网络基础
作者:林小熊
1、vlan的基本配置:
创建vlan vlan vlan-id[alias vlan-alias]
删除vlan undo vlan vlan-id
vlan视图下配置一个或一组端口属于某个VLAN
port interface-type{interface-num[to interface-num]}$<1-10>
借口视图下配置盖端口属于某个VLAN port access vlan-id
2、trunk的基本配置
指定端口类型:trunk,access,hybrid
port link-type{trunk/access/hybrid}
取消端口类型的设置
undo port-type{trunk/access/hybrid}
设置trunk端口可以通过的VLAN
[undo]port trunk permit vlan{{vlan-id[to vlan-id]}$<1-10>|all}
显示VLAN的信息
display vlan vlan-id
3、配置参考
路由器A的配置
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip address 10.1.1.1. 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack1
[RTA-LoopBack1]ip address 1.1.1.1 32
[RTA-LoopBack1]quit
[RTA]ip route-static 2.2.2.2 32 10.1.1.2
路由器B的配置
[RTB]interface Ethernet0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 30
[RTB-Ethernet0/0]quit
[RTB]interface LoopBack1
[RTB-LoopBack1]ip address 2.2.2.2 32
[RTB-LoopBAck1]quit
[RTB]ip route-static 0.0.0.0 10.1.1.1
RIP协议配置
参考配置:
路由器A的配置:
[RTA]inetrface Ethernet 0/0
[RTA-Etnernet0/0]ip address 10.1.1.1 30
[RTA-Ethernet0/0]rip version2 multicast
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack1]ip address 1.1.1.1.1 32
[RTA-LoopBack1]rip version 2 multicast
[RTA-LoopBack]quit
[RTA]rip
[RTA-rip]network 1.1.1.1
[RTA-rip]network 10.1.1.0
[RTA-rip]undo summary
路由器B的配置
[RTB]interface Ethernet0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 30
[RTB-Ethernet0/0]rip version 2 multicast
[RTB-Ethernet0/0]quit
[RTB]interface LoopBack 0
[RTB-LoopBack1]ip address 2.2.2.2 32
[RTB-LoopBack1]rip version 2multicast
[RTB-LoopBack1]quit
[RTB]interface Ethernet 0/1
[RTB-Serial1/0]ip address 192.2.2.1 30
[RTB-Serial1/0]rip varsion 2 multicast
[RTB-Serial1/0]rip authentication-mode md5 uaual Huawei
[RTB-Serial1/0]quit
[RTB]rip
[RTB-rip]network 192.2.2.0
[RTB-rip]network 2.2.2.2
[RTB-rip]network 10.1.1.0
[RTB-rip]undo summary
路由器C的配置:
[RTC]interface Ethernet 0/1
[RTC-Serial1/0]ip address 192.2.2.2 30
[RTC-Serial1/0]rip version 2 multicast
[RTC-Serial1/0]rip authentication-mode md5 usual Huawei
[RTC-Serial1/0]quit
[RTC]interface LoopBack 0
[RTC-LoopBack1]ip address 3.3.3.3 32
[RTC-LoopBack1]rip version 2 mutilcast
[RTC-LoopBack1]quit
[RTC]rip
[RTC-rip]network 3.3.3.3
[RTC-rip]network 192.2.2.0
[RTC-rip]undo summary
OSPF协议配置(最短路径选择路由协议)
四台路由器RTA,RTB,RTC以及RTD,RTA与RTB属于Area1,RTB与RTC属于Area0,RTC与RTD属于Area2.
配置步骤:
1、指定Router ID
在system-view视图下,指定一个RouterID,
2、运行OSPF
在system-view视图下,采用默认的进程1
3、创建区域
在OSPF视图下创建一个骨干区域Area0
4、通告网络
在Area视图下通告相应的网络
参考配置1、端口配置 配置RTAsystem-view
[Quidway]sysname RTA
[RTA]interface loopback 0
[RTA-LoopBack0]ip address 1.1.1.1 255.255.255.255
[RTA-LoopBack0]quit
[RTA]interface ethernet 0/0
[RTA-Ethernet0/0]ip address 10.1.1.1 255.255.255.252
[RTA-Ethernet0/0]quit
[RTA]interface serial 2/0
[RTA-Serial2/0]ip address 192.1.1.1 255.255.555.252
[RTA-Serial2/0]quit
配置RTBsystem-view
[Quidway]sysname RTB
[RTB]interface loopback 0
[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255
[RTB-LoopBack0]quit
[RTB]interface Ethernet 0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 255.255.255.252
[RTB-Ethernet0/0]quit
[RTB]interface serial 2/0
[RTB-Serial2/0]ip address 192.2.2.2 255.255.255.252
[RTB-Serial2/0]quit
配置RTCsystem-view
[Quidway]sysname RTC
[RTC]interface loopback 0
[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255
[RTC-LoopBack0]quit
[RTC]interface Ethernet 0/0
[RTC-Ethernet0/0]ip address 10.2.2.2 255.255.255.252
[RTC-Ethernet0/0]quit
[RTC]interface serial 2/0
[RTC-Serial2/0]ip address 192.2.2.1 255.255.255.252
[RTC-Serial2/0]quit
配置RTDsystem-view
[Quidway]sysname RTD
[RTD]interface loopback 0
[RTD-LoopBack0]ip address 4.4.4.4 255.255.255.255
[RTD-LoopBack0]quit
[RTD]interface ethernet0/0
[RTD-Ethernet0/0]ip address 10.2.2.1 255.255.255.252
[RTD-Ethernet0/0]quit
[RTD]interface serial2/0
[RTD-Serial2/0]ip address 192.1.1.2 255.255.255.252
[RTD-Serial2/0]quit
OSPF配置
配置RTA
指定Router ID
[RTA]router id 1.1.1.1
运行OSPF
[RTA]opsf
创建区域0
[RTA-opsf-1]area 0
在区域0视图下通告网络
[RTA-ospf-1-area-0.0.0.0]net 10.1.1.0. 0.0.0.3
[RTA-opsf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3
[RTA-opsf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0
配置RTB
指定Router ID
[RTB]router id 2.2.2.2
运行opsf
[RTB]opsf
创建区域0
[RTB-ospf-1]area 0
在区域0视图下通告网络
[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTB-opsf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0
配置RTC
指定Router ID
[RTCrouter id 3.3.3.3
运行OSPF
[RTC]ospf
创建区域0
[RTC-ospf-1]area 0
在区域0视图下通告网络
[RTC-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
配置RTD
指定Router ID
[RTD]router id 4.4.4.4
运行ospf
[RTD]ospf
创建区域0
[RTD-ospf-1]area 0
在区域0视图下通告网络
[RTD-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.0]net 4.4.4.0 0.0.0.0
ospf多区域试验配置配置参考配置RTAsystem-view
[RTA]int loopback 0
[RTA-LoopBack0]ip add 1.1.1.1 255.255.255.255
[RTA-LoopBAck0]quit
[RTA]int ethernet 0/0
[RTA-Ethernet0/0]ip add 10.1.1.1 255.255.255.252
[RTA-Ethernet0/0]undo shutdown
配置RTB
system-view
[RTB]int loopback 0
[RTB-LoopBack0]ip add 2.2.2.2 255.255.255.252
[RTB]int ethernet 0/0
[RTB-Ethernet0/0]ip add 10.1.1.2 255.255.255.252
[RTB-Ethernet0/0]undo shutdown
[RTB]int serial 2/0
[RTB-Serial2/0]ip add 192.2.2.2 255.255.255.252
配置RTC
system-view
[RTC]int loopback 0
[RTC-LoopBack0]ip add 3.3.3.3 255.255.255.252
[RTC]int ethernet 0/0
[RTC-Ethernet0/0]ip add 10.2.2.2 255.255.255.252
[RTC-Ethernet0/0]undo shutdowm
[RTC]int serial 2/0
[RTC-Serial2/0]ip add 192.2.2.1 255.255.255.252
[RTC-Serial2/0]undo shutdown
配置RTD
system-view
[RTD]int loopback 0
[RTD-LoopBack0]ip add 10.10.1.4 255.255.255.255
[RTD]int ethernet 0/0
[RTD-Ethernet0/0]ip add 10.2.2.1 255.255.255.252
[RTD-Ethernet0/0]undo shutdown
ospf配置
配置RTA
指定Router ID
[RTA]router id 1.1.1.1
运行OSPF
[RTA]ospf
创建区域1
[RTA-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.1]network 1.1.1.1 0.0.0.0
配置RTB
指定Router ID
[RTB]router id 2.2.2.2
运行OSPF
[RTB]ospf
创建区域0
[RTB-ospf-1]area 0
创建区域1
[RTB-ospf-1]area 1
在区域0视图下通告网络
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
在区域1视图下通告网络
[RTB-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.1]network 2.2.2.2 0.0.0.0
配置RTC
指定Router ID
[RTC]router id 3.3.3.3
运行ospf
[RTC]ospf
创建区域0
[RTC-ospf-1]area 0
创建区域2
[RTC-ospf-1]area 2
在区域0视图下通告网络
[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
在区域2视图下通告网络
[RTC-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.2]network 3.3.3.3 0.0.0.0
配置RTD
指定Router ID
[RTD]router id 10.10.1.4
运行ospf
[RTD]ospf
创建区域2
[RTD-ospf-1]area 2
在区域2视图下通告网络
[RTD-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.2]network 4.4.4.4 0.0.0.0
acl基本配置配置参考1.RTA的配置配置接口system-view
[Quidway]sysname RTA
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip add 30.1.1.1 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip address 1.1.1.1 32
[RTA-loopBack0]quit
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
2、RTB的配置配置接口sysname-view
[Quidway]sysname RTB
[RTB]interface Rthernet 0/0
[RTB-Ethernet0/0]ip add 30.1.1.2 30
[RTB-Ethernet0/0]quit
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]ip add 20.1.1.1 30
[RTB-Ethernet0/1]quit
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3
创建ACL并配置规则
[RTB]acl number 2000 match-order auto
[RTB-acl-basic-2000]rule permit source 10.1.1.0 0.0.0.255
[RTB-acl-basic-2000]rule permit source 20.1.1.0 0.0.0.3
[RTB-acl-basic-2000]rule permit deny source any
启用防火墙
[RTB]firewall enable
在接口上应用防火墙
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]firewall packet-fillter 2000 inbound
2、交换机的配置system-view
[Quidway]vlan 2
[Quidway-vlan2]port Ethernet 0/5 to Ethernet 0/8
[Quidway-vlan2]vlan 3
[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12
[Quidway-vlan3]vlan 4
[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16
[Quidway]interface vlan 1
[Quidway-Vlan-interface1]ip address 20.1.1.2 25.255.255.0
[Quidway-Vlan-interface1]quit
[Quidway]interface vlan 2
[Quidway-Vlan-interface2]ip address 10.1.1.2 255.255.255.0
[Quidway-Vlan-interface2]quit
[Quidway]interface Vlan-interface 3
[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0
[Quidway-Vlan-interface3]quit
[Quidway]interface Vlan-interface 4
[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0
[Quidway-Vlan-interface4]quit
配置高级ACL业务配置配置步骤1、配置组网图中相关接口2、设备之间启用ospf,使用个网段可以互通3、启用acl,并进行规则配置4、在相应接口应用acl配置参考1、RTA的配置 配置接口system-view
[Quidway]sysname RTA
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip address 30.1.1.1 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip address 1.1.1.1 32
[RTA-LoopBack0]quit
[RTA]ospf
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[RTA]ftp server enable
[RTA]local-user huawei password simple huawei
[RTA]local-user huawei service-type ftp
2、RTB的配置配置接口system-view
[Quidway]sysname RTB
[RTB]int Ethernet 0/0
[RTB-Ethernet0/0]ip address 30.1.1.1 30
[RTB-Ethernet0/0]quit
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]ip address 20.1.1.1 30
[RTB-Ethernet0/1]quit
[RTB]ospf
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3
创建ACL并配置规则
[RTB]acl number 3000
[RTB-acl-adv-3000]rule permit ospf
[RTB-acl-adv-3000]rule permit tcp source 10.1.1.0 .0.0.0.255
destination 1.1.1.0 destination-port eq ftp
[RTB-acl-adv-3000]rule deny tcp source any destination any
启用防火墙
[RTB]firewall enable
在接口上应用防火墙
[RTB]interface Ethernet 0/1
[RTB Ethernet 0/1]firewall packet-filter 3000 inbound
3、配置交换机
[Quidway]system-view
[Quiday]vlan 2
[Quidway-valn2]port Ethernet 0/5 to Ethernet 0/8
[Quidway-vlan2]vlan3
[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12
[Quidway-valn3]vlan4
[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16
[Quidway]interface vlan1
[Quidway-Vlan-interface1]ip address 20.1.1.2 255.255.255.0
[Quidway-Vlan-interface1]quit
[Quidway]interface vlan2
[Quidway-Vlan-interface2]ip address 10.1.1.1 255.255.255.0
[Quidway-Vlan-interface2]quit
[Quidway]interface Vlan-interface 3
[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0
[Quidway-Vlan-interface3]quit
[Quidway]interface Vlan-interface 4
[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0
[Quidway-Vlan-interface4]quit
地址转换配置
1、基本配置
配置RTA NAT出口路由器
配置内网网关
[RTA-Ethernet0/1]ip address 192.168.1.1 255.255.255.0
配置出接口地址
[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0
配置公网IGP路由
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip addr 1.1.1.1 255.255.255.255
[RTA]router id 1.1.1.1
[RTA]ospf
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
配置RTB公网路由器
配置接口地址
[RTB-Ethernet0/0]ip addr 10.1.1.2 255.255.255.0
[RTB-Ethernet12/0]ip address 192.2.2.2 255.255.255.252
[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255
配置IGP路由
[RTB]router id 2.2.2.2
[RTB]ospf
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.255
配置RTC公网路由器
配置接口地址
[RTC-Serial3/0]ip addr 192.2.2.1 255.255.255.252
[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255
配置IGP路由
[RTC]router id 3.3.3.3
[RTC]ospf
[RTC-ospf-1]area 0
[RTC-ospf-area-0.0.0.0]net 192.2.2.0 0.0.0.3
配置RTD内网FTP服务器RTD
使能FTP SERVER
[RTD]ftp server enable
配置FTP用户
[RTD]local-user huawei password simple Huawei
[RTD]local-user huawei server-type ftp
[RTD]local-user huawei ftp-directory flash:/
配置接口与路由
[RTD-Ethernet0/0]ip addr 192.168.1.2 255.255.255.0
[RTD]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
NAT配置
配置EASY IP方式的NAT
配置ACL
[RTA]acl number 2001
[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255
[RTA-acl-basic-2001]rule deny
配置出接口NAT转换
[RTA-Ethernet0/0]nat outbound 2001
配置IP POOL方式的NAT
配置ACL
[RTA]acl number 2001
[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255
[RTA-acl-basic-2001]rule deny
配置NAT转换的地址池
[RTA]nat address-group 1 10.1.1.3 10.1.1.10
配置出接口NAT转换
[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0
[RTA-Ethernet0/0]nat outbound 2001 address-group 1
DHCP配置配置参考端口配置:
system-view
[RTA]int ethernet 0/0
[RTA-Ethernet0/0]ip addr 192.168.1.1 255.255.255.
DHCP配置
启动DHCP服务
[Quidway]dhcp enable
配置不参与自动分配的IP地址(出口网关地址)
[Quidway]dhcp server forbidden-ip 192.168.1.2 255.255.255.0
配置DHCP地址池1的共有属性
[Quidway]interface vlan 1
[Quidway-Vlan-interface1]
[Quidway-Vlan-interface1]ip address 192.168.1.2 255.255.255.0
[Quidway]dhcp server ip-pool 1
[Quidway-dhcp-pool-1]network 192.168.1.0 mask 255.255.255.0
[Quidway-dhcp-pool-1]gateway-list 192.168.1.1
[Quidway-dhcp-pool-1]dns-list 202.106.196.152 202.106.196.115
[Quidway-dhcp-pool-1]domain-name huawei.com
[Quidway]quitsave
VLAN配置示例
S1(S2(PC1,PC3),S3(PC2,PC4),S4(PC5,PC6))
PC1和PC2,PC3、PC4、PC5,PC6单独。为了阻断不同区域之间的二层通信,划分了3个VLAN,分别为VLAN10、VLAN20、VLAN30。
配置步骤:
在交换机上创建VLAN。
配置交换机上连接PC的端口Access模式,并加入相应的VLAN。
配置交换机之间互联的端口为Trunk模式,并加入VLAN。
VLAN10 具体配置:
要在交换机上配置VLAN,进入系统视图:
配置S2:
sysname-view
[S2]vlan 10
[S2-vlan10]quit
配置S3:
system-view
[S3]vlan 10
[S3-vlan10]quit
t配置S1:
system-view
[S1]vlan 10
[S1-vlan10]quit
配置S2:
[S2]interface gigabitethernet 1/0/1
[S2-Gigabitethernet1/0/1]port link-type access
[S2-Gigabitethernet1/0/1]port default vlan 10
[S2-Gigabitethernet1/0/1]quit
[S2]interface gigabitethernet1/0/2
[S2-Gigabitethernet1/0/2]port link-type trunk
[S2-Gigabitethernet1/0/2]port thrunk allow-pass vlan 10
[S2-Gigabitethernet1/0/2]quit
配置S3
[S3]interface gigabitethernet 1/0/1
[S3-Gigabitethernet1/0/1]port link-type access
[S3-Gigabitethernet1/0/1]port default vlan10
[S3-Gigabitethernet1/0/1]quit
[S3]interface gigabitethernet 1/0/2
[S3-Gigabitethernet1/0/2]port link-type trunk
[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan 10
[S3-Gigabitethernet1/0/2]quit
配置S1:
[S1]interface gigabitethernet 1/0/1
[S1-Gigabitethernet1/0/1]port link-type trunk
[S1-Gigabitethernet1/0/1]port trunk allow-pass vlan 10
[S1-Gigabitethernet1/0/1]quit
[S1]interface gigabitethernet 1/0/2
[S1-Gigabitethernet1/0/2]port link-type trunk
[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan 10
[S1-Gigabitethernet1/0/2]quit
为了对配置好的VLAN进行display port vlan 命令来查看交换机当前各端口的类型及加入的VLAN
GVRP配置示例
1、在每台交换机的全局及端口使能功能
2、配置交换机的二层连通性,即将交换机的某些端口配置Trunk端口并配置允许相应的vlan帧通过。
3、在交换机S1和S4上配置静态vlan1000
配置步骤
在交换机的系统视图下执行命令gvrp来使能GVRP功能。
配置S1,在S1上全局使能GVRP功能。system-view
[Quidway]sysname S1
[S1]gvrp
配置S2,在S2上全局使能GVRP功能system-view
[Quidway]sysname S2
[S2]gvrp
配置S3,在S3上全局使能GVRP功能system-view
[Quidway]sysname S3
[S3]gvrp
配置S4,在S4上全局使能GVRP功能system-view
[Quidway]sysname S4
[S4]gvrp
配置相关的端口为Trunk端口,并允许相应的VLAN通过,GVRP功能只能配置在Trunk类型的端口上
配置S1的端口:
[S1]interface gigabitethernet 1/0/1
[S1-Gigabitethernet1/0/1]port link-type access
[S1-Gigabitethernet1/0/1]port default vlan 1000
[S1-Gigabitethernet1/0/1]quit
[S1]interface gigabitethernet1/0/2
[S1-Gigabitethernet1/0/2]gvrp
[S1-Gigabitethernet1/0/2]port link-type trunk
[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan
[S1-Gigabitethernet1/0/2]quit
配置S2的端口
[S2]interface gigabitethernet 1/0/1
[S2-Gigabitethernet1/0/1]gvrp
[S2-Gigabitethernet1/0/1]port link-type trunk
[S2-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S2-Gigabitethernet1/0/1]quit
[S2]interface gigabitethernet 1/0/2
[S2-Gigabitethernet1/0/2]gvrp
[S2-Gigabitethernet1/0/2]port link-type trunk
[S2-Gigabitethernet1/0/2]port trunk allow-pass vlan all
[S2-Gigabitethernet1/0/2]quit
配置S3的端口
[S3]interface gigabitethernet 1/0/1
[S3-Gigabitethernet1/0/1]gvrp
[S3-Gigabitethernet1/0/1]port link-type trunk
[S3-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S3-Gigabitethernet1/0/1]quit
[S3]interface gigabitethernet 1/0/2
[S3-Gigabitethernet1/0/2]port link-type trunk
[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan all
[S3-Gigabitethernet1/0/2]quit
配置S4的端口
[S4]interface gigabitethernet 1/0/1
[S4-Gigabitethernet1/0/1]gvrp
[S4-Gigabitethernet1/0/1]port link-type trunk
[S4-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S4-Gigabitethernet1/0/1]quit
[S4]interface gigabitethernet1/0/2
[S4-Gigabitethernet1/0/2]gvrp
[S4-Gigabitethernet1/0/2]port link-type access
[S4-Gigabitethernet1/0/2]port default vlan 1000
[S4-Gigabitethernet1/0/2]quit
路由协议:
默认路由的配置:
R3----->R1(------>S1(PC1,PC2))----->R2---->S2(PC3,PC4))
配置思路:
在路由器R1上配置一条静态路由,目的地掩码为2.0.0.0/8,下一跳地址为R2的GE1/0/1接口的IP地址12.0.0.2
出接口为R1的GE1/0/1接口。另外,在R1上配置一条默认路由,该默认路由的下一跳IP地址为R3的GE2/0/0接口的IP地址
23.0.0.1
在路由器R2上配置一条静态路由,目的掩码为1.0.0.0/8,下一跳IP地址为R1的GE1/0/1接口的IP地址12.0.0.1,出口为R2的GE1/0/1接口。另外,在R2上配置一条默认路由,该默认路由的下一跳IP地址为R1的GE1/0/1接口的IP地址12.0.0.1
出接口为R2的GE1/0/1接口
在R3上配置分配一条去往1.0.0.0/8和2.0.0.0/8的静态路由,下一跳IP地址均为R1的GE2/0/0接口的IP地址23.0.0.2,出街口均为R3的GE2/0/0接口
配置步骤R1system-view
[R1]ip route-static 2.0.0.8 12.0.0.2 gigabitethernet 1/0/1
[R1]ip route-static 0.0.0.0 23.0.0.1 gigabitethernet 2/0/0
配置R2system-view
[R2]ip route-static 1.0.0.0 8 12.0.0.1 gigabitethernet 1/0/1
[R2]ip route-static 0.0.0.0 0 12.0.0.1 gigabitethernet 1/0/1
配置R3system-view
[R3]ip route-static 1.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0
[R3]ip route-static 2.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0
RIP协议(路由信息协议):R2(R1,R3)
路由协议两大类:一类IGP(内部网关协议),一类EGP(外部网关协议)
配置思路
在个路由器上启动RIP进程,在RIP进程中发布网段信息
配置步骤
要在路由器上配置RIP,必须进入系统视图,然后执行命令rip[process-id]
以启动RIP进程,并进入RIP视图。
配置R1:system-view
[R1]rip
[R1-rip-1]
配置R2:system-view
[R2]rip
[R2-rip-1]
配置R3:system-view
[R3]rip
[R3rip-1]
启动RIP进程之后,还需要通过network network-address 命令发布指定的网段,
其中network-address必须是一个自然网段地址
配置R1
[R1-rip-1]network 12.0.0.0
[R1-rip-1]network 172.16.0.0
配置R2:
[R2-rip-1]network 12.0.0.0
[R2-rip-1]network 23.0.0.0
[R2-rip-1]network 2.0.0.0
配置R3:
[R3-rip-1]network 23.0.0.0
[R3-rip-1]network 192.168.0.0
[R3-rip-1]network 192.168.1.0
[R3-rip-1]network 192.168.2.0
[R3-rip-1]network 192.168.3.0
VLANIF 接口配置示例S1(S2(PC1,PC2),S3(PC3,PC4))启用S1的三层交换功能,并通过在三层交换机S1上配置VLANIF接口,实现不同VLAN间用户的三层通信。1、配置思路在交换机上S1创建VLAN(S2和S3无需创建VLAN)。配置交换机S1的端口在交换机S1上创建VLANIF接口并配置IP地址,实现不同VLAN之间的三层互通2、配置步骤s1上创建VLAN10和VLAN20
system-view
[S1]vlan batch 10 20
S1上进行端口配置
[S1]interface gigabitethernet 0/0/1
[S1-Gigabitethernet0/0/1]port link-type access
[S1-Gigabitethernet0/0/1]port default vlan 10
[S1-Gigabitethernet0/0/1]quit
[S1]interface gigabitethernet 0/0/2
[S1-Gigabitethernet0/0/2]port link-type access
[S1-Gigabitethernet0/0/2]port default vlan 20
[S1-Gigabitethernet0/0/2]quit
S1上配置VLANIF接口
[S1]interface vlanif 10
[S1-Vlanif10]ip address 192.168.100.1 24
[S1-Vlanif10]quit
[S1]interface vlanif 20
[S1-Vlanif20]ip address 192.168.200.1 24
[S1-Vlanif20]quit