詳細配置公司內部網絡環境步驟
案例1:配置目前網絡環境 案例2:項目階段練習
1 案例1:配置目前網絡環境
1.1 問題web
一家新建立的IT公司,公司位於北京有80多臺服務器服務器
目前網絡環境使用技術,經過端口映射技術將web服務器發佈給Internet:網絡
三層交換:匯聚接入層交換機 默認路由:實現到互聯網數以萬計網絡訪問的簡化配置 靜態路由:實現公司內部網絡互通 NAT端口映射:實現企業內部Web服務器的發佈
1.2 方案tcp
經過端口映射技術將web服務器發佈給Internet,公司現有網絡環境拓撲如圖-1所示:
圖-1ide
現有網絡鏈接說明如表-1所示:學習
表-1 網絡鏈接說明
1.3 步驟測試
實現此案例須要按照以下步驟進行。spa
步驟一:根據表-1爲設備配置IP地址,併爲三層交換機開啓路由功能code
1)MS1配置vlan1與f0/1接口的IP地址並開啓路由功能orm
Switch(config)#hostname MS1 MS1(config)#ip routing MS1(config)#interface vlan 1 MS1(config-if)#ip address 192.168.1.252 255.255.255.0 MS1(config-if)#no shutdown MS1(config-if)#exit MS1(config-if)#interface fastEthernet 0/1 MS1(config-if)#no switchport MS1(config-if)#ip address 192.168.2.1 255.255.255.0 MS1(config-if)#no shutdown
步驟二:爲路由器配置IP地址,添加接口模塊
1)爲路由器添加接口模塊並進入路由器接口配置IP地址
Router(config)#hostname R1 R1(config)#interface fastEthernet 0/0 R1(config-if)#ip address 192.168.2.2 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#interface fastEthernet 1/0 R1(config-if)#ip address 61.159.62.129 255.255.255.248 R1(config-if)#no shutdown
步驟三:配置MS1和路由器的靜態路由
MS1(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.2.2 R1(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1
步驟四:測試server1與R1接口IP的連通性
PC>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
Reply from 192.168.2.2: bytes=32 time=1ms TTL=254
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
PC>ping 61.159.62.129
Pinging 61.159.62.129 with 32 bytes of data:
Reply from 61.159.62.129: bytes=32 time=1ms TTL=254
Reply from 61.159.62.129: bytes=32 time=0ms TTL=254
Reply from 61.159.62.129: bytes=32 time=2ms TTL=254
Reply from 61.159.62.129: bytes=32 time=0ms TTL=254
Ping statistics for 61.159.62.129:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 2ms, Average = 0ms
步驟五:R1配置端口映射
R1(config)#ip nat inside source static tcp 192.168.1.8 80 61.159.62.131 80 R1(config)#interface fastEthernet 0/0 R1(config-if)#ip nat inside R1(config)#interface f1/0 R1(config-if)#ip nat outside
步驟六:在PC7上查看是映射結果,如圖-2所示
圖-2
2 案例2:項目階段練習
2.1 問題
現有網絡問題分析:
接入層交換機只與同一個三層交換機相連,存在單點故障而影響網絡通訊。 互聯網鏈接單一服務商
現有網絡需求:
隨着企業發展,爲了保證網絡的高可用性,須要使用不少的冗餘技術。 保證局域網絡不會由於線路故障而致使的網絡故障。 保證客戶端機器不會由於使用單一網關而出現的單點失敗。 保證到互聯網的高可用接入使用冗餘互聯網鏈接。 提升網絡鏈路帶寬。
2.2 方案
基於項目的需求,須要用到以下技術:
STP:解決二層環路帶來的廣播風暴並鏈路冗餘問題 以太網通道:提升網絡鏈路帶寬 RIP路由協議:實現網絡路徑的自動學習 HSRP:實現網關冗餘
從新規劃後的網絡拓撲如圖-3:
圖-3
從新規劃後網絡鏈接說明如表-2與表-3所示:
表-2 網絡鏈接說明
表-3 網絡鏈接說明(續)
2.3 步驟
實現此案例須要按照以下步驟進行。
步驟一:靜態路由升級動態路由。
1)R1刪除靜態路由並配置rip
R1(config)#no ip route 192.168.1.0 255.255.255.0 192.168.2.1 R1(config)#router rip R1(config-router)#version 2 R1(config-router)#no auto-summary R1(config-router)#network 192.168.2.0 R1(config-router)#default-information originate
2)MS1上刪除靜態路由並配置rip
MS1(config)#no ip route 0.0.0.0 0.0.0.0 192.168.2.2 MS1(config)#router rip MS1(config-router)#version 2 MS1(config-router)#no auto-summary MS1(config-router)#network 192.168.1.0 MS1(config-router)#network 192.168.2.0
3)在MS1上查看路由表
MS1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.2.2 to network 0.0.0.0 C 192.168.1.0/24 is directly connected, Vlan1 C 192.168.2.0/24 is directly connected, FastEthernet0/1 R* 0.0.0.0/0 [120/1] via 192.168.2.2, 00:00:01, FastEthernet0/1
步驟二:配置SW一、SW二、SW三、SW4與MS1的接口爲Trunk模式並作以太網通道。
1)SW一、SW二、SW三、SW4上作與MS1之間的trunk與以太網通道
Switch(config)#hostname SW1 SW1(config)#interface range fastEthernet 0/5-6 SW1(config-if-range)#switchport mode trunk SW1(config-if-range)#channel-group 1 mode on Switch(config)#hostname SW2 SW2(config)#interface range fastEthernet 0/7-8 SW2(config-if-range)#switchport mode trunk SW2(config-if-range)#channel-group 2 mode on Switch(config)#hostname SW3 SW3(config)#interface range fastEthernet 0/9-10 SW3(config-if-range)#switchport mode trunk SW3(config-if-range)#channel-group 3 mode on Switch(config)#hostname SW4 SW4(config)#interface range fastEthernet 0/11-12 SW4(config-if-range)#switchport mode trunk SW4(config-if-range)#channel-group 4 mode on
2)MS1與SW一、SW二、SW三、SW4之間作以太網通道並啓用trunk
MS1(config)#interface range fastEthernet 0/5-6
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#channel-group 1 mode on
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/7-8
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#channel-group 2 mode on
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/9-10
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#channel-group 3 mode on
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/11-12
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk on
MS1(config-if-range)#channel-group 4 mode on
步驟三:添加MS2並配置與MS一、SW一、SW二、SW三、SW4之間的太網通道。
1)在MS1上配置與MS2的以太網通道
MS1(config)#interface range fastEthernet 0/13-15 MS1(config-if-range)#channel-group 5 mode on MS1(config-if-range)#switchport trunk encapsulation dot1q MS1(config-if-range)#switchport mode trunk
2)在MS2並配置與MS一、SW一、SW二、SW三、SW4之間的太網通道
MS2(config)#interface range fastEthernet 0/10-12 MS2(config-if-range)#channel-group 5 mode on MS2(config-if-range)#switchport trunk encapsulation dot1q MS2(config-if-range)#switchport mode trunk MS2(config-if-range)#exit MS2(config)#interface range fastEthernet 0/2-3 MS2(config-if-range)#channel-group 1 mode on MS2(config-if-range)#switchport trunk encapsulation dot1q MS2(config-if-range)#switchport mode trunk MS2(config-if-range)#exit MS2(config)#interface range fastEthernet 0/4-5 MS2(config-if-range)#channel-group 2 mode on MS2(config-if-range)#switchport mode trunk MS2(config-if-range)#exit MS2(config)#interface range fastEthernet 0/6-7 MS2(config-if-range)#channel-group 3 mode on MS2(config-if-range)#switchport trunk encapsulation dot1q MS2(config-if-range)#switchport mode trunk MS2(config-if-range)#exit MS2(config)#interface range fastEthernet 0/8-9 MS2(config-if-range)#channel-group 4 mode on MS2(config-if-range)#switchport trunk encapsulation dot1q MS2(config-if-range)#switchport mode trunk
3)在MS1上查看以太網通道
MS1>show etherchannel port-channel Channel-group listing: ---------------------- Group: 1 ---------- Port-channels in the group: --------------------------- Port-channel: Po1 ------------ Age of the Port-channel = 00d:00h:05m:21s Logical slot/port = 2/1 Number of ports = 2 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Protocol = PAGP Port Security = Disabled Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa0/5 On 0 0 00 Fa0/6 On 0 Time since last port bundled: 00d:00h:05m:21s Fa0/6 Group: 2 ---------- Port-channels in the group: --------------------------- Port-channel: Po2 ------------ Age of the Port-channel = 00d:00h:05m:21s Logical slot/port = 2/2 Number of ports = 2 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Protocol = PAGP Port Security = Disabled Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa0/7 On 0 0 00 Fa0/8 On 0 Time since last port bundled: 00d:00h:05m:21s Fa0/8 Group: 3 ---------- Port-channels in the group: --------------------------- Port-channel: Po3 ------------ Age of the Port-channel = 00d:00h:05m:21s Logical slot/port = 2/3 Number of ports = 2 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Protocol = PAGP Port Security = Disabled Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa0/9 On 0 0 00 Fa0/10 On 0 Time since last port bundled: 00d:00h:05m:21s Fa0/10 Group: 4 ---------- Port-channels in the group: --------------------------- Port-channel: Po4 ------------ Age of the Port-channel = 00d:00h:05m:21s Logical slot/port = 2/4 Number of ports = 2 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Protocol = PAGP Port Security = Disabled Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa0/11 On 0 0 00 Fa0/12 On 0 Time since last port bundled: 00d:00h:05m:21s Fa0/12 Group: 5 ---------- Port-channels in the group: --------------------------- Port-channel: Po5 ------------ Age of the Port-channel = 00d:00h:08m:11s Logical slot/port = 2/5 Number of ports = 3 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Protocol = PAGP Port Security = Disabled Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa0/13 On 0 0 00 Fa0/14 On 0 0 00 Fa0/15 On 0 Time since last port bundled: 00d:00h:08m:11s Fa0/15
步驟四:MS1與MS2配置STP
1)在MS1和MS2上配置stp
MS1(config)#spanning-tree vlan 1 root primary MS2(config)#spanning-tree vlan 1 root secondary
2)在MS1和MS2上查看stp
MS1# show spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 24577 Address 0004.9A70.6B06 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 0004.9A70.6B06 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Po1 Desg FWD 9 128.27 Shr Po2 Desg FWD 9 128.28 Shr Po3 Desg FWD 9 128.29 Shr Po4 Desg FWD 9 128.30 Shr Po5 Desg FWD 8 128.31 Shr MS2#show spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 24577 Address 0004.9A70.6B06 Cost 8 Port 31(Port-channel 5) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 28673 (priority 28672 sys-id-ext 1) Address 0006.2A05.A2BA Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Po1 Desg FWD 9 128.27 Shr Po2 Desg FWD 9 128.28 Shr Po3 Desg FWD 9 128.29 Shr Po4 Desg FWD 9 128.30 Shr Po5 Root FWD 8 128.31 Shr
步驟五:HSRP配置
1)MS1配置HSRP
MS1(config)#interface vlan 1 MS1(config-if)#standby 1 ip 192.168.1.254 MS1(config-if)#standby 1 priority 200 MS1(config-if)#standby 1 preempt
2)MS2配置HSRP開啓路由功能
MS2(config)#ip routing MS2(config)#interface vlan 1 MS2(config)#ip address 192.168.1.253 255.255.255.0 MS2(config)#no shutdown MS2(config-if)#standby 1 ip 192.168.1.254 MS2(config-if)#standby 1 priority 195 MS2(config-if)#standby 1 preempt
3)配置MS1交換機的HSRP的端口跟蹤,關閉跟蹤接口,並在MS1和MS2上查看HSRP狀態
MS1(config)# MS1(config)#interface vlan 1 MS1(config-if)#standby 1 track fastEthernet 0/1 MS1(config-if)#exit MS1(config)#interface fastEthernet 0/1 MS1(config-if)#shutdown MS1#show standby brief P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Vl1 1 190 P Standby 192.168.1.253 local 192.168.1.254 MS2#show standby brief P indicates configured to preempt. Interface Grp Pri P State Active Standby Virtual IP Vl1 1 195 P Active local 192.168.1.252 192.168.1.254
步驟六:MS2鏈接R1並配置rip
1)爲R1與MS2相鏈接的接口配置IP地址 並配置rip
R1(config)#interface fastEthernet 0/24 R1(config-if)#ip address 192.168.3.2 255.255.255.0 R1(config-if)#exit R1(config)#router rip R1(config-router)# version 2 R1(config-router)#network 192.168.3.0 MS2(config-if)#exit MS2(config)#router rip MS2(config-router)#version 2 MS2(config-router)#no auto-summary MS2(config-router)#network 192.168.1.0
步驟七:添加路由器R2, 爲R2配置默認路由,R2與MS一、MS二、Internet相連併爲配置IP與動態路由
1)配置R2的IP地址、rip、默認路由。
Router(config)hostname R2 R2(config)#interface fastEthernet 0/0 R2(config-if)#ip address 192.168.4.2 255.255.255.0 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#interface fastEthernet 0/1 R2(config-if)#ip address 192.168.5.2 255.255.255.0 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#interface fastEthernet 1/0 R2(config-if)#ip address 61.159.62.130 255.255.255.248 R2(config-if)#no shutdown R2(config-if)#exit R2(config)ip route 0.0.0.0 0.0.0.0 fastEthernet 1/0 R2(config)#router rip R2(config-router)#version 2 R2(config-router)#no auto-summary R2(config-router)#network 192.168.4.0 R2(config-router)#network 192.168.5.0 R2(config-router)#default-information originate
2)MS2配置IP地址添加動態路由條目
MS2(config)#interface fastEthernet 0/1 MS2(config-if)#no switchport MS2(config-if)#ip address 192.168.4.1 255.255.255.0 MS2(config-if)#no shutdown MS2(config-if)#exit MS2(config)#router rip R2(config-router)#version 2 MS2(config-router)#network 192.168.4.0
3)MS1配置IP地址添加動態路由條目
MS1(config)#interface fastEthernet 0/24 MS1(config-if)#no switchport MS1(config-if)#ip address 192.168.5.1 255.255.255.0 MS1(config-if)#no shutdown MS1(config-if)#exit MS1(config)#router rip R2(config-router)#version 2 MS1(config-router)#network 192.168.5.0
4)在客戶端測試網絡的聯通性
SERVER>ipconfig FastEthernet0 Connection:(default port) Link-local IPv6 Address.........: FE80::201:96FF:FEA8:404B IP Address......................: 192.168.1.1 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 192.168.1.254 SERVER>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=0ms TTL=255 Reply from 192.168.2.1: bytes=32 time=0ms TTL=255 Reply from 192.168.2.1: bytes=32 time=0ms TTL=255 Reply from 192.168.2.1: bytes=32 time=0ms TTL=255 Ping statistics for 192.168.2.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms SERVER>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Reply from 192.168.3.1: bytes=32 time=0ms TTL=255 Reply from 192.168.3.1: bytes=32 time=0ms TTL=255 Reply from 192.168.3.1: bytes=32 time=0ms TTL=255 Reply from 192.168.3.1: bytes=32 time=0ms TTL=255 Ping statistics for 192.168.3.1: Packets: Sent = 4, Received = 2, Lost = 2 (50% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms SERVER>ping 192.168.4.1 Pinging 192.168.4.1 with 32 bytes of data: Reply from 192.168.4.1: bytes=32 time=1ms TTL=255 Reply from 192.168.4.1: bytes=32 time=0ms TTL=255 Reply from 192.168.4.1: bytes=32 time=0ms TTL=255 Reply from 192.168.4.1: bytes=32 time=0ms TTL=255 Ping statistics for 192.168.4.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 1ms, Average = 0ms SERVER>ping 192.168.5.1 Pinging 192.168.5.1 with 32 bytes of data: Reply from 192.168.5.1: bytes=32 time=1ms TTL=255 Reply from 192.168.5.1: bytes=32 time=1ms TTL=255 Reply from 192.168.5.1: bytes=32 time=1ms TTL=255 Reply from 192.168.5.1: bytes=32 time=0ms TTL=255 Ping statistics for 192.168.5.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 1ms, Average = 0ms SERVER>ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Reply from 192.168.2.2: bytes=32 time=1ms TTL=254 Reply from 192.168.2.2: bytes=32 time=1ms TTL=254 Reply from 192.168.2.2: bytes=32 time=11ms TTL=254 Reply from 192.168.2.2: bytes=32 time=0ms TTL=254 Ping statistics for 192.168.2.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 11ms, Average = 3ms SERVER>ping 192.168.3.2 Pinging 192.168.3.2 with 32 bytes of data: Reply from 192.168.3.2: bytes=32 time=0ms TTL=254 Reply from 192.168.3.2: bytes=32 time=0ms TTL=254 Reply from 192.168.3.2: bytes=32 time=1ms TTL=254 Reply from 192.168.3.2: bytes=32 time=0ms TTL=254 Ping statistics for 192.168.3.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 1ms, Average = 0ms
5)關閉MS1
MS1(config)#interface range fastEthernet 0/1-24 MS1(config-if-range)#shutdown
6)在外網測試是否能夠訪問web服務器如圖-4所示
圖-4
步驟八:在R2上配置端口映射
1)在R2上配置端口映射,指定NAT進口
R2(config)#ip nat inside source static tcp 192.168.1.8 80 61.159.62.131 80 R2(config)#interface fastEthernet 0/0 R2(config-if)#ip nat inside R2(config-if)#exit R2(config)#interface fastEthernet 0/1 R2(config-if)#ip nat inside R2(config-if)#exit R2(config)#interface fastEthernet 1/0 R2(config-if)#ip nat outside
2)關閉R1(如圖-5所示)測試外網是否能夠正常訪問web服務器(由於模擬器有BUG因此須要填加一臺Internet主機IP:61.159.62.133測試如圖-6所示)
圖-5
圖-6
能夠訪問web服務器證實項目升級成功。
相關文章
- 1. Apollo配置詳細步驟(Windows環境)
- 2. Mac搭建配置Arduino環境,詳細步驟,國內資源
- 3. JAVA環境變量配置詳細步驟和JDK1.8詳細安裝步驟
- 4. java環境的安裝環境配置詳細步驟
- 5. 【環境配置】vs2017+opencv在win10下的詳細環境配置步驟
- 6. Appium環境配置步驟
- 7. ESP8266_nonos_sdk環境配置步驟
- 8. jdk1.8的安裝環境配置詳細步驟
- 9. Python環境配置詳細步驟(新手入門)
- 10. MySQL的環境變量配置詳細步驟
- 更多相關文章...
- • Maven 環境配置 - Maven教程
- • Spring整合Redis詳細步驟 - Redis教程
- • IntelliJ IDEA 代碼格式化配置和快捷鍵
- • IDEA下SpringBoot工程配置文件沒有提示
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
