拓扑说明:
1.R3和R4模拟客户pc,分别属于vlan10和vlan20.vlan10和vlan20在现实中代表公司的不同部门。
2.SW1为三层交换机,SW2为二层交换机。
3.R5模拟internet,R5上有个环回口lo0:5.5.5.5/24
需求:
1.各接口ip如图所示。
2.各个部门直接能相互访问,同时均可以正常访问internet.
3.双网关提供冗余,并在一方出现故障时自动切换。
解决方案:
1.通过SW1的三层功能实现vlan间路由。
2.采用HSRP实现网关的冗余和备份。
3.在网关上做PAT.
4.内网运行RIPv2,外部运行OSPF.实现网络的全联通,并保证内部与外部的相对隔离。
配置摘要如下:
R01#sh run
!
!
interface FastEthernet0/0
ip address 172.16.12.1 255.255.255.0
ip rip advertise 5
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
standby 1 ip 172.16.12.254
standby 1 priority 120
standby 1 preempt
standby 1 track Serial1/0 100
!
!
interface Serial1/0
ip address 10.10.15.1 255.255.255.0
ip nat outside
ip virtual-reassembly
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
network 10.10.15.1 0.0.0.0 area 0
!
router rip
version 2
timers basic 5 15 0 15
network 172.16.0.0
no auto-summary
!
ip nat inside source list 1 interface Serial1/0 overload
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
!
!
end
///////////////////////////////////////////////////////////////////////////////////////////
R02#sh run
!
!
interface FastEthernet0/0
ip address 172.16.12.2 255.255.255.0
ip rip advertise 5
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
standby 1 ip 172.16.12.254
standby 1 preempt
standby 1 track Serial1/0
!
!
interface Serial1/0
ip address 10.10.25.2 255.255.255.0
ip nat outside
ip virtual-reassembly
serial restart-delay 0
no dce-terminal-timing-enable
!
!
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
network 10.10.25.2 0.0.0.0 area 0
!
router rip
version 2
timers basic 5 15 0 15
network 172.16.0.0
no auto-summary
!
!
ip nat inside source list 1 interface Serial1/0 overload
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
!
end
/////////////////////////////////////////////////////////////////////////////////////
R03#sh run
!
no ip routing
!
!
interface FastEthernet0/0
ip address 192.168.13.3 255.255.255.0
no ip route-cache
speed 100
full-duplex
!
!
ip default-gateway 192.168.13.254
!
!
end
//////////////////////////////////////////////////////////////////////////////////////
R04#sh run
!
no ip routing
!
!
!
interface FastEthernet0/0
ip address 192.168.24.4 255.255.255.0
no ip route-cache
speed 100
full-duplex
!
!
ip default-gateway 192.168.24.254
!
end
////////////////////////////////////////////////////////////////////////////////////////
R05#sh run
!
!
interface Loopback0 //模拟internet上的某个网络节点
ip address 5.5.5.5 255.255.255.0
ip ospf network point-to-point
!
!
interface Serial1/0
ip address 10.10.15.5 255.255.255.0
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
ip address 10.10.25.5 255.255.255.0
serial restart-delay 0
no dce-terminal-timing-enable
!
!
[1] [2] 下一页