浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 操作系统区 应用网络 华为交换机、路由器 实验AR1200+S5700+S3700网络组网
返回列表 发新帖
查看: 1062|回复: 1

实验AR1200+S5700+S3700网络组网

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2022-3-23 15:00:01 | 显示全部楼层 |阅读模式
AR1200+S5700+S3700访问外网的例子,其实也是我们公司实际的网络拓扑网,只是公司的还没有进行配置,AR2220做为路由访问外网,一台S5700是核心交换机,两台S3700做为接入层交换机使用,为每台S3700划分一个vlan,在本例中,一个是vlan 2,一个是vlan 4,只要这两个会了,再增加交换机也就没有问题了,希望对初学者有些帮助.网络拓扑图如下:
( E8 U/ |7 p3 v
- m6 W2 U/ x4 _, |
画图水平不行, 凑活着看就行,下面配置主路由器AR1200,'号后面是备注信息,配置如下:
9 ?, ^( c3 r7 P" C3 M6 E6 i* `
[Huawei]acl number 2000                * b' X( t+ W; V0 z4 N0 X/ }
[Huawei-acl-basic-2000]rule 5 permit source 192.168.0.0 0.0.255.255   '做个acl,可以根据自己需要配置IP,4 b# {- z+ R+ V$ e
[Huawei-acl-basic-2000]q
- O$ |5 x$ Z- N3 T8 c[Huawei]vlan 100
9 t* t" D* ^/ B* ]! V7 A+ a( V[Huawei-vlan100]q. }- d, B- a6 H0 y0 r
[Huawei]interface giga 0/0/0
( W+ z- ]: M6 ?& J[Huawei-GigabitEthernet0/0/0]ip address 192.168.1.3 24  '配置外网IP地址,也就是联通呀,移动等运营商提供给你的IP址,24是掩码            {/ J1 T, u9 \
[Huawei-GigabitEthernet0/0/0]q5 h5 i5 H  F' S' [- N
[Huawei]interface giga 0/0/1
: Z8 {& Q+ a. B[Huawei-GigabitEthernet0/0/1]ip address 1.1.1.1 24   8 E; i: f! Q, s0 C  U4 v
[Huawei-GigabitEthernet0/0/1]q0 c1 s" G8 I, U( ]* N- z6 w, W
[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1       '静态路由,使内网的所有外部访问都指向外网网关,网关是运营商提供的.
: G% U: r8 l# ?; j- F[Huawei]ip route-static 192.168.2.0 255.255.255.0 1.1.1.3  '静态路由,所有访问192.168.2.X的请求指向1.1.1.35 i) ~3 @4 C) n7 s
[Huawei]ip route-static 192.168.4.0 255.255.255.0 1.1.1.4  '静态路由,所有访问192.168.4.X的请求指向1.1.1.42 c# W  t6 R' L5 c) K' v4 P3 D
[Huawei]                                                                        '可以根据需要自己再增加) u4 o$ y6 \; m& c! a( {! B
<Huawei>
6 k  L$ u! F" A0 I3 S刚开始搞不明白为什么路由器上的接口可以设置IP地址,交换机上的就不行,输入命令时经常搞错,所以遇到路由器就在接口上设置IP,交换机就在Vlanif接口上设置IP就行,也不知我的想法对不./ j9 I$ K! ^7 I, e* h0 y; E

0 k; I3 E8 G/ D: r
接下来配置S5700核心交换机,配置如下:
[Huawei]undo info-center enable
9 v! G, |2 d3 u* z% t% w8 Y8 LInfo: Information center is disabled.
0 r; w, ^0 g: ^7 e! ]7 l[Huawei]vlan 100
; ~3 z  x+ ~5 ?[Huawei-vlan100]q1 G: `* Z- d1 Y
[Huawei]interface vlanif 100  z3 Q! |% c8 M% Y" A, D+ c! N
[Huawei-Vlanif100]ip address 1.1.1.2 24
& m) V/ Z6 E; U& M3 z[Huawei-Vlanif100]q
4 M9 g% `% _' o3 @+ d! @3 k. m[Huawei]interface giga 0/0/22& Y5 u6 o. V# T  \' s9 ^* e
[Huawei-GigabitEthernet0/0/22]port link-type trunk                      '交换机和交换机之间连接用trunk接口: o/ B# ]7 z6 f+ A/ R

$ [3 T; x$ w; M[Huawei-GigabitEthernet0/0/22]port trunk allow-pass vlan 100 2     '允许通过vlan100和vlan2' m  K3 E$ x7 f
[Huawei-GigabitEthernet0/0/22]q/ D% t' Q  k1 B- I  ]+ A0 B7 g
[Huawei]ip route-static 0.0.0.0 0.0.0.0 1.1.1.1
% y# B1 \1 M' o: G9 O2 _/ ^" r[Huawei]interface giga 0/0/24
4 U6 |0 ?, Q3 @% f  ?9 l1 g" |5 u" W' Q" ^1 }4 X
[Huawei-GigabitEthernet0/0/24]port link-type access
# S( ?, `; W+ t) c- l[Huawei-GigabitEthernet0/0/24]port default vlan 100! j  h4 E- A% I3 x7 e5 `, Q5 p# r
[Huawei-GigabitEthernet0/0/24]q
$ @# n/ q2 k7 Z( H4 ?[Huawei]interface giga 0/0/23
. k# n5 F3 Q; p5 C9 E[Huawei-GigabitEthernet0/0/23]port link-type trunk                     '同上面22接口) V  d" N" P7 e* Q
[Huawei-GigabitEthernet0/0/23]port trunk allow-pass vlan 100 4    '允许通过vlan100和vlan4
- w' r. M' B3 f" Q) v6 V[Huawei-GigabitEthernet0/0/23]q/ V" u8 ]" G  V* m+ u/ K

/ X3 ?. B( [; B, P$ ^
9 E1 R% T$ r8 R6 ?. L+ @
# E( \5 N( ?! P2 G下面配置S3700交换机,属于vlan2
[Huawei]undo info-center enable9 [; ^, _& n. \6 E2 c
Info: Information center is disabled.
6 v; f! G3 M4 V, ~1 t[Huawei]vlan 100
: ^9 X* O. ]6 P2 P[Huawei-vlan100]q
, m0 A! U+ Q: C* c* R[Huawei]interface eth 0/0/225 L  x" d+ `6 D9 p% n/ E8 n
[Huawei-Ethernet0/0/22]ip address 1.1.1.3 24  '在这个地方出错了,不允许在接口上设置IP
# y* M" u/ A$ L8 V; a' V                          ^3 ]) _" m% A9 Z% i# ^
Error: Unrecognized command found at '^' position.1 t' b* X% ^8 \; X# j
[Huawei-Ethernet0/0/22]port link-type trunk' K) D- Q& V- z; b
[Huawei-Ethernet0/0/22]port trunk allow-pass vlan 100 2
' ?& r6 W/ A2 ^7 O2 w[Huawei-Ethernet0/0/22]q1 g/ {+ L$ S8 f1 s- Z
[Huawei]interface vlanif 100
/ z5 a+ k! r( v6 _[Huawei-Vlanif100]ip address 1.1.1.3 24
: Q2 {" v- a7 t% `[Huawei-Vlanif100]q
4 v5 |% q& e( }  R8 a[Huawei]vlan 2) W( ]- E4 b6 n2 p4 e2 h) ?6 v9 _$ e7 ^
[Huawei-vlan2]q: i5 P( j0 l1 T+ b; `
[Huawei]interface vlanif 2
, B$ R  p8 ~; V[Huawei-Vlanif2]ip address 192.168.2.1 24# [- x, b; T8 @$ p
[Huawei-Vlanif2]q
1 R& Z" P+ P  u# M. Y8 ][Huawei]ip route-static 0.0.0.0 0.0.0.0 1.1.1.1
3 `- _& X( E& g7 V[Huawei]interface eth 0/0/1
8 e2 A: b; r  S% d[Huawei-Ethernet0/0/1]port hybrid untagged vlan 2
% L: p* w& F) w' D) f4 k
[Huawei-Ethernet0/0/1]port hybrid pvid vlan 2
8 O+ j& G! a, x5 z& |. M' d" m
[Huawei-Ethernet0/0/1]port hybrid untagged vlan 100 2
% p1 G1 z2 v. w1 p[Huawei-Ethernet0/0/1]dis this         ' 查看一下接口信息8 ]+ n. L0 D6 }
#
; j! O0 e0 R& Jinterface Ethernet0/0/16 v4 `; f4 B4 X) ~8 I9 [/ D
port hybrid pvid vlan 2
& [' J/ I" m* u+ Q* U* W) Y. K port hybrid untagged vlan 2 100
; o: B- }' `' e#
; W# p( ]/ g" A7 J3 kreturn1 o! d4 u1 e" w. @0 C; a4 X

0 G8 n% s) T! t
下面配置S3700-2交换机,属于vlan4
[Huawei]undo info-center enable; q* |& M; i& t" s( x; n8 V
Info: Information center is disabled.
+ X, l  R5 o" y2 z, Z6 o& V[Huawei]vlan 100  r: J' I6 y8 V( l  R; [" D* R
[Huawei-vlan100]q& x& M# M  t# W0 A
[Huawei]interface vlanif 100; `  |$ s7 B9 m' j' [7 @. R0 s
[Huawei-Vlanif100]ip address 1.1.1.4 24* T" j  Q- [# J9 k$ m1 ?. k5 h
[Huawei-Vlanif100]q
( C% Y& F* Y7 g; E1 e! m[Huawei]interface eth 0/0/22! l& q7 Z5 ~6 ~
[Huawei-Ethernet0/0/22]port link-type trunk3 Y& U  w- T, G6 B9 [: Z/ N
[Huawei-Ethernet0/0/22]port trunk allow-pass vlan 100 4
0 y/ P  g" C. w[Huawei-Ethernet0/0/22]dis this
' C: b3 q9 J6 d- I% [#
0 T6 T/ z3 Z' n7 Jinterface Ethernet0/0/225 g( t8 a) T) \
port link-type trunk
" G( V4 t. E- f# G port trunk allow-pass vlan 4 100
$ @7 d8 G! l0 w$ M! i#
) i9 U" i+ W. Yreturn5 X$ [: W6 D6 c+ B
[Huawei-Ethernet0/0/22]q
% }7 ]) U- \  G: v+ C[Huawei]vlan 4& U5 S; h" V! f8 F5 L  g7 ~: v/ M
[Huawei-vlan4]q
! \' ~* m) {- r1 v2 ~6 P1 Q
[Huawei]interface vlanif 4
3 P5 C( ~% A+ L* k- J1 Q[Huawei-Vlanif4]ip address 192.168.4.1 243 H6 U: N6 H$ J! W" X, h# @, S
[Huawei-Vlanif4]q
( T* ]9 c# |" A# [2 D[Huawei]ip route-static 0.0.0.0 0.0.0.0 1.1.1.19 i2 O6 r. C  O1 I
[Huawei]ping 192.168.4.1
8 }0 C6 G2 e& `% B4 p" N  PING 192.168.4.1: 56  data bytes, press CTRL_C to break8 E& M2 |, G7 v, P7 v
    Reply from 192.168.4.1: bytes=56 Sequence=1 ttl=255 time=20 ms# t8 Z1 t) u" f4 v0 t, c, P$ F- C
    Reply from 192.168.4.1: bytes=56 Sequence=2 ttl=255 time=10 ms
7 V( z, a% L3 H1 t( W+ G    Reply from 192.168.4.1: bytes=56 Sequence=3 ttl=255 time=1 ms
$ ~% P/ Z& ?% r    Reply from 192.168.4.1: bytes=56 Sequence=4 ttl=255 time=30 ms
: D+ V- p4 \8 ]( V3 W( X    Reply from 192.168.4.1: bytes=56 Sequence=5 ttl=255 time=1 ms
3 ^- c, ~, V# l! _8 Y/ R  --- 192.168.4.1 ping statistics ---& l# \4 u: x/ [" o# O( e7 j$ G
    5 packet(s) transmitted: t+ |& E& Z/ j! B: C9 J6 {; y6 L
    5 packet(s) received
% S9 j+ z" \1 P: O    0.00% packet loss+ ?* \# R4 `) z! b) O( T* y
    round-trip min/avg/max = 1/12/30 ms
' w: _5 L0 f& a[Huawei]interface eth 0/0/1
$ o( Q2 v* |0 W% S1 m- [* }. ]
[Huawei-Ethernet0/0/1]port hybrid untagged vlan 100 4, Z' I3 f( R" e: z. V
[Huawei-Ethernet0/0/1]port hybrid pvid vlan 4
. @; k! ^& A- T# f  h! {0 a3 U  H4 @
[Huawei-Ethernet0/0/1]q& A2 a' G% o" X4 Q4 T8 L: C% A9 _
9 V) m9 H/ b: M1 K$ }* e( k" J) {
好了,交换机和路由器的设置就完成了,把两个PC客户端配置好IP地址就可以试试效果了,但由于是模拟器的原因,在长间没有使用时,有时候会有ping不通的情况,在我这里两个都能ping通外网,vlan2和vlan4之间也能互通.在真实的设备上我们可以启用web界面和telnet,然后通过1.1.1.1,1.1.1.2,1.1.1.3这些地址来访问和管理路由器和交换机了,端口隔离,mac黑洞之类的配置可以在web界面上操作,谁让咱会的太少了.下面是前两个例子的地址,从简到稍难

( j& P' E7 |2 o$ t
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2022-3-23 15:00:02 | 显示全部楼层
首先配置AR2220,设置GE0接口IP为固定外网地址,设置GE1接口IP为1.1.1.1,然后做两条静态路由,创建vlan 100,红色文本是需要特别多看几眼的,代码如下:
[Huawei]vlan 100

6 O$ B, f: X$ q, U$ b
[Huawei-vlan100]q

0 G7 ]0 j. V) h  _
[Huawei]acl number 2000

1 X2 A( n! P* K6 Q
[Huawei-acl-basic-2000]rule 5 permit source 192.168.0.0 0.0.255.255
# N1 X" \3 b+ J) @  y' @' f: C
[Huawei-acl-basic-2000]q

, ^5 h0 O6 c( x4 y
[Huawei]interface giga 0/0/0

- I5 ~4 o2 T5 p/ \! k
[Huawei-GigabitEthernet0/0/0]ip address 192.168.1.3 255.255.255.0

; M; X1 }0 _  U; M" d' {0 j
[Huawei-GigabitEthernet0/0/0]
- I. a1 n  I8 k0 g5 G, E
Mar 13 2014 07:34:12-05:13 Huawei %IFNET/4/LINK_STATE(l)[1]:The line protocol
3 L1 o# |  f9 W8 O
IP on the interface GigabitEthernet0/0/0 has entered the UP state.

% H8 ~" x3 g2 [8 w1 ]
[Huawei-GigabitEthernet0/0/0]q

& S0 J0 w& G( s* ^
[Huawei]interface giga 0/0/1
. ?' r8 p! b% W( T+ J
[Huawei-GigabitEthernet0/0/1]ip address 1.1.1.1 255.255.255.0
- e; `6 ]2 W' j. `8 I% {! `
[Huawei-GigabitEthernet0/0/1]q
7 x2 z5 Q, X5 g" q
[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
' D/ L* l. `7 D4 q& r  Y
[Huawei]ip route-static 192.168.0.0 255.255.0.0 1.1.1.2

* V, V/ F4 U/ ~# E2 }5 D0 k9 s
[Huawei]q
6 w7 @9 B8 S- X  E( V1 {
save

5 r3 z" ]( O+ i
  The current configuration will be written to the device.
; ^/ i" l& J7 `8 c( K1 v
  Are you sure to continue? (y/n)[n]:y

8 U4 g, }* v$ S3 l# a9 V; P' \7 a
  It will take several minutes to save configuration file, please wait..........
( o, E$ t7 B, o( a' D" H' ^

/ |: G; O4 ]  x+ S- ?8 d, ]0 q4 _
  Configuration file had been saved successfully
, \+ I. m8 q9 A5 L* G; d) s% t& }
  Note: The configuration file will take effect after being activated

" _$ d4 `6 `3 u; }8 v) l2 b7 g: ^. O2 P1 {+ \3 W/ H
Mar 13 2014 07:37:25-05:13 Huawei ARP/4/ARP_IPCONFLICT_TRAP:OID 16777216.50331648
9 \* I$ i+ F$ p* W
.100663296.16777216.67108864.16777216.3674669056.83886080.419430400.2063597568.33

; u1 r, H; ~5 z/ h, B1 g. i0 D
554432.100663296 ARP detects IP conflict. (IP address=201.1.168.192, Local interf

/ C) r5 J7 E' Z# Q' ]. i0 g: e
ace=GigabitEthernet0/0/0, Local MAC=4437-e68c-b212, Local vlan=0, Local CE vlan=0
3 C& A% A- G- S! B3 s2 C5 ^
, Receive interface=GigabitEthernet0/0/0, Receive MAC=1c1a-c00f-253f, Receive vla
: t7 P% S6 r  X$ O. h  q1 c, ?" Z+ L
n=0, Receive CE vlan=0, IP conflict type=Remote IP conflict).
4 V/ ?8 k* Q. `& C% X: Z# L( ]/ x

9 y; B8 @- D& m) R- U- ]. W. ]' T: `7 X1 ?5 x
接下来配置S5700交换机,GE1接口IP为1.1.1.2,属于vlan100,GE2接口属于vlan1,GE3接口属于vlan2,代码如下
[Huawei]vlan batch 2 4 6 8 100
Info: This operation may take a few seconds. Please wait for a moment...done.

2 \1 M3 Y" q7 O1 ?
[Huawei]

% z$ [. h- z/ ?, r; V  j
Mar 13 2014 10:38:34-08:00 Huawei DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.

5 e( W# X- G3 ?% i+ t' X& U
25.191.3.1 configurations have been changed. The current change number is 4, the
& J3 L( A) \; P' [
change loop count is 0, and the maximum number of records is 4095.

1 V) x* u9 T! O8 _3 P$ H0 W9 H
[Huawei]interface vlanif 100
# l; @% ?# G8 B, C
[Huawei-Vlanif100]ip address 1.1.1.2 255.255.255.0

# a2 j! t. y, P& s
[Huawei-Vlanif100]

+ E" d4 O5 r* P( U0 b+ V! {  Z
Mar 13 2014 10:40:14-08:00 Huawei DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.
: D) U8 B; q8 q+ l( a0 G9 o7 V
25.191.3.1 configurations have been changed. The current change number is 6, the

( }0 B; \" ^8 _. o8 g5 f( P
change loop count is 0, and the maximum number of records is 4095.
" O& s' e7 G2 j6 o6 k: S
[Huawei-Vlanif100]q

, m/ x: R0 @4 a6 `. W+ A
[Huawei]interface giga 0/0/1
  B3 v8 z0 E3 `% b+ `
[Huawei-GigabitEthernet0/0/1]port link-type access
; N' K* V: z! }  Z6 {
[Huawei-GigabitEthernet0/0/1]port default vlan 100
) h8 F- |6 A; i* L0 i5 g8 q$ H
[Huawei-GigabitEthernet0/0/1]q

  N/ K# P% F) [& a* G9 p3 k% S% Z
[Huawei]ip route-static 0.0.0.0 0.0.0.0 1.1.1.1
1 {! ^6 m: p# N( n
[Huawei]
# _+ b% z7 Z0 n$ s3 I) d. l
Mar 13 2014 10:43:24-08:00 Huawei DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.
8 p* j4 ~) U' `2 L
25.191.3.1 configurations have been changed. The current change number is 9, the

# D9 V/ Z, Q* @$ S
change loop count is 0, and the maximum number of records is 4095.

- b+ n* y% [! C. a7 P2 ]: h- b. _
[Huawei]interface vlanif 1

3 A0 l) f4 p5 p. Y' F. `
[Huawei-Vlanif1]ip address 192.168.0.1 255.255.255.0

# J" G! W! u3 b  v7 {5 Z' Z2 Y
[Huawei-Vlanif1]q

/ H' s4 Y. Q* K
[Huawei]interface vlanif 2

7 c# }# Q0 ~6 G; p0 _% F
[Huawei-Vlanif2]ip address 192.168.2.1 255.255.255.0
- T! h9 ]6 j3 v' G, s
[Huawei-Vlanif2]q
4 N+ U4 ]2 [& l. R4 G% A1 i2 B
[Huawei]interface giga 0/0/3

" G7 [+ J0 G0 D& C! u" }
[Huawei-GigabitEthernet0/0/3]port link-type access

/ g& e( w2 U$ ^
[Huawei-GigabitEthernet0/0/3]port default vlan 2
. x+ O. S7 H% C" @! Q
[Huawei-GigabitEthernet0/0/3]
# F- N- v* w# ?
[Huawei]q
: G: S- H3 R0 r& S
save
% ]; P, c$ Z& g1 l7 L$ X% d: x
The current configuration will be written to the device.

3 k: ^7 Q8 D% L( \9 \* u
Are you sure to continue?[Y/N]y
" R7 {' w6 P3 t2 D# q
Now saving the current configuration to the slot 0.

! `9 K0 Z+ ^0 b2 E) z1 o
Mar 13 2014 11:02:44-08:00 Huawei %CFM/4/SAVE(l)[11]:The user chose Y when dec
4 W0 [* U5 [$ D/ [1 O# p. a, p
iding whether to save the configuration to the device.

) U1 Z: w, j2 ~; H: b" c
Save the configuration successfully.

; v! Y4 Y6 l& Z  A4 ]
; U  G& }3 s2 {+ k9 A( Z+ n% e- f
然后设置PC1和PC2的IP地址,先ping 1.1.1.1,如果没有问题再ping 192.168.1.3,192.168.1.111,202.99.192.66,一路ping下来是不是感觉有点小成就感,如果PC2无法ping通,那么就像昨天一样,在自己的真实路由器上做个静态路由指向192.168.2.0便可以了.需要的可以下载附件导出配置文件看.

! E* v$ N' b0 K# J8 P+ V5 o  d* H5 t. u( k9 Y: a

# b  r+ m' v7 Z4 [' k
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 01:50 , Processed in 0.025043 second(s), 22 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表