复习
静态路由:应用静态路由 iP route +网络段+子网掩码+下一跳地址
Ospf:router ospf1--
router-id 1.0.0.0-- network 10.0.1.0 0.0.0.31 area 0
单臂路由+dhcp中继+地址池:router0 in f0/0.1 ip
helper-address 172.16.3.1
in f0/0.2
ip helper-address 172.16.3.1
router1
(in f0/0.1)ip router 172.16.1.0 255.255.255.0 172.16.3.2
(in f0/0.1) ip router 172.16.2.0 255.255.255.0 172.16.3.2
ip dhcp pool server0 default-router 172.16.1.1
network 172.16.1.0 255.255.255.0
ip dhcp excluded-address 保留的地址
地址池:路由器:ip dhcp pool servA
default-router 172.16.1.1
network 172.16.1.0 255.255.255.0
全局 ip dhcp excluded-address
172.16.1.1 172.16.1.99
ip dhcp excluded-address 172.16.1.121 172.16.1.254
ip dhcp excluded-address 172.16.1.110 172.16.1.110
2、配置合适的ACL,满足以下要求:
(1)PC0能ping通PC1,但不能访问PC1发布的FTP服务;
(2)PC0不能ping通PC2,但能访问PC2发布的Web服务。
(1)ip access-list ex 100 deny (tcp端口,IP不是端口) host
172.16.0.2(源地) host 172.16.1.2 ()目标地址)eq ftp permit ip any
any in f1/0 ip access-group 100 out
(2)接(1)no permit ip
any any deny icmp, host 172.16.0.2 host
172.16.1.3 permit ip any any
permit ip any any
pc0不能访问pc2 则pc0为源,pc2为目标
ip access-list standard 1-99 为标准控制列表
ip access-list extanded 100-199 为扩展控制列表
ACL离目标最近用OUT
ACL 离源最近用 IN
(端口:FTP
21,DNS 53,POP3 110,WWW 80,SMTP 25,TELNET 23)