华为DHCPACLRIP独臂路由汇总小实验
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了华为DHCPACLRIP独臂路由汇总小实验相关的知识,希望对你有一定的参考价值。
实验拓扑图如下:
实验要求:
1、全网使用RIP技术互通
2、计算机地址由DHCP分发
3、PC4和PC5之间不能互通
4、vlan10网关在SW1上
5、vlan20网关在R1上
6、vlan30/40网关在SW2上
7、vlan50/60网关在R2上
实验步骤:
在SW1上的操作如下:
<huawei>system
[huawei]sysname SW1 //修改交换机名称为SW1
[SW1]vlan batch 10 20
[SW1]interface gi0/0/1
[SW1]interface g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access //接口改为加入模式
[SW1-GigabitEthernet0/0/1]port default vlan 10 //把接口加入vlan 10
[SW1-GigabitEthernet0/0/1]q
[SW1]interface g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access //接口改为加入模式
[SW1-GigabitEthernet0/0/2]port default vlan 20 //把接口加入vlan20
[SW1-GigabitEthernet0/0/2]q
[SW1]interface g0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access //接口改为加入模式
[SW1-GigabitEthernet0/0/3]port default vlan 20 //把接口加入vlan20
[SW1-GigabitEthernet0/0/3]q
[SW1]interface vlan 10
[SW1-Vlanif10]ip address 192.168.10.254 24 //给vlan 10配置网关
[SW1-Vlanif10]undo shutdown
[SW1-Vlanif10]q
[SW1]interface vlan 20
[SW1-Vlanif20]ip address 192.168.20.2 24 //给vlan 20配置ip地址
[SW1-Vlanif20]undo shutdown
[SW1-Vlanif20]q
[SW1]rip //创建并进入rip1
[SW1-rip-1]version 2 //版本2
[SW1-rip-1]network 192.168.10.0 //宣告已经网段
[SW1-rip-1]network 192.168.20.0
[SW1-rip-1]q
[SW1]dhcp enable //开启 DHCP功能
[SW1]interface vlan 10 //进入vlan10
[SW1-Vlanif10]dhcp select relay //建立dhcp中继
[SW1-Vlanif10]dhcp relay server-ip 192.168.100.1//写入dhcp 中继服务地址
在R1上的操作如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]vlan batch 10 20 100 //创建vlan10/20/100
[Huawei]interface g0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 192.168.20.254 24 //给vlan20配置网关
[Huawei-GigabitEthernet0/0/0]undo shutdown
[Huawei-GigabitEthernet0/0/0]q
[Huawei]interface g0/0/1 //给g0/0/1端口配置IP
[Huawei-GigabitEthernet0/0/1]ip address 192.168.1.1 24
[Huawei-GigabitEthernet0/0/1]undo shutdown
[Huawei-GigabitEthernet0/0/1]q
[Huawei]interface g0/0/2
[Huawei-GigabitEthernet0/0/2]ip address 192.168.100.254 24 //给vlan100配置网关
[Huawei-GigabitEthernet0/0/2]undo shutdown
[Huawei-GigabitEthernet0/0/2]q
[Huawei]rip // 建立并进入rip
[Huawei-rip-1]version 2 //版本2
[Huawei-rip-1]network 192.168.20.0 //宣告自己知道的网段
[Huawei-rip-1]network 192.168.1.0
[Huawei-rip-1]network 192.168.100.0
[Huawei-rip-1]q
[R1]dhcp enable //开启dhcp服务
[R1]interface g0/0/0
[R1-GigabitEthernet0/0/0]dhcp select relay //在g0/0/0端口建立dhcp中继
[R1-GigabitEthernet0/0/0]dhcp relay server-ip 192.168.100.1 //中继地址为 192.168.100.1
在R2上的配置如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]sysname R2
[R2]interface g0/0/0.1 //进入子端口0.1
[R2-GigabitEthernet0/0/0.1]ip address 192.168.50.254 24 //配置vlan50的网关地址
[R2-GigabitEthernet0/0/0.1]dot1q termination vid 50 //把dot1q协议封装到vlan50中
[R2-GigabitEthernet0/0/0.1]arp broadcast enable //开启 arp 广播
[R2-GigabitEthernet0/0/0.1]q
[R2]interface g0/0/0.2
[R2-GigabitEthernet0/0/0.2]ip address 192.168.60.254 24
[R2-GigabitEthernet0/0/0.2]dot1q termination vid 60
[R2-GigabitEthernet0/0/0.2]arp broadcast enable
[R2-GigabitEthernet0/0/0.2]q
[R2]interface g0/0/1
[R2-GigabitEthernet0/0/1]ip address 192.168.1.2 24
[R2-GigabitEthernet0/0/1]undo shutdown
[R2-GigabitEthernet0/0/1]q
[R2]rip
[R2-rip-1]version 2
[R2-rip-1]network 192.168.1.0
[R2-rip-1]network 192.168.50.0
[R2-rip-1]network 192.168.60.0
[R2-rip-1]q
[R2]dhcp enable //开启DHCP功能
[R2]interface g0/0/0.1
[R2-GigabitEthernet0/0/0.1]dhcp select relay // 建立dhcp中继
[R2-GigabitEthernet0/0/0.1]dhcp relay server-ip 192.168.100.1 //建立dhcp 服务地址
[R2-GigabitEthernet0/0/0.1]q
在SW2上配置如下:
<Huawei>undo terminal monitor
<Huawei>sys
[Huawei]sysname SW2
[SW2]vlan batch 30 40 50 60 //创建 vlan 30/40/50/60
[SW2]interface g0/0/3
[SW2-GigabitEthernet0/0/3]port link-type access //把g0/0/3端口加入vlan30
[SW2-GigabitEthernet0/0/3]port default vlan 30
[SW2-GigabitEthernet0/0/3]q
[SW2]interface g0/0/4
[SW2-GigabitEthernet0/0/4]port link-type access //把g0/0/4端口加入vlan40
[SW2-GigabitEthernet0/0/4]port default vlan 40
[SW2-GigabitEthernet0/0/4]q
[SW2]interface g0/0/5
[SW2-GigabitEthernet0/0/5]port link-type access //把g0/0/5端口加入vlan50
[SW2-GigabitEthernet0/0/5]port default vlan 50
[SW2-GigabitEthernet0/0/5]q
[SW2]interface g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access //把g0/0/5端口加入vlan60
[SW2-GigabitEthernet0/0/2]port default vlan 60
[SW2-GigabitEthernet0/0/2]q
[SW2]interface vlan 30 //配置vlan30的网关
[SW2-Vlanif30]ip address 192.168.30.254 24
[SW2-Vlanif30]undo shutdown
[SW2-Vlanif30]q
[SW2]interface vlan 40 //配置vlan40的网关
[SW2-Vlanif40]ip address 192.168.40.254 24
[SW2-Vlanif40]undo shutdown
[SW2-Vlanif40]q
[SW2]interface vlan 50 //配置vlan50的ip
[SW2-Vlanif50]ip address 192.168.50.2 24
[SW2-Vlanif50]q
[SW2]interface vlan 60 //配置vlan60的ip
[SW2-Vlanif60]ip address 192.168.60.2 24
[SW2-Vlanif60]q
[SW2]rip //宣告已知的网段
[SW2-rip-1]version 2
[SW2-rip-1]network 192.168.30.0
[SW2-rip-1]network 192.168.40.0
[SW2-rip-1]network 192.168.50.0
[SW2-rip-1]network 192.168.60.0
[SW2-rip-1]q
[SW2]interface g0/0/1 //把g0/0/1端口设为trunk 模式并且允许所有vlan通过
[SW2-GigabitEthernet0/0/1]port link-type trunk
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[SW2-GigabitEthernet0/0/1]q
[SW2]dhcp enable //开启DHCP功能
[SW2]interface vlan 30 //建立dhcp中继
[SW2-Vlanif30]dhcp select relay
[SW2-Vlanif30]dhcp relay server-ip 192.168.100.1
[SW2-Vlanif30]q
[SW2]interface vlan 40
[SW2-Vlanif40]dhcp select relay
[SW2-Vlanif40]dhcp relay server-ip 192.168.100.1
[SW2]acl 3999 //搭建并进入acl 3999(高级acl)
[SW2-acl-adv-3999]rule deny ip source 192.168.40.0 0.0.0.255 destination 192.168 //建立规则 不允许50网段的任何数据包进入40网段
.50.0 0.0.0.255
[SW2-acl-adv-3999]q
[SW2]interface g0/0/4 //在g0/0/4端口配置入站流量过滤规则为 acl 3999
[SW2-GigabitEthernet0/0/4]traffic-filter inbound acl 3999
[SW2-GigabitEthernet0/0/4]q
在DHCP上配置如下:
<HUAWEI>system
[HUAWEI]sye name DHCP
[DHCP]vlan 100
[DHCP]dhcp enable // 开启dhcp功能
[DHCP]interface vlan 100
[DHCP-Vlanif100]ip address 192.168.100.1 24 //配置vlan100地址
[DHCP-Vlanif100]dhcp select global //选择本地设备上的的dhcp地址池
[DHCP-Vlanif100]q
[DHCP]interface g0/0/1 //把g0/0/1端口加入vlan100
[DHCP-GigabitEthernet0/0/1]port link-type access
[DHCP-GigabitEthernet0/0/1]port default vlan 100
[DHCP-GigabitEthernet0/0/1]q
[DHCP]rip //rip宣告已知地址
[DHCP-rip-1]network 192.168.100.1
[DHCP-rip-1]q
[DHCP]ip pool 10 //建立并进入地址池 10
[DHCP-ip-pool-10]network 192.168.10.0 mask 255.255.255.0 //地址池内网段为 10网段
[DHCP-ip-pool-10]dns-list 8.8.8.8 //域名解析地址为 8.8.8.8
[DHCP-ip-pool-10]gateway-list 192.168.10.254 //地址池网段地址网关为254
[DHCP-ip-pool-10]q
[DHCP]ip pool 20
[DHCP-ip-pool-20]network 192.168.20.0 mask 255.255.255.0
[DHCP-ip-pool-20]dns-list 9.9.9.9
[DHCP-ip-pool-20]gateway-list 192.168.20.254
[DHCP-ip-pool-20]q
[DHCP]ip pool 30
[DHCP-ip-pool-30]dns-list 3.3.3.3
[DHCP-ip-pool-30]gateway-list 192.168.30.254
[DHCP-ip-pool-30]network 192.168.30.0 mask 255.255.255.0
[DHCP-ip-pool-30]q
[DHCP]ip pool 40
[DHCP-ip-pool-40]network 192.168.40.0 mask 255.255.255.0
[DHCP-ip-pool-40]dns-list 4.4.4.4
[DHCP-ip-pool-40]gateway-list 192.168.40.254
[DHCP-ip-pool-40]q
[DHCP]ip pool 50
[DHCP-ip-pool-50]network 192.168.50.0 mask 255.255.255.0
[DHCP-ip-pool-50]dns-list 5.5.5.5
[DHCP-ip-pool-50]gateway-list 192.168.50.254
[DHCP-ip-pool-50]q
在PC机上先选择DHCP点击应用再输入ipconfig /renew 我们选择两台PC机进行验证如图:
同时我们选择验证PC1与PC2之间是否互通,在PC1上输入命令:ping 192.168.20.251进行验证如图:
初次连接会有 Request timeout !的提示,不要慌,稳住,第一次连接扔了5个包丢了一个包还是可以理解的哈 0.0!
剩下的我就不多做验证了,相信结果都是一样的,但由于任务需求需要断绝40网段和50网段之间的联系我们还需要验证一下PC4能否ping的通PC5
验证PC4和PC5的不通如图:
结果真的是不通,如愿以偿啊,美滋滋 - -!可能会有人会问ping不通怎么还美滋滋,我也不知道我是什么心理,反正我完成任务了,哈哈,好剑!!!
以上就是今天这个实验的所有步骤,希望能帮助到您,谢谢您的观看,我们过两天再见0.0!
以上是关于华为DHCPACLRIP独臂路由汇总小实验的主要内容,如果未能解决你的问题,请参考以下文章