基于eNSP模拟器完成一次综合实验

简介: 基于eNSP模拟器完成一次综合实验

一、实验拓扑

80a90e01040b41869eaba7f9a2ca5144.png

二、实验要求

1.设置S1、S2、S3、R1、R2的主机名称。配置路由器R1 R2端口的IP地址。

2.R1路由器配置访问外网的默认路由,设置访问PC1和PC2所在的网段的静态路由。

3.R1上使用NAT Outbound动态地址池使得PC2所在的网段能够访问外网,ACL编号为2001,动态地址池编号为1,地址池范围为12.1.1.50-12.1.1.70

4.S3三层交换机上使用vlan batch命令创建vlan10、20、101,配置相应的access接口和trunk接口,trunk接口允许vlan10 、20

通过。S3上创建vlanif 10 ,vlanif 20,vlanif

30.S3上配置访问外网的默认路由.S3上创建DHCP全局地址池vlan20pool,地址池网段地址为192.168.20.0,网关为192.168.20.254

5.S1 S2交换机上使用vlan batch命令创建vlan10 vlan20,配置相应的access trunk接口,并且trunk接口允许vlan10 vlan20通过.

三、实验配置

S1配置命令

#S1配置命令
The device is running!
<Huawei>sys 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]sys 
[Huawei]sysname S1
[S1]
[S1]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1]display vlan
The total number of vlans is : 3
--------------------------------------------------------------------------------
U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------
VID  Type    Ports                                                          
--------------------------------------------------------------------------------
1    common  UT:Eth0/0/1(U)     Eth0/0/2(D)     Eth0/0/3(D)     Eth0/0/4(D)     
                Eth0/0/5(U)     Eth0/0/6(D)     Eth0/0/7(D)     Eth0/0/8(D)     
                Eth0/0/9(D)     Eth0/0/10(D)    Eth0/0/11(D)    Eth0/0/12(D)    
                Eth0/0/13(D)    Eth0/0/14(D)    Eth0/0/15(D)    Eth0/0/16(D)    
                Eth0/0/17(D)    Eth0/0/18(D)    Eth0/0/19(D)    Eth0/0/20(D)    
                Eth0/0/21(D)    Eth0/0/22(D)    GE0/0/1(D)      GE0/0/2(D)      
10   common  
20   common  
VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------
1    enable  default       enable  disable    VLAN 0001                         
10   enable  default       enable  disable    VLAN 0010                         
20   enable  default       enable  disable    VLAN 0020                         
[S1]
#配置access口(S1与PC1端相连接的端口Ethernet0/0/1)
[S1]interface Ethernet0/0/1
[S1-Ethernet0/0/1]port link-type access 
[S1-Ethernet0/0/1]port default vlan 10
[S1-Ethernet0/0/1]display this
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 10
#
return
[S1-Ethernet0/0/1]quit
#配置trunk口(S1与三层交换机S3相连接的端口Ethernet0/0/5)
[S1]interface Ethernet0/0/5
[S1-Ethernet0/0/5]port link-type trunk 
[S1-Ethernet0/0/5]port trunk allow-pass vlan 10 20
[S1-Ethernet0/0/5]display this
#
interface Ethernet0/0/5
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
return
[S1-Ethernet0/0/5]quit

S2配置命令

# S2配置命令
The device is running!
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname S2
[S2]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2]display vlan
The total number of vlans is : 3
--------------------------------------------------------------------------------
U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------
VID  Type    Ports                                                          
--------------------------------------------------------------------------------
1    common  UT:Eth0/0/1(U)     Eth0/0/2(D)     Eth0/0/3(U)     Eth0/0/4(D)     
                Eth0/0/5(D)     Eth0/0/6(D)     Eth0/0/7(D)     Eth0/0/8(D)     
                Eth0/0/9(D)     Eth0/0/10(D)    Eth0/0/11(D)    Eth0/0/12(D)    
                Eth0/0/13(D)    Eth0/0/14(D)    Eth0/0/15(D)    Eth0/0/16(D)    
                Eth0/0/17(D)    Eth0/0/18(D)    Eth0/0/19(D)    Eth0/0/20(D)    
                Eth0/0/21(D)    Eth0/0/22(D)    GE0/0/1(D)      GE0/0/2(D)      
10   common  
20   common  
VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------
1    enable  default       enable  disable    VLAN 0001                         
10   enable  default       enable  disable    VLAN 0010                         
20   enable  default       enable  disable    VLAN 0020                         
[S2]
#配置access口(S2与PC2端相连接的端口Ethernet0/0/1)
[S2]interface Ethernet0/0/1
[S2-Ethernet0/0/1]port link-type access
[S2-Ethernet0/0/1]port default vlan 20
[S2-Ethernet0/0/1]display this
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 20
#
return
[S2-Ethernet0/0/1]quit
#配置trunk口(S2与三层交换机S3相连接的端口Ethernet0/0/3)
[S2]interface Ethernet0/0/3
[S2-Ethernet0/0/3]port link-type trunk
[S2-Ethernet0/0/3]port trunk allow-pass vlan 10 20
[S2-Ethernet0/0/3]display this
#
interface Ethernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
return
[S2-Ethernet0/0/3]quit

S3配置命令

#S3配置命令
The device is running!
<Huawei>  
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
#配置S3主机名称
[Huawei]sysname S3
[S3]
#创建并查看vlan 10 20 101是否创建成功
[S3]vlan batch 10 20 101
Info: This operation may take a few seconds. Please wait for a moment...done. 
[S3]display vlan
The total number of vlans is : 4
--------------------------------------------------------------------------------
U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------
VID  Type    Ports                                                          
--------------------------------------------------------------------------------
1    common  UT:GE0/0/1(U)      GE0/0/2(U)      GE0/0/3(U)      GE0/0/4(D)
                GE0/0/5(D)      GE0/0/6(D)      GE0/0/7(D)      GE0/0/8(D)      
                GE0/0/9(D)      GE0/0/10(D)     GE0/0/11(D)     GE0/0/12(D)     
                GE0/0/13(D)     GE0/0/14(D)     GE0/0/15(D)     GE0/0/16(D)     
                GE0/0/17(D)     GE0/0/18(D)     GE0/0/19(D)     GE0/0/20(D)     
                GE0/0/21(D)     GE0/0/22(D)     GE0/0/23(D)     GE0/0/24(D)     
10   common  
20   common  
101  common  
VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------
1    enable  default       enable  disable    VLAN 0001                         
10   enable  default       enable  disable    VLAN 0010                         
20   enable  default       enable  disable    VLAN 0020                         
101  enable  default       enable  disable    VLAN 0101                         
[S3]
#配置trunk口(与二层交换机S1、S2相连接的端口GE0/0/2、GE0/0/3)
[S3]interface GigabitEthernet 0/0/2
[S3-GigabitEthernet0/0/2]port link-type trunk
[S3-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 20
[S3-GigabitEthernet0/0/2]display this
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
return
[S3-GigabitEthernet0/0/2]quit
#配置trunk口(与二层交换机S1、S2相连接的端口GE0/0/2、GE0/0/3)
[S3]interface GigabitEthernet 0/0/3
[S3-GigabitEthernet0/0/3]port link-type trunk 
[S3-GigabitEthernet0/0/3]port trunk allow-pass vlan 10 20
[S3-GigabitEthernet0/0/3]display this
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
return
[S3-GigabitEthernet0/0/3]quit
# 配置VLANIF 10接口IP地址(此地址为PC端默认的网关地址)
[S3]interface Vlanif 10
[S3-Vlanif10]ip address 192.168.10.254 24
[S3-Vlanif10]display this
#
interface Vlanif10
 ip address 192.168.10.254 255.255.255.0
#
return
[S3-Vlanif10]quit
# 配置VLANIF 20接口IP地址(此地址为PC端默认的网关地址)
[S3]interface Vlanif 20
[S3-Vlanif20]ip address 192.168.20.254 24
[S3-Vlanif20]display this
#
interface Vlanif20
 ip address 192.168.20.254 255.255.255.0
#
return
[S3-Vlanif20]quit
# 配置VLANIF 101接口IP地址并将GE0/0/1端口划分到VLAN 101中
[S3]interface Vlanif 101
[S3-Vlanif101]ip add  
[S3-Vlanif101]ip address 10.0.1.2 24
[S3-Vlanif101]display this
#
interface Vlanif101
 ip address 10.0.1.2 255.255.255.0
#
return
[S3-Vlanif101]quit
[S3]interface GigabitEthernet 0/0/1
[S3-GigabitEthernet0/0/1]port link-type access
[S3-GigabitEthernet0/0/1]port default vlan 101
[S3-GigabitEthernet0/0/1]display this
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 101
#
return
[S3-GigabitEthernet0/0/1]quit
[S3]
#S3三层交换机配置访问外网的默认路由
💚💙💔🟥🔴🧡💖💖🎈🎈🎈
[S3]ip route-static 0.0.0.0 0.0.0.0 10.0.1.1
#开启DHCP服务功能
[S3]dhcp enable 
Info: The operation may take a few seconds. Please wait for a moment.done.
[S3]
#S3上创建DHCP全局地址池vlan20pool,地址池网段地址为192.168.20.0,网关为192.168.20.254
[S3]ip pool vlan20pool
Info:It's successful to create an IP address pool.
[S3-ip-pool-vlan20pool]network 192.168.20.0 mask ?
  INTEGER<0-32>  Length of the network's mask
  X.X.X.X        Network's mask
[S3-ip-pool-vlan20pool]network 192.168.20.0 mask 24 
[S3-ip-pool-vlan20pool]gateway-list 192.168.20.254
[S3-ip-pool-vlan20pool]display this
#
ip pool vlan20pool
 gateway-list 192.168.20.254
 network 192.168.20.0 mask 255.255.255.0
#
return
[S3-ip-pool-vlan20pool]quit
#选择全局地址池给DHCP客户端使用
[S3]interface Vlanif 20
[S3-Vlanif20]dhcp select global 
[S3-Vlanif20]display this
#
interface Vlanif20
 ip address 192.168.20.254 255.255.255.0
 dhcp select global
#
return
[S3-Vlanif20]quit
#PC2端使用ipconfig命令测试,是否自动获取到DHCP地址池提供的IP地址。
PC>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fe33:6a6d
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.20.253
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.20.254
Physical address..................: 54-89-98-33-6A-6D
DNS server........................:
PC>
# 测试三层交换机是否实现VLAN间路由通信(PC2 ping PC1)
PC>ping 192.168.10.1
Ping 192.168.10.1: 32 data bytes, Press Ctrl_C to break
From 192.168.10.1: bytes=32 seq=1 ttl=127 time=125 ms
From 192.168.10.1: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.10.1: bytes=32 seq=3 ttl=127 time=79 ms
From 192.168.10.1: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.10.1: bytes=32 seq=5 ttl=127 time=93 ms
--- 192.168.10.1 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 78/90/125 ms
PC>
# 测试三层交换机是否实现VLAN间路由通信(PC1 ping PC2)
Welcome to use PC Simulator!
PC>ping 192.168.20.253
Ping 192.168.20.253: 32 data bytes, Press Ctrl_C to break
From 192.168.20.253: bytes=32 seq=1 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=3 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=5 ttl=127 time=78 ms
--- 192.168.20.253 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 78/78/78 ms
PC>
# 测试PC2能够访问外网,PC1不能访问外网,验证设置的ACL策略是否生效。
(即PC2能够ping通 PC3;PC1 ping不通 PC3)
# PC2端
PC>ping 12.1.2.1
Ping 12.1.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
From 12.1.2.1: bytes=32 seq=3 ttl=125 time=78 ms
From 12.1.2.1: bytes=32 seq=4 ttl=125 time=47 ms
From 12.1.2.1: bytes=32 seq=5 ttl=125 time=47 ms
--- 12.1.2.1 ping statistics ---
  5 packet(s) transmitted
  3 packet(s) received
  40.00% packet loss
  round-trip min/avg/max = 0/57/78 ms
PC>
#PC1端
PC>ping 12.1.2.1
Ping 12.1.2.1: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 12.1.2.1 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss
PC>

R1配置命令

# R1配置命令
The device is running!
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
# 配置R1主机名称
[Huawei]sysname R1
[R1]
#配置路由器R1接口的IP地址
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]display this
[V200R003C00]
#
interface GigabitEthernet0/0/0
#
return
[R1-GigabitEthernet0/0/0]ip address 12.1.1.1 24 
[R1-GigabitEthernet0/0/0]display this
[V200R003C00]
#
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
#
return
[R1-GigabitEthernet0/0/0]quit
#配置路由器R1接口的IP地址
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]display this
[V200R003C00]
#
interface GigabitEthernet0/0/1
#
return
[R1-GigabitEthernet0/0/1]ip address 10.0.1.1 24
[R1-GigabitEthernet0/0/1]display this
[V200R003C00]
#
interface GigabitEthernet0/0/1
 ip address 10.0.1.1 255.255.255.0 
#
return
[R1-GigabitEthernet0/0/1]quit
[R1]
#R1路由器配置访问外网的默认路由
[R1]ip route-static 0.0.0.0 0.0.0.0 12.1.1.2
#R1路由器设置访问PC1和PC2所在的网段的静态路由。
[R1]ip route-static 192.168.10.0 24 10.0.1.2
[R1]ip route-static 192.168.20.0 24 10.0.1.2
#创建ACL编号为2001,动态地址池编号为1,地址池范围为12.1.1.50-12.1.1.70
[R1]acl 2001  
[R1-acl-basic-2001]rule 2 permit source 192.168.20.0 0.0.0.255
[R1-acl-basic-2001]display this
[V200R003C00]
#
acl number 2001  
 rule 2 permit source 192.168.20.0 0.0.0.255 
#
return
[R1-acl-basic-2001]quit
[R1]nat address-group 1 12.1.1.50 12.1.1.70
#R1上使用NAT Outbound动态地址池使得PC2所在的网段能够访问外网(即PC2能够访问外网,PC1不能访问外网)
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]nat outbound ?
  INTEGER<2000-3999>  Apply basic or advanced ACL
[R1-GigabitEthernet0/0/0]nat outbound 2001 address-group ?
  INTEGER<0-7>  Index of address-group  
[R1-GigabitEthernet0/0/0]nat outbound 2001 address-group 1 no-pat 
[R1-GigabitEthernet0/0/0]display this
[V200R003C00]
#
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
 nat outbound 2001 address-group 1 no-pat
#
return
[R1-GigabitEthernet0/0/0]quit

R2配置命令

#R2配置命令
The device is running!
<Huawei>
  Please check whether system data has been changed, and save data in time
  Configuration console time out, please press any key to log on
<Huawei>sys 
<Huawei>system-view 
Enter system view, return user view with Ctrl+Z.
#配置R2主机名称
[Huawei]sysname R2
[R2]
#配置路由器R2接口的IP地址
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]dis thi
[V200R003C00]
#
interface GigabitEthernet0/0/0
#
return
[R2-GigabitEthernet0/0/0]ip address 12.1.1.2 24
[R2-GigabitEthernet0/0/0]dis thi
[V200R003C00]
#
interface GigabitEthernet0/0/0
 ip address 12.1.1.2 255.255.255.0 
#
return
[R2-GigabitEthernet0/0/0]quit
#配置路由器R2接口的IP地址
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]dis thi
[V200R003C00]
#
interface GigabitEthernet0/0/1
#
return
[R2-GigabitEthernet0/0/1]ip address 12.1.2.254 24
[R2-GigabitEthernet0/0/1]dis thi
[V200R003C00]
#
interface GigabitEthernet0/0/1
 ip address 12.1.2.254 255.255.255.0 
#
return
[R2-GigabitEthernet0/0/1]quit
[R2]
相关文章
|
网络协议 网络架构
计算机网络实验(华为eNSP模拟器)——第四章 配置静态路由、动态路由
计算机网络实验(华为eNSP模拟器)——第四章 配置静态路由、动态路由
计算机网络实验(华为eNSP模拟器)——第四章 配置静态路由、动态路由
|
网络虚拟化 网络架构
计算机网络实验(华为eNSP模拟器)——第三章 配置IP地址和网关
计算机网络实验(华为eNSP模拟器)——第三章 配置IP地址和网关
计算机网络实验(华为eNSP模拟器)——第三章 配置IP地址和网关
|
网络安全 网络虚拟化 网络架构
计算机网络实验(华为eNSP模拟器)——第二章 VRP通用路由平台介绍
计算机网络实验(华为eNSP模拟器)——第二章 VRP通用路由平台介绍
计算机网络实验(华为eNSP模拟器)——第二章 VRP通用路由平台介绍
|
安全 网络安全 虚拟化
华为仿真模拟器与VMware虚拟机还能这样组合,简直太强大了
华为仿真模拟器与VMware虚拟机还能这样组合,简直太强大了
512 0
华为仿真模拟器与VMware虚拟机还能这样组合,简直太强大了
|
监控 网络协议 网络安全
计算机网络实验——华为eNSP模拟器常用命令总结(总结的非常详细( •̀ .̫ •́ )✧快来看啊)
计算机网络实验——华为eNSP模拟器常用命令总结(总结的非常详细( •̀ .̫ •́ )✧快来看啊)
计算机网络实验——华为eNSP模拟器常用命令总结(总结的非常详细( •̀ .̫ •́ )✧快来看啊)
|
网络协议 网络虚拟化 网络架构
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(上)
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验
4259 1
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(上)
|
网络协议 数据库 数据安全/隐私保护
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(中)
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验
4054 1
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(中)
|
负载均衡 网络协议 安全
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(下)
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验纪实
3981 1
路由与交换利用ENSP模拟器分析和配置中小型企业网络的综合实验(下)
|
监控 安全 网络安全
计算机网络实验(华为eNSP模拟器)——第六章 密码模式和AAA模式
计算机网络实验(华为eNSP模拟器)——第六章 密码模式和AAA模式
计算机网络实验(华为eNSP模拟器)——第六章 密码模式和AAA模式
|
数据安全/隐私保护 网络架构
计算机网络实验(华为eNSP模拟器)——第七章 远程终端协议(远程登陆)
计算机网络实验(华为eNSP模拟器)——第七章 远程终端协议(远程登陆)
计算机网络实验(华为eNSP模拟器)——第七章 远程终端协议(远程登陆)