华为小型网络搭建

华为小型网络搭建

Scroll Down

华为小型网络的搭建,大家会经常用到!有问题的直接下面留言吧!

1.jpg

华为小型网络

配置接入交换机S2和S3 因为本文S2和S3配置完全一样,因此只贴出S2配置。

<Huawei>sys

[Huawei]sysn S2

开启telnet,建立本地账户,使用AAA认证


[S2]telnet server enable

[S2]user-interface vty 0 4

[S2-ui-vty0-4]protocol inbound telnet

[S2-ui-vty0-4]idle-timeout 15

[S2-ui-vty0-4]authentication-mode AAA

[S2]AAA

[S2-aaa]local-user 123 PASS CI 112233

[S2-aaa]local-user 123 privilege 15

[S2-aaa]local-user 123 service-type telnet

建立VLAN10 20


[S2]vlan batch 10 20

[S2]int Ethernet0/0/3

[S2-Ethernet0/0/3]port link-type ac

[S2-Ethernet0/0/3]port default vlan 10

[S2-Ethernet0/0/4]port link-type ac

[S2-Ethernet0/0/4]port default vlan 20

建立链路聚合


[S2]int Eth-Trunk 1

[S2-Eth-Trunk1]mode lacp-static

[S2-Eth-Trunk1]trunkport GigabitEthernet 0/0/1

[S2-Eth-Trunk1]trunkport GigabitEthernet 0/0/2

[S2-Eth-Trunk1]port link-type trunk

[S2-Eth-Trunk1]port trunk allow-pass vlan 10 20

核心交换机S1的配置: 1.建立telnet和本地账户,和上面一样不在贴出 2.建立链路聚合

建立到S2的链路聚合


[S1]int Eth-Trunk 1

模式需要优先配置


[S1-Eth-Trunk1]mode lacp-static

[S1-Eth-Trunk1]trunkport GigabitEthernet 0/0/2

[S1-Eth-Trunk1]trunkport GigabitEthernet 0/0/3

链路接口配置trunk,允许VLAN10 20 通过


[S1-Eth-Trunk1]port link-type trunk

[S1-Eth-Trunk1]port trunk al v 10 20

设置核心交换机链路聚合优先级,使其成为LACP主动端


[S1]lacp priority 100

端口配置链路聚合优先级,配置端口的lacp优先级为100,使端口成为活动端口,默认为32768


[S1]int g 0/0/2

[S1-GigabitEthernet0/0/2]lacp priority 100

[S1]int GigabitEthernet 0/0/3

[S1-GigabitEthernet0/0/3]lacp priority 100

配置到S3的链路聚合


[S1]int Eth-Trunk 2

[S1-Eth-Trunk2]mode lacp-static

[S1-Eth-Trunk2]trun

[S1-Eth-Trunk2]trunkport g

[S1-Eth-Trunk2]trunkport GigabitEthernet 0/0/4

[S1-Eth-Trunk2]trunkport GigabitEthernet 0/0/5

[S1-Eth-Trunk2]port link-type trunk

[S1-Eth-Trunk2]port trunk allow-pass vlan 10 20

[S1-Eth-Trunk2]load-balance src-dst-mac

[S1]int GigabitEthernet 0/0/4

[S1-GigabitEthernet0/0/4]lacp priority 100

[S1]int GigabitEthernet 0/0/5

[S1-GigabitEthernet0/0/5]lacp priority 100

这时候我们就可以查看链路的状态

2.jpg

链路聚合建立成功

3.jpg

开启DHCP功能


[S1]dhcp enable

配置各个地址池


[S1]int vlan10

[S1-Vlanif10]ip address 192.168.10.1 24

[S1-Vlanif10]dhcp select interface

[S1-Vlanif10]dhcp server excluded-ip-address 192.168.10.5 192.168.10.10

[S1-Vlanif10]dhcp server lease day 1

[S1-Vlanif10]dhcp server dns-list 8.8.8.8

[S1-Vlanif10]dhcp server domain-name dongzao.com

[S1]int vlan 20

[S1-Vlanif20]ip address 192.168.20.1 24

[S1-Vlanif20]dhcp server lease day 1

[S1-Vlanif20]dhcp select interface

[S1-Vlanif20]dhcp ser excluded-ip-address 192.168.20.6 192.168.20.11

[S1-Vlanif20]dhcp server dns-list 114.114.114.114

[S1-Vlanif20]dhcp server domain-name dongzao.com

我们来查看一下DHCP状态

4.jpg

DHCP状态

配置连接路由器端口 这上联路由器的端口,因为设备的二三层和方法不一样,配置不一样,可以查看我之前发的文章!


[S1]int GigabitEthernet 0/0/1

[S1-GigabitEthernet0/0/1]port link-type access

[S1-GigabitEthernet0/0/1]port default vlan 100

配置VLAN100 IP


[S1]int vlan 100

[S1-Vlanif100]ip address 192.168.100.2 24

最后,写一条指向路由器的默认路由

[S1]ip route-static 0.0.0.0 0.0.0.0 192.168.100.1

路由器配置

  1. 配置登陆账户
  2. 设置端口IP
[R1]int g0/0/0

[R1-GigabitEthernet0/0/0]ip add 192.168.100.1 24

[R1]int GigabitEthernet 0/0/1

[R1-GigabitEthernet0/0/1]ip address 172.16.0.1 24

3.写两条分别出去和到下面网络的静态路由


[R1]ip route-static 192.168.0.0 255.255.0.0 192.168.100.2

[R1]ip route-static 0.0.0.0 0.0.0.0 172.16.0.2

4.设置acl,允许上网用户


[R1]acl 2000

[R1-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255

5.在端口配置NAT转换


[R1]int GigabitEthernet 0/0/1

[R1-GigabitEthernet0/0/1]nat outbound 2000

6.配置解析DNS


[R1]dns resolve

[R1]dns server 8.8.8.8

[R1]dns server 114.114.114.114

[R1]dns proxy enable

完成所有配置!

我们来检查一下

5.jpg

pc1访问外网

华为小型网络搭建 这样所有就完成了!