Shulou(Shulou.com)06/03 Report--

Blogger QQ:819594300

Blog address: http://zpf666.blog.51cto.com/

Friends who have any questions can contact the blogger, the blogger will help you answer, thank you for your support!

I. case study

This case takes the campus network exit of a university as an example to show the application scenarios of mainstream technologies such as NAT and strategic routing.

There are four devices in the case, including three routers and one switch, which are telecom public network router, education network router, simulated campus network exit router and campus network access switch. In this case, the exit router uses H3C-MSR3011E to achieve related functions, telecom and education network use H3C-MSR2020 to achieve related functions, and s3600 layer 3 switch is used to simulate the campus network access switch. In the actual network, the exit router generally uses the SR66 series or higher SR88 router.

The campus network in the case is divided into two network segments, namely, the campus network dormitory network and the campus office and teaching network segments. The former mainly accesses the public network through telecommunications, while the latter mainly accesses the educational network resources through the education network.

The case uses policy routing at the exit of the campus network to control different segments of the campus to follow the corresponding network. The campus network simulates a server to provide www access services to the public network.

2. Pre-knowledge points of the case

1. Brief introduction of H3C Company

The predecessor of H3C is Huawei 3COM, a joint venture between Huawei and 3COM of the United States. In November 2006, Huawei sold its 49 per cent stake in Huawei's 3COM to 3COM for $880 million. In April 2007, the company officially changed its name to "Hangzhou Huasan Communication Technology Co., Ltd.", referred to as "H3C".

At present, the data communication market is mainly divided into telecom operators and enterprise network market. Huawei has been focused on the operator market, while H3C mainly focuses on the enterprise network market. CISCO's business spans the operator and enterprise network markets, and maintains a leading position in these two markets. Huawei is the main competitor to cisco in the operator market, while H3C is the main competitor to cisco in the enterprise network market. Cisco has advantages in energy, finance, international enterprises, power and other industries, while H3C has advantages in government, tobacco, transportation, small and medium-sized enterprises and related government procurement. In the field of routers and switches in China, H3C has ranked first in market share.

2. H3C product system

After years of development, H3C network product line has the most comprehensive network products in the industry, including a full range of routers, switches, WLAN, ICG information and communication gateways and business software products. At the same time, H3C always explores the needs of customers and provides users with a series of solutions such as data center solutions of new generation unified switching architecture, ipv6 solutions, virtual campus network solutions, campus wired and wireless integration solutions, unified intelligent management solutions, EAD solutions, 3G routing access solutions, optoelectronic bi-directional transformation solutions, operable and manageable unlimited broadband solutions, etc. At present, the application of products and solutions has covered nearly 100 countries and regions around the world, and has undertaken major projects such as the National Grand Theater, the Hong Kong Metro, the National Library, the Palace Museum, the Qinghai-Tibet Railway and so on.

Relying on the deep accumulation in the field of ip technology, H3C's product system mainly includes: ip network products, ip wireless products, ip security products, ip storage products, ip multimedia products, ip management products and training products. The following is a brief description of the routing and switching products that are included in ip network products.

1) routing series products.

H3C's router product line has many similarities with cisco routers, and its main product lines are also developed for users of different network sizes, such as ER (enterprise router) for small businesses, MSR (multiple services router) for medium-sized enterprises, and SR (service router) for large enterprises and operators. The corresponding application environment and main functions are as follows:

ER series routers: mainly used for small and medium-sized enterprises broadband access low-end router series, mainly located with Ethernet, optical fiber and adsl wan access to the SMB market and the government, enterprise institutions, Internet cafes and other network environment, such as Internet cafes, enterprises, schools and hotels that need high-speed internet broadband.

MSR series routers: it is a series of mid-range routers mainly used in large and medium-sized enterprises and branch offices of group companies. This series of routers integrates data, voice, security, switching and user open services, and is a truly integrated multi-service router product. This is the most widely used family of routers in the enterprise, equivalent to Cisco's ISR series routers.

SR series routers: it is a series of 10 Gigabit high-end routers mainly used in large enterprises or some industry users, such as telecommunications, power, finance, education, government agencies and so on. Among them, it is divided into two parts according to the target users, SR6600 series routers are launched for large enterprises, and users with small network size and low application needs, such as finance, education, government agencies, etc., while SR8800 series routers are launched for operators'IP backbone network, metropolitan area network and the core and convergence location of various large IP networks.

2) switching series products

H3C Ethernet switch product line is often complete, from campus to data center, from 100000 to 100 megabytes, from high-end to low-end, and from core layer to access layer, which can flexibly meet the needs of users at different levels. Among them, the core layer is basically routed switches with strong routing functions, such as S10500, S9500E, S7500E, S7500, etc.; in the aggregation layer, there are mainly all-gigabit intelligent switches, and the representative series mainly include S5500-EI/SI, S5510, S5120-EI/SI, S5600 and so on. In the access layer, the uplink basically supports Gigabit Ethernet technology, and the downlink is basically 100 megabytes. The main representative series and models are S3100-EI/SI, S3600-EI/SI, S3610, E328, E126 and so on. SMB switch refers to the series of switches used in small and medium-sized enterprises. The representative series and models are S1000Compact 1200, S1500Compact E, S1650, S2100, S5000P, S5000E and so on.

In addition to providing a full range of campus Ethernet switch products for the vast number of campus and enterprise users, H3C also provides switch products specially developed for data centers for large and medium-sized enterprises or Internet enterprises. Because the scale of the data center is generally small, it is mainly used for Internet or database management, and it is not easy for ordinary switches to be competent. Some larger data center network aggregation layer can also choose the switch of the core layer, after all, this kind of network has very high requirements for equipment data processing performance and other aspects.

III. Comparison between H3C and cisco commands

1. Differences in commands between H3C and cisco routers

2. Command differences between H3C and cisco switches

3. H3C basic configuration

4. Comprehensive experiment:

1. Lab topology:

The experiment shows that:

The campus network in the case is divided into two network segments: one is the student campus network segment (192.168.2.0), which mainly accesses the internet server provided by telecom; the other is the campus office and teaching network segment (192.168.3.0), which mainly accesses the education network. The campus network exit router connects the internet20m optical fiber provided by telecom and the 20m optical fiber of the education network.

Experimental objectives:

1) configure the ip address and vlan according to the topology requirements, and add the port to the required vlan.

2) configure routes, all below R1 are default or static routes, and all above R1 join the ospf area0 area.

3) check the routing table of R1 and test that R1 can ping all devices and pc at this time, but pc3 cannot connect with the internal pc.

4) configure easy_ip on R1's g0 pc2 0 and g0 pc2 1 respectively, and the test server\ pc2\ can both be ping pc3 and virtual interface.

5) View the nat translation relationship on R1 to see which interface the traffic is coming from.

6) configure policy routing. All vlan3 traffic is required to be forwarded from g0Uniq1, and other traffic is forwarded according to the routing policy.

7) verify that the policy routing is effective by ping pc3 and virtual interface from pc1 and pc2, respectively.

8) enable nat_server on the telnet,R1 configured on the server, and log in to the server when you access the 200.200.200.3 telnet.

9) verify that the configuration is successful, and change the server host name to class name-my name-server.

3. Experimental steps

1) configure ip addresses for all devices

Pc1:

Pc2:

Server:

Pc3:

R1:

R2:

R3:

SW1:

2) configure g0ram2 of R1 as the bridging mode

3) configure R1 static routes and ospf

4) configure the default route for sw1

5) configure ospf of R2

6) configure ospf for R3

7) View the routing table of R1

8) add the port of SW1 to vlan

9) ping other devices on R1

However, it is not possible to ping 202.1.1.2 PC3 using PC1:

10) configure easy_ip on g0easy_ip 0 and g0Uniqq1 on R1, respectively, and test the pc1\ pc2 server with both ping pc3 and virtual interfaces.

Easy_ip is equivalent to cisco's PAT:

Test ping pc3 on pc1:

202.202.0.1 (loopback address) of pingR2 on pc1:

11) View the nat translation relationship on R1 to see which interface the traffic is coming from.

Note: before viewing, pc1 ping the lo of pc3 and R2, respectively.

Use pc2ping pc3 and view on R1:

Use pc2ping pc3 and view on R1:

12) configure policy routing. All the traffic of vlan3 is required to be forwarded from g0 destination 1, and other traffic is forwarded according to the routing policy, and then ping pc3 and virtual interfaces from PC1 and PC2 respectively to verify that policy routing is effective.

View the effect of policy routing:

As can be seen in the above figure, pc2 accesses pc3 or R2's lo goes 200.200.200.2 (that is, R1's g0and1 interface, that is, the education network).

Use pc1ping202.202.0.1 and 202.1.1.2 again, and then look at:

13) shut down the g0ram 1 interface on R1.

Use pc2ping202.1.1.2 and 202.202.0.1:

You can still communicate with ping.

View the policy routing information on R1 again:

The figure above shows that all pc2 traffic is going through the g0ap0 interface.

Activate the g0can1 interface and continue with the following experiment:

14) enable nat_server on telnet,R1 (equivalent to static NAT of cisco) on the server to log in to the server when accessing telnet of 200.200.200.3

15) configure nat server

Then telnet 200.200.200.3 on pc3 and log in to the server:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.