H3C OSPF+NAT+DHCP+PPP综合实验
实验拓扑
实验需求
1.按照图示配置 IP 地址
2.SW1 和 SW2 之间的直连链路配置链路聚合
3.公司内部业务网段为 Vlan10 和 Vlan20;Vlan10 是市场部,Vlan20 是技术部,要求对 Vlan 进行命名以便识别;PC1属于Vlan10,PC2属于Vlan20,Vlan30用于SW1和SW2建立OSPF邻居;Vlan111 为 SW1和 R1的互联 Vlan,Vlan222 为 SW2 和 R2 的互联 Vlan
4.所有交换机相连的端口配置为 Trunk,允许相关流量通过
5.交换机连接 PC 的端口配置为边缘端口
6.在 SW1 上配置 DHCP 服务,为 Vlan10 和 Van20 的 PC 动态分配 IP 地址、网关和 DNS 地址;要求Vlan10的网关是
192.168.1.252
,Vlan20 的网关是192.168.2.253
7.按图示分区域配置 OSPF 实现公司内部网络全网互通,ABR 的环回口宣告进骨干区域;业务网段不允许出现协议报文
8.R1上配置默认路由指向互联网,并引入到 OSPF
9.R1 通过双线连接到互联网,配置 PPP-MP,并配置双向 chap 验证
10.配置 EASYIP,只有业务网段
192.168.1.0/24
和192.168.2.0/24
的数据流可以通过 R1 访问互联网11.R1 开启 TELNET 远程管理,使用用户
abc
登录,密码abc
,只允许技术部远程管理 R1
实验步骤
设备IP地址配置
R1 IP配置
#
interface MP-group1
ip address 202.100.1.2 255.255.255.252
#
interface LoopBack0
ip address 10.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0
ip address 10.0.0.5 255.255.255.252
#
interface GigabitEthernet0/1
ip address 10.0.0.1 255.255.255.252
#
interface GigabitEthernet0/2
ip address 10.0.0.14 255.255.255.252
R2 IP配置
#
interface LoopBack0
ip address 10.1.1.2 255.255.255.255
#
interface GigabitEthernet0/0
ip address 10.0.0.9 255.255.255.252
#
interface GigabitEthernet0/1
ip address 10.0.0.2 255.255.255.252
#
interface GigabitEthernet0/2
ip address 10.0.0.18 255.255.255.252
R3 IP配置
#
interface LoopBack0
ip address 10.1.1.3 255.255.255.255
#
interface GigabitEthernet0/0
ip address 10.0.0.13 255.255.255.252
#
interface GigabitEthernet0/1
ip address 192.168.3.254 255.255.255.0
#
interface GigabitEthernet0/2
ip address 10.0.0.17 255.255.255.252
SW1 IP配置
#
vlan 10
description 市场部
#
vlan 20
description 技术部
#
vlan 30
description OSPF邻居VLAN
#
vlan 111
description SW1和R1的互联VLAN
#
interface LoopBack0
ip address 10.1.1.11 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.1.252 255.255.255.0
#
interface Vlan-interface20
ip address 192.168.2.252 255.255.255.0
#
interface Vlan-interface30
ip address 10.1.2.1 255.255.255.252
#
interface Vlan-interface111
ip address 10.0.0.6 255.255.255.252
SW2 IP配置
#
vlan 10
description 市场部
#
vlan 20
description 技术部
#
vlan 30
description OSPF邻居VLAN
#
vlan 222
description SW2和R2的互联VLAN
#
interface LoopBack0
ip address 10.1.1.12 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.1.253 255.255.255.0
#
interface Vlan-interface20
ip address 192.168.2.253 255.255.255.0
#
interface Vlan-interface30
ip address 10.1.2.2 255.255.255.252
#
interface Vlan-interface222
ip address 10.0.0.10 255.255.255.252
Internet IP配置
#
interface MP-group1
ip address 202.100.1.1 255.255.255.252
#
interface LoopBack0
ip address 100.1.1.1 255.255.255.255
PC3 IP配置
业务网段配置
SW1作为DHCP服务器
依据需求配置:在 SW1 上配置 DHCP 服务,为 Vlan10 和 Van20 的 PC 动态分配 IP 地址、网关和 DNS 地址;要求Vlan10的网关是192.168.1.252
,Vlan20 的网关是192.168.2.253
#
dhcp server ip-pool 1
gateway-list 192.168.1.252
network 192.168.1.0 mask 255.255.255.0
dns-list 202.101.224.69 202.101.224.68
#
dhcp server ip-pool 2
gateway-list 192.168.2.253
network 192.168.2.0 mask 255.255.255.0
dns-list 202.101.224.69 202.101.224.68
SW1 和 SW2 之间的直连链路配置链路聚合
依据需求配置:SW1 和 SW2 之间的直连链路配置链路聚合
SW1配置链路聚合
#
interface Bridge-Aggregation1
#
interface GigabitEthernet1/0/1
port link-aggregation group 1
#
interface GigabitEthernet1/0/2
port link-aggregation group 1
SW2配置链路聚合
#
interface Bridge-Aggregation1
#
interface GigabitEthernet1/0/1
port link-aggregation group 1
#
interface GigabitEthernet1/0/2
port link-aggregation group 1
所有交换机互联端口放行对应VLAN
依据需求配置:所有交换机相连的端口配置为 Trunk,允许相关流量通过
SW1 端口配置
#
interface Bridge-Aggregation1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
#
interface GigabitEthernet1/0/3
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
#
interface GigabitEthernet1/0/4
port access vlan 111
SW2 端口配置
#
interface Bridge-Aggregation1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
#
interface GigabitEthernet1/0/3
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
#
interface GigabitEthernet1/0/4
port access vlan 222
SW3端口配置
#
interface GigabitEthernet1/0/1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
#
interface GigabitEthernet1/0/2
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
#
interface GigabitEthernet1/0/3
port access vlan 10
#
interface GigabitEthernet1/0/4
port access vlan 20
边缘端口配置
依据需求配置:交换机连接 PC 的端口配置为边缘端口
#
interface GigabitEthernet1/0/3
stp edged-port
#
interface GigabitEthernet1/0/4
stp edged-port
PC1和PC2自动获取IP地址
PC1获取的IP地址
PC2获取的IP地址
骨干区域配置
依据需求配置:按图示分区域配置 OSPF 实现公司内部网络全网互通,ABR 的环回口宣告进骨干区域
R1 OSPF配置
#
ospf 1 router-id 10.1.1.1
area 0.0.0.0
network 10.0.0.1 0.0.0.0
network 10.0.0.14 0.0.0.0
network 10.1.1.1 0.0.0.0
area 0.0.0.1
network 10.0.0.5 0.0.0.0
R2 OSPF配置
#
ospf 1 router-id 10.1.1.2
area 0.0.0.0
network 10.0.0.2 0.0.0.0
network 10.0.0.18 0.0.0.0
network 10.1.1.2 0.0.0.0
area 0.0.0.1
network 10.0.0.9 0.0.0.0
R3 OSPF配置
#
ospf 1 router-id 10.1.1.3
area 0.0.0.0
network 10.0.0.13 0.0.0.0
network 10.0.0.17 0.0.0.0
network 10.1.1.3 0.0.0.0
network 192.168.3.0 0.0.0.255
SW1 OSPF配置
#
ospf 1 router-id 10.1.1.11
area 0.0.0.1
network 10.0.0.6 0.0.0.0
network 10.1.1.11 0.0.0.0
network 10.1.2.1 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
SW2 OSPF配置
#
ospf 1 router-id 10.1.1.12
area 0.0.0.1
network 10.0.0.10 0.0.0.0
network 10.1.1.12 0.0.0.0
network 10.1.2.2 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
业务网段不允许出现协议报文
R3 配置
#
ospf 1 router-id 10.1.1.3
silent-interface GigabitEthernet0/1
SW1 配置
#
ospf 1 router-id 10.1.1.11
silent-interface Vlan-interface10
silent-interface Vlan-interface20
SW2配置
#
ospf 1 router-id 10.1.1.12
silent-interface Vlan-interface10
silent-interface Vlan-interface20
R1上配置默认路由指向互联网,并引入到 OSPF
#
ip route-static 0.0.0.0 0 202.100.1.1
#
ospf 1 router-id 10.1.1.1
default-route-advertise
互联网区域配置
配置 PPP-MP,并配置双向 chap 验证
依据需求配置:R1 通过双线连接到互联网,配置 PPP-MP,并配置双向 chap 验证
R1配置PPP-MP
#
interface MP-group1
#
interface Serial1/0
ppp mp MP-group1
#
interface Serial2/0
ppp mp MP-group1
R1配置双向 chap 验证
#
local-user user1 class network
password simple 123
service-type ppp
#
interface Serial1/0
ppp authentication-mode chap
ppp chap password simple 123
ppp chap user user1
#
interface Serial2/0
ppp authentication-mode chap
ppp chap password simple 123
ppp chap user user1
Internet 配置PPP-MP
#
interface MP-group1
#
interface Serial1/0
ppp mp MP-group1
#
interface Serial2/0
ppp mp MP-group1
Internet 配置双向 chap 验证
#
local-user user1 class network
password simple 123
service-type ppp
#
interface Serial1/0
ppp authentication-mode chap
ppp chap password simple 123
ppp chap user user1
#
interface Serial2/0
ppp authentication-mode chap
ppp chap password simple 123
ppp chap user user1
配置 EASYIP
依据需求配置:配置 EASYIP,只有业务网段192.168.1.0/24
和192.168.2.0/24
的数据流可以通过 R1 访问互联网
#
acl basic 2000
description NAT
rule 0 permit source 192.168.1.0 0.0.0.255
rule 5 permit source 192.168.2.0 0.0.0.255
#
interface MP-group1
nat outbound 2000
R1 开启 TELNET 远程管理
依据需求配置:R1 开启 TELNET 远程管理,使用用户abc
登录,密码abc
,只允许技术部远程管理 R1
#
undo password-control length enable
undo password-control composition enable
undo password-control complexity user-name check
#
local-user abc class manage
password simple abc
service-type telnet
authorization-attribute user-role level-15
#
line vty 0 4
authentication-mode scheme
protocol inbound telnet
#
acl basic 2001
description acl telnet
rule 0 permit source 192.168.2.0 0.0.0.255
#
telnet server enable
telnet server acl 2001
实验验证
测试是否只有业务网段192.168.1.0/24
和192.168.2.0/24
的数据流可以通过 R1 访问互联网
PC1测试可以访问互联网
<H3C>ping 100.1.1.1 Ping 100.1.1.1 (100.1.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 100.1.1.1: icmp_seq=0 ttl=253 time=1.386 ms 56 bytes from 100.1.1.1: icmp_seq=1 ttl=253 time=1.077 ms 56 bytes from 100.1.1.1: icmp_seq=2 ttl=253 time=1.382 ms 56 bytes from 100.1.1.1: icmp_seq=3 ttl=253 time=1.437 ms 56 bytes from 100.1.1.1: icmp_seq=4 ttl=253 time=1.503 ms
--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.077/1.357/1.503/0.147 ms
<H3C>%Feb 19 13:10:14:705 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 100.1.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 1.077/1.357/1.503/0.147 ms.
PC2测试可以访问互联网
<H3C>ping 100.1.1.1 Ping 100.1.1.1 (100.1.1.1): 56 data bytes, press CTRL_C to break 56 bytes from 100.1.1.1: icmp_seq=0 ttl=253 time=2.000 ms 56 bytes from 100.1.1.1: icmp_seq=1 ttl=253 time=3.000 ms 56 bytes from 100.1.1.1: icmp_seq=2 ttl=253 time=2.000 ms 56 bytes from 100.1.1.1: icmp_seq=3 ttl=253 time=2.000 ms 56 bytes from 100.1.1.1: icmp_seq=4 ttl=253 time=3.000 ms
--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.000/2.400/3.000/0.490 ms
<H3C>%Feb 19 13:10:35:094 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 100.1.1.1: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 2.000/2.400/3.000/0.490 ms.
PC3测试不能访问互联网
<H3C>ping 100.1.1.1 Ping 100.1.1.1 (100.1.1.1): 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out
--- Ping statistics for 100.1.1.1 ---
5 packet(s) transmitted, 0 packet(s) received, 100.0% packet loss
<H3C>%Feb 19 13:13:22:721 2024 H3C PING/6/PING_STATISTICS: Ping statistics for 100.1.1.1: 5 packet(s) transmitted, 0 packet(s) received, 100.0% packet loss.
R1 查询nat session 仅有业务网段192.168.1.0/24
和192.168.2.0/24
的数据流可以通过 R1 访问互联网
[R1]display nat session Slot 0: Initiator: Source IP/port: 192.168.2.1/156 Destination IP/port: 100.1.1.1/2048 DS-Lite tunnel peer: - VPN instance/VLAN ID/Inline ID: -/-/- Protocol: ICMP(1) Inbound interface: GigabitEthernet0/0
Initiator:
Source IP/port: 192.168.1.1/156
Destination IP/port: 100.1.1.1/2048
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: -/-/-
Protocol: ICMP(1)
Inbound interface: GigabitEthernet0/0
Total sessions found: 2
测试是否只允许技术部远程管理 R1
技术部PC2 允许远程管理 R1
<H3C>telnet 10.1.1.1 Trying 10.1.1.1 ... Press CTRL+K to abort Connected to 10.1.1.1 ...
<span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span>**
- Copyright (c) 2004-2021 New H3C Technologies Co., Ltd. All rights reserved.*
- Without the owner's prior written consent, *
- no decompiling or reverse-engineering shall be allowed. *
<span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span>**
Login: abc
Password:
<R1>
SW1 带源IP测试,仅技术部IP可以远程管理R1
<SW1>telnet 10.1.1.1 source ip 192.168.1.252 Trying 10.1.1.1 ... Press CTRL+K to abort Connected to 10.1.1.1 ... Failed to connect to the remote host!
<SW1>telnet 10.1.1.1 source ip 192.168.2.252
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1 ...<span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span>**
- Copyright (c) 2004-2021 New H3C Technologies Co., Ltd. All rights reserved.*
- Without the owner's prior written consent, *
- no decompiling or reverse-engineering shall be allowed. *
<span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span><span style="font-weight: bold;" data-type="strong"></span>**
Login: abc
Password:
<R1>
其余未能远程管理R1
PC1: <H3C>telnet 10.1.1.1 Trying 10.1.1.1 ... Press CTRL+K to abort Connected to 10.1.1.1 ... Failed to connect to the remote host!
PC3:
<H3C>telnet 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1 ...
Failed to connect to the remote host!
完整配置
R1 完整配置
[R1]display current-configuration
#
version 7.1.064, Release 0427P22
#
sysname R1
#
telnet server enable
telnet server acl 2001
#
ospf 1 router-id 10.1.1.1
default-route-advertise
area 0.0.0.0
network 10.0.0.1 0.0.0.0
network 10.0.0.14 0.0.0.0
network 10.1.1.1 0.0.0.0
area 0.0.0.1
network 10.0.0.5 0.0.0.0
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
interface Serial1/0
ppp authentication-mode chap
ppp chap password cipher $c$3$9QFe8z/CzrvNTRj1xcdBKIa740Sjrg<span style="font-weight: bold;" class="mark">
ppp chap user user1
ppp mp MP-group1
#
interface Serial2/0
ppp authentication-mode chap
ppp chap password cipher $c$3$m6NHOx8NLuwBZYB0lygNtBEhc2iSBw</span>
ppp chap user user1
ppp mp MP-group1
#
interface Serial3/0
#
interface Serial4/0
#
interface MP-group1
ip address 202.100.1.2 255.255.255.252
nat outbound 2000
#
interface NULL0
#
interface LoopBack0
ip address 10.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 10.0.0.5 255.255.255.252
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
ip address 10.0.0.1 255.255.255.252
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
ip address 10.0.0.14 255.255.255.252
#
interface GigabitEthernet5/0
port link-mode route
combo enable copper
#
interface GigabitEthernet5/1
port link-mode route
combo enable copper
#
interface GigabitEthernet6/0
port link-mode route
combo enable copper
#
interface GigabitEthernet6/1
port link-mode route
combo enable copper
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 4
authentication-mode scheme
user-role network-admin
user-role network-operator
protocol inbound telnet
#
line vty 5 63
user-role network-operator
#
ip route-static 0.0.0.0 0 202.100.1.1
#
acl basic 2000
description NAT
rule 0 permit source 192.168.1.0 0.0.0.255
rule 5 permit source 192.168.2.0 0.0.0.255
#
acl basic 2001
description acl telnet
rule 0 permit source 192.168.2.0 0.0.0.255
#
undo password-control length enable
undo password-control composition enable
undo password-control complexity user-name check
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user abc class manage
password hash $h$6$tsrswDmxuoiSWbMI$A7XebS0Mtjt3ec9vHx6SkNL0MnheDitsIqi3Dm6I3CN44jA6K3saXTpxCbrASD2KAxlWAC/Dl4j7zGOlfpObwQ<span style="font-weight: bold;" class="mark">
service-type telnet
authorization-attribute user-role level-15
authorization-attribute user-role network-operator
#
local-user user1 class network
password cipher $c$3$C7453wFxHwXZ7el+WFzyfg4eLMdVdg</span>
service-type ppp
authorization-attribute user-role network-operator
#
return
[R1]
R2 完整配置
[R2]display current-configuration
#
version 7.1.064, Release 0427P22
#
sysname R2
#
ospf 1 router-id 10.1.1.2
area 0.0.0.0
network 10.0.0.2 0.0.0.0
network 10.0.0.18 0.0.0.0
network 10.1.1.2 0.0.0.0
area 0.0.0.1
network 10.0.0.9 0.0.0.0
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
interface Serial1/0
#
interface Serial2/0
#
interface Serial3/0
#
interface Serial4/0
#
interface NULL0
#
interface LoopBack0
ip address 10.1.1.2 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 10.0.0.9 255.255.255.252
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
ip address 10.0.0.2 255.255.255.252
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
ip address 10.0.0.18 255.255.255.252
#
interface GigabitEthernet5/0
port link-mode route
combo enable copper
#
interface GigabitEthernet5/1
port link-mode route
combo enable copper
#
interface GigabitEthernet6/0
port link-mode route
combo enable copper
#
interface GigabitEthernet6/1
port link-mode route
combo enable copper
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[R2]
R3 完整配置
[R3]display current-configuration
#
version 7.1.064, Release 0427P22
#
sysname R3
#
ospf 1 router-id 10.1.1.3
silent-interface GigabitEthernet0/1
area 0.0.0.0
network 10.0.0.13 0.0.0.0
network 10.0.0.17 0.0.0.0
network 10.1.1.3 0.0.0.0
network 192.168.3.0 0.0.0.255
#
sysid R3
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
interface Serial1/0
#
interface Serial2/0
#
interface Serial3/0
#
interface Serial4/0
#
interface NULL0
#
interface LoopBack0
ip address 10.1.1.3 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 10.0.0.13 255.255.255.252
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
ip address 192.168.3.254 255.255.255.0
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
ip address 10.0.0.17 255.255.255.252
#
interface GigabitEthernet5/0
port link-mode route
combo enable copper
#
interface GigabitEthernet5/1
port link-mode route
combo enable copper
#
interface GigabitEthernet6/0
port link-mode route
combo enable copper
#
interface GigabitEthernet6/1
port link-mode route
combo enable copper
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[R3]
SW1 完整配置
[SW1]display current-configuration
#
version 7.1.075, Alpha 7571
#
sysname SW1
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
ospf 1 router-id 10.1.1.11
silent-interface Vlan-interface10
silent-interface Vlan-interface20
area 0.0.0.1
network 10.0.0.6 0.0.0.0
network 10.1.1.11 0.0.0.0
network 10.1.2.1 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
dhcp enable
#
lldp global enable
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
vlan 10
description 市场部
#
vlan 20
description 技术部
#
vlan 30
description OSPF邻居VLAN
#
vlan 111
description SW1和R1的互联VLAN
#
stp global enable
#
dhcp server ip-pool 1
gateway-list 192.168.1.252
network 192.168.1.0 mask 255.255.255.0
dns-list 202.101.224.69 202.101.224.68
#
dhcp server ip-pool 2
gateway-list 192.168.2.253
network 192.168.2.0 mask 255.255.255.0
dns-list 202.101.224.69 202.101.224.68
#
interface Bridge-Aggregation1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
#
interface NULL0
#
interface LoopBack0
ip address 10.1.1.11 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.1.252 255.255.255.0
#
interface Vlan-interface20
ip address 192.168.2.252 255.255.255.0
#
interface Vlan-interface30
ip address 10.1.2.1 255.255.255.252
#
interface Vlan-interface111
ip address 10.0.0.6 255.255.255.252
#
interface FortyGigE1/0/53
port link-mode bridge
#
interface FortyGigE1/0/54
port link-mode bridge
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
combo enable fiber
port link-aggregation group 1
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
combo enable fiber
port link-aggregation group 1
#
interface GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
combo enable fiber
#
interface GigabitEthernet1/0/4
port link-mode bridge
port access vlan 111
combo enable fiber
#
interface GigabitEthernet1/0/5
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/6
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/7
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/8
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/9
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/10
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/11
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/12
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/13
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/14
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/15
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/16
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/17
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/18
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/19
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/20
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/21
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/22
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/23
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/24
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/25
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/26
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/27
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/28
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/29
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/30
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/31
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/32
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/33
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/34
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/35
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/36
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/37
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/38
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/39
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/40
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/41
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/42
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/43
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/44
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/45
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/46
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/47
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/48
port link-mode bridge
combo enable fiber
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/49
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/51
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/52
port link-mode bridge
combo enable fiber
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
radius scheme system
user-name-format without-domain
#
domain name system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[SW1]
SW2 完整配置
[SW2]display current-configuration
#
version 7.1.075, Alpha 7571
#
sysname SW2
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
ospf 1 router-id 10.1.1.12
silent-interface Vlan-interface10
silent-interface Vlan-interface20
area 0.0.0.1
network 10.0.0.10 0.0.0.0
network 10.1.1.12 0.0.0.0
network 10.1.2.2 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
lldp global enable
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
vlan 10
description 市场部
#
vlan 20
description 技术部
#
vlan 30
description OSPF邻居VLAN
#
vlan 222
description SW2和R2的互联VLAN
#
stp global enable
#
interface Bridge-Aggregation1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
#
interface NULL0
#
interface LoopBack0
ip address 10.1.1.12 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.1.253 255.255.255.0
#
interface Vlan-interface20
ip address 192.168.2.253 255.255.255.0
#
interface Vlan-interface30
ip address 10.1.2.2 255.255.255.252
#
interface Vlan-interface222
ip address 10.0.0.10 255.255.255.252
#
interface FortyGigE1/0/53
port link-mode bridge
#
interface FortyGigE1/0/54
port link-mode bridge
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
combo enable fiber
port link-aggregation group 1
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
combo enable fiber
port link-aggregation group 1
#
interface GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
combo enable fiber
#
interface GigabitEthernet1/0/4
port link-mode bridge
port access vlan 222
combo enable fiber
#
interface GigabitEthernet1/0/5
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/6
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/7
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/8
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/9
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/10
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/11
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/12
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/13
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/14
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/15
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/16
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/17
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/18
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/19
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/20
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/21
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/22
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/23
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/24
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/25
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/26
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/27
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/28
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/29
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/30
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/31
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/32
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/33
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/34
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/35
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/36
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/37
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/38
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/39
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/40
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/41
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/42
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/43
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/44
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/45
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/46
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/47
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/48
port link-mode bridge
combo enable fiber
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/49
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/51
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/52
port link-mode bridge
combo enable fiber
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
radius scheme system
user-name-format without-domain
#
domain name system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[SW2]
SW3 完整配置
[SW3]display current-configuration
#
version 7.1.075, Alpha 7571
#
sysname SW3
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
vlan 10
#
vlan 20
#
stp global enable
#
interface NULL0
#
interface FortyGigE1/0/53
port link-mode bridge
#
interface FortyGigE1/0/54
port link-mode bridge
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
combo enable fiber
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20
combo enable fiber
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 10
combo enable fiber
stp edged-port
#
interface GigabitEthernet1/0/4
port link-mode bridge
port access vlan 20
combo enable fiber
stp edged-port
#
interface GigabitEthernet1/0/5
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/6
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/7
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/8
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/9
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/10
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/11
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/12
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/13
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/14
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/15
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/16
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/17
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/18
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/19
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/20
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/21
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/22
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/23
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/24
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/25
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/26
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/27
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/28
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/29
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/30
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/31
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/32
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/33
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/34
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/35
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/36
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/37
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/38
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/39
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/40
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/41
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/42
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/43
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/44
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/45
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/46
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/47
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet1/0/48
port link-mode bridge
combo enable fiber
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/49
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/51
port link-mode bridge
combo enable fiber
#
interface Ten-GigabitEthernet1/0/52
port link-mode bridge
combo enable fiber
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
radius scheme system
user-name-format without-domain
#
domain name system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[SW3]
Internet 完整配置
[Internet]display current-configuration
#
version 7.1.064, Release 0427P22
#
sysname Internet
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
interface Serial1/0
ppp authentication-mode chap
ppp chap password cipher $c$3$lUdg99e/KnON+mSw3B6XeTksNRB9KQ<span style="font-weight: bold;" class="mark">
ppp chap user user1
ppp mp MP-group1
#
interface Serial2/0
ppp authentication-mode chap
ppp chap password cipher $c$3$7OGuhIdMv8WPfS/a1oONHzrha2fezQ</span>
ppp chap user user1
ppp mp MP-group1
#
interface Serial3/0
#
interface Serial4/0
#
interface MP-group1
ip address 202.100.1.1 255.255.255.252
#
interface NULL0
#
interface LoopBack0
ip address 100.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
#
interface GigabitEthernet5/0
port link-mode route
combo enable copper
#
interface GigabitEthernet5/1
port link-mode route
combo enable copper
#
interface GigabitEthernet6/0
port link-mode route
combo enable copper
#
interface GigabitEthernet6/1
port link-mode route
combo enable copper
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user user1 class network
password cipher $c$3$UmDqupmNrsE8NUp3Q9Kbeh2P4FaHfw==
service-type ppp
authorization-attribute user-role network-operator
#
return
[Internet]
注意
关于OSPD的路由注入使用import-route命令。
import-route命令只能注入明细路由,直连路由,外部协议路由;但是不能注入缺省路由,默认路由。
AR1有一条默认路由指向外部网络,import-route不能注入缺省路由,内部路由器不能学习到默认路由,即内部网络无法访问外部网络。
通过default-route-advertise
命令注入缺省路由
实验附件
标签:H3C,enable,level,PPP,role,NAT,interface,link,port From: https://www.cnblogs.com/caomojian/p/18020917/h3c-ospf-nat-dhcp-ppp-comprehensive-experimen