1.1【实验目的】
1.企业级IPV6和AAA通讯
2.实验目标:客户端能访问服务器:不同VLAN的PC能相互访问
3.要求:除服务器server和客户端client外全部部署IPV6地址及协议
1.2【实验环境】
ENSP
实验拓扑图如下图所示。
1.3【实验过程及其配置】
1.地址配置
IP地址规划表
设备名称 |
设备接口 |
IP |
网关 |
所属VLAN |
PC1 |
E0/0/3 |
172.20.1.10/16 FD20::320:10/64 |
172.20.1.1 FD20::320:1 |
VLAN20 |
PC2 |
E0/0/4 |
172.30.1.10/24 FD30::320:10/64 |
172.30.1.1 FD30::320:1 |
VLAN30 |
PC3 |
E0/0/2 |
172.20.1.20/16 FD20::320:11/64 |
172.20.1.1 FD20::320:1 |
VLAN20 |
PC4 |
E0/0/1 |
192.168.40.10/24 FD40::320:10/64 |
192.168.40.1 FD40::320:1 |
VLAN40 |
PC5 |
E0/0/3 |
192.168.50.10/24 FD50::320:10/64 |
192.168.50.1 FD50::320:1 |
VLAN50 |
AR2 |
G0/0/2 |
172.16.0.1/16 FD16::320:1/64 |
||
S4/0/1 |
201.0.0.1/30 FD12::320:1/64 |
|||
S4/0/0 |
200.0.0.2/30 FD10::320:1/64 |
|||
AR3 |
S4/0/0 |
200.0.0.10/30 FD12::320:11/64 |
||
G0/0/1.40 |
192.168.40.1/24 FD40::320:1/64 |
|||
G0/0/1.50 |
192.168.50.1/24 FD50::320:1/64 |
|||
G0/0/1.1 |
192.168.0.1/24 FD1::320:1/64 |
|||
AR1 |
S4/0/0 |
200.0.0.1/30 FD10::320:10/64 |
||
G0/0/1 |
10.0.0.1/8 |
|||
Server1 |
E0/0/2 |
10.0.0.200/8 |
||
Server2 |
E0/0/3 |
10.0.0.100/8 |
||
Client1 |
E0/0/2 |
172.16.0.254/16 |
||
Client2 |
E0/0/2 |
192.168.0.254/16 |
||
LSW6 |
VLANif30 |
172.30.1.1/16 FD30::320:1/64 |
||
VLANif20 |
172.20.1.1/16 FD20::320:1/64 |
|||
VLANif1 |
172.16.0.2/16 FD16::320:2/64 |
2.路由器AR1上的配置
进入端口配置IPv4地址 [Huawei]sysname AR1 [AR1]interface s4/0/0 [AR1-Serial4/0/0]ip address 200.0.0.1 255.255.255.252 [AR1-Serial4/0/0] [AR1-Serial4/0/0]interface g0/0/1 [AR1-Serial4/0/1]ip address 10.0.0.1 255.0.0.0 [AR1-Serial4/0/1]q 配置ospf协议 [AR1]ospf 1 router-id 1.1.1.1 [AR1-ospf-1]area 0 [AR1-ospf-1-area-0.0.0.0]network 10.0.0.0 0.255.255.255 [AR1-ospf-1-area-0.0.0.0]network 200.0.0.0 0.0.0.3 [AR1-ospf-1-area-0.0.0.0]q [AR1-ospf-1]q [AR1] 配置远程登录认证 [AR1]user-interface vty 0 4 [AR1-ui-vty0-4]authentication-mode aaa [AR1-ui-vty0-4]aaa [AR1-aaa]local-user JC password cipher yq12345 Info: Add a new user. [AR1-aaa]local-user JC service-type telnet [AR1-aaa]local-user JC privilege level 3 [AR1-aaa]q 进入端口配置IPv6地址 [AR1]ipv6 [AR1]interface s4/0/0 [AR1-Serial4/0/0]ipv6 enable [AR1-Serial4/0/0]q 配置ospfv3协议 [AR1]ospfv3 1 [AR1-ospfv3-1]router-id 10.10.10.10 [AR1-ospfv3-1]q [AR1]interface s4/0/0 [AR1-GigabitEthernet0/0/0]ospfv3 1 area 0 [AR1-GigabitEthernet0/0/0]q
3.路由器AR2上的配置
进入端口配置ipv4地址 [Huawei]sysname AR2 [AR2]interface s4/0/0 [AR2-Serial4/0/0]ip address 200.0.0.2 255.255.255.252 [AR2-Serial4/0/0]interface s4/0/1 [AR2-Serial4/0/1]ip address 201.0.0.1 255.255.255.252 [AR2-GigabitEthernet0/0/1]interface g0/0/2 [AR2-GigabitEthernet0/0/2]ip address 172.16.0.1 255.255.0.0 [AR2-GigabitEthernet0/0/2]q 配置ospf协议 [AR2]ospf 1 router-id 2.2.2.2 [AR2-ospf-1]area 0 [AR2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 [AR2-ospf-1-area-0.0.0.0]network 200.0.0.0 0.0.0.3 [AR2-ospf-1-area-0.0.0.0]network 201.0.0.0 0.0.0.3 [AR2-ospf-1-area-0.0.0.0]q [AR2-ospf-1]q 配置ospfv3协议 [AR2]ipv6 [AR2]ospfv3 1 [AR2-ospfv3-1]router-id 20.20.20.20 [AR2-ospfv3-1]q 进入端口配置ipv6地址,并把端口加入到ospfv3协议中 [AR2]interface s4/0/0 [AR2-Serial4/0/0]ipv6 enable [AR2-Serial4/0/0]ipv6 address fd10::320:2/64 [AR2-Serial4/0/0]ospfv3 1 area 0 [AR2-Serial4/0/0]interface s4/0/1 [AR2-Serial4/0/1]ipv6 enable [AR2-Serial4/0/1]ipv6 address fd12::320:1/64 [AR2-Serial4/0/1]ospfv3 1 area 0 [AR2- Serial4/0/1]q [AR2]interface g0/0/2 [AR2-GigabitEthernet0/0/2]ipv6 enable [AR2-GigabitEthernet0/0/2]ipv6 address fd16::320:1/64 [AR2-GigabitEthernet0/0/2]ospfv3 1 area 0 [AR2-GigabitEthernet0/0/2]q
4.路由器AR3上的配置
进入端口配置ipv4地址,并用dot1q封装虚拟端口 [Huawei]sysname AR3 [AR3]interface s4/0/0 [AR3-Serial4/0/0]ip address 201.0.0.2 255.255.255.252 [AR3-Serial4/0/0]q [AR3]interface g0/0/1.1 [AR3-GigabitEthernet0/0/1.1]dot1q termination vid 1(利用dot1q封装虚拟端口) [AR3-GigabitEthernet0/0/1.1]ip address 192.168.0.1 255.255.255.0 [AR3-GigabitEthernet0/0/1.1]q [AR3]interface g0/0/1.40 [AR3-GigabitEthernet0/0/1.40]dot1q termination vid 40 [AR3-GigabitEthernet0/0/1.40]ip address 192.168.40.1 255.255.255.0 [AR3-GigabitEthernet0/0/1.40]q [AR3]interface g0/0/1.50 [AR3-GigabitEthernet0/0/1.50]dot1q termination vid 50 [AR3-GigabitEthernet0/0/1.50]ip address 192.168.50.1 255.255.255.0 [AR3-GigabitEthernet0/0/1.50]q 配置ospf协议 [AR3]ospf 1 router-id 3.3.3.3 [AR3-ospf-1]area 0 [AR3-ospf-1-area-0.0.0.0]network 192.168.0.0 0.0.0.255 [AR3-ospf-1-area-0.0.0.0]network 201.0.0.0 0.0.0.3 [AR3-ospf-1-area-0.0.0.0]network 192.168.40.0 0.0.0.255 [AR3-ospf-1-area-0.0.0.0]network 192.168.50.0 0.0.0.255 [AR3-ospf-1-area-0.0.0.0]q [AR3-ospf-1]q [AR3] 配置ospfv3协议 [AR3]ipv6 [AR3]ospfv3 1 [AR3-ospfv3-1]router-id 30.30.30.30 [AR3-ospfv3-1]q 进入端口配置ipv6地址并将端口加入到ospfv3协议中 [AR3]interface s4/0/0 [AR3-Serial4/0/0]ipv6 enable [AR3-Serial4/0/0]ipv6 address fd12::320:2/64 [AR3-Serial4/0/0]ospfv3 1 area 0 [AR3-Serial4/0/0]q [AR3]interface g0/0/1.1 [AR3-GigabitEthernet0/0/1.1]ipv6 enable [AR3-GigabitEthernet0/0/1.1]ipv6 address fd1::320:1/64 [AR3-GigabitEthernet0/0/1.1]ospfv3 1 area 0 [AR3-GigabitEthernet0/0/1.1]q [AR3]interface g0/0/1.40 [AR3-GigabitEthernet0/0/1.40]ipv6 enable [AR3-GigabitEthernet0/0/1.40]ipv6 address fd40::320:1/64 [AR3-GigabitEthernet0/0/1.40]ospfv3 1 area 0 [AR3-GigabitEthernet0/0/1.40]q [AR3]interface g0/0/1.50 [AR3-GigabitEthernet0/0/1.50]ipv6 enable [AR3-GigabitEthernet0/0/1.50]ipv6 address fd50::320:1/64 [AR3-GigabitEthernet0/0/1.50]ospfv3 1 area 0 [AR3-GigabitEthernet0/0/1.50]q [AR3] 进入虚拟端口,开启ARP广播协议 [AR3]interface g0/0/1.1 [AR3-GigabitEthernet0/0/1.1]arp broadcast enable [AR3-GigabitEthernet0/0/1.1]interface g0/0/1.40 [AR3-GigabitEthernet0/0/1.40]arp broadcast enable [AR3-GigabitEthernet0/0/1.40]interface g0/0/1.50 [AR3-GigabitEthernet0/0/1.50]arp broadcast enable
5.交换机LSW1上的配置
[Huawei]sysname LSW1 创建VLAN [LSW1]vlan batch 20 30 配置端口的类型 [LSW1]interface e0/0/1 [LSW1-Ethernet0/0/1]port link-type trunk [LSW1-Ethernet0/0/1]port trunk allow-pass vlan all [LSW1-Ethernet0/0/1]interface e0/0/3 [LSW1-Ethernet0/0/3]port link-type access [LSW1-Ethernet0/0/3]port default vlan 20 [LSW1-Ethernet0/0/3]interface e0/0/4 [LSW1-Ethernet0/0/4]port link-type access [LSW1-Ethernet0/0/4]port default vlan 30 [LSW1-Ethernet0/0/4]q