中間系統到中間系統綜合實驗

原創 dfsshan 2019-11-16 15:04

中間系統到中間系統綜合實驗

拓撲圖
實驗目的:
1.熟悉ISIS路由協議的基礎操作方法。
2.掌握該協議的區域劃分,路由級別調整過程。
3.掌握該協議的網絡類型以及網絡類型中廣播類型的DIS的選舉流程。
4.掌握該協議的路由引入,路由聚合,路由過濾,路由認證等操作流程。
實驗要求:
1.R1,R2和R3是Level-1路由器,R6是Level-2路由器。SystemID爲0000.0000.000X。ISIS的進程號爲1.
通告相關接口,網段10.0.X.0/24暫不通告。
2.R4和R6,R5和R6之間不能有DIS選舉;
R1,R2和R3共享網絡中,要求R3爲DIS,需在R1和R2上配置,且優先級設置儘量小仍可以參與DIS選舉。
3.R6引入10.0.X.0/24網段,並標記爲100;
區域47.0001能夠通過R4 學到10.0.x.0/24網段明細,且必須保持這些路由的標記爲100.

  1. R2只允許通過缺省路由訪問區域47.0002的網絡。不能使用ACL和前綴列表。
  2. 區域47.0001的所有路由器發送LSP和SNP需要進行認證,認證類型爲MD5,密碼爲Huawei;
    level-2路由發送的IIH需要進行認證,認證類型爲MD5,密碼爲Huawei。
    實驗步驟:
    R1配置:
    [V200R003C00]
    #
    sysname R1
    #
    snmp-agent local-engineid 800007DB03000000000000
    snmp-agent
    #
    clock timezone China-Standard-Time minus 08:00:00
    #
    portal local-server load portalpage.zip
    #
    drop illegal-mac alarm
    #
    set cpu-usage threshold 80 restore 75
    #
    aaa
    authentication-scheme default
    authorization-scheme default
    accounting-scheme default
    domain default
    domain default_admin
    local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    local-user admin service-type http
    #
    isis 1
    is-level level-1
    cost-style wide
    network-entity 47.0001.0000.0000.0001.00
    #
    firewall zone Local
    priority 15
    #
    interface GigabitEthernet0/0/0
    ip address 192.168.1.1 255.255.255.0
    isis enable 1
    isis dis-priority 0
    #
    interface GigabitEthernet0/0/1
    #
    interface GigabitEthernet0/0/2
    #
    interface NULL0
    #
    interface LoopBack0
    ip address 1.1.1.1 255.255.255.255
    isis enable 1
    #
    user-interface con 0
    authentication-mode password
    user-interface vty 0 4
    user-interface vty 16 20
    #
    wlan ac
    #
    Return
    R2的配置:

[V200R003C00]
#
sysname R2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
isis 1
is-level level-1
cost-style wide
network-entity 47.0001.0000.0000.0002.00
filter-policy route-policy deny_dir import
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.0
isis enable 1
isis dis-priority 0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
route-policy deny_dir deny node 10
if-match tag 100
#
route-policy deny_dir permit node 100
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R3的配置:

[V200R003C00]
#
sysname R3
#
board add 0/1 2SA
board add 0/2 2SA
board add 0/4 4GET
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
isis 1
is-level level-1
cost-style wide
network-entity 47.0001.0000.0000.0003.00
#
firewall zone Local
priority 15
#
interface Serial1/0/0
link-protocol ppp
ip address 34.1.1.3 255.255.255.0
isis enable 1
#
interface Serial1/0/1
link-protocol ppp
ip address 35.1.1.3 255.255.255.0
isis enable 1
#
interface Serial2/0/0
link-protocol ppp
#
interface Serial2/0/1
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 192.168.1.3 255.255.255.0
isis enable 1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet4/0/0
#
interface GigabitEthernet4/0/1
#
interface GigabitEthernet4/0/2
#
interface GigabitEthernet4/0/3
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
isis enable 1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R4的配置:

[V200R003C00]
#
sysname R4
#
board add 0/1 2SA
board add 0/2 2SA
board add 0/4 4GET
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
isis 1
cost-style wide
network-entity 47.0001.0000.0000.0004.00
import-route isis level-2 into level-1 filter-policy route-policy Import_dir
#
firewall zone Local
priority 15
#
interface Serial1/0/0
link-protocol ppp
ip address 34.1.1.4 255.255.255.0
isis enable 1
#
interface Serial1/0/1
link-protocol ppp
#
interface Serial2/0/0
link-protocol ppp
#
interface Serial2/0/1
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 46.1.1.4 255.255.255.0
isis enable 1
isis circuit-type p2p
isis ppp-negotiation 3-way only
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet4/0/0
#
interface GigabitEthernet4/0/1
#
interface GigabitEthernet4/0/2
#
interface GigabitEthernet4/0/3
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
isis enable 1
#
route-policy Import_dir permit node 10
if-match tag 100
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R5的配置:

[V200R003C00]
#
sysname R5
#
board add 0/1 2SA
board add 0/2 2SA
board add 0/4 4GET
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<08bmE3Uw}%$%$<br/>local-user admin service-type http<br/>#<br/>isis 1<br/>cost-style wide<br/>network-entity 47.0001.0000.0000.0005.00<br/>#<br/>firewall zone Local<br/>priority 15<br/>#<br/>interface Serial1/0/0<br/>link-protocol ppp<br/>#<br/>interface Serial1/0/1<br/>link-protocol ppp<br/>ip address 35.1.1.5 255.255.255.0 <br/>isis enable 1<br/>#<br/>interface Serial2/0/0<br/>link-protocol ppp<br/>#<br/>interface Serial2/0/1<br/>link-protocol ppp<br/>#<br/>interface GigabitEthernet0/0/0<br/>ip address 56.1.1.5 255.255.255.0 <br/>isis enable 1<br/>isis circuit-type p2p<br/>isis ppp-negotiation 3-way only<br/>#<br/>interface GigabitEthernet0/0/1<br/>#<br/>interface GigabitEthernet0/0/2<br/>#<br/>interface GigabitEthernet4/0/0<br/>#<br/>interface GigabitEthernet4/0/1<br/>#<br/>interface GigabitEthernet4/0/2<br/>#<br/>interface GigabitEthernet4/0/3<br/>#<br/>interface NULL0<br/>#<br/>interface LoopBack0<br/>ip address 5.5.5.5 255.255.255.255 <br/>isis enable 1<br/>#<br/>user-interface con 0<br/>authentication-mode password<br/>user-interface vty 0 4<br/>user-interface vty 16 20<br/>#<br/>wlan ac<br/>#<br/>return<br/>R6的配置:<br/>[V200R003C00]<br/>#<br/>sysname R6<br/>#<br/>snmp-agent local-engineid 800007DB03000000000000<br/>snmp-agent <br/>#<br/>clock timezone China-Standard-Time minus 08:00:00<br/>#<br/>portal local-server load flash:/portalpage.zip<br/>#<br/>drop illegal-mac alarm<br/>#<br/>wlan ac-global carrier id other ac id 0<br/>#<br/>set cpu-usage threshold 80 restore 75<br/>#<br/>acl number 2000 <br/>rule 5 permit source 10.0.0.0 0.0.3.255 <br/>#<br/>aaa <br/>authentication-scheme default<br/>authorization-scheme default<br/>accounting-scheme default<br/>domain default <br/>domain default_admin <br/>local-user admin password cipher %$%$K8m.Nt84DZ}e#&lt;08bmE3Uw}%$%$
local-user admin service-type http
#
isis 1
is-level level-2
cost-style wide
network-entity 47.0002.0000.0000.0006.00
import-route direct route-policy tag
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 46.1.1.6 255.255.255.0
isis enable 1
isis circuit-type p2p
isis ppp-negotiation 3-way only
#
interface GigabitEthernet0/0/1
ip address 56.1.1.6 255.255.255.0
isis enable 1
isis circuit-type p2p
isis ppp-negotiation 3-way only
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
isis enable 1
#
interface LoopBack11
ip address 10.0.0.1 255.255.255.0
#
interface LoopBack12
ip address 10.0.1.1 255.255.255.0
#
interface LoopBack13
ip address 10.0.3.1 255.255.255.0
#
route-policy tag permit node 10
if-match acl 2000
apply tag 100
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

既然有人把!!NAT——網絡地址轉換技術!!說的這麼透徹

文章目錄1. 靜態NAT2. 動態NAT3. NAPT(端口複用)4. NAT服務器 5. NAT過程實驗操作解釋 思維導圖: 網絡地址轉換技術也稱爲NAT(Network Address Translation)技術,他的基本

jesesl 2020-06-28 02:45:58

自組網(無人機FANET)簡單介紹

我要出家当道士 2020-06-02 04:58:49

IGMP協議測試-網絡測試儀實操

teletest1 2020-05-31 21:52:45

【數通面試私房菜之組播專題】第五期:PIM DM詳解

ytxs 2020-05-26 18:52:57

MPLS專題01-H3C靜態MPLS LSP實驗

IT後院 2020-04-22 12:59:59

配置動態路由OSPF協議

知更鸟女孩 2020-03-22 16:32:01

路由協議

Boss_Commander 2020-02-23 19:47:43

ISIS路由協議學習總結

仇天明 2020-02-20 13:59:33

RIP OSFP 應用實例

18612518249 2019-09-30 13:21:25

DR和BDR詳解

上海地面通 2019-07-28 12:52:30

CCNP學習之路由協議ISIS

z_liang90 2019-07-19 15:24:03

OSPF路由協議中的鄰居與鄰接的區別

guofuqiangboy 2019-07-17 14:01:24

路由協議的一些自我總結

APMoYa 2019-06-29 13:06:52

路由選擇協議介紹

pshuxiao 2019-02-25 13:19:57

Qt/C++音視頻開發73-高效濾鏡/文字水印/圖形水印/圖片水印/yolo運算後的結果顯示到畫面中

一、前言 視頻監控系統發展到今天,越來越智能,比如這些年流行的人臉識別、物體識別、煙感識別等,都是需要拿到圖片數據去做運算處理,然後將結果顯示到視頻畫面中,或者還有要求將結果保存到視頻錄像文件中,以便打開回放查看。顯示到畫面中一般有兩種方式

飛揚青雲 2024-05-10 14:33:24