多平台统一管理软件接口,如何实现多平台统一管理软件接口
392
2022-09-23
中间系统到中间系统综合实验
中间系统到中间系统综合实验
拓扑图实验目的:1.熟悉ISIS路由协议的基础操作方法。2.掌握该协议的区域划分,路由级别调整过程。3.掌握该协议的网络类型以及网络类型中广播类型的DIS的选举流程。4.掌握该协议的路由引入,路由聚合,路由过滤,路由认证等操作流程。实验要求:1.R1,R2和R3是Level-1路由器,R6是Level-2路由器。SystemID为0000.0000.000X。ISIS的进程号为1.通告相关接口,网段10.0.X.0/24暂不通告。2.R4和R6,R5和R6之间不能有DIS选举;R1,R2和R3共享网络中,要求R3为DIS,需在R1和R2上配置,且优先级设置尽量小仍可以参与DIS选举。3.R6引入10.0.X.0/24网段,并标记为100;区域47.0001能够通过R4 学到10.0.x.0/24网段明细,且必须保持这些路由的标记为100.
R2只允许通过缺省路由访问区域47.0002的网络。不能使用ACL和前缀列表。 区域47.0001的所有路由器发送LSP和SNP需要进行认证,认证类型为MD5,密码为Huawei;level-2路由发送的IIH需要进行认证,认证类型为MD5,密码为Huawei。实验步骤:R1配置:[V200R003C00]#sysname R1#snmp-agent local-engineid 800007DB03000000000000snmp-agent #clock timezone China-Standard-Time minus 08:00:00#portal local-server load portalpage.zip#drop illegal-mac alarm#set cpu-usage threshold 80 restore 75#aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type 1is-level level-1cost-style widenetwork-entity 47.0001.0000.0000.0001.00#firewall zone Localpriority 15#interface GigabitEthernet0/0/0ip address 192.168.1.1 255.255.255.0 isis enable 1isis dis-priority 0#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface NULL0#interface LoopBack0ip address 1.1.1.1 255.255.255.255 isis enable 1#user-interface con 0authentication-mode passworduser-interface vty 0 4user-interface vty 16 20#wlan ac#ReturnR2的配置:
[V200R003C00]#sysname R2#snmp-agent local-engineid 800007DB03000000000000snmp-agent #clock timezone China-Standard-Time minus 08:00:00#portal local-server load portalpage.zip#drop illegal-mac alarm#set cpu-usage threshold 80 restore 75#aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type 1is-level level-1cost-style widenetwork-entity 47.0001.0000.0000.0002.00filter-policy route-policy deny_dir import #firewall zone Localpriority 15#interface GigabitEthernet0/0/0ip address 192.168.1.2 255.255.255.0 isis enable 1isis dis-priority 0#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface NULL0#interface LoopBack0ip address 2.2.2.2 255.255.255.255 isis enable 1#route-policy deny_dir deny node 10 if-match tag 100#route-policy deny_dir permit node 100 #user-interface con 0authentication-mode passworduser-interface vty 0 4user-interface vty 16 20#wlan ac#returnR3的配置:
[V200R003C00]#sysname R3#board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET #snmp-agent local-engineid 800007DB03000000000000snmp-agent #clock timezone China-Standard-Time minus 08:00:00#portal local-server load portalpage.zip#drop illegal-mac alarm#set cpu-usage threshold 80 restore 75#aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type 1is-level level-1cost-style widenetwork-entity 47.0001.0000.0000.0003.00#firewall zone Localpriority 15#interface Serial1/0/0link-protocol pppip address 34.1.1.3 255.255.255.0 isis enable 1#interface Serial1/0/1link-protocol pppip address 35.1.1.3 255.255.255.0 isis enable 1#interface Serial2/0/0link-protocol ppp#interface Serial2/0/1link-protocol ppp#interface GigabitEthernet0/0/0ip address 192.168.1.3 255.255.255.0 isis enable 1#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface GigabitEthernet4/0/0#interface GigabitEthernet4/0/1#interface GigabitEthernet4/0/2#interface GigabitEthernet4/0/3#interface NULL0#interface LoopBack0ip address 3.3.3.3 255.255.255.255 isis enable 1#user-interface con 0authentication-mode passworduser-interface vty 0 4user-interface vty 16 20#wlan ac#returnR4的配置:
[V200R003C00]#sysname R4#board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET #snmp-agent local-engineid 800007DB03000000000000snmp-agent #clock timezone China-Standard-Time minus 08:00:00#portal local-server load portalpage.zip#drop illegal-mac alarm#set cpu-usage threshold 80 restore 75#aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type 1cost-style widenetwork-entity 47.0001.0000.0000.0004.00import-route isis level-2 into level-1 filter-policy route-policy Import_dir#firewall zone Localpriority 15#interface Serial1/0/0link-protocol pppip address 34.1.1.4 255.255.255.0 isis enable 1#interface Serial1/0/1link-protocol ppp#interface Serial2/0/0link-protocol ppp#interface Serial2/0/1link-protocol ppp#interface GigabitEthernet0/0/0ip address 46.1.1.4 255.255.255.0 isis enable 1isis circuit-type p2pisis ppp-negotiation 3-way only#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface GigabitEthernet4/0/0#interface GigabitEthernet4/0/1#interface GigabitEthernet4/0/2#interface GigabitEthernet4/0/3#interface NULL0#interface LoopBack0ip address 4.4.4.4 255.255.255.255 isis enable 1#route-policy Import_dir permit node 10 if-match tag 100#user-interface con 0authentication-mode passworduser-interface vty 0 4user-interface vty 16 20#wlan ac#returnR5的配置:
[V200R003C00]#sysname R5#board add 0/1 2SA board add 0/2 2SA board add 0/4 4GET #snmp-agent local-engineid 800007DB03000000000000snmp-agent #clock timezone China-Standard-Time minus 08:00:00#portal local-server load flash:/portalpage.zip#drop illegal-mac alarm#wlan ac-global carrier id other ac id 0#set cpu-usage threshold 80 restore 75#aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<08bmE3Uw}%$%$
local-user admin service-type 1
cost-style wide
network-entity 47.0001.0000.0000.0005.00
#
firewall zone Local
priority 15
#
interface Serial1/0/0
link-protocol ppp
#
interface Serial1/0/1
link-protocol ppp
ip address 35.1.1.5 255.255.255.0
isis enable 1
#
interface Serial2/0/0
link-protocol ppp
#
interface Serial2/0/1
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 56.1.1.5 255.255.255.0
isis enable 1
isis circuit-type p2p
isis ppp-negotiation 3-way only
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet4/0/0
#
interface GigabitEthernet4/0/1
#
interface GigabitEthernet4/0/2
#
interface GigabitEthernet4/0/3
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
isis enable 1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R6的配置:
[V200R003C00]
#
sysname R6
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
acl number 2000
rule 5 permit source 10.0.0.0 0.0.3.255
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<08bmE3Uw}%$%$local-user admin service-type 1is-level level-2cost-style widenetwork-entity 47.0002.0000.0000.0006.00import-route direct route-policy tag #firewall zone Localpriority 15#interface GigabitEthernet0/0/0ip address 46.1.1.6 255.255.255.0 isis enable 1isis circuit-type p2pisis ppp-negotiation 3-way only#interface GigabitEthernet0/0/1ip address 56.1.1.6 255.255.255.0 isis enable 1isis circuit-type p2pisis ppp-negotiation 3-way only#interface GigabitEthernet0/0/2#interface NULL0#interface LoopBack0ip address 6.6.6.6 255.255.255.255 isis enable 1#interface LoopBack11ip address 10.0.0.1 255.255.255.0 #interface LoopBack12ip address 10.0.1.1 255.255.255.0 #interface LoopBack13ip address 10.0.3.1 255.255.255.0 #route-policy tag permit node 10 if-match acl 2000 apply tag 100 #user-interface con 0authentication-mode passworduser-interface vty 0 4user-interface vty 16 20#wlan ac#return
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
相关文章
发表评论
暂时没有评论,来抢沙发吧~