测试目的
- 测试不同网段通过三层交换机实现互联
- 三层交换机直连路由器连接外网,以实现主机和外网连接
应用场景
- 模拟实现可用于不同楼层不同部门/科室等不同网段实现互联。
- 模拟实现可用于不同部门/科室分类别连接外网。
测试环境
- eNSP 1.3.00.100 V100R003C000SPC100
- window 10
测试拓扑
- 区域楼层1,楼层2分别有192.168.10.0/24,192.168.20.0/24段网络。
- 每个楼层一个二层交换机,增加主机接入口。
- 增加一个三层核心交换机实现所有交换机互联。
- 增加一个路由器连接外网与核心交换机互联,可根据路由配置实现不同网端支持连接外网。
- 所有主机均通过手动配置IP地址。动态配置IP参考《eNSP不通网段主机互联-DHCP》
- 所有主机均通过交换机互联,同一网段默认情况均可直接互联。
拓扑配置
实现不同网段PC互联
PC1配置
PC2配置
PC3配置
PC4配置
交换机配置
二层交换机LSW2配置
- 修改交换机名称。
- 增加VLAN
10,20。 - 配置
Ethernet 0/0/1,支持访问VLAN 10。 - 配置
Ethernet 0/0/2,支持访问VLAN 20。 - 配置
Ethernet 0/0/3为trunk捆绑口,同时支持VLAN 10,VLAN 20数据传输。
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname LSW2
[LSW2]
[LSW2]vlan batch 10 20
[LSW2]interface Ethernet 0/0/1
[LSW2-Ethernet0/0/1]port link-type access
[LSW2-Ethernet0/0/1]port default vlan 10
[LSW2-Ethernet0/0/1]quit
[LSW2]
[LSW2]interface Ethernet 0/0/2
[LSW2-Ethernet0/0/2]port link-type access
[LSW2-Ethernet0/0/2]port default vlan 20
[LSW2-Ethernet0/0/2]quit
[LSW2]
[LSW2]interface Ethernet 0/0/3
[LSW2-Ethernet0/0/3]port link-type trunk
[LSW2-Ethernet0/0/3]port trunk allow-pass vlan 10 20
[LSW2-Ethernet0/0/3]quit
[LSW2]
[LSW2]quit
<LSW2>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Dec 23 2021 11:09:16-08:00 LSW2 %%01CFM/4/SAVE(l)[0]:The user chose Y when decid
ing whether to save the configuration to the device.
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<LSW2>
二层交换机LSW3配置
- 修改交换机名称。
- 增加VLAN
10,20。 - 配置
Ethernet 0/0/1,支持访问VLAN 10。 - 配置
Ethernet 0/0/2,支持访问VLAN 20。 - 配置
Ethernet 0/0/3为trunk捆绑口,同时支持VLAN 10,VLAN 20数据传输。
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname LSW3
[LSW3]
[LSW3]vlan batch 10 20
[LSW3]interface Ethernet 0/0/1
[LSW3-Ethernet0/0/1]port link-type access
[LSW3-Ethernet0/0/1]port default vlan 10
[LSW3-Ethernet0/0/1]quit
[LSW3]
[LSW3]interface Ethernet 0/0/2
[LSW3-Ethernet0/0/2]port link-type access
[LSW3-Ethernet0/0/2]port default vlan 20
[LSW3-Ethernet0/0/2]quit
[LSW3]
[LSW3]interface Ethernet 0/0/3
[LSW3-Ethernet0/0/3]port link-type trunk
[LSW3-Ethernet0/0/3]port trunk allow-pass vlan 10 20
[LSW3-Ethernet0/0/3]quit
[LSW3]
[LSW3]quit
<LWS3>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Dec 23 2021 11:14:54-08:00 LWS3 %%01CFM/4/SAVE(l)[0]:The user chose Y when decid
ing whether to save the configuration to the device.
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<LWS3>
三层交换机LSW1配置
- 修改交换机名称。
- 增加VLAN
10,20。 VLAN 10IP地址192.168.10.254,192.168.10.0/24网段网关地址。VLAN 20IP地址192.168.20.254,192.168.20.0/24网段网关地址。- 配置
GE 0/0/1为trunk捆绑口,同时支持VLAN 10,VLAN 20数据传输。 - 配置
GE 0/0/2为trunk捆绑口,同时支持VLAN 10,VLAN 20数据传输。
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname LSW1
[LSW1]
[LSW1]vlan batch 10 20
[LSW1]
[LSW1]interface Vlanif 10
[LSW1-Vlanif10]ip address 192.168.10.254 24
[LSW1-Vlanif10]quit
[LSW1]
[LSW1]interface Vlanif 20
[LSW1-Vlanif20]ip address 192.168.20.254 24
[LSW1-Vlanif20]quit
[LSW1]
[LSW1]interface GigabitEthernet 0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type trunk
[LSW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20
[LSW1-GigabitEthernet0/0/1]quit
[LSW1]
[LSW1]interface GigabitEthernet 0/0/2
[LSW1-GigabitEthernet0/0/2]port link-type trunk
[LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 20
[LSW1-GigabitEthernet0/0/1]quit
[LSW1]quit
<LSW1>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Info: Please input the file name ( *.cfg, *.zip ) [vrpcfg.zip]:
Dec 23 2021 11:30:19-08:00 LSW1 %%01CFM/4/SAVE(l)[4]:The user chose Y when decid
ing whether to save the configuration to the device.
Now saving the current configuration to the slot 0.
Save the configuration successfully.
<LSW1>
PC机互联测试
在PC1(192.168.10.1)分别PING测试192.168.10.2,192.168.20.1,192.168.20.2,至此不同网段通过VLAN实现互联已实现。
PC>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fe49:126c
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.1
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.254
Physical address..................: 54-89-98-49-12-6C
DNS server........................:
PC>ping 192.168.10.2
Ping 192.168.10.2: 32 data bytes, Press Ctrl_C to break
From 192.168.10.2: bytes=32 seq=1 ttl=128 time=78 ms
From 192.168.10.2: bytes=32 seq=2 ttl=128 time=94 ms
From 192.168.10.2: bytes=32 seq=3 ttl=128 time=63 ms
From 192.168.10.2: bytes=32 seq=4 ttl=128 time=78 ms
From 192.168.10.2: bytes=32 seq=5 ttl=128 time=62 ms
--- 192.168.10.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 62/75/94 ms
PC>ping 192.168.20.1
Ping 192.168.20.1: 32 data bytes, Press Ctrl_C to break
From 192.168.20.1: bytes=32 seq=1 ttl=127 time=93 ms
From 192.168.20.1: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.20.1: bytes=32 seq=3 ttl=127 time=63 ms
From 192.168.20.1: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.20.1: bytes=32 seq=5 ttl=127 time=94 ms
--- 192.168.20.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 63/81/94 ms
PC>ping 192.168.20.2
Ping 192.168.20.2: 32 data bytes, Press Ctrl_C to break
From 192.168.20.2: bytes=32 seq=1 ttl=127 time=79 ms
From 192.168.20.2: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.20.2: bytes=32 seq=3 ttl=127 time=78 ms
From 192.168.20.2: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.20.2: bytes=32 seq=5 ttl=127 time=78 ms
--- 192.168.20.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 78/78/79 ms
PC>
局域网通过路由器连接外网
PC配置
- 增加DNS域名配置
8.8.8.8,后续测试可以直接ping测试域名。
三层交换机LSW1配置
- 增加一个
VLAN 100, - 配置
VLAN 100口地址192.168.100.1/24 - 配置GE 0/0/3,访问
VLAN 100 - 配置默认路由,下一条为路由器对接接口地址
192.168.100.2
[LSW1]vlan batch 100
[LSW1]
[LSW1]interface Vlanif 100
[LSW1-Vlanif100]ip address 192.168.100.1 24
[LSW1-Vlanif100]quit
[LSW1]
[LSW1]interface GigabitEthernet 0/0/3
[LSW1-GigabitEthernet0/0/3]port link-type access
[LSW1-GigabitEthernet0/0/3]port default vlan 100
[LSW1-GigabitEthernet0/0/3]quit
[LSW1]
[LSW1]ip route-static 0.0.0.0 0.0.0.0 192.168.100.2
<LSW1>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0.
Dec 23 2021 13:23:53-08:00 LSW1 %%01CFM/4/SAVE(l)[7]:The user chose Y when decid
ing whether to save the configuration to the device.
Save the configuration successfully.
<LSW1>
路由器AR1配置
- 修改路由器名称。
- 配置
GE 0/0/1地址192.168.100.2/24,实现与三层交换机互联 - 配置静态路由实现网段
192.168.0.0/16,通过下一条为交换机对接接口地址192.168.100.1 - 配置访问规则允许
192.168.0.0/16,通过路由器访问外网 - 配置
GE 0/0/0与云图对接。 - 配置
GE 0/0/0支持NAT转换本地地址段192.168.0.0/16接入外网。 - 配置DNS解析。
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1
[AR1]
[AR1]interface GigabitEthernet 0/0/1
[AR1-GigabitEthernet0/0/1]ip address 192.168.100.2 255.255.255.0
[AR1-GigabitEthernet0/0/1]quit
[AR1]
[AR1]ip route-static 192.168.0.0 255.255.0.0 192.168.100.1
[AR1]
[AR1]acl number 2000
[AR1-acl-basic-2000]rule 5 permit source 192.168.0.0 0.0.255.255
[AR1-acl-basic-2000]quit
[AR1]
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0]ip address 192.168.137.2 255.255.255.0
[AR1-GigabitEthernet0/0/0]nat outbound 2000
[AR1-GigabitEthernet0/0/0]quit
[AR1]quit
[AR1]
[AR1]dns resolve
[AR1]dns server 8.8.8.8
[AR1]
<AR1>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
<AR1>
路由器连接云图连接外网
参考另一篇博文《eNSP路由器连接外网》
PC机测试连接外网
PC>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fe49:126c
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.1
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.254
Physical address..................: 54-89-98-49-12-6C
DNS server........................: 8.8.8.8
PC>ping 192.168.100.2
Ping 192.168.100.2: 32 data bytes, Press Ctrl_C to break
From 192.168.100.2: bytes=32 seq=1 ttl=254 time=62 ms
From 192.168.100.2: bytes=32 seq=2 ttl=254 time=47 ms
From 192.168.100.2: bytes=32 seq=3 ttl=254 time=62 ms
From 192.168.100.2: bytes=32 seq=4 ttl=254 time=79 ms
From 192.168.100.2: bytes=32 seq=5 ttl=254 time=62 ms
--- 192.168.100.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/62/79 ms
PC>ping 8.8.8.8
Ping 8.8.8.8: 32 data bytes, Press Ctrl_C to break
From 8.8.8.8: bytes=32 seq=1 ttl=109 time=125 ms
From 8.8.8.8: bytes=32 seq=2 ttl=109 time=110 ms
From 8.8.8.8: bytes=32 seq=3 ttl=109 time=109 ms
From 8.8.8.8: bytes=32 seq=4 ttl=109 time=109 ms
From 8.8.8.8: bytes=32 seq=5 ttl=109 time=125 ms
--- 8.8.8.8 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 109/115/125 ms
PC>ping www.baidu
www.baidu -> www.a.shifen
Ping www.a.shifen [180.101.49.11]: 32 data bytes, Press Ctrl_C to break
From 180.101.49.11: bytes=32 seq=1 ttl=48 time=63 ms
From 180.101.49.11: bytes=32 seq=2 ttl=48 time=78 ms
From 180.101.49.11: bytes=32 seq=3 ttl=48 time=47 ms
From 180.101.49.11: bytes=32 seq=4 ttl=48 time=63 ms
From 180.101.49.11: bytes=32 seq=5 ttl=48 time=62 ms
--- 180.101.49.11 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 47/62/78 ms
PC>
更多推荐
eNSP不同网段主机互联-static
发布评论