Répartition des binômes
Plan d'adressage
Groupe |
Domaine |
Distribution |
VLAN privé |
IP (VLAN333) |
Netmask (VLAN333) |
Gateway (VLAN333) |
Gateway 6509-E (VLAN333) |
Gateway 9200 (VLAN333) |
IP (publique)
|
Groupe 14
|
oronge.site
|
Debian 10 Buster
|
314
|
100.64.0.16
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.176
|
Groupe 12
|
|
|
312
|
100.64.0.17
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.177
|
Groupe 11
|
|
|
311
|
100.64.0.18
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.178
|
Groupe 10
|
|
|
310
|
100.64.0.19
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.179
|
Groupe 9
|
|
|
309
|
100.64.0.20
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.180
|
Groupe 8
|
|
|
308
|
100.64.0.21
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.181
|
Groupe 7
|
|
|
307
|
100.64.0.22
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.182
|
Groupe 6
|
|
|
306
|
100.64.0.23
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.183
|
Groupe 5
|
amanite.site
|
Debian 10 Buster
|
305
|
100.64.0.24
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.184
|
Groupe 4
|
|
|
304
|
100.64.0.25
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.185
|
Groupe 3
|
clavaire.site
|
Debian 10 Buster
|
303
|
100.64.0.26
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.186
|
Groupe 2
|
|
|
302
|
100.64.0.27
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.187
|
Groupe 1
|
trompettedelamort.site
|
Debian 10 Buster
|
301
|
100.64.0.28
|
255.255.255.0
|
100.64.0.254
|
100.64.0.1
|
100.64.0.2
|
193.48.57.188
|
Groupe |
Domaine |
VLAN |
IPV4 |
IPV4 6509-E |
IPV4 C9200 |
IPV4 Routeur |
IPV6
|
|
|
1
|
10.60.100.0/24
|
10.60.100.1
|
10.60.100.2
|
10.60.100.254
|
2001:660:4401:60b0::0/64
|
|
|
131
|
192.168.222.8/29
|
192.168.222.12
|
192.168.222.13
|
192.168.222.
|
2001:660:4401:60b1::0/64
|
|
|
333
|
100.64.0.0/24
|
100.64.0.1
|
100.64.0.2
|
100.64.0.3
|
2001:660:4401:60b2::0/64
|
Groupe 1
|
trompettedelamort.site
|
301
|
10.60.101.0/24
|
10.60.101.1
|
10.60.101.2
|
10.60.101.254
|
2001:660:4401:60b3::0/64
|
Groupe 2
|
|
302
|
10.60.102.0/24
|
10.60.102.1
|
10.60.102.2
|
10.60.102.254
|
2001:660:4401:60b4::0/64
|
Groupe 3
|
|
303
|
10.60.103.0/24
|
10.60.103.1
|
10.60.103.2
|
10.60.103.254
|
2001:660:4401:60b5::0/64
|
Groupe 4
|
|
304
|
10.60.104.0/24
|
10.60.104.1
|
10.60.104.2
|
10.60.104.254
|
2001:660:4401:60b6::0/64
|
Groupe 5
|
|
305
|
10.60.105.0/24
|
10.60.105.1
|
10.60.105.2
|
10.60.105.254
|
2001:660:4401:60b7::0/64
|
Groupe 6
|
|
306
|
10.60.106.0/24
|
10.60.106.1
|
10.60.106.2
|
10.60.106.254
|
2001:660:4401:60b8::0/64
|
Groupe 7
|
|
307
|
10.60.107.0/24
|
10.60.107.1
|
10.60.107.2
|
10.60.107.254
|
2001:660:4401:60b9::0/64
|
Groupe 8
|
|
308
|
10.60.108.0/24
|
10.60.108.1
|
10.60.108.2
|
10.60.108.254
|
2001:660:4401:60ba::0/64
|
Groupe 9
|
|
309
|
10.60.109.0/24
|
10.60.109.1
|
10.60.109.2
|
10.60.109.254
|
2001:660:4401:60bb::0/64
|
Groupe 10
|
|
310
|
10.60.110.0/24
|
10.60.110.1
|
10.60.110.2
|
10.60.110.254
|
2001:660:4401:60bc::0/64
|
Groupe 11
|
|
311
|
10.60.111.0/24
|
10.60.111.1
|
10.60.111.2
|
10.60.111.254
|
2001:660:4401:60bd::0/64
|
Groupe 12
|
|
312
|
10.60.112.0/24
|
10.60.112.1
|
10.60.112.2
|
10.60.112.254
|
2001:660:4401:60be::0/64
|
Groupe 14
|
oronge.site
|
314
|
10.60.114.0/24
|
10.60.114.1
|
10.60.114.2
|
10.60.114.254
|
2001:660:4401:60bf::0/64
|
Installation du réseau
Branchement du matériel
Connexions entre équipements
|
Type |
Port
|
6509-E
|
Fibre 10G
|
Te5/4
|
9200
|
Fibre 10G
|
Te1/1/1
|
|
Type |
Port
|
6509-E
|
Fibre 10G
|
Te6/5
|
ISR 4331
|
Fibre 10G
|
AAA
|
|
Type |
Port |
VLAN |
IP
|
6509-E
|
Fibre 10G
|
Te5/5
|
333
|
100.64.0.1/24
|
CAPBRETON
|
Fibre 10G
|
Eth5
|
N/A
|
N/A
|
|
Type |
Port |
VLAN |
IP
|
6509-E
|
Fibre 10G
|
Te6/4
|
131
|
192.168.222.12/29
|
ECOLE
|
Fibre 10G
|
N/A
|
N/A
|
N/A
|
|
Type |
Port |
VLAN |
IP
|
9200
|
Fibre 1G
|
Te1/1/3
|
333
|
100.64.0.2/24
|
CAPBRETON
|
Cuivre
|
Eth4
|
N/A
|
N/A
|
|
Type |
Port
|
9200
|
Cuivre
|
Te5/4
|
ISR 4331
|
Cuivre
|
AAA
|
|
Type |
Port |
VLAN |
IP
|
9200
|
Fibre 10G
|
Gi1/0/1
|
131
|
192.168.222.13/29
|
ECOLE
|
Fibre 10G
|
N/A
|
N/A
|
N/A
|
|
Type |
Port |
VLAN |
IP
|
ISR 4331
|
Cuivre
|
Gi1/0/2
|
XXX
|
YYY.YYY.YYY.YYY
|
SDSL
|
Cuivre
|
N/A
|
N/A
|
N/A
|
Paramétrage de l'OSPF
6509-E
router ospf 1 # un numéro de processus
router-id 10.60.0.1 # un id pour le routeur (plus petite adresse disponible)
log-adjacency-changes
summary-address 193.48.57.176 255.255.255.240 # adresse que l'on souhaite diffuser aux voisins (addresse du VLAN 333)
summary-address 100.64.0.0 255.240.0.0 not-advertise # address q'on veut pas diffuser (celle du reseau privé)
summary-address 10.0.0.0 255.0.0.0 not-advertise # address q'on veut pas diffuser (?)
redistribute connected subnets # autorise la diffusion pour les nouveaux réseaux qui peuvent être connectés
redistribute static subnets route-map ospf
network 192.168.222.8 0.0.0.7 area 2 # domaine de diffusion OSPF
9200
router ospf 1
router-id 10.60.0.2 # on change simplement l'id du routeur par rapport au 6509-E
log-adjacency-changes
summary-address 193.48.57.176 255.255.255.240
summary-address 100.64.0.0 255.240.0.0 not-advertise
summary-address 10.0.0.0 255.0.0.0 not-advertise
redistribute connected subnets
redistribute static subnets route-map ospf
network 192.168.222.8 0.0.0.7 area 2
Paramétrage NAT
L'objectif du NAT est de faire la translation ip_privee<->ip_publique entre les VM et l'extérieur
6509-E
[A COMPLETER]
enable
configure terminal
ip nat inside source static local-ip global-ip
interface type number
ip address ip-address mask [secondary]
ip nat inside
exit
interface type number
ip address ip-address mask [secondary]
ip nat outside
end
9200