鲁达 实验目的:
1、 了解ACL配置方法
2、 掌握单臂路由的配置方法
3、 掌握DHCP的配置方法
4、 掌握FTP服务器的搭建
网络拓扑如下:
实验配置如下:
路由器AR1的配置如下:
sysname AR1
dhcp enable
ip pool 1
gateway-list 192.168.10.254
network 192.168.10.0 mask 255.255.255.0
dns-list 202.98.198.167
ip pool 2
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
dns-list 202.98.198.167
ip pool 3
gateway-list 192.168.30.254
network 192.168.30.0 mask 255.255.255.0
dns-list 202.98.198.167
ip pool 4
gateway-list 192.168.40.254
network 192.168.40.0 mask 255.255.255.0
excluded-ip-address 192.168.40.253
dns-list 202.98.198.167
interface GigabitEthernet0/0/0.1
dot1q termination vid 10
ip address 192.168.10.254 255.255.255.0
arp broadcast enable
dhcp select global
interface GigabitEthernet0/0/0.2
dot1q termination vid 20
ip address 192.168.20.254 255.255.255.0
arp broadcast enable
dhcp select global
interface GigabitEthernet0/0/0.3
dot1q termination vid 30
ip address 192.168.30.254 255.255.255.0
arp broadcast enable
dhcp select global
interface GigabitEthernet0/0/0.4
dot1q termination vid 40
ip address 192.168.40.254 255.255.255.0
arp broadcast enable
dhcp select global
交换机SW1的配置如下:
sysname SW1
vlan batch 10 20 30 40
acl number 2000
rule 5 permit source 192.168.20.0 0.0.0.255
rule 10 permit source 192.168.30.0 0.0.0.255
rule 15 deny source 192.168.10.0 0.0.0.255
interface GigabitEthernet0/0/1
port link-type access
port default vlan 30
interface GigabitEthernet0/0/2
port link-type access
port default vlan 40
traffic-filter outbound acl 2000
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 2 to 4094
交换机SW2的配置如下:
sysname SW2
vlan batch 10 20
interface Ethernet0/0/1
port link-type access
port default vlan 10
interface Ethernet0/0/2
port link-type access
port default vlan 20
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094