网络安全学习--单臂路由
2021/12/12 23:47:36
本文主要是介绍网络安全学习--单臂路由,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
单臂路由
- VLAN控制广播域
- 不同VLAN间无法通信
- 1个VLAN=1个网段
- 不同VLAN间通信是靠路由来实现的
通过单臂路由实现不同VLAN之间的设备通信
1. 以下实验需设置两个VLAN VLAN10:10.1.1.0/24 VLAN20:20.1.1.0/24 2. 三台交换机上都配置VLAN10,VLAN20,将10.1.1.0/24网段主机加入VLAN10,20.1.1.0/24网段主机加入VLAN20 3. 三台交换机之间接口(Switch1[Fa0/3,Fa0/4,Fa0/5],Switch2[Fa0/3],Switch[Fa0/4])使用Trunk 4. 为路由器fa0/0配置子接口fa0/0.1和fa0/0.2,并为两个子接口设置IP,子网掩码等信息 fa0/0.1--IP:10.1.1.254 fa0/0.2--IP:20.1.1.254 子接口配置完成后要启动路由器上的fa0/0接口
#--------------------------配置三台交换机------------------------------ #---------------------配置Switch1交换机-------------------------- Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# Switch(config)# Switch(config)#vlan 10 Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#exit Switch(config)#interface fa0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface fa0/2 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface fa0/3 Switch(config-if)#switchport mode trunk Switch(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up Switch(config-if)# Switch(config-if)#exit Switch(config)#interface fa0/4 Switch(config-if)#switchport mode trunk Switch(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up Switch(config-if)# Switch(config-if)#interface fa0/5 Switch(config-if)#switchport mode trunk Switch(config-if)#do show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gig0/1, Gig0/2 10 VLAN0010 active Fa0/1 20 VLAN0020 active Fa0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active #---------------------配置Switch1交换机-------------------------- #---------------------配置Switch2交换机-------------------------- Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 10 Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#exit Switch(config)#interface fa0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface fa0/2 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface fa0/3 Switch(config-if)#switchport mode trunk #---------------------配置Switch2交换机-------------------------- #---------------------配置Switch3交换机-------------------------- Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# Switch(config)# Switch(config)#vlan 10 Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#exit Switch(config)#interface fa0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface fa0/2 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface fa0/4 Switch(config-if)#switchport mode trunk #---------------------配置Switch3交换机-------------------------- #--------------------------配置三台交换机------------------------------ #--------------------------配置路由器---------------------------------- Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Router(config)#interface fa0/0.1 Router(config-subif)#encapsulation dot1 Router(config-subif)#encapsulation dot1Q 10 Router(config-subif)#ip addr 10.1.1.254 255.255.255.0 Router(config-subif)#no shutdown Router(config-subif)#exit Router(config)#interface fa0/0.2 Router(config-subif)#encapsulation dot1Q 20 Router(config-subif)#no shutdown Router(config-subif)#ip addr 20.1.1.254 255.255.255.0 Router(config-subif)#exit Router(config)#interface fa0/0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state to up Router(config-if)# Router(config-if)# Router(config-if)# Router(config-if)#do show ip interface FastEthernet0/0 is up, line protocol is up (connected) Internet protocol processing disabled FastEthernet0/0.1 is up, line protocol is up (connected) Internet address is 10.1.1.254/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled BGP Policy Mapping is disabled Input features: MCI Check WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled FastEthernet0/0.2 is up, line protocol is up (connected) Internet address is 20.1.1.254/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled BGP Policy Mapping is disabled Input features: MCI Check WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled FastEthernet0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Vlan1 is administratively down, line protocol is down Internet protocol processing disabled #--------------------------配置路由器---------------------------------- # 配置完成后,下面所有PC之间可以实现通信 #-----------------------在PC0上访问其它主机 C:\>ping 10.1.1.2 Pinging 10.1.1.2 with 32 bytes of data: Reply from 10.1.1.2: bytes=32 time<1ms TTL=128 Reply from 10.1.1.2: bytes=32 time<1ms TTL=128 Reply from 10.1.1.2: bytes=32 time<1ms TTL=128 Ping statistics for 10.1.1.2: Packets: Sent = 3, Received = 3, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Control-C ^C C:\>ping 20.1.1.1 Pinging 20.1.1.1 with 32 bytes of data: Request timed out. Reply from 20.1.1.1: bytes=32 time<1ms TTL=127 Reply from 20.1.1.1: bytes=32 time<1ms TTL=127 Reply from 20.1.1.1: bytes=32 time<1ms TTL=127 Ping statistics for 20.1.1.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms #-----------------------在PC0上访问其它主机
这篇关于网络安全学习--单臂路由的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-10-06小米11i印度快充版ROM合集:极致体验,超越期待
- 2024-10-06【ROM下载】小米11i 5G 印度版系统, 疾速跃迁,定义新速度
- 2024-10-06【ROM下载】小米 11 青春活力版,青春无极限,活力全开
- 2024-10-05小米13T Pro系统合集:性能与摄影的极致融合,值得你升级的系统ROM
- 2024-10-01基于Python+Vue开发的医院门诊预约挂号系统
- 2024-10-01基于Python+Vue开发的旅游景区管理系统
- 2024-10-01RestfulAPI入门指南:打造简单易懂的API接口
- 2024-10-01初学者指南:了解和使用Server Action
- 2024-10-01Server Component入门指南:搭建与配置详解
- 2024-10-01React 中使用 useRequest 实现数据请求