华为eNSP企业园区网综合实验笔记

一、实验目的本实验通过搭建企业园区网络环境综合运用 VLAN、Eth-Trunk、MSTP、VRRP、DHCP 以及静态路由等技术实现网络冗余、高可用和自动化地址分配掌握企业网络常见部署方案。二、实验拓扑分析网络采用典型三层架构设计ISP模拟公网运营商AR1企业出口路由器LSW1、LSW2核心交换机LSW3、LSW4接入交换机PC1~PC4终端用户网络特点双核心冗余双链路备份VRRP网关冗余MSTP负载均衡DHCP自动分配地址三、IP地址规划VLAN 2网段172.16.0.0/26可用地址172.16.0.1 - 172.16.0.62配置设备地址LSW1172.16.0.1/26LSW2172.16.0.2/26VRRP虚拟网关172.16.0.62VLAN 3网段172.16.0.128/26可用地址172.16.0.129 - 172.16.0.190配置设备地址LSW1172.16.0.129/26LSW2172.16.0.130/26VRRP虚拟网关172.16.0.190AR1与ISP设备地址AR1100.1.1.1/24ISP100.1.1.2/24四、VLAN配置创建业务VLANsys vlan batch 2 3配置PC接入端口VLAN2用户interface GigabitEthernet0/0/3 port link-type access port default vlan 2VLAN3用户interface GigabitEthernet0/0/4 port link-type access port default vlan 3配置交换机互联Trunkinterface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 2 3 interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 2 3五、Eth-Trunk链路聚合为了提高链路带宽和可靠性将LSW1与LSW2之间的多条链路聚合。LSW1interface Eth-Trunk1 mode lacp-static interface GigabitEthernet0/0/1 eth-trunk 1 interface GigabitEthernet0/0/2 eth-trunk 1 interface GigabitEthernet0/0/4 eth-trunk 1LSW2配置相同。配置Trunk属性interface Eth-Trunk1 port link-type trunk port trunk allow-pass vlan 2 3查看状态display eth-trunk 1六、MSTP生成树配置开启MSTPstp enable stp mode mstp创建MST区域stp region-configuration region-name HUAWEI instance 1 vlan 2 instance 2 vlan 3 active region-configuration配置根桥LSW1stp instance 1 root primary stp instance 2 root secondaryLSW2stp instance 1 root secondary stp instance 2 root primary实现效果VLAN主根桥VLAN2LSW1VLAN3LSW2查看生成树状态display stp brief七、VRRP网关冗余VRRP用于解决默认网关单点故障问题。VLAN2LSW1interface Vlanif2 ip address 172.16.0.1 26 vrrp vrid 2 virtual-ip 172.16.0.62 vrrp vrid 2 priority 120LSW2interface Vlanif2 ip address 172.16.0.2 26 vrrp vrid 2 virtual-ip 172.16.0.62VLAN3LSW1interface Vlanif3 ip address 172.16.0.129 26 vrrp vrid 3 virtual-ip 172.16.0.190LSW2interface Vlanif3 ip address 172.16.0.130 26 vrrp vrid 3 virtual-ip 172.16.0.190 vrrp vrid 3 priority 120查看状态display vrrp八、DHCP配置开启DHCP服务dhcp enable创建VLAN2地址池ip pool vlan2 network 172.16.0.0 mask 255.255.255.192 gateway-list 172.16.0.62 dns-list 114.114.114.114创建VLAN3地址池ip pool vlan3 network 172.16.0.128 mask 255.255.255.192 gateway-list 172.16.0.190 dns-list 114.114.114.114调用地址池interface Vlanif2 dhcp select global interface Vlanif3 dhcp select global查看租约display ip pool九、出口路由配置AR1配置interface GigabitEthernet0/0/0 ip address 172.16.10.1 24 interface GigabitEthernet0/0/2 ip address 100.1.1.1 24配置默认路由ip route-static 0.0.0.0 0 100.1.1.2核心交换机配置缺省路由ip route-static 0.0.0.0 0 172.16.10.1ISP配置interface GigabitEthernet0/0/0 ip address 100.1.1.2 24十、实验验证查看PC地址ipconfig查看VRRPdisplay vrrp查看生成树display stp brief查看链路聚合display eth-trunk 1测试网关ping 172.16.0.62 ping 172.16.0.190测试公网ping 100.1.1.2十一、实验总结本实验完成了企业园区网常见高可用架构部署VLAN实现业务隔离Trunk实现VLAN传递Eth-Trunk实现链路聚合MSTP实现环路避免与流量负载均衡VRRP实现网关冗余DHCP实现自动地址分配静态路由实现内外网互通