• 路由和交换在运营商网络的综合实验

    目录

     要求

    配置思路

     配置文件 顺序 R2 R1 R3 SW1 SW2 SW3  SW6

    测试结果

     要求:


    1、按照拓扑图规划网络;
    2、实现网络全网互通,总部实现默认路由下发,降低设备要求;
    3、二层网络实现流量负载分担;
    4、总部网络终端实现网关冗余备份,且实现上行链路监控;
    5、总部网络终端主机使用dhcp获得ip;
    6、总部网络汇聚层实现链路聚合(动态,最大链路数5条,可激活3条);
    7、分部终端要尽快进入转发状态,且上下线不会造成网络震荡;MSTP
    8、总部vlan 10之间不能互相访问,vlan 20之间可互相访问。端口隔离

    9 ,PC 2 3 4 DHCP 获取地址

    注:1 由于是运营商网络 在LSP中不能出现私网ip因此 vlan 10 20 30 40 使用 MPLS VPN 隧道连接

            2 接口绑定vpn实例后接口已有的配置会自动删除 因此先接入vpn实例后配置地址

            3 先创建Eth-trunk 组并在端口加入,后配置三层交换机 

            4 在SW1 SW2 创建接口下DHCP  

    配置思路


    1 LSP骨干网ospf 联通R1 R2 R3
    2 开启 R1 R2 R3 mpls ldp
    3 创建 R2 R3 VPN 实例
    4 接口绑定 VPN 实例
    5 配置接口地址
    6 配置MPLS VPN 用户接入 
    7 在配置 vlan 10 20 30 40 时一并配置 VRRP 和 链路聚合 
    8 测试 排错

    已给配置

     

     配置文件 顺序 R2 R1 R3 SW1 SW2 SW3  SW6

    1. R2配置
    2. #
    3.  sysname r2
    4. #
    5.  snmp-agent local-engineid 800007DB03000000000000
    6.  snmp-agent 
    7. #
    8.  clock timezone China-Standard-Time minus 08:00:00
    9. #
    10. portal local-server load portalpage.zip
    11. #
    12.  drop illegal-mac alarm
    13. #
    14.  set cpu-usage threshold 80 restore 75
    15. #
    16. ip vpn-instance 1
    17.  ipv4-family
    18.   route-distinguisher 1020:3040
    19.   vpn-target 1020:4321 export-extcommunity
    20.   vpn-target 1020:1234 import-extcommunity
    21. #
    22. mpls lsr-id 2.2.2.2
    23. mpls
    24. #
    25. mpls ldp
    26. #
    27. #
    28. aaa 
    29.  authentication-scheme default
    30.  authorization-scheme default
    31.  accounting-scheme default
    32.  domain default 
    33.  domain default_admin 
    34.  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    35.  local-user admin service-type http
    36. #
    37. firewall zone Local
    38.  priority 15
    39. #
    40. interface GigabitEthernet0/0/0
    41.  ip address 41.0.0.1 255.255.255.0 
    42.  mpls
    43.  mpls ldp
    44. #
    45. interface GigabitEthernet0/0/1
    46.  ip binding vpn-instance 1
    47.  ip address 41.0.1.1 255.255.255.0 
    48. #
    49. interface GigabitEthernet0/0/2
    50.  ip binding vpn-instance 1
    51.  ip address 41.0.2.1 255.255.255.0 
    52. #
    53. interface NULL0
    54. #
    55. interface LoopBack0
    56.  ip address 2.2.2.2 255.255.255.0 
    57. #
    58. bgp 100
    59.  router-id 2.2.2.2
    60.  peer 3.3.3.3 as-number 100 
    61.  peer 3.3.3.3 connect-interface LoopBack0
    62.  #
    63.  ipv4-family unicast
    64.   undo synchronization
    65.   peer 3.3.3.3 enable
    66.  # 
    67.  ipv4-family vpnv4
    68.   policy vpn-target
    69.   peer 3.3.3.3 enable
    70.  #
    71.  ipv4-family vpn-instance 1 
    72.   import-route ospf 2
    73. #
    74. ospf 1 router-id 2.2.2.2 
    75.  area 0.0.0.0 
    76.   network 2.2.2.2 0.0.0.0 
    77.   network 41.0.0.0 0.0.0.255 
    78. #
    79. ospf 2 vpn-instance 1
    80.  import-route bgp
    81.  area 0.0.0.0 
    82.   network 2.2.2.2 0.0.0.0 
    83.   network 41.0.1.0 0.0.0.255 
    84.   network 41.0.2.0 0.0.0.255 
    85. #
    86. user-interface con 0
    87.  authentication-mode password
    88. user-interface vty 0 4
    89. user-interface vty 16 20
    90. #
    91. wlan ac
    92. #
    93. return

     

    1. R1配置
    2. #
    3.  sysname r1
    4. #
    5.  snmp-agent local-engineid 800007DB03000000000000
    6.  snmp-agent 
    7. #
    8.  clock timezone China-Standard-Time minus 08:00:00
    9. #
    10. portal local-server load portalpage.zip
    11. #
    12.  drop illegal-mac alarm
    13. #
    14.  set cpu-usage threshold 80 restore 75
    15. #
    16. mpls lsr-id 1.1.1.1
    17. mpls
    18. #
    19. mpls ldp
    20. #
    21. #
    22. aaa 
    23.  authentication-scheme default
    24.  authorization-scheme default
    25.  accounting-scheme default
    26.  domain default 
    27.  domain default_admin 
    28.  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    29.  local-user admin service-type http
    30. #
    31. firewall zone Local
    32.  priority 15
    33. #
    34. interface GigabitEthernet0/0/0
    35.  ip address 41.0.0.2 255.255.255.0 
    36.  mpls
    37.  mpls ldp
    38. #
    39. interface GigabitEthernet0/0/1
    40.  ip address 51.0.0.1 255.255.255.0 
    41.  mpls
    42.  mpls ldp
    43. #
    44. interface GigabitEthernet0/0/2
    45. #
    46. interface NULL0
    47. #
    48. interface LoopBack0
    49.  ip address 1.1.1.1 255.255.255.0 
    50. #
    51. ospf 1 router-id 1.1.1.1 
    52.  area 0.0.0.0 
    53.   network 1.1.1.1 0.0.0.0 
    54.   network 41.0.0.0 0.0.0.255 
    55.   network 51.0.0.0 0.0.0.255 
    56. #
    57. user-interface con 0
    58.  authentication-mode password
    59. user-interface vty 0 4
    60. user-interface vty 16 20
    61. #
    62. wlan ac
    63. #
    64. return
    1. R3 配置
    2. #
    3.  sysname r3
    4. #
    5.  snmp-agent local-engineid 800007DB03000000000000
    6.  snmp-agent 
    7. #
    8.  clock timezone China-Standard-Time minus 08:00:00
    9. #
    10. portal local-server load portalpage.zip
    11. #
    12.  drop illegal-mac alarm
    13. #
    14.  set cpu-usage threshold 80 restore 75
    15. #
    16. ip vpn-instance 1
    17.  ipv4-family
    18.   route-distinguisher 1020:3040
    19.   vpn-target 1020:1234 export-extcommunity
    20.   vpn-target 1020:4321 import-extcommunity
    21. #
    22. mpls lsr-id 3.3.3.3
    23. mpls
    24. #
    25. mpls ldp
    26. #
    27. #
    28. aaa 
    29.  authentication-scheme default
    30.  authorization-scheme default
    31.  accounting-scheme default
    32.  domain default 
    33.  domain default_admin 
    34.  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    35.  local-user admin service-type http
    36. #
    37. firewall zone Local
    38.  priority 15
    39. #
    40. interface GigabitEthernet0/0/0
    41.  ip address 51.0.0.2 255.255.255.0 
    42.  mpls
    43.  mpls ldp
    44. #
    45. interface GigabitEthernet0/0/1
    46.  ip binding vpn-instance 1
    47.  ip address 51.0.1.1 255.255.255.0 
    48. #
    49. interface GigabitEthernet0/0/2
    50. #
    51. interface NULL0
    52. #
    53. interface LoopBack0
    54.  ip address 3.3.3.3 255.255.255.0 
    55. #
    56. bgp 100
    57.  router-id 3.3.3.3
    58.  peer 2.2.2.2 as-number 100 
    59.  peer 2.2.2.2 connect-interface LoopBack0
    60.  #
    61.  ipv4-family unicast
    62.   undo synchronization
    63.   peer 2.2.2.2 enable
    64.  # 
    65.  ipv4-family vpnv4
    66.   policy vpn-target
    67.   peer 2.2.2.2 enable
    68.  #
    69.  ipv4-family vpn-instance 1 
    70.   import-route ospf 3
    71. #
    72. ospf 1 router-id 3.3.3.3 
    73.  area 0.0.0.0 
    74.   network 3.3.3.3 0.0.0.0 
    75.   network 51.0.0.0 0.0.0.255 
    76. #
    77. ospf 3 vpn-instance 1
    78.  import-route bgp
    79.  area 0.0.0.0 
    80.   network 3.3.3.3 0.0.0.0 
    81.   network 51.0.1.0 0.0.0.255 
    82. #
    83. user-interface con 0
    84.  authentication-mode password
    85. user-interface vty 0 4
    86. user-interface vty 16 20
    87. #
    88. wlan ac
    89. #
    90. return
    1. SW1 配置
    2. #
    3. sysname sw 1
    4. #
    5. vlan batch 10 20 50 60
    6. #
    7. stp instance 1 priority 4096
    8. stp instance 2 priority 8192
    9. #
    10. lacp priority 100
    11. #
    12. cluster enable
    13. ntdp enable
    14. ndp enable
    15. #
    16. drop illegal-mac alarm
    17. #
    18. dhcp enable
    19. #
    20. diffserv domain default
    21. #
    22. stp region-configuration
    23.  region-name mstp
    24.  instance 1 vlan 10
    25.  instance 2 vlan 20
    26.  active region-configuration
    27. #
    28. drop-profile default
    29. #
    30. aaa
    31.  authentication-scheme default
    32.  authorization-scheme default
    33.  accounting-scheme default
    34.  domain default
    35.  domain default_admin
    36.  local-user admin password simple admin
    37.  local-user admin service-type http
    38. #
    39. interface Vlanif1
    40. #
    41. interface Vlanif10
    42.  ip address 192.168.10.100 255.255.255.0
    43.  vrrp vrid 10 virtual-ip 192.168.10.254
    44.  vrrp vrid 10 priority 150
    45.  vrrp vrid 10 track interface GigabitEthernet0/0/24 reduced 60
    46.  dhcp select interface
    47.  dhcp server excluded-ip-address 192.168.10.251
    48.  dhcp server dns-list 8.8.8.8
    49. #
    50. interface Vlanif20
    51.  ip address 192.168.20.100 255.255.255.0
    52.  vrrp vrid 20 virtual-ip 192.168.20.254
    53. #
    54. interface Vlanif50
    55.  ip address 41.0.1.2 255.255.255.0
    56. #
    57. interface MEth0/0/1
    58. #
    59. interface Eth-Trunk1
    60.  port link-type trunk
    61.  port trunk allow-pass vlan 2 to 4094
    62.  mode lacp-static
    63.  max active-linknumber 3
    64. #
    65. interface GigabitEthernet0/0/20
    66.  eth-trunk 1
    67.  lacp priority 100
    68. #
    69. interface GigabitEthernet0/0/21
    70.  eth-trunk 1
    71.  lacp priority 100
    72. #
    73. interface GigabitEthernet0/0/22
    74.  eth-trunk 1
    75. #
    76. interface GigabitEthernet0/0/23
    77.  port link-type trunk
    78.  port trunk allow-pass vlan 2 to 4094
    79. #
    80. interface GigabitEthernet0/0/24
    81.  port link-type access
    82.  port default vlan 50
    83. #
    84. interface NULL0
    85. #
    86. interface LoopBack0
    87.  ip address 4.4.4.4 255.255.255.0
    88.  ospf network-type broadcast
    89. #
    90. ospf 200
    91.  area 0.0.0.0
    92.   network 41.0.1.0 0.0.0.255
    93.   network 192.168.10.0 0.0.0.255
    94.   network 192.168.20.0 0.0.0.255
    95. #
    96. user-interface con 0
    97. user-interface vty 0 4
    98. #
    99. return
    1. SW 2
    2. #
    3. sysname sw 2
    4. #
    5. vlan batch 10 20 50 60
    6. #
    7. stp instance 1 priority 8192
    8. stp instance 2 priority 4096
    9. #
    10. cluster enable
    11. ntdp enable
    12. ndp enable
    13. #
    14. drop illegal-mac alarm
    15. #
    16. dhcp enable
    17. #
    18. diffserv domain default
    19. #
    20. stp region-configuration
    21.  region-name mstp
    22.  instance 1 vlan 10
    23.  instance 2 vlan 20
    24.  active region-configuration
    25. #
    26. drop-profile default
    27. #
    28. aaa
    29.  authentication-scheme default
    30.  authorization-scheme default
    31.  accounting-scheme default
    32.  domain default
    33.  domain default_admin
    34.  local-user admin password simple admin
    35.  local-user admin service-type http
    36. #
    37. interface Vlanif1
    38. #
    39. interface Vlanif10
    40.  ip address 192.168.10.200 255.255.255.0
    41.  vrrp vrid 10 virtual-ip 192.168.10.254
    42. #
    43. interface Vlanif20
    44.  ip address 192.168.20.200 255.255.255.0
    45.  vrrp vrid 20 virtual-ip 192.168.20.254
    46.  vrrp vrid 20 priority 150
    47.  vrrp vrid 20 track interface GigabitEthernet0/0/24 reduced 60
    48.  dhcp select interface
    49.  dhcp server dns-list 8.8.8.8
    50. #
    51. interface Vlanif60
    52.  ip address 41.0.2.2 255.255.255.0
    53. #
    54. interface MEth0/0/1
    55. #
    56. interface Eth-Trunk1
    57.  port link-type trunk
    58.  port trunk allow-pass vlan 2 to 4094
    59.  mode lacp-static
    60.  max active-linknumber 3
    61. #
    62. interface GigabitEthernet0/0/20
    63.  eth-trunk 1
    64. #
    65. interface GigabitEthernet0/0/21
    66.  eth-trunk 1
    67. #
    68. interface GigabitEthernet0/0/22
    69.  eth-trunk 1
    70. #
    71. interface GigabitEthernet0/0/23
    72.  port link-type trunk
    73.  port trunk allow-pass vlan 2 to 4094
    74. #
    75. interface GigabitEthernet0/0/24
    76.  port link-type access
    77.  port default vlan 60
    78. #
    79. interface NULL0
    80. #
    81. interface LoopBack0
    82.  ip address 5.5.5.5 255.255.255.0
    83.  ospf network-type broadcast
    84. #
    85. ospf 200
    86.  area 0.0.0.0
    87.   network 192.168.10.0 0.0.0.255
    88.   network 192.168.20.0 0.0.0.255
    89.   network 41.0.2.0 0.0.0.255
    90. #
    91. user-interface con 0
    92. user-interface vty 0 4
    93. #
    94. return
    1. SW3配置
    2. #
    3. sysname sw 3
    4. #
    5. vlan batch 10 20 50 60 200
    6. #
    7. cluster enable
    8. ntdp enable
    9. ndp enable
    10. #
    11. drop illegal-mac alarm
    12. #
    13. diffserv domain default
    14. #
    15. drop-profile default
    16. #
    17. vlan 200
    18.  mux-vlan
    19.  subordinate separate 10
    20.  subordinate group 20
    21. #
    22. aaa
    23.  authentication-scheme default
    24.  authorization-scheme default
    25.  accounting-scheme default
    26.  domain default
    27.  domain default_admin
    28.  local-user admin password simple admin
    29.  local-user admin service-type http
    30. #
    31. interface Vlanif1
    32. #
    33. interface MEth0/0/1
    34. #
    35. interface Ethernet0/0/1
    36.  port link-type access
    37.  port default vlan 10
    38.  port mux-vlan enable
    39. #
    40. interface Ethernet0/0/2
    41.  port link-type access
    42.  port default vlan 10
    43.  port mux-vlan enable
    44. #
    45. interface Ethernet0/0/3
    46.  port link-type access
    47.  port default vlan 20
    48.  port mux-vlan enable
    49. #
    50. interface Ethernet0/0/4
    51.  port link-type access
    52.  port default vlan 20
    53.  port mux-vlan enable
    54. #
    55. interface GigabitEthernet0/0/1
    56.  port link-type trunk
    57.  port trunk allow-pass vlan 2 to 4094
    58. #
    59. interface GigabitEthernet0/0/2
    60.  port link-type trunk
    61.  port trunk allow-pass vlan 2 to 4094
    62. #
    63. interface NULL0
    64. #
    65. user-interface con 0
    66. user-interface vty 0 4
    67. #
    68. return
    1. SW6 配置
    2. #
    3. sysname sw 6
    4. #
    5. vlan batch 30 40 70
    6. #
    7. cluster enable
    8. ntdp enable
    9. ndp enable
    10. #
    11. drop illegal-mac alarm
    12. #
    13. diffserv domain default
    14. #
    15. drop-profile default
    16. #
    17. aaa
    18.  authentication-scheme default
    19.  authorization-scheme default
    20.  accounting-scheme default
    21.  domain default
    22.  domain default_admin
    23.  local-user admin password simple admin
    24.  local-user admin service-type http
    25. #
    26. interface Vlanif1
    27. #
    28. interface Vlanif30
    29.  ip address 172.16.1.1 255.255.255.0
    30. #
    31. interface Vlanif40
    32.  ip address 172.16.2.1 255.255.255.0
    33. #
    34. interface Vlanif70
    35.  ip address 51.0.1.2 255.255.255.0
    36. #
    37. interface MEth0/0/1
    38. #
    39. interface Ethernet0/0/1
    40.  port link-type access
    41.  port default vlan 30
    42. #
    43. interface Ethernet0/0/2
    44.  port link-type access
    45.  port default vlan 40
    46. #
    47. interface GigabitEthernet0/0/1
    48.  port link-type access
    49.  port default vlan 70
    50. #
    51. interface GigabitEthernet0/0/2
    52.  
    53. Oct 20 2022 15:50:06-08:00 sw 6 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.2
    54. 5.191.3.1 configurations have been changed. The current change number is 46, the
    55.  change loop count is 0, and the maximum number of records is 4095.#
    56. interface NULL0
    57. #
    58. interface LoopBack0
    59.  ip address 6.6.6.6 255.255.255.0
    60.  ospf network-type broadcast
    61. #
    62. ospf 300
    63.  area 0.0.0.0
    64.   network 51.0.1.0 0.0.0.255
    65.   network 172.16.1.0 0.0.0.255
    66.   network 172.16.2.0 0.0.0.255
    67. #
    68. user-interface con 0
    69. user-interface vty 0 4
    70. #
    71. return

    测试结果

    PC1 能 ping 通 CLIENT5  反之亦然 且 R1 R2 R3  路由表中无私网路由

     

    1. [r2]dis ip routing-table 
    2. Route Flags: R - relay, D - download to fib
    3. ------------------------------------------------------------------------------
    4. Routing Tables: Public
    5.          Destinations : 13       Routes : 13       
    6.  
    7. Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
    8.  
    9.         1.1.1.1/32  OSPF    10   1           D   41.0.0.2        GigabitEthernet
    10. 0/0/0
    11.         2.2.2.0/24  Direct  0    0           D   2.2.2.2         LoopBack0
    12.         2.2.2.2/32  Direct  0    0           D   127.0.0.1       LoopBack0
    13.       2.2.2.255/32  Direct  0    0           D   127.0.0.1       LoopBack0
    14.         3.3.3.3/32  OSPF    10   2           D   41.0.0.2        GigabitEthernet
    15. 0/0/0
    16.        41.0.0.0/24  Direct  0    0           D   41.0.0.1        GigabitEthernet
    17. 0/0/0
    18.        41.0.0.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
    19. 0/0/0
    20.      41.0.0.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet
    21. 0/0/0
    22.        51.0.0.0/24  OSPF    10   2           D   41.0.0.2        GigabitEthernet
    23. 0/0/0
    24.       127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
    25.       127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    26. 127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    27. 255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

     

  • 相关阅读:
    系统架构设计高级技能 · 通信系统架构设计理论与实践
    基于Uniapp+SpringBoot+Vue的电影交流平台小程序设计与实现(源码+lw+部署文档+讲解等)
    通过一款插件动态观察ES分片如何分布
    SpringMvc第五战-【SpringMvcJSR303和拦截器】
    UNet网络制作
    编程参考 - C语言里使用fgets函数读了个寂寞
    基于样本平衡策略的多源迁移学习方法及其在乙烯精馏塔质量指标预测的应用
    计算机组成原理百道必考大总结(上)
    解决Qt msvc编译器 中文显示乱码问题
    使用kafka的几种场景
  • 原文地址:https://blog.csdn.net/zszfs/article/details/127428346