华为ensp模拟双isp出口
这是整个项目的拓扑图,由两条isp提供服务,正常情况下走电信出入,当电信故障自动切换到联通出口
这是pc1的ip设置这是pc3的ip设置`
pc2 ip地址 192.168.10.2 255.255.255.0
网关 192.168.10.254
pc4 ip地址 192.168.20.2 255.255.255.0
网关 192.168.20.254
对sw3设置
sysname sw3
undo info-center enable
vlan batch 10 20
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
region-name huawei
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#创建生成树实例并配置,接着设置根桥、备份根桥
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif1
interface MEth0/0/1
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
interface Ethernet0/0/2
port link-type access
port default vlan 10
interface Ethernet0/0/3
port link-type access
port default vlan 10
interface Ethernet0/0/4
interface Ethernet0/0/5
port link-type trunk
port trunk allow-pass vlan 10 20
interface Ethernet0/0/6
interface Ethernet0/0/7
interface Ethernet0/0/8
interface Ethernet0/0/9
interface Ethernet0/0/10
interface Ethernet0/0/11
interface Ethernet0/0/12
interface Ethernet0/0/13
interface Ethernet0/0/14
interface Ethernet0/0/15
interface Ethernet0/0/16
interface Ethernet0/0/17
interface Ethernet0/0/18
interface Ethernet0/0/19
interface Ethernet0/0/20
interface Ethernet0/0/21
interface Ethernet0/0/22
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface NULL0
user-interface con 0
user-interface vty 0 4`
对sw4设置
sysname sw4
undo info-center enable
vlan batch 10 20
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
region-name huawei
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#创建生成树实例并配置,接着设置根桥、备份根桥
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif1
interface MEth0/0/1
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
interface Ethernet0/0/2
port link-type access
port default vlan 10
interface Ethernet0/0/3
port link-type access
port default vlan 10
interface Ethernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10 20
interface Ethernet0/0/5
interface Ethernet0/0/6
interface Ethernet0/0/7
interface Ethernet0/0/8
interface Ethernet0/0/9
interface Ethernet0/0/10
interface Ethernet0/0/11
interface Ethernet0/0/12
interface Ethernet0/0/13
interface Ethernet0/0/14
interface Ethernet0/0/15
interface Ethernet0/0/16
interface Ethernet0/0/17
interface Ethernet0/0/18
interface Ethernet0/0/19
interface Ethernet0/0/20
interface Ethernet0/0/21
interface Ethernet0/0/22
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface NULL0
user-interface con 0
user-interface vty 0 4
return
对sw1设置
sysname sw1
undo info-center enable
vlan batch 10 to 11 20 30
stp instance 1 root primary
stp instance 2 root secondary##为生成树实例1和实例2创建根桥和备份根桥
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
region-name huawei
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#创建生成树实例并配置,接着设置根桥、备份根桥
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif1
interface Vlanif10
ip address 192.168.10.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
vrrp vrid 1 priority 150
vrrp vrid 1 preempt-mode timer delay 30
vrrp vrid 1 track interface GigabitEthernet0/0/2 reduced 100
#建立VRRP备份组,添加虚拟IP
interface Vlanif11
ip address 192.168.11.1 255.255.255.0
interface Vlanif20
ip address 192.168.20.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.254
interface Vlanif30
ip address 192.168.30.1 255.255.255.0
interface MEth0/0/1
interface Eth-Trunk1
port link-type trunk
port trunk pvid vlan 30
port trunk allow-pass vlan 10 20 30
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
interface GigabitEthernet0/0/2
port link-type access
port default vlan 11
interface GigabitEthernet0/0/3
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/5
interface GigabitEthernet0/0/6
interface GigabitEthernet0/0/7
interface GigabitEthernet0/0/8
interface GigabitEthernet0/0/9
interface GigabitEthernet0/0/10
interface GigabitEthernet0/0/11
interface GigabitEthernet0/0/12
interface GigabitEthernet0/0/13
interface GigabitEthernet0/0/14
interface GigabitEthernet0/0/15
interface GigabitEthernet0/0/16
interface GigabitEthernet0/0/17
interface GigabitEthernet0/0/18
interface GigabitEthernet0/0/19
interface GigabitEthernet0/0/20
interface GigabitEthernet0/0/21
interface GigabitEthernet0/0/22
interface GigabitEthernet0/0/23
eth-trunk 1##设置链路聚合
interface GigabitEthernet0/0/24
eth-trunk 1##设置链路聚合
interface NULL0
interface LoopBack0
ip address 10.10.10.10 255.255.255.255
ospf 1 router-id 10.10.10.10
area 0.0.0.0
network 192.168.0.0 0.0.255.255
network 10.10.10.10 0.0.0.0
user-interface con 0
user-interface vty 0 4
return
对sw2设置
sysname sw2
undo info-center enable
vlan batch 10 to 11 20 to 21 30
stp instance 1 root secondary
stp instance 2 root primary##为生成树实例1和实例2创建根桥和备份根桥
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
region-name huawei
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif1
interface Vlanif10
ip address 192.168.10.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
interface Vlanif20
ip address 192.168.20.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.254
vrrp vrid 2 priority 150
vrrp vrid 2 preempt-mode timer delay 30
#建立VRRP备份组,添加虚拟IP
interface Vlanif21
ip address 192.168.21.2 255.255.255.0
interface Vlanif30
ip address 192.168.30.2 255.255.255.0
interface MEth0/0/1
interface Eth-Trunk1
port link-type trunk
port trunk pvid vlan 30
port trunk allow-pass vlan 10 20 30
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
interface GigabitEthernet0/0/2
port link-type access
port default vlan 11
interface GigabitEthernet0/0/3
interface GigabitEthernet0/0/4
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/6
interface GigabitEthernet0/0/7
interface GigabitEthernet0/0/8
interface GigabitEthernet0/0/9
interface GigabitEthernet0/0/10
interface GigabitEthernet0/0/11
interface GigabitEthernet0/0/12
interface GigabitEthernet0/0/13
interface GigabitEthernet0/0/14
interface GigabitEthernet0/0/15
interface GigabitEthernet0/0/16
interface GigabitEthernet0/0/17
interface GigabitEthernet0/0/18
interface GigabitEthernet0/0/19
interface GigabitEthernet0/0/20
interface GigabitEthernet0/0/21
interface GigabitEthernet0/0/22
interface GigabitEthernet0/0/23
eth-trunk 1##设置链路聚合
interface GigabitEthernet0/0/24
eth-trunk 1##设置链路聚合
interface NULL0
interface LoopBack0
ip address 20.20.20.20 255.255.255.255
ospf 1 router-id 10.10.10.10
area 0.0.0.0
network 192.168.0.0 0.0.255.255
network 20.20.20.20 0.0.0.0##将环回口作为Router-id发布自己的直连及环回地址
user-interface con 0
user-interface vty 0 4
return
对R4进行设置
sysname R4
undo info-center enable
acl number 2000
rule 1 permit source 192.168.10.0 0.0.0.255
rule 2 permit source 192.168.20.0 0.0.0.255
#接着我们在和运营商对接的路由设备上配置访问控制列表并允许源地址192.168.10.0、192.168.20.0网段的地址通过
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher 0MnL7meMt2ajUn1vMEIBry7#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 200.1.1.2 255.255.255.248
nat outbound 2000
interface GigabitEthernet0/0/1
ip address 192.168.34.4 255.255.255.0
interface GigabitEthernet0/0/2
ip address 192.168.21.4 255.255.255.0
interface GigabitEthernet0/0/3
wlan
interface NULL0
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf 1 router-id 4.4.4.4
default-route-advertise always
area 0.0.0.0
network 192.168.34.0 0.0.0.255
network 192.168.21.0 0.0.0.255
network 4.4.4.4 0.0.0.0##将环回口作为Router-id发布自己的直连及环回地址
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
对R3进行设置
sysname R3
undo info-center enable
acl number 2000
rule 1 permit source 192.168.10.0 0.0.0.255
rule 2 permit source 192.168.20.0 0.0.0.255
#接着我们在和运营商对接的路由设备上配置访问控制列表并允许源地址192.168.10.0、192.168.20.0网段的地址通过
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher l"<Z"L^T@,ajUn1vMEIBGy7#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 100.1.1.2 255.255.255.248
nat outbound 2000
interface GigabitEthernet0/0/1
ip address 192.168.34.3 255.255.255.0
interface GigabitEthernet0/0/2
ip address 192.168.11.3 255.255.255.0
interface GigabitEthernet0/0/3
wlan
interface NULL0
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf 1 router-id 3.3.3.3
default-route-advertise always
area 0.0.0.0
network 192.168.34.0 0.0.0.255
network 192.168.11.0 0.0.0.255
network 3.3.3.3 0.0.0.0
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
对R1进行设置
sysname R1
undo info-center enable
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher 1ugG<TB!%@+/Y@:Y>Lw(N}M#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 100.1.1.3 255.255.255.248
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/3
wlan
interface NULL0
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
对R2进行设置
sysname R2
undo info-center enable
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher 1ugG<TB!%@+/Y@:Y>Lw(N}M#
local-user admin service-type http
firewall zone Local
priority 16
interface Ethernet0/0/0
interface Ethernet0/0/1
interface Serial0/0/0
link-protocol ppp
interface Serial0/0/1
link-protocol ppp
interface Serial0/0/2
link-protocol ppp
interface Serial0/0/3
link-protocol ppp
interface GigabitEthernet0/0/0
ip address 200.1.1.3 255.255.255.248
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/3
wlan
interface NULL0
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
return
华为ensp模拟双isp出口相关推荐
- 网络毕业设计--基于华为ensp防火墙双出口负载拟真实验
本次仿真实验是关于防火墙负载的双出口毕设,大家可以参考组网结构,在此基础上可以进行各种改良,符合自己的实验需求是最终目的,下面直接上配置,想要定制的+绿泡泡18812668402 技术范围 接入层:M ...
- 华为ensp模拟校园网/企业网实例(XX学校网络设计与实现)
目录 1.网络需求分析 1.1 功能需求分析 1.2 技术需求分析 1.3 网络安全需求分析 2.校园局域网设计 2.1 拓扑图 2.2 IP 规划和 VLAN 划分 2.3 核心层设备配置 2.3. ...
- 基于华为eNSP的双核心企业网/校园网网络设计综合组网配置/作品演示【网络工程毕业设计】
XX中学校园的主干层次结构采用核心,汇聚,接入的三层模型.核心层处理整体网络的数据流动,实现各节点间数据的高速处理,增加安全措施和访问权限等等.汇聚夹于两层之间,任务包括线路的整合汇聚,向信息点传递流 ...
- 华为eNSP模拟酒店无线wifi实验
酒店AC+AP无线网络覆盖解决方案 每个房间采用面板上ap,房间走道采用吸顶式ap,AC统一管理. 瘦 AP和无线控制器系统有非常强大的集中管理功能,所有的关于无线网络的配置都可以通过配置无线控制器器 ...
- 双ISP出口网络组网
出口防火墙双机热备,设置模式为负载均衡模式,(VGMP及HRP协议) 通过在防火墙上配置路由策略使得内网的不同网段的流量分别流向ISP1和ISP2
- 【华为ensp实战案例——路由网络的构建与配置】
1. 架构分析 (1)需求分析 在构建的局域网中,通过路由器间配置静态路由,实现PC1和PC2主机直接 连通,主机网段不能与路由器直接互联网段通信. (2)环境要求 配置虚拟网卡的计算机,安装华为eN ...
- 华为ensp,交换网络的构建与配置
1. 架构分析 (1)需求分析 本实验的目的在于建立小型局域网.由于公司由不同部门组成,因此需要划 分不同网络实现互联互通.设计以下网络:两个部门各使用一台交换机连接,然 后连接到总交换机.为了控制网 ...
- 华为ensp,实战案例一一使用模拟器构建局域网络
1.案例目标 ( I )通过组网设计,掌握小型网络的组建.路由的设计,对小型网络系统进行分析,提出建网解决方案. (2)综合运用路由.VLAN的相关技术. (3)综合运用VLAN创建.Access和T ...
- 华为防火墙企业双出口专线,配置策略路由实现多个ISP出接口的智能选路和双向NAT
一.组网需求 1:企业有二条专线接入,当其中一条出现故障时,自动切换至另外一条,保障网络访问正常. (a)要求PC1从dx专线(1.1.1.2/24)访问外网PC,PC2从yd专线(2.2.2.2/2 ...
最新文章
- BCH底层协议真的不能被修改吗?
- iOS和OS X中的bundle
- [BZOJ 3942] [Usaco2015 Feb] Censoring 【KMP】
- QUIC DataChannels的第一步
- ASP.NET MVC从视图传递多个模型到Controller
- linux做一个客户端与WemosD1作为服务器的无线通信(局域网通信)
- Linux的bc命令计算π的值预估系统算力
- java 消息队列_消息队列-RabbitMQ在JAVA中的应用(1)
- LINUX下载编译libpng
- ssdp java_SSDP协议 - 实施
- 电气火灾监控系统在地铁供配电系统中的应用
- MySQL relay_log_recovery源码分析
- 基于阿里云 OSS 下载图片跨域问题
- 脑皮质算法(3)-- 新皮层的位置:利用皮层网格细胞的感觉运动物体识别理论
- Python能不能只选择合并一个excel当中指定的sheet 当中指定的列呢?
- EPICS设备支持的简单示例
- Jugglefest
- Samba服务和FTP服务
- 虚函数与纯虚函数以及虚函数表之间的关系
- c++ hashset的用法_c++ stl容器set成员函数介绍及set集合插入,遍历等用法举例
热门文章
- 火狐受信任站点设置_火狐浏览器怎么添加信任站点,谷歌浏览器设置信任站点...
- 超详细,手把手教你用20行Python代码制作飞花令小程序!
- 小狼毫Rime输入法【朙月拼音-简体字】取消默认英文候选词
- 独家:小程序再添新能力,QQ空间5.62亿月活用户福利来袭
- 给初学者的 Jupyter Notebook 教程
- Databricks 第6篇:Spark SQL 维护数据库和表
- linux最佳硬盘分区方案和分区调整办法
- 登录网站后自动退出需重新登录_微博自动关注陌生人?你的账号有可能被“劫持”了!...
- 千万别付钱!史上最贵勒索软件作者“忘记”备份密钥
- 当红齐天再捧“绽放杯”金奖:全流程算力网络夯实元宇宙“底座”