I. Common technology of Campus network
Understand the relevant network component terminology before you begin the following operations.
Two. Investigate the school situation and divide the VLAN and IP address segments
VLAN number |
VLAN name |
IP network Segment |
Default Gateway |
Description |
Switch corresponding port |
VLAN 2 |
Servers |
192.10.1.0/24 |
192.10.1.254 |
Server cluster VLAN |
Fa 0/2 |
VLAN 3 |
Adimn |
192.10.2.0/24 |
192.10.2.254 |
Executive Building VLAN |
Fa 0/3 |
VLAN 4 |
Stu |
192.10.3.0/24 |
192.10.3.254 |
Student Dorm VLAN |
Fa 0/4 |
VLAN 5 |
Lab |
192.10.4.0/24 |
192.10.4.254 |
Training Building VLAN |
Fa 0/5 |
VLAN 6 |
Teach |
192.10.5.0/24 |
192.10.5.254 |
School building VLAN |
Fa 0/6 |
VLAN 7 |
Libr |
192.10.6.0/24 |
192.10.6.254 |
Library VLAN |
Fa 0/7 |
Three. Topology diagram
Four. Configuration
Please supplement the Switch configuration knowledge:
1, three layer switch, layered: core layer, aggregation layer, access layer, the analysis of those in the topological map of the core layer, those belonging to the aggregation layer and access layer,
2. VLAN,vtp,trunk,dot1q
First step: Configure the "hub" switch for VTP Server
switch>en
switch#
Switch#vlan Database
Switch (VLAN) #vtp domain WH
Switch (VLAN) #vtp server
Switch (VLAN) #exit
Switch#conf T
Switch (config) #int fa 0/1 (connect router)
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/2
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/3
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/4
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/5
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/6
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Switch (config-if) #int FA 0/7
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #no shut
Step Two: Configuration " Server Aggregation " Switch Trunk Link , Allow VLAN The tagged Ethernet frame passes through the link
switch>en
Switch#conf T
Switch (config) #vtp domain wh
Switch (config) #vtp mode client
Switch (config) #int fa 0/1
Switch (config-if) #switchport mode trunk
Switch (config-if) #
Step three: "Hub switch" to create VLAN and Port partitioning
Method One: Add directly to the VLAN Library:
Method Two: Add by command line:
Switch (VLAN) #vlan 2 name Servers
Switch (VLAN) #vlan 3 name Admin
Switch (VLAN) #vlan 4 name Stu
Switch (VLAN) #vlan 5 name Lab
Switch (VLAN) #vlan 6 name Teach
Switch (VLAN) #vlan 7 name Libr
After you add it, view it by command:
Fourth step: View VLANs on the server aggregation switch
The result shows that the learning function is embodied!
Fifth step: "Server aggregation" switch port configuration
Switch#conf T
Switch (config) #int fa 0/2
Switch (config-if) #switchport mode access
Switch (config-if) #switchport Access VLAN 2
Switch (config-if) #int FA 0/3
Switch (config-if) #switchport mode access
Switch (config-if) #switchport Access VLAN 2
Switch (config-if) #int FA 0/4
Switch (config-if) #switchport mode access
Switch (config-if) #switchport Access VLAN 2
Switch (config-if) #int FA 0/5
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access VLAN
Switch (config-if) #
Sixth Step : setting up the hub switch , to be VLAN Configuration IP Address
switch>en
Switch#conf T
Switch (config) #int vlan 1
Switch (config-if) #ip address 192.10.0.254 255.255.255.0
Switch (config-if) #no shut
Switch (config) #int VLAN 2
Switch (config-if) #ip address 192.10.1.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #int VLAN 3
Switch (config-if) #ip address 192.10.2.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #int VLAN 4
Switch (config-if) #ip address 192.10.3.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #int VLAN 5
Switch (config-if) #ip address 192.10.4.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #int VLAN 6
Switch (config-if) #ip address 192.10.5.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #int VLAN 7
Switch (config-if) #ip address 192.10.6.254 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #exit
Switch (config) #
Seventh Step : Configuration PC Machine , Test VLAN
Configure each server according to the IP address below, Gateway IP address: 192.10.1.254.
Ping the gateway and WWW server on the FTP server, both of which can ping, as shown in:
Eighth step: Configure " Executive Building " Switch
After the other switches are configured in this way, you can also use the ping command to try the connectivity of different network segments.
switch>en
Switch#conf T
Switch (config) #vtp domain wh
Switch (config) #vtp mode client
Switch (config) #int fa 0/1
Switch (config-if) #switchport trunk Encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #exit
Switch (config) #exit
Switch#show VLAN
switch#
Switch#conf T
Switch (config) #int fa 0/2
Switch (config-if) #switchport mode access
Switch (config-if) #switchport Access VLAN 3
Switch (config-if) #exit
Switch (config) #
To the PC connecting "Executive Building" switch one IP address: 192.10.2.4, Gateway ip:192.10.2.254. Ping the gateway and the neighboring host (192.10.2.5) on this computer, ping the FTP server, and do not ping, you need to add RIP routes in the hub switch.
Switch (config) #ip routing
Switch (config) #router rip
Switch (config-router) #network 192.10.0.0
Switch (config-router) #network 192.10.1.0
Switch (config-router) #network 192.10.2.0
Switch (config-router) #network 192.10.3.0
Switch (config-router) #network 192.10.4.0
Switch (config-router) #network 192.10.5.0
Switch (config-router) #network 192.10.6.0
After adding the route, ping the www and DHCP in the server in the Administrative landlord machine .
Routers in the network to achieve internal and external network conversion, that is, all the hosts in the campus network to access the external network must be through all address translation. Router one port with s port, one is Fast Ethernet link. The router is connected with the external network 202.1.1.0/24 through the static link and connected with the intranet 192.10.10.0/24 through the Fast Ethernet link.
[2811 default No S interface, you can add nm-4a/s in the module, add S interface]
(1) Turn on the routing function on the hub switch
switch>en
Switch#conf T
Switch (config) #int fa 0/1
Switch (config-if) #no switchport (Close Layer two port, configure IP address)
Switch (config-if) #ip add 192.10.10.2 255.255.255.0
Switch (config-if) #no shut
Switch (config-if) #exit
Switch (config) #ip routing (turn on routing)
Switch (config) #router rip (run RIP protocol)
Switch (config-router) #ver 2
Switch (config-router) #no au
Switch (config-router) #net 192.10.1.0
Switch (config-router) #net 192.10.2.0
Switch (config-router) #net 192.10.3.0
Switch (config-router) #net 192.10.4.0
Switch (config-router) #net 192.10.5.0
Switch (config-router) #net 192.10.6.0
Switch (config-router) #net 192.10.10.0
Switch (Config-router) #exit
( 2 ) Firewall Router Configuration
router>en
Router#conf T
Router (config) #int fa 0/0
Router (config-if) #ip add 192.10.10.1 255.255.255.0
Router (config-if) #no shut
Router (config-if) #exit
Router (config) # int s1/0
Router (config-if) #ip add 202.1.1.1 255.255.255.0
Router (config-if) #no shut
Router (config-if) #exit
Router (config) #router rip
Router (config-router) #ver 2
Router (config-router) #no au
Router (config-router) #net 192.10.10.0
Router (config-router) #net 202.1.1.0
Router (config-router) #default-information originate
Router (Config-router) #exit
Router (config) #exit
Router (config) #ip nat inside source static TCP 192.10.1.3 80 202.1.1.3 80 (Configure static NAT map _web Server)
Router (config) #ip nat inside source List 1 interface serial1/0 overload
Router (config) #exit
Router#show IP route
CODES:C-connected, s-static, I-igrp, R-rip, M-mobile, B-BGP
D-EIGRP, Ex-eigrp External, O-OSPF, IA-OSPF Inter area
N1-OSPF NSSA External Type 1, N2-OSPF NSSA external type 2
E1-OSPF external Type 1, E2-OSPF external type 2, E-EGP
I-is-is, L1-is-is level-1, L2-is-is level-2, ia-is-is Inter area
*-Candidate default, U-per-user static route, O-ODR
P-periodic downloaded static route
Gateway of last resort are not set
R 192.10.1.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
R 192.10.2.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
R 192.10.3.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
R 192.10.4.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
R 192.10.7.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
R 192.10.8.0/24 [120/1] via 192.10.10.2, 00:00:06, fastethernet0/0
C 192.10.10.0/24 is directly connected, fastethernet0/0
C 202.1.1.0/24 is directly connected, serial2/0
router#
Allow each network segment to route out through:
Router#conf T
Router (config) #access-list 1 Permit 192.10.1.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.2.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.3.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.4.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.5.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.6.0 0.0.0.255
Router (config) #access-list 1 Permit 192.10.10.0 0.0.0.255
Allow 7 network segments to go through NAT
Router (config) #int s1/0
Router (config-if) #ip Nat outside
Router (config-if) #exit
Router (config) #int fa 0/0
Router (config-if) #ip nat inside
Router (config-if) #end
router#
Router#conf T
Router (config) # ip route 0.0.0.0 0.0.0.0 202.1.1.2
Configure static routes so that NAT -Converted packets can go to the ISP
Router (config) #
( 3 ) ISP Router Configuration
router>en
Router#conf T
Enter configuration commands, one per line. End with cntl/z.
Router (config) #host ISP
ISP (config) #int s1/0
ISP (config-if) #ip add 202.1.1.2 255.255.255.0
ISP (config-if) #no shut
ISP (config-if) #clock rate 64000
ISP (config-if) #exit
ISP (config) #int fa 0/0
ISP (config-if) #ip add 202.1.2.1 255.255.255.0
ISP (config-if) #no shut
ISP (config-if) #exit
ISP (config) #
( 4 ) and ISP server-specific configuration of the connection
( 5 ) Connectivity test (intranet can ping each other, the intranet can ping the NAT router, ISP router)
On the DHCP server ping:192.10.10.1
Accessing an extranet server on a DHCP network
It is now possible to access the ISP-side WWW server normally.
4. Server Configuration
( 1 ) DHCP Server Configuration
The IP configuration of the DHCP server is as follows:
Configure the DHCP server to turn off DNS, FTP, MAIL, HTTP services on this server, and other services unchanged
Click DHCP on the left
When set, click Save.
( 2 ) WWW Server Configuration
The IP configuration of the WWW server is as follows:
Turn on the HTTP service while shutting down the DNS, FTP, mail, and DHCP services on this server, click left mail,smtp Service, POP3 service is set to off, and other services remain intact.
( 3 ) DNS Server Configuration
Configure the DNS server, turn off DHCP, FTP, MAIL, Web Services (service) on this server, and other services are the same, and the procedure is similar to the DHCP configuration process, where only for DNS configuration:
DNS Service (Service status): On (Open), add 5 resource Records name (resource record name) and address, each add finally click Add (Add) to the text area, add and click Save (Save).
( 4 ) FTP Server Configuration
Configure the FTP server, turn off DHCP, DNS, MAIL, Web Services (service) on this server, and other services are the same, and the procedure is similar to the DHCP configuration process, which is configured for FTP only:
Service Status: On (Open), add 2 user name (username) and password (password) respectively, each user tick write (writable), read (readable), delete (delete), Rename (rename), List, each time you add the last Click + (add) to the scrolling text area.
( 5 ) e-Mail Server Configuration
Configure the mail server, turn off DHCP, DNS, FTP, Web Services (service) on this server, and other services are the same, and the procedure is similar to the DHCP configuration process, which is only configured for email:
SMTP Service, POP3 Service (Service status): on domain name (domain name): mail.wyq.com Add 2 User (user) and password (password) each, add last to click + (add) to the scrolling text area.
( 6 ) to test the service availability of each server
First step: Configure a Client
Here, use a PC (192.10.1.4) Machine in the Executive building as the client to test the performance of the server you just configured.
Step two: Test FTP Service
Click Client--click desktop--click Command prompt--enter FTP ftp.wyq.com--Press enter--Enter user name: wyq--Enter Password: 123456--Enter dir to view the FTP service file-- Enter help view action command--enter quit to exit the FTP service.
Step three: Test WWW Server
To access the WWW server using the graphical interface: Click Client--desktop--web browser--Enter www. Wyq . com--click Go
Fourth Step: Mail Server Testing
Click Client-click desktop--click e-mail--to fill out configure mail
Note: Email address (e-mail) must be its own user name [email protected]+mail (mail) domain name (domain name) < view domain name in Mail >,incomeing mail Server (accept mail server domain name) must be pop.math.com< view domain name in DNS >,outgoing mail server (outgoing mail server domain name) must be smtp.math.com< view domain name in DNS >.
When you are finished filling out the information, click Compose to send the message. Here's an example of how Lily users send themselves messages to demonstrate the process:
Note: To is sent to each other, fill in the other email address, subject is the subject, the below area for the mail content. Click the Send button to send the message, and the recipient can click Reveive in their own message to receive the message.
5. Configure the wireless network
First step: Configure the wireless router
Step Two: give the client PC2 Add a wireless card
On the PC, there is only one "Fast Ethernet" interface, and no wireless card.
First click on the PC power switch, the PC shutdown, and then the lower PC Ethernet card to the point where the sword, the Ethernet card removed, and then drag the wireless card to the location of the Ethernet card just now, and then click on the PC power switch, the PC boot, the four-step is to the simulator of the ordinary PC to add wireless network card.
Step Three: PC2 Specific Configuration
Fourth Step : Accessing intranet Servers " www. Wyq . com "
Servers with the above settings can provide services.
Campus Network formation (based on Packet tracer)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
