-
基于eNSP的IPv6校园网络规划与设计_综合实验
作者:BSXY_19计科_陈永跃 BSXY_信息学院 注:未经允许禁止转发任何内容 前言及技术/资源下载说明( 未经允许禁止转发任何内容 )
可根据以下所提供的设计与实现步骤过程一步一步自行实现(每一条命令都是关键的命令);但是如果有需要的也可以根据以下地址进行下载完整的topo图和完整的配置进行参考与借鉴**,如若拿到topo图可多display查看配置,查看相应的命令,配套资源获取如下,相应的内容如下图所示:
公众号(小猿网),回复“网络规划”即可 内容包含: 基于eNSP的IPv6校园网络规划与设计_综合 实验topo和完成配置+一步步的所有配置命 令(ensp)+一步步可以直接刷的记事本命令 可快速配置重复的工作+全程配置参考视 频(可2倍速看)+相应地址规划表 由于公众号可能目前没有太大的曝光度,搜索时可能 不是置顶的公众号。这时可以多往下滑一下找到该公 众号,或者直接到文章结尾处获取公众号二维码即可- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
以下是topo图的模样,相应的地址规划和路由规划大部分都在图中明确的标注了
该topo网络中用到的技术有vlan划分、单臂路由(路由器子接口配置)、VRRP6、OSPFv3、防火墙安全策略、DHCPv6、IPv6 over IPv4 GRE(也就是这个隧道技术)、默认路由(IPv4/IPv6)等技术最后说明该topo规划最后的作者权归于:BSXY_信息学院_19计科_陈永跃一、设计topo图与设计要求
设计要求:
- 总部的终端设备设置为静态地址,方便用户自行修改地址
- 在接入和汇聚的交换机进行合理的vlan 划分,减小广播域大小,提高网络稳定性
- 核心路由器作为用户网关实现vlan间路由
- AR3/AR4配置VRRP6虚拟网关冗余
- AR3/AR4/AR1配置OSPFv3实现三层路由
- FW配置相应地址和安全策略,允许除vlan 20外的网段访问DMZ区
- 分校的终端设备在相应设备上配置DHCPv6,让用户能自动获取ipv6地址
- 总校与分校之间通过配置IPv6 over IPv4 GRE隧道互通
- 总校与分校之间通过隧道GRE能实现互通
二、相应地址规划表
三、基于eNSP中大型校园/企业网络规划与设计(可不看)
插曲部分:基于eNSP中大型校园/企业网络规划与设计_综合大作业 如下图所示(但是并不在该篇文章中做详细介绍和说明,如查看可点击连接自行查看阅读):
设计要求:- 01、完成服务器、防火墙、路由器相应的接口地址的配置
- 02、慧源楼配置Eth-Trunk链路捆绑来提高链路的冗余
- 03、根据不同的地域划分多个不同的vlan,减小广播域大小,提高网络的可靠性和安全性
- 04、在慧源楼配置RSTP+VRRP,避免网络的回环且快速收敛
- 05、在明诚楼配置MSTP+VRRP,同时实现冗余,划分实例,让不同的vlan优先选择相应的交换机,并减少stp震荡
- 06、明诚楼、慧源楼、服务区的所有用户通过配置相应的DHCP中继能自动获取地址,且DHCP服务器为AR2
- 07、分校区用户也需要要自动获取地址,相应服务器为AR13,AR13配置相应的子接口为相应终端分配地址
- 08、慧源楼主要配置OSPF让其相应路由器能学到相应的路由表
- 09、、明诚楼应用RIP协议和OSPF协议,并将RIP和OSPF路由进行双向引入,让其能与慧源楼互通
- 10、服务区配置相应的ftp、dns、web服务器,如有PC接入也能自动获取地址,这里的PC用于测试相应的DHCP
- 11、FW1和LSW4分别配置Vlink,让area3和area0之间能互通,学到相应的路由信息
- 12、FW1/FW2都配置相应的安全策略,且在FW1上放行trust到dmz的流量
- 13、FW1/FW2都配置相应的默认路由指向我们的运行商ISP
- 14、FW1/FW2配置相应的NAT策略,使得内网、dmz可以访问外网(百度)
- 15、FW1/FW2配置相应的IPsec VPN让模拟主校区与模拟分校区之间互通,允许互通的网段为172.16.X.X/16
- 16、外网模拟ISP使用使用IS-IS路由让其互通
- 17、主校区/分校区用户可以通过域名(www.baidu.com)访问外网百度,主校区可以通过域名(www.xyw.com)访问内网web服务器
- 18、我们主校区用户的dns服务器就用我们内部的dns服务器,分校区的dns服务器用ISP的dns服务器
四、该网络规划全过程(顺着一步一步走)
1、接入层vlan划分
LSW5: <Huawei>sys [Huawei]un in en [Huawei]sysname LSW5 [LSW5]vlan 10 [LSW5-vlan10]qui [LSW5]int e0/0/1 [LSW5-Ethernet0/0/1]port link-type access [LSW5-Ethernet0/0/1]port default vlan 10 [LSW5-Ethernet0/0/1]int e0/0/2 [LSW5-Ethernet0/0/2]port link-type trunk [LSW5-Ethernet0/0/2]port trunk allow-pass vlan all [LSW5-Ethernet0/0/2]qui [LSW5]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
LSW6: <Huawei>sys [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW6 [LSW6]vlan 10 [LSW6-vlan10]qui [LSW6]int e0/0/1 [LSW6-Ethernet0/0/1]port link-type access [LSW6-Ethernet0/0/1]port default vlan 10 [LSW6-Ethernet0/0/1]int e0/0/2 [LSW6-Ethernet0/0/2]port link-type trunk [LSW6-Ethernet0/0/2]port trunk allow-pass vlan all [LSW6-Ethernet0/0/2]qui [LSW6]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
LSW7: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW7 [LSW7]vlan 20 [LSW7-vlan20]qui [LSW7]int e0/0/1 [LSW7-Ethernet0/0/1]port link-type access [LSW7-Ethernet0/0/1]port default vlan 20 [LSW7-Ethernet0/0/1]int e0/0/2 [LSW7-Ethernet0/0/2]port link-type trunk [LSW7-Ethernet0/0/2]port trunk allow-pass vlan all [LSW7-Ethernet0/0/2]qui [LSW7]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
LSW8: <Huawei>sys [Huawei]un in en [Huawei]sysname LSW8 [LSW8]vlan 21 [LSW8-vlan21]qui [LSW8]int e0/0/1 [LSW8-Ethernet0/0/1]port link-type access [LSW8-Ethernet0/0/1]port default vlan 21 [LSW8-Ethernet0/0/1]int e0/0/2 [LSW8-Ethernet0/0/2]port link-type trunk [LSW8-Ethernet0/0/2]port trunk allow-pass vlan all [LSW8-Ethernet0/0/2]qui [LSW8]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
LSW9: <Huawei>sys [Huawei]un in en [Huawei]sysname LSW9 [LSW9]vlan 30 [LSW9-vlan30]qui [LSW9]int e0/0/2 [LSW9-Ethernet0/0/2]port link-type access [LSW9-Ethernet0/0/2]port default vlan 30 [LSW9-Ethernet0/0/2]int e0/0/1 [LSW9-Ethernet0/0/1]port link-type trunk [LSW9-Ethernet0/0/1]port trunk allow-pass vlan all [LSW9-Ethernet0/0/1]qui [LSW9]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
LSW10: <Huawei>sys [Huawei]un in en [Huawei]sysname LSW10 [LSW10]vlan 31 [LSW10-vlan31]qui [LSW10]int e0/0/2 [LSW10-Ethernet0/0/2]port link-type access [LSW10-Ethernet0/0/2]port default vlan 31 [LSW10-Ethernet0/0/2]int e0/0/1 [LSW10-Ethernet0/0/1]port link-type trunk [LSW10-Ethernet0/0/1]port trunk allow-pass vlan all [LSW10-Ethernet0/0/1]qui [LSW10]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
LSW11: <Huawei>sys [Huawei]un in en [Huawei]sysname LSW11 [LSW11]vlan 40 [LSW11-vlan40]qui [LSW11]int e0/0/1 [LSW11-Ethernet0/0/1]port link-type access [LSW11-Ethernet0/0/1]port default vlan 40 [LSW11-Ethernet0/0/1]int e0/0/2 [LSW11-Ethernet0/0/2]port link-type trunk [LSW11-Ethernet0/0/2]port trunk allow-pass vlan all [LSW11-Ethernet0/0/2]qui [LSW11]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
LSW12: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW12 [LSW12]vlan 41 [LSW12-vlan41]qui [LSW12]int e0/0/1 [LSW12-Ethernet0/0/1]port link-type access [LSW12-Ethernet0/0/1]port default vlan 41 [LSW12-Ethernet0/0/1]int e0/0/2 [LSW12-Ethernet0/0/2]port link-type trunk [LSW12-Ethernet0/0/2]port trunk allow-pass vlan all [LSW12-Ethernet0/0/2]qui [LSW12]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
2、汇聚层vlan划分
LSW1: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW1 [LSW1]vlan 10 [LSW1-vlan10]qui [LSW1]port-group group-member g0/0/1 to g0/0/4 [LSW1-port-group]port link-type trunk [LSW1-GigabitEthernet0/0/1]port link-type trunk [LSW1-GigabitEthernet0/0/2]port link-type trunk [LSW1-GigabitEthernet0/0/3]port link-type trunk [LSW1-GigabitEthernet0/0/4]port link-type trunk [LSW1-port-group]port trunk allow-pass vlan all [LSW1-GigabitEthernet0/0/1]port trunk allow-pass vlan all [LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all [LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all [LSW1-GigabitEthernet0/0/4]port trunk allow-pass vlan all [LSW1-port-group]qui [LSW1]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
LSW2: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW2 [LSW2]vlan batch 20 21 Info: This operation may take a few seconds. Please wait for a moment...done. [LSW2]port-group group-member g0/0/1 to g0/0/4 [LSW2-port-group]port link-type trunk [LSW2-GigabitEthernet0/0/1]port link-type trunk [LSW2-GigabitEthernet0/0/2]port link-type trunk [LSW2-GigabitEthernet0/0/3]port link-type trunk [LSW2-GigabitEthernet0/0/4]port link-type trunk [LSW2-port-group]port trunk allow-pass vlan all [LSW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all [LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all [LSW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all [LSW2-GigabitEthernet0/0/4]port trunk allow-pass vlan all [LSW2-port-group]qui [LSW2]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
LSW3: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW3 [LSW3]vlan batch 30 31 Info: This operation may take a few seconds. Please wait for a moment...done. [LSW3]port-group group-member g0/0/1 to g0/0/4 [LSW3-port-group]port link-type trunk [LSW3-GigabitEthernet0/0/1]port link-type trunk [LSW3-GigabitEthernet0/0/2]port link-type trunk [LSW3-GigabitEthernet0/0/3]port link-type trunk [LSW3-GigabitEthernet0/0/4]port link-type trunk [LSW3-port-group]port trunk allow-pass vlan all [LSW3-GigabitEthernet0/0/1]port trunk allow-pass vlan all [LSW3-GigabitEthernet0/0/2]port trunk allow-pass vlan all [LSW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all [LSW3-GigabitEthernet0/0/4]port trunk allow-pass vlan all [LSW3-port-group]qui [LSW3]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
LSW4: <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]un in en Info: Information center is disabled. [Huawei]sysname LSW4 [LSW4]vlan batch 40 41 Info: This operation may take a few seconds. Please wait for a moment...done. [LSW4]port-group group-member g0/0/1 to g0/0/4 [LSW4-port-group]port link-type trunk [LSW4-GigabitEthernet0/0/1]port link-type trunk [LSW4-GigabitEthernet0/0/2]port link-type trunk [LSW4-GigabitEthernet0/0/3]port link-type trunk [LSW4-GigabitEthernet0/0/4]port link-type trunk [LSW4-port-group]port trunk allow-pass vlan all [LSW4-GigabitEthernet0/0/1]port trunk allow-pass vlan all [LSW4-GigabitEthernet0/0/2]port trunk allow-pass vlan all [LSW4-GigabitEthernet0/0/3]port trunk allow-pass vlan all [LSW4-GigabitEthernet0/0/4]port trunk allow-pass vlan all [LSW4-port-group]qui [LSW4]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
3、核心层子接口地址配置
AR3: <Huawei>sys [Huawei]un in en [Huawei]sysname AR3 [AR3]ipv6 [AR3]int g0/0/0.10 [AR3-GigabitEthernet0/0/0.10]dot1q termination vid 10 [AR3-GigabitEthernet0/0/0.10]arp broadcast enable [AR3-GigabitEthernet0/0/0.10]ipv6 enable [AR3-GigabitEthernet0/0/0.10]ipv6 address 1000::100/64 [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR3-GigabitEthernet0/0/1.20]dot1q termination vid 20 [AR3-GigabitEthernet0/0/1.20]arp broadcast enable [AR3-GigabitEthernet0/0/1.20]ipv6 enable [AR3-GigabitEthernet0/0/1.20]ipv6 address 2000::100/64 [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR3-GigabitEthernet0/0/1.21]dot1q termination vid 21 [AR3-GigabitEthernet0/0/1.21]arp broadcast enable [AR3-GigabitEthernet0/0/1.21]ipv6 enable [AR3-GigabitEthernet0/0/1.21]ipv6 address 2001::100/64 [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR3-GigabitEthernet0/0/2.30]dot1q termination vid 30 [AR3-GigabitEthernet0/0/2.30]arp broadcast enable [AR3-GigabitEthernet0/0/2.30]ipv6 enable [AR3-GigabitEthernet0/0/2.30]ipv6 address 3000::100/64 [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR3-GigabitEthernet0/0/2.31]dot1q termination vid 31 [AR3-GigabitEthernet0/0/2.31]arp broadcast enable [AR3-GigabitEthernet0/0/2.31]ipv6 enable [AR3-GigabitEthernet0/0/2.31]ipv6 address 3001::100/64 [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR3-GigabitEthernet4/0/0.40]dot1q termination vid 40 [AR3-GigabitEthernet4/0/0.40]arp broadcast enable [AR3-GigabitEthernet4/0/0.40]ipv6 enable [AR3-GigabitEthernet4/0/0.40]ipv6 address 4000::100/64 [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR3-GigabitEthernet4/0/0.41]dot1q termination vid 41 [AR3-GigabitEthernet4/0/0.41]arp broadcast enable [AR3-GigabitEthernet4/0/0.41]ipv6 enable [AR3-GigabitEthernet4/0/0.41]ipv6 address 4001::100/64 [AR3-GigabitEthernet4/0/0.41]int g4/0/1 [AR3-GigabitEthernet4/0/1]ipv6 enable [AR3-GigabitEthernet4/0/1]ipv6 address 3400::3/64 [AR3-GigabitEthernet4/0/1]int g4/0/2 [AR3-GigabitEthernet4/0/2]ipv6 enable [AR3-GigabitEthernet4/0/2]ipv6 address 1300::3/64 [AR3-GigabitEthernet4/0/2]qui [AR3]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
AR4: <Huawei>sys [Huawei]un in en [Huawei]sysname AR4 [AR4]ipv6 [AR4]int g0/0/0.10 [AR4-GigabitEthernet0/0/0.10]dot1q termination vid 10 [AR4-GigabitEthernet0/0/0.10]arp broadcast enable [AR4-GigabitEthernet0/0/0.10]ipv6 enable [AR4-GigabitEthernet0/0/0.10]ipv6 address 1000::200/64 [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR4-GigabitEthernet0/0/1.20]dot1q termination vid 20 [AR4-GigabitEthernet0/0/1.20]arp broadcast enable [AR4-GigabitEthernet0/0/1.20]ipv6 enable [AR4-GigabitEthernet0/0/1.20]ipv6 address 2000::200/64 [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR4-GigabitEthernet0/0/1.21]dot1q termination vid 21 [AR4-GigabitEthernet0/0/1.21]arp broadcast enable [AR4-GigabitEthernet0/0/1.21]ipv6 enable [AR4-GigabitEthernet0/0/1.21]ipv6 address 2001::200/64 [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR4-GigabitEthernet0/0/2.30]dot1q termination vid 30 [AR4-GigabitEthernet0/0/2.30]arp broadcast enable [AR4-GigabitEthernet0/0/2.30]ipv6 enable [AR4-GigabitEthernet0/0/2.30]ipv6 address 3000::200/64 [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR4-GigabitEthernet0/0/2.31]dot1q termination vid 31 [AR4-GigabitEthernet0/0/2.31]arp broadcast enable [AR4-GigabitEthernet0/0/2.31]ipv6 enable [AR4-GigabitEthernet0/0/2.31]ipv6 address 3001::200/64 [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR4-GigabitEthernet4/0/0.40]dot1q termination vid 40 [AR4-GigabitEthernet4/0/0.40]arp broadcast enable [AR4-GigabitEthernet4/0/0.40]ipv6 enable [AR4-GigabitEthernet4/0/0.40]ipv6 address 4000::200/64 [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR4-GigabitEthernet4/0/0.41]dot1q termination vid 41 [AR4-GigabitEthernet4/0/0.41]arp broadcast enable [AR4-GigabitEthernet4/0/0.41]ipv6 enable [AR4-GigabitEthernet4/0/0.41]ipv6 address 4001::200/64 [AR4-GigabitEthernet4/0/0.41]int g4/0/1 [AR4-GigabitEthernet4/0/1]ipv6 enable [AR4-GigabitEthernet4/0/1]ipv6 address 3400::4/64 [AR4-GigabitEthernet4/0/1]int g4/0/2 [AR4-GigabitEthernet4/0/2]ipv6 enable [AR4-GigabitEthernet4/0/2]ipv6 address 1400::4/64 [AR4-GigabitEthernet4/0/2]qui [AR4]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
4、核心层VRRP配置
AR3: [AR3]int g0/0/0.10 [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip FE80::10 link-local [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip 1000::128 [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 priority 120 [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip FE80::20 link-local [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip 2000::128 [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 priority 120 [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip FE80::21 link-local [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip 2001::128 [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 priority 120 [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR3-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip FE80::30 link-local [AR3-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip 3000::128 [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR3-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip FE80::31 link-local [AR3-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip 3001::128 [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR3-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip FE80::40 link-local [AR3-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip 4000::128 [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR3-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip FE80::41 link-local [AR3-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip 4001::128 [AR3-GigabitEthernet4/0/0.41]qui [AR3]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
AR4: [AR4]int g0/0/0.10 [AR4-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip FE80::10 link-local [AR4-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip 1000::128 [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR4-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip FE80::20 link-local [AR4-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip 2000::128 [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR4-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip FE80::21 link-local [AR4-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip 2001::128 [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip FE80::30 link-local [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip 3000::128 [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 priority 120 [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip FE80::31 link-local [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip 3001::128 [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 priority 120 [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip FE80::40 link-local [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip 4000::128 [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 priority 120 [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip FE80::41 link-local [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip 4001::128 [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 priority 120 [AR4-GigabitEthernet4/0/0.41]qui [AR4]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
5、核心层OSPF配置
AR3: [AR3]ospfv3 [AR3-ospfv3-1]router-id 3.3.3.3 [AR3-ospfv3-1]area 0 [AR3-ospfv3-1-area-0.0.0.0]qui [AR3-ospfv3-1]qui [AR3] [AR3]int g0/0/0.10 [AR3-GigabitEthernet0/0/0.10]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR3-GigabitEthernet0/0/1.20]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR3-GigabitEthernet0/0/1.21]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR3-GigabitEthernet0/0/2.30]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR3-GigabitEthernet0/0/2.31]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR3-GigabitEthernet4/0/0.40]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR3-GigabitEthernet4/0/0.41]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet4/0/0.41]int g4/0/1 [AR3-GigabitEthernet4/0/1]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet4/0/1]int g4/0/2 [AR3-GigabitEthernet4/0/2]ospfv3 1 area 0.0.0.0 [AR3-GigabitEthernet4/0/2]qui [AR3]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
AR4: [AR4]ospfv3 [AR4-ospfv3-1]router-id 4.4.4.4 [AR4-ospfv3-1]area 0 [AR4-ospfv3-1-area-0.0.0.0]qui [AR4-ospfv3-1]qui [AR4]int g0/0/0.10 [AR4-GigabitEthernet0/0/0.10]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20 [AR4-GigabitEthernet0/0/1.20]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21 [AR4-GigabitEthernet0/0/1.21]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30 [AR4-GigabitEthernet0/0/2.30]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31 [AR4-GigabitEthernet0/0/2.31]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40 [AR4-GigabitEthernet4/0/0.40]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41 [AR4-GigabitEthernet4/0/0.41]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet4/0/0.41]int g4/0/1 [AR4-GigabitEthernet4/0/1]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet4/0/1]int g4/0/2 [AR4-GigabitEthernet4/0/2]ospfv3 1 area 0.0.0.0 [AR4-GigabitEthernet4/0/2]qui [AR4]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
AR1: <Huawei>sys [Huawei]un in en [Huawei]sysname AR1 [AR1]ipv6 [AR1]ospfv3 1 [AR1-ospfv3-1]router-id 1.1.1.1 [AR1-ospfv3-1]area 0 [AR1-ospfv3-1-area-0.0.0.0]qui [AR1-ospfv3-1]qui [AR1]int g0/0/0 [AR1-GigabitEthernet0/0/0]ipv6 enable [AR1-GigabitEthernet0/0/0]ipv6 address 1300::1/64 [AR1-GigabitEthernet0/0/0]ospfv3 1 area 0.0.0.0 [AR1-GigabitEthernet0/0/0]int g0/0/1 [AR1-GigabitEthernet0/0/1]ipv6 enable [AR1-GigabitEthernet0/0/1]ipv6 address 1400::1/64 [AR1-GigabitEthernet0/0/1]ospfv3 1 area 0.0.0.0 [AR1-GigabitEthernet0/0/1]int g0/0/2 [AR1-GigabitEthernet0/0/2]ip add 12.1.1.1 24 [AR1-GigabitEthernet0/0/2]int g4/0/0 [AR1-GigabitEthernet4/0/0]ipv6 enable [AR1-GigabitEthernet4/0/0]ipv6 address 1100::2/64 [AR1-GigabitEthernet4/0/0]ospfv3 1 area 0.0.0.0 [AR1-GigabitEthernet4/0/0]qui [AR1]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
6、FW配置
admin Admin@123 y Admin@123 admin@123 admin@123 <USG6000V1>sys [USG6000V1]un in en [USG6000V1]sysname FW [FW]ipv6 [FW]ospfv3 [FW-ospfv3-1]router-id 11.11.11.11 [FW-ospfv3-1]qui [FW]int g1/0/0 [FW-GigabitEthernet1/0/0]ipv6 enable [FW-GigabitEthernet1/0/0]ipv6 add 5000::128/64 [FW-GigabitEthernet1/0/0]ospfv3 1 area 0 [FW-GigabitEthernet1/0/0]int g1/0/1 [FW-GigabitEthernet1/0/1]ipv6 enable [FW-GigabitEthernet1/0/1]ipv6 add 1100::1/64 [FW-GigabitEthernet1/0/1]ospfv3 1 area 0 [FW-GigabitEthernet1/0/1]qui [FW]firewall zone trust [FW-zone-trust]add int g1/0/1 [FW-zone-trust]qui [FW]firewall zone dmz [FW-zone-dmz]add int g1/0/0 [FW-zone-dmz]qui [FW]security-policy [FW-policy-security]rule name trust_to_dmz [FW-policy-security-rule-trust_to_dmz]source-zone trust [FW-policy-security-rule-trust_to_dmz]destination-zone dmz [FW-policy-security-rule-trust_to_dmz]source-address 1000::0 64 [FW-policy-security-rule-trust_to_dmz]source-address 2001::0 64 [FW-policy-security-rule-trust_to_dmz]source-address 3000::0 64 [FW-policy-security-rule-trust_to_dmz]source-address 3001::0 64 [FW-policy-security-rule-trust_to_dmz]source-address 4000::0 64 [FW-policy-security-rule-trust_to_dmz]source-address 4001::0 64 [FW-policy-security-rule-trust_to_dmz]action permit [FW-policy-security-rule-trust_to_dmz]qui [FW-policy-security]qui [FW]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
7、DHCPv6配置
AR5: <Huawei>sys [Huawei]un in en [Huawei]sysname AR5 [AR5]ipv6 [AR5]dhcp enable [AR5]dhcpv6 pool 1 [AR5-dhcpv6-pool-1]address prefix 6000::/64 [AR5-dhcpv6-pool-1]excluded-address 6000::128 [AR5-dhcpv6-pool-1]qui [AR5]dhcpv6 pool 2 [AR5-dhcpv6-pool-2]address prefix 6001::/64 [AR5-dhcpv6-pool-2]excluded-address 6001::128 [AR5-dhcpv6-pool-2]qui [AR5]int g0/0/0 [AR5-GigabitEthernet0/0/0]ip add 25.1.1.5 24 [AR5-GigabitEthernet0/0/0]int g0/0/1 [AR5-GigabitEthernet0/0/1]ipv6 enable [AR5-GigabitEthernet0/0/1]ipv6 address 6000::128/64 [AR5-GigabitEthernet0/0/1]dhcpv6 server 1 [AR5-GigabitEthernet0/0/1]undo ipv6 nd ra halt [AR5-GigabitEthernet0/0/1]ipv6 nd autoconfig managed-address-flag [AR5-GigabitEthernet0/0/1]ipv6 nd autoconfig other-flag [AR5-GigabitEthernet0/0/1]qui [AR5]int g0/0/2 [AR5-GigabitEthernet0/0/2]ipv6 enable [AR5-GigabitEthernet0/0/2]ipv6 address 6001::128/64 [AR5-GigabitEthernet0/0/2]dhcpv6 server 2 [AR5-GigabitEthernet0/0/2]undo ipv6 nd ra halt [AR5-GigabitEthernet0/0/2]ipv6 nd autoconfig managed-address-flag [AR5-GigabitEthernet0/0/2]ipv6 nd autoconfig other-flag [AR5-GigabitEthernet0/0/2]qui [AR5]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
8、GRE配置
AR1: [AR1]interface Tunnel0/0/1 [AR1-Tunnel0/0/1]ipv6 enable [AR1-Tunnel0/0/1]ipv6 address 1500::1/64 [AR1-Tunnel0/0/1]tunnel-protocol gre [AR1-Tunnel0/0/1]source 12.1.1.1 [AR1-Tunnel0/0/1]destination 25.1.1.5 [AR1-Tunnel0/0/1]qui- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
ISP <Huawei>sys [Huawei]un in en [Huawei]sysname ISP [ISP]int g0/0/0 [ISP-GigabitEthernet0/0/0]ip add 12.1.1.2 24 [ISP-GigabitEthernet0/0/0]int g0/0/2 [ISP-GigabitEthernet0/0/2]ip add 25.1.1.2 24 [ISP-GigabitEthernet0/0/2]qui [ISP]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
AR5: [AR5]interface Tunnel0/0/1 [AR5-Tunnel0/0/1]ipv6 enable [AR5-Tunnel0/0/1]ipv6 address 1500::2/64 [AR5-Tunnel0/0/1]tunnel-protocol gre [AR5-Tunnel0/0/1]source 25.1.1.5 [AR5-Tunnel0/0/1]destination 12.1.1.1 [AR5-Tunnel0/0/1]qui [AR5]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
9、OSPF配置
[AR5]ospfv3 [AR5-ospfv3-1]router-id 5.5.5.5 [AR5-ospfv3-1]qui [AR5]int g0/0/1 [AR5-GigabitEthernet0/0/1]ospfv3 1 area 0.0.0.0 [AR5-GigabitEthernet0/0/1]int g0/0/2 [AR5-GigabitEthernet0/0/2]ospfv3 1 area 0.0.0.0 [AR5-GigabitEthernet0/0/2]qui [AR5]int Tunnel 0/0/1 [AR5-Tunnel0/0/1]ospfv3 1 area 0.0.0.0 [AR5-Tunnel0/0/1]qui [AR5]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
[AR1]int Tunnel 0/0/1 [AR1-Tunnel0/0/1]ospfv3 1 area 0.0.0.0 [AR1-Tunnel0/0/1]qui [AR1]- 1
- 2
- 3
- 4
-
相关阅读:
生成函数、多项式题单
PAT(甲级)2022年夏季考试
产品经理凭啥年薪百万?看这里
解决VMware虚拟机更新17.5.0版本后,启动虚拟机导致电脑重启的问题。(建议收藏)
【opencv图像处理】--1. 图像,视频,鼠标,trackbar控件简单使用
《重磅发布 | 80+大屏&组件模板,即刻下载、快速构建应用!遥遥领先~》
【Python】利用字符串切片输出回文诗
dubbo与Netty的关系
idea 打 jar 包以及运行使用
HTML+CSS+JS我的班级网页设计期末课程大作业 web前端开发技术 web课程设计 网页规划与设计
- 原文地址:https://blog.csdn.net/m0_46179473/article/details/128141191
