【思科实验】核心、汇聚、接入三层网络架构(DHCP+VTP+OSPF)
https://ccie.lol/wp-content/uploads/2016/09/lab-core-convergence-access-layer-dhcp-vtp-ospf.png
实验环境:
操作系统:Mac OS X 10.11.5 beta 3(当时最新测试版),模拟器:GNS3 IOU for Mac 1.4.6(当时最新版本)
注:当然,只要有思科模拟器都可以做这个实验
实验需求:
PC1/2/3/4 根据拓扑能获取到相应 IP 网段的 IP 地址,VLAN 10 和 VLAN 20 的 DHCP Server 在 L3SW 上;
printer 是 IP 打印机,需要固定的 IP 地址 192.168.3.100/24,同时 VLAN 30 的 DHCP Server 在 GW 上(而不是 L3SW 上);
PC1/2/3/4 能访问互联网 8.8.8.8/32。
实验配置命令:
PC1/2/3/4/Printer:
conf t
no ip routing
int e 0/0
ip add dhcp
no sh
Internet:
conf t
int e 0/0
ip add 202.1.1.2 255.255.255.248
no sh
int l 0
ip add 8.8.8.8 255.255.255.255
L2SW1:
conf t
! 模拟二层交换机,关闭路由功能
no ip routing
! 配置 port-channel
int r e 2/0-1
sw trunk en dot1q
sw mo trunk
channel-group 2 mode on
no sh
! 配置 VTP
vtp domain HTPC
vtp mode client
vtp password HTPC
! 划分 VLAN
interface Ethernet0/0
switchport access vlan 10
switchport mode access
interface Ethernet0/1
switchport access vlan 20
switchport mode access
L2SW2:
conf t
! 模拟二层交换机,关闭路由功能
no ip routing
! 配置 port-channel
int r e 3/0-1
sw trunk en dot1q
sw mo trunk
channel-group 3 mode on
no sh
! 配置 VTP
vtp domain HTPC
vtp mode client
vtp password HTPC
! 划分 VLAN
interface Ethernet0/0
switchport access vlan 10
switchport mode access
interface Ethernet0/1
switchport access vlan 20
switchport mode access
interface Ethernet0/2
switchport access vlan 30
switchport mode access
L3SW:
conf t
! 配置 port-channel
int r e 2/0-1
sw trunk en dot1q
sw mo trunk
channel-group 2 mode on
no sh
int r e 3/0-1
sw trunk en dot1q
sw mo trunk
channel-group 3 mode on
no sh
! 配置 VTP
vtp domain HTPC
vtp mode server
vtp password HTPC
! 配置 VLAN
vlan 10,20,30
! 配置 SVI 接口
int vlan 10
ip add 192.168.1.254 255.255.255.0
no sh
int vlan 20
ip add 192.168.2.254 255.255.255.0
no sh
int vlan 30
ip add 192.168.3.254 255.255.255.0
ip helper-address 10.1.1.1
no sh
! 配置 VLAN 10 和 VLAN 20 的 DHCP 服务器
ip dhcp pool VLAN10
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
ip dhcp pool VLAN20
network 192.168.2.0 255.255.255.0
default-router 192.168.2.254
int e 0/1
no sw
ip add 10.1.1.2 255.255.255.0
no sh
! 与 GW 运行 OSPF
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
GW:
conf t
int e 0/1
ip add 10.1.1.1 255.255.255.0
no sh
int e 0/0
ip add 202.1.1.1 255.255.255.248
no sh
! 配置默认路由指向 Internet
ip route 0.0.0.0 0.0.0.0 202.1.1.2
! 与 L3SW 运行 OSPF
router ospf 1
network 10.1.1.0 0.0.0.255 area 0
default-information originate
! 配置 PAT
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
ip nat inside source list 1 interface e 0/0 overload
int e 0/0
ip nat outside
int e 0/1
ip nat inside
! 配置 VLAN 30 的 DHCP 服务器
ip dhcp pool VLAN30
host 192.168.3.100 255.255.255.0
client-identifier 0063.6973…..302f.30
default-router 192.168.3.254
client-identifier 需要你自己获取了。如果不知道怎么获取,可以先配置成:
ip dhcp pool VLAN30
network 192.168.3.0 255.255.255.0
default-router 192.168.3.254
等 printer 获取到 IP 地址后,再在 GW 上 show ip dhcp binding 就可以查看 printer 的 Client-ID,然后再配置成 host 192.168.3.100 255.255.255.0,client-identifier xxx…x 这样的形式。
测试:
VLAN 内 Ping 通测试(PC3 是 192.168.1.x 网段的):
PC3#p 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/2 ms
VLAN 间 Ping 通测试(PC2 是 192.168.2.x 网段的):
PC2#p 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/7 ms
互联网访问测试:
PC1/2/3/4#p 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
这里可以查看 printer 的 Client-ID:
GW#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.3.100 0063.6973.636f.2d61. Infinite Manual
6162.622e.6363.3030.
2e30.6130.302d.4574.
302f.30
核心、汇聚、接入三层网络架构(DHCP+VTP+OSPF 核心、汇聚、接入三层网络架构 谢谢
页:
[1]