2 网段 Vlan+NAT 配置

拓扑概述：
    SW1 划分 Vlan 10、20，分别连接 PC1 和 PC2。
    Vlan10: 172.16.1.0/24，网关 172.16.1.254
    Vlan20: 172.16.2.0/24，网关 172.16.2.254
   
    Vlan1 网关 172.16.3.1,连接 RT1。
    在 RT1 上做 NAT。RT1 fa0/0 ip=172.16.3.2
   
    RT2 作为一台 PC 测试用，IP=172.16.4.2。

记录：
    基本调试成功。
    1，需要在 RT1 上做回程路由。
       能不能通过路由汇聚什么的，简化配置？
       已知：可以通过配置 Rip 等路由协议简化路由配置。
    2，为什么 PC1 和 PC2 能 ping 通 172.16.4.2，而不能 ping 通 172.16.4.1？
    2，为什么 RT2 也不能 ping 通 172.16.4.1？   

PC1>en
PC1#copy run start
Destination filename [startup-config]?
Building configuration…
[OK]
PC1#sh run
Building configuration…

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname PC1
!
!
memory-size iomem 15
ip subnet-zero
!
!
interface Loopback0
 no ip address
!
interface FastEthernet0/0
 ip address 172.16.1.100 255.255.255.0
 speed auto
 full-duplex
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.1.254
no ip http server
!
no cdp run
!
line con 0
 transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end

PC1#

==================================
PC2#sh run
Building configuration…

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname PC2
!
!
memory-size iomem 15
ip subnet-zero
!
!
interface Loopback0
 no ip address
!
interface FastEthernet0/0
 ip address 172.16.2.100 255.255.255.0
 speed auto
 full-duplex
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.2.254
no ip http server
!
no cdp run
!
line con 0
 transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end

==================================

SW1#sh run
Building configuration…

Current configuration : 1090 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
 switchport access vlan 10
!
interface FastEthernet1/12
 switchport access vlan 20
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Vlan1
 ip address 172.16.3.1 255.255.255.0
!
interface Vlan10
 ip address 172.16.1.254 255.255.255.0
!
interface Vlan20
 ip address 172.16.2.254 255.255.255.0
!
ip http server
ip route 0.0.0.0 0.0.0.0 172.16.3.2
!
no cdp run
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

==================================

RT1#sh run
Building configuration…

Current configuration : 1151 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RT1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
multilink bundle-name authenticated
!
!
interface FastEthernet0/0
 ip address 172.16.3.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 172.16.4.1 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip route 172.16.1.0 255.255.255.0 172.16.3.1
ip route 172.16.2.0 255.255.255.0 172.16.3.1
!
!
ip http server
no ip http secure-server
ip nat pool pool1 172.16.4.1 172.16.4.1 netmask 255.255.255.0
ip nat inside source list 1 pool pool1 overload
!
!
access-list 1 permit 172.16.1.0 0.0.0.250
access-list 1 permit 172.16.2.0 0.0.0.250

control-plane
!
line con 0
line aux 0
line vty 0 4
!
!
end

===============================

RT2#sh run
Building configuration…

Current configuration : 874 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RT2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
multilink bundle-name authenticated
!
interface FastEthernet0/0
 ip address 172.16.5.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 172.16.4.2 255.255.255.0
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
!
ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

本文转自网眼51CTO博客，原文链接：http://blog.51cto.com/itwatch/286605，如需转载请自行联系原作者