基于防火墙双击热备三层网络规划_ensp综合实验
Posted 小猿网
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了基于防火墙双击热备三层网络规划_ensp综合实验相关的知识,希望对你有一定的参考价值。
作者:BSXY_19计科_陈永跃
BSXY_信息学院
注:未经允许禁止转发任何内容
基于防火墙双击热备三层网络规划_ensp综合实验
前言及技术/资源下载说明( 未经允许禁止转发任何内容 )
有什么问题可以在评论区说明自己遇到的情况,博主看到会第一时间回复,希望其他人也可以回复别人的问题。
(后期有什么内容会在博文中进行修改和更新的)
可根据以下所提供的设计与实现步骤过程一步一步自行实现(每一条命令都是关键的命令);但是如果有需要的也可以根据以下地址进行下载完整的topo图和完整的配置进行参考与借鉴,如若拿到topo图可多display查看配置,查看相应的命令,配套资源连接如下,相应的内容如下图所示:
基于防火墙双击热备三层网络规划_ensp综合实验topo和完整配置+一步步的所有配置命令(ensp)+全程的配置视频
以上也就是topo图的规划,相应的地址规划和路由规划大部分都在图中明确的标注了
该实验中用到的技术有相应的vlan划分、链路捆绑、MSTP、VRRP、DHCP、OSPF、防火墙基本配置、防火墙的安全策略、防火墙双击热备、NAT配置这些技术。对于视频的话可以开启1.25倍速观看。有什么问题的话,都可以在平台中私信于我。该实验非常适合于把相应的单个技术学完想把这些技术综合起来的小伙伴,且对于毕设课设的小伙伴可以进行参考,进行自己的规划与设计,最后对于软考网络工程师/网络规划设计的小伙伴来说个人建议是有必要抽个时间好好的做一下这个实验的,最后说明该topo规划最后的作者权归于:BSXY_信息学院_19计科_陈永跃
之前规划的topo图如下图所示(核心交换机和防火墙之间就不需要交换机了,防火墙的外部也不需要交换机了,直接接ISP路由器即可),可参考一下
插曲:基于eNSP中大型校园/企业网络规划与设计(可不看)
插曲部分:基于eNSP中大型校园/企业网络规划与设计_综合大作业 如下图所示(但是并不在该篇文章中做详细介绍和说明,如查看可点击连接自行查看阅读):
该网络规划的过程步骤(顺着一步一步走)
1、VLAN底层划分&链路捆绑
sw1:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW1
[SW1]vlan 10
[SW1-vlan10]qui
[SW1]int e0/0/1
[SW1-Ethernet0/0/1]port link-type trunk
[SW1-Ethernet0/0/1]port trunk allow-pass vlan all
[SW1-Ethernet0/0/1]qui
[SW1]int e0/0/2
[SW1-Ethernet0/0/2]port link-type access
[SW1-Ethernet0/0/2]port default vlan 10
[SW1-Ethernet0/0/2]qui
[SW1]int e0/0/3
[SW1-Ethernet0/0/3]port link-type access
[SW1-Ethernet0/0/3]port default vlan 10
--------------------------------------
SW2:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW2
[SW2]vlan 20
[SW2-vlan20]qui
[SW2]int e0/0/1
[SW2-Ethernet0/0/1]port link-type trunk
[SW2-Ethernet0/0/1]port trunk allow-pass vlan all
[SW2-Ethernet0/0/1]qui
[SW2]int e0/0/2
[SW2-Ethernet0/0/2]port link-type access
[SW2-Ethernet0/0/2]port default vlan 20
[SW2-Ethernet0/0/2]qui
[SW2]int e0/0/3
[SW2-Ethernet0/0/3]port link-type access
[SW2-Ethernet0/0/3]port default vlan 20
--------------------------------------
SW3:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW3
[SW3]vlan 30
[SW3-vlan30]qui
[SW3]int e0/0/1
[SW3-Ethernet0/0/1]port link-type trunk
[SW3-Ethernet0/0/1]port trunk allow-pass vlan all
[SW3-Ethernet0/0/1]int e0/0/2
[SW3-Ethernet0/0/2]port link-type access
[SW3-Ethernet0/0/2]port default vlan 30
[SW3-Ethernet0/0/2]int e0/0/3
[SW3-Ethernet0/0/3]port link-type access
[SW3-Ethernet0/0/3]port default vlan 30
--------------------------------------
SW4:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW4
[SW4]vlan batch 40 50
[SW4]int e0/0/1
[SW4-Ethernet0/0/1]port link-type trunk
[SW4-Ethernet0/0/1]port trunk allow-pass vlan all
[SW4-Ethernet0/0/1]int e0/0/2
[SW4-Ethernet0/0/2]port link-type access
[SW4-Ethernet0/0/2]port default vlan 40
[SW4-Ethernet0/0/2]int e0/0/3
[SW4-Ethernet0/0/3]port link-type access
[SW4-Ethernet0/0/3]port default vlan 50
--------------------------------------
SW9:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW9
[SW9]vlan 60
[SW9-vlan60]qui
[SW9]int g0/0/4
[SW9-GigabitEthernet0/0/4]port link-type trunk
[SW9-GigabitEthernet0/0/4]port trunk allow-pass vlan all
[SW9-GigabitEthernet0/0/4]qui
[SW9]int g0/0/5
[SW9-GigabitEthernet0/0/5]port link-type trunk
[SW9-GigabitEthernet0/0/5]port trunk allow-pass vlan all
[SW9-GigabitEthernet0/0/5]qui
[SW9]port-group g g0/0/1 to g0/0/3
[SW9-port-group]port link-type access
[SW9-port-group]port default vlan 60
[SW9-port-group]qui
--------------------------------------
SW5:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW5
[SW5]vlan batch 10 20 30 40 50
[SW5]port-group group-member g0/0/1 to g0/0/4
[SW5-port-group]port link-type trunk
[SW5-port-group]port trunk allow-pass vlan all
[SW5-port-group]qui
--------------------------------------
SW6:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW6
[SW6]vlan batch 10 20 30 40 50
[SW6]port-group group-member g0/0/1 to g0/0/4
[SW6-port-group]port link-type trunk
[SW6-port-group]port trunk allow-pass vlan all
[SW6-port-group]qui
--------------------------------------
SW7:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW7
[SW7]vlan batch 10 20 30 40 50 60
[SW7]port-group group-member g0/0/1 g0/0/2 g0/0/9
[SW7-port-group]port link-type trunk
[SW7-port-group]port trunk allow-pass vlan all
[SW7-port-group]qui
[SW7]int eth-trunk 1
[SW7-Eth-Trunk1]mode lacp-static
[SW7-Eth-Trunk1]trunkport g0/0/10
[SW7-Eth-Trunk1]trunkport g0/0/11
[SW7-Eth-Trunk1]port link-type trunk
[SW7-Eth-Trunk1]port trunk allow-pass vlan all
[SW7-Eth-Trunk1]dis this
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
mode lacp-static
#
return
[SW7-Eth-Trunk1]qui
--------------------------------------
SW8:
<Huawei>sys
[Huawei]un in en
[Huawei]sysname SW8
[SW8]vlan batch 10 20 30 40 50 60
[SW8]int eth-trunk 1
[SW8-Eth-Trunk1]mode lacp-static
[SW8-Eth-Trunk1]trunkport g0/0/10
[SW8-Eth-Trunk1]trunkport g0/0/11
[SW8-Eth-Trunk1]port link-type trunk
[SW8-Eth-Trunk1]port trunk allow-pass vlan all
[SW8-Eth-Trunk1]dis this
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
mode lacp-static
#
return
[SW8-Eth-Trunk1]qui
[SW8]port-group group-member g0/0/1 g0/0/2 g0/0/9
[SW8-port-group]port link-type trunk
[SW8-port-group]port trunk allow-pass vlan all
[SW8-port-group]qui
[SW8]dis eth-trunk 1
2、MSTP
SW5:
[SW5]stp region-configuration
[SW5-mst-region]region-name HUAWEI
[SW5-mst-region]revision-level 1
[SW5-mst-region]instance 1 vlan 10 20 30
[SW5-mst-region]instance 2 vlan 40 50 60
[SW5-mst-region]active region-configuration
[SW5-mst-region]dis this
#
stp region-configuration
region-name HUAWEI
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
active region-configuration
#
return
[SW5-mst-region]
--------------------------------------
SW6:
[SW6]stp region-configuration
[SW6-mst-region]region-name HUAWEI
[SW6-mst-region]revision-level 1
[SW6-mst-region]instance 1 vlan 10 20 30
[SW6-mst-region]instance 2 vlan 40 50 60
[SW6-mst-region]active region-configuration
[SW6-mst-region]dis this
[SW6-mst-region]qui
--------------------------------------
SW9:
[SW9]stp region-configuration
[SW9-mst-region]region-name HUAWEI
[SW9-mst-region]revision-level 1
[SW9-mst-region]instance 1 vlan 10 20 30
[SW9-mst-region]instance 2 vlan 40 50 60
[SW9-mst-region]active region-configuration
[SW9-mst-region]qui
--------------------------------------
SW7:
[SW7]stp region-configuration
[SW7-mst-region]region-name HUAWEI
[SW7-mst-region]revision-level 1
[SW7-mst-region]instance 1 vlan 10 20 30
[SW7-mst-region]instance 2 vlan 40 50 60
[SW7-mst-region]active region-configuration
[SW7-mst-region]dis this
#
stp region-configuration
region-name HUAWEI
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
active region-configuration
#
return
[SW7-mst-region]qui
[SW7]stp instance 1 root primary
[SW7]stp instance 2 root secondary
--------------------------------------
SW8:
[SW8]stp region-configuration
[SW8-mst-region]region-name HUAWEI
[SW8-mst-region]revision-level 1
[SW8-mst基于ensp防火墙双击热备二层网络规划与设计
基于eNSP中大型校园/企业网络规划与设计_ensp综合大作业(ensp综合实验)
基于MPLS-V**多分部互访的ensp企业网络规划与设计_ensp综合实验