Day20-项目(1)
目录
项目时间:
8 号-10 号为做项目时间
11 号进行答辩(上台演讲)
分成五组进行(每组三人),总时间控制在 15-20 分钟之内。‘
答辩内容:
以项目拓扑图为基础,每个人准备一个知识点,进行讲解
加分项有哪些?
1.技术原理阐述精确、台风好。
2.PPT 制作精美,逻辑性强(美,是效率的敌人)
3.团队的配合、时间把控、服装、商务。
冠军奖励
第一次项目奖励:第一名的全体组员,在本周六下课后,可以一起吃晚饭。
| 组名 | 成员 1 | 成员 2 | 成员 3 |
|---|---|---|---|
| 有请下一组 | 王xx | 刘xx | 张xx |
| 交给上一组 | 赵x | 王xx | 曹xx |
| 不通就溜组 | 姚xx | 赵x | 郑xx |
| STP 之子组 | 吴x | 范x | 邱xx |
| 通就完了组 | 路xx | 吕x | 刘xx |
职业: 销售、 技术类:售前、售后、安服、产品经理、安全开发
售前: 配合销售与客户沟通(吹牛🍺)、POC 测试、PPT 讲解、写方案、客户发标、售前写标书
售后: 上架设备,调试设备、加策略,维保。
安服: 渗透测试(黑、白、灰)、漏洞扫描(系统漏扫、网站漏扫、主机漏扫)、安全审计/基线核查、网站监测、重保、HVV
产品经理: 前后场对接、产品的专家。
安全开发: 实现产品经理的需求。
标准的项目流程
1.甲方委托招标公司发布招标文件
2.销售购买招标文件
3.售前根据招标文件写投标文件
4.公平参与竞标(评审专家打分)
5.中标-甲方组织项目启动会
6.项目启动、技术人员入场
7.项目中:销售/项目经理定期汇报
8.项目结束,甲方验收通过,支付尾款
9.维保阶段(商务、售后)
实际的项目流程
1.销售跟甲方关系非常好,甲方说,我这边有笔预算。
2.销售根据预算金额,配合售前和甲方沟通。想办法塞进自己的产品
3.甲方同意后,技术和销售负责帮甲方写招标文件(有利的参数和控标项)
4.甲方审核后发标
5.销售购买招标文件(有的项目,不足三家参与会废标)
6.售前根据招标文件写投标文件(安排两家的兄弟公司进行围标)
7.公平参与竞标(评审专家打分)
8.项目中标-甲方组织项目启动会
9.项目启动、技术人员入场
10.项目中:销售/项目经理定期汇报
11.项目结束,甲方验收通过,支付尾款
12.维保阶段(商务、售后)
实验分解(一)
需求(1):实现 PC 自动获取 ip 地址
/image/image_ncgc4g6k_g.png)
SW1:
<Huawei>U T M
<Huawei>SY
[Huawei]SY sw1
[sw1]vlan batch 2 3 4 5 100
[sw1]INT g0/0/1
[sw1-GigabitEthernet0/0/1]port link-type access
[sw1-GigabitEthernet0/0/1]port default vlan 2
[sw1-GigabitEthernet0/0/1]q
[sw1]int g0/0/2
[sw1-GigabitEthernet0/0/2]port link-type access
[sw1-GigabitEthernet0/0/2]port default vlan 3
[sw1-GigabitEthernet0/0/2]q
[sw1]int g0/0/4
[sw1-GigabitEthernet0/0/4]port link-type trunk
[sw1-GigabitEthernet0/0/4]port trunk allow-pass vlan all
SW2:
<Huawei>u t m
<Huawei>sy
[Huawei]sy SW2
[SW2]vlan batch 2 3 4 5 100
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 2
[SW2-GigabitEthernet0/0/1]q
[SW2]int g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 4
[SW2-GigabitEthernet0/0/2]q
[SW2]int g0/0/4
[SW2-GigabitEthernet0/0/4]p t a v a
SW3:
<Huawei>u t m
<Huawei>sy
[Huawei]sy SW3
[SW3]vlan batch 2 3 4 5 100
[SW3]int g0/0/1
[SW3-GigabitEthernet0/0/1]p l a
[SW3-GigabitEthernet0/0/1]p d v 5
[SW3-GigabitEthernet0/0/1]q
[SW3]int g0/0/2
[SW3-GigabitEthernet0/0/2]p l a
[SW3-GigabitEthernet0/0/2]p d v 3
[SW3-GigabitEthernet0/0/2]q
[SW3]int g0/0/4
[SW3-GigabitEthernet0/0/4]p l t
[SW3-GigabitEthernet0/0/4]p t a v a
SW4:
<Huawei>u t m
<Huawei>sy
[Huawei]sy SW4
[SW4]vlan batch 2 3 4 5 100
[SW4]int g0/0/1
[SW4-GigabitEthernet0/0/1]port link-type access
[SW4-GigabitEthernet0/0/1]port default vlan 4
[SW4-GigabitEthernet0/0/1]q
[SW4]int g0/0/2
[SW4-GigabitEthernet0/0/2]port link-type access
[SW4-GigabitEthernet0/0/2]port default vlan 5
[SW4-GigabitEthernet0/0/2]q
[SW4]int g0/0/4
[SW4-GigabitEthernet0/0/4]port link-type trunk
[SW4-GigabitEthernet0/0/4]port trunk allow-pass vlan all
[SW4-GigabitEthernet0/0/4]q
[SW4]int g0/0/3
[SW4-GigabitEthernet0/0/3]port link-type trunk
[SW4-GigabitEthernet0/0/3]port trunk allow-pass vlan all
SW7:
<Huawei>u t m
<Huawei>sy
[Huawei]sy SW7
[SW7]vlan batch 2 3 4 5 100
[SW7]port-group group-member g0/0/1 to g0/0/4 g0/0/8
[SW7-port-group]port link-type trunk
[SW7-port-group]port trunk allow-pass vlan all
[SW7-port-group]q
[SW7]interface Vlanif 2
[SW7-Vlanif2]ip add 192.168.2.254 24
[SW7-Vlanif2]q
[SW7]int Vlanif 3
[SW7-Vlanif3]ip add 192.168.3.254 24
[SW7-Vlanif3]q
[SW7]int Vlanif 4
[SW7-Vlanif4]ip add 192.168.4.254 24
[SW7-Vlanif4]q
[SW7]int Vlanif 5
[SW7-Vlanif5]ip add 192.168.5.254 24
[SW7-Vlanif5]q
[SW7]int Vlanif 100
[SW7-Vlanif100]ip add 192.168.100.254 24
[SW7-Vlanif100]q
[SW7]dhcp enable
[SW7]int Vlanif 2
[SW7-Vlanif2]dhcp select relay
[SW7-Vlanif2]dhcp relay server-ip 192.168.100.1
[SW7-Vlanif2]q
[SW7]int Vlanif 3
[SW7-Vlanif3]dhcp select relay
[SW7-Vlanif3]dhcp relay server-ip 192.168.100.1
[SW7-Vlanif3]q
[SW7]interface Vlanif 4
[SW7-Vlanif4]dhcp select relay
[SW7-Vlanif4]dhcp relay server-ip 192.168.100.1
[SW7-Vlanif4]q
[SW7]int Vlanif 5
[SW7-Vlanif5]dhcp select relay
[SW7-Vlanif5]dhcp relay server-ip 192.168.100.1
[SW7-Vlanif5]q
[SW7]dis ip routing-table
SW10:
<Huawei>U T M
<Huawei>SY
[Huawei]SY sw10
[sw10]vlan batch 2 3 4 5 100
[sw10]int g0/0/1
[sw10-GigabitEthernet0/0/1]port link-type access
[sw10-GigabitEthernet0/0/1]port default vlan 100
[sw10-GigabitEthernet0/0/1]q
[sw10]port-group group-member g0/0/2 g0/0/3
[sw10-port-group]port link-type trunk
[sw10-port-group]po t a v a
DHCP服务器:
<Huawei>u t m
<Huawei>sy
[Huawei]sy DHCP
[DHCP]int g0/0/0
[DHCP-GigabitEthernet0/0/0]ip add 192.168.100.1 24
[DHCP-GigabitEthernet0/0/0]q
[DHCP]dhcp enable
[DHCP]ip pool vlan2
[DHCP-ip-pool-vlan2]network 192.168.2.0 mask 24
[DHCP-ip-pool-vlan2]gateway-list 192.168.2.254
[DHCP-ip-pool-vlan2]dns-list 6.6.6.6
[DHCP-ip-pool-vlan2]q
[DHCP]ip pool vlan3
[DHCP-ip-pool-vlan3]network 192.168.3.0 mask 24
[DHCP-ip-pool-vlan3]gateway-list 192.168.3.254
[DHCP-ip-pool-vlan3]dns-list 4.4.4.4
[DHCP-ip-pool-vlan3]q
[DHCP]ip pool vlan4
[DHCP-ip-pool-vlan4]network 192.168.4.0 mask 24
[DHCP-ip-pool-vlan4]gateway-list 192.168.4.254
[DHCP-ip-pool-vlan4]dns-list 1.1.1.1
[DHCP-ip-pool-vlan4]q
[DHCP]ip pool vlan5
[DHCP-ip-pool-vlan5]network 192.168.5.0 mask 24
[DHCP-ip-pool-vlan5]gateway-list 192.168.5.254
[DHCP-ip-pool-vlan5]dns-list 2.2.2.2
[DHCP-ip-pool-vlan5]q
[DHCP]int g0/0/0
[DHCP-GigabitEthernet0/0/0]dhcp select global
[DHCP-GigabitEthernet0/0/0]q
[DHCP]dis ip routing-table
[DHCP]ip route-static 0.0.0.0 0 192.168.100.254
实验分解(二)
实现 PC 访问 WEB 服务器
/image/image_tporyhoumi.png)
重点命令
SW11:
vlanif 2 3 4 5 ,ip 地址 192.168.x.251/24
VLANIF 200:192.168.200.254/24(写直连路由)
SW7:
VLANIF200:192.168.200.253/24(写直连路由)
全部命令
SW11:
<Huawei>UN T M
<Huawei>SY
[Huawei]SY sw11
[sw11]vlan batch 2 3 4 5 100 200
[sw11]int g0/0/1
[sw11-GigabitEthernet0/0/1]port link-type access
[sw11-GigabitEthernet0/0/1]port default vlan 200
[sw11-GigabitEthernet0/0/1]q
[sw11]port-group group-member g0/0/2 to g0/0/6
[sw11-port-group]port link-type trunk
[sw11-port-group]port trunk allow-pass vlan all
[sw11-port-group]q
[sw11]int Vlanif 200 配置 WEB服务器网关地址
[sw11-Vlanif200]ip add 192.168.200.254 24
[sw11-Vlanif200]q
[sw11]dis ip routing-table
[sw11]int Vlanif 2 配置 PC 访问服务器的 回程路由
[sw11-Vlanif2]ip add 192.168.2.251 24
[sw11-Vlanif2]q
[sw11]int Vlanif 3配置 PC 访问服务器的 回程路由
[sw11-Vlanif3]ip add 192.168.3.251 24
[sw11-Vlanif3]q
[sw11]int Vlanif 4配置 PC 访问服务器的 回程路由
[sw11-Vlanif4]ip add 192.168.4.251 24
[sw11-Vlanif4]q
[sw11]int Vlanif 5配置 PC 访问服务器的 回程路由
[sw11-Vlanif5]ip add 192.168.5.251 24
[sw11-Vlanif5]q
SW7:
[SW7]int g0/0/6
[SW7-GigabitEthernet0/0/6]port link-type trunk
[SW7-GigabitEthernet0/0/6]port trunk allow-pass vlan all
[SW7-GigabitEthernet0/0/6]q
[SW7]q
[SW7] dis ip routing-table
[SW7]interface Vlanif 200 配置 PC 访问服务器的 去程路由
[SW7-Vlanif200]ip add 192.168.200.253 24
[SW7-Vlanif200]q
[SW7]dis ip routing-table
SW1:
sw1]vlan 200
[sw1-vlan200]q
[sw1]int g0/0/3
[sw1-GigabitEthernet0/0/3]port link-type trunk
[sw1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
SW2:
[SW2]vlan 200
[SW2-vlan200]q
[SW2]int g0/0/3
[SW2-GigabitEthernet0/0/3]port link-type trunk
[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan
[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
SW3:
[SW3]vlan 200
[SW3-vlan200]q
[SW3]int g0/0/3
[SW3-GigabitEthernet0/0/3]port link-type trunk
[SW3-GigabitEthernet0/0/3]port trunk allow-pass vlan all
SW4:
SW4]vlan 200
[SW4-vlan200]q
[SW4]int g0/0/5
[SW4-GigabitEthernet0/0/5]port link-type trunk
[SW4-GigabitEthernet0/0/5]port trunk allow-pass vlan all
实验分解(三)
使用 VRRP 实现三层负载均衡
1.VLAN2、3 的主网关在 SW11 上,备份网关在 SW7 上
2.VLAN4、5 的主网关设置在 SW7 上,备份网关设置在 SW11 上
3.VLANIF的 2、3、4、5 的物理 ip 地址修改为 X.251\x.252
4.网关的虚拟 ip 地址是 X .254
5.DHCP 记得排除配置在接口上的 ip 地址(250-253 排除)
6.释放 ip 地址的命令 (PC)
ipconfig /release 释放IP地址参数
ipconfig /renew 重新获取地址参数
7.重置地址池的命令(DHCP 服务器)
reset ip pool name wangduan1 all //重置 dhcp 已经分配出去的地址
/image/image_mpldt19fdz.png)
防止 DHCP 地址冲突,先在地址池里做地址排除
[DHCP]ip pool vlan2
[DHCP-ip-pool-vlan2]excluded-ip-address 192.168.2.250 192.168.2.253
Warning:Some of addresses not be excluded are not idle,or not in the pool.(如果排除不了,需要先重置地址池)
[DHCP-ip-pool-vlan2]q
[DHCP]q
<DHCP>reset ip pool name vlan2 all // 重启地址池 , 将释放出去的地址收回
Warning: If the IP addresses that are being used are reclaimed, may influence no
rmal user in the network. Are you sure to continue?[Y/N]:y
[DHCP]ip pool vlan3
[DHCP-ip-pool-vlan3]excluded-ip-address 192.168.3.250 192.168.3.253
[DHCP-ip-pool-vlan3]q
[DHCP]ip pool vlan4
[DHCP-ip-pool-vlan4]excluded-ip-address 192.168.4.250 192.168.4.253
[DHCP-ip-pool-vlan4]q
[DHCP]ip pool vlan5
[DHCP-ip-pool-vlan5]excluded-ip-address 192.168.5.250 192.168.5.253
SW11:
#
interface Vlanif2
ip address 192.168.2.251 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
vrrp vrid 2 priority 200
#
interface Vlanif3
ip address 192.168.3.251 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.254
vrrp vrid 3 priority 200
#
interface Vlanif4
ip address 192.168.4.251 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.254
#
interface Vlanif5
ip address 192.168.5.251 255.255.255.0
vrrp vrid 5 virtual-ip 192.168.5.254
#
SW7 配置:
#
interface Vlanif2
ip address 192.168.2.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.254
dhcp select relay
dhcp relay server-ip 192.168.100.1
#
interface Vlanif3
ip address 192.168.3.252 255.255.255.0
vrrp vrid 3 virtual-ip 192.168.3.254
dhcp select relay
dhcp relay server-ip 192.168.100.1
#
interface Vlanif4
ip address 192.168.4.252 255.255.255.0
vrrp vrid 4 virtual-ip 192.168.4.254
vrrp vrid 4 priority 200
dhcp select relay
dhcp relay server-ip 192.168.100.1
#
interface Vlanif5
ip address 192.168.5.252 255.255.255.0
vrrp vrid 5 virtual-ip 192.168.5.254
vrrp vrid 5 priority 200
dhcp select relay
dhcp relay server-ip 192.168.100.1
在 SW11上的vlan2、vlan 3,没有去往DHCP 服务器的路由,所以添加直连路由。
另外,记得在两边的网关上都配置 dhcp 中继,防止 master down 掉后,back 网关无法充当中继请求 dhcp 地址。
[sw11]int Vlanif 100
[sw11-Vlanif100]ip add 192.168.100.253 24
[sw11-Vlanif100]q
[sw11]dhcp enable
[sw11]interface Vlanif 2
[sw11-Vlanif2]dhcp select relay
[sw11-Vlanif2]dhcp relay server-ip 192.168.100.1
[sw11-Vlanif2]q
[sw11]int Vlanif 3
[sw11-Vlanif3]dhcp select relay
[sw11-Vlanif3]dhcp relay server-ip 192.168.100.1
[sw11-Vlanif3]q
[sw11]int Vlanif 4
[sw11-Vlanif4]dhcp select relay
[sw11-Vlanif4]dhcp relay server-ip 192.168.100.1
[sw11-Vlanif4]q
[sw11]int Vlanif 5
[sw11-Vlanif5]dhcp select relay
[sw11-Vlanif5]dhcp relay server-ip 192.168.100.1
[sw11-Vlanif5]q
作业
1.三个分解实验掰开了揉碎了,咽肚子里。要求完全理解
2.准备一个自我介绍的 PPT(要放照片),明天晚上每人上台做一下自我介绍( 2 分钟)
3.头脑风暴:组长组织组员进行项目答辩思路碰撞(如何做的更 cool?)