当前位置:文档之家› 附录04 三层交换与DHCP中继_h3c_v3.6-b03d01

附录04 三层交换与DHCP中继_h3c_v3.6-b03d01

实验4 三层交换与DHCP 中继(H3C )

4.1. 组网概况

4.1.1. 拓扑图 4.1.2. 实验目标

(1)

实现企业分支局域网二层广播域

VLAN

隔离和三层全网全连通。

(2)

实现企业分支局域网的

PC

使用

DHCP

自动获取

IP 地址、

DNS

(3)

掌握二层网络(

VLAN

、Trunk

)、二层交换机网管、

int vlan

的配置及服务器对接。

(4)

分析

PC1 ping Server

RT5

)的三层通信过程和二层通信过程。

(5)

分析PC1 ping SW3

网管地址的三层通信过程和二层通信过程。

4.2.

实验调测

4.2.1.

基本信息配置

请遵守《基本信息及密码标准配置》

本实验严禁设置密码!本实验不允许保存配置!

(1)

实验设备《基本信息及密码标准配置》

Vlan 10 Vlan 11Vlan 10Vlan 11

PC1 PC3PC4

PC1: LabPC(第1台) Win2003虚拟机 IP:192.168.10.100/24 网关: 192.168.10.1 PC2: LabPC(第 WinXP IP: DHCP 网关: DHCP PC3: LabPC(第 Win2003IP: DHCP 网关: DHCP PC4: LabPC(第 WinXP IP:192.168.11.100/24 网关: 192.168.11.1 虚拟机: Win2003虚拟机系统网卡使用VMnet2桥接LabPC 主系统的“跳线网卡”

蓝狐高级网络工程师系列教材——网络工程实验指南(第一卷)

super

system-view

[H3C] sysname R

[R] user-interface console 0

[R-ui-console0] authentication-mode none // 配置Console口登录不认证

[R-ui-console0] user privilege level 3 // 配置Console口登录最高特权

[R-ui-console0] quit

[R] user-interface aux 0

[R-ui-aux0] authentication-mode none // 配置AUX口登录不认证

配置AUX口登录最高特权[R-ui-aux0] user privilege level 3 //

[R-ui-aux0] quit

a ble //

启动Telnet

server

[R] telnet

en

[R] user-interface vty 0 4

[R-ui-vty0-4] authentication-mode none // 配置Telnet登录不认证

[R-ui-vty0-4] user privilege level 3 // 配置Telnet登录最高特权

[R-ui-vty0-4] quit

(2) 清除上组实验遗留配置。

reset saved-configuration

The saved configuration file will be erased. Are you sure? [Y/N]:y

Please wait ...........

Configuration file is cleared

reboot

This command will reboot the device. Current configuration may be lost

in next startup if you continue. Continue? [Y/N]: y

(3) SW1的基本信息配置

(4) SW3的基本信息配置

(5) SW4的基本信息配置

(6) RT5(模拟Server)的基本信息配置

4.2.2. 二层网络调测

(1) SW1的Vlan配置(本步任务:配置SW1的Vlan。)

[SW1] vlan 8 to 20 // 批创建Vlan 8 — 20

Please wait... Done.

[SW1] vlan 12

[SW1-vlan12] port Ethernet1/0/12 to Ethernet1/0/20

// 将接口加入到vlan (access接口)[SW1-vlan12] quit

[SW1] display vlan

(2) SW3的Vlan配置(本步任务:配置SW3的Vlan。)

[SW3] vlan 8 to 20 // 批创建Vlan 8 — 20

Please wait... Done.

[SW3] vlan 10

[SW3-vlan10] port Ethernet1/0/10

[SW3-vlan10] quit

[SW3] vlan 11

[SW3-vlan11] port Ethernet1/0/11

[SW3-vlan11] quit

[SW3] display vlan

(3) SW4的Vlan配置(本步任务:配置SW4的Vlan。)

[SW4] vlan 8 to 20 // 批创建Vlan 8 — 20

Please wait... Done.

[SW4] vlan 10

[SW4-vlan10] port Ethernet1/0/10

[SW4-vlan10] quit

[SW4] vlan 11

实验4 三层交换与DHCP中继

[SW4-vlan11] port Ethernet1/0/11

[SW4-vlan11] quit

[SW4] display vlan

(4) STP配置(本步任务:将核心交换机SW1配置为根网桥。)

[SW1] stp root primary

[SW1] stp enable

[SW3] stp enable

[SW4] stp enable

(5) SW1的二层接口配置(本步任务:配置SW1的二层接口。)

[SW1] interface Ethernet 1/0/1

[SW1-Ethernet1/0/1] port link-type trunk

[SW1-Ethernet1/0/1] port trunk permit vlan all

Please wait........................................... Done.

H3C交换机Trunk接口,默认不允许任何vlan通过。

//

[SW1] interface Ethernet 1/0/2

[SW1-Ethernet1/0/2] port link-type trunk

[SW1-Ethernet1/0/2] port trunk permit vlan all

Please wait........................................... Done. (6) SW3的二层接口配置(本步任务:配置SW3的二层接口。)

[SW3] interface Ethernet 1/0/1

[SW3-Ethernet1/0/1] port link-type trunk

[SW3-Ethernet1/0/1] port trunk permit vlan all

Please wait........................................... Done. (7) SW4的二层接口配置(本步任务:配置SW4的二层接口。)

[SW4] interface Ethernet 1/0/1

[SW4-Ethernet1/0/1] port link-type trunk

[SW4-Ethernet1/0/1] port trunk permit vlan all

Please wait........................................... Done. (8) 查看Trunk信息(Trunk链路调测)。

[SW1] display port trunk

[SW3] display port trunk

[SW4] display port trunk

[SW1] display interface Ethernet1/0/1

[SW2] display interface Ethernet1/0/2

[SW3] display interface Ethernet1/0/1

[SW4] display interface Ethernet1/0/1

[SW1] display vlan all

[SW1] display brief interface

[SW1] display interface Ethernet 1/0/12

[SW1] display mac-address

[SW3] display vlan all

[SW3] display brief interface

[SW3] display interface Ethernet 1/0/10

[SW3] display mac-address

[SW4] display vlan all

[SW4] display brief interface

[SW4] display interface Ethernet 1/0/11

[SW4] display mac-address

蓝狐高级网络工程师系列教材——网络工程实验指南(第一卷)

(9) SW3的网管接口配置(本步任务:配置SW3的网管接口。)

[SW3] interface Vlan-interface 8 // 为SW3配置网管地址

[SW3-Vlan-interface8] ip address 192.168.8.130 25

[SW3-Vlan-interface8] quit

[SW3] ip route-static 0.0.0.0 0.0.0.0 192.168.8.129 //为SW3配置网关

[SW3] display ip interface brief

[SW3] display current-configuration

请思考二层交换机的网管地址的作用。

请思考为二层交换机配置网关的作用。

请思考二层交换机的网关应配置为。

(10) SW4的网管接口配置(本步任务:配置SW4的网管接口。)

[SW4] interface Vlan-interface 8 // 为SW4配置网管地址

[SW4-Vlan-interface8] ip address 192.168.8.131 25

[SW4-Vlan-interface8] quit

[SW4] ip route-static 0.0.0.0 0.0.0.0 192.168.8.129 //为SW4配置网关

[SW4] display ip interface brief

[SW4] display current-configuration

4.2.3. 三层接口配置及链路测试

(1) SW1的三层接口配置及调测(本步任务:配置SW1的SVI(interface vlan)接口。)

[SW1] interface Vlan-interface 8 // vlan 8的路由点

[SW1-Vlan-interface8] ip address 192.168.8.129 25

[SW1-Vlan-interface8] quit

[SW1] interface Vlan-interface 10 // vlan 10的路由点

[SW1-Vlan-interface10] ip address 192.168.10.1 24

[SW1-Vlan-interface10] quit

[SW1] interface Vlan-interface 11 // vlan 11的路由点

[SW1-Vlan-interface11] ip address 192.168.11.1 24

[SW1-Vlan-interface11] quit

[SW1] interface Vlan-interface 12 // vlan 12的路由点

[SW1-Vlan-interface12] ip address 192.168.12.1 24

[SW1-Vlan-interface12] quit

[SW1] display ip interface brief

[SW1] display ip routing-table

[SW1] display arp

[SW1] display mac-address

[SW1] display current-configuration

请思考路由表、ARP表、MAC表有什么区别和联系。

请思考三层交换机interface vlan up的条件。

请思考三层交换机interface vlan down的条件。

(2) RT5(Server)的接口地址及默认网关配置

[RT5] interface Ethernet0/0

[RT5-Ethernet0/0] ip address 192.168.12.200 24

[RT5-Ethernet0/0] undo shutdown

[RT5-Ethernet0/0] quit

[RT5] ip route-static 0.0.0.0 0.0.0.0 192.168.12.1 //为RT5配置网关

[RT5] display ip interface brief

[RT5] display ip routing-table

实验4 三层交换与DHCP中继

4.2.4. 全网连通性测试

(1) 全网连通性测试(任何IP Ping通任何IP)

Ping (通/不通) SW1 PC1 PC4 RT5 SW3 SW4

192.168.10.1

192.168.10.100

192.168.11.1

192.168.11.100

192.168.12.1

192.168.12.200

192.168.8.129

192.168.8.130

192.168.8.131

请思考上表中任意IP之间Ping通的三层通信过程和二层通信过程。

4.2.

5. 上层业务部署及测试

(1) DHCP服务部署(本步任务:在核心交换机SW1上部署DHCP服务器。)

[SW1] dhcp enable// 启动DHCP服务

[SW1] dhcp server ip-pool vlan10// 定义名为Vlan10的DHCP地址池

[SW1-dhcp-pool-vlan10] network 192.168.10.0 24 // 定义该地址池的网段

[SW1-dhcp-pool-vlan10] gateway-list 192.168.10.1 // 定义分给PC的网关

[SW1-dhcp-pool-vlan10] dns-list 202.103.96.68 // 定义分给PC的DNS

[SW1-dhcp-pool-vlan10] display this

[SW1-dhcp-pool-vlan10] quit

[SW1] dhcp server ip-pool vlan11

[SW1-dhcp-pool-vlan11] network 192.168.11.0 24

[SW1-dhcp-pool-vlan11] gateway-list 192.168.11.1

[SW1-dhcp-pool-vlan11] dns-list 202.103.96.68

[SW1-dhcp-pool-vlan11] display this

[SW1-dhcp-pool-vlan11] quit

[SW1] dhcp server forbidden-ip 192.168.10.100 192.168.10.254

// 定义排除地址,不允许DHCP Server分配这段地址[SW1] dhcp server forbidden-ip 192.168.11.100 192.168.11.254

(2) DHCP测试(本步任务:测试PC能否通过DHCP自动获取正确的IP地址)

Ping (通/不通) PC2获取的IP:___________PC3获取的IP:___________

192.168.10.1

192.168.10.100

192.168.11.1

192.168.11.100

192.168.12.1

192.168.12.200

注意:如果不能获得IP地址,请多敲几次ipconfig /release, ipconfig /renew。

请思考PC2自动获取IP时,DHCP的工作过程。

(3) Windows ipconfig命令参考

C:\> ipconfig /release 释放当前获得的IP地址

C:\> ipconfig /renew 重新获取的IP地址

C:\> ipconfig /all 显示当前详细的IP地址信息

蓝狐高级网络工程师系列教材——网络工程实验指南(第一卷)

(4) 删除SW1上的DHCP服务

[SW1] undo dhcp server ip-pool vlan10

[SW1] undo dhcp server ip-pool vlan11

[SW1] undo dhcp server forbidden-ip 192.168.10.100 192.168.10.254

[SW1] undo dhcp server forbidden-ip 192.168.11.100 192.168.11.254

(5) DHCP中继部署

本步任务:在RT5上部署DHCP服务器,并在SW1上启用DHCP中继。

[SW1] dhcp enable

[SW1] dhcp relay server-group 1 ip 192.168.12.200

[SW1] interface Vlan-interface 10

[SW1-Vlan-interface10] dhcp select relay

[SW1-Vlan-interface10] dhcp relay server-select 1

[SW1-Vlan-interface10] display this

[SW1-Vlan-interface10] quit

[SW1] interface Vlan-interface 11

[SW1-Vlan-interface11] dhcp select relay

[SW1-Vlan-interface11] dhcp relay server-select 1

[SW1-Vlan-interface11] display this

[SW1-Vlan-interface11] quit

[RT5] dhcp enable

[RT5] dhcp server ip-pool vlan10

[RT5-dhcp-pool-vlan10] network 192.168.10.0 24

[RT5-dhcp-pool-vlan10] gateway-list 192.168.10.1

[RT5-dhcp-pool-vlan10] dns-list 202.103.96.68

[RT5-dhcp-pool-vlan10] display this

[RT5-dhcp-pool-vlan10] quit

[RT5] dhcp server ip-pool vlan11

[RT5-dhcp-pool-vlan11] network 192.168.11.0 24

[RT5-dhcp-pool-vlan11] gateway-list 192.168.11.1

[RT5-dhcp-pool-vlan11] dns-list 202.103.96.68

[RT5-dhcp-pool-vlan11] display this

[RT5-dhcp-pool-vlan11] quit

[RT5] dhcp server forbidden-ip 192.168.10.1 192.168.10.150

[RT5] dhcp server forbidden-ip 192.168.11.1 192.168.11.150

(6) DHCP中继测试(本步任务:测试PC能否通过DHCP中继自动获取正确的IP地址)

Ping (通/不通) PC2获取的IP:___________PC3获取的IP:___________

192.168.10.1

192.168.10.100

192.168.11.1

192.168.11.100

192.168.12.1

192.168.12.200

注意:如果不能获得IP地址,请多敲几次ipconfig /release, ipconfig /renew。

请思考PC2自动获取IP时,DHCP及DHCP中继的工作过程。

请思考什么组网情况下需要部署DHCP中继,什么组网情况下不需要部署。

相关主题
文本预览
相关文档 最新文档