南京工程学院实习报告课程名称网络工程实习院(系、部、中心)计算机工程学院专业网络工程班级网络 132起止日期—指导教师袁宗福一、报告摘要大二下学期的六七周,我们网络工程班在建策公司进行了首次实习,CCIE 大神老师讲课很生动,在为期两周的实习期间,学到了很多。
在建策,老师是以实际案例给我们讲课,从工程的角度分析客户需求,需要怎样的技术支持,总的来说,偏重于实践应用。
期间,CCIE老师带我们这一组学生主要做了以下几个实验:单臂路由,静态路由和访问控制列表,分别对应地铁网或者校园网,企业的路由备份以及服务器过滤方面的知识。
很实际的问题,我们对做这些实验的印象至今很深刻。
除此之外,老师还给我们讲了些我们学生很关心的问题,比如学校电信宽带的PPPOE 连接,无线路由没作用的原因,无线加密方式以及破解方法等等。
重点介绍了他从事这行业的一些经历,网络行业现在的形势以及预测一下将来的行情。
让我们对网络工程有了一定的了解,有助于我们对未来有个清晰的规划。
二、摘要翻译In the sixth and seventh week of the next semester of our sophomore year, wenetwork engineering students went to JIANCE company for internship for the firsttime. The teacher’s lesson who has a certificate“CCIE” is very lively. Duringthe two weeks of internship, we learned a lot.In the company, the teacher gave us a lecture on actual cases.From the perspective of the project,we analysed customer ’s demand and what kind of technical support his need.In general,the class was focus on practical application.During the classes.The CCIE teacher took our a group of students to do mainly the following experiments:single-arm routing,static routing and access control lists, corresponding to the subway network or campus network,the company’s routing backup and server filter. They are such practical problems that we have a deep impressionon these experiments up to now.In addition,the teacher also told us some interesting things that our students are very concerned about,such as the PPPOEconnection of campus telecom broadband,the cause of the wireless router which is invalid in school, wireless’s way of encryption and how to decode and so on. He mainly introduced some experiences when hewas engaged in this industry, the present situation of network industry and he also forecastedthe future market. Let's have a certain understand of networkengineering which can help us have a clear plan for the future.三、实习目的本次实习是我们作为网络工程学生的一次知识实践,其主要目的在于:1.掌握局域网的设计组建方法,并知晓对局域网的管理和排错维护等理论知识。
2.熟练运用网络配置命令,主要掌握有单臂路由,静态路由和访问控制列表配置方法。
3.将理论和实际工程结合起来,学会需求分析,增长做工程的见闻。
4.认清社会现实,对计算机相关行业有一定的了解。
四、实习内容分析( 一)实现在不同VLAN的两台主机的相互访问。
案例:某企业的需求,需要将两个部门的某两台主机能互相访问。
原理:在两台主机所连的三层交换机上给同VLAN配置 ip 地址,作为主机的网关,交换机和三层交换机的连接接口配成trunk模式,使不同VLAN通过共享链路与其它交换机中的相同VLAN通信。
实践:二层交换机:Switch>enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#vlan 2Switch(config-vlan)#int f0/2Switch(config-if)#switch acc vlan 2Switch(config-if)#int f0/1Switch(config-if)#switch mode trunkSwitch(config-if)#endSwitch#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1default active Fa0/3, Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12, Fa0/13, Fa0/14Fa0/15, Fa0/16, Fa0/17, Fa0/18Fa0/19, Fa0/20, Fa0/21, Fa0/22Fa0/23, Fa0/24, Gig1/1, Gig1/2 2VLAN0002active Fa0/21002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup三层交换机:Switch>enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z. Switch(config)#ip routingSwitch(config)#vlan 2 Switch(config-vlan)#vlan 3 Switch(config-vlan)#intf0/2 Switch(config-if)#switch acc vlan3 Switch(config-if)#int vlan 2Switch(config-if)#ip add vlan 3Switch(config-if)#ip add f0/1Switch(config-if)#switch trunk en dot1qSwitch(config)#vlan 2End with CNTL/Z.Switch(config-vlan)#int f0/1Switch(config-if)#switch acc vlan 2Switch(config-if)#int f0/2Switch(config-if)#switch mode trunkSwitch(config)#endSwitch#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1default active Fa0/3, Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12, Fa0/13, Fa0/14Fa0/15, Fa0/16, Fa0/17, Fa0/18Fa0/19, Fa0/20, Fa0/21, Fa0/22Fa0/23, Fa0/24, Gig1/1, Gig1/2 2VLAN0002active Fa0/11002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default 1005 trnet-defaultact/unsupact/unsup二层交换机 Switch1 :Switch#conf tEnd with CNTL/Z.三层交换机: Switch#conf tEnter configuration commands, one per line. Switch(config)#ip routingSwitch(config)#vlan 2 Switch(config-vlan)#vlan 3 Switch(config-vlan)#vlan 4 Switch(config-vlan)#int vlan 2 Switch(config-if)#ip add vlan 3 Switch(config-if)#ip add vlan 4 Switch(config-if)#ip add f0/3 Switch(config-if)#switch acc vlan 4 Switch(config-if)#int f0/4 Switch(config-if)#switch acc vlan 4 Switch(config-if)#int f0/1 Switch(config-if)#switch trunk en dot1qVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gig1/1, Gig1/23 VLAN0003 active Fa0/1 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-defaultact/unsupEnter configuration commands, one per line. Switch(config)#vlan 3 Switch(config-vlan)#int f0/1 Switch(config-if)#switch acc vlan 3 Switch(config-if)#int f0/2 Switch(config-if)#switch mode trunk Switch(config)#endSwitch#show vlanEnd with CNTL/Z.Switch(config-if)#switch mode trunkSwitch(config-if)#int f0/2Switch(config-if)#switch trunk en dot1qSwitch(config-if)#switch mode trunkSwitch#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1default active Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12Fa0/13, Fa0/14, Fa0/15, Fa0/16Fa0/17, Fa0/18, Fa0/19, Fa0/20Fa0/21, Fa0/22, Fa0/23, Fa0/24Gig0/1, Gig0/22VLAN0002active3VLAN0003active4VLAN0004active Fa0/3, Fa0/41002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsupSwitch#show ip int briInterface IP-Address OK?Method Status Protocol FastEthernet0/1unassigned YES unset up upFastEthernet0/2unassigned YES unset up upFastEthernet0/3unassigned YES unset up upFastEthernet0/4unassigned YES unset up upVlan1unassigned YES unset administratively down downVlan2YES manual up upVlan3YES manual up upVlan4YES manual up upSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)# access-list 100 permit ip vlan 2Switch(config-if)# ip access-group 100 outSwitch(config-if)#exitSwitch(config)# access-list 101 permit ip vlan 3Switch(config-if)# ip access-group 101 outSwitch(config-if)#exitSwitch(config)# access-list 103 permit tcp any host eq 80Switch(config)#access-list103 deny ip any host access-list103 permit ip any any Switch(config)#int vlan 4Switch(config-if)# ip access-group 103 out// 访问列表 101和 102 实现: pc0 和 pc1 不能相互访问,但都能访问server0//访问列表 103 实现:所有 ip 只能以 web形式访问 server1Switch#show access-lExtended IP access list 100permit ip IP access list 101permit ip IP access list 103permit tcp any host eq wwwdeny ip any host ip any any验证:1)PC0 无法 ping 通 PC12)PC0 无法 ping 通 server13)PC0 通过 web 访问 server1( 二)实现线路备份,在某条线路故障的情况下,导通另一条线路。