第八天

---

一、拓扑图

二、实验步骤

1.ospf

[SW5]ospf 1 router-id 5.5.5.5
[SW5-ospf-1]area 0
[SW5-ospf-1-area-0.0.0.0]network 10.1.114.0 0.0.0.255//接口Vlanif114
[SW5-ospf-1]area 1
[SW5-ospf-1-area-0.0.0.1]network 10.1.2.0 0.0.0.255//接口Vlanif2
[SW5-ospf-1-area-0.0.0.1]network 10.1.3.0 0.0.0.255//接口Vlanif3
[SW5-ospf-1-area-0.0.0.1]stub no-summary 


[SW6]ospf 1 router-id 6.6.6.6
[SW6-ospf-1]area 0
[SW6-ospf-1-area-0.0.0.0]network 10.1.114.0 0.0.0.255//接口Vlanif114
[SW6-ospf-1]area 1
[SW6-ospf-1-area-0.0.0.1]network 10.1.4.0 0.0.0.255//接口Vlanif4
[SW6-ospf-1-area-0.0.0.1]network 10.1.5.0 0.0.0.255//接口Vlanif5
[SW6-ospf-1-area-0.0.0.1]stub no-summary 


[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.1.14.0 0.0.0.255//接口 GE0/0/1
[R1-ospf-1-area-0.0.0.0]network 10.1.11.0 0.0.0.255//接口 GE0/0/0

area 0:AR1,SW5,SW6
area 1:SW5(vlan 2 ,vlan 3)
area 2:SW6(vlan 4,vlan 5)
area 3:server1
area 4:server2

2.消除ospf网关的hello洪泛

silent-interface 
[ISP-GigabitEthernet0/0/2]nat server protocol tcp global current-interface 80inside 10.1.100.1 80

3.交换配置(SW2,SW3,SW4,SW7与SW1配置相同,SW6跟SW5配置相同)

[SW1]vlan batch 2 to 5
[SW1-GigabitEthernet0/0/2]port link-type access 
[SW1-GigabitEthernet0/0/2]port default vlan 2
[SW1-GigabitEthernet0/0/1]port link-type access 
[SW1-GigabitEthernet0/0/1]port default vlan 
[SW1-GigabitEthernet0/0/3]port link-type trunk 
[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan 2 3


[SW5]vlan batch 2 to 5
[SW5-GigabitEthernet0/0/5]port link-type trunk 
[SW5-GigabitEthernet0/0/5]port trunk allow-pass vlan 2 3
[SW5-GigabitEthernet0/0/4]port link-type trunk 
[SW5-GigabitEthernet0/0/4]port trunk allow-pass vlan 2
[SW5-GigabitEthernet0/0/1]port link-type trunk 
[SW5-GigabitEthernet0/0/1]port trunk allow-pass vlan 100
[SW5-GigabitEthernet0/0/2]port link-type trunk 
[SW5-GigabitEthernet0/0/2]port trunk allow-pass vlan 114
[SW5-GigabitEthernet0/0/3]port link-type access 
[SW5-GigabitEthernet0/0/3]port default vlan 11

4.交换机三层互通

[SW5] int vlan11
[SW5-Vlanif11]ip a 10.1.11.2 24

[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip a 10.1.11.1 24

5.配置缺省，配置nat

[R1]ip route-static 0.0.0.0 0 12.0.0.2
[R1-ospf-1]default-route-advertise
[R1]acl 2000
[R1-acl-basic-2000]rule permit source 10.1.0.0 0.0.255.255
[R1]int g0/0/2
[R1-GigabitEthernet0/0/2]nat outbound 2000

---