实验拓扑图如下：

1.某公司网络环境如图，Office1与Office2、Office1与Office3通过PVC链路实现通信，同时总部有另外条用于广域网访问，要求内部通信走帧中继，外网通信走另外一条链路。整体网络规划如图所示，要求依据该规划分配IP。

FR-Switch(config)#frame-relay switching

FR-Switch(config)#int s0/0         

FR-Switch(config-if)#encapsulation frame-relay

FR-Switch(config-if)#frame-relay intf-type dce

FR-Switch(config-if)#clock rate 64000

FR-Switch(config-if)#no shut

FR-Switch(config-if)#int s0/1

FR-Switch(config-if)#encapsulation frame-relay

FR-Switch(config-if)#frame-relay intf-type dce

FR-Switch(config-if)#clock rate 64000

FR-Switch(config-if)#no shut

FR-Switch(config-if)#int s0/2

FR-Switch(config-if)#encapsulation frame

FR-Switch(config-if)#encapsulation frame-relay

FR-Switch(config-if)#frame-relay intf-type dce

FR-Switch(config-if)#clock rate 64000

FR-Switch(config-if)#no shut

FR-Switch(config-if)#int s0/0

FR-Switch(config-if)#frame-relay route 103 int s0/2 301

FR-Switch(config-if)#frame-relay route 102 int s0/1 201  

FR-Switch(config-if)#int s0/1

FR-Switch(config-if)#frame-relay route 201 int s0/0 102

FR-Switch(config-if)#int s0/2

FR-Switch(config-if)#frame-relay route 301 int s0/0 103

Offiec1(config)#int s0/0

Office1(config-if)#ip add 10.0.0.1 255.255.255.248

Office1(config-if)#no shut

Office1(config-if)#encapsulation frame-relay

Office1(config-if)#no frame-relay inverse-arp

Office1(config-if)#frame-relay map ip 10.0.0.2 102 broadcast

Office1(config-if)#frame-relay map ip 10.0.0.3 103 broadcast

Offiec2(config)#int s0/1

Office2(config-if)#ip add 10.0.0.2 255.255.255.248

Office2(config-if)#no shut

Office2(config)#int l 0

Office2(config-if)#ip add 10.0.3.1 255.255.255.0

Office2(config-if)#encapsulation frame-relay

Office2(config-if)#no frame-relay inverse-arp

Office2(config-if)#frame-relay map ip 10.0.0.1 201 broadcast

Office3(config)#int s0/2

Office3(config-if)#ip add 10.0.0.3 255.255.255.248

Office3(config-if)#no shut

Office2(config)#int l 0

Office2(config-if)#ip add 10.0.3.1 255.255.255.0

Office3(config-if)#encapsulation frame-relay

Office3(config-if)#no frame-relay inverse-arp

Office3(config-if)#frame-relay map ip 10.0.0.1 301 broadcast

在FR-Switch上查看frame-relay route：

FR-Switch#sh frame-relay route

Input Intf      Input Dlci      Output Intf     Output Dlci     Status

Serial0/0       102             Serial0/1       201             active

Serial0/0       103             Serial0/2       301             active

Serial0/1       201             Serial0/0       102             active

Serial0/2       301             Serial0/0       103             active

在Office1上pingOffice2、Office3：

Office1#ping 10.0.0.2

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/136/380 ms

Office1#ping 10.0.0.3

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/95/344 ms

Office1#

2.R1与R4之间链路起用PPP协议，并且要求实施基于PAP的单向认证，用户名为User，密码为Pass。Office1上用环回口模拟主机，网段为10.0.1.0/24，要求在R1上采用PAT实现主机能够访问外部服务器。

Internet(config)#int s0/1

Internet(config-if)#ip add 10.0.0.10 255.255.255.252

Internet(config-if)#no shut

Office1(config-if)#int s0/1

Office1(config-if)#ip add 10.0.0.9 255.255.255.252

Office1(config-if)#no shut

Office1(config-if)#encapsulation ppp

Office1(config-if)#ppp pap sent-username user password pass

Internet(config)#int s0/1

Internet(config-if)#encapsulation ppp

Internet(config-if)#ppp authentication pap

Internet(config-if)#exit

Internet(config)#username user password pass

Office1(config)#ip nat pool nat 10.0.0.9 10.0.0.9 netmask 255.255.255.252

Office1(config)#ip nat inside source list 1 pool nat overload

Office1(config)#access-list 1 permit 10.0.1.0 0.0.0.255

Office1(config)#int l 0

Office1(config-if)#ip nat inside

Office1(config-if)#int s0/1

Office1(config-if)#ip nat outside

测试1：

Office1#ping 10.0.0.10 source 10.0.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:

Packet sent with a source address of 10.0.1.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/48/132 ms

Office1#

*Mar  1 00:35:48.479: NAT: s=10.0.1.1->10.0.0.9, d=10.0.0.10 [5]

*Mar  1 00:35:48.611: NAT*: s=10.0.0.10, d=10.0.0.9->10.0.1.1 [5]

*Mar  1 00:35:48.615: NAT: s=10.0.1.1->10.0.0.9, d=10.0.0.10 [6]

*Mar  1 00:35:48.619: NAT*: s=10.0.0.10, d=10.0.0.9->10.0.1.1 [6]

*Mar  1 00:35:48.623: NAT: s=10.0.1.1->10.0.0.9, d=10.0.0.10 [7]

*Mar  1 00:35:48.711: NAT*: s=10.0.0.10, d=10.0.0.9->10.0.1.1 [7]

*Mar  1 00:35:48.711: NAT: s=10.0.1.1->10.0.0.9, d=10.0.0.10 [8]

*Mar  1 00:35:48.719: NAT*: s=10.0.0.10, d=10.0.0.9->10.0.1.1 [8]

*Mar  1 00:35:48.723: NAT: s=10.0.1.1->10.0.0.9, d=10.0.0.10 [9]

*Mar  1 00:35:48.727: NAT*: s=10.0.0.10, d=10.0.0.9->10.0.1.1 [9]

测试2：

Office1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.10

Office1(config)#end                                     

Office1#ping 10.0.2.1 source 10.0.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:

Packet sent with a source address of 10.0.1.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/45/76 ms

Office1#

*Mar  1 00:38:43.011: NAT: s=10.0.1.1->10.0.0.9, d=10.0.2.1 [15]

*Mar  1 00:38:43.087: NAT*: s=10.0.2.1, d=10.0.0.9->10.0.1.1 [15]

*Mar  1 00:38:43.091: NAT: s=10.0.1.1->10.0.0.9, d=10.0.2.1 [16]

*Mar  1 00:38:43.115: NAT*: s=10.0.2.1, d=10.0.0.9->10.0.1.1 [16]

*Mar  1 00:38:43.119: NAT: s=10.0.1.1->10.0.0.9, d=10.0.2.1 [17]

*Mar  1 00:38:43.171: NAT*: s=10.0.2.1, d=10.0.0.9->10.0.1.1 [17]

*Mar  1 00:38:43.175: NAT: s=10.0.1.1->10.0.0.9, d=10.0.2.1 [18]

*Mar  1 00:38:43.223: NAT*: s=10.0.2.1, d=10.0.0.9->10.0.1.1 [18]

*Mar  1 00:38:43.227: NAT: s=10.0.1.1->10.0.0.9, d=10.0.2.1 [19]

*Mar  1 00:38:43.239: NAT*: s=10.0.2.1, d=10.0.0.9->10.0.1.1 [19]

3.Office1与Offic2通过PVC1，与Office3通过PVC2进行通信，按需求部署相应的帧中继环境，要求关闭Office1、Office2.、Office3的inverse-arp。

详细配置已经在题1中。

4.如图Office1、Office2.、Office3上起ospf协议，帧中继环境为area0，Office1为area1，Office2为area2，Office3为area3。默认网络环境为NBMA，要求实现全网通信，同时Office2也可访问Office3。并且Office2可以通过Office1的局域网出口访问外网，而Office3不行。

实现全网互通，分别启用ospf协议：

Office1(config)#router ospf 1

Office1(config-router)#net 10.0.0.0 0.0.0.255 area 0

Office1(config-router)#net 10.0.1.0 0.0.0.255 area 1

Office1(config-router)#default-information originate ***通告默认路由

Office2(config)#router ospf 2

Office2(config-router)#net 10.0.0.0 0.0.0.255 area 0

Office2(config-router)#net 10.0.3.0 0.0.0.255 area 2

Office3(config)#router ospf 3

Office3(config-router)#net 10.0.0.0 0.0.0.255 area 0

Office3(config-router)#net 10.0.4.0 0.0.0.255 area 3

更改网络类型：

Office1(config)#int s0/0

Office1(config-if)#ip ospf network broadcast

Office2(config)#int s0/1

Office2(config-if)#ip ospf network broadcast

Office3(config)#int s0/2

Office3(config-if)#ip ospf network broadcast

测试全网互通：

Office1#ping 10.0.3.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/57/172 ms

Office1#ping 10.0.4.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.4.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/63/140 ms

Office2#ping 10.0.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/46/76 ms

Office3#ping 10.0.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/63/124 ms

实现Office2与Office3的通信：

未配置时：

Office2#ping 10.0.0.3

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Office3#ping 10.0.0.2 

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

.....

配置：

Office2(config)#int s0/1          

Office2(config-if)#frame-relay map ip 10.0.0.3 201 broadcast

Office3(config)#int s0/2

Office3(config-if)#frame-relay map ip  10.0.0.2 301 broadcast

配置之后：

Office2#ping 10.0.0.3

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/83/192 ms

Office2#ping 10.0.4.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.4.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 36/118/240 ms

Office3#ping 10.0.0.2

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 36/94/228 ms

Office3#ping 10.0.3.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/67/188 ms

实现Office2可以通过Office1的局域网出口访问外网，而Office3不行：

未配置时：

Office2#ping 10.0.2.1 source l 0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:

.....

Office3#ping 10.0.2.1 source l 0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

配置：

Office1(conf ig)#access-list 1 permit 10.0.3.0 0.0.0.255  ***让访问控制列表允许R2访问外网

Office1(config)#int s0/0

Office1(config-if)#ip nat inside

配置之后：

Office2#ping 10.0.2.1 source l 0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:

Packet sent with a source address of 10.0.3.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 56/64/80 ms

Office3#ping 10.0.2.1 source l 0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:

Packet sent with a source address of 10.0.4.1

.....

Success rate is 0 percent (0/5)

5.将ospf网络环境修改为广播环境，查看相应的路由表，写出修改的配置。

方法一：

Office1(config)#int s0/0

Office1(config-if)#ip ospf network broadcast

Office2(config)#int s0/1

Office2(config-if)#ip ospf network broadcast

Office3(config)#int s0/2

Office3(config-if)#ip ospf network broadcast

方法二：

将Office2和Office3的priority设置成0，成为DROTHER。

Office2(config)#int s0/1

Office3(config-if)#ip ospf priority 0

Office3(config)#int s0/2

Office3(config-if)#ip ospf priority 0

并且指定邻居：

Office1(config-if)#router ospf 1

Office1(config-router)#neigh

Office1(config-router)#neighbor 10.0.0.2

Office1(config-router)#neighbor 10.0.0.3

Office2(config-if)#router ospf 2

Office2(config-router)#neighbor 10.0.0.1

Office3(config-if)#router ospf 3

Office3(config-router)#neighbor 10.0.0.1

6.删除路由器上的ospf进程，重新启用eigrp协议，对于AS号为123。要求实现Office2与Office3之间的通信。

Office1(config)#router eigrp 123

Office1(config-router)#net 10.0.0.0 0.0.0.255

Office1(config-router)#net 10.0.2.0 0.0.0.255

Office1(config-router)#no auto-summary

Office1(config)#int s0/0

Office1(config-if)#no ip split-horizon eigrp 123

Office2(config)#router eigrp 123

Office2(config-router)#net 10.0.0.0 0.0.0.255

Office2(config-router)#no auto-summary

Office3(config)#router eigrp 123

Office3(config-router)#net 10.0.0.0 0.0.0.255

Office3(config-router)#no auto-summary

测试：

Office2#ping 10.0.4.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.4.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 48/109/180 ms

Office3#ping 10.0.3.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.3.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 60/86/120 ms

自此，完成所有要求。