当前位置:文档之家› 思科配置HSRP、ospf,rip,NAT,ACL.以及定时ACL配置和路由重分发大型网络综合实验题

思科配置HSRP、ospf,rip,NAT,ACL.以及定时ACL配置和路由重分发大型网络综合实验题

1.设备之间的地址如图所示,按照拓扑图配置IP地址2.R1和R2之间属于area 8,R1和SW1,SW2之间属于area 0,SW1和SW2上所有VLAN接口属于area 10.SW1和R3之间是属于RIP区域的。

要求配置RIP和OSPF实现网络之间能够通信。

把Area 8配置完全末梢区域3.在R3上存在着10.100.0.0/24到10.100.7.0/24这8个网段。

要求在R1上看到这8个网段是汇总的。

4.在SW1、SW2、SW3、SW4上配置VTP,SW1和SW2是server模式,SW3和SW4是客户机模式。

域名为benet,密码为cisco。

添加VLAN 10、VLAN 50、VLAN 80、VLAN 90这4个VLAN5.另外在SW1和SW2上配置HSRP,要求SW1是VLAN 10和VLAN 50的活跃路由器,SW2是VLAN 80和VLAN 90的活跃路由器6.配置PVST实现流量的负载均衡,在配置PVST时请注意与HSRP对应7.R4是模拟ISP在R4上配置LO0:200.1.20.1/24,在R1上配置PAT实现内网的所有PC能够去访问200.1.20.1这个地址。

另外实现R4可以telnet到Server上8.配置ACL要求在周一到周五的8:30到17:30之间禁止员工去登录QQ,除此以外在所有时间段要求保证员工能够正常的去访问外网的WWW,FTP,SMTP,TELNET这些服务,禁止员工去访问其他的服务。

我先用GNS3搭建起来的拓扑图注意,实验说明:本文中的所有命令都是简写的,因为思科的命令都是支持简写的先敲所有网络设备的预配命令先EnConfig tEnable password 1234No ip domain-loLine con 0Password 1234No exec-tLogging syn配置地址R1Inter f0/0Ip add 10.255.0.5 255.255.255.252No shutInter f1/0Ip add 10.255.0.9 255.255.255.252No shutInter f2/0Ip add 10.255.0.1 255.255.255.252No shutInter f3/0Ip add 202.1.10.1 255.255.255.252 No shutR2Inter f0/0Ip add 10.255.0.2 255.255.255.252 No shutR3Inter f0/0Ip add 10.255.0.13 255.255.255.252 No shutInter lo0Ip add 10.100.0.3 255.255.255.0 No shutInter lo1Ip add 10.100.1.3 255.255.255.0 No shutInter lo2Ip add 10.100.2.3 255.255.255.0 No shutInter lo3Ip add 10.100.3.3 255.255.255.0 No shutInter lo4Ip add 10.100.4.3 255.255.255.0 No shutInter lo5Ip add 10.100.5.3 255.255.255.0 No shutInter lo6Ip add 10.100.6.3 255.255.255.0 No shutInter lo7Ip add 10.100.7.3 255.255.255.0 No shutR4Inter f0/0Ip add 202.1.10.2 255.255.255.252 No shutInter lo0Ip add 200.1.20.1 255.255.255.255ExitSw1Ip routing (三层交换机开启路由功能)Inter f0/0No switchport (开启三层路由功能)Ip add 10.255.0.6 255.255.255.252No shutInter f0/10No switchport (开启三层路由功能)Ip add 10.255.0.14 255.255.255.252No shutInter range f0/14 -15 (做以太通道)Sw mo tr (接口做为trunk模式)Inter range f0/1 -2Sw mo trExitSw2Ip routingInter f0/0No swIp add 10.255.0.9 255.255.255.252No shutInter range f0/14 -15Sw mo trInter range f0/1 -2Sw mo trExitSw3Inter range f0/0 -1Sw mo trSw4Inter range f0/1 -2Sw mo trExit在SW1、SW2、SW3、SW4上配置VTP,SW1和SW2是server模式,SW3和SW4是客户机模式。

域名为benet,密码为cisco。

添加VLAN 10、VLAN 50、VLAN 80、VLAN 90这4个VLAN 并按照要求配置vlan地址Sw1Vlan daVtp domain benetVtp password ciscoVlan 10 name vlan10Vlan 50 name vlan50Vlan 80 name vlan80Vlan 90 name vlan90ExitConfig tInter vlan 10Ip add 10.255.10.1 255.255.255.0 No shutInter vlan 50Ip add 10.255.50.1 255.255.255.0 No shutInter vlan 80Ip add 10.255.80.1 255.255.255.0 No shutInter vlan 90Ip add 10.255.90.1 255.255.255.0 No shutSw2Vlan daVtp domain benetVtp password ciscoExitConfig tInter vlan 10Ip add 10.255.10.2 255.255.255.0 No shutInter vlan 50Ip add 10.255.50.2 255.255.255.0 No shutInter vlan 80Ip add 10.255.80.2 255.255.255.0 No shutInter vlan 90Ip add 10.255.90.2 255.255.255.0 No shutSw3Vlan daVtp domain benetVtp password ciscoVtp clientExitSw4Vlan daVtp domain benetVtp password ciscoVtp clientExitSW1和SW2上配置HSRP,要求SW1是VLAN 10和VLAN 50的活跃路由器,SW2是VLAN 80和VLAN 90的活跃路由器Sw1Inter vlan 10Standby 1 ip 10.255.10.254Standby 1 priority 150Standby 1 preemptStandby 1 track f0/0 100Inter vlan 50Standby 5 ip 10.255.50.254Standby 5 priority 150Standby 5 preemptStandby 5 track f0/0 100Inter vlan 80Standby 8 ip 10.255.80.254Standby 8 pri 100Standby 8 preeInter vlan 90Standby 9 ip 10.255.90.254Standby 9 pri 100Standby 9 preeexitSw2Inter vlan 80Standby 8 ip 10.255.80.254Standby 8 priority 150Standby 8 preemptStandby 8 track f0/0 100Inter vlan 90Standby 9 ip 10.255.90.254Standby 9 priority 150Standby 9 preemptStandby 9 track f0/0 100Inter vlan 10Standby 1 ip 10.255.10.254Standby 1 pri 100Standby 1 preeInter vlan 50Standby 5 ip 10.255.50.254Standby 5 pri 100Standby 5 preeExit配置PVST实现流量的负载均衡,在配置PVST时请注意与HSRP对应Sw1Spanning-tree vlan 10 priority 4096Spanning-tree vlan 50 priority 4096Sw2Spanning-tree vlan 80 priority 4096Spanning-tree vlan 90 priority 4096Sw3Inter f0/2Switchport mode accessSw access vlan 10Inter f0/3Switchport mode accessSw acc vlan 50Sw4Inter f0/2Switchport mode accessSw acc vlan 80Inter f0/3Switchport mode accessSw acc vlan 90Pc1No ip routing (因为是路由器模拟的PC所以需要关闭路由功能,后面的都一样) Inter f0/0Ip add 10.255.10.10 255.255.255.0No shutIp default-ga 10.255.10.254Pc2No ip routingInter f0/0Ip add 10.255.50.50 255.255.255.0No shutIp default-g 10.255.50.254ServerNo ip routingInter f0/0Ip add 10.255.80.80 255.255.255.0No shutIp default-g 10.255.80.254Line vty 0 4Password 1234LoginExitPc3No ip routingInter f0/0Ip add 10.255.90.90 255.255.255.0No shutIp default-ga 10.255.90.254R1和R2之间属于area 8,R1和SW1,SW2之间属于area 0,SW1和SW2上所有VLAN接口属于area 10.SW1和R3之间是属于RIP区域的。

相关主题

相关文档推荐: