Linux云计算 |【第二阶段】NETWORK-DAY6
主要内容:企业网络综合项目分析、大型企业网络搭建
项目案例1
一家网络公司,有若干服务器,通过NAT技术将业务服务器与Internet互联;已有技术:
[*]① 默认路由:实现到互联网数以万计网络访问的简化设置;
[*]② 静态路由:路由器与三层互换间设置静态路由;
[*]③ NAT:将业务服务器与Internet互联;
https://i-blog.csdnimg.cn/direct/90c54cb19796440eaf07d36bf780e2cb.png
1)现有网络情况标题分析:
[*]接入层互换机只与同一个ie三层互换机互联,存在单点故障而影响网络通讯;
2)项目需求:
[*]为进步主机对本公私网络服务访问的可靠性,需要使用许多的冗余技术;
[*]为了保证局域网络高可靠使用了网状拓扑;
[*]为了保证服务器不会由于使用单一网关而出现的单点失败影响网络通讯需要网关冗余;
[*]为了保证到互联网的高可用接入需要使用了冗余互联网连接;
3)解决方案:
[*]OSPF路由协议:实现网络路径的自动学习;
[*]VRRP虚拟路由冗余协议:实现冗余网关;
https://i-blog.csdnimg.cn/direct/ccdb5631f1bc477a8ed6d762c57a9c52.png
1、网络拓扑
https://i-blog.csdnimg.cn/direct/e49cbc22298e4e1eb9d1e0787317f944.png
2、整体思路
1.设置主机IP:
PC1:192.168.10.1 /24 192.168.10.254(VRRP)
PC2:192.168.20.1 /24 192.168.20.254(VRRP)
PC3:192.168.30.1 /24 192.168.30.254(VRRP)
PC4:192.168.40.1 /24 192.168.40.254(VRRP)
PC5:192.168.40.2 /24 192.168.40.254(VRRP)
2.设置二层互换机:
[*]① 设置4个互换机的VLAN(10、20、30、40)
[*]② 设置互换机下层,VLAN对应相应的接口,Type范例为Access;
[*]③ 设置互换机上层,2个G接口范例到场Trunk;
3.设置三层互换机:
[*]① 设置2个三层互换机的VLAN(10、20、30、40)
[*]② 设置三层互换机连接二层互换机的接口为Trunk;
[*]③ 设置2个三层互换机的VLAN虚拟接口;
[*]④ 设置三层互换机之间的接口为ETH-TRUNK聚合链路;
[*]⑤ 设置VRRP协议,设置虚拟网关;
4.设置路由器:
[*]① 设置端口IP;
[*]② 设置三层互换机VLAN虚拟接口并对应到相应接口上,VLAN(50、60、70、80)
[*]③ 设置OSPF协议
5.模拟外网情况:
[*]① 设置相干IP(SW7、路由器)
[*]② 设置静态默认路由及宣告
[*]③ 设置NAT-EasyIP模式实现NAT转换
3、设置步骤
步骤1:设置二层互换机,修改主机名并创建vlan10、20、30、40
sysname sw1
vlan batch 10 20 30 40
displan vlan
sysname sw2
vlan batch 10 20 30 40
displan vlan
sysname sw3
vlan batch 10 20 30 40
displan vlan
sysname sw4
vlan batch 10 20 30 40
displan vlan 步骤2:设置二层互换机端口并到场对应VLAN
interface Ethernet 0/0/1
port link-type access
port default vlan 10
interface Ethernet 0/0/1
port link-type access
port default vlan 20
interface Ethernet 0/0/1
port link-type access
port default vlan 30
interface Ethernet 0/0/1
port link-type access
port default vlan 40
interface Ethernet 0/0/2
port link-type access
port default vlan 40 步骤3:设置二层互换机千兆口端口范例为Trunk
port-group 1
group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/662e95e134b840da82f25b6fc569bbf6.png
port-group 1
group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/3bbdd9db8cf1462b8b9b979e2918d944.png
port-group 1
group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/0d399e3ca6f64abc8e29afe3db386956.png
port-group 1
group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/f7fd1d5a0576407dac207f219a0c8588.png
步骤4:设置三层互换机,修改主机名及创建VLAN及接口范例为Trunk
sysname sw5
vlan batch 10 20 30 40
port-group 1
group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4
port link-type trunk
port trunk allow-pass vlan all
sysname sw6
vlan batch 10 20 30 40
port-group 1
group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4
port link-type trunk
port trunk allow-pass vlan all 步骤5:设置三层互换机聚合链路
interface Eth-Trunk 1
trunkport GigabitEthernet 0/0/5 0/0/6
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/1b2aad74aea3421db5004c24316a806f.png
interface Eth-Trunk 1
trunkport GigabitEthernet 0/0/5 0/0/6
port link-type trunk
port trunk allow-pass vlan all https://i-blog.csdnimg.cn/direct/c34be1de089d4321912e7ce4b31be7bb.png
步骤6:设置三层互换机虚拟接口
inter vlan10
ip add 192.168.10.252 24
inter vlan20
ip add 192.168.20.252 24
inter vlan30
ip add 192.168.30.252 24
inter vlan40
ip add 192.168.40.252 24
display ip interface brief https://i-blog.csdnimg.cn/direct/48fd108fd7d644729610e5361c3db645.png
inter vlan10
ip add 192.168.10.253 24
inter vlan20
ip add 192.168.20.253 24
inter vlan30
ip add 192.168.30.253 24
inter vlan40
ip add 192.168.40.253 24
display ip interface brief https://i-blog.csdnimg.cn/direct/a1b37b65c2d04bc992d402edd32ea517.png
步骤7:设置VRRP虚拟冗余协议,添加虚拟网关
interface Vlanif 10
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 105
inter vlan 20
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 105
inter vlan 30
vrrp vrid 30 virtual-ip 192.168.30.254
inter vlan 40
vrrp vrid 40 virtual-ip 192.168.40.254 https://i-blog.csdnimg.cn/direct/bc2782742a184bf99cc9f626bae72c7c.png
interface Vlanif 10
vrrp vrid 10 virtual-ip 192.168.10.254
inter vlan 20
vrrp vrid 20 virtual-ip 192.168.20.254
inter vlan 30
vrrp vrid 30 virtual-ip 192.168.30.254
vrrp vrid 30 priority 105
inter vlan 40
vrrp vrid 40 virtual-ip 192.168.40.254
vrrp vrid 40 priority 105 https://i-blog.csdnimg.cn/direct/a55b527e50954491889a04eb1c527750.png
步骤8:设置路由器IP地址
AR1:
interface GigabitEthernet 0/0/0
ip add 192.168.50.1 24 SW5:
vlan 50
interface vlan 50
ip add 192.168.50.2 24
interface GigabitEthernet 0/0/7
port link-type access
port default vlan 50
ping 192.168.50.1 //测试 AR1:
interface GigabitEthernet 0/0/1
ip add 192.168.60.1 24 SW6:
vlan 60
interface vlan 60
ip add 192.168.60.2 24
interface GigabitEthernet 0/0/7
port link-type access
port default vlan 60
ping 192.168.60.1 //测试 AR2:
interface GigabitEthernet 0/0/0
ip add 192.168.70.1 24 SW5:
vlan 70
interface vlan 70
ip add 192.168.70.2 24
interface GigabitEthernet 0/0/8
port link-type access
port default vlan 70
ping 192.168.70.1 //测试 AR2:
interface GigabitEthernet 0/0/1
ip add 192.168.80.1 24 SW6
vlan 80
interface vlan 80
ip add 192.168.80.2 24
interface GigabitEthernet 0/0/8
port link-type access
port default vlan 80
ping 192.168.80.1 //测试 display ip interface brief
https://i-blog.csdnimg.cn/direct/44d06853d38e43f5b1c581d028be23c0.png
display ip interface brief
https://i-blog.csdnimg.cn/direct/69709f643f854515a7497ef9a5b91762.png
display ip interface brief
https://i-blog.csdnimg.cn/direct/edcc04cbab4240eba453522261655ea9.png
display ip interface brief
https://i-blog.csdnimg.cn/direct/ebff0edf5d574c95823b7b9a9f473811.png
步骤9:设置OSPF动态路由协议
SW5:
ospf
area 0
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
network 192.168.30.0 0.0.0.255
network 192.168.40.0 0.0.0.255
network 192.168.50.0 0.0.0.255
network 192.168.70.0 0.0.0.255 SW6:
ospf
area 0
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
network 192.168.30.0 0.0.0.255
network 192.168.40.0 0.0.0.255
network 192.168.60.0 0.0.0.255
network 192.168.80.0 0.0.0.255 AR1:
ospf
area 0
network 192.168.50.0 0.0.0.255
network 192.168.60.0 0.0.0.255 AR2:
ospf
area 0
network 192.168.70.0 0.0.0.255
network 192.168.80.0 0.0.0.255
display ip routing-table | include /24 https://i-blog.csdnimg.cn/direct/2956db4aff95433eb4dfd4d67d6ee33d.png
display ip routing-table | include /24 https://i-blog.csdnimg.cn/direct/4ec7385339d7417ba1ad2b4a7b7a70c5.png
步骤10:模拟外网情况,设置相干IP
SW7:
sysname sw7
interface Vlanif 1
ip add 100.0.0.10 8 AR1:
interface GigabitEthernet 0/0/2
ip add 100.0.0.1 8 AR2:
interface GigabitEthernet 0/0/2
ip add 100.0.0.2 8 步骤11:设置静态默认路由及宣告默认路由
AR1:
ip route-static 0.0.0.0 0 100.0.0.10 //配置静态默认路由,指定下一跳
ospf
default-route-advertise //宣告默认路由 display ip routing-table https://i-blog.csdnimg.cn/direct/82472f27ebe94a529a7799f8991b24b9.png
display ip routing-table //三层交换机通过宣告学习到默认路由 https://i-blog.csdnimg.cn/direct/c2a917cdab9f41a491af44af58b26cee.png
AR2:
ip route-static 0.0.0.0 0 100.0.0.10 //配置静态默认路由,指定下一跳
ospf
default-route-advertise //宣告默认路由 display ip routing-table https://i-blog.csdnimg.cn/direct/9d86387dedc44af79fd1dde82dad40b8.png
display ip routing-table //三层交换机通过宣告学习到默认路由 https://i-blog.csdnimg.cn/direct/c8b6de6c7b0e47148df50d17f8b28a62.png
步骤12:设置NAT-Easy IP方式地址转换
acl 2000
rule permit source any
quit
interface GigabitEthernet 0/0/2
nat outbound 2000
acl 2000
rule permit source any
quit
interface GigabitEthernet 0/0/2
nat outbound 2000 步骤13:PING测试结果
回首:display
[*]display version //查询系统版本、硬件型号
[*]display current-configuration //检察大部门设置
[*]display vlan //检察VLAN信息
[*]display ip interface brief //检察IP接口设置( 管道过滤掩码为24:| include /24)
[*]display ip routing-table brief //检察完整路由表
[*]display acl all //检察所有ACL
[*]display vrrp brief //检察VRRP
小结:
本篇章节为【第二阶段】NETWORK-DAY6 的学习笔记,这篇笔记可以初步了解到 企业网络综合项目分析、大型企业网络搭建。
Tip:究竟两个人的智慧大于一个人的智慧,假如你不明白本章节的内容或需要相干笔记、视频,可私信小安,请不关键羞和回避,可以向他人讨教,花点时间直到你真正的明白
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]