HUAWEI——ルート基礎

20592 ワード

ファーウェイ設備

ルーティングベース

一、リンク集約の構成

目的:リンク集約を使用して、2つの物理回線を1つの論理回線に集約し、リンク負荷の分担とバックアップを実現する.

1、trunkの構成

<Huawei>system-view
[Huawei]vlan batch 2 to 6   // vlan2-6
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type trunk   // trunk
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all   // vlan
[Huawei-GigabitEthernet0/0/1]quit

2、vlanの構成

[Huawei]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link access   // access
[Huawei-GigabitEthernet0/0/3]port default vlan 2    // vlan2
[Huawei-GigabitEthernet0/0/3]quit

vlan情報の表示

[Huawei]display vlan

3、lacp（リンク集約プロトコル）構成

[SW1]lacp priority 1000  // LACP 
[SW1]int Eth-Trunk 12    // ， Eth-Trunk 12
[SW1-Eth-Trunk12]mode lacp-static    // LACP 
[SW1-Eth-Trunk12]load-balance dst-mac    // MAC 
[SW1-Eth-Trunk12]trunkport GigabitEthernet 0/0/23    // g0/0/23
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1-Eth-Trunk12]trunkport GigabitEthernet 0/0/24
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1-Eth-Trunk12]quit

4、vlan間の配置

1、S 1構成

[SW1]vlan batch 2 to 9    // vlan2-9
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]interface Eth-Trunk 12    // 
[SW1-Eth-Trunk12]port link-type trunk    // trunk
[SW1-Eth-Trunk12]port trunk allow-pass vlan all    // vlan
[SW1-Eth-Trunk12]quit
[SW1]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link trunk
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[SW1-GigabitEthernet0/0/2]int g0/0/3
[SW1-GigabitEthernet0/0/3]port link trunk
[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[SW1-GigabitEthernet0/0/3]int g0/0/1
[SW1-GigabitEthernet0/0/1]port link access
[SW1-GigabitEthernet0/0/1]port def	
[SW1-GigabitEthernet0/0/1]port default vlan 7
[SW1-GigabitEthernet0/0/1]quit
[SW1]interface Vlanif 2
[SW1-Vlanif2]ip add 192.168.2.1 255.255.255.0
[SW1-Vlanif2]interface Vlanif 3
[SW1-Vlanif3]ip add 192.168.3.1 255.255.255.0
[SW1-Vlanif3]interface Vlanif 4
[SW1-Vlanif4]ip add 192.168.4.1 255.255.255.0
[SW1-Vlanif4]interface Vlanif 7
[SW1-Vlanif7]ip add 192.168.7.1 255.255.255.0
[SW1-Vlanif7]interface Vlanif 9
[SW1-Vlanif9]ip add 192.168.9.1 255.255.255.0

2、S 2構成

[Huawei]int Eth-Trunk 12
[Huawei-Eth-Trunk12]mode lacp-static
[Huawei-Eth-Trunk12]trunkport GigabitEthernet 0/0/23
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei-Eth-Trunk12]trunkport GigabitEthernet 0/0/24
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei-Eth-Trunk12]quit
[Huawei]vlan batch 2 to 9
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]interface Eth-Trunk 12
[Huawei-Eth-Trunk12]port link trunk
[Huawei-Eth-Trunk12]port trunk allow vlan all
[Huawei-Eth-Trunk12]int g0/0/2
[Huawei-GigabitEthernet0/0/2]port link trunk
[Huawei-GigabitEthernet0/0/2]port trunk allow vlan all
[Huawei-GigabitEthernet0/0/2]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link trunk
[Huawei-GigabitEthernet0/0/3]port trunk allow vlan all
[Huawei-GigabitEthernet0/0/3]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link access
[Huawei-GigabitEthernet0/0/1]port default vlan 8
[Huawei-GigabitEthernet0/0/1]quit
[Huawei]interface Vlanif 5
[Huawei-Vlanif5]ip add 192.168.5.1 24
[Huawei-Vlanif5]interface Vlanif 6
[Huawei-Vlanif6]ip add 192.168.6.1 24
[Huawei-Vlanif6]interface Vlanif 8
[Huawei-Vlanif8]ip add 192.168.8.1 24
[Huawei-Vlanif8]interface Vlanif 9
[Huawei-Vlanif9]ip add 192.168.9.1 24

二、OSPFの配置

[R2]ospf 110    // ospf ， ID 110
[R2-ospf-110]area 0    // area 0 
[R2-ospf-110-area-0.0.0.0]network 192.168.7.0 0.0.0.255    // 
[R2-ospf-110-area-0.0.0.0]network 192.168.8.0 0.0.0.255
[R2-ospf-110-area-0.0.0.0]quit
[R2-ospf-110]quit

[SW1]ospf 110
[SW1-ospf-110]area 0
[SW1-ospf-110-area-0.0.0.0]network 192.168.7.0 0.0.0.255
[SW1-ospf-110-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[SW1-ospf-110-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[SW1-ospf-110-area-0.0.0.0]network 192.168.4.0 0.0.0.255
[SW1-ospf-110-area-0.0.0.0]network 192.168.9.0 0.0.0.255
[SW1-ospf-110-area-0.0.0.0]quit
[SW1-ospf-110]quit

[SW2]ospf 110
[SW2-ospf-110]area 0
[SW2-ospf-110-area-0.0.0.0]network 192.168.8.0 0.0.0.255
[SW2-ospf-110-area-0.0.0.0]network 192.168.9.0 0.0.0.255
[SW2-ospf-110-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[SW2-ospf-110-area-0.0.0.0]network 192.168.6.0 0.0.0.255
[SW2-ospf-110-area-0.0.0.0]quit
[SW2-ospf-110]quit

OSpfで学習したルーティングテーブルの表示

[SW2]display ospf routing 

	 OSPF Process 110 with Router ID 192.168.5.1
		  Routing Tables 

 Routing for Network 
 Destination        Cost  Type       NextHop         AdvRouter       Area
 192.168.5.0/24     1     Stub       192.168.5.1     192.168.5.1     0.0.0.0
 192.168.6.0/24     1     Stub       192.168.6.1     192.168.5.1     0.0.0.0
 192.168.8.0/24     1     Transit    192.168.8.1     192.168.5.1     0.0.0.0
 192.168.9.0/24     1     Stub       192.168.9.1     192.168.5.1     0.0.0.0
 192.168.2.0/24     3     Stub       192.168.8.2     192.168.2.1     0.0.0.0
 192.168.3.0/24     3     Stub       192.168.8.2     192.168.2.1     0.0.0.0
 192.168.4.0/24     3     Stub       192.168.8.2     192.168.2.1     0.0.0.0
 192.168.7.0/24     2     Transit    192.168.8.2     192.168.7.2     0.0.0.0

 Total Nets: 8  
 Intra Area: 8  Inter Area: 0  ASE: 0  NSSA: 0

三、シングルアームルーティング構成

[R4]int g0/0/0.10    // 
[R4-GigabitEthernet0/0/0.10]dot1q termination vid 10    // vlan10 
[R4-GigabitEthernet0/0/0.10]ip add 192.168.10.1 24    // IP
[R4-GigabitEthernet0/0/0.10]arp broadcast enable    // arp 
[R4-GigabitEthernet0/0/0.10]int g0/0/0.11
[R4-GigabitEthernet0/0/0.11]dot1q termination vid 11
[R4-GigabitEthernet0/0/0.11]ip add 192.168.11.1 24
[R4-GigabitEthernet0/0/0.11]arp broadcast enable

四、RIPの配置

[R3]rip    // RIP ， ID 1
[R3-rip-1]undo summary     // RIP 
[R3-rip-1]version 2    // RIP 
[R3-rip-1]network 192.168.12.0    // 
[R3-rip-1]network 192.168.13.0

五、ルータの再配布を配置する

[R2]ospf 110    // ospf 
[R2-ospf-110]import-route rip 1    // RIP OSPF 
[R2-ospf-110]rip    // RIP 
[R2-rip-1]import-route ospf 110    // OSPF RIP 
[R2-rip-1]quit

ルーティングテーブルの表示

[R2]display ip routing-table

インタフェース構成IPアドレスの表示

[R2]display ip interface brief

六、NAT及びアクセス制御の構成

1、デフォルトのルーティングをインターネットに設定する

[R2]ip route-static 0.0.0.0 0.0.0.0 200.0.0.2    //

2、デフォルトルート再配布

[R2]ospf 110
[R2-ospf-110]default-route-advertise     // OSPF 
[R2-ospf-110]quit
[R2]rip
[R2-rip-1]default-route originate     // RIP 
[R2-rip-1]quit

3、PATを配置してインターネットにアクセスできるようにする

[R2]nat address-group 1 200.0.0.100 200.0.0.100    // NAT 
[R2]acl 2000    // 2000 ACL
[R2-acl-basic-2000]rule 0 permit source any    // 0： 
[R2-acl-basic-2000]quit
[R2]int g3/0/0
[R2-GigabitEthernet3/0/0]nat outbound 2000 address-group 1    //NAT ，2000 address-group 1
[R2-GigabitEthernet3/0/0]quit

4、静的NATを構成し、インターネットにサーバーを公開する

[R2]int g3/0/0
[R2-GigabitEthernet3/0/0]nat server global 200.0.0.200 inside 192.168.2.10    // NAT ， 200.0.0.200
[R2-GigabitEthernet3/0/0]quit

5、ACL制御192.168.10.0ネットセグメントはインターネットにアクセスできない

[R2]acl 3000    // 2000 ACL
[R2-acl-adv-3000]rule 0 deny ip source 192.168.10.0 0.0.0.255 destination 200.0.0.0 0.0.0.255    // 0： IP 192.168.10.0 200.0.0.0 
[R2-acl-adv-3000]rule 5 deny ip source 192.168.10.0 0.0.0.255 destination 201.0.0.0 0.0.0.255
// 5： IP 192.168.10.0 201.0.0.0 
[R2-acl-adv-3000]quit
[R2]int g0/0/2
[R2-GigabitEthernet0/0/2]traffic-filter inbound acl 3000    // ACL3000
[R2-GigabitEthernet0/0/2]quit

NAT変換エントリの表示

[R2]display nat session all

ACL情報の表示

[R2]display acl all

ospf隣接情報の表示

[R2]display acl all

RMAN詳細チュートリアル(一):基本コマンドコード

Ubuntu 19.10のaptソースを国内ソースに置き換える