中小型公司局域网路由备份访问外网路由配置(华为)
实验名称:内网访问外网1.
配置思路:
1.先给PC机配置IP地址及子网掩码;
PC1:192.168.10.1/24
PC2:192.168.20.1/24
PC3:192.168.10.2/24
PC4:192.168.20.2/24
2.给交换机SW3-SW4-SW5-SW6 创建vlan并把对应的端口加入vlan;
<Huawei>system-view
vlan batch 10 20
interface Ethernet0/0/1
port link-type access
port default vlan 10
quit
interface Ethernet0/0/11
port link-type trunk
port trunk allow-pass vlan all
int gi0/0/13
port link-type access
undo port link-type
port link-type trunk
port trunk allow-pass vlan all
quit
q
< SW3>save
The current configuration will be written to the device.
Are you sure to continue?y
Info: Please input the file name ( .cfg, .zip ) :
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW4
<Huawei>system-view
sysname SW4
vlan batch 10 20
interface Ethernet0/0/1
port link-type access
port default vlan 20
int e0/0/11
port link-type trunk
port trunk allow-pass vlan all
int e0/0/14
port link-type trunk
port trunk allow-pass vlan all
quit
q
<SW4>save
The current configuration will be written to the device.
Are you sure to continue?y
Info: Please input the file name ( .cfg, .zip ) :
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW5
<Huawei>system-view
sysname SW5
vlan batch 10 20
interface Ethernet0/0/1
port link-type access
port default vlan 10
int e0/0/11
port link-type trunk
port trunk allow-pass vlan all
int e0/0/13
port link-type trunk
port trunk allow-pass vlan all
quit
q
<SW5>save
The current configuration will be written to the device.
Are you sure to continue?y
Info: Please input the file name ( .cfg, .zip ) :
Now saving the current configuration to the slot 0.
Save the configuration successfully.
SW6
<Huawei>system-view
sysname SW6
vlan batch 10 20
interface Ethernet0/0/1
port link-type access
port default vlan 20
int e0/0/11
port link-type trunk
port trunk allow-pass vlan all
int e0/0/14
port link-type trunk
port trunk allow-pass vlan all
quit
q
<SW6>save
The current configuration will be written to the device.
Are you sure to continue?y
Info: Please input the file name ( .cfg, .zip ) :
Now saving the current configuration to the slot 0.
Save the configuration successfully.
3.给路由器配置VRRP虚拟网关及备份网关. 链路的负载均衡 (例如AR1挂掉以后可以通过AR2与外部相连不影响正常工作)
<R1>system-view
interface GigabitEthernet 0/0/0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 250
vrrp vrid 10 track interface GigabitEthernet 0/0/2 reduced 200
quit
interface GigabitEthernet 0/0/1
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 50
vrrp vrid 20 track interface GigabitEthernet 0/0/2 increased 100
quit
R2
<Huawei>system-view
interface GigabitEthernet 0/0/0
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 100
vrrp vrid 20 track interface GigabitEthernet 0/0/2 increased 50
quit
interface GigabitEthernet 0/0/1
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 100
vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 50
quit
<Huawei>system-view
interface GigabitEthernet 0/0/1
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 250
vrrp vrid 20 track interface GigabitEthernet 0/0/2 reduced 200
interface GigabitEthernet 0/0/0
vrrp vrid 10 virtual-ip 192.168.10.254
vrrp vrid 10 priority 80
vrrp vrid 10 track interface GigabitEthernet 0/0/2 increased 20
quit
说明: vlan 10的主网关在AR1上,vlan10的副网关同时在AR2和AR3上,vlan20的主网关在AR3上,同时AR1和AR2都具备vlan20的副网关,AR2同时具备vkan10和vlan20的副网关 ;
列如:
AR1挂掉了,那么PC1和PC2在AR2和AR3上都可以通过;
4.给连接外网交换机的路由器端口配置IP地址让内网可以访问外网;
AR1:
<Huawei>system-view
itnerfaceethernet 0/0/2
ip address 192.168.30.1 255.255.255.0
quit
ospf 1
area 0
network192.168.30.1 0.0.0.0
network192.168.10.0 0.0.0.255
network192.168.20.0 0.0.0.255
SW7:
<Huawei>system-view
vlan batch 30 40
interface ethernet 0/0/1
port link-type access
port default vlan 30
q
interface Vlanif 30
ip address 192.168.30.2 255.255.255.0
q
inteface ethernet 0/0/4
port link-type access
port defaultvlan 40
q
interface Vlanif 40
ip address 192.168.40.1255.255.255.0
ospf 1
area 0
network192.168.30.2 0.0.0.0
network192.168.40.1 0.0.0.0
R4:
<Huawei>system-view
itnerface gi 0/0/1
ip address 192.168.40.2 255.255.255.0
q
interface GigabitEthernet 0/0/0
ip address 192.168.50.254 255.255.255.0
ospf1
area 0
network192.168.40.2 0.0.0.0
network 192.168.50.254 0.0.0.0
server1:
IP:192.168.50.1 255.255.255.0 网关:192.168.50.254
测试:
AR2 和 AR3 同理 ;就不做过多操作了。
页:
[1]