网络工程 文档.docx
- 文档编号:4766586
- 上传时间:2022-12-08
- 格式:DOCX
- 页数:20
- 大小:21.75KB
网络工程 文档.docx
《网络工程 文档.docx》由会员分享,可在线阅读,更多相关《网络工程 文档.docx(20页珍藏版)》请在冰豆网上搜索。
网络工程文档
本人的网络工程实训报告
【实训背景】
该实训模拟了一个公司局域网的搭建,并将其连入广域网实现访问外网FTP服务器的实例。
另外在内网的路由器上做网络地址转换(NAT)实现了对内网访问外网。
同时利用路由器策略ACL规则对内网进行信息过滤。
【实训目的】
1.
掌握交换机port
vlan的配置,理解VLAN隔离的作用。
2.
掌握交换机TagVLAN的配置,理解相同VLAN主机通讯,不同VLAN主机隔离的特点。
3.
掌握端口聚合的配置方法,理解端口聚合的作用和特点。
4.
掌握三层交换机基本配置方法、掌握三层交换机VLAN路由的配置方法。
5.
掌握生成树协议的配置方法,理解生成树协议的作用和特点。
6.
掌握路由器广域网接口PPP协议的配置,掌握CHAP验证的配置方法。
7.
掌握RIP协议的配置方法。
8.
掌握OSPF协议的配置方法。
9.
掌握路由器上编号的标准IP访问列表规则及配置。
10.
掌握在路由器上对内网进行NAT转换配置。
11.
熟悉用Serv-U配置FTP服务器。
【实训地点】
实训楼四层机房
【实训时间】
2008.12.22-26
【实训合作人】
白文杰、张建奎
【实训设备】
MSR路由器2台、3600交换机1台、3100交换机2台、FTP服务器1台(自己搭建)、PC4台、直连线或交叉线若干。
【实训拓扑】
【实训内容】
一、实训步骤
1.
对S1交换机的配置:
[H3C]sysnameS1
[S1]vlan10
[S1-vlan10]q
[S1]vlan20
[S1-vlan20]q
[S1]vlan30
[S1-vlan30]q
[S1]vlan40
[S1-vlan40]q
[S1]intVlan-interface10
[S1-Vlan-interface10]ipadd192.168.1.124
[S1]intVlan-interface20
[S1-Vlan-interface20]ipadd172.16.1.124
[S1]intVlan-interface30
[S1-Vlan-interface30]ipadd192.168.2.124
[S1]intVlan-interface40
[S1-Vlan-interface40]ipadd192.168.3.124
[S1-Vlan-interface40]q
[S1]inte1/0/1
[S1-Ethernet1/0/1]portlink-typetrunk
[S1-Ethernet1/0/1]porttrunkpermitvlanall
[S1-Ethernet1/0/1]inte1/0/2
[S1-Ethernet1/0/2]portlink-typetrunk
[S1-Ethernet1/0/2]inte1/0/3
[S1-Ethernet1/0/3]portlink-typetrunk
[S1-Ethernet1/0/3]porttrunkpermitvlanall
[S1]link-aggregationgroup1modemanual
[S1]inte1/0/1
[S1-Ethernet1/0/1]portlink-aggregationgroup1
[S1-Ethernet1/0/1]inte1/0/2
[S1-Ethernet1/0/2]portlink-aggregationgroup1
[S1]stpenable
[S1]stpmodestp
[S1]rip
[S1-rip]network192.168.1.0
[S1-rip]network172.16.1.0
[S1-rip]network192.168.2.0
[S1-rip]network192.168.3.0
[S1]inte1/0/24
[S1-Ethernet1/0/24]portaccessvlan40
[S1]intVlan-interface40
[S1-Vlan-interface40]rip
[S1-Vlan-interface40]ripversion2multicast
2.
对S2交换机的配置:
[H3C]sysnameS2
[S2]vlan10
[S2-vlan10]porte1/0/1
[S2]vlan20
[S2-vlan20]porte1/0/2
[S2-vlan20]stpen
[S2]stpmodestp
[S2]inte1/0/3
[S2-Ethernet1/0/3]portlink-typetrunk
[S2-Ethernet1/0/3]porttrunkpermitvlanall
[S2-Ethernet1/0/3]inte1/0/4
[S2-Ethernet1/0/4]portlink-typetrunk
[S2-Ethernet1/0/4]porttrunkpermitvlanall
[S2]link-aggregationgroup1modemanual
[S2]inte1/0/3
[S2-Ethernet1/0/3]portlink-aggregationgroup1
[S2-Ethernet1/0/3]inte1/0/4
[S2-Ethernet1/0/4]portlink-aggregationgroup1
[S2-Ethernet1/0/4]inte1/0/5
[S2-Ethernet1/0/5]portlink-typetrunk
[S2-Ethernet1/0/5]porttrunkpermitvlanall
3.
对S2交换机的配置:
[H3C]sysnameS3
[S3]vlan20
[S3-vlan20]porte1/0/1
[S3-vlan20]vlan30
[S3-vlan30]porte1/0/2
[S3]inte1/0/3
[S3-Ethernet1/0/3]portlink-typetrunk
[S3-Ethernet1/0/3]porttrunkper
[S3-Ethernet1/0/3]porttrunkpermitvlanall
[S3-Ethernet1/0/3]inte1/0/4
[S3-Ethernet1/0/4]portlink-typetrunk
[S3-Ethernet1/0/4]porttrunkpermitvlanall
[S3]stpenable
[S3]stpmodestp
4.
对R1路由器的配置:
[H3C]sysnameR1
[R1]inte0/0
[R1-Ethernet0/0]ipadd192.168.3.224
[R1]ints1/0
[R1-Serial1/0]ipadd222.199.1.224
[R1]intLoopBack1
[R1-LoopBack1]ipadd1.1.1.132
[R1]local-userr2
[R1-luser-r2]passwordsimple456
[R1-luser-r2]service-typeppp
[R1]ints1/0
[R1-Serial1/0]pppchapuserr1
[R1-Serial1/0]pppchappasswordsimple123
[R1-Serial1/0]pppauthentication-modechap
[R1]rip
[R1-rip-1]network192.168.3.0
[R1-rip-1]network1.1.1.1
[R1]inte0/0
[R1-Ethernet0/0]ripversion2multicast
[R1]ospf1
[R1-ospf-1]area0
[R1-ospf-1-area-0.0.0.0]network222.199.1.00.0.0.255
[R1-ospf-1]import-routedirectcost2
[R1-ospf-1]import-routerip
[R1]rip
[R1-rip-1]import-routedirectcost2
[R1-rip-1]import-routeospf
[R1-rip-1]q
[R1]aclnumber2000
[R1-acl-basic-2000]rule0permitsourceany
[R1]ints1/0
[R1-Serial1/0]natoutbound2000
[R1]aclnumber3000
[R1-acl-adv-3000]rule0permiticmpsource192.168.1.20.0.0.255destinationany
[R1-acl-adv-3000]rule1denyicmpsourceany
[R1-acl-adv-3000]rule2permittcpsourceanydestination10.1.7.20.0.0.0destination-porteqftp
[R1-Ethernet0/0]firewallpacket-filter3000inbound
5.
对R2路由器的配置:
[H3C]sysnameR2
[R2]inte0/0
[R2-Ethernet0/0]ipadd172.16.2.124
[R2-Ethernet0/0]ints1/0
[R2-Serial1/0]ipadd222.199.1.124
[R2]intLoopBack1
[R2-LoopBack1]ipadd2.2.2.232
[R2]local-userr1
[R2-luser-r1]passwordsimple123
[R2-luser-r1]service-typeppp
[R2-Serial1/0]pppchapuserr2
[R2-Serial1/0]pppchappasswordsimple456
[R2-Serial1/0]pppauthentication-modechap
[R2]ospf1
[R2-ospf-1]area0
[R2-ospf-1-area-0.0.0.0]network222.199.1.00.0.0.255
[R2-ospf-1-area-0.0.0.0]network2.2.2.20.0.0.0
[R2-ospf-1-area-0.0.0.0]network172.16.2.00.0.0.255
6.
对FTP服务器的配置:
首先安装好Serv-U,并设置好域名NET,IP为172.16.2.2/24。
然后创建用户:
net-yml密码:
yml,最后为用户添加文件夹e:
\yml(yml目录下放置1.txt)并设置用户权限为可读。
7.
对各PC机的IP地址设置:
PC1:
192.168.1.2/24
PC2:
172.16.1.2/24
PC3:
172.16.1.3/24
PC4:
192.168.2.2/24
二、实训数据
1.
S1的配置相关信息:
RoutingTable:
publicnet
Destination/Mask
ProtocolPre
Cost
Nexthop
Interface
1.1.1.1/32
RIP
100
1
192.168.3.2
Vlan-interface40
127.0.0.0/8
DIRECT
0
0
127.0.0.1
InLoopBack0
127.0.0.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
172.16.1.0/24
DIRECT
0
0
172.16.1.1
Vlan-interface20
172.16.1.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
172.16.2.0/24
RIP
100
1
192.168.3.2
Vlan-interface40
192.168.1.0/24
DIRECT
0
0
192.168.1.1
Vlan-interface10
192.168.1.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
192.168.2.0/24
DIRECT
0
0
192.168.2.1
Vlan-interface30
192.168.2.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
192.168.3.0/24
DIRECT
0
0
192.168.3.1
Vlan-interface40
192.168.3.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
222.199.1.0/24
RIP
100
3
192.168.3.2
Vlan-interface40
222.199.1.1/32
RIP
100
3
192.168.3.2
Vlan-interface40
#
sysnameS1
#
link-aggregationgroup1modemanual
#
radiusschemesystem
#
domainsystem
#
stpmodestp
stpinstance0priority0
stpenable
#
vlan1
#
vlan10
#
vlan20
#
vlan30
#
vlan40
#
interfaceVlan-interface10
ipaddress192.168.1.1255.255.255.0
#
interfaceVlan-interface20
ipaddress172.16.1.1255.255.255.0
#
interfaceVlan-interface30
ipaddress192.168.2.1255.255.255.0
#
interfaceVlan-interface40
ipaddress192.168.3.1255.255.255.0
ripversion2multicast
#
interfaceAux1/0/0
#
interfaceEthernet1/0/1
portlink-typetrunk
porttrunkpermitvlanall
portlink-aggregationgroup1
#
interfaceEthernet1/0/2
portlink-typetrunk
porttrunkpermitvlanall
portlink-aggregationgroup1
#
interfaceEthernet1/0/3
portlink-typetrunk
porttrunkpermitvlanall
#
interfaceEthernet1/0/24
portaccessvlan40
#
interfaceNULL0
#
rip
undosummary
network192.168.1.0
network192.168.2.0
network192.168.3.0
network172.16.0.0
#
return
2.
S2的配置相关信息:
#
sysnameS2
#
link-aggregationgroup1modemanual
#
radiusschemesystem
#
domainsystem
#
stpmodestp
stpenable
#
vlan1
#
vlan10
#
vlan20
#
interfaceAux1/0/0
#
interfaceEthernet1/0/1
portaccessvlan10
#
interfaceEthernet1/0/2
portaccessvlan20
#
interfaceEthernet1/0/3
portlink-typetrunk
porttrunkpermitvlanall
portlink-aggregationgroup1
#
interfaceEthernet1/0/4
portlink-typetrunk
porttrunkpermitvlanall
portlink-aggregationgroup1
#
interfaceEthernet1/0/5
portlink-typetrunk
porttrunkpermitvlanall
#
interfaceNULL0
return
3.
S3的配置相关信息:
#
sysnameS3
#
stpmodestp
stpenable
#
vlan1
#
vlan20
#
vlan30
#
interfaceEthernet1/0/1
portaccessvlan20
#
interfaceEthernet1/0/2
portaccessvlan30
#
interfaceEthernet1/0/3
portlink-typetrunk
porttrunkpermitvlanall
#
interfaceEthernet1/0/4
portlink-typetrunk
porttrunkpermitvlanall
#
interfaceNULL0
#
return
4.
R1的配置相关信息:
[R1]discu
#
sysnameR1
#
firewallenable
#
domaindefaultenablesystem
#
vlan1
#
local-userR2
passwordsimple123
service-typeppp
#
aclnumber2000
rule0permit
#
aclnumber3000
rule0permiticmpsource192.168.1.20destination172.16.2.20
rule1denyicmpdestination172.16.2.20
#
interfaceAux0
asyncmodeflow
link-protocolppp
#
interfaceEthernet0/0
portlink-moderoute
firewallpacket-filter3000inbound
ipaddress192.168.3.2255.255.255.0
ripversion2multicast
#
interfaceEthernet0/1
portlink-moderoute
#
interfaceSerial1/0
link-protocolppp
pppauthentication-modechap
pppchapuserR1
pppchappasswordsimple456
natoutbound2000
ipaddress222.199.1.2255.255.255.0
#
interfaceSerial3/0
link-protocolppp
#
interfaceNULL0
#
interfaceLoopBack1
ipaddress1.1.1.1255.255.255.255
#
ospf1
import-routedirectcost2
import-routerip1
area0.0.0.0
network222.199.1.00.0.0.255
#
rip1
undosummary
network192.168.3.0
network1.0.0.0
import-routedirectcost2
import-routeospf1
#
return
[R1]disnatoutbound
NAToutboundinformation:
Therearecurrently1natoutboundrule(s)
Serial1/0:
acl(2000)---interface
[R1]disaclall
BasicACL
2000,1rule,
ACL'sstepis5
rule0permit(1timesmatched)
AdvancedACL
3000,2rules,
ACL'sstepis5
rule0permiticmpsource192.168.1.20destination172.16.2.20(36timesmatched)
rule1denyicmpdestination172.16.2.20(4timesmatched)
[R1]disiprouting-table
RoutingTables:
Public
Destinations:
12
Routes:
12
Destination/Mask
Proto
Pre
Cost
NextHop
Interface
1.1.1.1/32
Direct0
0
127.0.0.1
InLoop0
127.0.0.0/8
Direct0
0
127.0.0.1
InLoop0
127.0.0.1/32
Direct0
0
127.0.0.1
InLoop0
172.16.1.0/24
RIP
100
1
192.168.3.1
Eth0/0
172.16.2.0/24
OS
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 网络工程 文档