河北科技大学校园网设计和实现

1.背景描述

1.1 部门:信息学院、电气学院、机械学院……;
信息学院有计算机系、网络系、电子系;电气学院有无人机、……系;
1.2 建筑物分布
信息楼、电气楼、机械楼…、网管中心…
1.3 申请的IPv4地址空间:202.206.64.0—202.206.79.0

设计目标:实现校园网的Intranet,校园网内有Web服务器、Email服务器、FTP服务器等。;校园网的主机可以访问Internet的Web服务器,外网主机可以访问科大的Web服务器,名称是www.hebust.edu.cn,
安全策略
IP地址:DHCP
NAT

2. 设计网络

2.1 三层网络的设计思想:接入层、汇聚层、核心层
2.2 接入层 :VLAN
汇聚层:实现VLAN间主机的路由、跨交换机VLAN内主机的通信
核心层:汇聚层 路由协议:RIPv2、
出口路由器:到外网的默认路由
ISP边缘路由器:到科技大学的汇总路由
2.3 服务器群:
2.4 IP地址规划
2.5 路由协议RIPv2、静态路由

传播默认路由、汇总路由

3.设计拓扑图

校园网服务器架构 校园网的架构_网络图

4 详细配置

信息学院交换机

S1:
 interface FastEthernet0/1
 switchport access vlan 10
 !
 interface FastEthernet0/2
 switchport access vlan 10
 !
 interface FastEthernet0/3
 switchport access vlan 10
 !
 interface FastEthernet0/4
 switchport access vlan 10
 !
 interface FastEthernet0/5
 switchport access vlan 10
 !
 interface FastEthernet0/6
 switchport access vlan 10
 !
 interface FastEthernet0/7
 switchport access vlan 10
 !
 interface FastEthernet0/8
 switchport access vlan 10
 !
 interface FastEthernet0/9
 switchport access vlan 10
 !
 interface FastEthernet0/10
 switchport access vlan 10
 !
 interface FastEthernet0/11
 switchport access vlan 20
 !
 interface FastEthernet0/12
 switchport access vlan 20
 !
 interface FastEthernet0/13
 switchport access vlan 20
 !
 interface FastEthernet0/14
 switchport access vlan 20
 !
 interface FastEthernet0/15
 switchport access vlan 20
 !
 interface FastEthernet0/16
 switchport access vlan 20
 !
 interface FastEthernet0/17
 switchport access vlan 20
 !
 interface FastEthernet0/18
 switchport access vlan 20
 !
 interface FastEthernet0/19
 switchport access vlan 20
 !
 interface FastEthernet0/20
 switchport access vlan 20
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 endS2:
 interface FastEthernet0/1
 switchport access vlan 20
 !
 interface FastEthernet0/2
 switchport access vlan 20
 !
 interface FastEthernet0/3
 switchport access vlan 20
 !
 interface FastEthernet0/4
 switchport access vlan 20
 !
 interface FastEthernet0/5
 switchport access vlan 20
 !
 interface FastEthernet0/6
 switchport access vlan 20
 !
 interface FastEthernet0/7
 switchport access vlan 20
 !
 interface FastEthernet0/8
 switchport access vlan 20
 !
 interface FastEthernet0/9
 switchport access vlan 20
 !
 interface FastEthernet0/10
 switchport access vlan 20
 !
 interface FastEthernet0/11
 switchport access vlan 30
 !
 interface FastEthernet0/12
 switchport access vlan 30
 !
 interface FastEthernet0/13
 switchport access vlan 30
 !
 interface FastEthernet0/14
 switchport access vlan 30
 !
 interface FastEthernet0/15
 switchport access vlan 30
 !
 interface FastEthernet0/16
 switchport access vlan 30
 !
 interface FastEthernet0/17
 switchport access vlan 30
 !
 interface FastEthernet0/18
 switchport access vlan 30
 !
 interface FastEthernet0/19
 switchport access vlan 30
 !
 interface FastEthernet0/20
 switchport access vlan 30
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 endS3:
 !
 interface FastEthernet0/1
 switchport access vlan 30
 !
 interface FastEthernet0/2
 switchport access vlan 30
 !
 interface FastEthernet0/3
 switchport access vlan 30
 !
 interface FastEthernet0/4
 switchport access vlan 30
 !
 interface FastEthernet0/5
 switchport access vlan 30
 !
 interface FastEthernet0/6
 switchport access vlan 30
 !
 interface FastEthernet0/7
 switchport access vlan 30
 !
 interface FastEthernet0/8
 switchport access vlan 30
 !
 interface FastEthernet0/9
 switchport access vlan 30
 !
 interface FastEthernet0/10
 switchport access vlan 30
 !
 interface FastEthernet0/11
 switchport access vlan 10
 !
 interface FastEthernet0/12
 switchport access vlan 10
 !
 interface FastEthernet0/13
 switchport access vlan 10
 !
 interface FastEthernet0/14
 switchport access vlan 10
 !
 interface FastEthernet0/15
 switchport access vlan 10
 !
 interface FastEthernet0/16
 switchport access vlan 10
 !
 interface FastEthernet0/17
 switchport access vlan 10
 !
 interface FastEthernet0/18
 switchport access vlan 10
 !
 interface FastEthernet0/19
 switchport access vlan 10
 !
 interface FastEthernet0/20
 switchport access vlan 10
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 end三层交换机
 interface GigabitEthernet0/1
 no switchport
 ip address 202.206.79.1 255.255.255.252
 duplex auto
 speed auto
 !
 interface GigabitEthernet0/2
 !
 interface Vlan1
 no ip address
 shutdown
 !
 interface Vlan10
 ip address 202.206.70.254 255.255.255.0
 !
 interface Vlan20
 ip address 202.206.78.254 255.255.255.0
 !
 interface Vlan30
 ip address 202.206.77.254 255.255.255.0
 !
 router rip
 version 2
 network 202.206.70.0
 network 202.206.77.0
 network 202.206.78.0
 network 202.206.79.0
 no auto-summary
 !
 ip classless
 !
 ip flow-export version 9
 !
 !
 !
 !
 !
 !
 !
 line con 0
 !
 line aux 0
 !
 line vty 0 4
 login
 !
 !
 !
 end电气学院交换机
S4:
 interface FastEthernet0/1
 switchport access vlan 40
 !
 interface FastEthernet0/2
 switchport access vlan 40
 !
 interface FastEthernet0/3
 switchport access vlan 40
 !
 interface FastEthernet0/4
 switchport access vlan 40
 !
 interface FastEthernet0/5
 switchport access vlan 40
 !
 interface FastEthernet0/6
 switchport access vlan 40
 !
 interface FastEthernet0/7
 switchport access vlan 40
 !
 interface FastEthernet0/8
 switchport access vlan 40
 !
 interface FastEthernet0/9
 switchport access vlan 40
 !
 interface FastEthernet0/10
 switchport access vlan 40
 !
 interface FastEthernet0/11
 switchport access vlan 50
 !
 interface FastEthernet0/12
 switchport access vlan 50
 !
 interface FastEthernet0/13
 switchport access vlan 50
 !
 interface FastEthernet0/14
 switchport access vlan 50
 !
 interface FastEthernet0/15
 switchport access vlan 50
 !
 interface FastEthernet0/16
 switchport access vlan 50
 !
 interface FastEthernet0/17
 switchport access vlan 50
 !
 interface FastEthernet0/18
 switchport access vlan 50
 !
 interface FastEthernet0/19
 switchport access vlan 50
 !
 interface FastEthernet0/20
 switchport access vlan 50
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 endS5:
 interface FastEthernet0/1
 switchport access vlan 50
 !
 interface FastEthernet0/2
 switchport access vlan 50
 !
 interface FastEthernet0/3
 switchport access vlan 50
 !
 interface FastEthernet0/4
 switchport access vlan 50
 !
 interface FastEthernet0/5
 switchport access vlan 50
 !
 interface FastEthernet0/6
 switchport access vlan 50
 !
 interface FastEthernet0/7
 switchport access vlan 50
 !
 interface FastEthernet0/8
 switchport access vlan 50
 !
 interface FastEthernet0/9
 switchport access vlan 50
 !
 interface FastEthernet0/10
 switchport access vlan 50
 !
 interface FastEthernet0/11
 switchport access vlan 60
 !
 interface FastEthernet0/12
 switchport access vlan 60
 !
 interface FastEthernet0/13
 switchport access vlan 60
 !
 interface FastEthernet0/14
 switchport access vlan 60
 !
 interface FastEthernet0/15
 switchport access vlan 60
 !
 interface FastEthernet0/16
 switchport access vlan 60
 !
 interface FastEthernet0/17
 switchport access vlan 60
 !
 interface FastEthernet0/18
 switchport access vlan 60
 !
 interface FastEthernet0/19
 switchport access vlan 60
 !
 interface FastEthernet0/20
 switchport access vlan 60
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 endS6:
 interface FastEthernet0/1
 switchport access vlan 60
 !
 interface FastEthernet0/2
 switchport access vlan 60
 !
 interface FastEthernet0/3
 switchport access vlan 60
 !
 interface FastEthernet0/4
 switchport access vlan 60
 !
 interface FastEthernet0/5
 switchport access vlan 60
 !
 interface FastEthernet0/6
 switchport access vlan 60
 !
 interface FastEthernet0/7
 switchport access vlan 60
 !
 interface FastEthernet0/8
 switchport access vlan 60
 !
 interface FastEthernet0/9
 switchport access vlan 60
 !
 interface FastEthernet0/10
 switchport access vlan 60
 !
 interface FastEthernet0/11
 switchport access vlan 40
 !
 interface FastEthernet0/12
 switchport access vlan 40
 !
 interface FastEthernet0/13
 switchport access vlan 40
 !
 interface FastEthernet0/14
 switchport access vlan 40
 !
 interface FastEthernet0/15
 switchport access vlan 40
 !
 interface FastEthernet0/16
 switchport access vlan 40
 !
 interface FastEthernet0/17
 switchport access vlan 40
 !
 interface FastEthernet0/18
 switchport access vlan 40
 !
 interface FastEthernet0/19
 switchport access vlan 40
 !
 interface FastEthernet0/20
 switchport access vlan 40
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 !
 interface FastEthernet0/24
 switchport mode trunk
 !
 interface Vlan1
 no ip address
 shutdown
 !
 !
 !
 !
 line con 0
 !
 line vty 0 4
 login
 line vty 5 15
 login
 !
 !
 end
三层交换机
 interface GigabitEthernet0/1
 !
 interface GigabitEthernet0/2
 no switchport
 ip address 202.206.79.5 255.255.255.252
 duplex auto
 speed auto
 !
 interface Vlan1
 no ip address
 shutdown
 !
 interface Vlan40
 ip address 202.206.76.254 255.255.255.0
 !
 interface Vlan50
 ip address 202.206.75.254 255.255.255.0
 !
 interface Vlan60
 ip address 202.206.74.254 255.255.255.0
 !
 router rip
 version 2
 network 202.206.74.0
 network 202.206.75.0
 network 202.206.76.0
 network 202.206.79.0
 no auto-summary
 !
机械学院交换机(和上面俩个学院类似)
S7:S8:
S9:
三层交换机
核心层交换机配置:(网管中心)
 interface FastEthernet0/1
 no switchport
 ip address 202.206.64.254 255.255.255.0
 duplex auto
 speed auto
 !
 interface FastEthernet0/2
 no switchport
 ip address 202.206.65.254 255.255.255.0
 duplex auto
 speed auto
 !
 interface FastEthernet0/3
 no switchport
 ip address 202.206.66.254 255.255.255.0
 duplex auto
 speed auto
 !
 interface FastEthernet0/4
 !
 interface FastEthernet0/5
 !
 interface FastEthernet0/6
 !
 interface FastEthernet0/7
 !
 interface FastEthernet0/8
 !
 interface FastEthernet0/9
 !
 interface FastEthernet0/10
 !
 interface FastEthernet0/11
 !
 interface FastEthernet0/12
 !
 interface FastEthernet0/13
 !
 interface FastEthernet0/14
 !
 interface FastEthernet0/15
 !
 interface FastEthernet0/16
 !
 interface FastEthernet0/17
 !
 interface FastEthernet0/18
 !
 interface FastEthernet0/19
 !
 interface FastEthernet0/20
 !
 interface FastEthernet0/21
 !
 interface FastEthernet0/22
 !
 interface FastEthernet0/23
 no switchport
 ip address 202.206.79.10 255.255.255.252
 duplex auto
 speed auto
 !
 interface FastEthernet0/24
 no switchport
 ip address 202.206.79.13 255.255.255.252
 duplex auto
 speed auto
 !
 interface GigabitEthernet0/1
 no switchport
 ip address 202.206.79.2 255.255.255.252
 duplex auto
 speed auto
 !
 interface GigabitEthernet0/2
 no switchport
 ip address 202.206.79.6 255.255.255.252
 duplex auto
 speed auto
 !
 interface Vlan1
 no ip address
 shutdown
 !
 router rip
 version 2
 network 202.206.64.0
 network 202.206.65.0
 network 202.206.66.0
 network 202.206.79.0
 no auto-summary
 !
 ip classless
 !
 ip flow-export version 9
 !
 !
 !
 !
 !
 !
 !
 line con 0
 !
 line aux 0
 !
 line vty 0 4
 login
 !
 !
 !
 end出口路由器R1配置
 interface FastEthernet0/0
 ip address 202.206.79.14 255.255.255.252
 duplex auto
 speed auto
 !
 interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
 !
 interface Serial0/0/0
 ip address 202.206.79.17 255.255.255.252
 clock rate 2000000
 !
 interface Serial0/0/1
 no ip address
 clock rate 2000000
 shutdown
 !
 interface Vlan1
 no ip address
 shutdown
 !
 router rip
 version 2
 network 202.206.79.0
 default-information originate
 no auto-summary
 !
 ip classless
 ip route 0.0.0.0 0.0.0.0 202.206.79.18
 !
 ip flow-export version 9
 !
 !
 !
 !
 !
 !
 !
 line con 0
 !
 line aux 0
 !
 line vty 0 4
 login
 !
 !
 !
 end运营商路由器ISP配置
interface FastEthernet0/0
 ip address 192.168.1.254 255.255.255.0
 duplex auto
 speed auto
 !
 interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
 !
 interface Serial0/0/0
 ip address 202.206.79.18 255.255.255.252
 !
 interface Serial0/0/1
 no ip address
 clock rate 2000000
 shutdown
 !
 interface Vlan1
 no ip address
 shutdown
 !
 ip classless
 ip route 202.206.64.0 255.255.240.0 202.206.79.17
 !
 ip flow-export version 9
 !
 !
 !
 !
 !
 !
 !
 line con 0
 !
 line aux 0
 !
 line vty 0 4
 login
 !
 !
 !
 end

校园网Web服务器DNS配置

校园网服务器架构 校园网的架构_校园网服务器架构_02


校园网服务器架构 校园网的架构_网络协议_03

5 验证结果

校园网的主机可以访问Internet的Web服务器,

校园网服务器架构 校园网的架构_服务器_04


校园网服务器架构 校园网的架构_cisco_05

外网外网主机可以访问科大的Web服务器,

校园网服务器架构 校园网的架构_网络图_06


校园网服务器架构 校园网的架构_网络图_07

6 分工情况


校园网服务器架构 校园网的架构_校园网服务器架构_08


校园网服务器架构 校园网的架构_校园网服务器架构_09