Tarmoq xavfsizligi

Download 15,05 Mb.

bet	95/130
Sana	14.02.2022
Hajmi	15,05 Mb.
	#448463

1 ... 91 92 93 94 95 96 97 98 ... 130

Bog'liq
Tarmoq xavfsizligi Uslubiy ko\'rsatma 2021-2022

Ishni bajarish tartibi

Cisco packet tracer dasturi ishga tushiriladi.
Laboratoriya ishi uchun bizga 2911 versiyadagi router, 2960 switch va kompyuterlar kerak bo’ladi.
Quyida keltirilgan topologiya quriladi.
Qurilgan topologiya testlab ko`riladi.

19.1-rasm. Tadqiq etilayotgan tarmoq topologiyasi SWITCH ga kiritiladigan komandalar.
Switch>en
Switch#conf t
Switch(config)#interface range fastEthernet 0/1-4 Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#ex
Switch(config)#interface range fastEthernet 0/5-8
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#ex
Switch(config)#interface fastEthernet 0/9
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan 10 Switch(config-if)#do wr
ROUTER ga kiritiladigan komandalar.
Router>en
Router#conf t
Router(config)#interface gigabitEthernet 0/0
Router(config-if)#no shutdown
Router(config-if)#ex
Router(config)#interface gigabitEthernet 0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#ex
Router(config)#interface gigabitEthernet 0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
Router(config-subif)#ex
Router(config)#ip dhcp pool t1
Router(dhcp-config)#network 192.168.10.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.10.1
Router(dhcp-config)#ex
Router(config)#ip dhcp pool t2
Router(dhcp-config)#network 192.168.20.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.20.1
Router(dhcp-config)#do wr
Qurilgan topologiyani sozlashda xatolikka yo’l qo’yilgan. Ushbu xatolik qayerda sodir bo’lganligini toppish uchun har bir vlandagi bitta hostga static IP address va qolgan hostlarga dinamik IP address berib chiqish kerak.

19.2-rasm. Vlan 10 va Vlan 20 dagi hostlarga static IP address berish

19.3-rasm. Vlan 10 dagi hostlar dinamik IP addresslarni sozlash

19.4-rasm. Vlan 10 dagi hostlar dinamik IP address berish
Yuqoridagi rasmlardan ko’rish mumkinki, Vlan 10 dagi hostlar ip address olgan lekin vlan 20 dagi hostlar ip address olmagan. Demak, vlan 20 nima uchun ip address olmaganligini aniqlab ushbu xatolikni bartaraf etishimiz kerak.
Komutator va marshrutizator qurilmalarida muammolarni aniqlash uchun quyidagi buyruqlardan foydalaniladi:
– Komutator uchun:
Show vlan – vlanlarni ko’rish
Show vlan brief- Show interface trunk-
Show ip arp-
Show mac-address-table-
Show ip interface brief show interface fastEthernet 0/1… – Marshrutizator uchun:
Show ip arp- Show dhcp lease- Show ip dhcp pool- Show ip dhcp binding-…

19.5-rasm. Show vlan
19.5-rasmdan Vlanlarda muammo yo’qligini ko’rish mumkin.

19.6-rasm. Show interface trunk
19.6-rasmdan muammo interfaceda ekanligini ko’rish mumkin. Vlanlarni trunk portlarga biriktirishda vlan 20 biriktirilmasdan qolib ketgan shuning uchun vlan 20 dagi hostlarda dhcp xizmati ishlamagan. Topilgan muammo quyidagicha bartaraf etiladi:
Switch#
Switch#conf t
Switch(config)#interface fastEthernet 0/9
Switch(config-if)#switchport trunk allowed vlan add 20 Switch(config-if)#
Muammo bartaraf etilganligini testlab ko’rish kerak(17.7-rasm)

19.7-rasm Testlash natijalari

Download 15,05 Mb.

Do'stlaringiz bilan baham:

1 ... 91 92 93 94 95 96 97 98 ... 130