小型企業網絡設計

文章目錄

小型企業網絡設計

1. 需求分析

1.1. 路由器R2作爲企業網與互聯網相通的路由器。在R2配置NAT地址轉換技術將企業私網地址轉爲公網地址，實現企業網絡與互聯網相互通信功能。

1.2. 在路由器R2、R3，交換機SW1和SW2配置動態路由ospf，R4和R6配置rip。

1.3. R3設置爲ASBR路由，向area0骨幹網絡區域引入rip動態路由。使骨幹網area0的網絡區域能與R4和R6相通。

1.4. R4配置單臂路由使PC3和PC4互通。

1.5. Server服務的http映射一個公網地址202.2.12.3地址。企業網絡內部http服務連接互聯網。

2. 路由器和交換機配置信息


## （一）R1配置

interface GigabitEthernet0/0/0
ip address 202.2.2.1 255.255.255.0 
interface GigabitEthernet0/0/1
ip address 202.2.12.1 255.255.255.0


## （二）R2配置

interface GigabitEthernet0/0/0
ip address 202.2.12.2 255.255.255.0 
nat server protocol tcp global 202.2.12.3 www inside 10.1.100.100 www
nat outbound 2000
acl 2000   //新建策略
rule 5 permit source 10.1.0.0 0.0.255.255       //easy-ip NAT轉換，私網轉公網，之後去接口g0/0/0輸入nat outbound 2000
interface GigabitEthernet0/0/1
ip address 10.1.113.2 255.255.255.0 
interface GigabitEthernet0/0/2
ip address 10.1.111.1 255.255.255.0 
interface GigabitEthernet6/0/0
ip address 10.1.112.1 255.255.255.0 
interface LoopBack0
ip address 2.2.2.2 255.255.255.255 
ospf 1 router-id 2.2.2.2 
default-route-advertise     // 到ospf中設置默認指向路由，使area0中的路由能夠學習到R2指向R1的默認路由
default-route-advertise 命令意思是將本路由器發佈一條0.0.0.0/0.0.0.0的路由到域內其他路由器到其他路由器學習到這條默認路由後，其他路由器下一個跳就是指向發佈這條路由的路由器。
area 0.0.0.0 
network 2.2.2.2 0.0.0.0    //area0網絡號網絡號宣告LSA
network 10.1.111.0 0.0.0.255 
network 10.1.112.0 0.0.0.255 
network 10.1.113.0 0.0.0.255 
ip route-static 0.0.0.0 0.0.0.0 202.2.12.1   //設置指向R1的默認路由

（三）R3配置
interface LoopBack0
ip address 3.3.3.3 255.255.255.255 
ospf 1 router-id 3.3.3.3 
import-route rip 1 cost 5 type 1   //引入rip路由cost零梢默認爲5
area 0.0.0.0 
network 3.3.3.3 0.0.0.0 
network 10.1.113.0 0.0.0.255
interface GigabitEthernet0/0/0
ip address 10.1.113.1 255.255.255.0 
interface GigabitEthernet0/0/1
ip address 10.1.134.2 255.255.255.0 
rip 1               //配置動態路由
default-route originate   //rip中引入默認路由
version 2
network 10.0.0.0
import-route ospf 1     //引入ospf路由

（四）R4配置
interface GigabitEthernet0/0/0
ip address 10.1.134.1 255.255.255.0 
interface GigabitEthernet0/0/1
ip address 10.1.135.1 255.255.255.0 
interface GigabitEthernet0/0/2
interface GigabitEthernet0/0/2.21
dot1q termination vid 21
ip address 10.1.21.1 255.255.255.0 
arp broadcast enable
interface GigabitEthernet0/0/2.22
dot1q termination vid 22
ip address 10.1.22.1 255.255.255.0 
arp broadcast enable
interface LoopBack0
ip address 4.4.4.4 255.255.255.255 
rip 1
version 2
network 10.0.0.0    //rip 宣告網絡號
network 4.0.0.0

（五）R5配置
interface GigabitEthernet0/0/0
ip address 10.1.135.2 255.255.255.0 
interface GigabitEthernet0/0/1
ip address 10.1.100.1 255.255.255.0 
interface GigabitEthernet0/0/2
interface LoopBack0
ip address 5.5.5.5 255.255.255.255 
rip 1
undo summary
version 2
network 10.0.0.0
network 5.0.0.0

（六）SW1配置
sysname SW1
vlan batch 11 to 12 1000 to 1001
interface Vlanif11
ip address 10.1.11.1 255.255.255.0
interface Vlanif12
ip address 10.1.12.1 255.255.255.0
interface Vlanif1000
ip address 10.1.122.11 255.255.255.0
interface Vlanif1001
ip address 10.1.111.12 255.255.255.0
interface Eth-Trunk1
port link-type access
port default vlan 1000
interface GigabitEthernet0/0/1
port link-type access
port default vlan 11
interface GigabitEthernet0/0/2
port link-type access
port default vlan 1001
interface GigabitEthernet0/0/3
eth-trunk 1
interface GigabitEthernet0/0/4
port link-type access
port default vlan 12
interface GigabitEthernet0/0/5
eth-trunk 1
interface LoopBack0
ip address 11.11.11.11 255.255.255.255
ospf 1 router-id 11.11.11.11
area 0.0.0.0
network 10.1.11.0 0.0.0.255
network 10.1.12.0 0.0.0.255
network 10.1.122.0 0.0.0.255
network 10.1.111.0 0.0.0.255
network 11.11.11.11 0.0.0.0

（七）SW2配置
vlan batch 13 to 14 1000 1002
interface Vlanif13
ip address 10.1.13.1 255.255.255.0
interface Vlanif14
 ip address 10.1.14.1 255.255.255.0
interface Vlanif1000
ip address 10.1.122.12 255.255.255.0
interface Vlanif1002
ip address 10.1.112.12 255.255.255.0
interface MEth0/0/1
interface Eth-Trunk1
port link-type access
port default vlan 1000
interface GigabitEthernet0/0/1
port link-type access
port default vlan 1002
interface GigabitEthernet0/0/2
port link-type access
port default vlan 13
interface GigabitEthernet0/0/3
eth-trunk 1
interface GigabitEthernet0/0/4
port link-type access
port default vlan 14
interface LoopBack0
ip address 22.22.22.22 255.255.255.255
ospf 1 router-id 22.22.22.22
area 0.0.0.0
network 10.1.13.0 0.0.0.255
network 10.1.14.0 0.0.0.255
network 10.1.112.0 0.0.0.255
network 10.1.122.0 0.0.0.255
network 22.22.22.22 0.0.0.0

（八）SW5配置
vlan batch 21 to 22
interface Ethernet0/0/21
port link-type access
port default vlan 22
interface Ethernet0/0/22
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 21 to 22
interface GigabitEthernet0/0/2
port link-type access
port default vlan 21

（九）Sw3配置
interface GigabitEthernet0/0/1
port link-type access
port default vlan 11
interface GigabitEthernet0/0/2
port link-type access
port default vlan 11

（十）SW4配置
interface GigabitEthernet0/0/1
port link-type access
port default vlan 12
interface GigabitEthernet0/0/2
port link-type access
port default vlan 12

（十一）SW6配置
interface GigabitEthernet0/0/1
port link-type access
port default vlan 13
interface GigabitEthernet0/0/2
port link-type access
port default vlan 13

（十二）SW8配置
interface GigabitEthernet0/0/1
port link-type access
port default vlan 14
interface Ethernet0/0/4
port link-type access
port default vlan 14

3. *網絡中PC手工配置ip地址***

PC機	ip地址	子網掩碼	網關
PC1	202.2.2.100/24	255.255.255.0	202.2.2.1/24
PC2	10.1.12.100/24	255.255.255.0	10.1.12.1/24
PC3	10.1.21.100/24	255.255.255.0	10.1.21.1/24
PC4	10.1.22.100/24	255.255.255.0	10.1.22.1/24
PC5	10.1.11.100/24	255.255.255.0	10.1.11.1/24
PC6	10.1.14.100/24	255.255.255.0	10.1.14.1/24
PC9	10.1.13.100/24	255.255.255.0	10.1.13.1/24