收藏
下载资源

aclnat和dhcp的使用和配置

上传人:壹****1 文档编号:568588247 上传时间:2024-07-25 格式:PDF 页数:18 大小:629.43KB
返回 下载 相关 举报
aclnat和dhcp的使用和配置_第1页
第1页 / 共18页
aclnat和dhcp的使用和配置_第2页
第2页 / 共18页
aclnat和dhcp的使用和配置_第3页
第3页 / 共18页
aclnat和dhcp的使用和配置_第4页
第4页 / 共18页
aclnat和dhcp的使用和配置_第5页
第5页 / 共18页
点击查看更多>>
资源描述

《aclnat和dhcp的使用和配置》由会员分享,可在线阅读,更多相关《aclnat和dhcp的使用和配置(18页珍藏版)》请在金锄头文库上搜索。

1、 ACL,NAT 和和 DHCP 的使用和配置的使用和配置 实验目的:实验目的:熟练掌握 ACL,NAT 和 DHCP 的原理以及在 CISCO IOS 上对它们进行配置的方法 实验内容:实验内容:ACL 的配置 NAT 的配置 DHCP 的配置 实验条件:实验条件:2600 系列路由器两台,2900 交换机一台,PC 两台 一ACL的配置 (一)标准ACL Step 1 在路由器上配置主机名和密码 Step 1 在路由器上配置主机名和密码 Step 2 配置以太网段上的PC Step 2 配置以太网段上的PC a. PC 1 IP address 192.168.14.2 Subnet ma

2、sk 255.255.255.0 Default gateway 192.168.14.1 b. PC 2 IP address 192.168.14.3 Subnet mask 255.255.255.0 Default gateway 192.168.14.1 Step 3 保存配置 Step 3 保存配置 GAD#copy running-config startup-config copy running-config startup-config Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 5

3、阻止PC访问路由器的以太口 Step 5 阻止PC访问路由器的以太口 GAD(config)#access-list 1 deny 192.168.14.0 0.0.0.255 access-list 1 deny 192.168.14.0 0.0.0.255 GAD(config)#access-list 1 permit any access-list 1 permit any Step 6 从路由器ping两台PC Step 6 从路由器ping两台PC Step 7 把ACL应用到接口上 Step 7 把ACL应用到接口上 GAD(config-if)#ip access-group

4、1 in ip access-group 1 in Step 8 从两台PC ping路由器 Step 8 从两台PC ping路由器 Step 9 创建新的ACL Step 9 创建新的ACL access-list 2 permit 192.168.14.1 0.0.0.254 access-list 2 permit 192.168.14.1 0.0.0.254 Step 10 把ACL应用的接口上 Step 10 把ACL应用的接口上 ip access-group 2 in ip access-group 2 in Step 11 从两台PC ping路由器Step 11 从两台PC

5、 ping路由器 GAD#show running-config show running-config version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname GAD ! ip subnet-zero ! ip audit notify log ip audit po max-events 100 ! interface FastEthernet0/0 ip address 192.168.14.1 255.255.

6、255.0 ip access-group 2 in no ip directed-broadcast ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue ! interface Serial0/1 no ip address no ip directed-broadcast shutdown ! ip classless no ip http server ! access-list 1 deny 192.168.14.0 0.0.0.25

7、5 access-list 1 permit any access-list 2 permit 192.168.14.1 0.0.0.254 ! line con 0 transport input none line aux 0 line vty 0 4 ! end (二)扩展ACL Step 1 配置路由器GAD的主机名和密码 Step 1 配置路由器GAD的主机名和密码 Step 2 配置以太网段上的PC Step 2 配置以太网段上的PC a. PC 1 IP address 192.168.14.2 Subnet mask 255.255.255.0 Default gateway

8、192.168.14.1 b. PC 2 IP address 192.168.14.3 Subnet mask 255.255.255.0 Default gateway 192.168.14.1 Step 3 保存配置 Step 3 保存配置 GAD#copy running-config startup-config copy running-config startup-config Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 5 用Web浏览器连接路由器 Step 5 用Web浏览器连接路由器

9、Step 6 防止通过以太网接入80端口 Step 6 防止通过以太网接入80端口 GAD(config)#access-list 101 deny tcp 192.168.14.0 0.0.0.255 any eq 80 access-list 101 deny tcp 192.168.14.0 0.0.0.255 any eq 80 GAD(config)#access-list 101 permit ip any any access-list 101 permit ip any any Step 7 应用ACL到接口 Step 7 应用ACL到接口 GAD(config-if)#ip

10、access-group 101 in ip access-group 101 in Step 8 从PC Ping路由器 Step 8 从PC Ping路由器 Step 9 用Web浏览器连接路由器 Step 9 用Web浏览器连接路由器 Step 10 从PC接入路由器Step 10 从PC接入路由器 GAD#show running-config show running-config Building configuration. Current configuration: ! version 12.0 service timestamps debug uptime service

11、timestamps log uptime no service password-encryption ! hostname GAD ! ! memory-size iomem 10 ip subnet-zero no ip domain-lookup ! ip audit notify log ip audit po max-events 100 ! process-max-time 200 ! interface FastEthernet0/0 ip address 192.168.14.1 255.255.255.0 ip access-group 101 in no ip direc

12、ted-broadcast ! interface Serial0/0 ip address 192.168.2.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/1 no ip address no ip directed-broadcast shutdown ! ip classless ip http server ! access-list 101 deny tcp 192.168.14.0 0.0.0.255 any eq www access-list 101 permit ip any any ! line

13、con 0 password cisco login transport input none line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end (三)命名 ACL Step 1 配置路由器的主机名和密码 Step 1 配置路由器的主机名和密码 Step 2 配置以太网段上的PC Step 2 配置以太网段上的PC a. PC 1 IP address 192.168.14.2 Subnet mask 255.255.255.0 Default gateway 192.168.14.1 b. PC

14、2 IP address 192.168.14.3 Subnet mask 255.255.255.0 Default gateway 192.168.14.1 Step 3 保存配置 Step 3 保存配置 GAD#copy running-config startup-config copy running-config startup-config Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 4 通过ping命令测试两台PC到缺省网关的连接性 Step 5 阻止主机访问以太口 Step 5 阻止主机访问以太口 GAD(config)#ip access-lis

15、t standard no_access ip access-list standard no_access GAD(config-std-nacl)#deny 192.168.14.0 0.0.0.255 deny 192.168.14.0 0.0.0.255 GAD(config-std-nacl)#permit any permit any Step 6 从PC Ping路由器 Step 6 从PC Ping路由器 Step 7 应用ACL到接口上 Step 7 应用ACL到接口上 GAD(config-if)#ip access-group no_access in ip access

16、-group no_access in Step 8 从PC Ping路由器Step 8 从PC Ping路由器 GAD#show running-config show running-config Building configuration. Current configuration : 638 bytes ! version 12.2 ! hostname GAD ! enable secret 5 $1$rzr7$l9H/aXmOyxeCAiPAUoGLq. ! ip subnet-zero ! interface FastEthernet0/0 ip address 192.16

17、8.14.1 255.255.255.0 ip access-group no_access in ! interface Serial0/0 no ip address shutdown no fair-queue ! interface Serial0/1 no ip address shutdown ! ip classless no ip http server ! ! ip access-list standard no_access deny 192.168.14.0 0.0.0.255 permit any ! line con 0 password cisco login li

18、ne aux 0 password cisco login line vty 0 4 password cisco login ! end GAD#show ip access-lists Standard IP access list no_access deny 192.168.14.0, wildcard bits 0.0.0.255 (18 matches) permit any 一NAT的配置 (一)静态和动态NAT Step 1 配置路由器 Step 1 配置路由器 346 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copy

19、right 粕 2003, Cisco Systems, Inc. ISP ISP Router#configure terminal configure terminal Router(config)#hostname ISP hostname ISP ISP(config)#enable password cisco enable password cisco ISP(config)#enable secret class enable secret class ISP(config)#line console 0 line console 0 ISP(config-line)#passw

20、ord cisco password cisco ISP(config-line)#login login ISP(config-line)#exit exit ISP(config)#line vty 0 4 line vty 0 4 ISP(config-line)#password cisco password cisco ISP(config-line)#login login ISP(config-line)#exit exit ISP(config)#interface loopback 0 interface loopback 0 ISP(config-if)#ip addres

21、s 172.16.1.1 255.255.255.255 ip address 172.16.1.1 255.255.255.255 ISP(config-if)#exit exit ISP(config)#interface serial 0 interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.255.252 ip address 200.2.2.17 255.255.255.252 ISP(config-if)#clock rate 64000 clock rate 64000 ISP(config)#ip rou

22、te 199.99.9.32 255.255.255.224 200.2.2.18 ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end end ISP#copy running-config startup-config copy running-config startup-config Gateway Gateway Router#configure terminal configure terminal Router(config)#hostname Gateway hostname Gateway Gatewa

23、y(config)#enable password cisco enable password cisco Gateway(config)#enable secret class enable secret class Gateway(config)#line console 0 line console 0 Gateway(config-line)#password cisco password cisco Gateway(config-line)#login login Gateway(config-line)#exit exit Gateway(config)#line vty 0 4

24、line vty 0 4 Gateway(config-line)#password cisco password cisco Gateway(config-line)#login login Gateway(config-line)#exit exit Gateway(config)#interface fastethernet 0 interface fastethernet 0 Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 ip address 10.10.10.1 255.255.255.0 Gateway(config-

25、if)#no shutdown no shutdown Gateway(config-if)#exit exit Gateway(config)#interface serial 0 interface serial 0 Gateway(config-if)#ip address 200.2.2.18 255.255.255.252 ip address 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

26、 ip route 0.0.0.0 0.0.0.0 200.2.2.17 Step 2 保存配置 Step 2 保存配置 copy running-config startup-configcopy running-config startup-config. Step 3 为PC配置正确的IP地址,子网掩码和缺省网关 Step 3 为PC配置正确的IP地址,子网掩码和缺省网关 Step 4 测试网络的连通性 Step 4 测试网络的连通性 Step 5 创建静态路由 Step 5 创建静态路由 ISP(config)#ip route 199.99.9.32 255.255.255.224

27、200.2.2.18 ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP#show ip route show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF

28、external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 199.99.9.0/27 is subnetted, 1 subnets S 199.99

29、.9.32 1/0 via 200.2.2.18 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0/0 172.16.0.0/32 is subnetted, 1 subnets C 172.16.1.1 is directly connected, Loopback0 Step 6 创建缺省路由 Step 6 创建缺省路由 Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17 ip route 0.0.0.0 0.0.0.0 200

30、.2.2.17 Gateway#show ip route show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - E

31、GP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 200.2.2.17 to network 0.0.0.0 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected,

32、Serial0/0 10.0.0.0/24 is subnetted, 1 subnets C 10.10.10.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 1/0 via 200.2.2.17 Step 7 定义缺省的公有地址池 Step 7 定义缺省的公有地址池 Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.25

33、5.224 netmask 255.255.255.224 Step 8 创建ACL定义内部私有的IP地址 Step 8 创建ACL定义内部私有的IP地址 Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255 access-list 1 permit 10.10.10.0 0.0.0.255 Step 9 定义内部列表到外部地址池的地址转换 Step 9 定义内部列表到外部地址池的地址转换 Gateway(config)#ip nat inside source list 1 pool public_access ip nat in

34、side source list 1 pool public_access Step 10 确定接口 Step 10 确定接口 Gateway(config)#interface fastethernet 0 interface fastethernet 0 Gateway(config-if)#ip nat inside ip nat inside Gateway(config-if)#interface serial 0 interface serial 0 Gateway(config-if)#ip nat outside ip nat outside Step 11 配置静态映射 St

35、ep 11 配置静态映射 Gateway(config)#ip nat inside source static 10.10.10.10 199.99.9.33 ip nat inside source static 10.10.10.10 199.99.9.33 Gateway#show ip nat translations show ip nat translations Step 12 测试配置 Step 12 测试配置 ISP#ping 10.10.10.10 ping 10.10.10.10 Type escape sequence to abort. Sending 5, 100

36、-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds: . Success rate is 0 percent (0/5) ISP#ping 199.99.9.33 ping 199.99.9.33 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 199.99.9.33, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

37、 ISP# Gateway#show ip nat translations show ip nat translations Pro Inside global Inside local Outside local Outside global - 199.99.9.33 10.10.10.10 - - 汇总: Gateway NAT Configuration Gateway NAT Configuration Gateway#configure terminal #configure terminal Gateway(config)#ip nat pool public_access 1

38、99.99.9.40 199.99.9.62 netmask 255.255.255.224 ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224 Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255 access-list 1 permit 10.10.10.0 0.0.0.255 Gateway(config)#ip nat inside source list 1 pool public_access ip nat inside so

39、urce list 1 pool public_access Gateway(config)#interface fa0/0 interface fa0/0 Gateway(config-if)#ip nat inside ip nat inside Gateway(config-if)#interface serial 0/0 interface serial 0/0 Gateway(config-if)#ip nat outside ip nat outside Gateway(config-if)#exit exit Gateway(config)#ip nat inside sourc

40、e static 10.10.10.10 199.99.9.33 ip nat inside source static 10.10.10.10 199.99.9.33 Gateway(config)#exit exit (二)超载NAT Step 1 配置路由器 Step 1 配置路由器 ISP ISP Router#configure terminal configure terminal Router(config)#hostname ISP hostname ISP ISP(config)#enable password cisco enable password cisco ISP(

41、config)#enable secret class enable secret class ISP(config)#line console 0 line console 0 ISP(config-line)#password cisco password cisco ISP(config-line)#login login ISP(config-line)#exit exit ISP(config)#line vty 0 4 line vty 0 4 ISP(config-line)#password cisco password cisco ISP(config-line)#login

42、 login ISP(config-line)#exit exit ISP(config)#interface loopback 0 interface loopback 0 ISP(config-if)#ip address 172.16.1.1 255.255.255.255 ip address 172.16.1.1 255.255.255.255 ISP(config-if)#exit exit ISP(config)#interface serial 0 interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.2

43、55.252 ip address 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown no shutdown ISP(config-if)#clock rate 64000 clock rate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end end ISP#copy running-config startup-config

44、copy running-config startup-config Gateway Gateway Router#configure terminal configure terminal Router(config)#hostname Gateway hostname Gateway Gateway(config)#enable password cisco enable password cisco Gateway(config)#enable secret class enable secret class Gateway(config)#line console 0 line con

45、sole 0 Gateway(config-line)#password cisco password cisco Gateway(config-line)#login login Gateway(config-line)#exit exit Gateway(config)#line vty 0 4 line vty 0 4 Gateway(config-line)#password cisco password cisco Gateway(config-line)#login login Gateway(config-line)#exit exit Gateway(config)#inter

46、face fastethernet 0 interface fastethernet 0 Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 ip address 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown no shutdown Gateway(config-if)#exit exit Gateway(config)#interface serial 0 interface serial 0 Gateway(config-if)#ip address 200.2.2.

47、18 255.255.255.252 ip address 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17ip route 0.0.0.0 0.0.0.0 200.2.2.17 Step 2 保存配置 Step 2 保存配置 copy running-config startup-configcopy running-config startup-config. Step 3 为PC配置正确的IP地址

48、,子网掩码和缺省网关Step 3 为PC配置正确的IP地址,子网掩码和缺省网关 Step 4 测试网络的连通性 Step 4 测试网络的连通性 Step 5 创建缺省路由 Step 5 创建缺省路由 Gateway(config)#ip route 0.0.0.0 0.0.0.0 serial 0 ip route 0.0.0.0 0.0.0.0 serial 0 Gateway#show ip route show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP

49、, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route

50、, o - ODR P - periodic downloaded static route Gateway of last resort is 200.2.2.17 to network 0.0.0.0 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0/0 10.0.0.0/24 is subnetted, 1 subnets C 10.10.10.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 1/0 via 200.2

51、.2.17 Step 6 创建ACL定义内部私有的IP地址 Step 6 创建ACL定义内部私有的IP地址 Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255 access-list 1 permit 10.10.10.0 0.0.0.255 Step 7 Define the PAT translation from inside list to outside address Step 7 Define the PAT translation from inside list to outside address Gatewa

52、y(config)#ip nat inside source list 1 interface serial 0 overload ip nat inside source list 1 interface serial 0 overload Step 8 确定接口 Step 8 确定接口 Gateway(config)#interface fastethernet 0 interface fastethernet 0 Gateway(config-if)#ip nat inside ip nat inside Gateway(config-if)#interface serial 0 int

53、erface serial 0 Gateway(config-if)#ip nat outside ip nat outside Step 9 测试配置 Step 9 测试配置 Gateway#show ip nat translations show ip nat translations Pro Inside global Inside local Outside local Outside global tcp 200.2.2.18:1086 10.10.10.10:1086 172.16.1.1:23 172.16.1.1:23 icmp 200.2.2.18:768 10.10.10

54、.10:768 172.16.1.1:768 172.16.1.1:768 汇总: Gateway PAT configuration Gateway PAT configuration Gateway#configure terminal configure terminal Enter configuration commands, one per line. End with CNTL/Z. Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255 access-list 1 permit 10.10.10.0 0.0.0.255

55、 Gateway(config)#ip nat inside source list 1 interface serial 0/0 overload ip nat inside source list 1 interface serial 0/0 overload Gateway(config)#interface fa0/0 interface fa0/0 Gateway(config-if)#ip nat inside ip nat inside Gateway(config-if)#exit exit Gateway(config)#interface serial 0/0 interf

56、ace serial 0/0 Gateway(config-if)#ip nat outside ip nat outside Gateway(config-if)#exit exit Gateway(config)#exit exit Gateway#copy running-config startup-config copy running-config startup-config 一DHCP 的配置 Step 1 配置路由器 Step 1 配置路由器 Remote router configuration Remote router configuration Router#conf

57、igure terminal configure terminal Router(config)#hostname remote hostname remote remote(config)#enable password cisco enable password cisco remote(config)#enable secret class enable secret class remote(config)#line console 0 line console 0 remote(config-line)#password cisco password cisco remote(con

58、fig-line)#login login remote(config-line)#exit exit remote(config)#line vty 0 4 line vty 0 4 remote(config-line)#password cisco password cisco remote(config-line)#login login remote(config-line)#exit exit remote(config)#interface fastethernet 0/0 interface fastethernet 0/0 remote(config-if)#ip addre

59、ss 172.16.13.1 255.255.255.0 ip address 172.16.13.1 255.255.255.0 remote(config-if)#no shutdown no shutdown remote(config-if)#exit exit remote(config)#interface serial 0/0 interface serial 0/0 remote(config-if)#ip address 172.16.1.5 255.255.255.252 ip address 172.16.1.5 255.255.255.252 remote(config

60、-if)#no shutdown no shutdown remote(config-if)#exit exit remote(config)#router ospf 1 router ospf 1 remote(config-router)#network 172.16.1.0 0.0.0.255 area 0 network 172.16.1.0 0.0.0.255 area 0 remote(config-router)#network 172.16.13.0 0.0.0.255 area 0 network 172.16.13.0 0.0.0.255 area 0 remote(con

61、fig-router)#end end remote#copy running-config startup-config copy running-config startup-config Campus router configuration Campus router configuration Router#configure terminal configure terminal Router(config)#hostname campus hostname campus campus(config)#enable password cisco enable password ci

62、sco campus(config)#enable secret class enable secret class campus(config)#line console 0 line console 0 campus(config-line)#password cisco password cisco campus(config-line)#login login campus(config-line)#exit exit campus(config)#line vty 0 4 line vty 0 4 campus(config-line)#password cisco password

63、 cisco campus(config-line)#login login campus(config-line)#exit exit campus(config)#interface fastethernet 0/0 interface fastethernet 0/0 campus(config-if)#ip address 172.16.12.1 255.255.255.0 ip address 172.16.12.1 255.255.255.0 campus(config-if)#no shutdown no shutdown campus(config-if)#exit exit

64、campus(config)#interface serial 0/0 interface serial 0/0 campus(config-if)#ip address 172.16.1.6 255.255.255.252 ip address 172.16.1.6 255.255.255.252 campus(config-if)#clock rate 56000 clock rate 56000 campus(config-if)#no shutdown no shutdown campus(config-if)#exit exit campus(config)#router ospf

65、1 router ospf 1 campus(config-router)#network 172.16.1.0 0.0.0.255 area 0 network 172.16.1.0 0.0.0.255 area 0 campus(config-router)#network 172.16.12.0 0.0.0.255 area 0 network 172.16.12.0 0.0.0.255 area 0 campus(config-router)#end end campus#copy running-config startup-configcopy running-config sta

66、rtup-config Step 2 在路由器remote上启动OSPF Step 2 在路由器remote上启动OSPF remote(config)#router ospf 1 router ospf 1 remote(config-router)#network 172.16.1.0 0.0.0.3 area 0 network 172.16.1.0 0.0.0.3 area 0 remote(config-router)#network 172.16.13.0 0.0.0.3 area 0 network 172.16.13.0 0.0.0.3 area 0 Step 3 在路由器ca

67、mpus启动OSPF Step 3 在路由器campus启动OSPF campus(config)#router ospf 1 router ospf 1 campus(config-router)#network 172.16.1.0 0.0.0.255 area 0 network 172.16.1.0 0.0.0.255 area 0 campus(config-router)#network 172.16.12.0 0.0.0.255 area 0 network 172.16.12.0 0.0.0.255 area 0 remote#show ip route show ip rou

68、te Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 -

69、IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks O 172.16.12.0/24 110/65 via 172.16.1.6, 00:00:12, Serial0/0 C 172.16.13.0/24 i

70、s directly connected, FastEthernet0/0 C 172.16.1.4/30 is directly connected, Serial0/0 campus#show ip route show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF

71、NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 i

72、s variably subnetted, 3 subnets, 2 masks C 172.16.12.0/24 is directly connected, FastEthernet0/0 O 172.16.13.0/24 110/65 via 172.16.1.5, 00:00:14, Serial0/0 C 172.16.1.4/30 is directly connected, Serial0/0 Step 4 保存配置 Step 4 保存配置 copy running-config startup-configcopy running-config startup-config.

73、Step 5 在路由器campus创建campus地址池 Step 5 在路由器campus创建campus地址池 campus(config)#ip dhcp pool campus ip dhcp pool campus campus(dhcp-config)#network 172.16.12.0 255.255.255.0 network 172.16.12.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.12.1 default-router 172.16.12.1 campus(dhcp-config)#dns-s

74、erver 172.16.12.2 dns-server 172.16.12.2 campus(dhcp-config)#domain-name domain-name campus(dhcp-config)#netbios-name-server 172.16.12.10 netbios-name-server 172.16.12.10 Step 6 在路由器campus创建remote地址池 Step 6 在路由器campus创建remote地址池 campus(dhcp-config)#ip dhcp pool remote ip dhcp pool remote campus(dh

75、cp-config)#network 172.16.13.0 255.255.255.0 network 172.16.13.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.13.1 default-router 172.16.13.1 campus(dhcp-config)#dns-server 172.16.12.2 dns-server 172.16.12.2 campus(dhcp-config)#domain-name domain-name campus(dhcp-config)#netbios-name-se

76、rver 172.16.12.10 netbios-name-server 172.16.12.10 Step 7 从地址池中排除保留地址 Step 7 从地址池中排除保留地址 campus(config)#ip dhcp excluded-address 172.16.12.1 172.16.12.11 ip dhcp excluded-address 172.16.12.1 172.16.12.11 campus(config)#ip dhcp excluded-address 172.16.13.1 172.16.13.11 ip dhcp excluded-address 172.16

77、.13.1 172.16.13.11 Step 8 测试路由器campus的操作 Step 8 测试路由器campus的操作 Step 9 配置DHCP中继 Step 9 配置DHCP中继 remote(config)#interface fastethernet 0 interface fastethernet 0 remote(config-if)#ip helper-address 172.16.12.1 ip helper-address 172.16.12.1 Step 10 测试路由器remote的操作 Step 10 测试路由器remote的操作 Step 11 查看DHCP帮定

78、 Step 11 查看DHCP帮定 campus#show ip dhcp binding show ip dhcp binding IP address Client-ID/ Lease expiration Type Hardware address 172.16.12.11 0108.0046.06fb.b6 Mar 02 2003 04:41 PM Automatic 172.16.13.11 0542.0010.0a21.cb Mar 02 2003 04:45 PM Automatic 汇总: DHCP pool configurations DHCP pool configura

79、tions Campus pool Campus pool campus(config)#ip dhcp pool campus ip dhcp pool campus campus(dhcp-config)#network 172.16.12.0 255.255.255.0 network 172.16.12.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.12.1 default-router 172.16.12.1 campus(dhcp-config)#dns-server 172.16.12.2 dns-server

80、 172.16.12.2 campus(dhcp-config)#domain-name domain-name campus(dhcp-config)#netbios-name-server 172.16.12.10 netbios-name-server 172.16.12.10 campus(dhcp-config)#exit exit Remote pool Remote pool campus(config)#ip dhcp pool remote ip dhcp pool remote campus(dhcp-config)#network 172.16.13.0 255.25

81、5.255.0 network 172.16.13.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.13.1 default-router 172.16.13.1 campus(dhcp-config)#dns-server 172.16.12.2 dns-server 172.16.12.2 campus(dhcp-config)#domain-name domain-name campus(dhcp-config)#netbios-name-server 172.16.12.10 netbios-name-server

82、 172.16.12.10 campus(dhcp-config)#exit exit campus(config)#ip dhcp excluded-address 172.16.12.1 172.16.12.10 ip dhcp excluded-address 172.16.12.1 172.16.12.10 campus(config)#ip dhcp excluded-address 172.16.13.1 172.16.13.10 ip dhcp excluded-address 172.16.13.1 172.16.13.10 campus(config)#exit exit c

83、ampus#copy running-config startup-config copy running-config startup-config Remote helper address configuration Remote helper address configuration remote#configure terminal configure terminal remote(config)#interface fa0/0 interface fa0/0 remote(config-if)#ip helper-address 172.16.12.1 ip helper-address 172.16.12.1 remote(config-if)#exit exit remote(config)#exit exit remote#copy running-config startup-configcopy running-config startup-config

展开阅读全文
相关资源
正为您匹配相似的精品文档
相关搜索

最新文档


当前位置:首页 > 建筑/环境 > 施工组织

电脑版 |金锄头文库版权所有
经营许可证:蜀ICP备13022795号 | 川公网安备 51140202000112号