Shulou(Shulou.com)06/03 Report--

Experiment name: using stp and vrrp ospf to make the internal network can access the external network.

two。 Experimental topography:

4. Experimental purpose:

1. Using spanning Tree Protocol to determine the root switch

2. Use vrrp protocol to realize gateway backup and link load balancing.

3. The internal network can access the external network / / the external network simulates three lines, namely, China Mobile, Telecom and China Unicom

5. Technologies involved: stp, vrrp, ospf

# configuration ideas:

First of all, determine the root switch in sw1,sw3,sw4, determine the direction of your own traffic, and then go to the switch sw5, sw6,sw2, determine the root switch, determine the direction of traffic, and then

Then configure the switch to the router to use the vrrp protocol to realize the redundant backup of the gateway and the load balancing of the link. Finally, the internal network can access the external network. When the link fails, how does the traffic access the external network?

# configuration steps:

# configure the ip address of the pc, and create the vlan on the switch sw1,sw3,sw4, and join the corresponding port to the vlan, and use the trunk link between the switch and the switch

# configure the ip address of pc1

Ip address 192.168.10.1 255.255.255.0

Configure the ip address of pc2

Ip address 192.168.20.1 255.255.255.0

Configure the ip address of pc3

Ip address 192.168.10.2 255.255.255.0

Configure the ip address of pc4

Ip address 192.168.20. 2 255.255.255.0

# create sw1, sw2 sw3, sw4,sw5,sw6 on the switch, create vlan10, vlan20,vlan database to be consistent, and join the corresponding ports to vlan10 and vlan20

# vlan 10, vlan 20 / / create on sw1

Port-group group-member g0/0/1 g0/0/2

Port link-type access

Port default vlan10 / / join multiple ports to vlan10 at the same time

Interface g0/0/13

Port link-type trunk

Port trunk allow-pass vlan all

Interface g0/0/12

Port link-type trunk

Port trunk allow-pass vlan all

Interface g0/0/3

Port link-type access

Port default vlan 10

# vlan 10, vlan 20 vlan / create on sw3

Itnerface ether 0/0/13

Port link-type trunk

Port trunk allow-pass vlan all

Inerface ether 0/0/11

Port link-type trunk

Port trunk allow-pass vlan all

Itnerface ether 0/0/1

Port link-type access

Port defautl vlan 10

# create vlan10, vlan 20 / create on sw4

Inteface ethernet 0/0/1

Port link-type access

Port default vlan 20

Port-group group-memeber ethernet 0/0/4 ethernet 0/0/1

Port link-type trunk

Port trunk allow-pass vlan all

# identify the root switch on the switch, check the blocked port, check the direction of traffic / / modify the priority of sw1 to 0 with spanning tree to make sw1 the root switch

# stp priority 0 / / modify the priority of the switch, and sw1 becomes the root switch

# display stp brief / / View stp details / / as shown in the following figure

# as can be seen from the figure above, e0apace 11 is a blocked port, so it can be seen that the direction of traffic is pc1 from sw3 e0max 0max 13 to g 0max max 13, and the direction of pc2 traffic is from sw2 eth 0max 0max 14 to g 0max 14.

# next, configure the switch, sw2,sw5,sw6. In the same way, you can omit / / configuration.

# sw2 is the root switch and the blocking port is ethernet0/0/11

# the direction of traffic is as follows: from ethernet0/0/ port 13 of switch sw5 to g0max 13, and from ethernet0/0/14 of switch to g0max 14

# then virtualize a virtual gateway on router AR1,AR2: 192.168.10.250,192.168.20.250

# configure AR1,AR2 with IP address

Interface g0/0/0

Ip address 192.168.10. Configuration on 254255.255.255.0 / / AR1

Interface g 0/0/1

Ip address 192.168.20.254 255.255.255.0 / / configuration on AR1

Interface g0/0/0

Ip address 192.168.10.253 255.255.255.0 / / configuration on AR2

Interface g0/0/1

Ip address 192.168.20.253 255.255.255.0 / / configuration on AR2

# next configure, vrrp to achieve redundant backup of the gateway, link load balancing

# itnerface g0UniUniverse 0 / / AR1

Vrrp vrid 10 virtual-ip 192.168.10.250 / / virtualize a gateway

Vrrp vrid 10 priority 101 / / increases its priority by 1, and defaults to 100, making it the primary gateway

Vrrp vrid 10 track interface ethernet 4-0-0 / / configure link tracking, default priority reduced by 10

# interface g0amp 0 / / on AR2

Vrrp vrid 10 virtual-ip 192.168.10.250 / / virtualize a gateway / / without setting its priority, keep its priority at default, 100, making it a secondary gateway

# interface g0UniCompact 1 / / on AR1

Vrrp vrid virtual-ip 192.168.20.250 / / virtualize a gateway / / without setting its priority, keep its priority at default, 100, making it a secondary gateway

# inteface g0UniCompact 1 / / on AR2

Vrrp vrid 20 virtual-ip 192.168.20.250

Vrrp vrid 20 priority 101 / / increases its priority by 1 and defaults to 100, making it the main gateway

Vrrp vrid 20 track interface g0Accord 2 / / the default priority is reduced by 10. When the link is restored, it will strive for priority. When the link is down, it will be degraded by default to become a backup.

# summing up the above, it shows that the primary gateway of vlan10 is on AR1, and vlan20 is the secondary gateway. On AR2, the primary gateway of vlan20 is on AR2, and vlan10 is the secondary gateway

# next, configure the public network, using technical ospf, first configure the ip address, create the corresponding vlan, and finally enable the internal network to access the public network / / China Telecom, China Mobile and China Unicom.

Itnerface ethernet 4-0-0

Ip address 192.168.13.1 255.255.255.0 / / configured on AR1

# create vlan 30 and vlan 40 on lsw7

# vlan 30, vlan 40

Interface ethernet 0/0/5

Port link-type access

Port default vlan 30

Interface vlan 30

Ip address 192.168.13.2 255.255.255.0

# inteface ethernet 0/0/4

Port link-type access

Port default vlan 40

Interface vlan 40

Ip address 192.168.14.1 255.255.255.0

# configure the ip address of g0Uniqq1 and g0UniUnix0 on the router

Itnerface g 0/0/ 1

Ip address 192.168.14.2 255.255.255.0

Interface g0/0/0

Ip address 192.168.15.254 255.255.255.0

# configure the ip address of server1

Ip address 192.168.15.1 255.255.255.0

Gateway 192.168.15.254

# next, use ospf to create area 0 so that the internal network can access the external network

Ospf 1

Area 0

Network 192.168.13.1 0.0.0.0

Network 192.168.10.0 0.0.0.255

Configure ospf on network 192.168.20.0 0.0.0.255 / / AR1

Ospf 1

Area 0

Network 192.168.13.2 0.0.0.0

Configuration on network 192.168.14.1 0.0.0.0 / / lsw7

Ospf1

Area 0

Network 192.168.14.2 0.0.0.0

Configuration on etwork 192.168.15.254 0.0.0.0 / / AR4

# Verification and testing:

Ping 192.168.15.1

# the above tests show that the internal network can already access the public network

# verify link tracking:

Shut down the public network port e 4/0/0//AR1

# shutdown e 4-0-0

# display vrrp / / on AR2

# the figure above shows that the gateway of vlan 10 on the AR2 has become the primary gateway, and the traffic is no longer going from the AR1. Now it is going from the AR2. Other settings are available in the same way:

-end

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.