當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

H3CNE初级综合实验

發布時間：2023/12/18 编程问答 24 豆豆

生活随笔收集整理的這篇文章主要介紹了 H3CNE初级综合实验小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

實驗拓撲

拓撲下載

H3CNE綜合實驗

圖 1-1

實驗需求

按照圖示配置 IP 地址

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn R1 [R1]interface MP-group 1 [R1-MP-group1]ip add 202.100.1.2 30 [R1]int s1/0 [R1-Serial1/0]ppp mp MP-g 1 [R1-Serial1/0]int s2/0 [R1-Serial2/0]ppp mp MP-g 1 [R1-MP-group1]int g0/1 [R1-GigabitEthernet0/1]ip add 10.0.0.1 30 [R1-GigabitEthernet0/1]int g0/0 [R1-GigabitEthernet0/0]ip add 10.0.0.5 30 [R1-GigabitEthernet0/0]int g0/2 [R1-GigabitEthernet0/2]ip add 10.0.0.14 30 [R1-GigabitEthernet0/2]int loo 0 [R1-LoopBack0]ip add 10.1.1.1 32 [R1-LoopBack0]

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn R2 [R2]int g0/2 [R2-GigabitEthernet0/2]ip add 10.0.0.2 30 [R2-GigabitEthernet0/2]int g0/0 [R2-GigabitEthernet0/0]ip add 10.0.0.9 30 [R2-GigabitEthernet0/0]int g0/1 [R2-GigabitEthernet0/1]ip add 10.0.0.18 30 [R2-GigabitEthernet0/1]int loo 0 [R2-LoopBack0]ip add 10.1.1.2 32 [R2-LoopBack0]

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn R3 [R3]int g0/0 [R3-GigabitEthernet0/0]ip add 10.0.0.13 30 [R3-GigabitEthernet0/0]int g0/1 [R3-GigabitEthernet0/1]ip add 10.0.0.17 30 [R3-GigabitEthernet0/1]int g0/2 [R3-GigabitEthernet0/2]ip add 192.168.3.254 24 [R3-GigabitEthernet0/2]int loo 0 [R3-LoopBack0]ip add 10.1.1.3 32 [R3-LoopBack0]

SW1

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn sw1 [sw1]vlan 10 [sw1-vlan10]vlan 20 [sw1-vlan20]vlan 30 [sw1-vlan30]vlan 111 [sw1-vlan111]int loo 0 [sw1-LoopBack0]ip add 10.1.1.11 32 [sw1-LoopBack0]int vlan 10 [sw1-Vlan-interface10]ip add 192.168.1.252 24 [sw1-Vlan-interface10]int vlan 20 [sw1-Vlan-interface20]ip add 192.168.2.252 24 [sw1-Vlan-interface20]int vlan 30 [sw1-Vlan-interface30]ip add 10.1.2.1 30 [sw1-Vlan-interface30]int vlan 111 [sw1-Vlan-interface111]ip add 10.0.0.6 30 [sw1-Vlan-interface111]

SW2

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn SW2 [SW2]vlan 10 [SW2-vlan10]vlan 20 [SW2-vlan20]vlan 30 [SW2-vlan30]vlan 222 [SW2-vlan222]int loo 0 [SW2-LoopBack0]ip add 10.1.1.12 32 [SW2-LoopBack0]int vlan 10 [SW2-Vlan-interface10]ip add 192.168.1.253 24 [SW2-Vlan-interface10]int vlan 20 [SW2-Vlan-interface20]ip add 192.168.2.253 24 [SW2-Vlan-interface20]int vlan 30 [SW2-Vlan-interface30]ip add 10.1.2.2 30 [SW2-Vlan-interface30]int vlan 222 [SW2-Vlan-interface222]ip add 10.0.0.10 30 [SW2-Vlan-interface222]

INTERNET外網

<H3C>sys System View: return to User View with Ctrl+Z. [H3C]sysn internet [internet]int MP-gr 1 [internet-MP-group1]ip add 202.100.1.1 30 [internet-Serial1/0]int s2/0 [internet-Serial2/0]ppp mp MP-g 1 [internet]int s1/0 [internet-Serial1/0]ppp mp MP-g 1 [internet-MP-group1]int loo 0 [internet-LoopBack0]ip add 100.1.1.12 32 [internet-LoopBack0]

PC1

DHCP分配ip

PC2

DHCP分配ip

PC3

2,SW1 和 SW2 之間的直連鏈路配置鏈路聚合

SW1

[sw1]int br 1 [sw1-Bridge-Aggregation1]int g1/0/1 [sw1-GigabitEthernet1/0/1]port link-agg g 1 [sw1-GigabitEthernet1/0/1]int g1/0/2 [sw1-GigabitEthernet1/0/2]port link-agg g 1 [sw1-ospf-1-area-0.0.0.1]vlan 111 [sw1-vlan111]port g1/0/4

SW2

[SW2]int br 1 [SW2-Bridge-Aggregation1]int g1/0/1 [sw2-GigabitEthernet1/0/1]port link-agg g 1 [sw2-GigabitEthernet1/0/1]int g1/0/2 [sw2-GigabitEthernet1/0/2]port link-agg g 1 [SW2-ospf-1-area-0.0.0.1]vlan 222 [SW2-vlan222]port g1/0/4 [SW2-vlan222]

3,公司內部業務網段為 Vlan10 和 Vlan20；Vlan10 是市場部，Vlan20 是技術部，要求對 Vlan 進行命名以便識別；PC1 屬于 Vlan10，PC2 屬于 Vlan20，Vlan30 用于 SW1 和 SW2 建立 OSPF 鄰居；Vlan111 為 SW1 和 R1 的互聯 Vlan，Vlan222 為 SW2 和 R2 的互聯 Vlan

SW1

[sw1-vlan10]vlan 10 [sw1-vlan10]name shichangbu [sw1-vlan10]vlan 20 [sw1-vlan20]name jishubu

SW2

[SW2]vlan 10 [SW2-vlan10]na shichangbu [SW2-vlan10]vlan 20 [SW2-vlan20]na jishubu

SW3

<sw3>sys System View: return to User View with Ctrl+Z. [sw3]sysn sw3 [sw3]vlan 10 [sw3-vlan10]port g1/0/3 [sw3-vlan10]vlan 20 [sw3-vlan20]port g1/0/4 <sw3> <sw3>sys System View: return to User View with Ctrl+Z. [sw3]vlan 10 [sw3-vlan10]na shichangbu [sw3-vlan10]vlan 20 [sw3-vlan20]na jishubu [sw3-vlan20]

4,所有交換機相連的端口配置為 Trunk，允許相關流量通過

SW1

[sw1-GigabitEthernet1/0/2]int br 1 [sw1-Bridge-Aggregation1]port link-ty tr [sw1-Bridge-Aggregation1]port tr pe vlan all [sw1-vlan111]int g1/0/3 [sw1-GigabitEthernet1/0/3]port link-ty tr [sw1-GigabitEthernet1/0/3]port tr pe vlan all

SW2

[sw2-GigabitEthernet1/0/2]int br 1 [sw2-Bridge-Aggregation1]port link-ty tr [sw2-Bridge-Aggregation1]port tr pe vlan all [SW2-vlan222]int g1/0/3 [SW2-GigabitEthernet1/0/3]port link-ty all [SW2-GigabitEthernet1/0/3]port link-ty tr [SW2-GigabitEthernet1/0/3]port tr pe vlan all [SW2-GigabitEthernet1/0/3]

SW3

[sw3]int ran g1/0/1 to g1/0/2 [sw3-if-range]port link-ty tr [sw3-if-range]port tr pe vlan all

5,交換機連接 PC 的端口配置為邊緣端口

SW3

[sw3-if-range]int ran g1/0/3 to g1/0/4 [sw3-if-range]stp edg

6,在 SW1 上配置 DHCP 服務，為 Vlan10 和 Vlan20 的 PC 動態分配 IP 地址、網關和 DNS 地址；要求 Vlan10 的網關是?192.168.1.252，Vlan20 的網關是?192.168.2.253,? ???DNS為114.114.114.114，注意端口已有的ip地址，不分配端口IP

SW1

[sw1]dhcp en [sw1]dhcp ser ip vlan10 [sw1-dhcp-pool-vlan10]netw 192.168.1.0 ma 255.255.255.0 [sw1-dhcp-pool-vlan10]gat 192.168.1.252 [sw1-dhcp-pool-vlan10]dns 114.114.114.114 [sw1-dhcp-pool-vlan10]qu [sw1]dhcp ser forbi 192.168.1.253 [sw1]dhcp ser ip vlan20 [sw1-dhcp-pool-vlan20]netw 192.168.2.0 ma 255.255.255.0 [sw1-dhcp-pool-vlan20]gat 192.168.2.253 [sw1-dhcp-pool-vlan20]dns 114.114.114.114 [sw1-dhcp-pool-vlan20]qu [sw1]dhcp ser forbi 192.168.2.252

7,按圖示分區域配置?OSPF 實現公司內部網絡全網互通，ABR 的環回口宣告進區域；

SW1

[sw1]ospf rou 10.1.1.11 [sw1-ospf-1]a 1 [sw1-ospf-1-area-0.0.0.1]netw 10.1.1.11 0.0.0.0 [sw1-ospf-1-area-0.0.0.1]netw 192.168.1.0 0.0.0.255 [sw1-ospf-1-area-0.0.0.1]netw 192.168.2.0 0.0.0.255 [sw1-ospf-1-area-0.0.0.1]netw 10.1.2.1 0.0.0.3 [sw1-ospf-1-area-0.0.0.1]netw 10.0.0.6 0.0.0.3

SW2

[SW2]ospf rou 10.1.1.12 [SW2-ospf-1]a 1 [SW2-ospf-1-area-0.0.0.1]netw 192.168.1.0 0.0.0.255 [SW2-ospf-1-area-0.0.0.1]netw 192.168.2.0 0.0.0.255 [SW2-ospf-1-area-0.0.0.1]netw 10.1.2.2 0.0.0.3 [SW2-ospf-1-area-0.0.0.1]netw 10.0.0.10 0.0.0.3 [SW2-ospf-1-area-0.0.0.1]netw 10.1.1.12 0.0.0.0

[R1]ospf rou 10.1.1.1 [R1-ospf-1]a 1 [R1-ospf-1-area-0.0.0.1]netw 10.0.0.5 0.0.0.3 [R1-ospf-1-area-0.0.0.1]a 0 [R1-ospf-1-area-0.0.0.0]netw 10.0.0.1 0.0.0.3 [R1-ospf-1-area-0.0.0.0]netw 10.0.0.14 0.0.0.3 [R1-ospf-1-area-0.0.0.0]netw 202.100.1.2 0.0.0.3 [R1-ospf-1-area-0.0.0.0]netw 10.1.1.1 0.0.0.0

[R2]ospf rou 10.1.1.2 [R2-ospf-1]a 1 [R2-ospf-1-area-0.0.0.1]netw 10.0.0.9 0.0.0.3 [R2-ospf-1-area-0.0.0.1]a 0 [R2-ospf-1-area-0.0.0.0]netw 10.0.0.2 0.0.0.3 [R2-ospf-1-area-0.0.0.0]netw 10.0.0.18 0.0.0.3 [R2-ospf-1-area-0.0.0.0]netw 10.1.1.2 0.0.0.0

[R3]ospf rou 10.1.1.3 [R3-ospf-1]a 0 [R3-ospf-1-area-0.0.0.0]netw 10.0.0.13 0.0.0.3 [R3-ospf-1-area-0.0.0.0]netw 10.0.0.17 0.0.0.3 [R3-ospf-1-area-0.0.0.0]netw 192.168.3.0 0.0.0.255 [R3-ospf-1-area-0.0.0.0]netw 10.1.1.3 0.0.0.0

R1 上配置默認路由指向互聯網，并引入到 OSPF

[R1]ip route-static 0.0.0.0 0 202.100.1.1 [R1]ospf [R1-ospf-1]default-route-advertise

8,R1 通過雙線連接到互聯網，配置 PPP-MP，并配置雙向 chap 驗證

步驟 1：在 R21和外網上創建用戶驗證 R3 的用戶

[R1-ospf-1]local-user user2 class network New local user added. [R1-luser-network-user2]password simple 123 [R1-luser-network-user2]service-type ppp [R1-luser-network-user2] <internet>sys System View: return to User View with Ctrl+Z. [internet]local-user user2 class network New local user added. [internet-luser-network-user2]password simple 123 [internet-luser-network-user2]service-type ppp

步驟 2：在 R1和外網相連的接口上配置需要進行 PPP 驗證，驗證方式為 chap，并配置對端驗證本端的用戶名

[R1-luser-network-user2]int s1/0 [R1-Serial1/0]ppp auth chap [R1-Serial1/0]ppp chap user user2 [R1-Serial1/0]int s2/0 [R1-Serial2/0]ppp authentication-mode chap [R1-Serial2/0]ppp chap user user2 [internet-luser-network-user2]int s1/0 [internet-Serial1/0]ppp authentication-mode chap [internet-Serial1/0]ppp chap user user2 [internet-Serial1/0]int s2/0 [internet-Serial2/0]ppp authentication-mode chap [internet-Serial2/0]ppp chap user user2

步驟 4：關閉在開啟 R1 和外網的 PPP 鏈路，檢查驗證是否能夠通過

外網

[internet-Serial2/0]int s1/0 [internet-Serial1/0]shu [internet-Serial1/0]shutdown [internet-Serial1/0]undo shutdown [internet-Serial1/0]int s2/0 [internet-Serial2/0]shutdown [internet-Serial2/0]undo shutdown

[R1-Serial1/0]int s2/0 [R1-Serial2/0]shutdown [R1-Serial2/0]undo shutdown [R1-Serial2/0]int s1/0 [R1-Serial1/0]shutdown [R1-Serial1/0]undo shutdown

9,配置 EASY IP，只有業務網段?192.168.1.0/24?和?192.168.2.0/24?的數據流可以通過 R1 訪問互聯網

[R1]acl basic 2000 [R1-acl-ipv4-basic-2000]rule permit source 192.168.1.0 0.0.0.255 [R1-acl-ipv4-basic-2000]rule permit source 192.168.2.0 0.0.0.255 [R1]int MP-group 1 [R1-MP-group1]nat outbound 2000

10,R1 開啟 TELNET 遠程管理，使用用戶?abc?登錄，密碼?abc，只允許技術部,技術部為vlan20,遠程管理 R1

[R1-MP-group1telnet server enable [R1]local-user abc class manage New local user added. [R1-luser-manage-wangdaye]password simple abc [R1-luser-manage-wangdaye]service-type telnet [R1-luser-manage-wangdaye]authorization-attribute user-role level-15 [R1-luser-manage-wangdaye]user-interface vty 0 4 [R1-line-vty0-4]authentication-mode scheme [R1-line-vty0-4]user-role level-15 解析：創建acl進行流量匹配技術部網段，應用到telent上 [R1]acl bas 2000 [R1-acl-ipv4-bas-2000]rule 0 permit sou 192.168.2.0 0.0.0.255 [R1-acl-ipv4-adv-3000]qu [R1]telnet server acl 2001

11,這里可以吧電腦換成路由器進行測試（我這里測試的密碼設置的是wangdaye，你們測試使用abc）

可以看見路由器登錄失敗

總結

以上是生活随笔為你收集整理的H3CNE初级综合实验的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

H3CNE

上一篇： ARM嵌入式实验熟悉PROTEUS电子
下一篇：【Scratch考级99图】图36-等级