拓扑图
一、PC机基础配置
PC机基础配置
二、路由器接口配置
1、AR1
[Huawei]sysname AR1
[AR1]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip add
[AR1-GigabitEthernet0/0/1]ip address 10.1.0.1 24
[AR1GigabitEthernet0/0/1]int g0/0/2
[AR1-GigabitEthernet0/0/2]ip address 10.1.1.1 24
[AR1-GigabitEthernet0/0/2]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip address 10.1.2.1 24
2、AR2
[Huawei]sysname AR2
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip address 10.1.2.2 24
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]ip address 10.2.0.1 24
[AR2-GigabitEthernet0/0/1]int g0/0/2
[AR2-GigabitEthernet0/0/2]ip address 10.2.3.2 24
3、AR3
[Huawei]SYSNAME AR3
[AR3]int g0/0/0
[AR3-GigabitEthernet0/0/0]ip address 10.2.3.3 24
[AR3-GigabitEthernet0/0/0]int g0/0/1
[AR3-GigabitEthernet0/0/1]ip address 10.3.0.1 24
三、在AR1、AR2、AR3运行OSPF协议
1、AR1
[AR1]ospf
[AR1-ospf-1]area 0
[AR1-ospf-1-area-0.0.0.0]network 10.1.0.0 0.0.0.255
[AR1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[AR1-ospf-1-area-0.0.0.0]network 10.1.2.0 0.0.0.255
2、AR2
[AR2]ospf
[AR2-ospf-1]area 0
[AR2-ospf-1-area-0.0.0.0]network 10.1.2.0 0.0.0.255
[AR2-ospf-1-area-0.0.0.0]network 10.2.0.0 0.0.0.255
[AR2-ospf-1-area-0.0.0.0]network 10.2.3.0 0.0.0.255
3、AR3
[AR3]ospf
[AR3-ospf-1]area 0
[AR3-ospf-1-area-0.0.0.0]network 10.2.3.0 0.0.0.255
[AR3-ospf-1-area-0.0.0.0]network 10.3.0.0 0.0.0.255
四、在AR3上配置基本ACL
[AR1]acl 2000
[AR1-acl-adv-2000]rule deny source 10.1.0.0 0.0.0.255
[AR1-acl-adv-2000]q
[AR1] int g0/0/0
[AR1-GigabitEthernet0/0/0] traffic-filter inbound acl 2000
五、在AR1上配置高级ACL
[AR1]acl 3000
[AR1-acl-adv-3000]rule deny ip destination 10.2.0.0 0.0.0.255
[AR1-acl-adv-3000]q
[AR1] int g0/0/2
[AR1-GigabitEthernet0/0/2] traffic-filter outbound acl 3000
