中间系统到中间系统综合实验

原创

dfsshan 2019-11-15 09:57:41 ©著作权

©著作权归作者所有：来自51CTO博客作者dfsshan的原创作品，请联系作者获取转载授权，否则将追究法律责任

拓扑图实验目的： 1.熟悉ISIS路由协议的基础操作方法。 2.掌握该协议的区域划分，路由级别调整过程。 3.掌握该协议的网络类型以及网络类型中广播类型的DIS的选举流程。 4.掌握该协议的路由引入，路由聚合，路由过滤，路由认证等操作流程。实验要求： 1.R1,R2和R3是Level-1路由器，R6是Level-2路由器。SystemID为0000.0000.000X。ISIS的进程号为1. 通告相关接口，网段10.0.X.0/24暂不通告。 2.R4和R6，R5和R6之间不能有DIS选举； R1,R2和R3共享网络中，要求R3为DIS，需在R1和R2上配置，且优先级设置尽量小仍可以参与DIS选举。 3.R6引入10.0.X.0/24网段，并标记为100；区域47.0001能够通过R4 学到10.0.x.0/24网段明细，且必须保持这些路由的标记为100. 4. R2只允许通过缺省路由访问区域47.0002的网络。不能使用ACL和前缀列表。 5. 区域47.0001的所有路由器发送LSP和SNP需要进行认证，认证类型为MD5，密码为Huawei； level-2路由发送的IIH需要进行认证，认证类型为MD5，密码为Huawei。实验步骤： R1配置： [V200R003C00]

sysname R1

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http

isis 1 is-level level-1 cost-style wide network-entity 47.0001.0000.0000.0001.00

firewall zone Local priority 15

interface GigabitEthernet0/0/0 ip address 192.168.1.1 255.255.255.0 isis enable 1 isis dis-priority 0

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0 ip address 1.1.1.1 255.255.255.255 isis enable 1

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

Return R2的配置：

[V200R003C00]

sysname R2

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

isis 1 is-level level-1 cost-style wide network-entity 47.0001.0000.0000.0002.00 filter-policy route-policy deny_dir import

firewall zone Local priority 15

interface GigabitEthernet0/0/0 ip address 192.168.1.2 255.255.255.0 isis enable 1 isis dis-priority 0

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0 ip address 2.2.2.2 255.255.255.255 isis enable 1

route-policy deny_dir deny node 10 if-match tag 100

route-policy deny_dir permit node 100

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

return R3的配置：

[V200R003C00]

sysname R3

board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

isis 1 is-level level-1 cost-style wide network-entity 47.0001.0000.0000.0003.00

firewall zone Local priority 15

interface Serial1/0/0 link-protocol ppp ip address 34.1.1.3 255.255.255.0 isis enable 1

interface Serial1/0/1 link-protocol ppp ip address 35.1.1.3 255.255.255.0 isis enable 1

interface Serial2/0/0 link-protocol ppp

interface Serial2/0/1 link-protocol ppp

interface GigabitEthernet0/0/0 ip address 192.168.1.3 255.255.255.0 isis enable 1

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface GigabitEthernet4/0/0

interface GigabitEthernet4/0/1

interface GigabitEthernet4/0/2

interface GigabitEthernet4/0/3

interface NULL0

interface LoopBack0 ip address 3.3.3.3 255.255.255.255 isis enable 1

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

return R4的配置：

[V200R003C00]

sysname R4

board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load portalpage.zip

drop illegal-mac alarm

set cpu-usage threshold 80 restore 75

isis 1 cost-style wide network-entity 47.0001.0000.0000.0004.00 import-route isis level-2 into level-1 filter-policy route-policy Import_dir

firewall zone Local priority 15

interface Serial1/0/0 link-protocol ppp ip address 34.1.1.4 255.255.255.0 isis enable 1

interface Serial1/0/1 link-protocol ppp

interface Serial2/0/0 link-protocol ppp

interface Serial2/0/1 link-protocol ppp

interface GigabitEthernet0/0/0 ip address 46.1.1.4 255.255.255.0 isis enable 1 isis circuit-type p2p isis ppp-negotiation 3-way only

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface GigabitEthernet4/0/0

interface GigabitEthernet4/0/1

interface GigabitEthernet4/0/2

interface GigabitEthernet4/0/3

interface NULL0

interface LoopBack0 ip address 4.4.4.4 255.255.255.255 isis enable 1

route-policy Import_dir permit node 10 if-match tag 100

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

return R5的配置：

[V200R003C00]

sysname R5

board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load flash:/portalpage.zip

drop illegal-mac alarm

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

isis 1 cost-style wide network-entity 47.0001.0000.0000.0005.00

firewall zone Local priority 15

interface Serial1/0/0 link-protocol ppp

interface Serial1/0/1 link-protocol ppp ip address 35.1.1.5 255.255.255.0 isis enable 1

interface Serial2/0/0 link-protocol ppp

interface Serial2/0/1 link-protocol ppp

interface GigabitEthernet0/0/0 ip address 56.1.1.5 255.255.255.0 isis enable 1 isis circuit-type p2p isis ppp-negotiation 3-way only

interface GigabitEthernet0/0/1

interface GigabitEthernet0/0/2

interface GigabitEthernet4/0/0

interface GigabitEthernet4/0/1

interface GigabitEthernet4/0/2

interface GigabitEthernet4/0/3

interface NULL0

interface LoopBack0 ip address 5.5.5.5 255.255.255.255 isis enable 1

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

return R6的配置： [V200R003C00]

sysname R6

snmp-agent local-engineid 800007DB03000000000000 snmp-agent

clock timezone China-Standard-Time minus 08:00:00

portal local-server load flash:/portalpage.zip

drop illegal-mac alarm

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

acl number 2000
rule 5 permit source 10.0.0.0 0.0.3.255

isis 1 is-level level-2 cost-style wide network-entity 47.0002.0000.0000.0006.00 import-route direct route-policy tag

firewall zone Local priority 15

interface GigabitEthernet0/0/0 ip address 46.1.1.6 255.255.255.0 isis enable 1 isis circuit-type p2p isis ppp-negotiation 3-way only

interface GigabitEthernet0/0/1 ip address 56.1.1.6 255.255.255.0 isis enable 1 isis circuit-type p2p isis ppp-negotiation 3-way only

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0 ip address 6.6.6.6 255.255.255.255 isis enable 1

interface LoopBack11 ip address 10.0.0.1 255.255.255.0

interface LoopBack12 ip address 10.0.1.1 255.255.255.0

interface LoopBack13 ip address 10.0.3.1 255.255.255.0

route-policy tag permit node 10 if-match acl 2000 apply tag 100

user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20

wlan ac

return

上一篇：MPLS-MCE

下一篇：ISIS在IPV6中的应用

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯