【项目案例】中小型企业网络DHCP搭建综合实验
实验目的
- 掌握子网划分
- 掌握用三层交换机配置DHCP全局模式服务
- 掌握MSTP基础配置
- 掌握用单臂路由配置DHCP中继服务
- 掌握vlan的基本使用
- 掌握路由汇总
- 掌握静态路由
实验内容
本实验模拟公司网络场景,母公司A下面有分公司1和分公司2。路由器R3,R4和R6是这几个公司的出口网关,分公司的电脑主机由母公司A的DHCP主服务器通过DHCP中继服务分配IP地址。另外,为了增强网络的稳定性。各公司都使用了MSTP配置。并且公司内部通过划分不同VLAN来隔离不同部门间的通信,同时也能实现跨VLAN的通信。
1. 实验拓扑图
2. 网段划分
分公司1
- 销售部1:192.168.1.0——191.168.1.127 /25
- 生产部1:192.168.1.128——192.168.1.191/26
- 人事部1:192.168.1.192——192.168.1.223 /27
- 财务部1:192.168.1.224——192.168.1.255/27
母公司A
- IT部:192.168.2.0——192.168.2.63 /26
- 研发部:192.168.2.64——192.168.2.95 /27
- 培训部:192.168.2.96——192.168.2.103 /29
- 后勤部:192.168.2.104——192.168.2.111 /29
分公司2
- 销售部2:192.168.3.224——192.168.3.255 /27
- 生产部2:192.168.3.192——192.168.3.223 /27
- 人事部2:192.168.3.128——192.168.3.191 /26
- 财务部2:192.168.3.0——192.168.3.127 /25
3. 实验编址
4. 实验步骤
在分公司1的LSW1、LSW2和LSW3上创建VLAN并配置MSTP
交换机SW1
vlan batch 10 20 30 40
int e0/0/1
port link-type access
port default vlan 10
int e0/0/2
port link-type access
port default vlan 20
int e0/0/3
port link-type trunk
port trunk allow-pass vlan all
int e0/0/4
port link-type trunk
port trunk allow-pass vlan all
q
stp enable
stp mode mstp
stp region-configuration
region-name ZQL
revision-level 1
display stp region-configuration
instance 1 vlan 10
instance 2 vlan 20
instance 3 vlan 30
instance 4 vlan 40
active region-configuration
q
stp instance 1 priority 4096
stp instance 2 priority 4096
stp instance 3 priority 8192
stp instance 4 priority 8192
交换机SW1
vlan batch 10 20 30 40
int e0/0/1
port link-type access
port default vlan 30
int e0/0/2
port link-type access
port default vlan 40
int e0/0/3
port link-type trunk
port trunk allow-pass vlan all
int e0/0/3
port link-type trunk
port trunk allow-pass vlan all
q
stp enable
stp mode mstp
stp region-configuration
region-name ZQL
revision-level 1
display stp region-configuration
instance 1 vlan 10
instance 2 vlan 20
instance 3 vlan 30
instance 4 vlan 40
active region-configuration
q
stp instance 1 priority 8192
stp instance 2 priority 8192
stp instance 3 priority 4096
stp instance 4 priority 409
交换机SW3
vlan batch 10 20 30 40
int e0/0/1
port link-type trunk
port trunk allow-pass vlan all
int e0/0/2
port link-type trunk
port trunk allow-pass vlan all
int e0/0/3
port link-type trunk
port trunk allow-pass vlan all
q
stp enable
stp mode mstp
stp region-configuration
region-name ZQL
revision-level 1
display stp region-configuration
instance 1 vlan 10
instance 2 vlan 20
instance 3 vlan 30
instance 4 vlan 40
active region-configuration
- 对母公司A的S4,S5,S6和分公司2的S7,S8,S9做相似配置
- 对其他路由器R3,R4,R6的接口设置IP地址
- 在三层交换机S3上设置DHCP全局配置,并设置静态路由
交换机
SW10 DHCP主服务器
dhcp enable
vlan batch 10 20 30 40 50 60 70 80 100
int g0/0/2
port link-type access
port default vlan 100
interface vlanif 100
ip address 192.168.6.2 24
q
int g0/0/1
port link-type trunk
port trunk allow-pass vlan all
q
dhcp enable
ip pool v10
network 192.168.1.0 mask 25
gateway-list 192.168.1.1
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool v20
network 192.168.1.128 mask 26
gateway-list 192.168.1.129
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool v30
network 192.168.1.192 mask 27
gateway-list 192.168.1.193
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool vlan40
network 192.168.1.224 mask 27
gateway-list 192.168.1.225
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool vlan50
network 192.168.2.0 mask 26
gateway-list 192.168.2.1
dns-list 8.8.8.8
lease day 3
interface vlanif 50
ip address 192.168.2.1 26
dhcp select global
q
ip pool vlan60
network 192.168.2.64 mask 27
gateway-list 192.168.2.65
dns-list 8.8.8.8
lease day 3
interface vlanif 60
ip address 192.168.2.65 27
dhcp select global
q
ip pool vlan70
network 192.168.2.96 mask 29
gateway-list 192.168.2.97
dns-list 8.8.8.8
lease day 3
interface vlanif 70
ip address 192.168.2.97 29
dhcp select global
q
ip pool vlan80
network 192.168.2.104 mask 29
gateway-list 192.168.2.105
dns-list 8.8.8.8
lease day 3
interface vlanif 80
ip address 192.168.2.105 29
dhcp select global
q
ip pool vlan90
network 192.168.3.224 mask 27
gateway-list 192.168.3.225
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool vlan100
network 192.168.3.192 mask 27
gateway-list 192.168.3.193
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool vlan110
network 192.168.3.128 mask 26
gateway-list 192.168.3.129
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
ip pool vlan120
network 192.168.3.0 mask 26
gateway-list 192.168.3.1
dns-list 8.8.8.8
lease day 3
interface vlanif 100
dhcp select global
q
Ip route-static 192.168.4.0 24 192.168.6.1
ip route-static 192.168.8.0 24 192.168.6.1
ip route-static 192.168.1.0 24 192.168.6.1
ip route-static 192.168.5.0 24 192.168.6.1
ip route-static 192.168.7.0 24 192.168.6.1
ip route-static 192.168.3.0 24 192.168.6.1
在分公司1的路由器R1上设置单臂路由DHCP中继服务,并配置默认路由
R1 DHCP中继
int g0/0/1
ip address 192.168.8.1 24
dhcp enable
int g2/0/1.1
ip address 192.168.1.1 25
dot1q termination vid 10
arp broadcast enable
dhcp select relay
dhcp relay server-ip 192.168.6.2
int g2/0/1.2
ip address 192.168.1.129 26
dot1q termination vid 20
arp broadcast enable
dhcp select relay
dhcp relay server-ip 192.168.6.2
int g2/0/1.3
ip address 192.168.1.193 27
dot1q termination vid 30
arp broadcast enable
dhcp select relay
dhcp relay server-ip 192.168.6.2
int g2/0/1.4
ip address 192.168.1.225 27
dot1q termination vid 40
arp broadcast enable
dhcp select relay
dhcp relay server-ip 192.168.6.2
q
ip route-static 0.0.0.0 0 192.168.8.2
在所有PC机上的基础设置改为DHCP模式,用 ipconfig命令查看IP地址,如下图:
如图,该PC机已经分到了动态IP地址
5. 思考/疑惑
由于的第一次做这种综合模拟实验,做的过程中改了好多次才做完,不过细想这些排错过程还是有价值的。下面是一些容易出错的地方。
各端口的IP配置,vlan和trunk配置容易出错或忘了配:
- STP 的优先级容易写反或写错,同一局域网mstp域应该一致
- 注意子网划分的网段和相应的主机数量,以及各网段的掩码
- 静态路由容易写漏
版权声明:本文为CSDN博主「weixin_45295332」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文链接(https://blog.csdn.net/weixin_45295332/article/details/100635065)及本声明。
---END---