Linux云计算 |【第二阶段】NETWORK-DAY6

渣渣兔  金牌会员 | 2024-8-17 14:19:27 | 显示全部楼层 | 阅读模式
打印 上一主题 下一主题
楼主

主题 846|帖子 846|积分 2538

主要内容:

企业网络综合项目分析、大型企业网络搭建

项目案例1

一家网络公司,有若干服务器,通过NAT技术将业务服务器与Internet互联;已有技术:


  • ① 默认路由:实现到互联网数以万计网络访问的简化设置;
  • ② 静态路由:路由器与三层互换间设置静态路由;
  • ③ NAT:将业务服务器与Internet互联;

1)现有网络情况标题分析:


  • 接入层互换机只与同一个ie三层互换机互联,存在单点故障而影响网络通讯;
2)项目需求:


  • 为进步主机对本公私网络服务访问的可靠性,需要使用许多的冗余技术;
  • 为了保证局域网络高可靠使用了网状拓扑;
  • 为了保证服务器不会由于使用单一网关而出现的单点失败影响网络通讯需要网关冗余;
  • 为了保证到互联网的高可用接入需要使用了冗余互联网连接;
3)解决方案:


  • OSPF路由协议:实现网络路径的自动学习;
  • VRRP虚拟路由冗余协议:实现冗余网关;

1、网络拓扑


 
2、整体思路

1.设置主机IP:
   PC1:192.168.10.1 /24 192.168.10.254(VRRP)
  PC2:192.168.20.1 /24 192.168.20.254(VRRP)
  PC3:192.168.30.1 /24 192.168.30.254(VRRP)
  PC4:192.168.40.1 /24 192.168.40.254(VRRP)
  PC5:192.168.40.2 /24 192.168.40.254(VRRP)
  2.设置二层互换机:


  • ① 设置4个互换机的VLAN(10、20、30、40)
  • ② 设置互换机下层,VLAN对应相应的接口,Type范例为Access;
  • ③ 设置互换机上层,2个G接口范例到场Trunk;
3.设置三层互换机:


  • ① 设置2个三层互换机的VLAN(10、20、30、40)
  • ② 设置三层互换机连接二层互换机的接口为Trunk;
  • ③ 设置2个三层互换机的VLAN虚拟接口;
  • ④ 设置三层互换机之间的接口为ETH-TRUNK聚合链路;
  • ⑤ 设置VRRP协议,设置虚拟网关;
4.设置路由器:


  • ① 设置端口IP;
  • ② 设置三层互换机VLAN虚拟接口并对应到相应接口上,VLAN(50、60、70、80)
  • ③ 设置OSPF协议
5.模拟外网情况:


  • ① 设置相干IP(SW7、路由器)
  • ② 设置静态默认路由及宣告
  • ③ 设置NAT-EasyIP模式实现NAT转换

3、设置步骤

步骤1:设置二层互换机,修改主机名并创建vlan10、20、30、40
  1. [Huawei]sysname sw1
  2. [sw1]
  3. [sw1] vlan batch 10 20 30 40
  4. [sw1] displan vlan
  5.  
  6. [Huawei]sysname sw2
  7. [sw2]
  8. [sw2] vlan batch 10 20 30 40
  9. [sw2] displan vlan
  10.  
  11. [Huawei]sysname sw3
  12. [sw3]
  13. [sw3] vlan batch 10 20 30 40
  14. [sw3] displan vlan
  15.  
  16. [Huawei]sysname sw4
  17. [sw4]
  18. [sw4] vlan batch 10 20 30 40
  19. [sw4] displan vlan
复制代码
步骤2:设置二层互换机端口并到场对应VLAN
  1. [sw1]interface Ethernet 0/0/1
  2. [sw1-Ethernet0/0/1]port link-type access
  3. [sw1-Ethernet0/0/1]port default vlan 10
  4.  
  5. [sw2]interface Ethernet 0/0/1
  6. [sw2-Ethernet0/0/1]port link-type access
  7. [sw2-Ethernet0/0/1]port default vlan 20
  8.  
  9. [sw3]interface Ethernet 0/0/1
  10. [sw3-Ethernet0/0/1]port link-type access
  11. [sw3-Ethernet0/0/1]port default vlan 30
  12.  
  13. [sw4]interface Ethernet 0/0/1
  14. [sw4-Ethernet0/0/1]port link-type access
  15. [sw4-Ethernet0/0/1]port default vlan 40
  16. [sw4]interface Ethernet 0/0/2
  17. [sw4-Ethernet0/0/1]port link-type access
  18. [sw4-Ethernet0/0/1]port default vlan 40
复制代码
步骤3:设置二层互换机千兆口端口范例为Trunk
  1. [sw1] port-group 1
  2. [sw1-port-group-1] group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
  3. [sw1-port-group-1] port link-type trunk
  4. [sw1-port-group-1] port trunk allow-pass vlan all
复制代码

  1. [sw2] port-group 1
  2. [sw2-port-group-1] group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
  3. [sw2-port-group-1] port link-type trunk
  4. [sw2-port-group-1] port trunk allow-pass vlan all
复制代码

  1. [sw3] port-group 1
  2. [sw3-port-group-1] group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
  3. [sw3-port-group-1] port link-type trunk
  4. [sw3-port-group-1] port trunk allow-pass vlan all
复制代码

  1. [sw4] port-group 1
  2. [sw4-port-group-1] group-member GigabitEthernet 0/0/1 GigabitEthernet 0/0/2
  3. [sw4-port-group-1] port link-type trunk
  4. [sw4-port-group-1] port trunk allow-pass vlan all
复制代码

步骤4:设置三层互换机,修改主机名及创建VLAN及接口范例为Trunk
  1. [Huawei]sysname sw5
  2. [sw5]vlan batch 10 20 30 40
  3. [sw5]port-group 1
  4. [sw5-port-group-1]group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4
  5. [sw5-port-group-1]port link-type trunk
  6. [sw5-port-group-1]port trunk allow-pass vlan all
  7.  
  8. [Huawei]sysname sw6
  9. [sw6]vlan batch 10 20 30 40
  10. [sw6]port-group 1
  11. [sw6-port-group-1]group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4
  12. [sw6-port-group-1]port link-type trunk
  13. [sw6-port-group-1]port trunk allow-pass vlan all
复制代码
步骤5:设置三层互换机聚合链路
  1. [sw5]interface Eth-Trunk 1
  2. [sw5-Eth-Trunk1]trunkport GigabitEthernet 0/0/5 0/0/6
  3. [sw5-Eth-Trunk1]port link-type trunk
  4. [sw5-Eth-Trunk1]port trunk allow-pass vlan all
复制代码

  1. [sw6]interface Eth-Trunk 1
  2. [sw6-Eth-Trunk1]trunkport GigabitEthernet 0/0/5 0/0/6
  3. [sw6-Eth-Trunk1]port link-type trunk
  4. [sw6-Eth-Trunk1]port trunk allow-pass vlan all
复制代码

步骤6:设置三层互换机虚拟接口
  1. [sw5]inter vlan10
  2. [sw5-Vlanif10]ip add 192.168.10.252 24
  3. [sw5-Vlanif10]inter vlan20
  4. [sw5-Vlanif20]ip add 192.168.20.252 24
  5. [sw5-Vlanif20]inter vlan30
  6. [sw5-Vlanif30]ip add 192.168.30.252 24
  7. [sw5-Vlanif30]inter vlan40
  8. [sw5-Vlanif40]ip add 192.168.40.252 24
  9. [sw5-Vlanif40]display ip interface brief
复制代码

  1. [sw6]inter vlan10
  2. [sw6-Vlanif10]ip add 192.168.10.253 24
  3. [sw6-Vlanif10]inter vlan20
  4. [sw6-Vlanif20]ip add 192.168.20.253 24
  5. [sw6-Vlanif20]inter vlan30
  6. [sw6-Vlanif30]ip add 192.168.30.253 24
  7. [sw6-Vlanif30]inter vlan40
  8. [sw6-Vlanif40]ip add 192.168.40.253 24
  9. [sw6-Vlanif40]display ip interface brief
复制代码

步骤7:设置VRRP虚拟冗余协议,添加虚拟网关
  1. [sw5]interface Vlanif 10
  2. [sw5-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
  3. [sw5-Vlanif10]vrrp vrid 10 priority 105
  4. [sw5-Vlanif10]inter vlan 20
  5. [sw5-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
  6. [sw5-Vlanif20]vrrp vrid 20 priority 105
  7. [sw5-Vlanif20]inter vlan 30
  8. [sw5-Vlanif30]vrrp vrid 30 virtual-ip 192.168.30.254
  9. [sw5-Vlanif30]inter vlan 40
  10. [sw5-Vlanif40]vrrp vrid 40 virtual-ip 192.168.40.254
复制代码

  1. [sw6]interface Vlanif 10
  2. [sw6-Vlanif10]vrrp vrid 10 virtual-ip 192.168.10.254
  3. [sw6-Vlanif10]inter vlan 20
  4. [sw6-Vlanif20]vrrp vrid 20 virtual-ip 192.168.20.254
  5. [sw6-Vlanif20]inter vlan 30
  6. [sw6-Vlanif30]vrrp vrid 30 virtual-ip 192.168.30.254
  7. [sw6-Vlanif30]vrrp vrid 30 priority 105
  8. [sw6-Vlanif30]inter vlan 40
  9. [sw6-Vlanif40]vrrp vrid 40 virtual-ip 192.168.40.254
  10. [sw6-Vlanif40]vrrp vrid 40 priority 105
复制代码

步骤8:设置路由器IP地址
AR1:
  1. [ar1]interface GigabitEthernet 0/0/0
  2. [ar1-GigabitEthernet0/0/0]ip add 192.168.50.1 24
复制代码
SW5:
  1. [sw5]vlan 50
  2. [sw5]interface vlan 50
  3. [sw5-Vlanif50]ip add 192.168.50.2 24
  4. [sw5]interface GigabitEthernet 0/0/7
  5. [sw5-GigabitEthernet0/0/7]port link-type access
  6. [sw5-GigabitEthernet0/0/7]port default vlan 50
  7. [sw5]ping 192.168.50.1    //测试
复制代码
AR1:
  1. [ar1]interface GigabitEthernet 0/0/1
  2. [ar1-GigabitEthernet0/0/0]ip add 192.168.60.1 24
复制代码
SW6:
  1. [sw6]vlan 60
  2. [sw6]interface vlan 60
  3. [sw6-Vlanif60]ip add 192.168.60.2 24
  4. [sw6]interface GigabitEthernet 0/0/7
  5. [sw6-GigabitEthernet0/0/7]port link-type access
  6. [sw6-GigabitEthernet0/0/7]port default vlan 60
  7. [sw6]ping 192.168.60.1    //测试
复制代码
AR2:
  1. [ar2]interface GigabitEthernet 0/0/0
  2. [ar2-GigabitEthernet0/0/0]ip add 192.168.70.1 24
复制代码
SW5:
  1. [sw5]vlan 70
  2. [sw5]interface vlan 70
  3. [sw5-Vlanif70]ip add 192.168.70.2 24
  4. [sw5]interface GigabitEthernet 0/0/8
  5. [sw5-GigabitEthernet0/0/8]port link-type access
  6. [sw5-GigabitEthernet0/0/8]port default vlan 70
  7. [sw5]ping 192.168.70.1    //测试
复制代码
AR2:
  1. [ar2]interface GigabitEthernet 0/0/1
  2. [ar2-GigabitEthernet0/0/0]ip add 192.168.80.1 24
复制代码
SW6
  1. [sw6]vlan 80
  2. [sw6]interface vlan 80
  3. [sw6-Vlanif80]ip add 192.168.80.2 24
  4. [sw6]interface GigabitEthernet 0/0/8
  5. [sw6-GigabitEthernet0/0/8]port link-type access
  6. [sw6-GigabitEthernet0/0/8]port default vlan 80
  7. [sw6]ping 192.168.80.1    //测试
复制代码
[ar1] display ip interface brief

[ar2] display ip interface brief

[sw5] display ip interface brief

[sw6] display ip interface brief

步骤9:设置OSPF动态路由协议
SW5:
  1. [sw5]ospf
  2. [sw5-ospf-1]area 0
  3. [sw5-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
  4. [sw5-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
  5. [sw5-ospf-1-area-0.0.0.0]network 192.168.30.0 0.0.0.255
  6. [sw5-ospf-1-area-0.0.0.0]network 192.168.40.0 0.0.0.255
  7. [sw5-ospf-1-area-0.0.0.0]network 192.168.50.0 0.0.0.255
  8. [sw5-ospf-1-area-0.0.0.0]network 192.168.70.0 0.0.0.255
复制代码
SW6:
  1. [sw6]ospf
  2. [sw6-ospf-1]area 0
  3. [sw6-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
  4. [sw6-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
  5. [sw6-ospf-1-area-0.0.0.0]network 192.168.30.0 0.0.0.255
  6. [sw6-ospf-1-area-0.0.0.0]network 192.168.40.0 0.0.0.255
  7. [sw6-ospf-1-area-0.0.0.0]network 192.168.60.0 0.0.0.255
  8. [sw6-ospf-1-area-0.0.0.0]network 192.168.80.0 0.0.0.255
复制代码
AR1:
  1. [ar1]ospf
  2. [ar1-ospf-1]area 0
  3. [ar1-ospf-1-area-0.0.0.0]network 192.168.50.0 0.0.0.255
  4. [ar1-ospf-1-area-0.0.0.0]network 192.168.60.0 0.0.0.255
复制代码
AR2:
  1. [ar2]ospf
  2. [ar2-ospf-1]area 0
  3. [ar2-ospf-1-area-0.0.0.0]network 192.168.70.0 0.0.0.255
  4. [ar2-ospf-1-area-0.0.0.0]network 192.168.80.0 0.0.0.255
复制代码

  1. [ar1] display ip routing-table | include /24
复制代码

  1. [ar2] display ip routing-table | include /24
复制代码

步骤10:模拟外网情况,设置相干IP
SW7:
  1. [Huawei]sysname sw7
  2. [sw7]interface Vlanif 1
  3. [sw7-Vlanif1]ip add 100.0.0.10 8
复制代码
AR1:
  1. [ar1]interface GigabitEthernet 0/0/2
  2. [ar1-GigabitEthernet0/0/2]ip add 100.0.0.1 8
复制代码
AR2:
  1. [ar2]interface GigabitEthernet 0/0/2
  2. [ar2-GigabitEthernet0/0/2]ip add 100.0.0.2 8
复制代码
步骤11:设置静态默认路由及宣告默认路由
AR1:
  1. [ar1]ip route-static 0.0.0.0 0 100.0.0.10      //配置静态默认路由,指定下一跳
  2. [ar1]ospf
  3. [ar1-ospf-1]default-route-advertise       //宣告默认路由
复制代码
  1. [ar1-ospf-1]display ip routing-table
复制代码

  1. [sw5]display ip routing-table      //三层交换机通过宣告学习到默认路由
复制代码

AR2:
  1. [ar2]ip route-static 0.0.0.0 0 100.0.0.10     //配置静态默认路由,指定下一跳
  2. [ar2]ospf
  3. [ar2-ospf-1]default-route-advertise       //宣告默认路由
复制代码
  1. [ar2-ospf-1]display ip routing-table
复制代码

  1. [sw6]display ip routing-table      //三层交换机通过宣告学习到默认路由
复制代码


步骤12:设置NAT-Easy IP方式地址转换
  1. [ar1]acl 2000
  2. [ar1-acl-basic-2000]rule permit source any
  3. [ar1-acl-basic-2000]quit
  4. [ar1]interface GigabitEthernet 0/0/2
  5. [ar1-GigabitEthernet0/0/2]nat outbound 2000
  6.  
  7. [ar2]acl 2000
  8. [ar2-acl-basic-2000]rule permit source any
  9. [ar2-acl-basic-2000]quit
  10. [ar2]interface GigabitEthernet 0/0/2
  11. [ar2-GigabitEthernet0/0/2]nat outbound 2000
复制代码
步骤13:PING测试结果

回首:display


  • display version    //查询系统版本、硬件型号 
  • display current-configuration       //检察大部门设置
  • display vlan    //检察VLAN信息
  • display ip interface brief    //检察IP接口设置( 管道过滤掩码为24:| include /24)
  • display ip routing-table brief     //检察完整路由表
  • display acl all    //检察所有ACL
  • display vrrp brief    //检察VRRP

小结:

本篇章节为【第二阶段】NETWORK-DAY6 的学习笔记,这篇笔记可以初步了解到 企业网络综合项目分析、大型企业网络搭建。
Tip:究竟两个人的智慧大于一个人的智慧,假如你不明白本章节的内容或需要相干笔记、视频,可私信小安,请不关键羞和回避,可以向他人讨教,花点时间直到你真正的明白

免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
回复

使用道具 举报

0 个回复

倒序浏览
返回列表

快速回复

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 or 立即注册

本版积分规则

渣渣兔

金牌会员
这个人很懒什么都没写!

楼主热帖

标签云

挺好的 服务器
微信订阅号
微信服务号
微信客服
小程序
H5
关于我们 商务合作 网站地图
©Copyright 2022-2024 杭州祥升科技有限公司 版权所有 浙ICP备20004199号
快速回复 返回顶部 返回列表