NSD NETWORK DAY04
1 案例1:配置静态NAT
1.1 问题
按照图-1拓扑图所示,在R1上配置静态NAT使192.168.2.1转换为100.0.0.2,192.168.2.2转换为100.0.0.3,实现外部网络访问
图-1
1.2 步骤
实现此案例需要按照如下步骤进行。
步骤一:配置静态NAT
pc3无需配置网关
- [Huawei]interface GigabitEthernet 0/0/0
- [Huawei-GigabitEthernet0/0/0] ip address 100.0.0.1 8
- [Huawei-GigabitEthernet0/0/0]nat static global 100.0.0.2 inside 192.168.2.1
- [Huawei-GigabitEthernet0/0/0]nat static global 100.0.0.3 inside 192.168.2.2
2 案例2:Easy IP
2.1 问题
按照图-2所示的拓扑结构,在R1上配置Easy IP使企业内网192.168.2.0/24利用g0/0/0端口的ip,实现外部网络的访问
图-2
2.2 步骤
实现此案例需要按照如下步骤进行
步骤一:配置静态NAT
注:以下命令需要在路由器配置好ip的基础上完成
- [Huawei]acl 2000
- [Huawei-acl-basic-2000]rule permit source any //使用acl定义任何内部地址
- [Huawei]interface g0/0/0
- [Huawei-GigabitEthernet0/0/0]nat outbound 2000 //可以利用g0/0/0的ip访问外网
3 案例3:三层交换配置VRRP
3.1 问题
按照图-3所示拓扑结构,在三层交换机配置热备份路由协议使组内两个出口设备共享一个虚拟ip地址192.168.1.254为内网主机的网关
图-3
3.2 步骤
本实验暂不考虑NAT问题
步骤一:pc配置ip
pc设备配置ip与网关,192.168.1.1的网关为192.168.1.254
192.168.4.1的网关为192.168.4.254
步骤二:路由器配置
路由器配置
- <Huawei>system-view
- [Huawei]interface GigabitEthernet 0/0/0
- [Huawei-GigabitEthernet0/0/0]ip address 192.168.2.1 24
- [Huawei]interface GigabitEthernet 0/0/1
- [Huawei-GigabitEthernet0/0/1]ip address 192.168.3.1 24
- [Huawei]interface GigabitEthernet 0/0/2
- [Huawei-GigabitEthernet0/0/2]ip address 192.168.4.254 24
- [Huawei]ospf
- [Huawei-ospf-1]area 0
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255
步骤三:交换机配置
1)MS1
- <Huawei>system-view
- [Huawei]interface Vlanif 1
- [Huawei-Vlanif1]ip add 192.168.1.252 24
- [Huawei]vlan 2
- [Huawei-vlan2]quit
- [Huawei]interface Vlanif 2
- [Huawei-Vlanif2]ip address 192.168.2.2 24
- [Huawei-Vlanif2]quit
- [Huawei]interface GigabitEthernet 0/0/2
- [Huawei-GigabitEthernet0/0/2]port link-type access
- [Huawei-GigabitEthernet0/0/2]port default vlan 2
- [Huawei]ospf
- [Huawei-ospf-1]area 0
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
- [Huawei]interface Vlanif 1
- [Huawei-Vlanif1]vrrp vrid 1 virtual-ip 192.168.1.254
2)MS2
- <Huawei>system-view
- [Huawei]interface Vlanif 1
- [Huawei-Vlanif1]ip add 192.168.1.253 24
- [Huawei]vlan 3
- [Huawei-vlan3]quit
- [Huawei]interface Vlanif 3
- [Huawei-Vlanif3]ip address 192.168.3.2 24
- [Huawei-Vlanif3]quit
- [Huawei]interface GigabitEthernet 0/0/2
- [Huawei-GigabitEthernet0/0/2]port link-type access
- [Huawei-GigabitEthernet0/0/2]port default vlan 3
- [Huawei]ospf
- [Huawei-ospf-1]area 0
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
- [Huawei-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
- [Huawei]interface Vlanif 1
- [Huawei-Vlanif1]vrrp vrid 1 virtual-ip 192.168.1.254
4 案例4:网络负载均衡
4.1 问题
按照图-4所示拓扑结构,配置MS1为vlan10的主路由器、vlan20的备份路由器,MS2为vlan10的备份路由器、vlan20的主路由器,实现负载均衡的效果
图-4
4.2 步骤
实现此案例需要按照如下步骤进行
步骤一:配置交换机
1)MS1
- [Huawei]interface Vlanif 10
- [Huawei-Vlanif10]ip address 192.168.10.252 24
- [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254
- [Huawei-Vlanif10]vrrp vrid 1 priority 110
- [Huawei]interface Vlanif 20
- [Huawei-Vlanif20]ip address 192.168.20.252 24
- [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254
1)MS2
- [Huawei]interface Vlanif 10
- [Huawei-Vlanif10]ip address 192.168.10.253 24
- [Huawei-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254
- [Huawei]interface Vlanif 20
- [Huawei-Vlanif20]ip address 192.168.20.253 24
- [Huawei-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254
- [Huawei-Vlanif20]vrrp vrid 2 priority 110