MSTP、VRRP实验

最新推荐文章于 2025-03-12 21:46:35 发布

-.R.-

最新推荐文章于 2025-03-12 21:46:35 发布

阅读量798

点赞数 1

本文链接：https://blog.youkuaiyun.com/weixin_46840928/article/details/117324962

版权

本文详细描述了在LSW14-17交换机上创建VLAN，配置干道接口，设置三层接口IP，配置默认路由，关联VLAN实例，以及AR3和AR4路由器的静态路由转换和OSPF配置。涉及MSTP优先级调整、VRRP热备和NAT/PPPOE拨号。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

在这里插入图片描述

1：所有交换机上创建 VLAN（LSW14,15.16.17)
vlan batch 2 to 7
2：所有交换机与交换机接口做干道

LSW14

interface Eth-Trunk1 
trunkport g0/0/23 
trunkport g0/0/24 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094# 
interface GigabitEthernet0/0/1 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
# 
interface GigabitEthernet0/0/2 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1

LSW14 创建三层接口 IP 地址

interface Vlanif2 
ip address 192.168.2.252 255.255.255.0 
# 
interface Vlanif3 
ip address 192.168.3.252 255.255.255.0 
# 
interface Vlanif4 
ip address 192.168.4.252 255.255.255.0 
# 
interface Vlanif5 
ip address 192.168.5.252 255.255.255.0 
# 
interface Vlanif6 
ip address 192.168.6.252 255.255.255.0 
# 
interface Vlanif7 
ip address 192.168.7.252 255.255.255.0 
# 
interface GigabitEthernet0/0/22 
port link-type access 
port default vlan 2 
#

创建默认路由

ip route-static 0.0.0.0 0.0.0.0 192.168.2.1

创建 VLAN 与实例相关联，创建二个实例及激活

stp region-configuration 
region-name HW 
instance 1 vlan 2 to 4 
instance 2 vlan 5 to 7active region-configuration

LSW15 交换机

interface Eth-Trunk1 
trunkport g0/0/23 
trunkport g0/0/24 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
# 
interface GigabitEthernet0/0/1 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
# 
interface GigabitEthernet0/0/2 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1

LSW15 创建三层接口 IP 地址

interface Vlanif2 
ip address 192.168.2.253 255.255.255.0 
# 
interface Vlanif3 
ip address 192.168.3.253 255.255.255.0 
# 
interface Vlanif4 
ip address 192.168.4.253 255.255.255.0 
# 
interface Vlanif5 
ip address 192.168.5.253 255.255.255.0 
# 
interface Vlanif6 
ip address 192.168.6.253 255.255.255.0 
# 
interface Vlanif7 
ip address 192.168.7.253 255.255.255.0 
//把路由器与交换机连接端口划分 VLAN7 
interface GigabitEthernet0/0/22 
port link-type access 
port default vlan7 
#

创建默认路由

ip route-static 0.0.0.0 0.0.0.0 192.168.7.1

创建 VLAN 与实例相关联

stp region-configuration 
region-name HW 
instance 1 vlan 2 to 4 
instance 2 vlan 5 to 7 
active region-configuration

修改 MSTP 优先级

stp instance 1 priority 8192 
stp instance 2 priority 4096

LSW16 交换机
创建 VLAN

vlan batch 2 to 7

端口划分相关 VLAN 及启用边缘端口

interface GigabitEthernet0/0/1 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
# 
interface GigabitEthernet0/0/2 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
interface Ethernet0/0/1 
port link-type access 
port default vlan 3 
stp edged-port enable 
#interface Ethernet0/0/2 
port link-type access 
port default vlan 4 
stp edged-port enable 
# 
stp bpdu-protection 
# 
stp region-configuration 
region-name HW 
instance 1 vlan 2 to 4 
instance 2 vlan 5 to 7 
active region-configuration

LSW17 交换机
创建 VLAN

vlan batch 2 to 7

端口划分相关 VLAN 及启用边缘端口

在这里插入代码片interface GigabitEthernet0/0/1 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
# 
interface GigabitEthernet0/0/2 
port link-type trunk 
port trunk allow-pass vlan 2 to 4094 
undo port trunk allow-pass vlan 1 
interface Ethernet0/0/1 
port link-type access 
port default vlan 5 
stp edged-port enable 
# 
interface Ethernet0/0/2 
port link-type access 
port default vlan 6 
stp edged-port enable 
# 
stp bpdu-protection 
# 
stp region-configuration 
region-name HW 
instance 1 vlan 2 to 4 
instance 2 vlan 5 to 7
active region-configuration

AR3

interface GigabitEthernet0/0/0 
ip address 192.168.2.1 255.255.255.0 
# 
interface LoopBack0 
ip address 3.3.3.3 255.255.255.0 
# 
ip route-static 192.168.3.0 255.255.255.0 192.168.2.252 
ip route-static 192.168.4.0 255.255.255.0 192.168.2.252 
ip route-static 192.168.5.0 255.255.255.0 192.168.2.252 
ip route-static 192.168.6.0 255.255.255.0 192.168.2.252

AR4

interface GigabitEthernet0/0/0 
ip address 192.168.7.1 255.255.255.0 
interface LoopBack0 
ip address 4.4.4.4 255.255.255.255 
# 
ip route-static 192.168.3.0 255.255.255.0 192.168.7.253 
ip route-static 192.168.4.0 255.255.255.0 192.168.7.253 
ip route-static 192.168.5.0 255.255.255.0 192.168.7.253 
ip route-static 192.168.6.0 255.255.255.0 192.168.7.253 
#

测试
1.PC 相互 PING 抓数据包走向
在这里插入图片描述
2： dis stp instance 1 brief ||2 在四台交换机上查询信息确认下角色及状态

把静态路由改为动态路由方式
删除静态路由
AR3
[AR3]undo ip route-static all
AR4
[AR4]undo ip route-static all
LSW114
[lsw14]undo ip route-static all
LSW15
[lsw15]undo ip route-static all

启用 ospf 路由
AR3

[AR3]ospf router-id 3.3.3.3 
[AR3-ospf-1]area 0 
[AR3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0 
[AR3-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255

AR4

[AR4]ospf router-id 4.4.4.4 
[AR4-ospf-1]area 0 
[AR4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0 
[AR4-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255

LSW14

[lsw14]inter l0 
[lsw14-LoopBack0]ip add 1.1.1.1 32 
[lsw14-LoopBack0]quit 
[lsw14]ospf router-id 1.1.1.1 
[lsw14-ospf-1]area 0 
[lsw14-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0 
[lsw14-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255 
[lsw14-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255 
[lsw14-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255

LSW15

[lsw15]inter l0 
[lsw15-LoopBack0]ip add 2.2.2.2 32 
[lsw15-LoopBack0]quit 
[lsw15]ospf router-id 2.2.2.2 
[lsw15-ospf-1]area 0 
[lsw15-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0 
[lsw15-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255 
[lsw15-ospf-1-area-0.0.0.0]network 192.168.6.0 0.0.0.255 
[lsw15-ospf-1-area-0.0.0.0]network 192.168.7.0 0.0.0.255

VRRP 热备协议（LSW14-15)

[lsw14]inter vlan 3 
[lsw14-Vlanif3]vrrp vrid 3 virtual-ip 192.168.3.254 
[lsw14-Vlanif3]vrrp vrid 3 priority 150 
[lsw14-Vlanif3]vrrp vrid 3 track inter g0/0/22 reduced 60 
[lsw14]inter vlan4 
[lsw14-Vlanif4]vrrp vrid 4 virtual-ip 192.168.4.254 
[lsw14-Vlanif4]vrrp vrid 4 priority 150 
[lsw14-Vlanif4]vrrp vrid 4 track inter g0/0/22 reduced 60 
[lsw14]inter vlan5 
[lsw14-Vlanif5]vrrp vrid 5 virtual-ip 192.168.5.254 
[lsw14]inter vlan6 
[lsw14-Vlanif6]vrrp vrid 6 virtual-ip 192.168.6.254

[lsw15]inter vlan 3 
[lsw15-Vlanif3]vrrp vrid 3 virtual-ip 192.168.3.254 
[lsw15]inter vlan4 
[lsw15-Vlanif4]vrrp vrid4 virtual-ip 192.168.4.254 
[lsw15]inter vlan5 
[lsw15-Vlanif5]vrrp vrid5 virtual-ip 192.168.5.254 
[lsw15-Vlanif5]vrrp vrid5 priority 150 
[lsw15-Vlanif5]vrrp vrid5 track inter g0/0/22 reduced 60 
[lsw15]inter vlan6 
[lsw15-Vlanif6]vrrp vrid6 virtual-ip 192.168.6.254 
[lsw15-Vlanif6]vrrp vrid6 priority 150 
[lsw15-Vlanif6]vrrp vrid6 track inter g0/0/22 reduced 60

查询三层虚拟网关 (确认状态 state master/backup)
在这里插入图片描述

LSW15

所有 PC 终端统一修改网关 254

PC5 ping 3.3.3.3 不通正常
在这里插入图片描述

VRRP 测试 AR3 上关闭 inter g0/0/0 关闭，进行测试

[AR3]int g0/0/0
[AR3-GigabitEthernet0/0/0]shutdown

在这里插入图片描述
LSW15
192.168.3.0 192.168.4.0 宣告进入 OSPF

PC3 ping 测试 4.4.4.4

LSW14
192.168.5.0 192.168.6.0 宣告进入 ospf

重新开启 AR3 inter g0/0/0 端口

[AR3]int g0/0/0
[AR3-GigabitEthernet0/0/0]undo shutdown

PC3 测试 ping 3.3.3.3 4.4.4.4
在这里插入图片描述
PC5 测试ping 3.3.3.3 4.4.4.4

NAT 及 PPPOE 拨号认证方式为 CHAP
AR4 （internet）

[AR4inter]inter g0/0/0 
[AR4inter-GigabitEthernet0/0/0]ip add 134.1.1.5 29 
[AR4inter-GigabitEthernet0/0/0]quit 
[AR4inter]inter l0 
[AR4inter-LoopBack0]ip add 222.222.222.222 32 
[AR4inter-LoopBack0]quit 
[AR4inter]aaa 
[AR4inter-aaa]local-user hw password cipher hw@123.com //配置PPPOE客户的用户名和密码
[AR4inter-aaa]local-user hw service-type ppp //配置用户的接入类型为PPP
[AR4inter-aaa]quit 
[AR4inter]ip pool inter 
[AR4inter-ip-pool-inter]network 144.1.1.0 mask 24 
[AR4inter-ip-pool-inter]gateway-list 144.1.1.1 
[AR4inter-ip-pool-inter]dns-list 202.96.128.86 
[AR4inter-ip-pool-inter]lease day 3 
[AR4inter-ip-pool-inter]quit 
[AR4inter]inter Virtual-Template1 //进入虚模板接口
[AR4inter-Virtual-Template1]ip add 144.1.1.1 24 
[AR4inter-Virtual-Template1]remote address pool inter 
[AR4inter-Virtual-Template1]ppp authentication-mode chap 
[AR4inter-Virtual-Template1]quit 
[AR4inter]inter g0/0/1 
[AR4inter-GigabitEthernet0/0/1]pppoe-server bind virtual-template 1  //将虚模板和接口关联在一起

AR3

[AR3]acl 2000 
[AR3-acl-basic-2000]rule permit 
[AR3-acl-basic-2000]quit 
[AR3]inter g0/0/1 
[AR3-GigabitEthernet0/0/1]ip add 134.1.1.1 29 
[AR3-GigabitEthernet0/0/1]nat outbound 2000 
[AR3-GigabitEthernet0/0/1]quit 
[AR3]ip route-static 0.0.0.0 0 134.1.1.5 
OSPF引入默认路由 
[AR3]ospf 1 
[AR3-ospf-1]default-route-advertise always

AR4

[AR4]acl 2000 
[AR4-acl-basic-2000]rule permit 
[AR4-acl-basic-2000]quit 
interface GigabitEthernet0/0/0 
ip address 192.168.7.1 255.255.255.0 
[AR4]dialer-rule 
[AR4-dialer-rule]dialer-rule 1 ip permit 
[AR4]inter Dialer 1  	//进入拨号口
[AR4-Dialer1]dialer user hw 	//配置为共享拨号中心
[AR4-Dialer1]dialer-group 1 
[AR4-Dialer1]dialer bundle 1 	//配置拨号捆绑接口为1
[AR4-Dialer1]ppp chap user hw 	//配置ppp用户名
[AR4-Dialer1]ppp chap password cipher hw@123.com //配置ppp密码
[AR4-Dialer1]ip add ppp-negotiate //地址为自动协商
[AR4-Dialer1]nat outbound 2000 
[AR4-Dialer1]quit 
[AR4]inter g0/0/1 
[AR4-GigabitEthernet0/0/1]pppoe-client dial-bundle-number 1   //通过拨号捆绑接口1关联本接口
[AR4-GigabitEthernet0/0/1]quit 
[AR4]ip route-static 0.0.0.0 0 Dialer 1

OSPF引入默认路由

[AR4]ospf 1 
[AR4-ospf-1]default-route-advertise always

AR4获取IP
在这里插入图片描述
获取路由