OSPF、DHCP、VLAN的完整综合实验

拓扑

完整配置-SW1

<SW1>dis cur
#
sysname SW1
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
aaa
 local-user ntd password cipher 123
 local-user ntd privilege level 15
 local-user ntd service-type telnet
#
interface Vlanif199
 ip address 192.168.199.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
 stp edged-port enable
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/11
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ip route-static 0.0.0.0 0.0.0.0 192.168.199.254
#
user-interface vty 0 4
 authentication-mode aaa
 
 

完整配置-SW2

sysname SW2
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
aaa
 local-user ntd password cipher 123
 local-user ntd privilege level 15
 local-user ntd service-type telnet
#
interface Vlanif199
 ip address 192.168.199.2 255.255.255.0
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 10
 stp edged-port enable
#
interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 30
#
interface GigabitEthernet0/0/11
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ip route-static 0.0.0.0 0.0.0.0 192.168.199.254
#
user-interface vty 0 4
 authentication-mode aaa

完整配置-SW3

<SW1>dis cur
#
sysname SW3
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
aaa
 local-user ntd password cipher 123
 local-user ntd privilege level 15
 local-user ntd service-type telnet
#
interface Vlanif199
 ip address 192.168.199.3 255.255.255.0
#
interface GigabitEthernet0/0/5
 port link-type access
 port default vlan 20
#
interface GigabitEthernet0/0/6
 port link-type access
 port default vlan 40
#
interface GigabitEthernet0/0/11
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ip route-static 0.0.0.0 0.0.0.0 192.168.199.254
#
user-interface vty 0 4
 authentication-mode aaa

完整配置-SW4

sysname SW4
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
aaa
 local-user ntd password cipher 123
 local-user ntd privilege level 15
 local-user ntd service-type telnet
#
interface Vlanif199
 ip address 192.168.199.4 255.255.255.0
#
interface GigabitEthernet0/0/7
 port link-type access
 port default vlan 40
 stp edged-port enable
#
interface GigabitEthernet0/0/8
 port link-type access
 port default vlan 30
#
interface GigabitEthernet0/0/11
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ip route-static 0.0.0.0 0.0.0.0 192.168.199.254
#
user-interface vty 0 4
 authentication-mode aaa
#

完整配置-SW5

sysname SW5
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
 dhcp enable 
#
stp instance 1 priority 4096
stp instance 2 priority 8192
stp instance 3 priority 4096
stp instance 4 priority 8192
stp instance 5 priority 4096
stp instance 6 priority 8192
stp instance 7 priority 4096
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
interface Vlanif10
 ip address 192.168.10.251 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 vrrp vrid 10 priority 160
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif15
 ip address 192.168.15.5 255.255.255.0
#
interface Vlanif20
 ip address 192.168.20.251 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 vrrp vrid 20 priority 160
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif25
 ip address 192.168.25.5 255.255.255.0
 ospf cost 10
#
interface Vlanif30
 ip address 192.168.30.251 255.255.255.0
 vrrp vrid 30 virtual-ip 192.168.30.254
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif40
 ip address 192.168.40.251 255.255.255.0
 vrrp vrid 40 virtual-ip 192.168.40.254
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif66
 ip address 192.168.66.253 255.255.255.0
#
interface Vlanif88
 ip address 192.168.88.254 255.255.255.0
#
interface Vlanif199
 ip address 192.168.199.251 255.255.255.0
 vrrp vrid 199 virtual-ip 192.168.199.254
 vrrp vrid 199 priority 160
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/8
 port link-type access
 port default vlan 88
#
interface GigabitEthernet0/0/9
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/20
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ospf 1 router-id 5.5.5.5
 area 0.0.0.0
  network 192.168.15.0 0.0.0.255
  network 192.168.25.0 0.0.0.255
 area 0.0.0.10
  network 192.168.10.0 0.0.0.255
 area 0.0.0.20
  network 192.168.20.0 0.0.0.255
 area 0.0.0.30
  network 192.168.30.0 0.0.0.255
 area 0.0.0.40
  network 192.168.40.0 0.0.0.255
 area 0.0.0.88
  network 192.168.88.0 0.0.0.255
 area 0.0.0.199
  network 192.168.199.0 0.0.0.255

完整配置-SW6

sysname SW6
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
 dhcp enable 
#
stp instance 0 priority 4096
stp instance 1 priority 8192
stp instance 2 priority 4096
stp instance 3 priority 8192
stp instance 4 priority 4096
stp instance 5 priority 8192
stp instance 6 priority 4096
stp instance 7 priority 8192
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration

#
interface Vlanif10
 ip address 192.168.10.252 255.255.255.0
 vrrp vrid 10 virtual-ip 192.168.10.254
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif16
 ip address 192.168.16.6 255.255.255.0
   ospf cost 10 
#
interface Vlanif20
 ip address 192.168.20.252 255.255.255.0
 vrrp vrid 20 virtual-ip 192.168.20.254
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif26
 ip address 192.168.26.6 255.255.255.0
#
interface Vlanif30
 ip address 192.168.30.252 255.255.255.0
 vrrp vrid 30 virtual-ip 192.168.30.254
 vrrp vrid 30 priority 160
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif40
 ip address 192.168.40.252 255.255.255.0
 vrrp vrid 40 virtual-ip 192.168.40.254
 vrrp vrid 40 priority 160
 dhcp select relay
 dhcp relay server-ip 192.168.66.1
#
interface Vlanif66
 ip address 192.168.66.254 255.255.255.0
#
interface Vlanif88
 ip address 192.168.88.6 255.255.255.0
#
interface Vlanif199
 ip address 192.168.199.252 255.255.255.0
 vrrp vrid 199 virtual-ip 192.168.199.254
 ospf cost 10
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/9
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/20
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/24
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
ospf 1 router-id 6.6.6.6
 area 0.0.0.0
  network 192.168.16.0 0.0.0.255
  network 192.168.26.0 0.0.0.255
 area 0.0.0.10
  network 192.168.10.0 0.0.0.255
 area 0.0.0.20
  network 192.168.20.0 0.0.0.255
 area 0.0.0.30
  network 192.168.30.0 0.0.0.255
 area 0.0.0.40
  network 192.168.40.0 0.0.0.255
 area 0.0.0.66
  network 192.168.66.0 0.0.0.255
 area 0.0.0.199
  network 192.168.199.0 0.0.0.255

完整配置-SW7

sysname SW7
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration

#
interface GigabitEthernet0/0/9
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/15
 port link-type access
 port default vlan 15
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 25
#
interface GigabitEthernet0/0/24
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 
 

完整配置-SW8

sysname SW8
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66 88 199
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
interface GigabitEthernet0/0/9
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/15
 port link-type access
 port default vlan 26
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 16
#
interface GigabitEthernet0/0/24
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

完整配置-SW10

 sysname SW10
#
vlan batch 10 15 to 16 20 25 to 26 30 40 66
#
stp region-configuration
 region-name ntd
 instance 1 vlan 10 20
 instance 2 vlan 30 40
 instance 3 vlan 15 25
 instance 4 vlan 16 26
 instance 5 vlan 199
 instance 6 vlan 66
 instance 7 vlan 88
 active region-configuration
#
interface GigabitEthernet0/0/6
 port link-type access
 port default vlan 66
#
interface GigabitEthernet0/0/23
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/24
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

完整配置-DHCP

sysname R6-DHCP
#
dhcp enable
#
dhcp server ping packet 4
dhcp server ping timeout 100
#
ip pool vlan10
 gateway-list 192.168.10.254 
 network 192.168.10.0 mask 255.255.255.0 
 dns-list 8.8.8.8 
#
ip pool vlan20
 gateway-list 192.168.20.254 
 network 192.168.20.0 mask 255.255.255.0 
 excluded-ip-address 192.168.20.251 192.168.20.252 
 dns-list 8.8.8.8 
#
ip pool vlan30
 gateway-list 192.168.30.254 
 network 192.168.30.0 mask 255.255.255.0 
 dns-list 8.8.8.8 
#
ip pool vlan40
 gateway-list 192.168.40.254 
 network 192.168.40.0 mask 255.255.255.0 
 dns-list 8.8.8.8 
#
interface GigabitEthernet0/0/0
 ip address 192.168.66.1 255.255.255.0 
 dhcp select global
#
ip route-static 0.0.0.0 0.0.0.0 192.168.66.254

完整配置-R1

2000 sysname R1
#
acl number 2000  
 rule 10 deny source 192.168.40.0 0.0.0.255 
 rule 20 permit 
#
 nat address-group 1 100.1.1.3 100.1.1.5
#
interface GigabitEthernet0/0/0
 ip address 192.168.15.1 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 192.168.16.2 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 100.1.1.1 255.255.255.248 
 nat server protocol tcp global 100.1.1.6 www inside 192.168.88.1 www
 nat server protocol tcp global 100.1.1.6 2222 inside 192.168.199.1 telnet
 nat server protocol tcp global 100.1.1.6 2223 inside 192.168.199.2 telnet
 nat server protocol tcp global 100.1.1.6 2224 inside 192.168.199.3 telnet
 nat server protocol tcp global 100.1.1.6 2225 inside 192.168.199.4 telnet
 nat outbound 2000 address-group 1 
#
ospf 1 router-id 1.1.1.1 
 default-route-advertise type 1
 area 0.0.0.0 
  network 192.168.15.0 0.0.0.255 
  network 192.168.16.0 0.0.0.255 
#
ip route-static 0.0.0.0 0.0.0.0 100.1.1.2

完整配置-R2

 sysname R2
#
acl number 2000  
 rule 10 deny source 192.168.40.0 0.0.0.255 
 rule 20 permit 
#
 nat address-group 1 150.1.1.3 150.1.1.5
#
interface GigabitEthernet0/0/0
 ip address 192.168.25.1 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 192.168.26.2 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 150.1.1.1 255.255.255.248 
 nat server protocol tcp global 150.1.1.6 www inside 192.168.88.1 www
 nat server protocol icmp global 150.1.1.6 inside 192.168.88.1
 nat outbound 2000 address-group 1 
#
ospf 1 router-id 2.2.2.2 
 default-route-advertise type 1
 area 0.0.0.0 
  network 192.168.25.0 0.0.0.255 
  network 192.168.26.0 0.0.0.255 
#
ip route-static 0.0.0.0 0.0.0.0 150.1.1.2

完整配置-ISP-DX

 sysname ISP-dx
#
interface GigabitEthernet0/0/0
 ip address 200.1.1.254 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 100.1.1.2 255.255.255.248 
#
interface GigabitEthernet0/0/2
 ip address 150.1.1.2 255.255.255.248