综合实验大测试

1.(补充：和题目中的路由器有些不符，但题目所要求的配置位置和本图是一致的)

   172.16.1.8/29

   172.16.1.16/29

   172.16.1.24/29

   172.16.1.32/29

2.

[r1]ospf 1 router-id 1.1.1.1  

[r1-ospf-1-area-0.0.0.0]netw     [r1-ospf-1-area-0.0.0.0]network  172.16.1.25  0.0.0.0 [r1-ospf-1-area-0.0.0.1]network 172.16.1.2  0.0.0.0

[r2]ospf 1 ro 2.2.2.2

[r2-ospf-1-area-0.0.0.2]network 172.16.1.10  0.0.0.0 [r2-ospf-1-area-0.0.0.0]network  172.16.1.26  0.0.0.0

[r3]ospf 1 router-id 3.3.3.3 [r3-ospf-1-area-0.0.0.0]network  172.16.1.27 0.0.0.0 [r3-ospf-1-area-0.0.0.3]network  172.16.1.17 0.0.0.0

[r4]ospf 1 ro 4.4.4.4 [r4-ospf-1-area-0.0.0.1]network  172.16.1.1 0.0.0.0

[r5]ospf 1 router-id 5.5.5.5 [r5-ospf-1-area-0.0.0.2]network  172.16.1.9 0.0.0.0

[r6]ospf 1 router-id  6.6.6.6

[r6-ospf-1-area-0.0.0.3]network 172.16.1.18 0.0.0.0

[r5-ospf-1-area-0.0.0.2]network  192.168.0.0  0.0.255.255

[r6-ospf-1-area-0.0.0.3]network  192.168.3.0 0.0.0.255

[r6-ospf-1-area-0.0.0.3]network 192.168.4.0 0.0.0.255 保证安全

[r1-ospf-1-area-0.0.0.1]authentication-mode  simple  cipher  123 [r1-ospf-1-area-0.0.0.0]authentication-mode  simple  cipher  123 [r2-ospf-1-area-0.0.0.0]authentication-mode  simple  cipher  123 [r2-ospf-1-area-0.0.0.2]authentication-mode  simple  cipher  123 [r3-ospf-1-area-0.0.0.0]authentication-mode  simple  cipher  123 [r3-ospf-1-area-0.0.0.3]authentication-mode  simple  cipher  123 [r4-ospf-1-area-0.0.0.1]authentication-mode  simple  cipher  123 [r5-ospf-1-area-0.0.0.2]authentication-mode  simple  cipher  123 [r6-ospf-1-area-0.0.0.3]authentication-mode  simple  cipher  123

3.

[r1-GigabitEthernet0/0/0]ospf timer  hello  1

[r1-GigabitEthernet0/0/1]ospf timer  hello  1

[r2-GigabitEthernet0/0/0]ospf timer  hello  1

[r2-GigabitEthernet0/0/1]ospf timer  hello  1

[r3-GigabitEthernet0/0/0]ospf timer  hello  1

[r3-GigabitEthernet0/0/1]ospf timer  hello  1

[r4-GigabitEthernet0/0/0]ospf timer  hello  1

[r4-GigabitEthernet0/0/1]ospf timer  hello  1 [r5-GigabitEthernet0/0/0]ospf timer  hello  1 [r5-GigabitEthernet0/0/1]ospf timer  hello  1

[r6-GigabitEthernet0/0/0]ospf timer  hello  1

[r6-GigabitEthernet0/0/1]ospf timer  hello  1

[r7-GigabitEthernet0/0/0]ospf timer  hello  1 [r7-GigabitEthernet0/0/1]ospf timer  hello 1 4.

[r2-GigabitEthernet0/0/0]ospf dr-priority  0

<r2>reset ospf process  [r3-GigabitEthernet0/0/0]ospf dr-priority 0 <r3>reset ospf process  [r4-GigabitEthernet0/0/0]ospf dr-priority  0 <r4>reset ospf process 

5.

[L2]vlan  batch  5 2

[L2-Ethernet0/0/2]port link-type  ac

[L2-Ethernet0/0/2]port default  vlan  5 [L2-Ethernet0/0/3]port link-type  ac [L2-Ethernet0/0/3]port default vlan  2 [L2-Ethernet0/0/1]port link-type  trunk  [L2-Ethernet0/0/1]port trunk allow-pass vlan  all  [r5]dhcp enable  [r5]ip pool  1 [r5-ip-pool-1]network 192.168.1.0 mask  24 [r5-ip-pool-1]gateway-list  192.168.1.1 [r5-ip-pool-1]dns-list  8.8.8.8 [r5-GigabitEthernet0/0/1.1]dot1q  termination  vid 5 [r5-GigabitEthernet0/0/1.1]ip address  192.168.1.1 24

[r5-GigabitEthernet0/0/1.1]arp broadcast enable  [r5-GigabitEthernet0/0/1.1]dhcp  select gl

[r5]ip  pool 2

[r5-ip-pool-2]network  192.168.2.0 mask  24 [r5-ip-pool-2]gateway-list  192.168.2.1 [r5-ip-pool-2]dns-list  8.8.8.8

[r5-GigabitEthernet0/0/1.2]dot1q termination  vid 2 [r5-GigabitEthernet0/0/1.2]ip address 192.168.2.1 24

[r5-GigabitEthernet0/0/1.2]arp broadcast  enable  [r5-GigabitEthernet0/0/1.2]dhcp  select  gl

[L3]vlan batch  3 4

[L3-Ethernet0/0/1]port link-type  trunk  [L3-Ethernet0/0/1]port trunk allow-pass all [L3-Ethernet0/0/2]port link-type  ac [L3-Ethernet0/0/2]port default  vlan  3 [L3-Ethernet0/0/3]port link-type  ac [L3-Ethernet0/0/3]port default  vlan  4

[r6-GigabitEthernet0/0/1.3]dot1q  termination  vid 3 [r6-GigabitEthernet0/0/1.3]ip address  192.168.3.1 24 [r6-GigabitEthernet0/0/1.4]dot1q  termination  vid 4 [r6-GigabitEthernet0/0/1.4]ip address 192.168.4.1 24

[L3]dhcp en

[r6-ip-pool-3]network  192.168.3.0 mask  24 [r6-ip-pool-3]gateway-list   192.168.3.1  [r6-ip-pool-3]dns-list 8.8.8.8 [r6-ip-pool-4]network  192.168.4.0 mask  24 [r6-ip-pool-4]gateway-list  192.168.4.1  [r6-ip-pool-4]dns-list  8.8.8.8

[r6-GigabitEthernet0/0/1.3]arp broadcast  enable  [r6-GigabitEthernet0/0/1.3]dhcp  select gl

[r6-GigabitEthernet0/0/1.4]arp broadcast  enable  [r6-GigabitEthernet0/0/1.4]dhcp  select gl

（2：互相访问?）

[r4]ip route-static  11.1.1.0 255.255.255.0 10.1.1.1

[r7]ip route-static 0.0.0.0 0 10.1.1.2

6.

[r4]acl 2000

[r4-acl-basic-2000]rule permit  source  any  [r4-GigabitEthernet0/0/1]nat  outbound  2000 [r4]ip route-static  11.1.1.0 255.255.255.0 10.1.1.1

[r4-ospf-1]default-route-advertise always 

8.

[r6]user-interface vty 0 4

[r6-ui-vty0-4]authentication-mode password

[r6]aaa

[r6-aaa]local-user xx privilege level 15 password cipher yy

[r6-aaa]local-user xx service-type telnet

[r6]user-interface vty 0 4

[r6-ui-vty0-4]authentication-mode aaa

[r6]acl  3000

[r6-acl-adv-3000]rule  deny  tcp  source 192.168.3.254 0.0.0.0 destination  192. 16.1.1 0.0.0.0 destination-port  eq  23 [r6-GigabitEthernet0/0/1]traffic-filter inbound  acl  3000

9.

[r5]acl  3000

[r5-acl-adv-3000]rule  deny  icmp  source  192.168.2.254 0.0.0.0 destination  19 2.168.4.254 0.0.0.0 icmp-type  echo-reply 

[r5-GigabitEthernet0/0/1]traffic-filter inbound  acl  3000