In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/03 Report--
Practice environment deployment topology diagram and requirements
Note: SW equipment and SW-3 equipment need to add capacity and service boards in advance. Step 1: Configure SW switch conf t //enter global mode, set vlan 10 and 20 vlan 10, 20 exdo show vlan-sw b //View vlan information VLAN Name Status 10 VLAN0010 active 20 VLAN0020 active int range fa1/1 -2 //Enter ports fa 1/1 and 1/2, assign ports to vlan 10 sw mo accsw acc vlan 10 exdo show vlan-sw b //View vlan information VLAN Name Status Ports10 VLAN0010 active Fa1/1, Fa1/220 VLAN0020 active int f1/3 //Enter port f1/3, assign port to vlan 20 sw mo accsw acc vlan 20 exdo show vlan-sw bVLAN Name Status Ports10 VLAN0010 active Fa1/1, Fa1/220 VLAN0020 active Fa1/3int f1/0 //Enter port f1/0, configure trunk link sw mo tsw t en dot 1 qexno ip routing //Turn off routing Step 2: Configure SW-3 Layer 3 switch conf tno switchport //switch function int f1/1ip add www.example.com 255.255.0no shutexvlan 10, 20exint vlan 10ip add www.example.com 255.255.0no shutexint vlan 20ip add www.example.com 255.255.0no shutexdo show ip int b //View vlan information FastEthernet 1/1 192.168.100.1 YES manual up up Vlan10 192.168.10.1 YES manual up down Vlan20 192.168.20.1 YES manual up downint f1/0 //Enter port f1/0 configure trunk link sw mo tsw t en dot 1 qdo show ip route //View routing table C 192.168.10.0/24 is directly connected, Vlan10C 192.168.20.0/24 is directly connected, Vlan20C 192.168.100.0/24 PC1 : 192.168.100.100 255.255.255.0 gateway 192.168.100.1PC2> ip 192.168.10.10 192.168.10.1 Checking for duplicate address... PC1 : 192.168.10.10 255.255.255.0 gateway 192.168.10.1PC3> ip 192.168.10.20 192.168.10.1Checking for duplicate address... PC1 : 192.168.10.20 255.255.255.0 gateway 192.168.10.1PC4> ip 192.168.20.20 192.168.20.1Checking for duplicate address... PC1: www.example.com www.example.com gateway 192.168.20.12. Test full network interoperability PC2> ping www.example.com 192.168.100.100 icmp_seq = 1 timeout84 bytes from 192.168.100.100 icmp_seq = 2 ttl = 63 time = 18.946 ms84 bytes from 192.168.100.100 icmp_seq = 3 ttl = 63 time = 19.942 ms84 bytes from 192.168.100.100 icmp_seq = 4 ttl = 63 time = 192.168.20.20 0.000 ms84 bytes from 192.168.10.20 icmp_seq=3 ttl=64 time=0.000 ms84 bytes from 192.168.10.20 icmp_seq=4 ttl=64 time=0.000 ms84 bytes from 192.168.10.20 icmp_seq=5 ttl=64 time=0.000 msPC2> ping www.example.com 192.168.20.20 255.255.255.0seq = 5 ttl = 63 time = 11.992 ms Step 4: Configure the named ACL policy Configure it on SW-3 switch, ip access-list standard yun in global mode //Set mode and name, standard is standard ACL, extended is extended ACL permit host www.example.com //Set entries that allow access to host ip deny www.example.com www.example.com //Set the rejected segment entry to permit any //set top to allow all other hosts to access exdo show access-list //View access list Standard IP access list yun 10 permit 192.168.10.10 20 deny 192.168.10.0, wildcard bits 0.0.0.255 30 permit anyint f1/1 //Enter port f1/1 and apply ACL to this exit ip access-group yun outStep 5: Test ACL effect1. Test interoperability between host 2 and host 1 in vlan 10PC2> ping 192.168.100.100192.168.100.100 icmp_seq = 1 www.example.com icmp_seq = 2 timeout 84 bytes from 192.168.100.100 icmp_seq = 3 ttl = 63 time = 15.953 ms 84 bytes from 192.168.100.168.100.100 icmp_seq = 4 ttl = 63 time = 19.232 ms 84 bytes from 192.168.100.100 icmp_seq = 5 ttl = 64 3 hours = timeout192.168.100.100 18.208 ms 84 bytes from 192.168.100.100 icmp_seq = 4 ttl = 63 time = 17.023 ms 84 bytes from 192.168.100.100 icmp_seq = 5 ttl = 63 time = 12.985 ms3. Testing interoperability of other hosts in vlan 10 with host 1 PC 3> ping www.example.com * www.example.com icmp_seq = 1 ttl = 255 time = 8.907 ms (ICMP type:3, code:13, Communication administratively prohibited)*192.168.10.1 icmp_seq=2 ttl=255 time=3.775 ms (ICMP type:3, code:13, Communication administratively prohibited)*192.168.10.1 icmp_seq=3 ttl=255 time=7.979 ms (ICMP type:3, code:13, Communication administratively prohibited)*192.168.10.1 icmp_seq=4 ttl=255 time=5.965 ms (ICMP type:3, code:13, Communication administratively prohibited)*192.168.10.1 icmp_seq=5 ttl=255 time=1.992 ms (ICMP type:3, code:13, Communication administratively prohibited)
Note: Named access control lists allow flexibility in adjusting policies, provided that no + ACL numbers can be used to delete policies in addition to standard access lists and extended access lists. ACL policy can also be appended using ACL number + permit + ip
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.