网络运维实战项目（端午水篇）_网络运维项目案例

前言

  1.掌握企业网络及云计算运维的流程，提高网络运维的实战能力，实践课程采用案例驱动模式，并模拟企业的实际项目部署流程，通过本文来完成项目的前期调研、策划、需求分析、总体设计、详细设计、部署、测试、文档及PPT编写等环节的工作任务，通过协作完成网络拓扑结构的升级项目，提自我项目实战能力。
  2.了解、熟悉云计算的网络运维项目，读者的网络/服务器运维及架构技术，实践项目采用案例驱动模式，通过模拟真实的企业网络环境，通过博主带领你完成项目的前期问题分析，问题解决思路，项目实施，总结归纳等工作，通过此项目，要求读者掌握网络运维的实践能力，云计算运维的实战能力。

通过本博主实践项目的学习，要求读者掌握并达成以下目标：

1. 掌握TCP/IP地址配置及网络连通性测试
2. 掌握计算机网络概念、数制转换、OSI参考模型、TCP/IP协议
3. 掌握物理层概念、交换机命令行模式、基本配置、密码设置
4. 掌握数据链路层概念、MAC地址表、配置接口速率、配置交换机管理IP
5. 掌握配置静态路由、配置浮动路由、配置多路由的静态路由
6. 掌握配置默认路由、telnet远程管理
7. 掌握Vlan的划分、配置trunk中继链路、以太网通道配置、DHCP服务配置
8. 掌握三层交换vlan间通信、三层交换配置路由、RIP动态路由配置
9. 掌握HSRP配置、STP的配置、三层交换HSRP配置、三层交换STP配置
10. 掌握标准ACL配置、扩展ACL配置、命名ACL配置
11. 掌握静态NAT配置、动态NAT配置、PAT配置
12. 掌握公司网络环境配置、企业网络拓扑升级
13. 掌握服务器的操作系统安装、服务器的操作系统图形桌面
14. 掌握服务器的基础操作命令、ls列表及文档创建、复制、删除、移动
15. 掌握服务器网络故障解决能力、配置静态网络地址、使用yum软件源

一、环境

二、项目介绍

1.项目概述
案例1：配置目前网络环境

1.1 问题
一家新创建的IT公司，公司位于北京有80多台服务器
目前网络环境使用技术，通过端口映射技术将web服务器发布给Internet：

1. 三层交换：汇聚接入层交换机
2. 默认路由：实现到互联网数以万计网络访问的简化配置
3. 静态路由：实现公司内部网络互通
4. NAT端口映射：实现企业内部Web服务器的发布

1.2 方案
通过端口映射技术将web服务器发布给Internet，公司现有网络环境拓扑如图所示：

网络连接说明如表所示：

1.3 步骤
步骤一：根据表为设备配置IP地址，并为三层交换机开启路由功能
1）MS1配置vlan1与f0/1接口的IP地址并开启路由功能

1.Switch(config)#hostname MS1
2.MS1(config)#ip routing 
3.MS1(config)#interface vlan 1
4.MS1(config-if)#ip address 192.168.1.252 255.255.255.0 
5.MS1(config-if)#no shutdown 
6.MS1(config-if)#exit
7.MS1(config-if)#interface fastEthernet 0/1
8.MS1(config-if)#no switchport
9.MS1(config-if)#ip address 192.168.2.1 255.255.255.0
10.MS1(config-if)#no shutdown 
1
2
3
4
5
6
7
8
9
10

步骤二：为路由器配置IP地址，添加接口模块
1）为路由器添加接口模块并进入路由器接口配置IP地址

1.Router(config)#hostname R1
2.R1(config)#interface fastEthernet 0/0
3.R1(config-if)#ip address 192.168.2.2 255.255.255.0
4.R1(config-if)#no shutdown
5.R1(config-if)#exit
6.R1(config)#interface fastEthernet 1/0
7.R1(config-if)#ip address 61.159.62.129 255.255.255.248
8.R1(config-if)#no shutdown
1
2
3
4
5
6
7
8

步骤三：配置MS1和路由器的静态路由

1.MS1(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.2.2
2.R1(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1
1
2

步骤四：测试server1与R1接口IP的连通性

1.PC>ping 192.168.2.2
2.Pinging 192.168.2.2 with 32 bytes of data:
3.Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
4.Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
5.Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
6.Reply from 192.168.2.2: bytes=32 time=1ms TTL=254
7.Ping statistics for 192.168.2.2:
8.    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
9.Approximate round trip times in milli-seconds:
10.    Minimum = 0ms, Maximum = 1ms, Average = 0ms
11.PC>ping 61.159.62.129
12.Pinging 61.159.62.129 with 32 bytes of data:
13.Reply from 61.159.62.129: bytes=32 time=1ms TTL=254
14.Reply from 61.159.62.129: bytes=32 time=0ms TTL=254
15.Reply from 61.159.62.129: bytes=32 time=2ms TTL=254
16.Reply from 61.159.62.129: bytes=32 time=0ms TTL=254
17.Ping statistics for 61.159.62.129:
18.    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
19.Approximate round trip times in milli-seconds:
20.    Minimum = 0ms, Maximum = 2ms, Average = 0ms
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

步骤五：R1配置端口映射

1.R1(config)#ip nat inside source static tcp 192.168.1.8 80 61.159.62.131 80 
2.R1(config)#interface fastEthernet 0/0
3.R1(config-if)#ip nat inside
4.R1(config)#interface f1/0
5.R1(config-if)#ip nat outside
1
2
3
4
5

步骤六：在PC7上查看是映射结果，如图-2所示

三、项目阶段练习

2.1 问题
现有网络问题分析：

1. 接入层交换机只与同一个三层交换机相连，存在单点故障而影响网络通信。
2. 互联网连接单一服务商

现有网络需求：

1. 随着企业发展，为了保证网络的高可用性，需要使用很多的冗余技术。
2. 保证局域网络不会因为线路故障而导致的网络故障。
3. 保证客户端机器不会因为使用单一网关而出现的单点失败。
4. 保证到互联网的高可用接入使用冗余互联网连接。
5. 提高网络链路带宽。

2.2 方案
基于项目的需求，需要用到如下技术：

1. STP：解决二层环路带来的广播风暴并链路冗余问题
2. 以太网通道：提高网络链路带宽
3. RIP路由协议：实现网络路径的自动学习
4. HSRP：实现网关冗余

重新规划后的网络拓扑如图-3：

重新规划后网络连接说明如表-2与表-3所示：

2.3 步骤
步骤一：静态路由升级动态路由。
1）R1删除静态路由并配置rip

1.R1(config)#no ip route 192.168.1.0 255.255.255.0 192.168.2.1
2.R1(config)#router rip 
3.R1(config-router)#version 2
4.R1(config-router)#no auto-summary 
5.R1(config-router)#network 192.168.2.0
6.R1(config-router)#default-information originate
1
2
3
4
5
6

2）MS1上删除静态路由并配置rip

1.MS1(config)#no ip route 0.0.0.0 0.0.0.0 192.168.2.2
2.MS1(config)#router rip 
3.MS1(config-router)#version 2
4.MS1(config-router)#no auto-summary 
5.MS1(config-router)#network 192.168.1.0
6.MS1(config-router)#network 192.168.2.0
1
2
3
4
5
6

3）在MS1上查看路由表

1.MS1#show ip route 
2.
3.Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
4.D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
5.N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
6.E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
7.i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
8.* - candidate default, U - per-user static route, o - ODR
9.P - periodic downloaded static route
10.Gateway of last resort is 192.168.2.2 to network 0.0.0.0
11.C 192.168.1.0/24 is directly connected, Vlan1
12.C 192.168.2.0/24 is directly connected, FastEthernet0/1
13.R* 0.0.0.0/0 [120/1] via 192.168.2.2, 00:00:01, FastEthernet0/1
1
2
3
4
5
6
7
8
9
10
11
12
13

步骤二：配置SW1、SW2、SW3、SW4与MS1的接口为Trunk模式并做以太网通道。
1）SW1、SW2、SW3、SW4上做与MS1之间的trunk与以太网通道

1.Switch(config)#hostname SW1
2.SW1(config)#interface range fastEthernet 0/5-6
3.SW1(config-if-range)#switchport mode trunk 
4.SW1(config-if-range)#channel-group 1 mode on
5.
6.Switch(config)#hostname SW2
7.SW2(config)#interface range fastEthernet 0/7-8
8.SW2(config-if-range)#switchport mode trunk 
9.SW2(config-if-range)#channel-group 2 mode on 
10.
11.Switch(config)#hostname SW3
12.SW3(config)#interface range fastEthernet 0/9-10
13.SW3(config-if-range)#switchport mode trunk 
14.SW3(config-if-range)#channel-group 3 mode on 
15.
16.Switch(config)#hostname SW4
17.SW4(config)#interface range fastEthernet 0/11-12
18.SW4(config-if-range)#switchport mode trunk 
SW4(config-if-range)#channel-group 4 mode on 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

2）MS1与SW1、SW2、SW3、SW4之间做以太网通道并启用trunk

MS1(config)#interface range fastEthernet 0/5-6
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#channel-group 1 mode on
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/7-8
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#channel-group 2 mode on
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/9-10
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk
MS1(config-if-range)#channel-group 3 mode on
MS1(config-if-range)#exit
MS1(config-if-range)#interface range fastEthernet 0/11-12
MS1(config-if-range)#switchport trunk encapsulation dot1q
MS1(config-if-range)#switchport mode trunk on
MS1(config-if-range)#channel-group 4 mode on
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

步骤三：添加MS2并配置与MS1、SW1、SW2、SW3、SW4之间的太网通道。
1）在MS1上配置与MS2的以太网通道

1.MS1(config)#interface range fastEthernet 0/13-15
2.MS1(config-if-range)#channel-group 5 mode on
3.MS1(config-if-range)#switchport trunk encapsulation dot1q 
4.MS1(config-if-range)#switchport mode trunk 
1
2
3
4

2）在MS2并配置与MS1、SW1、SW2、SW3、SW4之间的太网通道

1.MS2(config)#interface range fastEthernet 0/10-12
2.MS2(config-if-range)#channel-group 5 mode on
3.MS2(config-if-range)#switchport trunk encapsulation dot1q 
4.MS2(config-if-range)#switchport mode trunk 
5.MS2(config-if-range)#exit
6.MS2(config)#interface range fastEthernet 0/2-3
7.MS2(config-if-range)#channel-group 1 mode on
8.MS2(config-if-range)#switchport trunk encapsulation dot1q 
9.MS2(config-if-range)#switchport mode trunk 
10.MS2(config-if-range)#exit
11.MS2(config)#interface range fastEthernet 0/4-5
12.MS2(config-if-range)#channel-group 2 mode on
13.MS2(config-if-range)#switchport mode trunk 
14.MS2(config-if-range)#exit
15.MS2(config)#interface range fastEthernet 0/6-7
16.MS2(config-if-range)#channel-group 3 mode on
17.MS2(config-if-range)#switchport trunk encapsulation dot1q 
18.MS2(config-if-range)#switchport mode trunk 
19.MS2(config-if-range)#exit
20.MS2(config)#interface range fastEthernet 0/8-9
21.MS2(config-if-range)#channel-group 4 mode on
22.MS2(config-if-range)#switchport trunk encapsulation dot1q 
23.MS2(config-if-range)#switchport mode trunk 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

3）在MS1上查看以太网通道

1.MS1>show etherchannel port-channel 
2.Channel-group listing:
3.----------------------
4.Group: 1
5.----------
6.Port-channels in the group:
7.---------------------------
8.Port-channel: Po1
9.------------
10.Age of the Port-channel = 00d:00h:05m:21s
11.Logical slot/port = 2/1 Number of ports = 2
12.GC = 0x00000000 HotStandBy port = null
13.Port state = Port-channel 
14.Protocol = PAGP
15.Port Security = Disabled
16.Ports in the Port-channel:
17.Index Load Port EC state No of bits
18.------+------+------+------------------+-----------
19.0 00 Fa0/5 On 0
20.0 00 Fa0/6 On 0
21.Time since last port bundled: 00d:00h:05m:21s Fa0/6
22.Group: 2
23.----------
24.Port-channels in the group:
25.---------------------------
26.Port-channel: Po2
27.------------
28.Age of the Port-channel = 00d:00h:05m:21s
29.Logical slot/port = 2/2 Number of ports = 2
30.GC = 0x00000000 HotStandBy port = null
31.Port state = Port-channel 
32.Protocol = PAGP
33.Port Security = Disabled
34.Ports in the Port-channel:
35.Index Load Port EC state No of bits
36.------+------+------+------------------+-----------
37.0 00 Fa0/7 On 0
38.0 00 Fa0/8 On 0
39.Time since last port bundled: 00d:00h:05m:21s Fa0/8
40.Group: 3
41.----------
42.Port-channels in the group:
43.---------------------------
44.Port-channel: Po3
45.------------
46.Age of the Port-channel = 00d:00h:05m:21s
47.Logical slot/port = 2/3 Number of ports = 2
48.GC = 0x00000000 HotStandBy port = null
49.Port state = Port-channel 
50.Protocol = PAGP
51.Port Security = Disabled
52.Ports in the Port-channel:
53.Index Load Port EC state No of bits
54.------+------+------+------------------+-----------
55.0 00 Fa0/9 On 0
56.0 00 Fa0/10 On 0
57.Time since last port bundled: 00d:00h:05m:21s Fa0/10
58.Group: 4
59.----------
60.Port-channels in the group:
61.---------------------------
62.Port-channel: Po4
63.------------
64.Age of the Port-channel = 00d:00h:05m:21s
65.Logical slot/port = 2/4 Number of ports = 2
66.GC = 0x00000000 HotStandBy port = null
67.Port state = Port-channel 
68.Protocol = PAGP
69.Port Security = Disabled
70.Ports in the Port-channel:
71.Index Load Port EC state No of bits
72.------+------+------+------------------+-----------
73.0 00 Fa0/11 On 0
74.0 00 Fa0/12 On 0
75.Time since last port bundled: 00d:00h:05m:21s Fa0/12
76.Group: 5
77.----------
78.Port-channels in the group:
79.---------------------------
80.Port-channel: Po5
81.------------
82.Age of the Port-channel = 00d:00h:08m:11s
83.Logical slot/port = 2/5 Number of ports = 3
84.GC = 0x00000000 HotStandBy port = null
85.Port state = Port-channel 
86.Protocol = PAGP
87.Port Security = Disabled
88.Ports in the Port-channel:
89.Index Load Port EC state No of bits
90.------+------+------+------------------+-----------
91.0 00 Fa0/13 On 0
92.0 00 Fa0/14 On 0
93.0 00 Fa0/15 On 0
94.Time since last port bundled: 00d:00h:08m:11s Fa0/15
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

步骤四：MS1与MS2配置STP
1）在MS1和MS2上配置stp

1.MS1(config)#spanning-tree vlan 1 root primary 
2.MS2(config)#spanning-tree vlan 1 root secondary
1
2

2）在MS1和MS2上查看stp

1.MS1# show spanning-tree vlan 1
2.VLAN0001
3.Spanning tree enabled protocol ieee
4.Root ID Priority 24577
5.Address 0004.9A70.6B06
6.This bridge is the root    
7.Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
8.Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
9.Address 0004.9A70.6B06
10.Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
11.Aging Time 20
12.Interface Role Sts Cost Prio.Nbr Type
13.---------------- ---- --- --------- -------- --------------------------------
14.Po1 Desg FWD 9 128.27 Shr
15.Po2 Desg FWD 9 128.28 Shr
16.Po3 Desg FWD 9 128.29 Shr
17.Po4 Desg FWD 9 128.30 Shr
18.Po5 Desg FWD 8 128.31 Shr
19.
20.MS2#show spanning-tree vlan 1 
21.VLAN0001
22.Spanning tree enabled protocol ieee
23.Root ID Priority 24577
24.Address 0004.9A70.6B06
25.Cost 8
26.Port 31(Port-channel 5)
27.Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
28.Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
29.Address 0006.2A05.A2BA
30.Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
31.Aging Time 20
32.Interface Role Sts Cost Prio.Nbr Type
33.---------------- ---- --- --------- -------- --------------------------------
34.Po1 Desg FWD 9 128.27 Shr
35.Po2 Desg FWD 9 128.28 Shr
36.Po3 Desg FWD 9 128.29 Shr
37.Po4 Desg FWD 9 128.30 Shr
Po5 Root FWD 8 128.31 Shr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

步骤五：HSRP配置
1）MS1配置HSRP

1.MS1(config)#interface vlan 1
2.MS1(config-if)#standby 1 ip 192.168.1.254
3.MS1(config-if)#standby 1 priority 200
4.MS1(config-if)#standby 1 preempt
1
2
3
4

2）MS2配置HSRP开启路由功能

1.MS2(config)#ip routing
2.MS2(config)#interface vlan 1
3.MS2(config)#ip address 192.168.1.253 255.255.255.0
4.MS2(config)#no shutdown
5.MS2(config-if)#standby 1 ip 192.168.1.254 
6.MS2(config-if)#standby 1 priority 195
7.MS2(config-if)#standby 1 preempt
1
2
3
4
5
6
7

3）配置MS1交换机的HSRP的端口跟踪，关闭跟踪接口，并在MS1和MS2上查看HSRP状态

1.MS1(config)# MS1(config)#interface vlan 1
2.MS1(config-if)#standby 1 track fastEthernet 0/1
3.MS1(config-if)#exit
4.MS1(config)#interface fastEthernet 0/1
5.MS1(config-if)#shutdown
6.MS1#show standby brief 
7.P indicates configured to preempt.
8.|
9.Interface   Grp    Pri  P    State       Active          Standby    Virtual IP
10.Vl1          1      190  P    Standby    192.168.1.253   local     192.168.1.254
11.MS2#show standby brief 
12.P indicates configured to preempt.
13.Interface    Grp    Pri   P     State     Active   Standby           Virtual IP
14.Vl1            1     195   P     Active    local    192.168.1.252     192.168.1.254
1
2
3
4
5
6
7
8
9
10
11
12
13
14

步骤六：MS2连接R1并配置rip
1)为R1与MS2相连接的接口配置IP地址 并配置rip

1.R1(config)#interface fastEthernet 0/24
2.R1(config-if)#ip address 192.168.3.2 255.255.255.0
3.R1(config-if)#exit
4.R1(config)#router rip 
5.R1(config-router)# version 2
6.R1(config-router)#network 192.168.3.0
7.MS2(config-if)#exit
8.MS2(config)#router rip 
9.MS2(config-router)#version 2
10.MS2(config-router)#no auto-summary 
11.MS2(config-router)#network 192.168.1.0
1
2
3
4
5
6
7
8
9
10
11

步骤七：添加路由器R2， 为R2配置默认路由，R2与MS1、MS2、Internet相连并为配置IP与动态路由
1)配置R2的IP地址、rip、默认路由。

1.Router(config)hostname R2
2.R2(config)#interface fastEthernet 0/0
3.R2(config-if)#ip address 192.168.4.2 255.255.255.0
4.R2(config-if)#no shutdown
5.R2(config-if)#exit
6.R2(config)#interface fastEthernet 0/1
7.R2(config-if)#ip address 192.168.5.2 255.255.255.0
8.R2(config-if)#no shutdown
9.R2(config-if)#exit
10.R2(config)#interface fastEthernet 1/0
11.R2(config-if)#ip address 61.159.62.130 255.255.255.248
12.R2(config-if)#no shutdown
13.R2(config-if)#exit
14.R2(config)ip route 0.0.0.0 0.0.0.0 fastEthernet 1/0
15.R2(config)#router rip
16.R2(config-router)#version 2
17.R2(config-router)#no auto-summary 
18.R2(config-router)#network 192.168.4.0
19.R2(config-router)#network 192.168.5.0
20.R2(config-router)#default-information originate
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

2）MS2配置IP地址添加动态路由条目

1.MS2(config)#interface fastEthernet 0/1
2.MS2(config-if)#no switchport
3.MS2(config-if)#ip address 192.168.4.1 255.255.255.0
4.MS2(config-if)#no shutdown
5.MS2(config-if)#exit
6.MS2(config)#router rip
7.R2(config-router)#version 2
8.MS2(config-router)#network 192.168.4.0
1
2
3
4
5
6
7
8

3）MS1配置IP地址添加动态路由条目

1.MS1(config)#interface fastEthernet 0/24
2.MS1(config-if)#no switchport
3.MS1(config-if)#ip address 192.168.5.1 255.255.255.0
4.MS1(config-if)#no shutdown
5.MS1(config-if)#exit
6.MS1(config)#router rip
7.R2(config-router)#version 2
8.MS1(config-router)#network 192.168.5.0
1
2
3
4
5
6
7
8

4)在客户端测试网络的联通性

1.SERVER>ipconfig 
2.FastEthernet0 Connection:(default port)
3.Link-local IPv6 Address.........: FE80::201:96FF:FEA8:404B
4.IP Address......................: 192.168.1.1
5.Subnet Mask.....................: 255.255.255.0
6.Default Gateway.................: 192.168.1.254
7.SERVER>ping 192.168.2.1
8.Pinging 192.168.2.1 with 32 bytes of data:
9.Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
10.Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
11.Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
12.Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
13.Ping statistics for 192.168.2.1:
14.Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
15.Approximate round trip times in milli-seconds:
16.Minimum = 0ms, Maximum = 0ms, Average = 0ms
17.
18.SERVER>ping 192.168.3.1
19.Pinging 192.168.3.1 with 32 bytes of data:
20.Reply from 192.168.3.1: bytes=32 time=0ms TTL=255
21.Reply from 192.168.3.1: bytes=32 time=0ms TTL=255
22.Reply from 192.168.3.1: bytes=32 time=0ms TTL=255
23.Reply from 192.168.3.1: bytes=32 time=0ms TTL=255
24.Ping statistics for 192.168.3.1:
25.Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
26.Approximate round trip times in milli-seconds:
27.Minimum = 0ms, Maximum = 0ms, Average = 0ms
28.
29.SERVER>ping 192.168.4.1
30.
31.Pinging 192.168.4.1 with 32 bytes of data:
32.Reply from 192.168.4.1: bytes=32 time=1ms TTL=255
33.Reply from 192.168.4.1: bytes=32 time=0ms TTL=255
34.Reply from 192.168.4.1: bytes=32 time=0ms TTL=255
35.Reply from 192.168.4.1: bytes=32 time=0ms TTL=255
36.Ping statistics for 192.168.4.1:
37.Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
38.Approximate round trip times in milli-seconds:
39.Minimum = 0ms, Maximum = 1ms, Average = 0ms
40.
41.SERVER>ping 192.168.5.1
42.Pinging 192.168.5.1 with 32 bytes of data:
43.Reply from 192.168.5.1: bytes=32 time=1ms TTL=255
44.Reply from 192.168.5.1: bytes=32 time=1ms TTL=255
45.Reply from 192.168.5.1: bytes=32 time=1ms TTL=255
46.Reply from 192.168.5.1: bytes=32 time=0ms TTL=255
47.Ping statistics for 192.168.5.1:
48.Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
49.Approximate round trip times in milli-seconds:
50.Minimum = 0ms, Maximum = 1ms, Average = 0ms
51.
52.SERVER>ping 192.168.2.2
53.Pinging 192.168.2.2 with 32 bytes of data:
54.Reply from 192.168.2.2: bytes=32 time=1ms TTL=254
55.Reply from 192.168.2.2: bytes=32 time=1ms TTL=254
56.Reply from 192.168.2.2: bytes=32 time=11ms TTL=254
57.Reply from 192.168.2.2: bytes=32 time=0ms TTL=254
58.Ping statistics for 192.168.2.2:
59.Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
60.Approximate round trip times in milli-seconds:
61.Minimum = 0ms, Maximum = 11ms, Average = 3ms
62.
63.SERVER>ping 192.168.3.2
64.Pinging 192.168.3.2 with 32 bytes of data:
65.Reply from 192.168.3.2: bytes=32 time=0ms TTL=254
66.Reply from 192.168.3.2: bytes=32 time=0ms TTL=254
67.Reply from 192.168.3.2: bytes=32 time=1ms TTL=254
68.Reply from 192.168.3.2: bytes=32 time=0ms TTL=254
69.Ping statistics for 192.168.3.2:
70.Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
71.Approximate round trip times in milli-seconds:
72.Minimum = 0ms, Maximum = 1ms, Average = 0ms
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

5）关闭MS1

1.MS1(config)#interface range fastEthernet 0/1-24
2.MS1(config-if-range)#shutdown
1
2

6）在外网测试是否可以访问web服务器如图

步骤八：在R2上配置端口映射
1）在R2上配置端口映射，指定NAT进口

1.R2(config)#ip nat inside source static tcp 192.168.1.8 80 61.159.62.131 80
2.R2(config)#interface fastEthernet 0/0
3.R2(config-if)#ip nat inside 
4.R2(config-if)#exit
5.R2(config)#interface fastEthernet 0/1
6.R2(config-if)#ip nat inside 
7.R2(config-if)#exit
8.R2(config)#interface fastEthernet 1/0
9.R2(config-if)#ip nat outside
1
2
3
4
5
6
7
8
9

2）关闭R1（如图-5所示）测试外网是否可以正常访问web服务器（因为模拟器有BUG所以需要填加一台Internet主机IP：61.159.62.133测试如图-6所示）


可以访问web服务器证明项目升级成功。