应用。

配置vlan、链路聚合

SW3~5
其中连接终端的端口配置为边缘端口

#
vlan batch 10 20 30 100 to 101 111
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 10 
 stp edged-port enable
#
interface Ethernet0/0/4
 port link-type access
 port default vlan 10
 stp edged-port enable
#
interface Ethernet0/0/5
 port link-type trunk
 port trunk pvid vlan 111
 port trunk allow-pass vlan 2 to 4094
#

SW1、SW2

#
vlan batch 10 20 30 100 to 101 111
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#

//链路聚合
[SW1]int Eth-Trunk 1
[SW1-Eth-Trunk1]mode lacp-static 
[SW1-Eth-Trunk1]trunkport g 0/0/4 to 0/0/5

SW1

interface GigabitEthernet0/0/7
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#

配置mstp

SW1~5

#
stp region-configuration
 region-name region1
 instance 10 vlan 10 20 30
 instance 20 vlan 100 to 101
 active region-configuration
#

SW1作为instance10的根桥，instance20的备份根桥

[SW1]stp instance 10 root primary 
[SW1]stp instance 20 root secondary 

SW2作为instance20的根桥，instance10的备份根桥

[Huawei]stp instance 20 root primary 
[Huawei]stp instance 10 root secondary 

配置vrrp

SW1

interface Vlanif10
 ip address 192.168.1.1 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.1.254
 vrrp vrid 10 priority 120
#
interface Vlanif20
 ip address 192.168.2.1 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.2.254
 vrrp vrid 20 priority 120
#
interface Vlanif30
 ip address 192.168.3.1 255.255.255.0
 vrrp vrid 30 virtual-ip 192.168.3.254
 vrrp vrid 30 priority 120
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.0
 vrrp vrid 100 virtual-ip 192.168.100.254
#
interface Vlanif101
 ip address 192.168.101.1 255.255.255.0
 vrrp vrid 101 virtual-ip 192.168.101.254
#

SW2

interface Vlanif10
 ip address 192.168.1.2 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.1.254
#
interface Vlanif20
 ip address 192.168.2.2 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.2.254
#
interface Vlanif30
 ip address 192.168.3.2 255.255.255.0
 vrrp vrid 30 virtual-ip 192.168.3.254
#
interface Vlanif100
 ip address 192.168.100.2 255.255.255.0
 vrrp vrid 100 virtual-ip 192.168.100.254
 vrrp vrid 100 priority 120
#
interface Vlanif101
 ip address 192.168.101.1 255.255.255.0
 vrrp vrid 101 virtual-ip 192.168.101.254
 vrrp vrid 101 priority 120
#

配置三层端口

SW1

[SW1]vlan 13

#
interface Vlanif13
 ip address 10.1.13.1 255.255.255.0
#
interface GigabitEthernet0/0/6
 port link-type access
 port default vlan 13
#

SW2

[SW2]vlan 24
在这里插入代码片

#
interface Vlanif24
 ip address 10.1.24.2 255.255.255.0
#
interface GigabitEthernet0/0/6
 port link-type access
 port default vlan 24
#

AR3

#
interface GigabitEthernet0/0/0
 ip address 10.1.13.3 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 10.1.34.3 255.255.255.0 
#
interface GigabitEthernet4/0/0
 ip address 10.1.123.3 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 10.1.35.3 255.255.255.0 
#

AR4

#
interface GigabitEthernet0/0/0
 ip address 10.1.24.4 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 10.1.34.4 255.255.255.0 
#
interface GigabitEthernet4/0/0
 ip address 10.1.123.4 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 10.1.45.4 255.255.255.0 
#

DHCP-AR7

#
interface GigabitEthernet0/0/0
 ip address 10.1.123.7 255.255.255.0 
#

OSPF

SW1、SW2、AR3、AR4、DHCP-AR7

#
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  network 0.0.0.0 255.255.255.255
#

DHCP

[DHCP]dhcp en

#
ip pool vlan10
 gateway-list 192.168.1.254 
 network 192.168.1.0 mask 255.255.255.0 
 excluded-ip-address 192.168.1.3 192.168.1.4 
#
ip pool vlan20
 gateway-list 192.168.2.254 
 network 192.168.2.0 mask 255.255.255.0 
 excluded-ip-address 192.168.2.3 192.168.2.4 
#
ip pool vlan30
 gateway-list 192.168.3.254 
 network 192.168.3.0 mask 255.255.255.0 
 excluded-ip-address 192.168.3.3 192.168.3.4 
#
ip pool vlan100
 gateway-list 192.168.100.254 
 network 192.168.100.0 mask 255.255.255.0 
 excluded-ip-address 192.168.100.3 192.168.100.4 
#
ip pool vlan101
 gateway-list 192.168.101.254 
 network 192.168.101.0 mask 255.255.255.0 
 excluded-ip-address 192.168.101.3 192.168.101.4 
#
ip pool vlan111
 network 192.168.111.0 mask 255.255.255.0 
 excluded-ip-address 192.168.111.254 
#

[DHCP-GigabitEthernet0/0/0]dh select global

配置dhcp中继

AR3、AR4

[AR3]dh en
[AR3-GigabitEthernet0/0/0]dhcp select relay 
[AR3-GigabitEthernet0/0/0]dh relay server-ip 10.1.123.7

SW1、SW2
（作为backup的设备不响应dhcp请求！）

[SW1]dh en
[SW1-Vlanif10]dhcp select relay 
[SW1-Vlanif10]dh relay server-ip 10.1.123.7
[SW1-Vlanif20] dhcp select relay
[SW1-Vlanif20] dhcp relay server-ip 10.1.123.7
[SW1-Vlanif30] dhcp select relay
[SW1-Vlanif30] dhcp relay server-ip 10.1.123.7
[SW1-Vlanif30]int vlan 100
[SW1-Vlanif100]dhcp select relay
[SW1-Vlanif100]dhcp relay server-ip 10.1.123.7
[SW1-Vlanif100]int vlan 101
[SW1-Vlanif101]dhcp select relay
[SW1-Vlanif101]dhcp relay server-ip 10.1.123.7

BFD

SW1 ↔ AR3

SW1

[SW1]bfd
[SW1]bfd 1 bind peer-ip 10.1.13.3 source-ip 10.1.13.1 auto 

[SW1-Vlanif10]vrrp vrid 10 track bfd-session session-name 1 reduced 50

AR3

[AR3]bfd
[AR3]bfd 1 bind peer-ip 10.1.13.1 source-ip 10.1.13.3 auto 

SW2 ↔ AR4

SW2

[SW2]bfd
[SW2]bfd 2 bind peer-ip 10.1.24.4 source-ip 10.1.24.2 auto

AR4

[AR2]bfd
[AR2]bfd 2 bind peer-ip 10.1.24.2 source-ip 10.1.24.4 auto