目录

DHCP

案例

拓扑

配置过程

PC1、PC2

acsw

coresw

检验

ACL

案例

拓扑​

具体配置过程

PC  Server

AR1

AR2

验证

DHCP

案例

将 DHCP 与总机重新配置, 让 PC 自动访问 IP 地址 。

设置两个Vlans,vlan 10和vlan 20, 分别为两个vlan 10和vlan 20。 这两部PC随后被分成两个vlans。 为辅助开关(acsw)和核心开关(cresw)设置两个S5700开关。

拓扑

配置过程

PC1、PC2、例如:

acsw：

<Huawei>system-view //进入系统视图
[Huawai] 激活信息中心// 关闭日志通知
[HUAWIE]sysname acsw // Acsw 被命名。
[acsw] vlan catch 10 20 //批次 vlan 创建
[acsw] 千abitenet 接口 0/ 0/1 / 或 [acsw] int g0/ 0/1 / 直直命令
[acsw- GigabitEthernet0] 1)链接型港口访问//设置 PC1访问
[acsw- GigabitEthernet0/0/1] 港口默认 vlan 10// 默认 vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan
[acsw-GigabitEthernet0/0/1]quit
[acsw]interface gigabitethernet0/0/2
[acsw-GigabitEthernet0/0/2]port link-type access
[acsw-GigabitEthernet0/0/2]port default vlan 20
[acsw-GigabitEthernet0/0/2]quit
[acsw]interface gigabitethernet0/0/3
[acsw-GigabitEthernet0/0/3]port link-type trunk
[acsw-GigabitEthernet0/0/3]port trunk allow-pass vlan 10 20
[acsw-GigabitEthernet0/0/3]q

coresw：

<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname coresw
[coresw]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[coresw]int g0/0/1
[coresw-GigabitEthernet0/0/1]port link-type trunk
[coresw-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20
[coresw-GigabitEthernet0/0/1]q
[coresw]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[coresw]ip pool vlan10
Info:It's successful to create an IP address pool.
[coresw-ip-pool-vlan10]?
ip-pool view commands:
configuration        Configuration interlock
display              Display current system information
dns-list             Configure DNS servers
domain-name          Configure domain name
excluded-ip-address  Mark disable IP addresses
gateway-list         Configure the gateway
lease                Configure the lease of the IP pool
lock                 Lock the IP pool
mtrace               Trace route to multicast source
nbns-list            Configure the windows's netbios name servers
netbios-type         Netbios node type
network              Add a network
next-server          The address of the server to use in the next step of the
client's bootstrap process.
option               Configure the DHCP options
option121            DHCP option 121
option184            DHCP option 184
ping                 Send echo messages
quit                 Exit from current command view
reset                Reset operation
return               Exit to user view
screen-width         Set screen width
set                  Set
stack                Stack
static-bind          Static bind
test-aaa             Accounts test

[coresw-ip-pool-vlan10]network 192.168.10.0 mask 24
[crisw-ip-pool-vlan10] 网关列表//选择 vlan10 作为网关。
[crisw-ip-pool-vlan10] 排除排除-ip-address/ 指定不用于分配的 IP 地址范围。
[crisw-ip-p-po-vlan10] 体积日 3// 也可以设定小时、 分钟和第二
[coresw-ip-pool-vlan10]dns-list 8.8.8.8
[coresw-ip-pool-vlan10]q
[coresw]interface vlanif 10
[coresw-Vlanif10]ip address 192.168.10.254 24
[coresw-Vlanif10]q
[coresw]interface vlanif 20
[coresw-Vlanif20]ip address 192.168.20.254 24
[coresw-Vlanif20]q
[coresw]ip pool vlan20
Info:It's successful to create an IP address pool.
[coresw-ip-pool-vlan20]network 192.168.20.0 mask 255.255.255.0
[coresw-ip-pool-vlan20]gateway-list 192.168.20.254
[coresw-ip-pool-vlan20]dns-list 8.8.8.8
[coresw-ip-pool-vlan20]excluded-ip-address 192.168.20.150 192.168.20.200
[coresw-ip-pool-vlan20]lease day 0 hour 23
[coresw-ip-pool-vlan20]quit
[coresw]int vlanif10
[crisw-Vlanif10] dhcp sec 全局/ / 指定全球地址库 。
[coresw-Vlanif10]q
[coresw]int vlanif20
[coresw-Vlanif20]dhcp select global
[coresw-Vlanif20]

检验

DHCP 默认地为当前主机指定最大可用的 IP 地址 :

ACL

案例

要求：

设备概述：

设置两台PC，分别属于不同子网，这是 PC1 网络首次被拒绝访问服务器 。PC2网络连接到服务器。同时,外部网络无法使用服务器。设置一台服务器。设置两台 路由器 AR2220。其中包括AR220港口不足以证明有理由列入:

拓扑

具体配置过程

PC  Server

AR1

<Huawei>system
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1
[AR1]undo info-center enable
Info: Information center is disabled.
[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip address 192.168.2.254 24
[AR1-GigabitEthernet0/0/0]q
[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip address 192.168.3.254 24
[AR1-GigabitEthernet0/0/1]q
[AR1]int g2/0/0
[AR1-GigabitEthernet2/0/0]ip address 10.10.10.1 24
[AR1-GigabitEthernet2/0/0]q
[AR1]acl 3000
[AR1-acl-adv-3000]rule 10 deny ip source 192.168.2.0 0.0.0.255 destination 192.1
68.4.4 0
[AR1-acl-adv-3000]rule 20 permit ip source 192.168.3.0 0.0.0.255 destination
192.168.4.4 0
[AR1-acl-adv-3000]rule 30 deny ip source any destination 192.168.4.4 0
[AR1-acl-adv-3000]q
[AR1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip address 192.168.4.254 24
[AR1-GigabitEthernet0/0/2]traffic-filter outbound acl 3000
[AR1-GigabitEthernet0/0/2]q
[AR1]display acl all
Total quantity of nonempty ACL number is 1

Advanced ACL 3000, 3 rules
Acl's step is 5
rule 10 deny ip source 192.168.2.0 0.0.0.255 destination 192.168.4.4 0
rule 20 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.4.4 0
rule 30 deny ip destination 192.168.4.4 0

AR2

<Huawei>system
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname AR2
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip address 10.10.10.2 24
[AR2-GigabitEthernet0/0/0]q
[AR2]

验证

本文由 在线网速测试 整理编辑，转载请注明出处，原文链接：https://www.wangsu123.cn/news/24891.html。