课程门户-章节详情

路由与交换技术

汪华斌

1 交换网络
- 1.1 共享型以太网与冲突域
- 1.2 交换型以太网与广播域
- 1.3 数据转发和MAC地址表
- 1.4 PDF电子教材
- 1.5 【教学方案及任务安排】
2 虚拟局域网技术
- 2.1 VLAN的基本原理
- 2.2 VLAN的接口模式
- 2.3 多交换机环境中的VLAN
- 2.4 VLAN实施的基本命令
- 2.5 Hybrid和Access接口互联
- 2.6 Hybrid接口的复杂应用
- 2.7 PDF电子教材
- 2.8 基于MAC地址的VLAN划分
3 生成树协议STP
- 3.1 网络的冗余性
- 3.2 生成树的基本概念
- 3.3 STP的工作原理
- 3.4 STP的配置与布署
- 3.5 快速生成树RSTP
- 3.6 多实例生成树MSTP
- 3.7 PDF电子教材
- 3.8 PPT课件
4 静态路由
- 4.1 路由基础
- 4.2 静态路由
- 4.3 默认路由
- 4.4 汇总静态路由
- 4.5 浮动静态路由
- 4.6 PDF电子教材
- 4.7 新建课程目录
- 4.8 PPT课件
5 VLAN间路由
- 5.1 VLAN间路由基本理论
- 5.2 VLAN间路由基本配置
- 5.3 三层交换技术
- 5.4 VLAN间路由排错
- 5.5 传统VLAN间通信
- 5.6 网络互联通信
- 5.7 VLAN之间的单臂路由
- 5.8 VLAN之间的通信1
- 5.9 VLAN之间的通信2
- 5.10 PDF电子教材
6 动态路由
- 6.1 路由概述
- 6.2 距离矢量型路由协议
- 6.3 RIP原理
- 6.4 RIP配置
- 6.5 链路状态型路由协议
- 6.6 PDF电子教材
- 6.7 PPT课件
7 单区域OSPF
- 7.1 OSPF的特征
- 7.2 单区域OSPF的原理与基本配置
- 7.3 PDF电子教材
8 单区域OSPF的特性设置
- 8.1 高级单区域OSPF配置
- 8.2 单区域OSPF的排错
- 8.3 PDF电子教材
9 多区域OSPF
- 9.1 多区域OSPF
- 9.2 多区域OSPF的工作原理
- 9.3 配置多区域OSPF
- 9.4 PDF电子教材
- 9.5 PPT课件
- 9.6 全书术语表
10 其它路由交换技术
- 10.1 DHCP路由器
- 10.2 RIP与OSPF路由重分发
- 10.3 RIP与OSPF间的默认路由
- 10.4 NAT网络地址转换
- 10.5 NAT静态地址转换
- 10.6 NAT Server地址转换
- 10.7 真实设备连接问题
11 实验手册
- 11.1 实验1 Hybrid接口的复杂应用
- 11.2 实验2 MSTP多实例生成树协议
- 11.3 实验3 配置手工模式链路聚合
- 11.4 实验4 静态、默认及汇聚路由
- 11.5 实验5 RIP路由协议进阶实验
- 11.6 实验6 OSPF路由协议工作机制分析
- 11.7 实验7 DHCP与ACL列表实验
- 11.8 实验8 综合实验
- 11.9 实验模板查看及下载
12 学生作业展示
- 12.1 16网1_陈航（团队）
- 12.2 16网1_林东南（团队）
- 12.3 16网1_李培平（团队）
- 12.4 16网2_杨任壕（团队）
- 12.5 16网2_郭佳泽（团队）
- 12.6 17网2_王炜豪（团队）
- 12.7 17网2_庄烨颀（团队）
13 思科课外实验项目
- 13.1 标准访问控制列表
- 13.2 策略路由
- 13.3 基于链路的OSPF认证
- 13.4 基于区域的OSPF认证
- 13.5 扩展访问控制列表
- 13.6 路由器上的单臂路由
- 13.7 三层交换机上的单臂路由
- 13.8 生成树协议根桥的选举
- 13.9 OSPF路由协议的负载均衡
- 13.10 OSPF路由协议的开销计算
- 13.11 OSPF路由协议的虚链路
- 13.12 PPP协议的PAP验证
- 13.13 RIP路由协议的负载均衡及认证
- 13.14 RIP和OSPF路由协议的重发布
- 13.15 RIPV2的MD5认证
14 IPV6专题
- 14.1 IPV6研究进展综述论文
- 14.2 利用IPV6链路本地地址通信
- 14.3 基于IPV6下的RIPng路由实验
15 课外拓展学习
- 15.1 课外推荐学习材料
- 15.2 综合布线视频
- 15.3 参考教材
16 网络工程综合实验
- 16.1 实验要求
- 16.2 实验参考
- 16.3 过程视频
  - 16.3.1 链路聚合配置
  - 16.3.2 VLAN虚拟局域网配置
  - 16.3.3 Trunk链路配置
  - 16.3.4 STP生成树协议配置
  - 16.3.5 IP地址配置
  - 16.3.6 VRRP冗余路由配置
  - 16.3.7 IGP配置
  - 16.3.8 DHCP配置
  - 16.3.9 QOS配置
17 时政要闻
- 17.1 华为VS思科

实验参考

【场景描述】:

某公司存在两个站点，分别为SITE A和SITE B。SITE A和SITE B通过ISP的MPLS VPN进行互相通性。通过以下需求，满足该公司的业务需求。

【第一部分 SITE A】:

1. 1.链路聚合配置:

（1）LSW1和LSW2分别通过GE0/0/3，GE0/0/4和GE0/0/5接口相互连接，把这三个接口捆绑成一个逻辑接口。

#完成上述配置LSW1使用的脚本命令

system-view

sysname LSW1

interface Eth-Trunk 1

mode lacp-static

trunkport GigabitEthernet 0/0/3 to 0/0/5

quit

#上述脚本命令在LSW1的运行过程

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname LSW1

[LSW1]interface Eth-Trunk 1

[LSW1-Eth-Trunk1]mode lacp-static

[LSW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/3 to 0/0/5

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW1-Eth-Trunk1]quit

[LSW1]

#完成上述配置LSW2使用的脚本命令

system-view

sysname LSW2

interface Eth-Trunk 1

mode lacp-static

trunkport GigabitEthernet 0/0/3 to 0/0/5

quit

#上述脚本命令在LSW2的运行过程

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname LSW2

[LSW2]interface Eth-Trunk 1

[LSW2-Eth-Trunk1]mode lacp-static

[LSW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/3 to 0/0/5

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW2-Eth-Trunk1]quit

Oct 21 2017 09:58:09-08:00 LSW2 %%01IFNET/4/IF_STATE(l)[0]:Interface Eth-Trunk1 has turned into UP state.

[LSW2]

（2）LSW2为主动端，两台设备之间最大可用的带宽为2G，GE0/0/3接口所连接的是备份链路。 

#完成上述配置LSW2使用的脚本命令

lacp priority 0

interface Eth-Trunk 1

max active-linknumber 2

quit

interface GigabitEthernet 0/0/3

lacp priority 60000

quit

#上述脚本命令在LSW2的运行过程

[LSW2]lacp priority 0

[LSW2]interface Eth-Trunk 1

[LSW2-Eth-Trunk1]max active-linknumber 2

[LSW2-Eth-Trunk1]quit

[LSW2]interface GigabitEthernet 0/0/3

[LSW2-GigabitEthernet0/0/3]lacp priority 60000

[LSW2-GigabitEthernet0/0/3]quit

#在LSW1上检查验证链路聚合完成情况

[LSW1]display eth-trunk 1

Eth-Trunk1's state information is:

Local:

LAG ID: 1 WorkingMode: STATIC

Preempt Delay: Disabled Hash arithmetic: According to SIP-XOR-DIP

System Priority: 32768 System ID: 4c1f-cc25-3028

Least Active-linknumber: 1 Max Active-linknumber: 8

Operate status: up Number Of Up Port In Trunk: 2

--------------------------------------------------------------------------------

ActorPortName Status PortType PortPri PortNo PortKey PortState Weight

GigabitEthernet0/0/3 Unselect 1GE 32768 4 305 10110000 1

GigabitEthernet0/0/4 Selected 1GE 32768 5 305 10111100 1

GigabitEthernet0/0/5 Selected 1GE 32768 6 305 10111100 1

Partner:

--------------------------------------------------------------------------------

ActorPortName SysPri SystemID PortPri PortNo PortKey PortState

GigabitEthernet0/0/3 0 4c1f-cc30-6d94 60000 4 305 10100000

GigabitEthernet0/0/4 0 4c1f-cc30-6d94 32768 5 305 10111100

GigabitEthernet0/0/5 0 4c1f-cc30-6d94 32768 6 305 10111100

#在LSW2上检查验证链路聚合完成情况

[LSW2]display eth-trunk 1

Eth-Trunk1's state information is:

Local:

LAG ID: 1 WorkingMode: STATIC

Preempt Delay: Disabled Hash arithmetic: According to SIP-XOR-DIP

System Priority: 0 System ID: 4c1f-cc30-6d94

Least Active-linknumber: 1 Max Active-linknumber: 2

Operate status: up Number Of Up Port In Trunk: 2

--------------------------------------------------------------------------------

ActorPortName Status PortType PortPri PortNo PortKey PortState Weight

GigabitEthernet0/0/3 Unselect 1GE 60000 4 305 10100000 1

GigabitEthernet0/0/4 Selected 1GE 32768 5 305 10111100 1

GigabitEthernet0/0/5 Selected 1GE 32768 6 305 10111100 1

Partner:

--------------------------------------------------------------------------------

ActorPortName SysPri SystemID PortPri PortNo PortKey PortState

GigabitEthernet0/0/3 32768 4c1f-cc25-3028 32768 4 305 10110000

GigabitEthernet0/0/4 32768 4c1f-cc25-3028 32768 5 305 10111100

GigabitEthernet0/0/5 32768 4c1f-cc25-3028 32768 6 305 10111100

2.VLAN配置:

（1）在每台交换机创建VLAN，VLANID分别为10、11、13、20。

（2）将VLAN划分相应的接口，部门A属于vlan10，部门B属于vlan20， LSW1连接路由器的接口G0/0/2属于vlan11，LSW2连接路由器的接口G0/0/1属于vlan13。

#完成上述配置LSW1使用的脚本命令

vlan batch 10 11 13 20

interface GigabitEthernet 0/0/2

port link-type access

port default vlan 11

quit

#上述脚本命令在LSW1的运行过程

[LSW1]

[LSW1]vlan batch 10 11 13 20

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW1]interface GigabitEthernet 0/0/2

[LSW1-GigabitEthernet0/0/2]port link-type access

[LSW1-GigabitEthernet0/0/2]port default vlan 11

[LSW1-GigabitEthernet0/0/2]quit

[LSW1]

#完成上述配置LSW2使用的脚本命令

vlan batch 10 11 13 20

interface GigabitEthernet 0/0/1

port link-type access

port default vlan 13

quit

#上述脚本命令在LSW2的运行过程

<LSW2>system-view

Enter system view, return user view with Ctrl+Z.

[LSW2]vlan batch 10 11 13 20

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW2]interface GigabitEthernet 0/0/1

[LSW2-GigabitEthernet0/0/1]port link-type access

[LSW2-GigabitEthernet0/0/1]port default vlan 13

[LSW2-GigabitEthernet0/0/1]quit

[LSW2]

#完成上述配置LSW3使用的脚本命令

system-view

sysname LSW3

vlan batch 10 11 13 20

interface G0/0/3

port link-type access

port default vlan 10

stp edged-port enable

stp bpdu-filter enable

quit

interface G0/0/4

port link-type access

port default vlan 20

stp edged-port enable

stp bpdu-filter enable

quit

#上述脚本命令在LSW3的运行过程

[LSW3]vlan batch 10 11 13 20

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW3]interface G0/0/3

[LSW3-GigabitEthernet0/0/3]port link-type access

[LSW3-GigabitEthernet0/0/3]port default vlan 10

[LSW3-GigabitEthernet0/0/3]stp edged-port enable

[LSW3-GigabitEthernet0/0/3]stp bpdu-filter enable

[LSW3-GigabitEthernet0/0/3]quit

[LSW3]interface G0/0/4

[LSW3-GigabitEthernet0/0/4]port link-type access

[LSW3-GigabitEthernet0/0/4]port default vlan 20

[LSW3-GigabitEthernet0/0/4]stp edged-port enable

[LSW3-GigabitEthernet0/0/4]stp bpdu-filter enable

[LSW3-GigabitEthernet0/0/4]quit

[LSW3]

#完成上述配置LSW4使用的脚本命令

system-view

sysname LSW4

vlan batch 10 11 13 20

interface G0/0/3

port link-type access

port default vlan 10

stp edged-port enable

stp bpdu-filter enable

quit

interface G0/0/4

port link-type access

port default vlan 20

stp edged-port enable

stp bpdu-filter enable

quit

#上述脚本命令在LSW4的运行过程

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname LSW4

[LSW4]vlan batch 10 11 13 20

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW4]interface G0/0/3

[LSW4-GigabitEthernet0/0/3]port link-type access

[LSW4-GigabitEthernet0/0/3]port default vlan 10

[LSW4-GigabitEthernet0/0/3]stp edged-port enable

[LSW4-GigabitEthernet0/0/3]stp bpdu-filter enable

[LSW4-GigabitEthernet0/0/3]quit

[LSW4]interface G0/0/4

[LSW4-GigabitEthernet0/0/4]port link-type access

[LSW4-GigabitEthernet0/0/4]port default vlan 20

[LSW4-GigabitEthernet0/0/4]stp edged-port enable

[LSW4-GigabitEthernet0/0/4]stp bpdu-filter enable

[LSW4-GigabitEthernet0/0/4]quit

[LSW4]

#在LSW1上检查验证VLAN划分情况

[LSW1]display vlan

The total number of vlans is : 5

--------------------------------------------------------------------------------

U: Up; D: Down; TG: Tagged; UT: Untagged;

MP: Vlan-mapping; ST: Vlan-stacking;

#: ProtocolTransparent-vlan; *: Management-vlan;

--------------------------------------------------------------------------------

VID Type Ports

--------------------------------------------------------------------------------

1 common UT:GE0/0/1(U) GE0/0/6(U) GE0/0/7(D) GE0/0/8(D)

GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D)

GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D)

GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D)

GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D)

Eth-Trunk1(U)

10 common

11 common UT:GE0/0/2(U)

13 common

20 common

VID Status Property MAC-LRN Statistics Description

--------------------------------------------------------------------------------

1 enable default enable disable VLAN 0001

10 enable default enable disable VLAN 0010

11 enable default enable disable VLAN 0011

13 enable default enable disable VLAN 0013

20 enable default enable disable VLAN 0020

#在LSW2上检查验证VLAN划分情况

[LSW2]display vlan

The total number of vlans is : 5

--------------------------------------------------------------------------------

U: Up; D: Down; TG: Tagged; UT: Untagged;

MP: Vlan-mapping; ST: Vlan-stacking;

#: ProtocolTransparent-vlan; *: Management-vlan;

--------------------------------------------------------------------------------

VID Type Ports

--------------------------------------------------------------------------------

1 common UT:GE0/0/2(U) GE0/0/6(U) GE0/0/7(D) GE0/0/8(D)

GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D)

GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D)

GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D)

GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D)

Eth-Trunk1(U)

10 common

11 common

13 common UT:GE0/0/1(U)

20 common

VID Status Property MAC-LRN Statistics Description

--------------------------------------------------------------------------------

1 enable default enable disable VLAN 0001

10 enable default enable disable VLAN 0010

11 enable default enable disable VLAN 0011

13 enable default enable disable VLAN 0013

20 enable default enable disable VLAN 0020

[LSW2]

#在LSW3上检查验证VLAN划分情况

[LSW3]dis vlan

The total number of vlans is : 5

--------------------------------------------------------------------------------

U: Up; D: Down; TG: Tagged; UT: Untagged;

MP: Vlan-mapping; ST: Vlan-stacking;

#: ProtocolTransparent-vlan; *: Management-vlan;

--------------------------------------------------------------------------------

VID Type Ports

--------------------------------------------------------------------------------

1 common UT:GE0/0/1(U) GE0/0/2(U) GE0/0/5(D) GE0/0/6(D)

GE0/0/7(D) GE0/0/8(D) GE0/0/9(D) GE0/0/10(D)

GE0/0/11(D) GE0/0/12(D) GE0/0/13(D) GE0/0/14(D)

GE0/0/15(D) GE0/0/16(D) GE0/0/17(D) GE0/0/18(D)

GE0/0/19(D) GE0/0/20(D) GE0/0/21(D) GE0/0/22(D)

GE0/0/23(D) GE0/0/24(D)

10 common UT:GE0/0/3(D)

11 common

13 common

20 common UT:GE0/0/4(D)

VID Status Property MAC-LRN Statistics Description

--------------------------------------------------------------------------------

1 enable default enable disable VLAN 0001

10 enable default enable disable VLAN 0010

11 enable default enable disable VLAN 0011

13 enable default enable disable VLAN 0013

20 enable default enable disable VLAN 0020

[LSW3]

3.Trunk配置: 

所有交换机互连接口划分配置为trunk接口，pvid默认，允许所有的VLAN通过 

#完成上述配置LSW1使用的脚本命令

interface Eth-Trunk 1

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/1

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/6

port link-type trunk

port trunk allow-pass vlan all

quit

#上述脚本命令在LSW1的运行过程

[LSW1]

[LSW1]interface Eth-Trunk 1

[LSW1-Eth-Trunk1]port link-type trunk

[LSW1-Eth-Trunk1]port trunk allow-pass vlan all

[LSW1-Eth-Trunk1]interface GigabitEthernet 0/0/1

[LSW1-GigabitEthernet0/0/1]port link-type trunk

[LSW1-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/1]quit

[LSW1]interface GigabitEthernet 0/0/6

[LSW1-GigabitEthernet0/0/6]port link-type trunk

[LSW1-GigabitEthernet0/0/6]port trunk allow-pass vlan all

[LSW1-GigabitEthernet0/0/6]quit

[LSW1]

#完成上述配置LSW2使用的脚本命令

interface Eth-Trunk 1

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/2

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/6

port link-type trunk

port trunk allow-pass vlan all

quit

#上述脚本命令在LSW2的运行过程

[LSW2]interface Eth-Trunk 1

[LSW2-Eth-Trunk1]port link-type trunk

[LSW2-Eth-Trunk1]port trunk allow-pass vlan all

[LSW2-Eth-Trunk1]quit

[LSW2]interface GigabitEthernet 0/0/2

[LSW2-GigabitEthernet0/0/2]port link-type trunk

[LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/2]quit

[LSW2]interface GigabitEthernet 0/0/6

[LSW2-GigabitEthernet0/0/6]port link-type trunk

[LSW2-GigabitEthernet0/0/6]port trunk allow-pass vlan all

[LSW2-GigabitEthernet0/0/6]quit

[LSW2]

#完成上述配置LSW3使用的脚本命令

interface GigabitEthernet 0/0/1

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/2

port link-type trunk

port trunk allow-pass vlan all

quit

#上述脚本命令在LSW3的运行过程

<LSW3>system-view

Enter system view, return user view with Ctrl+Z.

[LSW3]interface GigabitEthernet 0/0/1

[LSW3-GigabitEthernet0/0/1]port link-type trunk

[LSW3-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/1]quit

[LSW3]interface GigabitEthernet 0/0/2

[LSW3-GigabitEthernet0/0/2]port link-type trunk

[LSW3-GigabitEthernet0/0/2]port trunk allow-pass vlan all

[LSW3-GigabitEthernet0/0/2]quit

[LSW3]

#完成上述配置LSW4使用的脚本命令

interface GigabitEthernet 0/0/1

port link-type trunk

port trunk allow-pass vlan all

quit

interface GigabitEthernet 0/0/2

port link-type trunk

port trunk allow-pass vlan all

quit

#上述脚本命令在LSW4的运行过程

<LSW4>system-view

Enter system view, return user view with Ctrl+Z.

[LSW4]interface GigabitEthernet 0/0/1

[LSW4-GigabitEthernet0/0/1]port link-type trunk

[LSW4-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[LSW4-GigabitEthernet0/0/1]quit

[LSW4]interface GigabitEthernet 0/0/2

[LSW4-GigabitEthernet0/0/2]port link-type trunk

[LSW4-GigabitEthernet0/0/2]port trunk allow-pass vlan all

[LSW4-GigabitEthernet0/0/2]quit

[LSW4]

4.STP配置 

（1）所有的交换运行MSTP，MSTP域名为huawei，修订等级为1。

（2）额外创建两个实例，将VLAN10、11划分进实例 1，VLAN13、20划分进实例 2。

（3）要求LSW1为实例1的根桥，实例2的备份根桥是；LSW2为实例2的根桥，实例1的备份根桥。

#完成上述配置LSW1使用的脚本命令

stp mode mstp

stp instance 1 root primary

stp instance 2 root secondary

stp region-configuration

region-name huawei

revision-level 1

instance 1 vlan 10 11

instance 2 vlan 13 20

active region-configuration

quit

stp enable

#上述脚本命令在LSW1的运行过程

[LSW1]stp mode mstp

[LSW1]stp instance 1 root primary

[LSW1]stp instance 2 root secondary

[LSW1]stp region-configuration

[LSW1-mst-region]region-name huawei

[LSW1-mst-region]revision-level 1

[LSW1-mst-region]instance 1 vlan 10 11

[LSW1-mst-region]instance 2 vlan 13 20

[LSW1-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW1-mst-region]quit

[LSW1]stp enable

[LSW1]

[LSW1]display stp region-configuration

Oper configuration

Format selector :0

Region name :huawei

Revision level :1

Instance VLANs Mapped

0 1 to 9, 12, 14 to 19, 21 to 4094

1 10 to 11

2 13, 20

[LSW1]

[LSW1]display stp instance 1

-------[MSTI 1 Global Info]-------

MSTI Bridge ID :0.4c1f-cc25-3028

MSTI RegRoot/IRPC :0.4c1f-cc25-3028 / 0

MSTI RootPortId :0.0

MSTI Root Type :Primary root

Master Bridge :32768.4c1f-cc25-3028

Cost to Master :0

[LSW1]display stp instance 2

-------[MSTI 2 Global Info]-------

MSTI Bridge ID :4096.4c1f-cc25-3028

MSTI RegRoot/IRPC :0.4c1f-cc30-6d94 / 10000

MSTI RootPortId :128.25

MSTI Root Type :Secondary root

Master Bridge :32768.4c1f-cc25-3028

Cost to Master :0

TC received :6

TC count per hello :0

Time since last TC :0 days 0h:6m:22s

Number of TC :7

Last TC occurred :Eth-Trunk1

#完成上述配置LSW2使用的脚本命令

stp mode mstp

stp instance 2 root primary

stp instance 1 root secondary

stp region-configuration

region-name huawei

revision-level 1

instance 1 vlan 10 11

instance 2 vlan 13 20

active region-configuration

quit

stp enable

#上述脚本命令在LSW2的运行过程

<LSW2>system-view

Enter system view, return user view with Ctrl+Z.

[LSW2]stp mode mstp

[LSW2]stp instance 2 root primary

[LSW2]stp instance 1 root secondary

[LSW2]stp region-configuration

[LSW2-mst-region]region-name huawei

[LSW2-mst-region]revision-level 1

[LSW2-mst-region]instance 1 vlan 10 11

[LSW2-mst-region]instance 2 vlan 13 20

[LSW2-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW2-mst-region]quit

[LSW2]stp enable

[LSW2]display stp region-configuration

Oper configuration

Format selector :0

Region name :huawei

Revision level :1

Instance VLANs Mapped

0 1 to 9, 12, 14 to 19, 21 to 4094

1 10 to 11

2 13, 20

[LSW2]

[LSW2]display stp instance 1

-------[MSTI 1 Global Info]-------

MSTI Bridge ID :4096.4c1f-cc30-6d94

MSTI RegRoot/IRPC :0.4c1f-cc25-3028 / 10000

MSTI RootPortId :128.25

MSTI Root Type :Secondary root

Master Bridge :32768.4c1f-cc25-3028

Cost to Master :10000

[LSW2]display stp instance 2

-------[MSTI 2 Global Info]-------

MSTI Bridge ID :0.4c1f-cc30-6d94

MSTI RegRoot/IRPC :0.4c1f-cc30-6d94 / 0

MSTI RootPortId :0.0

MSTI Root Type :Primary root

Master Bridge :32768.4c1f-cc25-3028

Cost to Master :10000

#完成上述配置LSW3使用的脚本命令

stp mode mstp

stp region-configuration

region-name huawei

revision-level 1

instance 1 vlan 10 11

instance 2 vlan 13 20

active region-configuration

quit

stp enable

#上述脚本命令在LSW3的运行过程

<LSW3>system-view

Enter system view, return user view with Ctrl+Z.

[LSW3]stp mode mstp

[LSW3]stp region-configuration

[LSW3-mst-region]region-name huawei

[LSW3-mst-region]revision-level 1

[LSW3-mst-region]instance 1 vlan 10 11

[LSW3-mst-region]instance 2 vlan 13 20

[LSW3-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW3-mst-region]quit

[LSW3]stp enable

[LSW3]display stp region-configuration

Oper configuration

Format selector :0

Region name :huawei

Revision level :1

Instance VLANs Mapped

0 1 to 9, 12, 14 to 19, 21 to 4094

1 10 to 11

2 13, 20

#完成上述配置LSW4使用的脚本命令

stp mode mstp

stp region-configuration

region-name huawei

revision-level 1

instance 1 vlan 10 11

instance 2 vlan 13 20

active region-configuration

quit

stp enable

#上述脚本命令在LSW4的运行过程

<LSW4>system-view

Enter system view, return user view with Ctrl+Z.

[LSW4]stp mode mstp

[LSW4]stp region-configuration

[LSW4-mst-region]region-name huawei

[LSW4-mst-region]revision-level 1

[LSW4-mst-region]instance 1 vlan 10 11

[LSW4-mst-region]instance 2 vlan 13 20

[LSW4-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LSW4-mst-region]quit

[LSW4]stp enable

[LSW4]

[LSW4]display stp region-configuration

Oper configuration

Format selector :0

Region name :huawei

Revision level :1

Instance VLANs Mapped

0 1 to 9, 12, 14 to 19, 21 to 4094

1 10 to 11

2 13, 20

5.IP地址配置 

按照如图所示配置SITEA的IP地址。 

#完成IP配置LSW1使用的脚本命令

interface vlanif 10

ip address 192.168.10.1 24

quit

interface Vlanif 11

ip address 192.168.11.11 24

quit

interface vlanif 20

ip address 192.168.20.1 24

quit

#上述脚本命令在LSW4的运行过程

[LSW1]interface vlanif 10

[LSW1-Vlanif10]ip address 192.168.10.1 24

[LSW1-Vlanif10]quit

[LSW1]interface Vlanif 11

[LSW1-Vlanif11]ip address 192.168.11.11 24

[LSW1-Vlanif11]quit

[LSW1]interface vlanif 20

[LSW1-Vlanif20]ip address 192.168.20.1 24

[LSW1-Vlanif20]quit

[LSW1]

#完成IP配置LSW2使用的脚本命令

interface vlanif 10

ip address 192.168.10.2 24

quit

interface Vlanif 13

ip address 192.168.13.12 24

quit

interface vlanif 20

ip address 192.168.20.2 24

quit

#上述脚本命令在LSW2的运行过程

[LSW2]interface vlanif 10

[LSW2-Vlanif10]ip address 192.168.10.2 24

[LSW2-Vlanif10]quit

[LSW2]interface Vlanif 13

[LSW2-Vlanif13]ip address 192.168.13.12 24

[LSW2-Vlanif13]quit

[LSW2]interface vlanif 20

[LSW2-Vlanif20]ip address 192.168.20.2 24

[LSW2-Vlanif20]quit

[LSW2]

#完成IP配置AR1使用的脚本命令

system-view

sysname AR1

interface g0/0/0

ip address 192.168.11.1 24

quit

interface g0/0/1

ip address 192.168.13.1 24

quit

interface g0/0/2

ip address 10.1.12.10 24

quit

#上述脚本命令在AR1的运行过程

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname AR1

[AR1]interface g0/0/0

[AR1-GigabitEthernet0/0/0]ip address 192.168.11.1 24

[AR1-GigabitEthernet0/0/0]quit

[AR1]

[AR1]interface g0/0/1

[AR1-GigabitEthernet0/0/1]ip address 192.168.13.1 24

[AR1-GigabitEthernet0/0/1]quit

[AR1]

[AR1]interface g0/0/2

[AR1-GigabitEthernet0/0/2]ip address 10.1.12.10 24

[AR1-GigabitEthernet0/0/2]quit

[AR1]

6.VRRP配置 

（1）LSW1和LSW2分别存在Vlanif10、20，分别作为部门A、B的网关，要求使用VRRP技术实现网关的冗余备份。

（2）Vlanif10使用的VRRP虚拟ID为1，虚拟IP地址为192.168.10.254,LSW1作为master路由，LSW2作为backup，master路由器优先级为200。

（3）Vlanif20使用的VRRP虚拟ID为2，虚拟IP地址为192.168.20.254,LSW2作为master路由，LSW1作为backup，master路由器优先级为200。 

（4）在Vlanif10和20的master路由器分别使用BFD技术跟踪上行接口，当上行链路断开时，能自动切换到备份路由器。

#完成上述要求配置LSW1使用的脚本命令

bfd

quit

bfd 10 bind peer-ip 192.168.11.1 source-ip 192.168.11.11 auto

quit

interface Vlanif 10

vrrp vrid 1 virtual-ip 192.168.10.254

vrrp vrid 1 priority 200

vrrp vrid 1 track bfd-session session-name 10 reduced 150

quit

interface Vlanif 20

vrrp vrid 2 virtual-ip 192.168.20.254

quit

#上述脚本命令在LSW1的运行过程

[LSW1]

[LSW1]bfd

[LSW1-bfd]quit

[LSW1]bfd 10 bind peer-ip 192.168.11.1 source-ip 192.168.11.11 auto

[LSW1-bfd-session-10]quit

[LSW1]interface Vlanif 10

[LSW1-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254

[LSW1-Vlanif10]vrrp vrid 1 priority 200

[LSW1-Vlanif10]vrrp vrid 1 track bfd-session session-name 10 reduced 150

[LSW1-Vlanif10]quit

[LSW1]interface Vlanif 20

[LSW1-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254

[LSW1-Vlanif20]quit

[LSW1]

#完成上述要求配置LSW2使用的脚本命令

bfd

quit

bfd 20 bind peer-ip 192.168.13.1 source-ip 192.168.13.12 auto

quit

interface Vlanif 20

vrrp vrid 2 virtual-ip 192.168.20.254

vrrp vrid 2 priority 200

vrrp vrid 2 track bfd-session session-name 20 reduced 150

quit

interface Vlanif 10

vrrp vrid 1 virtual-ip 192.168.10.254

quit

#上述脚本命令在LSW2的运行过程

[LSW2]bfd

[LSW2-bfd]quit

[LSW2]bfd 20 bind peer-ip 192.168.13.1 source-ip 192.168.13.12 auto

[LSW2-bfd-session-10]quit

[LSW2]

[LSW2]interface Vlanif 20

[LSW2-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254

[LSW2-Vlanif20]vrrp vrid 2 priority 200

[LSW2-Vlanif20]vrrp vrid 2 track bfd-session session-name 20 reduced 150

[LSW2-Vlanif20]quit

[LSW2]interface Vlanif 10

[LSW2-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254

[LSW2-Vlanif10]quit

[LSW2]

#完成BFD配置AR1使用的脚本命令

bfd

quit

bfd 10 bind peer-ip 192.168.11.11 source-ip 192.168.11.1 auto

quit

bfd 20 bind peer-ip 192.168.13.12 source-ip 192.168.13.1 auto

quit

#上述脚本命令在AR1的运行过程

[AR1]bfd

[AR1-bfd]quit

[AR1]

[AR1]bfd 10 bind peer-ip 192.168.11.11 source-ip 192.168.11.1 auto

[AR1-bfd-session-10]quit

[AR1]

[AR1]bfd 20 bind peer-ip 192.168.13.12 source-ip 192.168.13.1 auto

[AR1-bfd-session-20]quit

[AR1]

检查命令：display vrrp 1

display vrrp 2

display bfd session all

7.IGP配置 

LSW1，LSW2，AR1运行OSPF处于区域0，AR1与ISP相连的路由器AR2运行OSPF处于区域0。 

#完成IGP-OSPF配置LSW1使用的脚本命令

router id 11.11.11.11

ospf 1

area 0

network 192.168.10.0 0.0.0.255

network 192.168.11.0 0.0.0.255

network 192.168.13.0 0.0.0.255

network 192.168.20.0 0.0.0.255

quit

#上述脚本命令在LSW1的运行过程

[LSW1]router id 11.11.11.11

[LSW1]ospf 1

[LSW1-ospf-1]area 0

[LSW1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255

[LSW1-ospf-1-area-0.0.0.0]network 192.168.11.0 0.0.0.255

[LSW1-ospf-1-area-0.0.0.0]network 192.168.13.0 0.0.0.255

[LSW1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255

[LSW1-ospf-1-area-0.0.0.0]quit

[LSW1-ospf-1]quit

[LSW1]

#完成IGP-OSPF配置LSW2使用的脚本命令

router id 12.12.12.12

ospf 1

area 0

network 192.168.10.0 0.0.0.255

network 192.168.11.0 0.0.0.255

network 192.168.13.0 0.0.0.255

network 192.168.20.0 0.0.0.255

quit

#上述脚本命令在LSW2的运行过程

[LSW2]router id 12.12.12.12

[LSW2]ospf 1

[LSW2-ospf-1]area 0

[LSW2-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255

[LSW2-ospf-1-area-0.0.0.0]network 192.168.11.0 0.0.0.255

[LSW2-ospf-1-area-0.0.0.0]network 192.168.13.0 0.0.0.255

[LSW2-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255

[LSW2-ospf-1-area-0.0.0.0]quit

[LSW2-ospf-1]quit

[LSW2]

#完成IGP-OSPF配置AR1使用的脚本命令

router id 1.1.1.1

ospf 1

area 0

network 10.1.12.0 0.0.0.255

network 192.168.11.0 0.0.0.255

network 192.168.13.0 0.0.0.255

quit

#上述脚本命令在AR1的运行过程

[AR1]ospf 1

[AR1-ospf-1]area 0

[AR1-ospf-1-area-0.0.0.0]network 10.1.12.0 0.0.0.255

[AR1-ospf-1-area-0.0.0.0]network 192.168.11.0 0.0.0.255

[AR1-ospf-1-area-0.0.0.0]network 192.168.13.0 0.0.0.255

[AR1-ospf-1-area-0.0.0.0]quit

[AR1-ospf-1]

检查命令：display ospf peer brief

display ip routing-table

8.DHCP配置 

（1）AR1为DHCP服务器，为部门A和部门B的主机分配IP地址，采用基于全局地址池的分配方式，创建ip pool A为部门A分配IP地址:网段为192.168.10.0/24，网关为:192.168.10.254，DNS为:8.8.8.8;创建ip pool B为部门B分配IP地址:网段为192.168.20.0/24，网关为:192.168.20.254，DNS为:114.114.114.114; 

（2）LSW1和LSW2为DHCP中继器，VLANif10指向的DHCP服务器的地址为:192.168.11.1,VLANif20指向的DHCP服务器的地址为:192.168.13.1。

#完成DHCP配置AR1使用的脚本命令

dhcp enable

ip pool A

network 192.168.10.0 mask 255.255.255.0

gateway-list 192.168.10.254

dns-list 8.8.8.8

quit

ip pool B

network 192.168.20.0 mask 255.255.255.0

gateway-list 192.168.20.254

dns-list 114.114.114.114

quit

interface GigabitEthernet 0/0/0

dhcp select global

quit

interface GigabitEthernet 0/0/1

dhcp select global

quit

#上述脚本命令在AR1的运行过程

[AR1]

[AR1]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[AR1]ip pool A

Info: It's successful to create an IP address pool.

[AR1-ip-pool-A]network 192.168.10.0 mask 255.255.255.0

[AR1-ip-pool-A]gateway-list 192.168.10.254

[AR1-ip-pool-A]dns-list 8.8.8.8

[AR1-ip-pool-A]quit

[AR1]

[AR1]ip pool B

Info: It's successful to create an IP address pool.

[AR1-ip-pool-B]network 192.168.20.0 mask 255.255.255.0

[AR1-ip-pool-B]gateway-list 192.168.20.254

[AR1-ip-pool-B]dns-list 114.114.114.114

[AR1-ip-pool-B]quit

[AR1]

[AR1]interface GigabitEthernet 0/0/0

[AR1-GigabitEthernet0/0/0]dhcp select global

[AR1-GigabitEthernet0/0/0]quit

[AR1]interface GigabitEthernet 0/0/1

[AR1-GigabitEthernet0/0/1]dhcp select global

[AR1-GigabitEthernet0/0/1]quit

[AR1]

#完成DHCP中继配置LSW1使用的脚本命令

dhcp enable

interface Vlanif 10

dhcp select relay

dhcp relay server-ip 192.168.11.1

quit

interface Vlanif 20

dhcp select relay

dhcp relay server-ip 192.168.13.1

quit

#上述脚本命令在LSW1的运行过程

[LSW1]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LSW1]interface Vlanif 10

[LSW1-Vlanif10]dhcp select relay

[LSW1-Vlanif10]dhcp relay server-ip 192.168.11.1

[LSW1-Vlanif10]quit

[LSW1]interface Vlanif 20

[LSW1-Vlanif20]dhcp select relay

[LSW1-Vlanif20]dhcp relay server-ip 192.168.13.1

[LSW1-Vlanif20]quit

[LSW1]

#完成DHCP中继配置LSW1使用的脚本命令

dhcp enable

interface Vlanif 10

dhcp select relay

dhcp relay server-ip 192.168.11.1

quit

interface Vlanif 20

dhcp select relay

dhcp relay server-ip 192.168.13.1

quit

#上述脚本命令在LSW2的运行过程

[LSW2]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LSW2]interface Vlanif 10

[LSW2-Vlanif10]dhcp select relay

[LSW2-Vlanif10]dhcp relay server-ip 192.168.11.1

[LSW2-Vlanif10]quit

[LSW2]interface Vlanif 20

[LSW2-Vlanif20]dhcp select relay

[LSW2-Vlanif20]dhcp relay server-ip 192.168.13.1

[LSW2-Vlanif20]quit

[LSW2]

9.QOS配置

AR1作为SITE A的出口，在G0/0/2接口的流量出方向使用限速技术，将SITE A 192.168.10.0网段的流量使用流量整形技术限制在10Mbps，将192.168.20.0网段的流量使用流量监管技术限制在20Mbps。

[AR1]acl 2001

[AR1-acl-basic-2001]rule 10 permit source 192.168.10.0 0.0.0.255

[AR1-acl-basic-2001]quit

[AR1]acl 2002

[AR1-acl-basic-2002]rule 10 permit source 192.168.20.0 0.0.0.255

[AR1-acl-basic-2002]quit

[AR1]traffic classifier 10

[AR1-classifier-10]if-match acl 2001

[AR1-classifier-10]quit

[AR1]traffic behavior 10

[AR1-behavior-10]gts cir 10000

[AR1-behavior-10]quit

[AR1]traffic classifier 20

[AR1-classifier-20]if-match acl 2002

[AR1-classifier-20]quit

[AR1]traffic behavior 20

[AR1-behavior-20]car cir 20000

[AR1-behavior-20]quit

[AR1]traffic policy qos

[AR1-trafficpolicy-qos]classifier 10 behavior 10

[AR1-trafficpolicy-qos]classifier 20 behavior 20

[AR1-trafficpolicy-qos]quit

[AR1]interface GigabitEthernet 0/0/2

[AR1-GigabitEthernet0/0/2]traffic-policy qos outbound

图片预览