您的位置:首页 > 其它

配置单臂路由(企业经典案例)

2010-05-01 16:02 288 查看
什么是单臂路由[/b]: [/b]为什么要用到单臂路由。VLAN(虚拟局域网)技术是路由交换中非常基础的技术。在网络管理实践中,通过在交换机上划分适当数目的vlan,不仅能有效隔离广播风暴,还能提高网络安全系数及网络带宽的利用效率。划分vlan之后,vlan与vlan之间是不能通信的, 要想使不同VLAN里的主机互访就得使用VLAN间路由技术。在考虑成本的情况下我们一般选择单臂路由,单臂路由需要一台交换机和一台路由器来共同实现。

拓扑如下:

实验目的:接口信息以及IP地址规划如拓扑所示,PC1——PC3分别属于VLAN1——VLAN3,
运用单臂路由与NAT的结合,最终使得用户之间能够互相访问,使企业内部全部能够访问因特网。



具体配置:[/b][/b]

[align=left]R1:

Router>
Router>en
Router#conf t
Router(config)#hostname R1
R1(config)#interface f0/0
R1(config-if)#no sh --首先把物理接口激活,其它子接口就不用再激活
R1(config)#interface f0/0.1 --进入子接口模式
R1(config-subif)#encapsulation dot1Q 1 --对VLAN1进行封装DOT1Q
R1(config-subif)#ip address 192.168.1.254 255.255.255.0
R1(config-subif)#exit
R1(config)#interface f0/0.2 --进入子接口模式
R1(config-subif)#encapsulation dot1Q 2 --对VLAN2进行封装DOT1Q
R1(config-subif)#ip address 192.168.2.254 255.255.255.0
R1(config-subif)#exit
R1(config)#interface f0/0.3 --进入子接口模式
R1(config-subif)#encapsulation dot1Q 3 --对VLAN3进行封装DOT1Q
R1(config-subif)#ip address 192.168.3.254 255.255.255.0
R1(config-subif)#exit
R1(config)#interface f0/1
R1(config-if)#ip address 218.87.18.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#exit
R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255 --定义允许的流量
R1(config)#access-list 1 permit 192.168.2.0 0.0.0.255
R1(config)#access-list 1 permit 192.168.3.0 0.0.0.255
R1(config)#ip nat inside source list 1 interface f0/1 overload
--定义符合访问控制列表1的流量向F0/1口转发
R1(config)#interface f0/0.1
R1(config-subif)#ip nat inside --定义内部接口
R1(config-subif)#interface f0/0.2
R1(config-subif)#ip nat inside
R1(config-subif)#interface f0/0.3
R1(config-subif)#ip nat inside
R1(config-subif)#exit
R1(config-if)#interface f0/1
R1(config-if)#ip nat outside --定义外部接口
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 218.87.18.2 --默认路由指向ISP
R1(config-if)#end
R1#

SW1:

Switch>
Switch>en
Switch#conf t
Switch(config)#hostname SW1
SW1(config)#vlan 2 --创建VLAN2
SW1(config-vlan)#exit
SW1(config)#vlan 3 --创建VLAN3
SW1(config-vlan)#exit
SW1(config)#interface f0/2
SW1(config-if)#switchport mode access --端口模式为ACCESS
SW1(config-if)#switchport access vlan 2 --把当前端口加入到VLAN2
SW1(config-if)#no sh
SW1(config-if)#exit
SW1(config)#interface f0/3
SW1(config-if)#switchport mode access --端口模式为ACCESS
SW1(config-if)#switchport access vlan 3 --把当前端口加入到VLAN3
SW1(config-if)#exit
SW1(config)#interface f0/24
SW1(config)#switchport trunk encapsulation dot1q --把接口封装为DOT1Q
SW1(config-if)#switchport mode trunk --接口模式为TRUNK(中继)
SW1(config-if)#no sh
SW1(config-if)#end
SW1#

[/align]
[align=left]ISP:

Router>
Router>en
Router#conf t
Router(config)#hostname ISP
ISP(config)#interface f0/1
ISP(config-if)#ip address 218.87.18.2 255.255.255.0
ISP(config-if)#no sh
ISP(config-if)#end
ISP#

3台PC上分别做验证:

PC1:

PC>ipconfig

IP Address......................: 192.168.1.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.254

PC>ping 218.87.18.2

Pinging 218.87.18.2 with 32 bytes of data:

Reply from 218.87.18.2: bytes=32 time=73ms TTL=254
Reply from 218.87.18.2: bytes=32 time=112ms TTL=254
Reply from 218.87.18.2: bytes=32 time=52ms TTL=254
Reply from 218.87.18.2: bytes=32 time=70ms TTL=254

Ping statistics for 218.87.18.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 52ms, Maximum = 112ms, Average = 76ms

PC>
[/align]
[align=left]PC>ping 192.168.2.1 [/align]
[align=left]Pinging 192.168.2.1 with 32 bytes of data:

Reply from 192.168.2.1: bytes=32 time=73ms TTL=254
Reply from 192.168.2.1: bytes=32 time=112ms TTL=254
Reply from 192.168.2.1: bytes=32 time=52ms TTL=254
Reply from 192.168.2.1: bytes=32 time=70ms TTL=254

Ping statistics for 192.168.2.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 52ms, Maximum = 112ms, Average = 76ms

PC>[/align]
[align=left]
PC>ping 192.168.3.1

Pinging 192.1683.1 with 32 bytes of data:

Reply from 192.168.3.1: bytes=32 time=73ms TTL=254
Reply from 192.168.3.1: bytes=32 time=112ms TTL=254
Reply from 192.168.3.1: bytes=32 time=52ms TTL=254
Reply from 192.168.3.1: bytes=32 time=70ms TTL=254

Ping statistics for 192.168.3.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 52ms, Maximum = 112ms, Average = 76ms

PC>
[/align]
[align=left]-------------------------------------------------------------------------------------[/align]
[align=left] [/align]
[align=left]PC2:

PC>ipconfig

IP Address......................: 192.168.2.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.2.254

PC>ping 218.87.18.2

Pinging 218.87.18.2 with 32 bytes of data:

Reply from 218.87.18.2: bytes=32 time=39ms TTL=254
Reply from 218.87.18.2: bytes=32 time=44ms TTL=254
Reply from 218.87.18.2: bytes=32 time=58ms TTL=254
Reply from 218.87.18.2: bytes=32 time=29ms TTL=254

Ping statistics for 218.87.18.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 58ms, Average = 42ms

PC>
[/align]
[align=left] [/align]
[align=left]-------------------------------------------------------------------------------------

PC3:

PC>ipconfig

IP Address......................: 192.168.3.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.3.254

PC>ping 218.87.18.2

Pinging 218.87.18.2 with 32 bytes of data:

Reply from 218.87.18.2: bytes=32 time=83ms TTL=254
Reply from 218.87.18.2: bytes=32 time=71ms TTL=254
Reply from 218.87.18.2: bytes=32 time=42ms TTL=254
Reply from 218.87.18.2: bytes=32 time=44ms TTL=254

Ping statistics for 218.87.18.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 83ms, Average = 60ms

PC>

总结:

本实验与实际中小企业网络非常相似,部署单臂路由既节省了成本,又提高了工作效率.[/align]
本文出自 “梅岩〃s博客” 博客,请务必保留此出处http://justim.blog.51cto.com/740099/243083本文出自 51CTO.COM技术博客
本文出自 51CTO.COM技术博客
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  路由 企业 休闲
相关文章推荐
新的分享
章节导航