目录
实验内容
实验要求
实验步骤
1、分析实验
2、划分IP地址
3、配置IP地址
验证配置情况
4、DHCP自动获取IP地址
验证PC端获取IP地址情况
5、添加路由表
详细配置
添加空接口
验证路由配置情况
6、R6 telnet R5的IP地址时,实际登录R1
R1上的配置
R5上的配置
实验总结
实验内容
实验要求
1、R6为ISP,接口IP地址均为公有地址;该设备只能配置IP地址,之后不能再对其进行其他任何配置;
2、R1-R5为局域网,私有IP地址192.168.1.0/24,请合理分配。
3、R1、R2、R4,各有两个环回地址;R5、R6各有一个环回地址;所有路由器上环回均代表连接用户的接口;
4、R3下的两台PC通过DHCP自动获取IP地址;
5、选路最佳,路由表尽量小,避免环路;
6、R1-R5均可以访问R6的环回;
7、R6telnetR5的共有IP地址时,实际登录到R1上;
8、R4与R5正常通过1000M链路,故障时通过100M链路;
实验步骤
1、分析实验
从实验拓扑结构可知,R1-R5为内网(私网),R6为外网(公网),R3下的PC端均需要用DHCP自动获取,R1-R5之间的链路总共有6条,每一条链路均需要一条网段 ,R1、R2、R4、R5均拥有环回接口,每一个环回都需要配一个网段,并且部分环回还需要方便汇总,所以可以将192.168.1.0/24划分为8个网段。为了实现全网可达,静态路由必须手动添加路由。
R1 | 192.168.1. 96/27、192.168.1.32/27、192.168.1.8/30、192.168.1.4/30、192.168.1.12/30、192.168.1.128/27、192.168.1.16/30、192.168.1.20/30、192.168.1.160/27 |
R2 | 192.168.1.4/30、192.168.1.64/27、192.168.1.128/27、192.168.1.12/30、192.168.1.32/27、192.168.1.16/30、192.168.1.20/30、192.168.1.160/27 |
R3 | 192.168.1.64/27、192.168.1.0/30、192.168.1.96/27、192.168.1.8/30、192.168.1.128/27、192.168.1.16/30、192.168.1.20/30 |
R4 | 192.168.1.0/30、192.168.1.64/27、192.168.1.4/30、192.168.1.32/27、192.168.1.160/27 |
R5 | 192.168.1.64/27、192.168.1.0/30、192.168.1.4/30、192.168.1.32/27、192.168.1.96/27、192.168.1.8/30、192.168.1.12/30、192.168.1.128/27 |
其中部分路由条目可以由缺省路由代替,并将其指向边界路由,可以达到减少路由条目数量的目的。但是每个路由器上可能会出现路由黑洞,当路由黑洞与缺省路由相遇后一定会出现环路,需要在每一个路由器上手动添加空接口,防止形成环路。当链路正常时走1000M线路,故障时走100M线路,可以修改100M线路的优先级。
2、划分IP地址
192.168.1.0/27 | 192.168.1.0/30、192.168.1.4/30、192.168.1.8/30、192.168.1.12/30、192.168.1.16/30、192.168.1.20/30、192.168.1.24/30、192.168.1.28/30(干路) |
192.168.1.32/27 | (R3下广播域) |
192.168.1.64/27 | 192.168.1.64/28、192.168.1.80/28(R1环回) |
192.168.1.96/27 | 192.168.1.96/28、192.168.1.114/28(R2环回) |
192.168.1.128/27 | 192.168.1.128/28、192.168.1.144/28(R4环回) |
192.168.1.160/27 | (R5环回) |
192.168.1.196/27 | |
192.168.1.228/27 |
3、配置IP地址
AR1:
0/0/0接口:192.168.1.1/30
0/0/1接口:192.168.1.5/30
环回1:192.168.1.65/28
环回2:192.168.1.81/28
AR2:
0/0/0接口:192.168.1.2/30
0/0/1接口:192.168.1.9/30
环回1:192.168.1.97/28
环回2:192.168.1.113/28
AR3:
0/0/0接口:192.168.1.6/30
0/0/1接口:192.168.1.13/30
AR4:
0/0/0接口:192.168.1.10/30
0/0/1接口:192.168.1.14/30
0/0/2接口:192.168.1.17/30
4/0/0接口:192.168.1.21/30
环回1:192.168.1.129/28
环回2:192.168.1.145/28
AR5:
0/0/0接口:192.168.1.18/30
0/0/1接口:12.0.0.1/24
0/0/2接口:192.168.1.22/30
环回1:192.168.1.161/27
R6:
0/0/0接口:12.0.0.2/24
环回1:1.1.1.1/24
验证配置情况
R1:
<AR1>ping 192.168.1.2
PING 192.168.1.2: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.2: bytes=56 Sequence=1 ttl=255 time=60 ms
Reply from 192.168.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 192.168.1.2: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 192.168.1.2: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 192.168.1.2: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 192.168.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/32/60 ms
<AR1>ping 192.168.1.6
PING 192.168.1.6: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.6: bytes=56 Sequence=1 ttl=255 time=70 ms
Reply from 192.168.1.6: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 192.168.1.6: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 192.168.1.6: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 192.168.1.6: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 192.168.1.6 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/30/70 ms
R2:
<R2>ping 192.168.1.10
PING 192.168.1.10: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.10: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 192.168.1.10: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 192.168.1.10: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 192.168.1.10: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 192.168.1.10: bytes=56 Sequence=5 ttl=255 time=10 ms
--- 192.168.1.10 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/22/40 ms
R3:
<R3>ping 192.168.1.14
PING 192.168.1.14: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.14: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 192.168.1.14: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 192.168.1.14: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 192.168.1.14: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 192.168.1.14: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 192.168.1.14 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/22/40 ms
R4:
<R4>ping 192.168.1.18
PING 192.168.1.18: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.18: bytes=56 Sequence=1 ttl=255 time=80 ms
Reply from 192.168.1.18: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 192.168.1.18: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 192.168.1.18: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 192.168.1.18: bytes=56 Sequence=5 ttl=255 time=30 ms
--- 192.168.1.18 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/36/80 ms
<R4>ping 192.168.1.22
PING 192.168.1.22: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.22: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 192.168.1.22: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 192.168.1.22: bytes=56 Sequence=3 ttl=255 time=20 ms
Reply from 192.168.1.22: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 192.168.1.22: bytes=56 Sequence=5 ttl=255 time=30 ms
--- 192.168.1.22 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/26/40 ms
R5:
<R5>ping 12.0.0.2
PING 12.0.0.2: 56 data bytes, press CTRL_C to break
Reply from 12.0.0.2: bytes=56 Sequence=1 ttl=255 time=70 ms
Reply from 12.0.0.2: bytes=56 Sequence=2 ttl=255 time=40 ms
Reply from 12.0.0.2: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 12.0.0.2: bytes=56 Sequence=4 ttl=255 time=20 ms
Reply from 12.0.0.2: bytes=56 Sequence=5 ttl=255 time=40 ms
--- 12.0.0.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/40/70 ms
4、DHCP自动获取IP地址
首先打开全局DHCP设置,"dhcp enable",并创建DHCP池塘,之后进入接口开启DHCP功能。
详细配置:
[AR3]dhcp enable
[AR3]ip pool aa
[AR3-ip-pool-aa]network 192.168.1.32 mask 27
[AR3-ip-pool-aa]gateway-list 192.168.1.33
[AR3-ip-pool-aa]dns-list 114.114.114.114 8.8.8.8
[AR3-ip-pool-aa] quit
[AR3]
[AR3]int g 0/0/2
[AR3-GigabitEthernet0/0/2]ip add 192.168.1.33 27
[AR3-GigabitEthernet0/0/2]dhcp s
[AR3-GigabitEthernet0/0/2]dhcp select g
[AR3-GigabitEthernet0/0/2]dhcp select global
验证PC端获取IP地址情况
PC1:
PC>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:febd:c2b
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.1.61
Subnet mask.......................: 255.255.255.224
Gateway...........................: 192.168.1.33
Physical address..................: 54-89-98-BD-0C-2B
DNS server........................: 114.114.114.114
8.8.8.8
PC2:
PC>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fe78:fca
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.1.62
Subnet mask.......................: 255.255.255.224
Gateway...........................: 192.168.1.33
Physical address..................: 54-89-98-78-0F-CA
DNS server........................: 114.114.114.114
8.8.8.8
5、添加路由表
详细配置
R1:
[AR1]ip route-static 0.0.0.0 0 192.168.1.2
[AR1]ip route-static 0.0.0.0 0 192.168.1.6
[AR1]ip route-static 192.168.1.96 27 192.168.1.2
[AR1]ip route-static 192.168.1.8 30 192.168.1.2
[AR1]ip route-static 192.168.1.32 27 192.168.1.6
[AR1]ip route-static 192.168.1.12 30 192.168.1.6
R2:
[R2]ip route-static 192.168.1.64 27 192.168.1.1
[R2]ip route-static 192.168.1.4 30 192.168.1.1
[R2]ip route-static 192.168.1.12 30 192.168.1.10
[R2]ip route-static 192.168.1.32 27 192.168.1.1
[R2]ip route-static 192.168.1.32 27 192.168.1.10
R3:
[R3]ip route-static 0.0.0.0 0 192.168.1.14
[R3]ip route-static 192.168.1.64 27 192.168.1.5
[R3]ip route-static 192.168.1.0 30 192.168.1.5
[R3]ip route-static 192.168.1.8 30 192.168.1.14
[R3]ip route-static 192.168.1.96 27 192.168.1.5
[R3]ip route-static 192.168.1.96 27 192.168.1.14
R4:
[R4]ip route-static 0.0.0.0 0 192.168.1.18
[R4]ip route-static 0.0.0.0 0 192.168.1.22 pre
[R4]ip route-static 0.0.0.0 0 192.168.1.22 preference 70
[R4]ip route-static 192.168.1.96 27 192.168.1.9
[R4]ip route-static 192.168.1.0 30 192.168.1.9
[R4]ip route-static 192.168.1.64 27 192.168.1.9
[R4]ip route-static 192.168.1.64 27 192.168.1.13
[R4]ip route-static 192.168.1.4 30 192.168.1.13
[R4]ip route-static 192.168.1.32 27 192.168.1.13
R5:
[R5]ip route-static 192.168.1.0 24 192.168.1.17
[R5]ip route-static 192.168.1.0 24 GigabitEthernet 0/0/1 192.168.1.21
[R5]acl 2000
[R5-acl-basic-2000]rule 5 permit source 192.168.1.0 0.0.0.255
[R5-acl-basic-2000]quit
[R5]interface g 0/0/2
[R5-GigabitEthernet0/0/2]nat outbound 2000
添加空接口
R1 | [AR1]ip route-static 192.168.1.64 27 n 0 |
R2 | [R2]ip route-static 192.168.1.96 27 NULL 0 |
R3 | [R3]ip route-static 192.168.1.32 27 NULL 0 |
R4 | [R4]ip route-static 192.168.1.128 27 NULL 0 |
R5 | [R5]ip route-static 192.168.1.160 27 NULL 0 |
验证路由配置情况
<AR1>ping 1.1.1.1
PING 1.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=60 ms
Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=50 ms
Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=30 ms
Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=30 ms
--- 1.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/42/60 ms
PC>ping 1.1.1.1
Ping 1.1.1.1: 32 data bytes, Press Ctrl_C to break
From 1.1.1.1: bytes=32 seq=1 ttl=252 time=63 ms
From 1.1.1.1: bytes=32 seq=2 ttl=252 time=62 ms
From 1.1.1.1: bytes=32 seq=3 ttl=252 time=47 ms
From 1.1.1.1: bytes=32 seq=4 ttl=252 time=47 ms
From 1.1.1.1: bytes=32 seq=5 ttl=252 time=63 ms
--- 1.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/56/63 ms
6、R6 telnet R5的IP地址时,实际登录R1
R1上的配置
[R1]aaa
[R1-aaa]local-user yh privilege level 15 password cipher 123456
[R1-aaa]local-user yh service-type telnet
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
R5上的配置
[R5]int g 0/0/2
[R5-GigabitEthernet0/0/1]nat server protocol tcp global current-interface 23 inside 192.168.1.5 23
Are you sure to continue?[Y/N]:y
实验总结