华为的路由器模拟器及实验内容
2009-12-21 20:27:53 阅读43 评论0 字号:大中小
(右键迅雷下载)
实验一 基本命令实验
添加一个交换机,一个计算机,双击交换机,进入终端配置:
password: [Quidway]sysname S3026 交换机命名 [S3026]super password 111 修改特权用户密码 [S3026]user-interface vty 0 4 [S3026-ui-vty0-4]authentication-mode password [S3026-ui-vty0-4]set authentication-mode password simple 222 [S3026-ui-vty0-4]user privilege level 3 [S3026-ui-vty0-4]quit [S3026]quit password:111 [S3026]display currect-config [S3026]dis curr [S3026]vlan 2 [S3026-vlan2]port ethernet0/2 [S3026-vlan2]port e0/4 to et0/6 [S3026-vlan2]quit [S3026]dis vlan [S3026]int e0/3 [S3026-Ethernet1]port access vlan 2 [S3026-Ethernet1]quit [S3026]dis vlan [S3026]dis curr [S3026]interface vlan 1 进入接口视图 [S3026-Vlan-interface1]ip address 10.65.1.1 255.255.0.0 [S3026-Vlan-interface1]quit [S3026]ip route-static 0.0.0.0 0.0.0.0 10.65.1.2 [S3026]ip default-gateway 10.65.1.2 [S3026]dis curr [S3026]save 双击小电脑: login:root password:linux [root@PCA root]#ifconfig eth0 10.65.1.1 netmask 255.255.0.0 [root@PCA root]#ping 10.65.1.2 [root@PCA root]#telnet 10.65.1.2 实验二 配置端口聚合 要求聚合的端口工作在全双工,速度一致,在同一槽口且连续, ingress:源MAC, both:源和目的MAC 对于SwitchA: [SwitchA]interface ethernet0/1 [SwitchA-Ethernet0/1]duplex full [SwitchA-Ethernet0/1]speed 100 [SwitchA-Ethernet0/1]int e0/2 [SwitchA-Ethernet0/2]duplex full [SwitchA-Ethernet0/2]speed 100 对于SwitchB: [SwitchB]interface ethernet0/1 [SwitchB-Ethernet0/1]duplex full [SwitchB-Ethernet0/1]speed 100 [SwitchB-Ethernet0/1]int e0/2 [SwitchB-Ethernet0/2]duplex full [SwitchB-Ethernet0/2]speed 100 聚合操作: [SwitchA]link-aggregation ethernet0/1 to ethernet0/2 both [SwitchB]link-aggregation ethernet0/1 to ethernet0/2 both [SwitchA]display link-aggregation ethernet0/1 [SwitchA]undo link-aggregation all 实验三 基本VLAN设置 [SwitchA]vlan 2 [SwitchA-vlan2]port e0/3 to e0/4 [SwitchA]vlan 3 [SwitchA-vlan3]port e0/5 to e0/6 [SwitchB]vlan 2 [SwitchB-vlan2]port e0/3 to e0/4 [SwitchB]vlan 3 [SwitchB-vlan3]port e0/5 to e0/6 设置计算机的IP为: PCA:10.65.1.1 PCB:10.65.1.2 PCC:10.65.1.3 PCD:10.65.1.4 [root@PCA root]#ping 10.65.1.1 通 [root@PCA root]#ping 10.65.1.2 不通 [root@PCA root]#ping 10.65.1.3 不通 [root@PCA root]#ping 10.65.1.4 不通 将PCA改接到SwitchA E0/2, PCC改接到SwitchB E0/2 [root@PCA root]#ping 10.65.1.3 通(这时都在vlan 1) 再改回来: [S3026A]interface ethernet 0/8 [S3026A-Ethernet0/8]port link-type trunk [S3026A-Ethernet0/8]port trunk permit vlan all [S3026B]interface ethernet 0/1 [S3026B-Ethernet0/1]port link-type trunk [S3026B-Ethernet0/1]port trunk permit vlan all [root@PCA root]#ping 10.65.1.3 通 [root@PCA root]#ping 10.65.1.4 不通 [root@PCB root]#ping 10.65.1.4 通 即:PCA和PCC同在vlan 2 是通的。 PCB和PCD同在vlan 3是通的。 PCA和PCB是不通的。同理PCC和PCD也是不通的。 [S3026C]interface ethernet 0/1 [S3026C-Ethernet0/1]port link-type trunk [S3026C-Ethernet0/1]port trunk permit vlan all [S3026C]interface ethernet 0/8 [S3026C-Ethernet0/8]port link-type trunk [S3026C-Ethernet0/8]port trunk permit vlan all [root@PCA root]#ping 10.65.1.3 通 [root@PCA root]#ping 10.65.1.4 不通 实验四 配置primary VLAN和secondary VLAN [SwitchA]vlan 2 [SwitchA-vlan2]port ethernet 0/5 to ethernet 0/6 [SwitchA]vlan 3 [SwitchA-vlan3]port ethernet 0/7 to ethernet 0/8 [SwitchA]vlan 5 [SwitchA-vlan5]port ethernet 0/1 to ethernet 0/4 [SwitchA-vlan5]isolate-user-vlan enable ;vlan5是主vlan [SwitchA-vlan5]quit [SwitchA]isolate-user-vlan 5 secondary 2,3 ;vlan2,3是子vlan [SwitchB]vlan 2 [SwitchB-vlan2]port ethernet 0/5 to ethernet 0/6 [SwitchB]vlan 3 [SwitchB-vlan3]port ethernet 0/7 to ethernet 0/8 [SwitchA]vlan 4 [SwitchB-vlan4]port ethernet 0/1 to ethernet 0/4 [SwitchB-vlan4]isolate-user-vlan enable ;vlan4是主vlan [SwitchB-vlan4]quit [SwitchB]isolate-user-vlan 4 secondary 2,3 ;vlan2,3是子vlan 实验五 其它功能 (一) 设置镜像 [Quidway]monitor-port e0/8 [Quidway]port mirror e0/1 或:[Quidway]port mirror e0/1 to e0/2 observing-port e0/8 (二) 生成树 [Quidway]stp {enable|disable} [Quidway]stp priority 4096 设置交换机的优先级 [Quidway]stp root primary 设置交换机为树根 [Quidway-Ethernet0/1]stp cost 200 设置交换机端口的花费 实验六 路由器BootROM升级 [Quidway]reload Press Ctrl+B to enter Boot Menu … Boot Menu: 1:Download application program 2:Download Bootrom program 3:Modify Bootrom password 4:Exit menu 5:Reboot Enter your choice(1-5):1 Downloading application program from serial ... (rs232) please choose your download speed: 1:9600bps 2:19200bps 3:38400bps 4:Exit and reboot Enter your choice(1-4):2 Download speed is 38400bps. Please change the terminal's speed to 38400bps. And select XMODEM protocol. Press ENTER key when ready. Downloading ...CC (please select [File]->[Send]) Download completed. Write flash auccessfully! 实验七 直联路由 password: [Quidway]interface ethernet0 [Quidway-Ethernet0]ip addr 10.65.1.2 255.255.255.0 [Quidway-Ethernet0]undo shutdown [Quidway-Ethernet0]int e1 [Quidway-Ethernet1]ip addr 10.66.1.2 255.255.255.0 [Quidway-Ethernet1]undo shutdown [root@PCA root]#ifconfig eth0 10.65.1.1 netmask 255.255.0.0 [root@PCB root]#ifconfig eth0 10.66.1.1 netmask 255.255.0.0 [root@PCA root]#ping 10.65.1.2 通 [root@PCA root]#ping 10.66.1.2 不通,没设网关 [root@PCA root]#route add default gw 10.65.1.2 [root@PCA root]#ping 10.66.1.2 通 去掉Host B与Router的连线,再ping: [root@PCA root]#ping 10.66.1.2 不通(没有接线端口会自动down掉) 再连接Host B与Router的连线,再ping: [root@PCA root]#ping 10.66.1.2 通了 实验八 单臂路由 设PCA:10.65.1.1 PCB:10.66.1.1 1.一个接口两个IP的情况 password: [Quidway]interface ethernet0 [Quidway-Ethernet0]ip addr 10.65.1.2 255.255.255.0 [Quidway-Ethernet1]ip addr 10.66.1.2 255.255.255.0 secondary [Quidway-Ethernet1]undo shutdown [root@PCA root]#ping 10.66.1.1 通 2.划分两个子接口,对两个vlan的路由 [SwitchA]vlan 2 [SwitchA-vlan2]port e0/3 [SwitchA]vlan 3 [SwitchA-vlan3]port e0/6 [SwitchA]ine e0/1 [SwitchA-Ethernet0/1]port link-type trunk [SwitchA-Ethernet0/1]port trunk permit vlan all [SwitchA-Ethernet0/1]port trunk encap dot1q [SwitchA]dis curr [Quidway]int e0 [SwitchA-Ethernet0]int e0.1 [SwitchA-Ethernet0.1]encapsulation dot1q 2 [SwitchA-Ethernet0.1]ip addr 10.65.1.2 255.255.255.0 [SwitchA-Ethernet0.1]nudo shut [SwitchA-Ethernet0.1]int e0.2 [SwitchA-Ethernet0.2]encapsulation dot1q 2 [SwitchA-Ethernet0.2]ip addr 10.66.1.2 255.255.255.0 [SwitchA-Ethernet0.2]nudo shut [SwitchA]dis curr [root@PCA root]#ping 10.66.1.1 通 实验九 静态路由实验 PCA:10.65.1.1 PCB:10.66.1.1 PCC:10.68.1.1 PCD:10.69.1.1 [RouterA]interface ethernet0 [RouterA-Ethernet0]ip addrress 10.65.1.2 255.255.0.0 [RouterA-Ethernet0]undo shutdown [RouterA-Ethernet0]int e1 [RouterA-Ethernet1]ip addrress 10.66.1.2 255.255.0.0 [RouterA-Ethernet1]undo shutdown [RouterA-Ethernet1]int s1 [RouterA-Serial1]ip addrress 10.67.1.2 255.255.0.0 [RouterA-Serial1]undo shutdown [RouterA-Serial1]clock rate 64000 [RouterA-Serial1]quit [RouterA]ip routing [RouterA]dis curr [RouterB]interface ethernet0 [RouterB-Ethernet0]ip addrress 10.68.1.2 255.255.0.0 [RouterB-Ethernet0]undo shutdown [RouterB-Ethernet0]int e1 [RouterB-Ethernet1]ip addrress 10.69.1.2 255.255.0.0 [RouterB-Ethernet1]undo shutdown [RouterB-Ethernet1]int s0 [RouterB-Serial0]ip addrress 10.67.1.1 255.255.0.0 [RouterB-Serial0]undo shutdown [RouterB-Serial0]quit [RouterB]ip routing [RouterB]dis curr [root@PCA root]#ifconfig eth0 10.65.1.1 netmask 255.255.0.0 [root@PCA root]#route add default gw 10.65.1.2 [root@PCA root]#ping 10.65.1.2 通 [root@PCA root]#ping 10.66.1.2 通 [root@PCA root]#ping 10.67.1.2 通 [root@PCA root]#ping 10.68.1.2 不通 [root@PCA root]#ping 10.69.1.2 不通 [RouterA]ip route-static 10.69.0.0 255.255.0.0 10.67.1.1 [root@PCA root]#ping 10.69.1.1 通 下面再加入一个路由器Router C: [RouterB-Serial0]undo ip addrress 10.67.1.1 255.255.0.0 [RouterB-Serial0]ip addrress 10.70.1.1 255.255.0.0 [RouterC]interface serial0 [RouterC-Serial0]ip addrress 10.67.1.1 255.255.0.0 [RouterC-Serial0]undo shutdown [RouterC-Serial0]clock rate 64000 [RouterC-Serial0]int s1 [RouterC-Serial1]ip addrress 10.70.1.1 255.255.0.0 [RouterC-Serial1]undo shutdown [RouterC-Serial1]quit [RouterC]ip route-static 10.69.0.0 255.255.0.0 10.70.1.1 [RouterC]dis curr [root@PCA root]#ping 10.69.1.1 通 [root@PCA root]#ping 10.68.1.1 不通 实验十 动态路由实验 [RouterA]rip version 2 multicast [RouterA-rip]network 10.0.0.0 ;可以all [RouterA-rip]ip routing [RouterB]rip version 2 multicast [RouterB-rip]network 10.0.0.0 [RouterB-rip]ip routing [RouterC]rip version 2 multicast [RouterC-rip]network 10.0.0.0 [RouterC-rip]ip routing [RouterC]dis ip route [root@PCA root]#ping 10.68.1.1 通 [root@PCA root]#ping 10.69.1.1 通 [RouterA-rip]peer 10.67.1.1 ;指明交换点 [RouterA-rip]summary ;聚合 [RouterA-Serial0]rip split-horizon ;水平分隔 [RouterA]rip work [RouterA]rip input [RouterA]rip output [Quidway]router id A.B.C.D ;配置路由器的ID [Quidway]ospf enable ;启动OSPF协议 [Quidway-ospf]imp [Quidway-Serial0]ospf enable area 0 ;配置OSPF区域 [Quidway-Serial0]link-protocol ppp 实验十一 访问控制列表实验 1.基本访问列表 [RouterC]firewall enable [RouterC]firewall default permit [RouterC]acl 10 [RouterC-acl-10]rule normal deny source 10.65.1.1 [RouterC-acl-10]rule normal permit source any [RouterC]int s0 [RouterC-Serial0]firewall packet-filter 10 inbound [RouterC-Serial0]quit [RouterC]display acl [root@PCA root]#ping 10.68.1.1 不通 [root@PCB root]#ping 10.68.1.1 通 [RouterC]undo acl 10 [RouterC]display acl [root@PCA root]#ping 10.68.1.1 通 [root@PCB root]#ping 10.68.1.1 通 [RouterC]acl 11 [RouterC-acl-11]rule normal deny source 10.65.1.1 0.0.0.255 [RouterC-acl-11]rule normal permit source any [RouterC]int s0 [RouterC-Serial0]firewall packet-filter 11 inbound [RouterC]display acl [root@PCA root]#ping 10.68.1.1 不通 [root@PCB root]#ping 10.68.1.1 不通 [RouterC]undo acl 2.扩展访问控制列表 [RouterC]firewall enable [RouterC]firewall default permit [RouterC]acl 101 [RouterC-acl-101]rule deny tcp source 10.65.1.1 0 destination 10.69.1.1 0 [RouterC-acl-101]rule permit ip source any destination any [RouterC]int s1 [RouterC-Serial1]firewall packet-filter 101 outbound [RouterC-Serial1]quit [RouterC]dis acl [root@PCA root]#ping 10.68.1.1 通 [root@PCA root]#ping 10.69.1.1 不通 [root@PCB root]#ping 10.69.1.1 通 [RouterC]undo acl [root@PCA root]#ping 10.69.1.1 通 实验十二 地址转换配置 设置公司三个公网IP:133.0.0.1、133.0.0.2、133.0.0.3 。为地址池pool。 内部网络10.1.0.0网络可以通过公网IP访问外部计算机。自动转换成公网IP。 设置:Host A : 10.1.1.1 255.255.0.0 Host B : 10.1.1.2 255.255.0.0 Host C : 10.1.1.3 255.255.0.0 Host D : 10.2.1.1 255.255.0.0 RouterA E0: 10.1.1.9 255.255.0.0 Host F : 133.0.0.8 255.255.0.0 [Quidway]nat address-group 133.0.0.1 133.0.0.3 pool1 [Quidway]acl 1 [Quidway-acl-1]rule permit source 10.1.0.0 0.0.255.255 [Quidway-acl-1]rule deny source any [Quidway-acl-1]int s0 [Quidway-Serial0]undo shut [Quidway-Serial0]nat outbound 1 address-group pool1 [Quidway-Serial0]nat server global 133.0.0.1 inside 10.1.1.1 ftp tcp [Quidway-Serial0]nat server global 133.0.0.2 inside 10.1.1.2 www tcp [Quidway-Serial0]nat server global 133.0.0.3 inside 10.1.1.3 smtp udp
