devbox
不正经
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

基于eNSP的IPv6校园网络规划与设计_综合实验_ipv6校园网的设计与部署

作者:不正经 | 2024-04-08 19:53:29

ipv6校园网的设计与部署

前言及技术/资源下载说明( 未经允许禁止转发任何内容 )

有什么问题可以在评论区说明自己遇到的情况,博主看到会第一时间回复,希望其他人也可以回复别人的问题。

可根据以下所提供的设计与实现步骤过程一步一步自行实现(每一条命令都是关键的命令);但是如果有需要的也可以根据以下地址进行下载完整的topo图和完整的配置进行参考与借鉴,如若拿到topo图可多display查看配置,查看相应的命令,配套资源连接如下,相应的内容如下图所示:

基于eNSP的IPv6校园网络规划与设计_综合实验topo和完成配置+一步步的所有配置命令(ensp)+一步步可以直接刷的记事本命令可快速配置重复的工作+全程配置参考视频(可2倍速看)+相应地址规划表

以下是topo图的模样,相应的地址规划和路由规划大部分都在图中明确的标注了

该topo网络中用到的技术有vlan划分、单臂路由(路由器子接口配置)、VRRP6、OSPFv3、防火墙安全策略、DHCPv6、IPv6 over IPv4 GRE(也就是这个隧道技术)、默认路由(IPv4/IPv6)等技术,最后说明该topo规划最后的作者权归于:小王网

一、设计topo图与设计要求

设计要求:
总部的终端设备设置为静态地址,方便用户自行修改地址
在接入和汇聚的交换机进行合理的vlan 划分,减小广播域大小,提高网络稳定性
核心路由器作为用户网关实现vlan间路由
AR3/AR4配置VRRP6虚拟网关冗余
AR3/AR4/AR1配置OSPFv3实现三层路由
FW配置相应地址和安全策略,允许除vlan 20外的网段访问DMZ区
分校的终端设备在相应设备上配置DHCPv6,让用户能自动获取ipv6地址
总校与分校之间通过配置IPv6 over IPv4 GRE隧道互通
总校与分校之间通过隧道GRE能实现互通

二、相应地址规划表

三、ensp典型中小型企业网搭建(带无线)(可不看)

插曲部分: ensp典型中小型企业网络搭建_带无线_设计实验,如下图(但并不在这篇文章中做详细介绍和说明,如查看可点击链接自行查看阅读):

每个部门划分一个VLAN,部门内互通,各部门根据ACL规则实现互通。
内网使用私网IP,为每个部门分配一个24位掩码长度的私网段,实现上网。
部门主机采用DHCP自动获取地址,减少管理员手动分配的任务量,方便管理与维护。
运行OSPF协议,提高收敛速度。而且OSPF可以适应拓扑变化,路由自动学习,防止路由环路,提高拓扑稳定性。
接入层和汇聚层交换机配置MSTP和VRRP技术,实现设备冗余、线路可靠、数据负载分担,能够保证主设备故障后,可以快速切换到备用设备,不影响业务转发。
增加防火墙设备,设置安全区域,控制部门主机、服务器和外网设备的数据转发,保证公司网络的安全性。
出口采用光纤接入,汇聚层交换机进行链路聚合,提高网络带宽,实现运营商万兆接入,千兆到部门,百兆到桌面的体验。
公司内部实现无线全覆盖,保障内部终端设备可以无线接入并上网。
汇聚层交换机配置ACL控制访问技术,实现市场部和行政部不通,财务部只能和行政部互通,其他部门全互通的网络需求。
SNAT:应用于内网用户访问Internet时进行的地址转换将私网地址转为公网地址,这里我们采用easy-ip的NAT,保证公司上网采用出接口地址。
DNAT:使的外网用户能够访问内部服务器,用户访问202.96.137.88:8080时,防火墙将流量能够送给内网的WEB服务器。当用户访问202.96.137.88:21时防火墙将目的地址转换为172.16.50.20:21 访问公司的FTP服务器。

四、该网络规划全过程(顺着一步一步走)

1、接入层vlan划分

  1.     LSW5:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname LSW5
  5. [LSW5]vlan 10
  6. [LSW5-vlan10]qui
  7. [LSW5]int e0/0/1
  8. [LSW5-Ethernet0/0/1]port link-type access
  9. [LSW5-Ethernet0/0/1]port default vlan 10
  10. [LSW5-Ethernet0/0/1]int e0/0/2
  11. [LSW5-Ethernet0/0/2]port link-type trunk
  12. [LSW5-Ethernet0/0/2]port trunk allow-pass vlan all
  13. [LSW5-Ethernet0/0/2]qui
  1.     LSW6:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. Info: Information center is disabled.
  5. [Huawei]sysname LSW6
  6. [LSW6]vlan 10
  7. [LSW6-vlan10]qui
  8. [LSW6]int e0/0/1
  9. [LSW6-Ethernet0/0/1]port link-type access
  10. [LSW6-Ethernet0/0/1]port default vlan 10
  11. [LSW6-Ethernet0/0/1]int e0/0/2
  12. [LSW6-Ethernet0/0/2]port link-type trunk
  13. [LSW6-Ethernet0/0/2]port trunk allow-pass vlan all
  14. [LSW6-Ethernet0/0/2]qui
  1.     LSW7:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW7
  7. [LSW7]vlan 20
  8. [LSW7-vlan20]qui
  9. [LSW7]int e0/0/1
  10. [LSW7-Ethernet0/0/1]port link-type access
  11. [LSW7-Ethernet0/0/1]port default vlan 20
  12. [LSW7-Ethernet0/0/1]int e0/0/2
  13. [LSW7-Ethernet0/0/2]port link-type trunk
  14. [LSW7-Ethernet0/0/2]port trunk allow-pass vlan all
  15. [LSW7-Ethernet0/0/2]qui
  1.     LSW8:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname LSW8
  5. [LSW8]vlan 21
  6. [LSW8-vlan21]qui
  7. [LSW8]int e0/0/1
  8. [LSW8-Ethernet0/0/1]port link-type access
  9. [LSW8-Ethernet0/0/1]port default vlan 21
  10. [LSW8-Ethernet0/0/1]int e0/0/2
  11. [LSW8-Ethernet0/0/2]port link-type trunk
  12. [LSW8-Ethernet0/0/2]port trunk allow-pass vlan all
  13. [LSW8-Ethernet0/0/2]qui
  1.     LSW9:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname LSW9
  5. [LSW9]vlan 30
  6. [LSW9-vlan30]qui
  7. [LSW9]int e0/0/2
  8. [LSW9-Ethernet0/0/2]port link-type access
  9. [LSW9-Ethernet0/0/2]port default vlan 30
  10. [LSW9-Ethernet0/0/2]int e0/0/1
  11. [LSW9-Ethernet0/0/1]port link-type trunk
  12. [LSW9-Ethernet0/0/1]port trunk allow-pass vlan all
  13. [LSW9-Ethernet0/0/1]qui
  1.     LSW10:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname LSW10
  5. [LSW10]vlan 31
  6. [LSW10-vlan31]qui
  7. [LSW10]int e0/0/2
  8. [LSW10-Ethernet0/0/2]port link-type access
  9. [LSW10-Ethernet0/0/2]port default vlan 31
  10. [LSW10-Ethernet0/0/2]int e0/0/1
  11. [LSW10-Ethernet0/0/1]port link-type trunk
  12. [LSW10-Ethernet0/0/1]port trunk allow-pass vlan all
  13. [LSW10-Ethernet0/0/1]qui
  1.     LSW11:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname LSW11
  5. [LSW11]vlan 40
  6. [LSW11-vlan40]qui
  7. [LSW11]int e0/0/1
  8. [LSW11-Ethernet0/0/1]port link-type access
  9. [LSW11-Ethernet0/0/1]port default vlan 40
  10. [LSW11-Ethernet0/0/1]int e0/0/2
  11. [LSW11-Ethernet0/0/2]port link-type trunk
  12. [LSW11-Ethernet0/0/2]port trunk allow-pass vlan all
  13. [LSW11-Ethernet0/0/2]qui
  1.     LSW12:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW12
  7. [LSW12]vlan 41
  8. [LSW12-vlan41]qui
  9. [LSW12]int e0/0/1
  10. [LSW12-Ethernet0/0/1]port link-type access
  11. [LSW12-Ethernet0/0/1]port default vlan 41
  12. [LSW12-Ethernet0/0/1]int e0/0/2
  13. [LSW12-Ethernet0/0/2]port link-type trunk
  14. [LSW12-Ethernet0/0/2]port trunk allow-pass vlan all
  15. [LSW12-Ethernet0/0/2]qui

2、汇聚层vlan划分

  1.     LSW1:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW1
  7. [LSW1]vlan 10
  8. [LSW1-vlan10]qui
  9. [LSW1]port-group group-member g0/0/1 to g0/0/4
  10. [LSW1-port-group]port link-type trunk
  11. [LSW1-GigabitEthernet0/0/1]port link-type trunk
  12. [LSW1-GigabitEthernet0/0/2]port link-type trunk
  13. [LSW1-GigabitEthernet0/0/3]port link-type trunk
  14. [LSW1-GigabitEthernet0/0/4]port link-type trunk
  15. [LSW1-port-group]port trunk allow-pass vlan all
  16. [LSW1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
  17. [LSW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
  18. [LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  19. [LSW1-GigabitEthernet0/0/4]port trunk allow-pass vlan all
  20. [LSW1-port-group]qui
  1.     LSW2:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW2
  7. [LSW2]vlan batch 20 21
  8. Info: This operation may take a few seconds. Please wait for a moment...done.
  9. [LSW2]port-group group-member g0/0/1 to g0/0/4
  10. [LSW2-port-group]port link-type trunk
  11. [LSW2-GigabitEthernet0/0/1]port link-type trunk
  12. [LSW2-GigabitEthernet0/0/2]port link-type trunk
  13. [LSW2-GigabitEthernet0/0/3]port link-type trunk
  14. [LSW2-GigabitEthernet0/0/4]port link-type trunk
  15. [LSW2-port-group]port trunk allow-pass vlan all
  16. [LSW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
  17. [LSW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
  18. [LSW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  19. [LSW2-GigabitEthernet0/0/4]port trunk allow-pass vlan all
  20. [LSW2-port-group]qui
  1.     LSW3:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW3
  7. [LSW3]vlan batch 30 31
  8. Info: This operation may take a few seconds. Please wait for a moment...done.
  9. [LSW3]port-group group-member g0/0/1 to g0/0/4
  10. [LSW3-port-group]port link-type trunk
  11. [LSW3-GigabitEthernet0/0/1]port link-type trunk
  12. [LSW3-GigabitEthernet0/0/2]port link-type trunk
  13. [LSW3-GigabitEthernet0/0/3]port link-type trunk
  14. [LSW3-GigabitEthernet0/0/4]port link-type trunk
  15. [LSW3-port-group]port trunk allow-pass vlan all
  16. [LSW3-GigabitEthernet0/0/1]port trunk allow-pass vlan all
  17. [LSW3-GigabitEthernet0/0/2]port trunk allow-pass vlan all
  18. [LSW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  19. [LSW3-GigabitEthernet0/0/4]port trunk allow-pass vlan all
  20. [LSW3-port-group]qui
  1.     LSW4:
  2. <Huawei>sys
  3. Enter system view, return user view with Ctrl+Z.
  4. [Huawei]un in en
  5. Info: Information center is disabled.
  6. [Huawei]sysname LSW4
  7. [LSW4]vlan batch 40 41
  8. Info: This operation may take a few seconds. Please wait for a moment...done.
  9. [LSW4]port-group group-member g0/0/1 to g0/0/4
  10. [LSW4-port-group]port link-type trunk
  11. [LSW4-GigabitEthernet0/0/1]port link-type trunk
  12. [LSW4-GigabitEthernet0/0/2]port link-type trunk
  13. [LSW4-GigabitEthernet0/0/3]port link-type trunk
  14. [LSW4-GigabitEthernet0/0/4]port link-type trunk
  15. [LSW4-port-group]port trunk allow-pass vlan all
  16. [LSW4-GigabitEthernet0/0/1]port trunk allow-pass vlan all
  17. [LSW4-GigabitEthernet0/0/2]port trunk allow-pass vlan all
  18. [LSW4-GigabitEthernet0/0/3]port trunk allow-pass vlan all
  19. [LSW4-GigabitEthernet0/0/4]port trunk allow-pass vlan all
  20. [LSW4-port-group]qui

3、核心层子接口地址配置

  1.     AR3:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname AR3
  5. [AR3]ipv6
  6. [AR3]int g0/0/0.10
  7. [AR3-GigabitEthernet0/0/0.10]dot1q termination vid 10
  8. [AR3-GigabitEthernet0/0/0.10]arp broadcast enable
  9. [AR3-GigabitEthernet0/0/0.10]ipv6 enable 
  10. [AR3-GigabitEthernet0/0/0.10]ipv6 address 1000::100/64 
  11. [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20
  12. [AR3-GigabitEthernet0/0/1.20]dot1q termination vid 20
  13. [AR3-GigabitEthernet0/0/1.20]arp broadcast enable
  14. [AR3-GigabitEthernet0/0/1.20]ipv6 enable 
  15. [AR3-GigabitEthernet0/0/1.20]ipv6 address 2000::100/64 
  16. [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21
  17. [AR3-GigabitEthernet0/0/1.21]dot1q termination vid 21
  18. [AR3-GigabitEthernet0/0/1.21]arp broadcast enable
  19. [AR3-GigabitEthernet0/0/1.21]ipv6 enable 
  20. [AR3-GigabitEthernet0/0/1.21]ipv6 address 2001::100/64 
  21. [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30
  22. [AR3-GigabitEthernet0/0/2.30]dot1q termination vid 30
  23. [AR3-GigabitEthernet0/0/2.30]arp broadcast enable
  24. [AR3-GigabitEthernet0/0/2.30]ipv6 enable 
  25. [AR3-GigabitEthernet0/0/2.30]ipv6 address 3000::100/64
  26. [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31
  27. [AR3-GigabitEthernet0/0/2.31]dot1q termination vid 31
  28. [AR3-GigabitEthernet0/0/2.31]arp broadcast enable
  29. [AR3-GigabitEthernet0/0/2.31]ipv6 enable 
  30. [AR3-GigabitEthernet0/0/2.31]ipv6 address 3001::100/64 
  31. [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40
  32. [AR3-GigabitEthernet4/0/0.40]dot1q termination vid 40
  33. [AR3-GigabitEthernet4/0/0.40]arp broadcast enable
  34. [AR3-GigabitEthernet4/0/0.40]ipv6 enable
  35. [AR3-GigabitEthernet4/0/0.40]ipv6 address 4000::100/64 
  36. [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41
  37. [AR3-GigabitEthernet4/0/0.41]dot1q termination vid 41
  38. [AR3-GigabitEthernet4/0/0.41]arp broadcast enable
  39. [AR3-GigabitEthernet4/0/0.41]ipv6 enable 
  40. [AR3-GigabitEthernet4/0/0.41]ipv6 address 4001::100/64 
  41. [AR3-GigabitEthernet4/0/0.41]int g4/0/1
  42. [AR3-GigabitEthernet4/0/1]ipv6 enable 
  43. [AR3-GigabitEthernet4/0/1]ipv6 address 3400::3/64 
  44. [AR3-GigabitEthernet4/0/1]int g4/0/2
  45. [AR3-GigabitEthernet4/0/2]ipv6 enable 
  46. [AR3-GigabitEthernet4/0/2]ipv6 address 1300::3/64
  47. [AR3-GigabitEthernet4/0/2]qui
  1.     AR4:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname AR4
  5. [AR4]ipv6
  6. [AR4]int g0/0/0.10
  7. [AR4-GigabitEthernet0/0/0.10]dot1q termination vid 10
  8. [AR4-GigabitEthernet0/0/0.10]arp broadcast enable
  9. [AR4-GigabitEthernet0/0/0.10]ipv6 enable 
  10. [AR4-GigabitEthernet0/0/0.10]ipv6 address 1000::200/64 
  11. [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20
  12. [AR4-GigabitEthernet0/0/1.20]dot1q termination vid 20
  13. [AR4-GigabitEthernet0/0/1.20]arp broadcast enable
  14. [AR4-GigabitEthernet0/0/1.20]ipv6 enable 
  15. [AR4-GigabitEthernet0/0/1.20]ipv6 address 2000::200/64 
  16. [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21
  17. [AR4-GigabitEthernet0/0/1.21]dot1q termination vid 21
  18. [AR4-GigabitEthernet0/0/1.21]arp broadcast enable
  19. [AR4-GigabitEthernet0/0/1.21]ipv6 enable 
  20. [AR4-GigabitEthernet0/0/1.21]ipv6 address 2001::200/64 
  21. [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30
  22. [AR4-GigabitEthernet0/0/2.30]dot1q termination vid 30
  23. [AR4-GigabitEthernet0/0/2.30]arp broadcast enable
  24. [AR4-GigabitEthernet0/0/2.30]ipv6 enable 
  25. [AR4-GigabitEthernet0/0/2.30]ipv6 address 3000::200/64
  26. [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31
  27. [AR4-GigabitEthernet0/0/2.31]dot1q termination vid 31
  28. [AR4-GigabitEthernet0/0/2.31]arp broadcast enable
  29. [AR4-GigabitEthernet0/0/2.31]ipv6 enable 
  30. [AR4-GigabitEthernet0/0/2.31]ipv6 address 3001::200/64 
  31. [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40
  32. [AR4-GigabitEthernet4/0/0.40]dot1q termination vid 40
  33. [AR4-GigabitEthernet4/0/0.40]arp broadcast enable
  34. [AR4-GigabitEthernet4/0/0.40]ipv6 enable
  35. [AR4-GigabitEthernet4/0/0.40]ipv6 address 4000::200/64 
  36. [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41
  37. [AR4-GigabitEthernet4/0/0.41]dot1q termination vid 41
  38. [AR4-GigabitEthernet4/0/0.41]arp broadcast enable
  39. [AR4-GigabitEthernet4/0/0.41]ipv6 enable 
  40. [AR4-GigabitEthernet4/0/0.41]ipv6 address 4001::200/64 
  41. [AR4-GigabitEthernet4/0/0.41]int g4/0/1
  42. [AR4-GigabitEthernet4/0/1]ipv6 enable
  43. [AR4-GigabitEthernet4/0/1]ipv6 address 3400::4/64
  44. [AR4-GigabitEthernet4/0/1]int g4/0/2
  45. [AR4-GigabitEthernet4/0/2]ipv6 enable 
  46. [AR4-GigabitEthernet4/0/2]ipv6 address 1400::4/64
  47. [AR4-GigabitEthernet4/0/2]qui

4、核心层VRRP配置

  1.     AR3:
  2. [AR3]int g0/0/0.10
  3. [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip FE80::10 link-local
  4. [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip 1000::128
  5. [AR3-GigabitEthernet0/0/0.10]vrrp6 vrid 10 priority 120
  6. [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20
  7. [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip FE80::20 link-local
  8. [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip 2000::128
  9. [AR3-GigabitEthernet0/0/1.20]vrrp6 vrid 20 priority 120
  10. [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21
  11. [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip FE80::21 link-local
  12. [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip 2001::128
  13. [AR3-GigabitEthernet0/0/1.21]vrrp6 vrid 21 priority 120
  14. [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30
  15. [AR3-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip FE80::30 link-local
  16. [AR3-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip 3000::128
  17. [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31
  18. [AR3-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip FE80::31 link-local
  19. [AR3-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip 3001::128
  20. [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40
  21. [AR3-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip FE80::40 link-local
  22. [AR3-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip 4000::128
  23. [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41
  24. [AR3-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip FE80::41 link-local
  25. [AR3-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip 4001::128
  26. [AR3-GigabitEthernet4/0/0.41]qui
  1.     AR4:
  2. [AR4]int g0/0/0.10
  3. [AR4-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip FE80::10 link-local
  4. [AR4-GigabitEthernet0/0/0.10]vrrp6 vrid 10 virtual-ip 1000::128
  5. [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20
  6. [AR4-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip FE80::20 link-local
  7. [AR4-GigabitEthernet0/0/1.20]vrrp6 vrid 20 virtual-ip 2000::128
  8. [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21
  9. [AR4-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip FE80::21 link-local
  10. [AR4-GigabitEthernet0/0/1.21]vrrp6 vrid 21 virtual-ip 2001::128
  11. [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30
  12. [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip FE80::30 link-local
  13. [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 virtual-ip 3000::128
  14. [AR4-GigabitEthernet0/0/2.30]vrrp6 vrid 30 priority 120
  15. [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31
  16. [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip FE80::31 link-local
  17. [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 virtual-ip 3001::128
  18. [AR4-GigabitEthernet0/0/2.31]vrrp6 vrid 31 priority 120
  19. [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40
  20. [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip FE80::40 link-local
  21. [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 virtual-ip 4000::128
  22. [AR4-GigabitEthernet4/0/0.40]vrrp6 vrid 40 priority 120
  23. [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41
  24. [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip FE80::41 link-local
  25. [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 virtual-ip 4001::128
  26. [AR4-GigabitEthernet4/0/0.41]vrrp6 vrid 41 priority 120
  27. [AR4-GigabitEthernet4/0/0.41]qui

5、核心层OSPF配置

  1.     AR3:
  2. [AR3]ospfv3
  3. [AR3-ospfv3-1]router-id 3.3.3.3
  4. [AR3-ospfv3-1]area 0
  5. [AR3-ospfv3-1-area-0.0.0.0]qui
  6. [AR3-ospfv3-1]qui
  7. [AR3]
  8. [AR3]int g0/0/0.10
  9. [AR3-GigabitEthernet0/0/0.10]ospfv3 1 area 0.0.0.0
  10. [AR3-GigabitEthernet0/0/0.10]int g0/0/1.20
  11. [AR3-GigabitEthernet0/0/1.20]ospfv3 1 area 0.0.0.0
  12. [AR3-GigabitEthernet0/0/1.20]int g0/0/1.21
  13. [AR3-GigabitEthernet0/0/1.21]ospfv3 1 area 0.0.0.0
  14. [AR3-GigabitEthernet0/0/1.21]int g0/0/2.30
  15. [AR3-GigabitEthernet0/0/2.30]ospfv3 1 area 0.0.0.0
  16. [AR3-GigabitEthernet0/0/2.30]int g0/0/2.31
  17. [AR3-GigabitEthernet0/0/2.31]ospfv3 1 area 0.0.0.0
  18. [AR3-GigabitEthernet0/0/2.31]int g4/0/0.40
  19. [AR3-GigabitEthernet4/0/0.40]ospfv3 1 area 0.0.0.0
  20. [AR3-GigabitEthernet4/0/0.40]int g4/0/0.41
  21. [AR3-GigabitEthernet4/0/0.41]ospfv3 1 area 0.0.0.0
  22. [AR3-GigabitEthernet4/0/0.41]int g4/0/1
  23. [AR3-GigabitEthernet4/0/1]ospfv3 1 area 0.0.0.0
  24. [AR3-GigabitEthernet4/0/1]int g4/0/2
  25. [AR3-GigabitEthernet4/0/2]ospfv3 1 area 0.0.0.0
  26. [AR3-GigabitEthernet4/0/2]qui
  1.     AR4:
  2. [AR4]ospfv3
  3. [AR4-ospfv3-1]router-id 4.4.4.4
  4. [AR4-ospfv3-1]area 0
  5. [AR4-ospfv3-1-area-0.0.0.0]qui
  6. [AR4-ospfv3-1]qui
  7. [AR4]int g0/0/0.10
  8. [AR4-GigabitEthernet0/0/0.10]ospfv3 1 area 0.0.0.0
  9. [AR4-GigabitEthernet0/0/0.10]int g0/0/1.20
  10. [AR4-GigabitEthernet0/0/1.20]ospfv3 1 area 0.0.0.0
  11. [AR4-GigabitEthernet0/0/1.20]int g0/0/1.21
  12. [AR4-GigabitEthernet0/0/1.21]ospfv3 1 area 0.0.0.0
  13. [AR4-GigabitEthernet0/0/1.21]int g0/0/2.30
  14. [AR4-GigabitEthernet0/0/2.30]ospfv3 1 area 0.0.0.0
  15. [AR4-GigabitEthernet0/0/2.30]int g0/0/2.31
  16. [AR4-GigabitEthernet0/0/2.31]ospfv3 1 area 0.0.0.0
  17. [AR4-GigabitEthernet0/0/2.31]int g4/0/0.40
  18. [AR4-GigabitEthernet4/0/0.40]ospfv3 1 area 0.0.0.0
  19. [AR4-GigabitEthernet4/0/0.40]int g4/0/0.41
  20. [AR4-GigabitEthernet4/0/0.41]ospfv3 1 area 0.0.0.0
  21. [AR4-GigabitEthernet4/0/0.41]int g4/0/1
  22. [AR4-GigabitEthernet4/0/1]ospfv3 1 area 0.0.0.0
  23. [AR4-GigabitEthernet4/0/1]int g4/0/2
  24. [AR4-GigabitEthernet4/0/2]ospfv3 1 area 0.0.0.0
  25. [AR4-GigabitEthernet4/0/2]qui
  1.     AR1:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname AR1
  5. [AR1]ipv6
  6. [AR1]ospfv3 1
  7. [AR1-ospfv3-1]router-id 1.1.1.1
  8. [AR1-ospfv3-1]area 0
  9. [AR1-ospfv3-1-area-0.0.0.0]qui
  10. [AR1-ospfv3-1]qui
  11. [AR1]int g0/0/0
  12. [AR1-GigabitEthernet0/0/0]ipv6 enable 
  13. [AR1-GigabitEthernet0/0/0]ipv6 address 1300::1/64 
  14. [AR1-GigabitEthernet0/0/0]ospfv3 1 area 0.0.0.0
  15. [AR1-GigabitEthernet0/0/0]int g0/0/1
  16. [AR1-GigabitEthernet0/0/1]ipv6 enable 
  17. [AR1-GigabitEthernet0/0/1]ipv6 address 1400::1/64 
  18. [AR1-GigabitEthernet0/0/1]ospfv3 1 area 0.0.0.0
  19. [AR1-GigabitEthernet0/0/1]int g0/0/2
  20. [AR1-GigabitEthernet0/0/2]ip add 12.1.1.1 24
  21. [AR1-GigabitEthernet0/0/2]int g4/0/0
  22. [AR1-GigabitEthernet4/0/0]ipv6 enable 
  23. [AR1-GigabitEthernet4/0/0]ipv6 address 1100::2/64 
  24. [AR1-GigabitEthernet4/0/0]ospfv3 1 area 0.0.0.0
  25. [AR1-GigabitEthernet4/0/0]qui

6、FW配置

  1. admin
  2. Admin@123
  3. y
  4. Admin@123
  5. admin@123
  6. admin@123
  7.  
  8. <USG6000V1>sys
  9. [USG6000V1]un in en
  10. [USG6000V1]sysname FW
  11. [FW]ipv6
  12. [FW]ospfv3
  13. [FW-ospfv3-1]router-id 11.11.11.11
  14. [FW-ospfv3-1]qui
  15. [FW]int g1/0/0
  16. [FW-GigabitEthernet1/0/0]ipv6 enable
  17. [FW-GigabitEthernet1/0/0]ipv6 add 5000::128/64
  18. [FW-GigabitEthernet1/0/0]ospfv3 1 area 0
  19. [FW-GigabitEthernet1/0/0]int g1/0/1
  20. [FW-GigabitEthernet1/0/1]ipv6 enable
  21. [FW-GigabitEthernet1/0/1]ipv6 add 1100::1/64
  22. [FW-GigabitEthernet1/0/1]ospfv3 1 area 0
  23. [FW-GigabitEthernet1/0/1]qui
  24. [FW]firewall zone trust
  25. [FW-zone-trust]add int g1/0/1
  26. [FW-zone-trust]qui
  27. [FW]firewall zone dmz
  28. [FW-zone-dmz]add int g1/0/0
  29. [FW-zone-dmz]qui
  30. [FW]security-policy
  31. [FW-policy-security]rule name trust_to_dmz
  32. [FW-policy-security-rule-trust_to_dmz]source-zone trust 
  33. [FW-policy-security-rule-trust_to_dmz]destination-zone dmz     
  34. [FW-policy-security-rule-trust_to_dmz]source-address 1000::0 64
  35. [FW-policy-security-rule-trust_to_dmz]source-address 2001::0 64
  36. [FW-policy-security-rule-trust_to_dmz]source-address 3000::0 64
  37. [FW-policy-security-rule-trust_to_dmz]source-address 3001::0 64
  38. [FW-policy-security-rule-trust_to_dmz]source-address 4000::0 64
  39. [FW-policy-security-rule-trust_to_dmz]source-address 4001::0 64
  40. [FW-policy-security-rule-trust_to_dmz]action permit 
  41. [FW-policy-security-rule-trust_to_dmz]qui
  42. [FW-policy-security]qui

7、DHCPv6配置

  1.     AR5:
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname AR5
  5. [AR5]ipv6
  6. [AR5]dhcp enable
  7. [AR5]dhcpv6 pool 1
  8. [AR5-dhcpv6-pool-1]address prefix 6000::/64
  9. [AR5-dhcpv6-pool-1]excluded-address 6000::128
  10. [AR5-dhcpv6-pool-1]qui
  11. [AR5]dhcpv6 pool 2
  12. [AR5-dhcpv6-pool-2]address prefix 6001::/64
  13. [AR5-dhcpv6-pool-2]excluded-address 6001::128
  14. [AR5-dhcpv6-pool-2]qui
  15. [AR5]int g0/0/0
  16. [AR5-GigabitEthernet0/0/0]ip add 25.1.1.5 24
  17. [AR5-GigabitEthernet0/0/0]int g0/0/1
  18. [AR5-GigabitEthernet0/0/1]ipv6 enable
  19. [AR5-GigabitEthernet0/0/1]ipv6 address 6000::128/64
  20. [AR5-GigabitEthernet0/0/1]dhcpv6 server 1
  21. [AR5-GigabitEthernet0/0/1]undo ipv6 nd ra halt
  22. [AR5-GigabitEthernet0/0/1]ipv6 nd autoconfig managed-address-flag
  23. [AR5-GigabitEthernet0/0/1]ipv6 nd autoconfig other-flag
  24. [AR5-GigabitEthernet0/0/1]qui
  25. [AR5]int g0/0/2
  26. [AR5-GigabitEthernet0/0/2]ipv6 enable
  27. [AR5-GigabitEthernet0/0/2]ipv6 address 6001::128/64
  28. [AR5-GigabitEthernet0/0/2]dhcpv6 server 2
  29. [AR5-GigabitEthernet0/0/2]undo ipv6 nd ra halt
  30. [AR5-GigabitEthernet0/0/2]ipv6 nd autoconfig managed-address-flag
  31. [AR5-GigabitEthernet0/0/2]ipv6 nd autoconfig other-flag
  32. [AR5-GigabitEthernet0/0/2]qui

8、GRE配置

  1.     AR1:
  2. [AR1]interface Tunnel0/0/1
  3. [AR1-Tunnel0/0/1]ipv6 enable 
  4. [AR1-Tunnel0/0/1]ipv6 address 1500::1/64
  5. [AR1-Tunnel0/0/1]tunnel-protocol gre
  6. [AR1-Tunnel0/0/1]source 12.1.1.1
  7. [AR1-Tunnel0/0/1]destination 25.1.1.5
  8. [AR1-Tunnel0/0/1]qui
  1.     ISP
  2. <Huawei>sys
  3. [Huawei]un in en
  4. [Huawei]sysname ISP
  5. [ISP]int g0/0/0
  6. [ISP-GigabitEthernet0/0/0]ip add 12.1.1.2 24
  7. [ISP-GigabitEthernet0/0/0]int g0/0/2
  8. [ISP-GigabitEthernet0/0/2]ip add 25.1.1.2 24
  9. [ISP-GigabitEthernet0/0/2]qui
  1.     AR5:
  2. [AR5]interface Tunnel0/0/1
  3. [AR5-Tunnel0/0/1]ipv6 enable 
  4. [AR5-Tunnel0/0/1]ipv6 address 1500::2/64
  5. [AR5-Tunnel0/0/1]tunnel-protocol gre
  6. [AR5-Tunnel0/0/1]source 25.1.1.5
  7. [AR5-Tunnel0/0/1]destination 12.1.1.1
  8. [AR5-Tunnel0/0/1]qui

9、OSPF配置

  1. [AR5]ospfv3
  2. [AR5-ospfv3-1]router-id 5.5.5.5
  3. [AR5-ospfv3-1]qui
  4. [AR5]int g0/0/1
  5. [AR5-GigabitEthernet0/0/1]ospfv3 1 area 0.0.0.0
  6. [AR5-GigabitEthernet0/0/1]int g0/0/2
  7. [AR5-GigabitEthernet0/0/2]ospfv3 1 area 0.0.0.0
  8. [AR5-GigabitEthernet0/0/2]qui
  9. [AR5]int Tunnel 0/0/1
  10. [AR5-Tunnel0/0/1]ospfv3 1 area 0.0.0.0
  11. [AR5-Tunnel0/0/1]qui
  12. [AR5]
  1. [AR1]int Tunnel 0/0/1
  2. [AR1-Tunnel0/0/1]ospfv3 1 area 0.0.0.0
  3. [AR1-Tunnel0/0/1]qui
  4. [AR1]
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/不正经/article/detail/387825
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号