eNSP HCIP-Datacom 园区综合实验（上）

eNSP HCIP-Datacom 园区综合实验（上）

引用

CSDN

1.

https://m.blog.csdn.net/qq_38292936/article/details/138811856

本文详细介绍了eNSP HCIP-Datacom园区综合实验的配置步骤和具体命令。通过部署生成树协议、VRRP、链路聚合、OSPF、DHCP等网络技术，实现了一个完整的园区网络解决方案。

某公司总部有ABC三部门，规划如图所示：

1. 部署生成树协议放环，部门A为公司重要部门，部门vlan 10内的主机不能互相通信，不能访问外网。
2. 在总部部署高权限的无线网络（直接转发模式），既可访问外网也可访问公司分部。
3. 部署mstp+vrrp协议做网关冗余，ABC的部门有线默认走SW1，部门的无线走SW2，实现负载备份效果，充分利用。
4. vrrp联动bfd，实现对链路的监控。
5. 所有部门的ip地址均由dhcp服务器分配。
6. 汇聚设备部署链路聚合做链路冗余。
7. igp协议总部部署ospf，分部部署isis。
8. 部署mpls vpn实现总部的三个部门的终端和分部通信。
9. 经nat转换正常访问互联网。
10. 分部做vlan聚合vlan10 20 用同一个地址作为网关。
11. 分部vlan 30 40 200使用mux-vlan技术，实现vlan30不互通，vlan40互通，并能够与vlan200通信。
12. 分部实现组播的简单部署，使到分部的部门都能使用组播应用。

配置vlan、链路聚合

SW3~5
其中连接终端的端口配置为边缘端口

#  
vlan batch 10 20 30 100 to 101 111  
#  
interface Ethernet0/0/1  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  
interface Ethernet0/0/2  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  
interface Ethernet0/0/3  
 port link-type access  
 port default vlan 10   
 stp edged-port enable  
#  
interface Ethernet0/0/4  
 port link-type access  
 port default vlan 10  
 stp edged-port enable  
#  
interface Ethernet0/0/5  
 port link-type trunk  
 port trunk pvid vlan 111  
 port trunk allow-pass vlan 2 to 4094  
#  

SW1、SW2

#  
vlan batch 10 20 30 100 to 101 111  
#  
interface GigabitEthernet0/0/1  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  
interface GigabitEthernet0/0/2  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  
interface GigabitEthernet0/0/3  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  
//链路聚合  
[SW1]int Eth-Trunk 1  
[SW1-Eth-Trunk1]mode lacp-static   
[SW1-Eth-Trunk1]trunkport g 0/0/4 to 0/0/5  

SW1

interface GigabitEthernet0/0/7  
 port link-type trunk  
 port trunk allow-pass vlan 2 to 4094  
#  

配置mstp

SW1~5

#  
stp region-configuration  
 region-name region1  
 instance 10 vlan 10 20 30  
 instance 20 vlan 100 to 101  
 active region-configuration  
#  

SW1作为instance10的根桥，instance20的备份根桥

[SW1]stp instance 10 root primary   
[SW1]stp instance 20 root secondary  

SW2作为instance20的根桥，instance10的备份根桥

[Huawei]stp instance 20 root primary   
[Huawei]stp instance 10 root secondary  

配置vrrp

SW1

interface Vlanif10  
 ip address 192.168.1.1 255.255.255.0  
 vrrp vrid 10 virtual-ip 192.168.1.254  
 vrrp vrid 10 priority 120  
#  
interface Vlanif20  
 ip address 192.168.2.1 255.255.255.0  
 vrrp vrid 20 virtual-ip 192.168.2.254  
 vrrp vrid 20 priority 120  
#  
interface Vlanif30  
 ip address 192.168.3.1 255.255.255.0  
 vrrp vrid 30 virtual-ip 192.168.3.254  
 vrrp vrid 30 priority 120  
#  
interface Vlanif100  
 ip address 192.168.100.1 255.255.255.0  
 vrrp vrid 100 virtual-ip 192.168.100.254  
#  
interface Vlanif101  
 ip address 192.168.101.1 255.255.255.0  
 vrrp vrid 101 virtual-ip 192.168.101.254  
#  

SW2

interface Vlanif10  
 ip address 192.168.1.2 255.255.255.0  
 vrrp vrid 10 virtual-ip 192.168.1.254  
#  
interface Vlanif20  
 ip address 192.168.2.2 255.255.255.0  
 vrrp vrid 20 virtual-ip 192.168.2.254  
#  
interface Vlanif30  
 ip address 192.168.3.2 255.255.255.0  
 vrrp vrid 30 virtual-ip 192.168.3.254  
#  
interface Vlanif100  
 ip address 192.168.100.2 255.255.255.0  
 vrrp vrid 100 virtual-ip 192.168.100.254  
 vrrp vrid 100 priority 120  
#  
interface Vlanif101  
 ip address 192.168.101.1 255.255.255.0  
 vrrp vrid 101 virtual-ip 192.168.101.254  
 vrrp vrid 101 priority 120  
#  

配置三层端口

SW1

[SW1]vlan 13  
#  
interface Vlanif13  
 ip address 10.1.13.1 255.255.255.0  
#  
interface GigabitEthernet0/0/6  
 port link-type access  
 port default vlan 13  
#  

SW2

[SW2]vlan 24
在这里插入代码片
#  
interface Vlanif24  
 ip address 10.1.24.2 255.255.255.0  
#  
interface GigabitEthernet0/0/6  
 port link-type access  
 port default vlan 24  
#  

AR3

#  
interface GigabitEthernet0/0/0  
 ip address 10.1.13.3 255.255.255.0   
#  
interface GigabitEthernet0/0/1  
 ip address 10.1.34.3 255.255.255.0   
#  
interface GigabitEthernet4/0/0  
 ip address 10.1.123.3 255.255.255.0   
#  
interface GigabitEthernet0/0/2  
 ip address 10.1.35.3 255.255.255.0   
#  

AR4

#  
interface GigabitEthernet0/0/0  
 ip address 10.1.24.4 255.255.255.0   
#  
interface GigabitEthernet0/0/1  
 ip address 10.1.34.4 255.255.255.0   
#  
interface GigabitEthernet4/0/0  
 ip address 10.1.123.4 255.255.255.0   
#  
interface GigabitEthernet0/0/2  
 ip address 10.1.45.4 255.255.255.0   
#  

DHCP-AR7

#  
interface GigabitEthernet0/0/0  
 ip address 10.1.123.7 255.255.255.0   
#  

OSPF

SW1、SW2、AR3、AR4、DHCP-AR7

#  
ospf 1 router-id 2.2.2.2  
 area 0.0.0.0  
  network 0.0.0.0 255.255.255.255  
#  

DHCP

[DHCP]dhcp en  
#  
ip pool vlan10  
 gateway-list 192.168.1.254   
 network 192.168.1.0 mask 255.255.255.0   
 excluded-ip-address 192.168.1.3 192.168.1.4   
#  
ip pool vlan20  
 gateway-list 192.168.2.254   
 network 192.168.2.0 mask 255.255.255.0   
 excluded-ip-address 192.168.2.3 192.168.2.4   
#  
ip pool vlan30  
 gateway-list 192.168.3.254   
 network 192.168.3.0 mask 255.255.255.0   
 excluded-ip-address 192.168.3.3 192.168.3.4   
#  
ip pool vlan100  
 gateway-list 192.168.100.254   
 network 192.168.100.0 mask 255.255.255.0   
 excluded-ip-address 192.168.100.3 192.168.100.4   
#  
ip pool vlan101  
 gateway-list 192.168.101.254   
 network 192.168.101.0 mask 255.255.255.0   
 excluded-ip-address 192.168.101.3 192.168.101.4   
#  
ip pool vlan111  
 network 192.168.111.0 mask 255.255.255.0   
 excluded-ip-address 192.168.111.254   
#  
[DHCP-GigabitEthernet0/0/0]dh select global  

配置dhcp中继

AR3、AR4

[AR3]dh en  
[AR3-GigabitEthernet0/0/0]dhcp select relay   
[AR3-GigabitEthernet0/0/0]dh relay server-ip 10.1.123.7  

SW1、SW2
（作为backup的设备不响应dhcp请求！）

[SW1]dh en  
[SW1-Vlanif10]dhcp select relay   
[SW1-Vlanif10]dh relay server-ip 10.1.123.7  
[SW1-Vlanif20] dhcp select relay  
[SW1-Vlanif20] dhcp relay server-ip 10.1.123.7  
[SW1-Vlanif30] dhcp select relay  
[SW1-Vlanif30] dhcp relay server-ip 10.1.123.7  
[SW1-Vlanif30]int vlan 100  
[SW1-Vlanif100]dhcp select relay  
[SW1-Vlanif100]dhcp relay server-ip 10.1.123.7  
[SW1-Vlanif100]int vlan 101  
[SW1-Vlanif101]dhcp select relay  
[SW1-Vlanif101]dhcp relay server-ip 10.1.123.7  

BFD

SW1 ↔ AR3

SW1

[SW1]bfd  
[SW1]bfd 1 bind peer-ip 10.1.13.3 source-ip 10.1.13.1 auto   
[SW1-Vlanif10]vrrp vrid 10 track bfd-session session-name 1 reduced 50  

AR3

[AR3]bfd  
[AR3]bfd 1 bind peer-ip 10.1.13.1 source-ip 10.1.13.3 auto   

SW2 ↔ AR4

SW2

[SW2]bfd  
[SW2]bfd 2 bind peer-ip 10.1.24.4 source-ip 10.1.24.2 auto  

AR4

[AR2]bfd  
[AR2]bfd 2 bind peer-ip 10.1.24.2 source-ip 10.1.24.4 auto