计算机类教材 > 网络技术及计算机安全
计算机网络工程实践
书号:9787113270759 套系名称:高等学校“十三五”规划教材
作者:桂学勤 钟良骥 徐斌 胡文杰 出版日期:2020-09-01
定价:54.00 页码 / 开本:316 /16
策划编辑:徐海英 责任编辑:王春霞 彭立辉
适用专业:计算机教材 适用层次:高职高专
最新印刷时间:2022-07-08
资源下载
教学课件
教学素材(暂无)
习题答案(暂无)
教学案例(暂无)
教学设计(暂无)
教学视频(暂无)
内容简介
前言
目录
作者介绍
图书特色
本书全面介绍了网络工程相关技术,共分为9 章:第1 章介绍了计算机网络互联基础 知识,是本书的引导章节,主要包括网络体系结构、IP 地址、路由技术、VLAN 技术、ACL 技术和NAT 技术等;第2 章至第8 章讲解了网络互联高级技术,主要包括局域网高级技术、 城域网与广域网技术、内部路由协议、外部路由协议、路由控制技术、出口选路控制技术、 网络可靠性技术等;第9 章为防火墙技术,简要介绍了防火墙发展历史,并结合华为USG 防火墙,介绍防火墙知识和基本配置方法。 本书内容丰富,既有理论深度,又有实用价值,适合作为高等学校网络工程专业的教 材,也可作为计算机网络爱好者的自学参考用书。
目前,大多数计算机网络应用实践类教材,主要针对学习计算机网络的初学 者,用于理论结合实践学习掌握计算机网络的基本技术,主要包括IP 地址的配 置方法、VLAN 配置方法、生成树配置方法,以及计算机网络路由基本技术及 其配置方法;一般介绍RIP 和OSPF 协议的简单配置方法,网络地址转换NAT 技术及其配置方法;学习小型网络通过NAT配置上网,以及基本的VLAN技术 和路由技术。 对于大学网络工程专业的学生和爱好网络工程与系统集成的人员来说,还需 要进一步学习网络高级技术。为此,我们组织了专门的教师队伍,对网络工程高 级技术进行理论和实践应用研究,并撰写了这本《计算机网络工程实践》教材, 力图较为系统地介绍网络工程高级技术及其实际应用方法。 本书全面介绍了网络工程的相关技术,共分为9 章:第1 章介绍计算机网络 互联基础知识,在简要介绍网络体系结构、IP 地址、路由技术、VLAN 与三层 交换技术、ACL 技术和NAT技术的基础上,对各项网络互联基本技术通过具体 项目进行了实现;第2~8 章介绍网络互联高级技术,包括局域网高级技术、城 域网和广域网技术、内部路由协议、外部路由协议、路由控制技术、出口选路控 制技术、网络可靠性技术,在讲述网络互联高级技术的同时,对各项网络互联高 级技术通过具体项目进行了实现;第9 章介绍防火墙技术,简要介绍了防火墙的 发展历史,并结合华为路由器防火墙、USG 防火墙,介绍防火墙知识和基本配 置方法,并进行了防火墙示例配置演示。 为便于读者学习网络工程高级技术及培养实践动手能力,针对教材中涉及的 各项网络互联技术,本书配备了操作视频,读者可通过扫描二维码进行观看,具 有很强的学习指导作用。 本书由桂学勤、钟良骥、徐斌、胡文杰编著,其中:钟良骥编写了第1章, 桂学勤编写了第2~7 章,胡文杰编写了第8 章,徐斌编写了第9 章。 本书涉及的技术文档主要参考了华为技术有限公司网站产品技术文档,包括 《Huawei AR150&AR160&AR200&AR1200&AR2200&AR3200 产品文档》 《S2750,S5700,S6700 系列以太网交换机产品文档》《Secoway USG2000& USG5000统一安全网关产品文档》等。 由于时间仓促,编者水平有限,书中疏漏与不妥之处在所难免,诚望读者 批评指正。希望本书的出版能够为更多对计算机网络感兴趣的读者提供一定的 帮助。 编 者 2020 年2 月22日
第1章 计算机网络互联基础····················1 1.1 计算机网络基础··································1 1.1.1 网络基础知识·······························1 1.1.2 网络体系结构·······························4 1.1.3 网络传输设备·······························8 1.2 IP 地址基础知识································12 1.2.1 IP 地址技术的发展阶段·············12 1.2.2 私有IP地址································13 1.2.3 特殊IP地址································14 1.2.4 动态分配IP地址技术················14 1.3 网络路由技术····································14 1.3.1 路由协议分类·····························14 1.3.2 常用的动态路由协议·················15 1.3.3 路由协议选择·····························18 1.3.4 路由配置实验·····························19 1.4 局域网技术········································21 1.4.1 生成树协议·································21 1.4.2 VLAN 技术·································27 1.5 ACL技术···········································31 1.5.1 ACL 的基本原理························32 1.5.2 ACL 的匹配顺序························32 1.5.3 ACL 分类····································33 1.5.4 ACL 规则支持的可选参数········34 1.5.5 ACL 应用····································35 1.5.6 ACL 规则配置使用方法············35 1.5.7 ACL 报文过滤配置实验············37 1.6 NAT 技术············································39 1.6.1 NAT 技术概述·····························39 1.6.2 NAT 的实现方式·························39 1.6.3 NAT 配置方法·····························41 1.6.4 NAT 配置实验·····························42 小结····························································· 45 习题····························································· 45 第2章 局域网高级技术··························47 2.1 高级VLAN 技术······························· 47 2.1.1 VLAN-Aggregate························ 47 2.1.2 MUX-VLAN ······························· 51 2.1.3 QinQ 技术··································· 54 2.1.4 高级VLAN 技术综合实验········· 58 2.2 MSTP 技术········································· 63 2.2.1 STP技术发展概述····················· 63 2.2.2 MSTP 的基本概念····················· 65 2.2.3 MSTP 配置································· 66 2.2.4 MSTP 配置实验························· 68 2.3 链路聚合Eth-Trunk ·························· 70 2.3.1 基本概念····································· 70 2.3.2 链路聚合模式····························· 71 2.3.3 链路聚合负载分担方式············· 72 2.3.4 链路聚合默认配置····················· 72 2.3.5 链路聚合配置····························· 73 2.3.6 链路聚合配置实验····················· 74 2.4 端口安全············································ 76 2.4.1 端口学习安全MAC地址的 方式············································· 76 2.4.2 配置端口安全····························· 76 2.4.3 端口安全配置实验····················· 77 小结····························································· 78 习题····························································· 78 第3章 城域网与广域网技术··················81 3.1 城域网技术········································ 81 3.1.1 万兆以太网技术························· 81 计算机网络工程实践 II 3.1.2 光以太网RPR技术····················81 3.1.3 POS 技术·····································82 3.1.4 MSTP 技术··································82 3.2 接入网技术········································82 3.2.1 电话线接入·································82 3.2.2 双绞线接入·································85 3.2.3 混合光纤同轴电缆接入·············85 3.2.4 光纤接入·····································87 3.3.5 无线接入·····································89 3.3 广域网技术········································89 3.3.1 广域网分类·································89 3.3.2 PDH 技术····································90 3.3.3 SDH 技术····································90 3.3.4 WDM 技术··································91 3.4 X.25 网络···········································92 3.4.1 X.25 网络结构····························92 3.4.2 X.25 网络设备与接口················92 3.4.3 X.25 骨干网络组成····················93 3.4.4 X.25 网络接入····························94 3.5 DDN网络···········································94 3.5.1 DDN 网络结构····························94 3.5.2 DDN 节点机································95 3.5.3 DDN 接入设备····························96 3.5.4 DDN 接口····································96 3.5.5 节点机之间的互联方式·············96 3.5.6 DDN 用户接入方式····················97 3.6 帧中继网络········································98 3.6.1 帧中继网络结构·························98 3.6.2 帧中继设备·································98 3.6.3 帧中继组网·································99 3.7 ATM网络···········································99 3.7.1 ATM 网络现状····························99 3.7.2 ATM 网络支持业务类型··········100 3.7.3 ATM 协议参考模型··················100 3.7.4 ATM 物理层······························101 3.7.5 ATM 交换机产品······················102 3.7.6 华为ATM交换机·····················102 3.7.7 ATM 交换机组网······················103 3.8 SDH网络·········································104 3.8.1 SDH 网络工作原理··················104 3.8.2 SDH 传输网络接口··················105 3.8.3 华为SDH设备························· 105 3.8.4 SDH 设备组网·························· 106 3.9 WDM 网络······································· 106 3.9.1 WDM 网络概述························ 106 3.9.2 WDM 网络接口························ 107 3.9.3 华为WDM 设备······················· 108 3.10 网络互联接口································ 109 3.11 各类网络在TCP/IP协议 体系中的对应关系························ 113 3.12 各类网络互联配置实验················ 114 3.12.1 X.25 配置································ 115 3.12.2 帧中继配置····························· 117 3.12.3 G.SHDSL 接口ATM配置····· 120 3.12.4 POS 接口PPP认证配置········ 123 3.12.5 以太网接口配置····················· 125 小结··························································· 126 习题··························································· 126 第4章 内部路由协议···························128 4.1 路由相关知识·································· 128 4.1.1 静态路由与动态路由··············· 128 4.1.2 动态路由的分类······················· 129 4.1.3 路由表和转发表······················· 129 4.1.4 路由迭代··································· 131 4.1.5 路由协议的优先级··················· 131 4.1.6 路由度量值······························· 132 4.1.7 负载分担与路由备份··············· 132 4.2 静态路由·········································· 133 4.2.1 静态路由配置··························· 133 4.2.2 默认路由配置··························· 133 4.2.2 静态路由与故障检测类协议 联动配置··································· 134 4.3 RIP协议··········································· 135 4.3.1 RIP协议版本问题···················· 135 4.3.2 RIP协议自动汇总规则············ 135 4.3.3 RIP工作过程及计时器············ 136 4.3.4 RIP协议存在的问题和解决 办法··········································· 137 4.3.4 RIP协议配置方法···················· 140 4.3.5 RIP协议配置实验···················· 141 4.4 OSPF路由协议······························· 144 目录 III 4.4.1 内部路由协议的基本概念·······144 4.4.2 OSPF 路由协议基础·················146 4.4.3 OSPF 路由基本原理·················153 4.4.4 OSPF 协议配置方法·················156 4.4.5 OPSF 协议配置实验·················159 4.5 ISIS 路由技术··································164 4.5.1 ISIS 路由基础···························164 4.5.2 ISIS 地址结构···························168 4.5.3 ISIS 工作原理···························169 4.5.4 ISIS 配置···································172 4.5.5 ISIS 配置实验···························175 小结···························································178 习题···························································178 第5章 外部路由协议···························180 5.1 BGP协议基础··································180 5.1.1 自治系统···································180 5.1.2 BGP 分类···································181 5.1.3 BGP 报文交互中设备角色······181 5.1.4 BGP 的路由器ID ·····················182 5.1.5 BGP 的报文类型·······················182 5.1.6 BGP 属性分类及常用属性······182 5.2 BGP工作原理··································186 5.2.1 BGP 对等体交互过程···············186 5.2.2 BGP 路由选优原则···················188 5.2.3 BGP 对等体交互原则···············188 5.2.4 BGP 对等体交互环路避免······189 5.2.5 BGP 同步与路由黑洞···············189 5.2.6 BGP 路由衰减···························190 5.3 BGP路由反射器······························190 5.3.1 路由反射器相关角色···············191 5.3.2 路由反射器原理·······················191 5.3.3 备份路由反射器·······················192 5.3.4 多集群路由反射器···················192 5.4 BGP联盟··········································193 5.5 BGP路由配置··································195 5.5.1 BGP 基本功能配置···················195 5.5.2 BGP 路由选路配置···················196 5.5.3 BGP 反射器配置·······················198 5.5.4 BGP 联盟配置···························199 5.6 BGP路由配置实验··························199 小结··························································· 206 习题··························································· 206 第6章 路由控制技术···························208 6.1 路由标识工具·································· 208 6.2 路由策略·········································· 211 6.2.1 路由策略基本原理··················· 212 6.2.2 配置路由策略··························· 212 6.2.3 应用路由策略··························· 214 6.3 路由引入·········································· 214 6.3.1 RIP引入外部路由···················· 215 6.3.2 OSPF 引入外部路由················ 215 6.3.3 ISIS 引入外部路由··················· 216 6.3.4 BGP 引入其他协议路由·········· 216 6.4 路由过滤·········································· 217 6.4.1 RIP协议路由过滤···················· 217 6.4.2 OSPF 协议路由过滤················ 218 6.4.3 ISIS 协议路由过滤··················· 218 6.4.4 BGP 协议路由过滤·················· 218 6.5 路由聚合·········································· 219 6.5.1 RIP-2路由聚合配置················ 220 6.5.2 OSPF 路由聚合························ 220 6.5.3 ISIS 路由聚合··························· 221 6.5.4 BGP 路由聚合·························· 221 6.6 路由控制实验·································· 222 小结··························································· 228 习题··························································· 228 第7章 出口选路控制技术····················230 7.1 就近选路方式·································· 230 7.2 透明代理DNS选路························ 231 7.3 策略路由概述·································· 231 7.3.1 策略路由优点··························· 231 7.3.2 策略路由分类··························· 232 7.3.3 策略路由相关技术··················· 232 7.4 本地策略路由·································· 233 7.4.1 本地策略路由应用场景··········· 234 7.4.2 本地策略路由转发接口选择 顺序··········································· 234 7.4.3 本地策略路由配置方法··········· 234 7.5 接口策略路由·································· 235 计算机网络工程实践 IV 7.5.1 应用场景···································235 7.5.2 接口策略路由分类···················236 7.5.3 配置接口策略路由···················236 7.6 智能策略路由··································238 7.6.1 业务区分···································238 7.6.2 链路质量···································238 7.6.3 探测链路和链路组···················239 7.6.4 业务选路···································239 7.6.5 相关路由参数···························240 7.6.6 智能策略路由应用场景···········240 7.6.7 智能策略路由配置···················240 7.7 选路控制实验··································241 小结···························································245 习题···························································246 第8章 网络可靠性技术························248 8.1 BFD原理与应用场景······················248 8.1.1 BFD 原理···································249 8.1.2 BFD 应用场景···························250 8.2 BFD链路检测与联动······················251 8.2.1 BFD 链路检测···························251 8.2.2 BFD 联动···································252 8.2.3 BFD 多跳检测与联动配置 实验···········································253 8.3 VRRP 基本概念·······························256 8.4 VRRP 协议工作原理·······················257 8.4.1 VRRP 协议报文························257 8.4.2 VRRP 状态机····························257 8.4.3 VRRP 工作过程························258 8.5 VRRP 主备备份和负载分担···········259 8.5.1 VRRP 主备备份方式················259 8.5.2 VRRP 负载分担方式················260 8.6 VRRP 链路监控与快速切换···········260 8.6.1 VRRP 设备直连上行链路 联动监控···································261 8.6.2 VRRP 设备非直连上行链路 联动监控···································261 8.6.3 VRRP 备份组之间链路联动 监控···········································262 8.7 VRRP 配置······································· 263 8.7.1 配置VRRP的基本功能·········· 263 8.7.2 配置VRRP的监控联动 功能··········································· 263 8.8 VRRP 配置实验······························ 264 小结··························································· 269 习题··························································· 269 第9章 防火墙技术·······························271 9.1 防火墙概述······································ 271 9.2 华为防火墙······································ 274 9.3 防火墙技术基础······························ 275 9.3.1 安全区域··································· 275 9.3.2 防火墙工作模式······················· 277 9.3.3 包过滤与状态检测··················· 278 9.3.4 安全策略··································· 280 9.3.5 黑名单与白名单······················· 285 9.3.6 ASPF 技术································ 285 9.4 防火墙高级安全功能······················ 286 9.4.1 防火墙攻击防范······················· 286 9.4.2 防火墙NAT功能····················· 287 9.4.3 防火墙VPN功能····················· 287 9.5 防火墙配置方法······························ 288 9.5.1 AR路由器的包过滤配置········ 289 9.5.2 USG 5000 UTM 安全策略 配置··········································· 291 9.5.3 USG 6000 NGFW 安全策略 配置··········································· 295 9.6 防火墙配置实验······························ 297 9.6.1 AR路由器防火墙包过滤 实验··········································· 298 9.6.2 USG 5000 防火墙融合UTM 安全策略实验··························· 301 9.6.3 USG 6000 NGFW 防火墙 一体化安全策略实验··············· 303 小结··························································· 306 习题··························································· 306 参考文献·················································308
桂学勤,湖北科技科技学院计算机科学与技术学院 副院长,教授
本书内容丰富,既有理论审读,又有实用价值