任务要求:

SwitchA作为有线终端网关与DHCP Server,为无线终端与有线终端分配IP地址,并配置ACL访问控制列表控制不同用户的访问权限,客户机只能跟DMZ区域服务器互访,无线访客禁止访问业务服务器和员工有线网络。

防火墙配置出口NAT功能,用于公网和私网地址转换:配置安全策略,控制Internet的访问,客户机区域无需访问外网可以与DMZ区域的服务器互访,配置NATServer让DMZ区域的WEB服务器开放至公网访问。

该实验是参考华为官网的文章(作者的理论知识储备量不高,如果有些地方注释的不到位请见谅)

IP地址表:

设备 接口 所属VLAN IP地址
防火墙 G1/0/0 10.107.1.2/24
防火墙 G1/0/1 109.1.1.1/24
防火墙 G1/0/2 10.106.1.1/24
SwitchA G0/0/1 101、102、103、105 vlanif101:10.101.1.1/24
vlanif102:10.102.1.1/24
SwitchA G0/0/3 104 vlanif104:10.104.1.1/24
SwitchA G0/0/5 101、102、103、105 vlanif103:10.103.1.1/24
vlanif105:10.105.1.1/24
SwitchA G0/0/8 100 vlanif100:10.100.1.1/24
SwitchA G0/0/11 108 vlanif108:10.108.1.1/24
SwitchA G0/0/13 107 vlanif107:10.107.1.1/24
SwitchB E0/0/3 104
SwitchB E0/0/5 104
SwitchC E0/0/3 101、102、105
SwitchC E0/0/5 101、102、103、105
SwitchC E0/0/13 103
SwitchD E0/0/3 101、102、105
SwitchD E0/0/5 101、102、103、105
SwitchD E0/0/13 103
WEB Server E0/0/0 10.106.1.2/24
Business Server E0/0/0 10.108.1.2/24
PC1 E0/0/1 103 DHCP获取
PC2 E0/0/1 103 DHCP获取
AC G0/0/3 100 10.100.1.2/24
AP1 G0/0/0 105 DHCP获取
AP2 G0/0/0 105 DHCP获取

设备接口表:

本端设备 本端接口 对端设备 对端接口
防火墙FW GE1/0/0 SwitchA GE0/0/13
防火墙FW GE1/0/1 Internet GE0/0/0
SwitchA GE0/0/1 SwitchC E0/0/5
SwitchA GE0/0/3 SwitchB E0/0/5
SwitchA GE0/0/5 SwitchD E0/0/5
SwitchA GE0/0/8 AC控制器 GE0/0/3
SwitchA GE0/0/13 防火墙FW GE1/0/0
SwitchB E0/0/5 SwitchA GE0/0/3
SwitchC E0/0/5 SwitchA GE0/0/1
SwitchC E0/0/3 AP1 GE0/0/0
SwitchD E0/0/5 SwitchA GE0/0/5
SwitchD E0/0/3 AP2 GE0/0/0
AC控制器 GE0/0/03 SwitchA GE0/0/8

VLAN规划表:

VLAN规划 描述
VLAN100 无线管理VLAN
VLAN101 访客无线业务VLAN
VLAN102 员工无线业务VLAN
VLAN103 员工有线VLAN
VLAN104 客户区域的VLAN
VLAN105 AP所属VLAN
VLAN107 对应VLANIF接口上行防火墙
VLAN108 业务区接入VLAN

配置思路:

  1. 完成防火墙上的IP配置、默认路由配置和区域配置;完成交换机的vlan配置和vlan划分
  2. 配置SwitchA的DHCP服务
  3. 配置AC让AP上线并让无线终端获取IP
  4. 配置防火墙NAT功能,做公网和私网地址的转换
  5. 在SwitchA配置ACL访问控制列表并引用

防火墙基本配置:

<USG6000V1>system-view

Enter system view, return user view with Ctrl+Z.

[USG6000V1]sysname FW

[FW]inter g1/0/0

[FW-GigabitEthernet1/0/0]ip add 10.107.1.2 24

[FW-GigabitEthernet1/0/0]inter g1/0/1

[FW-GigabitEthernet1/0/1]ip add 109.1.1.1 24

[FW-GigabitEthernet1/0/1]inter g1/0/2

[FW-GigabitEthernet1/0/2]ip add 10.106.1.1 24

[FW-GigabitEthernet1/0/2]firewall zone trust    #进入防火墙信任区区域配置

[FW-zone-trust]add inter g1/0/0   #将G1/0/0接口加入信任区

[FW-zone-trust]firewall zone untrust    #进入防火墙非信任区区域配置

[FW-zone-untrust]add inter g1/0/1   #将G1/0/1接口加入非信任区

[FW-zone-untrust]firewall zone dmz    #进入防火墙隔离区区域配置

[FW-zone-dmz]add inter g1/0/2   #将G1/0/2接口加入隔离区

[FW-zone-dmz]quit

[FW]ip route-static 10.0.0.0 8 10.107.1.1   #防火墙回访路由10.0.0.0下一跳地址为10.107.1.1

[FW]ip route-static 0.0.0.0 0 109.1.1.2   #默认出口路由

[FW]bfd   #开启bfd全局配置

[FW-bfd]quit

[FW]bfd 1 bind peer-ip 10.107.1.1 source-ip 10.107.1.2 auto   #配置与SwitchA的双向转发故障检测

[FW-bfd-session-1]commit    #提交当前bfd配置

AC基本配置与VLAN划分:

<AC6005>system-view

Enter system view, return user view with Ctrl+Z.

[AC6005]vlan batch 100

Info: This operation may take a few seconds. Please wait for a moment...done.

[AC6005]inter vlan 100

[AC6005-Vlanif100]ip add 10.100.1.2 24

[AC6005-Vlanif100]inter g0/0/3

[AC6005-GigabitEthernet0/0/3]port link-type acc

[AC6005-GigabitEthernet0/0/3]port default vlan 100

[AC6005-GigabitEthernet0/0/3]quit

[AC6005]ip route-static 0.0.0.0 0.0.0.0 10.100.1.1    #AC的默认路由

SwitchA基本配置与VLAN划分:

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname SWA

[SWA]vlan batch 100 to 105 107 108

Info: This operation may take a few seconds. Please wait for a moment...done.

[SWA]inter vlan 100

[SWA-Vlanif100]ip add 10.100.1.1 24

[SWA-Vlanif100]inter vlan 101

[SWA-Vlanif101]ip add 10.101.1.1 24

[SWA-Vlanif101]inter vlan 102

[SWA-Vlanif102]ip add 10.102.1.1 24

[SWA-Vlanif102]inter vlan 103

[SWA-Vlanif103]ip add 10.103.1.1 24

[SWA-Vlanif103]inter vlan 104

[SWA-Vlanif104]ip add 10.104.1.1 24

[SWA-Vlanif104]inter vlan 105

[SWA-Vlanif105]ip add 10.105.1.1 24

[SWA-Vlanif105]inter vlan 107

[SWA-Vlanif107]ip add 10.107.1.1 24

[SWA-Vlanif107]inter vlan 108

[SWA-Vlanif108]ip add 10.108.1.1 24

[SWA-Vlanif108]inter g0/0/1

[SWA-GigabitEthernet0/0/1]port link-type trunk

[SWA-GigabitEthernet0/0/1]port trunk allow vlan 101 to 103 105

[SWA-GigabitEthernet0/0/1]inter g0/0/3

[SWA-GigabitEthernet0/0/3]port link-type acc

[SWA-GigabitEthernet0/0/3]port default vlan 104

[SWA-GigabitEthernet0/0/3]inter g0/0/5

[SWA-GigabitEthernet0/0/5]port link-type trunk

[SWA-GigabitEthernet0/0/5]port trunk allow vlan 101 to 103 105

[SWA-GigabitEthernet0/0/5]inter g0/0/8

[SWA-GigabitEthernet0/0/8]port link-type acc

[SWA-GigabitEthernet0/0/8]port default vlan 100

[SWA-GigabitEthernet0/0/8]inter g0/0/11

[SWA-GigabitEthernet0/0/11]port link-type acc

[SWA-GigabitEthernet0/0/11]port default vlan 108

[SWA-GigabitEthernet0/0/11]inter g0/0/13

[SWA-GigabitEthernet0/0/13]port link-type acc

[SWA-GigabitEthernet0/0/13]port default vlan 107

[SWA-GigabitEthernet0/0/13]quit

[SWA]ip route-static 0.0.0.0 0 10.107.1.2   #默认路由

[SWA]bfd    #开启bfd全局配置

[SWA-bfd]quit

[SWA]bfd 1 bind peer-ip 10.107.1.2 source-ip 10.107.1.1 auto    #配置与防火墙的双向转发故障检测

[SWA-bfd-session-1]commit   #提交当前bfd的配置

SwitchB VLAN划分:

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname SWB

[SWB]vlan batch 104

Info: This operation may take a few seconds. Please wait for a moment...done.

[SWB]inter e0/0/5

[SWB-Ethernet0/0/5]port link-type acc

[SWB-Ethernet0/0/5]port default vlan 104

[SWB-Ethernet0/0/5]inter e0/0/3

[SWB-Ethernet0/0/3]port link-type acc

[SWB-Ethernet0/0/3]port default vlan 104

[SWB-Ethernet0/0/3]quit

SwitchC VLAN划分:

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname SWC

[SWC]vlan batch 101 to 103 105

Info: This operation may take a few seconds. Please wait for a moment...done.

[SWC]inter e0/0/3

[SWC-Ethernet0/0/3]port link-type trunk

[SWC-Ethernet0/0/3]port trunk allow vlan 101 102 105

[SWC-Ethernet0/0/3]port trunk pvid vlan 105

[SWC-Ethernet0/0/3]inter e0/0/5

[SWC-Ethernet0/0/5]port link-type trunk

[SWC-Ethernet0/0/5]port trunk allow vlan 101 to 103 105

[SWC-Ethernet0/0/5]inter e0/0/13

[SWC-Ethernet0/0/13]port link-type acc

[SWC-Ethernet0/0/13]port default vlan 103

[SWC-Ethernet0/0/13]quit

SwitchD VLAN划分:

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname SWD

[SWD]vlan batch 101 to 103 105

Info: This operation may take a few seconds. Please wait for a moment...done.

[SWD]inter e0/0/3

[SWD-Ethernet0/0/3]port link-type trunk

[SWD-Ethernet0/0/3]port trunk allow vlan 101 102 105

[SWD-Ethernet0/0/3]port trunk pvid vlan 105

[SWD-Ethernet0/0/3]inter e0/0/5

[SWD-Ethernet0/0/5]port link-type trunk

[SWD-Ethernet0/0/5]port trunk allow vlan 101 to 103 105

[SWD-Ethernet0/0/5]inter e0/0/13

[SWD-Ethernet0/0/13]port link-type acc

[SWD-Ethernet0/0/13]port default vlan 103

[SWD-Ethernet0/0/13]quit

SwitchA配置DHCP Server:

[SWA]dhcp enable    #开启DHCP服务

[SWA]inter vlan 103

[SWA-Vlanif103]dhcp select interface    #配置VLAN开启dhcp下发

[SWA]inter vlan 101

[SWA-Vlanif101]dhcp select interface

[SWA]inter vlan 102

[SWA-Vlanif102]dhcp select interface

[SWA]inter vlan 105

[SWA-Vlanif105]dhcp select interface

[SWA-Vlanif105]dhcp server option 43 sub-option 1 ip-address 10.100.1.2   #当AP获取到IP地址后这条命令告知AP AC控制器的IP地址

AC配置AP上线(需要AP先获取到vlan105的ip地址):

[AC6005]capwap source interface vlanif100   #配置vlan100接口为AP控制点(AC源接口)

[AC6005]wlan    #进入无线配置面板

[AC6005-wlan-view]regulatory-domain-profile name office   #创建名为office的域档案

[AC6005-wlan-regulate-domain-office]country-code CN   #配置office域档案的国家代码为CN(默认为CN谨慎起见打一遍)

[AC6005-wlan-regulate-domain-office]quit

[AC6005-wlan-view]ap-group name office    #为办公区创建名为office的ap组

[AC6005-wlan-ap-group-office]regulatory-domain-profile office   #引用office域档案

[AC6005-wlan-ap-group-office]quit

[AC6005-wlan-view]ap auth-mode mac-auth   #配置ap的认证模式为mac认证

[AC6005-wlan-view]ap-id 0 ap-mac 00E0-FC4A-5F10

[AC6005-wlan-ap-0]ap-name office    #ap名称为office

[AC6005-wlan-ap-0]ap-group office   #归属于名为office的ap组(加入office ap组)

[AC6005-wlan-ap-0]quit

[AC6005-wlan-view]regulatory-domain-profile name manage

[AC6005-wlan-regulate-domain-manage]country-code CN

[AC6005-wlan-regulate-domain-manage]quit

[AC6005-wlan-view]ap-group name manage

[AC6005-wlan-ap-group-manage]regulatory-domain-profile manage

[AC6005-wlan-ap-group-manage]quit

[AC6005-wlan-view]ap-id 1 ap-mac 00E0-FC6C-6200

[AC6005-wlan-ap-1]ap-name manage

[AC6005-wlan-ap-1]ap-group manage

[AC6005-wlan-ap-1]quit

[AC6005-wlan-view]quit

[AC6605]display ap all    #查看ap上线情况

AC配置AP无线下发:

[AC6005]wlan

[AC6005-wlan-view]security-profile name office    #创建安全模板office

[AC6005-wlan-sec-prof-office]security wpa2 psk pass-phrase 12345678 aes   #配置安全级别为WPA2预共享密钥,添加密码12345678使用aes加密

[AC6005-wlan-sec-prof-office]quit

[AC6005-wlan-view]ssid-profile name office    #创建ssid模板

[AC6005-wlan-ssid-prof-office]ssid office   #配置WIFI名为office

[AC6005-wlan-ssid-prof-office]quit

[AC6005-wlan-view]vap-profile name office   #创建vap模板office

[AC6005-wlan-vap-prof-office]forward-mode direct-forward    #配置vap转发模式为直接转发(默认是直接转发)

[AC6005-wlan-vap-prof-office]service-vlan vlan-id 101   #添加服务vlan101

[AC6005-wlan-vap-prof-office]ssid-profile office    #引入ssid模板office

[AC6005-wlan-vap-prof-office]security-profile office    #引入安全模板office

[AC6005-wlan-vap-prof-office]quit

[AC6005-wlan-view]ap-group name office    #进入office ap组

[AC6005-wlan-ap-group-office]vap-profile office wlan 1 radio 0    #引用vap模板射频在2.4Ghz频段

[AC6005-wlan-ap-group-office]vap-profile office wlan 1 radio 1    #引用vap模板射频在5Ghz频段

[AC6005-wlan-ap-group-office]quit

[AC6005-wlan-view]security-profile name manage

[AC6005-wlan-sec-prof-manage]security wpa2 psk pass-phrase 12345678 aes

[AC6005-wlan-sec-prof-manage]quit

[AC6005-wlan-view]ssid-profile name manage

[AC6005-wlan-ssid-prof-manage]ssid manage

[AC6005-wlan-ssid-prof-manage]quit

[AC6005-wlan-view]vap-profile name manage

[AC6005-wlan-vap-prof-manage]forward-mode direct-forward

[AC6005-wlan-vap-prof-manage]service-vlan vlan-id 102

[AC6005-wlan-vap-prof-manage]ssid-profile manage

[AC6005-wlan-vap-prof-manage]security-profile manage

[AC6005-wlan-vap-prof-manage]quit

[AC6005-wlan-view]ap-group name manage

[AC6005-wlan-ap-group-manage]vap-profile office wlan 1 radio 0

[AC6005-wlan-ap-group-manage]vap-profile office wlan 1 radio 1

[AC6005-wlan-ap-group-managee]quit

防火墙区域访问配置:

[FW]security-policy   #进入安全策略面板

[FW-policy-security]rule name trust_untrust   #添加规则用于trust区域访问untrust区域

[FW-policy-security-rule-trust_untrust]source-zone trust    #添加源区域trust

[FW-policy-security-rule-trust_untrust]destination-zone untrust   #目的区域untrust

[FW-policy-security-rule-trust_untrust]source-address 10.101.1.0 0.0.0.255

[FW-policy-security-rule-trust_untrust]source-address 10.102.1.0 0.0.0.255

[FW-policy-security-rule-trust_untrust]source-address 10.103.1.0 0.0.0.255

[FW-policy-security-rule-trust_untrust]action permit    #规则动作允许

[FW-policy-security-rule-trust_untrust]quit

[FW-policy-security]rule name camera_dmz    #添加规则用于客户机与dmz互相访问

[FW-policy-security-rule-camera_dmz]source-zone dmz

[FW-policy-security-rule-camera_dmz]source-zone trust

[FW-policy-security-rule-camera_dmz]destination-zone dmz

[FW-policy-security-rule-camera_dmz]destination-zone trust

[FW-policy-security-rule-camera_dmz]source-address 10.104.1.0 0.0.0.255   #添加客户机所在网段

[FW-policy-security-rule-camera_dmz]source-address 10.106.1.0 0.0.0.255   #添加web server所在网段

[FW-policy-security-rule-camera_dmz]destination-address 10.104.1.0 0.0.0.255    #目标客户机网段

[FW-policy-security-rule-camera_dmz]destination-address 10.106.1.0 0.0.0.255    #目标web server网段

[FW-policy-security-rule-camera_dmz]action permit

[FW-policy-security-rule-camera_dmz]quit

[FW-policy-security]rule name untrust_dmz   #添加规则用于untrust区域访问dmz区域的web server

[FW-policy-security-rule-untrust_dmz]source-zone untrust

[FW-policy-security-rule-untrust_dmz]destination-zone dmz

[FW-policy-security-rule-untrust_dmz]action permit

[FW-policy-security-rule-untrust_dmz]quit

[FW-policy-security]rule name trust_dmz   #添加规则用于trust区域访问dmz区域

[FW-policy-security-rule-trust_dmz]source-zone trust

[FW-policy-security-rule-trust_dmz]destination-zone dmz

[FW-policy-security-rule-trust_dmz]action permit

[FW-policy-security-rule-trust_dmz]quit

防火墙NAT配置:

[FW]nat address-group 1   #创建nat组1

[FW-address-group-1]mode pat    #配置nat模式为路径模式(允许端口转换)

[FW-address-group-1]route enable    #开启nat路由(防环作用)

[FW-address-group-1]section 1 109.1.1.10 109.1.1.15   #配置nat地址段

[FW-address-group-1]quit

[FW]nat-policy    #进入nat策略配置

[FW-policy-nat]rule name trust_untrust    #添加规则trust_untrust用于实现私网指定网段访问公网时自动进行源地址转换

[FW-policy-nat-rule-trust_untrust]source-zone trust   #源区域为trust

[FW-policy-nat-rule-trust_untrust]destination-zone untrust    #目的区域为untrust

[FW-policy-nat-rule-trust_untrust]source-address 10.101.1.0 0.0.0.255   #添加访客无线vlan101的源地址段10.101.1.0

[FW-policy-nat-rule-trust_untrust]source-address 10.102.1.0 0.0.0.255   #添加员工无线vlan102的源地址段10.102.1.0

[FW-policy-nat-rule-trust_untrust]source-address 10.103.1.0 0.0.0.255   #添加员工有线vlan103的源地址段10.103.1.0

[FW-policy-nat-rule-trust_untrust]action source-nat address-group 1   #调用nat组1

[FW-policy-nat-rule-trust_untrust]quit

[FW-policy-nat]quit

[FW]ip route-static 109.1.1.10 255.255.255.255 NULL0    #添加黑洞路由防止环路

[FW]ip route-static 109.1.1.11 255.255.255.255 NULL0

[FW]ip route-static 109.1.1.12 255.255.255.255 NULL0

[FW]ip route-static 109.1.1.13 255.255.255.255 NULL0

[FW]ip route-static 109.1.1.14 255.255.255.255 NULL0

[FW]ip route-static 109.1.1.15 255.255.255.255 NULL0

[FW]nat server protocol tcp global interface GigabitEthernet 1/0/1 www inside 10.106.1.2 www no-reverse

#添加nat映射要求web sever的ip地址映射在防火墙g1/0/1接口上,公网通过访问防火墙g1/0/1接口访问web server

SwitchA配置acl访问控制列表:

[SWA]acl 3000   #添加规则3000控制客户机访问

[SWA-acl-adv-3000]description client    #注释

[SWA-acl-adv-3000]rule 0 permit ip source 10.104.1.2 0 destination 10.106.1.2 0  #允许客户机访问web server

[SWA-acl-adv-3000]rule 5 deny ip source 10.104.1.2 0    #拒绝客户机访问其它网段

[SWA-acl-adv-3000]quit

[SWA]inter g0/0/3

[SWA-GigabitEthernet0/0/3]traffic-filter inbound acl 3000   #在G0/0/3接口使用流量过滤引入规则3000

[SWA]acl 3001   #添加规则3001控制无线用户不能访问vlan103网段

[SWA-acl-adv-3001]rule 0 deny ip source 10.101.1.0 0.0.0.255 destination 10.103.1.0 0.0.0.255

[SWA-acl-adv-3001]rule 1 deny ip source 10.101.1.0 0.0.0.255 destination 10.108.1.0 0.0.0.255

[SWA-acl-adv-3001]rule 2 deny ip source 10.102.1.0 0.0.0.255 destination 10.103.1.0 0.0.0.255

[SWA-acl-adv-3001]rule 3 deny ip source 10.102.1.0 0.0.0.255 destination 10.108.1.0 0.0.0.255

[SWA-acl-adv-3001]quit

[SWA]inter g0/0/1

[SWA-GigabitEthernet0/0/1]traffic-filter inbound acl 3001   #在G0/0/1接口使用流量过滤引入规则3001

[SWA-GigabitEthernet0/0/1]quit

[SWA]inter g0/0/5

[SWA-GigabitEthernet0/0/5]traffic-filter inbound acl 3001   #在G0/0/5接口使用流量过滤引入规则3001

[SWA-GigabitEthernet0/0/5]quit

有线ip获取:

AP上线情况和无线ip获取:

客户机访问:

访问web server:

访问员工有线网:

访问无线网:

无线用户访问:

NAT转换测试:

有线网络:

无线网络:

NAT地址映射:

防火墙NAT+DHCP+ACL+ACAP的更多相关文章

  1. HUAWEI——— 防火墙+ACL访问控制+AP上线+默认路由+NAT+DHCP(案例拓扑)

    #HUAWEI--- 防火墙+ACL访问控制+AP上线+默认路由+NAT+DHCP(案例拓扑) 网络拓扑图: 项目要求: 1.交换机SwitchA,作为有线终端的网关,同时作为DHCP server, ...

  2. 绝对实用 NAT + VLAN +ACL管理企业网络

    在企业中,要实现所有的员工都能与互联网进行通信,每个人各使用一个公网地址是很不现实的.一般,企业有1个或几个公网地址,而企业有几十.几百个员工.要想让所有的员工使用这仅有的几个公网地址与互联网通信该怎 ...

  3. H3c实验室-(OSPF,Nat,STP,Dhcp,Acl)v.1)

    实验声明 本实验纯属学习记录性质,如有错误,请大哥帮忙提出,马上改正谢谢~还有学习H3c心态要好,他有超级多的bug!!!! 实验介绍 实验条件 实验开始 把图设计好 先说明一下RTA-RTB的线路是 ...

  4. 华为USG防火墙nat环回配置

    网络环境介绍: 公司内网有一台web服务器,地址是192.168.100.100,web服务端口为80,并且为这台web服务器申请了DNS A记录的域名解析服务,解析记录是公司出口ip地址100.10 ...

  5. Iptables防火墙NAT地址转换与端口转发

    开启系统转发功能: [root@localhost /]# vim /etc/sysctl.conf # Generated by iptables-save v1.4.7 on Thu May 12 ...

  6. Juniper SRX防火墙-NAT学习笔记!

    Junos NAT第一部分:SRX NAT介绍第二部分:Source NAT:Interface NAT第三部分:Source NAT:Address Pools第四部分:Destination NA ...

  7. Juniper srx防火墙NAT配置

    一.基础操作说明: 1.  设备恢复出厂化 root# load factory-default root# set system root-authentication plain-text-pas ...

  8. firewalld 防火墙 nat 网络地址转换

    目的:实现以下效果 一. 准备环境 @1 三台虚拟机 @2  client 端 ip  192.168.1.2      server端   两块网卡 , ip 分别是 192.168.1.1   和 ...

  9. ubuntu NAT dhcp

    说明: 1.在服务器版本中,没有想桌面版一样的NetworkManager工具,所以的一切都是在命令行上操作的. 2.本文只针对DHCP默认分配的IP进行查看. 方法: 1.如果要使用DHCP,那么需 ...

  10. 三层交换配置VLAN+DHCP+ACL

    使用思科模拟软件Cisco Packet Tracer Student,软件功能有限,只能架设简单的网络架构,适合初学者使用.

随机推荐

  1. Jax框架的static与Traced Operations —— Static vs Traced Operations

    相关: Jax框架的jit编译是否可以使用循环结构,如果使用循环结构需要注意什么 Jax的static和Traced都是指jit编译的函数内的对象的属性的,jit装饰的函数其输入参数和输出参数都是Tr ...

  2. Jax计算框架的JIT编译的static特性

    官方: https://jax.readthedocs.io/en/latest/notebooks/thinking_in_jax.html#jit-mechanics-tracing-and-st ...

  3. 个人常用的 matplotlib 绘图模板

    import numpy as np import matplotlib import matplotlib.pyplot as plt matplotlib.rcParams['mathtext.f ...

  4. Ubuntu18.04动态桌面壁纸variety的安装

    Ubuntu18.04桌面系统,安装动态更换桌面壁纸的应用,即安装软件 variety. variety 的安装: sudo apt install variety 安装好以后就会自动启动. 我们可以 ...

  5. 说说"铁马冰河"事件

    地址: https://baike.baidu.com/item/%E9%93%81%E9%A9%AC%E5%86%B0%E6%B2%B3/60313943?fr=aladdin 其实也没有什么好说的 ...

  6. 如何更改Python项目中的 模块搜索第一路径

    内容承接上文: Python语言中当前工作目录(Current Working Directory, cwd)与模块搜索第一路径都是指什么??? 上文中已经解释了当前工作目录cwd与模块搜索路径的区别 ...

  7. 深度解读KubeEdge架构设计与边缘AI实践探索

    摘要:解读业界首个云原生边缘计算框架KubeEdge的架构设计,如何实现边云协同AI,将AI能力无缝下沉至边缘,让AI赋能边侧各行各业,构建智能.高效.自治的边缘计算新时代,共同探索智能边缘的新篇章. ...

  8. Digest Auth 摘要认证

    1.该代码展示了使用Apache HttpClient库进行HTTP请求,并处理基于MD5的HTTP Digest认证的过程. Digests类实现了MD5加密算法,HttpUtils类处理了GET. ...

  9. 微服务全链路跟踪:jaeger集成hystrix

    微服务全链路跟踪:grpc集成zipkin 微服务全链路跟踪:grpc集成jaeger 微服务全链路跟踪:springcloud集成jaeger 微服务全链路跟踪:jaeger集成istio,并兼容u ...

  10. CF1730G

    CF1703G 链接: Problem - 1703G - Codeforces 题目大意: 你有 \(n\) 个箱子.第 \(i\) 个箱子中有 \(a_i\) 个硬币.你需要按照从箱子 \(1\) ...