《华为技术认证HCNA网络技术实验指南》参考配置
更新时间:2024-04-22 17:45:01 阅读量: 综合文库 文档下载
- 华为技术认证sdn推荐度:
- 相关推荐
文档密级
最终配置参考
第一章 eNSP及VRP基础操作
1.2 熟悉VRP基本操作
最终配置
sysname R1
header shell information \ header login information \#
clock timezone BJ add 08:00:00
clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23 00:00 2005 2005 #
interface GigabitEthernet0/0/0 ip address 10.1.1.1 255.255.255.0 # Return
1.3 熟悉常用的IP相关命令
最终配置
sysname R1 #
interface GigabitEthernet0/0/0
ip address 10.0.1.254 255.255.255.0 #
2016-5-12
华为保密信息,未经授权禁止扩散
第1页, 共86页
interface GigabitEthernet0/0/1
ip address 10.0.2.254 255.255.255.0 # return
文档密级
1.4 配置通过Telnet登录系统
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.1.1.254 255.255.255.0 # Return
sysname R2 #
interface Ethernet0/0/0
ip address 10.1.1.1 255.255.255.0 # return
sysname R3 #
interface Ethernet0/0/0
ip address 10.1.1.2 255.255.255.0 # return
1.5 配置通过STelnet登录系统
2016-5-12
华为保密信息,未经授权禁止扩散
第2页, 共86页
文档密级
最终配置
set cpu-usage threshold 80 restore 75 #
rsa peer-public-key 10.1.1.254 public-key-code begin 3047 0240
B910F7D8 EF50B04E CCF8692A 4F1B3FB3 202C3E66 B6D2C7EB FDBF0909 ED160F5E 76B5D916 CBB29432 F9044E04 8434B0AB E8FAB968 1672958B F732F788 0DA94F85 0203 010001
public-key-code end peer-public-key end #
interface GigabitEthernet0/0/0 ip address 10.1.1.1 255.255.255.0 #
ssh client 10.1.1.254 assign rsa-key 10.1.1.254 ssh client first-time enable
authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http
local-user huawei1 password cipher %$%$cRb~BL,]5D(!v-QiMgd$:RxE%$%$ local-user huawei1 privilege level 3 local-user huawei1 service-type ssh #
interface GigabitEthernet0/0/0
ip address 10.1.1.254 255.255.255.0 #
2016-5-12
华为保密信息,未经授权禁止扩散
第3页, 共86页
stelnet server enable #
user-interface vty 0 4 auth
protocol inbound ssh
文档密级
1.6 配置通过FTP进行文件操作
最终配置
sysname R1
ftp server enable # aaa
local-user ftp password cipher %$%$%/xlTEcUeFU_=\local-user ftp ftp-directory flash: local-user ftp service-type ftp #
interface GigabitEthernet0/0/0 ip address 10.0.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.2.254 255.255.255.0 # Return
第二章 静态路由
2.1 静态路由及默认路由基本配置
最终配置
sysname R1
2016-5-12
华为保密信息,未经授权禁止扩散
第4页, 共86页
#
interface Ethernet0/0/0
ip address 192.168.10.1 255.255.255.0 #
interface Serial0/0/0 link-protocol ppp
ip address 10.0.12.1 255.255.255.0 #
ip route-static 0.0.0.0 0.0.0.0 10.0.12.2 # Return
sysname R2 #
interface Serial0/0/0 link-protocol ppp
ip address 10.0.23.2 255.255.255.0 #
interface Serial0/0/1 link-protocol ppp
ip address 10.0.12.2 255.255.255.0 #
ip route-static 192.168.10.0 255.255.255.0 Serial0/0/1 ip route-static 192.168.20.0 255.255.255.0 10.0.23.3 # Return
sysname R3 #
interface Ethernet0/0/0
ip address 192.168.20.3 255.255.255.0 #
interface Serial0/0/1 link-protocol ppp
ip address 10.0.23.3 255.255.255.0 #
ip route-static 0.0.0.0 0.0.0.0 Serial0/0/1 # Return
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第5页, 共86页
rip summary-address 3.3.0.0 255.255.252.0 #
interface LoopBack0
ip address 3.3.0.3 255.255.255.0 #
interface LoopBack1
ip address 3.3.1.3 255.255.255.0 #
interface LoopBack2
ip address 3.3.2.3 255.255.255.0 #
interface LoopBack3
ip address 3.3.3.3 255.255.255.0 # rip 1
undo summary version 2
network 192.168.23.0 network 3.0.0.0 # return
文档密级
3.4 配置RIP的版本兼容、定时器及协议优先级
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.0.12.1 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 192.168.10.1 255.255.255.0 # rip 1 version 2
network 10.0.0.0 network 192.168.10.0 preference 90
timers rip 20 120 60
2016-5-12
华为保密信息,未经授权禁止扩散
第11页, 共86页
# return
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.12.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 192.168.20.1 255.255.255.0 # rip 1 version 2
network 10.0.0.0 network 192.168.20.0 # return
文档密级
3.5 配置RIP抑制接口及单播更新
最终配置
sysname R1 #
interface GigabitEthernet0/0/1
ip address 172.16.1.254 255.255.255.0 # rip 1
peer 172.16.1.100 peer 172.16.1.200 network 172.16.0.0
silent-interface GigabitEthernet0/0/1 # Return
sysname R2
2016-5-12
华为保密信息,未经授权禁止扩散
第12页, 共86页
#
interface Ethernet1/0/1
ip address 172.16.1.100 255.255.255.0 #
interface Ethernet1/0/0
ip address 172.16.2.254 255.255.255.0 # rip 1
peer 172.16.1.254 peer 172.16.1.200 network 172.16.0.0
silent-interface Ethernet1/0/0 silent-interface Ethernet1/0/1 # Return
sysname R3 #
interface Ethernet1/0/1
ip address 172.16.1.200 255.255.255.0 undo rip output #
interface Ethernet1/0/0
ip address 192.168.1.254 255.255.255.0 # rip 1
peer 172.16.1.254 network 172.16.0.0 network 192.168.1.0 # return
文档密级
3.6 RIP与不连续子网
最终配置
interface Ethernet0/0/0
ip address 10.0.12.1 255.255.255.0
2016-5-12
华为保密信息,未经授权禁止扩散
第13页, 共86页
# rip 1
undo summary version 2
network 10.0.0.0 #
sysname R2 #
interface Ethernet0/0/0
ip address 10.0.12.2 255.255.255.0 #
interface Serial0/0/0 link-protocol ppp
ip address 192.168.23.2 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 network 192.168.23.0 #
sysname R3 #
interface Serial0/0/0 link-protocol ppp
ip address 192.168.23.3 255.255.255.0 #
interface Serial0/0/1 link-protocol ppp
ip address 192.168.34.3 255.255.255.0 # rip 1
undo summary version 2
network 192.168.23.0 network 192.168.34.0 #
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第14页, 共86页
sysname R4
interface Ethernet0/0/0
ip address 10.0.45.4 255.255.255.0 interface Serial0/0/1 link-protocol ppp
ip address 192.168.34.4 255.255.255.0 # rip 1
undo summary version 2
network 192.168.34.0 network 10.0.0.0
sysname R5 #
interface Ethernet0/0/0
ip address 10.0.45.5 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 #
文档密级
3.7 RIP的水平分割及触发更新
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 172.16.1.1 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 172.16.2.1 255.255.255.0
2016-5-12
华为保密信息,未经授权禁止扩散
第15页, 共86页
undo rip split-horizon # rip 1 version 2
network 172.16.0.0 # Return
sysname R2 #
interface Ethernet1/0/0
ip address 192.168.2.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 172.16.2.2 255.255.255.0 rip poison-reverse # rip 1 version 2
network 192.168.2.0 network 172.16.0.0 # Return
sysname R3 #
interface Ethernet1/0/0
ip address 192.168.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 172.16.1.2 255.255.255.0 # rip 1 version 2
network 172.16.0.0 network 192.168.1.0 # return
文档密级
2016-5-12
华为保密信息,未经授权禁止扩散 第16页, 共86页
文档密级
3.8 配置RIP路由附加度量值
最终配置
interface GigabitEthernet0/0/0 ip address 20.1.1.1 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.1 255.255.255.0 rip metricin 2 #
interface GigabitEthernet0/0/2 ip address 10.1.1.254 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 network 20.0.0.0 # Return
interface GigabitEthernet0/0/0 ip address 20.1.1.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 30.1.1.2 255.255.255.0 rip metricout 3 # rip 1
undo summary version 2
network 20.0.0.0 network 30.0.0.0
2016-5-12
华为保密信息,未经授权禁止扩散
第17页, 共86页
sysname r3 #
interface GigabitEthernet0/0/0 ip address 30.2.2.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.3 255.255.255.0 # rip 1
undo summary version 2
network 20.0.0.0 network 30.0.0.0 # Return
sysname r4 #
interface GigabitEthernet0/0/0 ip address 30.2.2.4 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 30.1.1.4 255.255.255.0 #
interface GigabitEthernet0/0/2
ip address 40.1.1.254 255.255.255.0 # rip 1
undo summary version 2
network 30.0.0.0 network 40.0.0.0 # return
文档密级
3.9 RIP的故障处理
最终配置
2016-5-12
华为保密信息,未经授权禁止扩散
第18页, 共86页
[V200R003C00] #
sysname R1 #
interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 192.168.2.2 255.255.255.0 # rip 1 version 2
network 192.168.1.0 network 192.168.2.0 # Return
sysname R2 #
interface Ethernet1/0/0
ip address 172.16.1.254 255.255.255.0 #
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0 # rip 1 version 2
network 172.16.0.0 network 192.168.1.0 # Return
sysname R3 #
interface Ethernet1/0/0
ip address 172.16.2.254 255.255.255.0 #
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第19页, 共86页
interface GigabitEthernet0/0/1
ip address 192.168.2.1 255.255.255.0 # rip 1 version 2
network 172.16.0.0 network 192.168.2.0 # return
文档密级
3.10 RIP的路由引入
最终配置
sysname R1 #
interface Ethernet0/0/1
ip address 30.1.1.1 255.255.255.0 #
interface Ethernet0/0/2
ip address 10.1.1.1 255.255.255.0 #
interface Ethernet0/0/3
ip address 10.1.2.1 255.255.255.0 # rip 1
undo summary version 2
network 30.0.0.0 network 10.0.0.0 import-route static #
ip route-static 40.1.1.0 255.255.255.0 30.1.1.2 # return
sysname R2 #
2016-5-12
华为保密信息,未经授权禁止扩散
第20页, 共86页
interface Ethernet0/0/0
ip address 20.1.1.254 255.255.255.0 #
interface Ethernet0/0/2
ip address 10.1.1.2 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 import-route direct # return
sysname R3 #
interface Ethernet0/0/0
ip address 20.1.2.254 255.255.255.0 #
interface Ethernet0/0/3
ip address 10.1.2.2 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 network 20.0.0.0 # return
sysname R4 #
interface Ethernet0/0/1
ip address 30.1.1.2 255.255.255.0 #
interface Ethernet0/0/2
ip address 40.1.1.254 255.255.255.0 #
interface Ethernet0/0/3
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第21页, 共86页
#
ip route-static 0.0.0.0 0.0.0.0 30.1.1.1 # Return
文档密级
第四章 OSPF
4.1 OSPF单区域配置
最终配置
sysname R1 #
interface GigabitEthernet0/0/0
ip address 172.16.10.1 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.20.1 255.255.255.0 #
interface GigabitEthernet0/0/2
ip address 172.16.1.254 255.255.255.0 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255 network 172.16.10.0 0.0.0.255 network 172.16.20.0 0.0.0.255 # Return
sysname R2 #
interface GigabitEthernet0/0/0
2016-5-12
华为保密信息,未经授权禁止扩散
第22页, 共86页
ip address 172.16.10.2 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.30.2 255.255.255.0 #
interface GigabitEthernet0/0/2
ip address 172.16.2.254 255.255.255.0 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.2.0 0.0.0.255 network 172.16.10.0 0.0.0.255 network 172.16.30.0 0.0.0.255 # Return
sysname R3 #
interface GigabitEthernet0/0/0
ip address 172.16.30.3 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.20.3 255.255.255.0 #
interface GigabitEthernet0/0/2
ip address 172.16.3.254 255.255.255.0 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.3.0 0.0.0.255 network 172.16.20.0 0.0.0.255 network 172.16.30.0 0.0.0.255 # return
文档密级
4.2 OSPF多区域配置
2016-5-12
华为保密信息,未经授权禁止扩散
第23页, 共86页
文档密级
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.0.12.1 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.13.1 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.15.1 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.12.0 0.0.0.255 network 10.0.13.0 0.0.0.255 area 0.0.0.1
network 10.0.15.0 0.0.0.255
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.12.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.24.2 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.26.2 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.12.0 0.0.0.255 network 10.0.24.0 0.0.0.255 area 0.0.0.2
network 10.0.26.0 0.0.0.255
2016-5-12
华为保密信息,未经授权禁止扩散
第24页, 共86页
sysname R3 #
interface Ethernet4/0/0
ip address 10.0.3.254 255.255.255.0 #
interface GigabitEthernet0/0/0 ip address 10.0.34.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.13.3 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.35.3 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.3.0 0.0.0.255 network 10.0.13.0 0.0.0.255 network 10.0.34.0 0.0.0.255 area 0.0.0.1
network 10.0.35.0 0.0.0.255
sysname R4 #
interface Ethernet4/0/0
ip address 10.0.4.254 255.255.255.0 #
interface GigabitEthernet0/0/0 ip address 10.0.34.4 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.24.4 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.46.4 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.4.0 0.0.0.255
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第25页, 共86页
network 10.0.24.0 0.0.0.255 network 10.0.34.0 0.0.0.255 area 0.0.0.2
network 10.0.46.0 0.0.0.255
sysname R5 #
interface GigabitEthernet0/0/0 ip address 10.0.15.5 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.35.5 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.1.254 255.255.255.0 # ospf 1 area 0.0.0.1
network 10.0.1.0 0.0.0.255 network 10.0.15.0 0.0.0.255 network 10.0.35.0 0.0.0.255
sysname R6 #
interface GigabitEthernet0/0/0 ip address 10.0.26.6 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.46.6 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.4.254 255.255.255.0 # ospf 1 area 0.0.0.2
network 10.0.2.0 0.0.0.255 network 10.0.26.0 0.0.0.255 network 10.0.46.0 0.0.0.255
文档密级
2016-5-12
华为保密信息,未经授权禁止扩散
第26页, 共86页
文档密级
4.3 配置OSPF的认证
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.0.12.1 255.255.255.0 #
interface LoopBack0
ip address 1.1.1.1 255.255.255.255 # ospf 1 area 0.0.0.1
authentication-mode simple cipher %$%$uLH><^,C/Zu9F\network 1.1.1.1 0.0.0.0 network 10.0.12.0 0.0.0.255 # return
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.12.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.24.2 255.255.255.0
ospf authentication-mode md5 1 cipher %$%$O(rq6{i@~:ZxjOVu7@f!;sq]%$%$ #
interface GigabitEthernet0/0/2 ip address 10.0.23.2 255.255.255.0 #
interface LoopBack0
ip address 2.2.2.2 255.255.255.255 # ospf 1
2016-5-12
华为保密信息,未经授权禁止扩散
第27页, 共86页
area 0.0.0.0
文档密级
authentication-mode md5 1 cipher %$%$o~s#(Y9'`2&uxE;1e_WE;
authentication-mode simple cipher %$%$>c
sysname R3 #
interface GigabitEthernet0/0/0 ip address 10.0.35.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.36.3 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.23.3 255.255.255.0 #
interface LoopBack0
ip address 3.3.3.3 255.255.255.255 # ospf 1 area 0.0.0.0
authentication-mode md5 1 cipher %$%$b>g'8Gle#Ank|^3\network 3.3.3.3 0.0.0.0 network 10.0.23.0 0.0.0.255 network 10.0.35.0 0.0.0.255 network 10.0.36.0 0.0.0.255 # Return
sysname R4 #
2016-5-12
华为保密信息,未经授权禁止扩散
第28页, 共86页
interface GigabitEthernet0/0/0 ip address 10.0.24.4 255.255.255.0
文档密级
ospf authentication-mode md5 1 cipher %$%$82'];lU:U:auL-%{~n4P;}&X%$%$ #
interface LoopBack0
ip address 4.4.4.4 255.255.255.255 # ospf 1 area 0.0.0.1
authentication-mode simple cipher %$%$$iC}.E|#N.N];YLjT^),;792%$%$ network 4.4.4.4 0.0.0.0 network 10.0.24.0 0.0.0.255 # Return
sysname R5 #
interface GigabitEthernet0/0/0 ip address 10.0.35.5 255.255.255.0 # #
interface LoopBack0
ip address 5.5.5.5 255.255.255.255 # ospf 1 area 0.0.0.0
authentication-mode md5 1 cipher %$%$}sc&9m~)_VH\\z7E\\MphV;Fc(%$%$ network 5.5.5.5 0.0.0.0 network 10.0.35.0 0.0.0.255 # Return
sysname R6 #
interface GigabitEthernet0/0/0 ip address 10.0.36.6 255.255.255.0 #
2016-5-12
华为保密信息,未经授权禁止扩散
第29页, 共86页
interface LoopBack0
ip address 6.6.6.6 255.255.255.255 # ospf 1 area 0.0.0.0
文档密级
authentication-mode md5 1 cipher %$%$cMpIQsdGLE([/e,rBSH%;F>O%$%$ network 6.6.6.6 0.0.0.0 network 10.0.36.0 0.0.0.255 # Return
4.4 OSPF被动接口配置
最终配置
interface GigabitEthernet0/0/0 ip address 10.0.3.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.13.1 255.255.255.0 # ospf 1
silent-interface GigabitEthernet0/0/0 area 0.0.0.0
network 10.0.3.0 0.0.0.255 network 10.0.13.0 0.0.0.255
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.23.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.4.254 255.255.255.0 # ospf 1
silent-interface GigabitEthernet0/0/1
2016-5-12
华为保密信息,未经授权禁止扩散
第30页, 共86页
area 0.0.0.0
network 10.0.4.0 0.0.0.255 network 10.0.23.0 0.0.0.255
sysname R3 #
interface GigabitEthernet0/0/0 ip address 10.0.13.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.23.3 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.30.3 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.13.0 0.0.0.255 network 10.0.23.0 0.0.0.255 network 10.0.30.0 0.0.0.255
sysname R4 #
interface GigabitEthernet0/0/0 ip address 10.0.30.4 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.1.254 255.255.255.0 #
ospf enable 4 area 0.0.0.0 # ospf 1
silent-interface all
undo silent-interface GigabitEthernet0/0/0 area 0.0.0.0
network 10.0.1.0 0.0.0.255 network 10.0.30.0 0.0.0.255
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第31页, 共86页
#
sysname R5 #
interface GigabitEthernet0/0/0 ip address 10.0.30.5 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.2.254 255.255.255.0 # ospf 1
silent-interface GigabitEthernet0/0/0 silent-interface GigabitEthernet0/0/1 area 0.0.0.0
network 10.0.2.0 0.0.0.255 network 10.0.30.0 0.0.0.255
文档密级
4.5 理解OSPF Router-ID
最终配置
sysname R1 #
interface GigabitEthernet0/0/0
ip address 10.0.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.12.1 255.255.255.0 #
interface LoopBack0
ip address 1.1.1.1 255.255.255.255 #
ospf 1 router-id 1.1.1.1 area 0.0.0.0
network 10.0.1.0 0.0.0.255 network 10.0.12.0 0.0.0.255 # Return
2016-5-12
华为保密信息,未经授权禁止扩散
第32页, 共86页
#
sysname R2 #
router id 3.3.3.3 #
interface GigabitEthernet0/0/0 ip address 10.0.12.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.23.2 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.24.2 255.255.255.0 #
interface LoopBack0
ip address 2.2.2.2 255.255.255.0 #
ospf 1 router-id 2.2.2.2 area 0.0.0.0
network 10.0.12.0 0.0.0.255 network 10.0.23.0 0.0.0.255
network 10.0.24.0 0.0.0.255 # Return
sysname R3 #
router id 3.3.3.3 #
interface GigabitEthernet0/0/0 ip address 10.0.23.3 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 10.0.2.254 255.255.255.0 #
interface LoopBack0
ip address 3.3.3.3 255.255.255.255 #
ospf 1 router-id 3.3.3.3 area 0.0.0.0
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第33页, 共86页
network 3.3.3.3 0.0.0.0 network 10.0.23.0 0.0.0.255 # return
sysname R4 #
interface GigabitEthernet0/0/0 ip address 10.0.24.4 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 10.0.3.254 255.255.255.0 #
interface LoopBack0
ip address 4.4.4.4 255.255.255.255 #
ospf 1 router-id 3.3.3.3 area 0.0.0.0
network 10.0.3.0 0.0.0.255 network 10.0.24.0 0.0.0.255 # Return
文档密级
4.6 OSPF的DR与BDR
最终配置
sysname R1 #
router id 1.1.1.1 #
interface GigabitEthernet0/0/0
ip address 172.16.1.1 255.255.255.0 ospf dr-priority 100 #
interface GigabitEthernet0/0/1
2016-5-12
华为保密信息,未经授权禁止扩散
第34页, 共86页
#
interface GigabitEthernet0/0/2 #
interface NULL0 #
interface LoopBack0
ip address 1.1.1.1 255.255.255.255 # ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255 # Return
sysname R2 #
router id 2.2.2.2 #
interface GigabitEthernet0/0/0
ip address 172.16.1.2 255.255.255.0 ospf dr-priority 50 #
interface GigabitEthernet0/0/1 #
interface GigabitEthernet0/0/2 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255 # Return
sysname R3 #
router id 3.3.3.3
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第35页, 共86页
#
interface GigabitEthernet0/0/0
ip address 172.16.1.3 255.255.255.0 #
interface GigabitEthernet0/0/1 #
interface GigabitEthernet0/0/2 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255 # Return
sysname R4 #
router id 4.4.4.4 #
interface GigabitEthernet0/0/0
ip address 172.16.1.4 255.255.255.0 ospf dr-priority 0 #
interface GigabitEthernet0/0/1 #
interface GigabitEthernet0/0/2 #
interface NULL0 # ospf 1
area 0.0.0.0
network 172.16.1.0 0.0.0.255
文档密级
4.7 OSPF开销值、协议优先级及计时器的修改
2016-5-12
华为保密信息,未经授权禁止扩散 第36页, 共86页
文档密级
最终配置
sysname R1 #
interface Serial4/0/0 link-protocol ppp
ip address 10.0.12.1 255.255.255.0 #
interface GigabitEthernet0/0/0
ip address 10.0.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.13.1 255.255.255.0 ospf cost 1000 ospf timer hello 20 # ospf 1
preference 110 area 0.0.0.0
network 10.0.1.0 0.0.0.255 network 10.0.12.0 0.0.0.255 network 10.0.13.0 0.0.0.255 #
sysname R2 # #
interface Serial4/0/0 link-protocol ppp
ip address 10.0.12.2 255.255.255.0 #
interface Serial4/0/1 link-protocol ppp
ip address 10.0.24.2 255.255.255.0 #
ospf 1 area 0.0.0.0
2016-5-12
华为保密信息,未经授权禁止扩散
第37页, 共86页
network 10.0.12.0 0.0.0.255 network 10.0.24.0 0.0.0.255 #
sysname R3 #
interface GigabitEthernet0/0/0 ip address 10.0.13.3 255.255.255.0 ospf timer hello 20 #
interface GigabitEthernet0/0/1 ip address 10.0.34.3 255.255.255.0 # ospf 1
area 0.0.0.0
network 10.0.13.0 0.0.0.255 network 10.0.34.0 0.0.0.255 #
sysname R4 #
interface Serial4/0/0 link-protocol ppp
ip address 10.0.24.4 255.255.255.0 #
interface GigabitEthernet0/0/0 ip address 10.0.34.4 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.45.4 255.255.255.0 # ospf 1
preference 110 area 0.0.0.0
network 10.0.24.0 0.0.0.255 network 10.0.34.0 0.0.0.255 network 10.0.45.0 0.0.0.255 #
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第38页, 共86页
sysname R5 #
interface GigabitEthernet0/0/0 ip address 10.0.45.5 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 10.0.2.254 255.255.255.0 # ospf 1
area 0.0.0.0
network 10.0.2.0 0.0.0.255 network 10.0.45.0 0.0.0.255 #
文档密级
4.8 连接RIP与OSPF网络
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.2.2.1 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.1 255.255.255.0 # ospf 1
import-route rip 1 area 0.0.0.0
network 20.2.2.0 0.0.0.255 # rip 1
undo summary version 2
network 10.0.0.0
import-route ospf 1 cost 3 # return
2016-5-12
华为保密信息,未经授权禁止扩散
第39页, 共86页
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.2.2.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.1.1.254 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 24.1.1.2 255.255.255.0 # rip 1
undo summary
version 2 network 10.0.0.0 network 20.0.0.0 network 24.0.0.0 # return
sysname R3 #
interface GigabitEthernet0/0/0 ip address 20.1.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.3 255.255.255.0 # ospf 1
area 0.0.0.0
network 20.2.2.0 0.0.0.255
network 20.1.1.0 0.0.0.255 # return
文档密级
4.9 使用RIP、OSPF发布默认路由
2016-5-12
华为保密信息,未经授权禁止扩散
第40页, 共86页
文档密级
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.2.2.1 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.1 255.255.255.0 # ospf 1
default-route-advertise always area 0.0.0.0
network 20.2.2.0 0.0.0.255
# rip 1
undo summary
default-route originate version 2
network 10.0.0.0 # return
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.2.2.2 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.1.1.254 255.255.255.0 # rip 1
undo summary version 2
network 10.0.0.0 # return
2016-5-12
华为保密信息,未经授权禁止扩散
第41页, 共86页
sysname R3 #
interface GigabitEthernet0/0/0 ip address 20.1.1.254 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 20.2.2.3 255.255.255.0 # ospf 1
area 0.0.0.0
network 20.1.1.0 0.0.0.255
network 20.2.2.0 0.0.0.255 # Return
文档密级
第五章 VRRP
5.1 VRRP基本配置
最终配置
sysname R1 #
interface GigabitEthernet0/0/0
ip address 172.16.2.254 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.3.254 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255 network 172.16.2.0 0.0.0.255 network 172.16.3.0 0.0.0.255 # return
2016-5-12
华为保密信息,未经授权禁止扩散
第42页, 共86页
sysname R2 #
interface Ethernet0/0/1
ip address 172.16.1.100 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254 vrrp vrid 1 priority 120 #
interface GigabitEthernet0/0/0
ip address 172.16.2.100 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255 network 172.16.1.0 0.0.0.255 network 172.16.2.0 0.0.0.255 # Return
sysname R3 #
interface Ethernet0/0/1
ip address 172.16.1.200 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254 #
interface GigabitEthernet0/0/1
ip address 172.16.3.200 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255 network 172.16.1.0 0.0.0.255 network 172.16.3.0 0.0.0.255 # return
文档密级
5.2 配置VRRP多备份组
2016-5-12
华为保密信息,未经授权禁止扩散 第43页, 共86页
文档密级
最终配置
sysname R1 #
interface GigabitEthernet0/0/0
ip address 172.16.2.254 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.3.254 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.2.254 0.0.0.0
network 172.16.3.254 0.0.0.0 # Return
sysname R2 #
interface Ethernet0/0/1
ip address 172.16.1.254 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254 vrrp vrid 1 priority 120
vrrp vrid 2 virtual-ip 172.16.1.253 vrrp vrid 2 priority 200
vrrp vrid 2 preempt-mode disable # interface GigabitEthernet0/0/0
ip address 172.16.2.100 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.1.100 0.0.0.0 network 172.16.2.100 0.0.0.0 # Return
2016-5-12
华为保密信息,未经授权禁止扩散
第44页, 共86页
#
sysname R3 #
interface Ethernet0/0/0 #
interface Ethernet0/0/1
ip address 172.16.1.200 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254 vrrp vrid 1 priority 254
vrrp vrid 2 virtual-ip 172.16.1.253 vrrp vrid 2 priority 120 #
interface GigabitEthernet0/0/1
ip address 172.16.3.200 255.255.255.0 # ospf 1
area 0.0.0.0
network 172.16.1.200 0.0.0.0 network 172.16.3.200 0.0.0.0 # Return
文档密级
5.3 配置VRRP的跟踪接口及认证
最终配置
interface GigabitEthernet0/0/0
ip address 172.16.2.254 255.255.255.0 #
interface GigabitEthernet0/0/1
ip address 172.16.3.254 255.255.255.0
interface Ethernet1/0/1
ip address 172.16.1.100 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254 vrrp vrid 1 priority 120
vrrp vrid 1 track interface GigabitEthernet0/0/0 reduced 50
vrrp vrid 1 authentication-mode md5 %$%$!B56J6\
2016-5-12
华为保密信息,未经授权禁止扩散
第45页, 共86页
#
interface GigabitEthernet0/0/0
ip address 172.16.2.100 255.255.255.0
interface Ethernet1/0/1
ip address 172.16.1.200 255.255.255.0 vrrp vrid 1 virtual-ip 172.16.1.254
文档密级
vrrp vrid 1 authentication-mode md5 %$%$xASELV]Z77V(rDFgUna@6FBd%$%$ #
interface GigabitEthernet0/0/1
ip address 172.16.3.200 255.255.255.0
第六章 基础过滤工具
6.1 配置基本的访问控制列表
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.0.13.1 255.255.255.0 #
interface LoopBack0
ip address 1.1.1.1 255.255.255.255 # ospf 1 area 0.0.0.0
network 1.1.1.1 0.0.0.0 network 10.0.13.0 0.0.0.255 # return
2016-5-12
华为保密信息,未经授权禁止扩散
第46页, 共86页
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.23.2 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.23.0 0.0.0.255 # return
sysname R3 #
interface GigabitEthernet0/0/0 ip address 10.0.13.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.23.3 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.34.3 255.255.255.0 #
interface LoopBack0
ip address 3.3.3.3 255.255.255.0 # ospf 1 area 0.0.0.0
network 3.3.3.3 0.0.0.0 network 10.0.13.0 0.0.0.255 network 10.0.23.0 0.0.0.255 network 10.0.34.0 0.0.0.255 # Return
sysname R4 #
acl number 2000
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第47页, 共86页
rule 5 permit source 1.1.1.1 0 rule 8 permit source 3.3.3.3 0 rule 10 deny #
interface GigabitEthernet0/0/0 ip address 10.0.34.4 255.255.255.0 #
interface LoopBack0
ip address 4.4.4.4 255.255.255.0 # ospf 1 area 0.0.0.0
network 4.4.4.4 0.0.0.0 network 10.0.34.0 0.0.0.255 #
user-interface vty 0 4 acl 2000 inbound
set authentication password
cipher %$%$8ir_JOp^L>rX3)$*,VL0,#[Yk^Ym76n[+Mw]h#1iCyE4#[\\,%$%$ # Return
文档密级
6.2 配置高级的访问控制列表
最终配置
sysname R1 #
interface GigabitEthernet0/0/0 ip address 10.0.13.1 255.255.255.0 #
interface LoopBack0
ip address 1.1.1.1 255.255.255.255 # ospf 1 area 0.0.0.0
network 1.1.1.1 0.0.0.0 network 10.0.13.0 0.0.0.255 #
2016-5-12
华为保密信息,未经授权禁止扩散
第48页, 共86页
return
sysname R2 #
interface GigabitEthernet0/0/0 ip address 10.0.23.2 255.255.255.0 # ospf 1 area 0.0.0.0
network 10.0.23.0 0.0.0.255 # return
sysname R3 #
interface GigabitEthernet0/0/0 ip address 10.0.13.3 255.255.255.0 #
interface GigabitEthernet0/0/1 ip address 10.0.23.3 255.255.255.0 #
interface GigabitEthernet0/0/2 ip address 10.0.34.3 255.255.255.0 #
interface LoopBack0
ip address 3.3.3.3 255.255.255.0 # ospf 1 area 0.0.0.0
network 3.3.3.3 0.0.0.0 network 10.0.13.0 0.0.0.255 network 10.0.23.0 0.0.0.255 network 10.0.34.0 0.0.0.255 # Return
2016-5-12
华为保密信息,未经授权禁止扩散
文档密级
第49页, 共86页
[V200R003C00] #
sysname R4 #
acl number 2000
rule 5 permit source 1.1.1.1 0 rule 8 permit source 3.3.3.3 0 rule 10 deny #
acl number 3000
rule 5 permit ip source 1.1.1.1 0 destination 4.4.4.4 0 #
interface GigabitEthernet0/0/0 ip address 10.0.34.4 255.255.255.0 #
interface LoopBack0
ip address 4.4.4.4 255.255.255.0 #
interface LoopBack1
ip address 40.40.40.40 255.255.255.255 # ospf 1 area 0.0.0.0
network 4.4.4.4 0.0.0.0 network 10.0.34.0 0.0.0.255 network 40.40.40.40 0.0.0.0 #
user-interface vty 0 4 acl 3000 inbound
authentication-mode password set authentication password
cipher %$%$2cAF6\# return
文档密级
6.3 配置前缀列表
最终配置
sysname R1
2016-5-12
华为保密信息,未经授权禁止扩散
第50页, 共86页
正在阅读:
空置房物业费减免合法性分析03-27
1号竖井施工方案03-21
县爱委办关于开展第24个世界无烟日活动及控烟履约的工作总结03-20
受限空间作业台账- 济源市安全生产网-首页 - 图文09-16
中石化集团公司安全生产禁令实施细则09-16
政府采购专家考试试题及答案(采购二试题)08-13
合肥市科技进步奖推荐书06-25
酒店英语期末考试试卷(1)11-30
- 多层物业服务方案
- (审判实务)习惯法与少数民族地区民间纠纷解决问题(孙 潋)
- 人教版新课标六年级下册语文全册教案
- 词语打卡
- photoshop实习报告
- 钢结构设计原理综合测试2
- 2014年期末练习题
- 高中数学中的逆向思维解题方法探讨
- 名师原创 全国通用2014-2015学年高二寒假作业 政治(一)Word版
- 北航《建筑结构检测鉴定与加固》在线作业三
- XX县卫生监督所工程建设项目可行性研究报告
- 小学四年级观察作文经典评语
- 浅谈110KV变电站电气一次设计-程泉焱(1)
- 安全员考试题库
- 国家电网公司变电运维管理规定(试行)
- 义务教育课程标准稿征求意见提纲
- 教学秘书面试技巧
- 钢结构工程施工组织设计
- 水利工程概论论文
- 09届九年级数学第四次模拟试卷
- 华为
- 技术认证
- 网络技术
- 配置
- 参考
- 实验
- 指南
- HCNA
- 全省第十二届教师自制多媒体教育软件评比活动获奖名单 - 图文
- 井控考试试卷
- 工程力学考试样题2010
- 《汽车电气设备构造与维修》教案1
- 涵洞施工组织设计
- 机房工程招标文件( 技术规范书) - 图文
- 不合理投诉评价投诉规范考试答案
- 建发交字532号铁路、公路、城市道路设置立体交叉的暂行规定
- 一二三四五六年级上音乐试题 - 图文
- 《机械CAD、CAM》课程教学大纲(8月30日)
- 全面预算管理综合试题
- 高二数学教学设计与反思必修5余弦定理
- 乐事薯片调查报告
- 计量试题1
- 山东省高等学校实行党委领导下的校长负责制的实施办法(试行)
- 新版2011第五届大学生业余模特大赛(总策划)
- 中国地质大学2016年北戴河实习基地实习计划
- 有色金属冶炼项目可行性研究报告
- 六年级阅读短文练习
- 曹田坑坝后电站技改方案