1.實驗拓補圖
2.實驗要求
1.根據提供材料劃分VLAN以及IP地址,PC1/PC2屬于生產一部員工劃分VLAN10,PC3屬于生產二部劃分VLAN20
2.HJ-1HJ-2交換機需要配置鏈路聚合以保證業務數據訪問的高帶寬需求
3.VLAN的放通遵循最小VLAN透傳原則
4.配置MSTP生成樹解決二層環路問題,并且為考慮業務數據分流,生產一部流量(VLAN10)數據以HJ-1作為生成樹主根/HJ-2作為備份,生產二部流量(vlan20)以HJ-2作為生成樹主根/HJ-1作為備份
5.生成樹需要配置邊緣接口并且配置BPDU保護和BPDU過濾功能保證用戶體驗
6.配置虛擬路由器冗余VRRP以保證網關冗余,提高業務可靠性部署,HJ-1作為VLAN10主網關/HJ-2作為VLAN20主網關并且互為備份
7.VRRP需要主網關配置上行鏈路監控(直接監控物理接口)保證上行網絡故障業務不中斷,配置搶占延遲15s,以應對網絡震蕩
8.配置單區域OSPF訪問互聯網
3.VLAN及IP地址規劃表
| 設備 | vlan | IP網段 | 網關 | 備注 |
|---|---|---|---|---|
| PC1 | 10 | 192.168.10.0/24 | 192.168.10.254 | 物理網關:HJ-1 192.168.10.1 HJ-2 192.168.10.2 |
| PC2 | 10 | 192.168.10.0/24 | 192.168.10.254 | 物理網關:HJ-1 192.168.10.1 HJ-2 192.168.10.2 |
| PC3 | 20 | 192.168.20.0/24 | 192.168.20.254 | 物理網關:HJ-1 192.168.20.1 HJ-2 192.168.20.2 |
| 路由器 | 1.1.1.0/24 | / | 環回接口1.1.1.1/24 模擬互聯網網段 |
鏈路地址規劃
| 鏈路 | VLAN | IP網段 | IP地址 |
|---|---|---|---|
| HJ-1—CORE | 100 | 192.168.100.0/24 | HJ-1 192.168.100.1 CORE 192.168.100.2 |
| HJ-2—CORE | 200 | 192.168.200.0/24 | HJ-2 192.168.200.1 CORE 192.168.200.2 |
| CORE-路由器 | 110 | 192.168.110.0/24 | CORE 192.168.110.1 路由器 192.168.110.2 |
HJ-1作為VLAN10 根網橋設備同時作為VLAN
10用戶網關 HJ-2作為VLAN 20根網橋設備同時作為VLAN 20用戶網關
除路由器外,所有設備均按照拓撲標注進行設備命名,如:ACC-1
OSPF Router-ID以設備編號手工命名
| 設備 | RID |
|---|---|
| HJ-1 | 1.1.1.1 |
| HJ-2 | 2.2.2.2 |
| CORE | 3.3.3.3 |
| 路由器 | 4.4.4.4 |
4.設備具體配置
HJ-1:
vlan batch 10 20 100
stp instance 1 root primary
stp instance 2 root secondary
cluster enable
ntdp enable
ndp enable
dhcp enable
diffserv domain default
drop illegal-mac alarm
stp region-configuration
region-name ACC
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
drop-profile default
ip pool vlan10
gateway-list 192.168.10.254
network 192.168.10.0 mask 255.255.255.0
dns-list 8.8.8.8
ip pool vlan20
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
dns-list 8.8.8.8
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif10
ip address 192.168.10.1 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 15
vrrp vrid 1 track interface GigabitEthernet0/0/5 reduced 25
dhcp select global
interface Vlanif20
ip address 192.168.20.1 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.20.254
dhcp select global
interface Vlanif100
ip address 192.168.100.1 255.255.255.0
interface Eth-Trunk0
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/1
eth-trunk 0
interface GigabitEthernet0/0/2
eth-trunk 0
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/5
port link-type access
port default vlan 100
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 192.168.10.1 0.0.0.0
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 192.168.20.1 0.0.0.0
network 192.168.110.1 0.0.0.0
user-interface con 0
user-interface vty 0 4HJ-2:
vlan batch 10 20 200
stp instance 1 root secondary
stp instance 2 root primary
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
dhcp enable
diffserv domain default
stp region-configuration
region-name ACC
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
drop-profile default
ip pool vlan10
gateway-list 192.168.10.254
ip pool vlan10
network 192.168.10.0 mask 255.255.255.0
dns-list 8.8.8.8
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
ip pool vlan20
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
dns-list 8.8.8.8
interface Vlanif10
ip address 192.168.10.2 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
dhcp select global
interface Vlanif20
ip address 192.168.20.2 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.20.254
vrrp vrid 1 priority 120
vrrp vrid 1 preempt-mode timer delay 15
vrrp vrid 1 track interface GigabitEthernet0/0/5 reduced 25
dhcp select global
interface Vlanif200
ip address 192.168.200.1 255.255.255.0
interface Eth-Trunk0
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/1
eth-trunk 0
interface GigabitEthernet0/0/2
eth-trunk 0
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/5
port link-type access
port default vlan 200
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 192.168.10.2 0.0.0.0
network 192.168.20.2 0.0.0.0
network 192.168.200.1 0.0.0.0
user-interface con 0
user-interface vty 0 4ACC-1:
vlan batch 10 20
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
region-name ACC
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/3
port link-type access
port default vlan 10
interface GigabitEthernet0/0/4
port link-type access
port default vlan 10
user-interface con 0
user-interface vty 0 4ACC-2:
vlan batch 10 20
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
stp region-configuration
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
region-name ACC
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/3
port link-type access
port default vlan 20
user-interface con 0
user-interface vty 0 4CORE:
vlan batch 100 110 200
cluster enable
ntdp enable
ndp enable
drop illegal-mac alarm
diffserv domain default
drop-profile default
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
interface Vlanif100
ip address 192.168.100.2 255.255.255.0
ip address 192.168.110.1 255.255.255.0
interface Vlanif200
ip address 192.168.200.2 255.255.255.0
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
interface GigabitEthernet0/0/2
port link-type access
port default vlan 200
interface GigabitEthernet0/0/3
port link-type access
port default vlan 110
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 192.168.100.2 0.0.0.0
network 192.168.110.1 0.0.0.0
network 192.168.200.2 0.0.0.0
user-interface con 0
user-interface vty 0 45.設備之間的通訊狀態:
接入層與匯聚層
- ACC - 1 與 HJ - 1:ACC - 1 上連接 PC1 和 PC2 的端口劃分在 VLAN10,通過 GE 0/0/1 以 trunk 鏈路連接到 HJ - 1 的聚合鏈路。VLAN10 內的流量可以在兩者間正常傳輸,實現 PC1、PC2 與 HJ - 1 的通訊。
- ACC - 2 與 HJ - 2:ACC - 2 上連接 PC3 的端口劃分在 VLAN20,通過 GE 0/0/1 以 trunk 鏈路連接到 HJ - 2 的聚合鏈路。VLAN20 內的流量可在兩者間正常傳輸,實現 PC3 與 HJ - 2 的通訊。
匯聚層之間
- HJ - 1 與 HJ - 2:通過鏈路聚合建立了高帶寬連接,且配置為 trunk 鏈路允許 VLAN10 和 VLAN20 通過。MSTP 生成樹協議避免了二層環路,VLAN10 和 VLAN20 的流量可在兩者間按需傳輸,如 VLAN10 以 HJ - 1 為主根、VLAN20 以 HJ - 2 為主根進行流量路徑選擇 。
匯聚層與核心層
- HJ - 1、HJ - 2 與 CORE:HJ - 1 和 HJ - 2 與 CORE 通過 trunk 鏈路連接,允許 VLAN10 和 VLAN20 通過。在 OSPF 協議作用下,三層可達,可實現 VLAN10、VLAN20 與核心層設備的通訊。
核心層與路由器
- CORE 與 R1:通過 OSPF 協議建立鄰居關系,宣告相關網絡,實現三層互通,使得內部 VLAN 網絡能夠通過 R1 訪問互聯網。
冗余保障方面
- VRRP:在 VLAN10 中,HJ - 1 作為主網關,HJ - 2 作為備份網關;VLAN20 中反之。當主網關設備上行鏈路故障時,備份網關能在配置的搶占延遲(15s )后接替工作,保證 VLAN 內設備網關層面的通訊不中斷。
- MSTP:配置邊緣接口及 BPDU 保護和過濾功能,保障了接入層設備與匯聚層設備間鏈路的穩定性,避免非法 BPDU 干擾,提升用戶體驗,保證了接入側通訊的可靠性。
,源碼可白嫖!)
顏色空間轉換-----將 NV12 格式的圖像數據轉換為 BGR 顏色空間函數NV12toBGR())
![Linux[基本指令]](http://pic.xiahunao.cn/Linux[基本指令])
,抓取和拉取,推送(注意點,抓取更新+合并的三種方法,解決沖突,對比),移除)
問題深度解析與實戰調優)