Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Comprehensive experiment of dual-core network

2025-02-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

[experiment name] Comprehensive experiment of dual-core network

[purpose of the experiment]

1. Master MSTP deployment

2. Master VRRP protocol configuration

3. Master the hot standby technology of MSTP+VRRP.

4. Understand the dynamic NAPT configuration method based on internal sources.

5. Master dynamic routing (default route distribution) or floating route configuration technology

[experimental Topology]

Please see the attachment for details.

[configuration requirements and configuration steps]

(1) complete the experimental equipment connection and address planning according to the diagram, and set the device name to "group number-equipment number-device name" (such as A1-S3550-1-H1).

(2) VLAN planning of layer 2 switch:

VL10

VL20

VL30

VL40

F0/5-F0/10

F0/11-F0/15

F0/15-F0/20

F0/21-F0/24

(3) configure the VLAN and SVI interfaces of the switch as required.

The first three are very basic configurations, which are no longer given here! It should be noted that the interconnection between switches requires the port to be configured as trunk!

(4) configure router and layer 3 switch routing interfaces as required, and use ping to verify link connectivity.

H1:

H1 (config) # interface f0bin4

H1 (config-if) # no switchport

H1 (config-if) # ip address 172.16.1.2 255.255.255.252

H1 (config-if) # no shutdown

H2:

H2 (config) # interface f0bin4

H2 (config-if) # no switchport

H2 (config-if) # ip address 172.16.1.6 255.255.255.252

H2 (config-if) # no shutdown

R2:

R1 (config) # interface f1and0

R1 (config-if) # ip address 172.16.1.1 255.255.255.252

R1 (config-if) # no shutdown

R1 (config-if) # exit

R1 (config) # interface f1bin1

R1 (config-if) # ip address 172.16.1.5 255.255.255.252

R1 (config-if) # no shutdown

(5) to deploy MSTP protocol on four switches, you need to set up two instances. Instance 1 is associated with VL10, and VL30; instance 2 is associated with VL20 and VL40. The MST revision number is required to be set to 1 and the name is the group number. H1 is required to be the root switch of instance 1 and H2 is the root switch of instance 2, which is a backup to each other.

Use the show spanning-tree mst configuration command to view the MST configuration information, and the show spanning-tree mst and show spanning-tree mst interface commands to view the MST1 and MST2 of the switch and the corresponding interface information to verify the configuration results.

S1:

Open spanning tree

S1 (config) # spanning-tree

! Configure spanning tree mode to MSTP

S1 (config) # spanning-tree mode mstp

! Enter MSTP configuration mode

S1 (config) # spanning-tree mst configuration

! Configure instance 1 (instance 1) and associate Vlan 10 and 30

S1 (config-mst) # instance 1 vlan 10pm 30

! Configure instance 2 and associate Vlan 20 and 40

S1 (config-mst) # instance 2 vlan 20pm 40

! Configure domain name

S1 (config-mst) # name fsy

! Configuration version (revision number)

S1 (config-mst) # revision 1

S2:

S2 (config) # spanning-tree

S2 (config) # spanning-tree mode mstp

S2 (config) # spanning-tree mst configuration

S2 (config-mst) # instance 1 vlan 10pm 30

S2 (config-mst) # instance 2 vlan 20pm 40

S2 (config-mst) # name fsy

S2 (config-mst) # revision 1

H1:

H1 (config) # spanning-tree

H1 (config) # spanning-tree mode mstp

H1 (config) # spanning-tree mst configuration

H1 (config-mst) # instance 1 vlan 10pm 30

H1 (config-mst) # instance 2 vlan 20pm 40

H1 (config-mst) # name fsy

H1 (config-mst) # revision 1

! The priority of configuring switch H1 in instance 1 is 4096, and the default is 32768. The smaller the value, the more priority it becomes the root switch in this instance.

H1 (config) # spanning-tree mst 1 priority 4096

H2:

H2 (config) # spanning-tree

H2 (config) # spanning-tree mode mstp

H2 (config) # spanning-tree mst configuration

H2 (config-mst) # instance 1 vlan 10pm 30

H2 (config-mst) # instance 2 vlan 20pm 40

H2 (config-mst) # name fsy

H2 (config-mst) # revision 1

H2 (config) # spanning-tree mst 2 priority 4096

(6) deploy VRRP protocol on two layer 3 switches, and the gateway address of each VLAN uses * .254. The VRRP primary route is required to be consistent with the MSTP root bridge and show vrrp (brief) is used to check the results. Note the difference between the use of standby and vrrp in the old and new versions.

H1:

H1 (config) # interface vlan 10

! Configure VRRP10 virtual router IP

H1 (config-if) # standby 10 ip 172.16.10.254

! Configure VRRP10 priority 200

H1 (config-if) # standby 10 priority 200

H1 (config-if) # exit

H1 (config) # interface vlan 20

H1 (config-if) # standby 20 ip 172.16.20.254

H1 (config-if) # standby 20 priority 100

H1 (config-if) # exit

H1 (config) # interface vlan 30

H1 (config-if) # standby 30 ip 172.16.30.254

H1 (config-if) # standby 30 priority 200

H1 (config-if) # exit

H1 (config) # interface vlan 40

H1 (config-if) # standby 40 ip 172.16.40.254

H1 (config-if) # standby 40 priority 100

H1 (config-if) # exit

H2:

H2 (config) # interface vlan 10

H2 (config-if) # standby 10 ip 172.16.10.254

H2 (config-if) # standby 10 priority 100

H2 (config-if) # exit

H2 (config) # interface vlan 20

H2 (config-if) # standby 20 ip 172.16.20.254

H2 (config-if) # standby 20 priority 200

H2 (config-if) # exit

H2 (config) # interface vlan 30

H2 (config-if) # standby 30 ip 172.16.30.254

H2 (config-if) # standby 30 priority 100

H2 (config-if) # exit

H2 (config) # interface vlan 40

H2 (config-if) # standby 40 ip 172.16.40.254

H2 (config-if) # standby 40 priority 200

H2 (config-if) # exit

(7) the router loop port is used to simulate the operator access line, and the routing configuration is completed on the router and layer 3 switch, which can be solved by dynamic route or static route plus floating route. pay attention to how to realize the default route of each layer 3 device? Use show ip route to view the results.

R1:

R1 (config) # interface loopback 1

R1 (config-if) # ip address 202.100.1.1 255.255.255.252

R1 (config) # router ospf 1

R1 (config) # exit

R1 (config-router) # network 202.100.1.1 0.0.0.3 area 0

R1 (config-router) # network 172.16.1.1 0.0.0.3 area 0

R1 (config-router) # network 172.16.1.5 0.0.0.3 area 0

H1:

H1 (config) # ip routing 0.0.0.0 0.0.0.0 202.100.1.1

H1 (config) # router ospf 1

H1 (config-router) # network 172.16.1.2 0.0.0.3 area 0

H1 (config-router) # network 172.16.10.0 0.0.0.255 area 0

H1 (config-router) # network 172.16.20.0 0.0.255 area 0

H1 (config-router) # network 172.16.30.0 0.0.0.255 area 0

H1 (config-router) # network 172.16.40.0 0.0.0.255 area 0

H2:

H2 (config) # ip routing 0.0.0.0 0.0.0.0 202.100.1.1

H2 (config) # router ospf 1

H2 (config-router) # network 172.16.1.6 0.0.0.3 area 0

H2 (config-router) # network 172.16.10.0 0.0.0.255 area 0

H2 (config-router) # network 172.16.20.0 0.0.255 area 0

H2 (config-router) # network 172.16.30.0 0.0.0.255 area 0

H2 (config-router) # network 172.16.40.0 0.0.0.255 area 0

(8) configure dynamic NAPT based on internal sources on the router to enable VL10, VL20 and VL30 users to access the Internet.

R1:

R1 (config) # access-list 10 permit 172.16.10.0 0.0.0.255

R1 (config) # access-list 10 permit 172.16.20.0 0.0.0.255

R1 (config) # access-list 10 permit 172.16.30.0 0.0.0.255

R1 (config) # ip nat pool fsy 202.100.1.1 202.100.1.1 netmask 255.255.255.252

R1 (config) # ip nat inside source list 10 pool fsy overload

R1 (config) # ip nat inside source list 20 pool fsy overload

R1 (config) # ip nat inside source list 30 pool fsy overload

R1 (config) # interface f1and0

R1 (config-if) # ip nat inside

R1 (config) # interface f1bin1

R1 (config-if) # ip nat inside

R1 (config) # interface loopback 1

R1 (config-if) # ip nat outside

At this point, the configuration is complete and you can start testing!

(because Cisco silencer can not achieve the above configuration, I summarized it on the basis of the experiment, and there are bound to be mistakes, welcome to correct)

Welcome to criticize and correct!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Configuration routing switch instance lab device router dynamic association interface result priority information name command address foundation technology mode version vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple macOS MariaDB Shulou Information NVidia MySQL vpn OPPO Reno Redmi Xiaomi Apple Shulou Technology Docker Huawei Microsoft Shulou Tech Info Linux macOS MariaDB Shulou Information NVidia MySQL vpn OPPO Reno Redmi Xiaomi Apple Shulou Technology Docker Huawei Microsoft Shulou Tech Info Linux

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report