[计算机硬件及网络]网络工程集成实训报告.doc

网络工程集成实训报告1. 实验目的1、 通过设计综合网络实验，熟悉各种路由交换协议的原理。2、 熟悉搭建基本网络环境，规划网络及划分IP地址。3、 掌握交换机Vlan技术的原理，以及划分Vlan、添加端口、端口属性等Vlan间通讯的配置方法。4、 掌握STP生成树协议的原理及链路聚合的配置方法，包括端口速率、端口工作模式及端口聚合等。5、 掌握常用的动态路由协议RIP、OSPF的原理，以及VRRP技术的作用及配置命令。6、 掌握访问控制列表（ACL）、NAT地址转换以及路由引入的应用。7、 掌握GRE VPN技术原理及隧道技术的配置。8、 对网络设计过程中出现的错误进行分析，掌握检错排错的方法。2. 实验内容及要求1、 通过已掌握的路由交换技术，设计网络，画出拓扑图及规划IP地址。2、 构架实际的网络系统，实现网络的功能，并掌握以下路由交换技术：1) 通过网络拓扑图，对设备进行连接并将设备的配置初始化。2) 按照交换机端口划分表，为交换机创建Vlan、添加端口。注意须将交换机间连接的端口的属性设置为trunk，才能进行通讯。3) 按照IP地址规划表，为设备划分IP地址，实现基本网络连接环境4) 为内网设备配置RIP动态路由协议，实现内网设备的互通。考虑到后面要运用到路由引入，实现将OSPF路由引入到RIP协议中，此处使用RIPv2.5) 在交换机SWA-3及SWB-3上配置VRRP双备份组，实现负载均衡及网络侦测。6) 为外网部分的设备配置OSPF路由协议，实现外网间通信7) 在路由器RA及RB上配置路由引入、ACL访问控制列表及NAT地址转换，实现内网192.168.1.0网段可以访问外网，外网不能访问内网。8) 路由器RA和RB之间配置GRE VPN，实现内网之间通过Tunnel0互相访问。3、 分析并总结3. 实验设备实验设备数量备注H3C AR 28-11路由器3H3C S3610 Series交换机（L3）2H3C S3100 Series交换机（L2）2计算机5Windows XP操作系统以太网线14其中1条交叉线RS-232配置线2V.35 DTE、DCE串口线对14. 实验拓扑图及IP地址规划1、 实验拓扑图2、 交换机端口划分设备名称Vlan接口SWA-32Ethernet1/0/13Ethernet1/0/24Ethernet1/0/3SWB-32Ethernet1/0/13Ethernet1/0/25Ethernet1/0/3SWC-22Ethernet1/0/1 、Ethernet1/0/33Ethernet1/0/2、Ethernet1/0/4SWD-22Ethernet1/0/2、Ethernet1/0/33Ethernet1/0/1、Ethernet1/0/43、 IP地址规划设备名称/协议接口IP地址网关RAE0/0192.168.3.2200.1.1.1E0/1192.168.4.2200.1.1.1S0/0200.1.1.1200.1.1.2Tunnel0192.168.6.1RBE0/0200.1.2.1200.1.1.2E0/1192.168.5.2200.1.2.1Tunnel0192.168.6.2RCE0/1200.1.2.2200.1.1.2S0/0200.1.1.2200.1.2.2SWA-3Vlan-interface 2192.168.1.253Vlan-interface3192.168.2.253Vlan-interface4192.168.3.1192.168.3.2SWB-3Vlan-interface2192.168.1.252Vlan-interface3192.168.2.252Vlan-interface5192.168.4.1192.168.4.2PC1网卡192.168.1.1192.168.1.254PC2网卡192.168.2.1192.168.2.254PC3网卡192.168.1.2192.168.1.254PC4网卡192.168.2.2192.168.2.254PC5网卡192.168.5.3192.168.5.2VRRP1192.168.1.2542192.168.2.2545. 实验过程实验任务一：搭建基本连接环境步骤一：建立物理连接按照实验拓扑图进行连接，其中主意RA与RB之间通过串口电缆背靠背相连，RB与RC之间通过交叉线相连；并将所有设备配置为初始状态，命令如下：<swa>reset saved-configuration<swa>reboot连接过程中，要注意设备间相连的是哪个接口。以防实验过程中因接线上错误，导致部分功能无法正常实现。步骤二：划分Vlan，添加端口按照交换机端口划分表，为交换机划分Vlan并引入端口。过程注意vlan、port命令的使用。注意交换机与交换机之间连接时，要将其端口属性设置为trunk，才能够互相通讯。配置如下：配置SWC-2:<H3C>systemSystem View: return to User View with Ctrl+Z.H3Csysname SWC-2SWC -2vlan 2SWC -2-vlan2port e1/0/1SWC -2-vlan2port e1/0/3SWC -2-vlan2vlan 3SWC -2-vlan3port e1/0/2SWC -2-vlan3port e1/0/4SWC -2-vlan3int e1/0/2SWC -2-Ethernet1/0/2port link-type trunkSWC -2-Ethernet1/0/2port trunk permit vlan 2 3 Please wait. Done.SWC-2-Ethernet1/0/2int e1/0/1SWC-2-Ethernet1/0/1port link-type trunkSWC-2-Ethernet1/0/1port trunk permit vlan 2 3 Please wait. Done.配置SWD-2:<H3C>systemSystem View: return to User View with Ctrl+Z.H3Csysname SWD-2SWD-2vlan 2SWD-2-vlan2port e1/0/2SWD-2-vlan2port e1/0/3SWD-2-vlan2vlan 3SWD-2-vlan3port e1/0/1SWD-2-vlan3port e1/0/4SWD-2-vlan3int e1/0/2SWD-2-Ethernet1/0/2port link-type trunkSWD-2-Ethernet1/0/2port trunk permit vlan 2 3 Please wait. Done.SWD-2-Ethernet1/0/2int e1/0/1SWD-2-Ethernet1/0/1port link-type trunkSWD-2-Ethernet1/0/1port trunk permit vlan 2 3 Please wait. Done.配置SWA-3:<H3C>sysSystem View: return to User View with Ctrl+Z.H3Csysname SWA-3SWA-3vlan 2SWA-3-vlan2port e1/0/1SWA-3vlan 3SWA-3-vlan3port e1/0/2SWA-3vlan 4SWA-3-vlan4port e1/0/3SWA-3int e1/0/1SWA-3-Ethernet1/0/1port link-type trunkSWA-3-Ethernet1/0/1port trunk permit vlan 2 3SWA-3int e1/0/2SWA-3-Ethernet1/0/2port link-type trunkSWA-3-Ethernet1/0/2port trunk permit vlan 2 3配置SWB-3:<H3C>sysSystem View: return to User View with Ctrl+Z.H3Csysname SWB-3SWB-3vlan 2SWB-3-vlan2port e1/0/1SWB-3vlan 3SWB-3-vlan3port e1/0/2SWB-3vlan 5SWB-3-vlan5port e1/0/3SWB-3int e1/0/1SWB-3-Ethernet1/0/1port link-type trunkSWB-3-Ethernet1/0/1port trunk permit vlan 2 3Please wait. Done.SWB-3int e1/0/2SWB-3-Ethernet1/0/2port link-type trunkSWB-3-Ethernet1/0/2port trunk permit vlan 2 3Please wait. Done.步骤三：配置IP地址按照IP地址规划表，为设备配置ip地址。主要命令有interface 及ip address。配置的过程中，要注意子网掩码位数及ip地址本身的正确性，这是实验成功的关键之一。配置如下：配置RA：<H3C>systemH3Csysname RARAint e0/0RA-Ethernet0/0ip address 192.168.3.2 30RA-Ethernet0/0int e0/1RA-Ethernet0/1ip address 192.168.4.2 30RA-Ethernet0/1int s0/0RA-Serial0/0ip address 200.1.1.1 30配置RB:<H3C>systemH3Csysname RBRBint e0/0RB-Ethernet0/0ip add 192.168.5.2 30RB-Ethernet0/0int e0/1RB-Ethernet0/1ip add 200.1.2.1 30配置RC：<H3C>sysH3Csysname RC RCint e0/1RC-Ethernet0/1ip add 200.1.2.2 30 RC-Ethernet0/1int s0/0 RC-Serial0/0ip add 200.1.1.2 30配置SWA-3：SWA-3int vlan 2SWA-3-Vlan-interface2ip add 192.168.1.253 24SWA-3-Vlan-interface2 int vlan 3SWA-3-Vlan-interface3ip add 192.168.2.253 24SWA-3-Vlan-interface3 int vlan 4SWA-3-Vlan-interface4ip add 192.168.3.1 30配置SWB-3：SWB-3int vlan 2SWB-3-Vlan-interface2ip add 192.168.1.252 24SWB-3-Vlan-interface2int vlan 3SWB-3-Vlan-interface3ip add 192.168.2.252 24SWB-3-Vlan-interface3int vlan 5SWB-3-Vlan-interface5ip add 192.168.4.1 30对计算机进行配置：根据IP地址表所示在pc上配置IP地址和网关。配置完成后，在pc的“命令提示符”窗口下，键入命令ipconfig来验证pc的IP地址是否配置正确。PCA的结果应该如下所示：PCB的结果应该如下所示：PCC的结果应该如下所示：PCD的结果应该如下所示：PCE的结果应该如下所示：步骤四：查看交换机及路由器的配置1）查看VLAN，以交换机SWA-3为例，结果显示如下：VLAN ID: 1 VLAN Type: static Route Interface: not configured Description: VLAN 0001 Name: VLAN 0001 Tagged Ports: none Untagged Ports: Ethernet1/0/1 Ethernet1/0/2 Ethernet1/0/4 Ethernet1/0/5 Ethernet1/0/6 Ethernet1/0/7 Ethernet1/0/8 Ethernet1/0/9 Ethernet1/0/10 Ethernet1/0/11 Ethernet1/0/12 Ethernet1/0/13 Ethernet1/0/14 Ethernet1/0/15 Ethernet1/0/16 Ethernet1/0/17 Ethernet1/0/18 Ethernet1/0/19 Ethernet1/0/20 Ethernet1/0/21 Ethernet1/0/22 Ethernet1/0/23 Ethernet1/0/24 GigabitEthernet1/1/1 GigabitEthernet1/1/2 GigabitEthernet1/1/3 GigabitEthernet1/1/4 VLAN ID: 2 VLAN Type: static Route Interface: configured IP Address: 192.168.1.253 Subnet Mask: 255.255.255.0Description: VLAN 0002 Name: VLAN 0002 Tagged Ports: Ethernet1/0/1 Ethernet1/0/2 Untagged Ports: none VLAN ID: 3 VLAN Type: static Route Interface: configured IP Address: 192.168.2.253 Subnet Mask: 255.255.255.0 Description: VLAN 0003 Name: VLAN 0003 Tagged Ports: Ethernet1/0/1 Ethernet1/0/2Untagged Ports: none VLAN ID: 4 VLAN Type: static Route Interface: configured IP Address: 192.168.3.1 Subnet Mask: 255.255.255.252 Description: VLAN 0004 Name: VLAN 0004 Tagged Ports: Ethernet1/0/1 Ethernet1/0/2 Untagged Ports: Ethernet1/0/3VLAN ID: 3 VLAN Type: static Route Interface: configured IP Address: 192.168.2.253 Subnet Mask: 255.255.255.0 Description: VLAN 0003 Name: VLAN 0003 Tagged Ports: Ethernet1/0/1 Ethernet1/0/2Untagged Ports: none VLAN ID: 4 VLAN Type: static Route Interface: configured IP Address: 192.168.3.1 Subnet Mask: 255.255.255.252 Description: VLAN 0004 Name: VLAN 0004 Tagged Ports: Ethernet1/0/1 Ethernet1/0/2 Untagged Ports: Ethernet1/0/32）查看IP地址的配置，以SWA-3为例，结果显示如下：#interface Vlan-interface2 ip address 192.168.1.253 255.255.255.0 rip version 2 multicast vrrp vrid 1 virtual-ip 192.168.1.254 vrrp vrid 1 priority 120 vrrp vrid 1 track interface Vlan-interface4 reduced 30#interface Vlan-interface3 ip address 192.168.2.253 255.255.255.0 rip version 2 multicast vrrp vrid 2 virtual-ip 192.168.2.254#interface Vlan-interface4 ip address 192.168.3.1 255.255.255.252 rip version 2 multicastip address 192.168.2.253 255.255.255.0 rip version 2 multicast vrrp vrid 2 virtual-ip 192.168.2.254#interface Vlan-interface4 ip address 192.168.3.1 255.255.255.252 rip version 2 multicast实验任务二：配置STP及链路聚合 此处，我们通过交换机SWC-2与SWD-2的端口Ethernet1/0/5、Ethernet1/0/6做链路聚合，实现相同Vlan的计算机互相访问；在交换机SWA-3及SWB-3上启动STP，防止网络的环路。步骤一：配置端口的属性配置SWC-2:SWC-2int e1/0/5SWC-2-Ethernet1/0/5port link-type trunkSWC-2-Ethernet1/0/5port trunk permit vlan allPlease wait. Done.SWC-2-Ethernet1/0/5int e1/0/6SWC-2-Ethernet1/0/6port link-type trunkSWC-2-Ethernet1/0/6port trunk permit vlan all Please wait. Done.配置SWD-2:SWD-2int e1/0/5SWD-2-Ethernet1/0/5port link-type trunkSWD-2-Ethernet1/0/5port trunk permit vlan allPlease wait. Done.SWD-2-Ethernet1/0/5int e1/0/6SWD-2-Ethernet1/0/6port link-type trunkSWD-2-Ethernet1/0/6port trunk permit vlan all Please wait. Done.步骤二：配置端口的工作模式、端口速率以及聚合配置SWC-2:SWC-2link-aggregation group 1 mode manualSWC-2int e1/0/5SWC-2-Ethernet1/0/5duplex fullSWC-2-Ethernet1/0/5speed 100SWC-2-Ethernet1/0/5port link-aggregation group 1SWC-2-Ethernet1/0/5int e1/0/6SWC-2-Ethernet1/0/6duplex fullSWC-2-Ethernet1/0/6speed 100SWC-2-Ethernet1/0/6port link-aggregation group 1配置SWD-2:SWD-2link-aggregation group 1 mode manualSWD-2int e1/0/5SWD-2-Ethernet1/0/5duplex fullSWD-2-Ethernet1/0/5speed 100SWD-2-Ethernet1/0/5port link-aggregation group 1SWD-2-Ethernet1/0/5int e1/0/6SWD-2-Ethernet1/0/6duplex fullSWD-2-Ethernet1/0/6speed 100SWD-2-Ethernet1/0/6port link-aggregation group 1步骤三：启动STP配置SWA-3: SWA-3stp enable配置SWB-3:SWB-3stp enable步骤四：查看链路聚合配置SWD-2-Ethernet1/0/6dis link-aggregation verbose Loadsharing Type: Shar - Loadsharing, NonS - Non-LoadsharingFlags: A - LACP_Activity, B - LACP_timeout, C - Aggregation, D - Synchronization, E - Collecting, F - Distributing, G - Defaulted, H - ExpiredAggregation ID: 1, AggregationType: Manual, Loadsharing Type: SharAggregation Description:System ID: 0x8000, 000f-e257-39eaPort Status: S - Selected, U - UnselectedLocal:Port Status Priority Key Flag-Ethernet1/0/5 S 32768 1 Ethernet1/0/6 S 32768 1 Remote:Actor Partner Priority Key SystemID Flag-Ethernet1/0/5 0 0 0 0x0000,0000-0000-0000 Ethernet1/0/6 0 0 0 0x0000,0000-0000-0000 SWD-2dis link-aggregation summary Aggregation Group Type:D - Dynamic, S - Static , M - Manual Loadsharing Type: Shar - Loadsharing, NonS - Non-Loadsharing Actor ID: 0x8000, 000f-e257-3965 AL AL Partner ID Select Unselect Share Master ID Type Ports Ports Type Port - 1 M none 2 0 Shar Ethernet1/0/5 实验任务三：配置RIP 实验中，为了后面能够顺利地进行将OSPF路由引入到RIP路由当中，此处我们使用RIPv2路由协议，实现内网的通讯。配置步骤如下：步骤一：启用RIP路由协议配置RA：RAripRA-ripnetwork 192.168.3.0RA-ripnetwork 192.168.4.0配置RB：RB-Ethernet0/0ripRB-ripnetwork 192.168.5.0配置SWA-3：SWA-3ripSWA-3-ripnetwork 192.168.1.0SWA-3-ripnetwork 192.168.2.0SWA-3-ripnetwork 192.168.3.0配置SWB-3：SWB-3ripSWB-3-ripnetwork 192.168.1.0 SWB-3-ripnetwork 192.168.2.0SWB-3-ripnetwork 192.168.4.0步骤二：配置RIP路由协议的版本配置RA：RAint e0/0RA-Ethernet0/0rip RA-Ethernet0/0int e0/1RA-Ethernet0/1rip version 2配置RB：RA-Ethernet0/0int e0/1RB-Ethernet0/0rip version 2配置SWA-3：SWA-3-ripint vlan 2SWA-3-Vlan-interface2rip version 2SWA-3-Vlan-interface2int vlan 3SWA-3-Vlan-interface3rip version 2SWA-3- Vlan-interface3int vlan 4SWA-3-Vlan-interface4rip version 2配置SWB-3：SWB-3-ripint vlan 2SWB-3-Vlan-interface2rip version 2SWB-3-Vlan-interface2int vlan 3SWB-3-Vlan-interface3rip version 2SWB-3- Vlan-interface5int vlan 5SWB-3-Vlan-interface5rip version 2步骤三：查看路由表 以RA为例，查看RA的路由表的信息如下：RAdis ip routing-table Routing Table: public netDestination/Mask Protocol Pre Cost Nexthop Interface127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0192.168.1.0/24 RIP 100 1 192.168.3.1 Ethernet0/0192.168.2.0/24 RIP 100 1 192.168.3.1 Ethernet0/0192.168.3.0/30 DIRECT 0 0 192.168.3.2 Ethernet0/0192.168.3.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0192.168.4.0/30 DIRECT 0 0 192.168.4.2 Ethernet0/1192.168.4.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0步骤四：测试PC机与路由器RA的连通性。C:Documents and Settingsstudent>ping 192.168.3.2Pinging 192.168.3.2 with 32 bytes of data:Reply from 192.168.3.2: bytes=32 time<1ms TTL=254Reply from 192.168.3.2: bytes=32 time<1ms TTL=254Reply from 192.168.3.2: bytes=32 time<1ms TTL=254Reply from 192.168.3.2: bytes=32 time<1ms TTL=254Ping statistics for 192.168.3.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms1）测试PC机到路由器RA的连通性，以PCA ping RA为例，结果显示如下：2、RA ping PC机RAping 192.168.2.1 PING 192.168.2.