update 3

INTERNET.md

@@ -0,0 +1,11 @@
+enable
+configure terminal
+!
+interface e0/0
+ ip address 1.1.1.1 255.255.255.0
+ no shutdown
+!
+ip route 0.0.0.0 0.0.0.0 1.1.1.2
+!
+end
+write memory

ISP.md

@@ -0,0 +1,22 @@
+enable
+configure terminal
+!
+interface e0/0
+ ip address 55.55.55.106 255.255.255.252
+ no shutdown
+!
+interface e0/1
+ ip address 55.55.55.102 255.255.255.252
+ no shutdown
+!
+interface e0/2
+ ip address 1.1.1.2 255.255.255.0
+ no shutdown
+!
+ip route 10.10.0.0 255.255.0.0 55.55.55.105
+ip route 10.10.1.0 255.255.255.0 55.55.55.101
+ip route 10.10.2.0 255.255.255.0 55.55.55.101
+ip route 10.10.5.0 255.255.255.0 55.55.55.101
+!
+end
+write memory

R-DarkStore.md

@@ -0,0 +1,65 @@
+enable
+configure terminal
+!
+interface e0/0
+ no ip address
+ no shutdown
+!
+interface e0/0.30
+ encapsulation dot1Q 30
+ ip address 10.10.3.1 255.255.255.0
+!
+interface e0/0.40
+ encapsulation dot1Q 40
+ ip address 10.10.4.1 255.255.255.0
+!
+interface e0/1
+ no ip address
+ no shutdown
+!
+interface e0/1.60
+ encapsulation dot1Q 60
+ ip address 10.10.6.1 255.255.255.0
+!
+interface e0/2
+ ip address 55.55.55.105 255.255.255.252
+ no shutdown
+!
+interface e0/3
+ no ip address
+ shutdown
+!
+ip route 0.0.0.0 0.0.0.0 55.55.55.106
+!
+ip access-list standard NAT_ACL
+ permit 10.10.0.0 0.0.255.255
+!
+interface e0/0
+ ip nat inside
+!
+interface e0/1
+ ip nat inside
+!
+interface e0/2
+ ip nat outside
+!
+ip nat inside source list NAT_ACL interface e0/2 overload
+!
+ip dhcp pool LOGISTICS
+ network 10.10.3.0 255.255.255.0
+ default-router 10.10.3.1
+ dns-server 8.8.8.8
+ lease 7
+!
+ip dhcp excluded-address 10.10.3.1 10.10.3.10
+!
+ip dhcp pool STORAGE
+ network 10.10.4.0 255.255.255.0
+ default-router 10.10.4.1
+ dns-server 8.8.8.8
+ lease 7
+!
+ip dhcp excluded-address 10.10.4.1 10.10.4.10
+!
+end
+write memory

R-HQ.md

@@ -0,0 +1,68 @@
+enable
+configure terminal
+!
+interface e0/0
+ ip address 55.55.55.101 255.255.255.252
+ no shutdown
+!
+interface e0/1
+ no ip address
+ no shutdown
+!
+interface e0/1.50
+ encapsulation dot1Q 50
+ ip address 10.10.5.1 255.255.255.0
+!
+interface e0/2
+ no ip address
+ no shutdown
+!
+interface e0/2.10
+ encapsulation dot1Q 10
+ ip address 10.10.1.1 255.255.255.0
+!
+interface e0/2.20
+ encapsulation dot1Q 20
+ ip address 10.10.2.1 255.255.255.0
+!
+interface e0/3
+ no ip address
+ shutdown
+!
+ip route 0.0.0.0 0.0.0.0 55.55.55.102
+!
+ip access-list standard NAT_ACL_HQ
+ permit 10.10.1.0 0.0.0.255
+ permit 10.10.2.0 0.0.0.255
+ permit 10.10.5.0 0.0.0.255
+!
+interface e0/1
+ ip nat inside
+!
+interface e0/2
+ ip nat inside
+!
+interface e0/0
+ ip nat outside
+!
+ip nat inside source list NAT_ACL_HQ interface e0/0 overload
+ip nat inside source static tcp 10.10.5.60 80 55.55.55.101 8080 extendable
+!
+ip dhcp pool IT
+ network 10.10.1.0 255.255.255.0
+ default-router 10.10.1.1
+ dns-server 8.8.8.8
+ lease 7
+!
+ip dhcp excluded-address 10.10.1.1 10.10.1.100
+!
+ip dhcp pool MANAGEMENT
+ network 10.10.2.0 255.255.255.0
+ default-router 10.10.2.1
+ dns-server 8.8.8.8
+ lease 7
+!
+ip dhcp excluded-address 10.10.2.1 10.10.2.100
+!
+end
+write memory

Readme

@@ -22,6 +22,9 @@
 VLAN 30 (Logistics → PCL-1, PCL-2, PCL-3, PCL-4)
 VLAN 40 (Storage → PCS-1…4)
 VLAN 60 (DS-Servers → Portal, File Server)
+>>Публичная подсеть: 55.55.55.104/30
+55.55.55.105 → R-Darkstore
+55.55.55.106 → ISP (gateway)
 ❗ IT (10) и Management (20) — в головном офисе, не настраиваются в Darkstore. 
 !Обновлённые задачи для Darkstore!
 SW1/2/3-Darkstore поддерживают только VLAN 30, 40, 60 (и только те, что подключены к конкретному коммутатору).
@@ -33,4 +36,89 @@ VLAN 60 → 10.10.6.1
 Сервера в DS:
 Portal → 10.10.6.10
 FS → 10.10.6.20
-(возможно, другие — но по умолчанию хватит)
+
+R-Darkstore
+├─ e0/0 ↔ SW1-Darkstore e0/0
+├─ e0/1 ↔ SW2-Darkstore e0/0
+├─ e0/2 ↔ ISP e0/0
+└─ e0/3 ↔ WAN e0/1
+ISP 
+├─ e0/0 ↔ R-Darkstore e0/2
+├─ e0/1 ↔ R-HQ e0/0
+└─ e0/2 ↔ INTERNET e0/0
+R-HQ
+├─ e0/0 ↔ ISP e0/1
+├─ e0/1 ↔ SW2-HQ e0/0
+├─ e0/2 ↔ SW1-HQ e0/0
+└─ e0/3 ↔ WAN e0/0
+SW1-HQ
+├─ e0/0 ↔ R-HQ e0/2
+├─ e0/1 ↔ PCI-1 eth0
+├─ e0/2 ↔ PCI-2 eth0
+├─ e0/3 ↔ PCM-1 eth0
+└─ e1/0 ↔ PCM-2 eth0
+SW2-HQ
+├─ e0/0 ↔ R-HQ e0/1
+├─ e0/1 ↔ DC eth0
+├─ e0/2 ↔ DNS eth0
+├─ e1/0 ↔ Ansible eth0
+├─ e0/3 ↔ Mail eth0
+├─ e1/2 ↔ Web eth0
+└─ e1/1 ↔ FS eth0
+SW1-Darkstore
+├─ e0/1 ↔ SW3-Darkstore e0/0
+├─ e0/2 → PCL-3        (VLAN 30)
+├─ e0/3 → PCL-4        (VLAN 30)
+├─ e1/0 → PCS-3        (VLAN 40)
+└─ e1/1 → PCS-4        (VLAN 40)
+SW3-Darkstore
+├─ e0/0 ← от SW1
+├─ e0/1 → PCL-1        (VLAN 30)
+├─ e0/2 → PCL-2        (VLAN 30)
+├─ e0/3 → PCS-1        (VLAN 40)
+└─ e1/0 → PCS-2        (VLAN 40)
+
+-------------------------------------
+<> Darkstore — адресное пространство: 10.10.0.0/16
+-
+VLAN 30 — Logistics (PCL) → 10.10.3.0/24, шлюз: 10.10.3.1
+PCL-1 : 10.10.3.13 | Логистика
+PCL-2 : 10.10.3.14 | Логистика
+PCL-3 : 10.10.3.11 | Логистика
+PCL-4 : 10.10.3.12 | Логистика
+VLAN 40 — Storage (PCS) → 10.10.4.0/24, шлюз: 10.10.4.1
+PCS-1 : 10.10.4.13 | Склад
+PCS-2 : 10.10.4.14 | Склад
+PCS-3 : 10.10.4.11 | Склад
+PCS-4 : 10.10.4.12 | Склад
+VLAN 60 — DS-Servers → 10.10.6.0/24, шлюз: 10.10.6.1
+Portal : 10.10.6.10 | Портал
+FSC : 10.10.6.20 | Файловый сервер
+-
+<> Headquarters (HQ) — адресное пространство: 10.10.0.0/16
+-
+VLAN 10 — IT (PCI) → 10.10.1.0/24, шлюз: 10.10.1.1
+PCI-1 : 10.10.1.101 | IT-специалист
+PCI-2 : 10.10.1.102 | IT-специалист
+VLAN 20 — Management (PCM) → 10.10.2.0/24, шлюз: 10.10.2.1
+PCM-1 : 10.10.2.101 | Менеджер
+PCM-2 : 10.10.2.102 | Менеджер
+VLAN 50 — HQ-Servers → 10.10.5.0/24, шлюз: 10.10.5.1
+DC : 10.10.5.101 | Domain Controller
+DNS : 10.10.5.102 | DNS-сервер
+Mail : 10.10.5.103 | Почтовый сервер
+Ansible : 10.10.5.104 | Автоматизация
+FS : 10.10.5.105 | Файловый сервер (HQ)
+Web : 10.10.5.60 | Веб-сервер (публичный)
+-
+<>D Внешние сети и интерфейсы
+-
+ISP — шлюз для Darkstore: 55.55.55.106/30
+ISP — шлюз для HQ: 55.55.55.102/30
+R-Darkstore — внешний интерфейс: 55.55.55.105/30
+R-HQ — внешний интерфейс: 55.55.55.101/30
+INTERNET — тестовый сервер: 1.1.1.1/24
+Выделенный канал HQ ↔ Darkstore: 192.168.10.0/29
+R-HQ — интерфейс: 192.168.10.2/29
+R-Darkstore — интерфейс: 192.168.10.1/29
+-------------------------------------

SW1-Darkstore.md

@@ -0,0 +1,49 @@
+enable
+configure terminal
+!
+vlan 30
+ name Logistics
+!
+vlan 40
+ name Storage
+!
+interface e0/2
+ description PCL-3 - Logistics
+ switchport mode access
+ switchport access vlan 30
+ no shutdown
+!
+interface e0/3
+ description PCL-4 - Logistics
+ switchport mode access
+ switchport access vlan 30
+ no shutdown
+!
+interface e1/0
+ description PCS-3 - Storage
+ switchport mode access
+ switchport access vlan 40
+ no shutdown
+!
+interface e1/1
+ description PCS-4 - Storage
+ switchport mode access
+ switchport access vlan 40
+ no shutdown
+!
+interface e0/0
+ description To R-Darkstore
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 30,40
+ no shutdown
+!
+interface e0/1
+ description To SW3-Darkstore
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 30,40
+ no shutdown
+!
+end
+write memory

SW1-HQ.md

@@ -0,0 +1,42 @@
+enable
+configure terminal
+!
+vlan 10
+ name IT
+!
+vlan 20
+ name Management
+!
+interface e0/1
+ description PCI-1 - IT
+ switchport mode access
+ switchport access vlan 10
+ no shutdown
+!
+interface e0/2
+ description PCI-2 - IT
+ switchport mode access
+ switchport access vlan 10
+ no shutdown
+!
+interface e0/3
+ description PCM-1 - Management
+ switchport mode access
+ switchport access vlan 20
+ no shutdown
+!
+interface e1/0
+ description PCM-2 - Management
+ switchport mode access
+ switchport access vlan 20
+ no shutdown
+!
+interface e0/0
+ description To R-HQ
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 10,20
+ no shutdown
+!
+end
+write memory

SW2-Darkstore.md

@@ -0,0 +1,40 @@
+enable
+configure terminal
+!
+vlan 30
+ name Logistics
+!
+vlan 40
+ name Storage
+!
+vlan 60
+ name DS-Servers
+!
+interface e0/1
+ description Portal - DS-Servers
+ switchport mode access
+ switchport access vlan 60
+ no shutdown
+!
+interface e0/2
+ description FileServer - DS-Servers
+ switchport mode access
+ switchport access vlan 60
+ no shutdown
+!
+interface e0/0
+ description To R-Darkstore
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 60
+ no shutdown
+!
+interface e0/3
+ description To SW1-Darkstore
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 30,40,60
+ no shutdown
+!
+end
+write memory

SW2-HQ.md

@@ -0,0 +1,51 @@
+enable
+configure terminal
+!
+vlan 50
+ name HQ-Servers
+!
+interface e0/1
+ description DC - Data Center
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e0/2
+ description DNS - DNS Server
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e0/3
+ description Mail - Mail Server
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e1/0
+ description Ansible - Automation
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e1/1
+ description FS - File Server
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e1/2
+ description Web - Web Server
+ switchport mode access
+ switchport access vlan 50
+ no shutdown
+!
+interface e0/0
+ description To R-HQ
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 50
+ no shutdown
+!
+end
+write memory

SW3-Darkstore.md

@@ -0,0 +1,42 @@
+enable
+configure terminal
+!
+vlan 30
+ name Logistics
+!
+vlan 40
+ name Storage
+!
+interface e0/1
+ description PCL-1 - Logistics
+ switchport mode access
+ switchport access vlan 30
+ no shutdown
+!
+interface e0/2
+ description PCL-2 - Logistics
+ switchport mode access
+ switchport access vlan 30
+ no shutdown
+!
+interface e0/3
+ description PCS-1 - Storage
+ switchport mode access
+ switchport access vlan 40
+ no shutdown
+!
+interface e1/0
+ description PCS-2 - Storage
+ switchport mode access
+ switchport access vlan 40
+ no shutdown
+!
+interface e0/0
+ description To SW1-Darkstore
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ switchport trunk allowed vlan 30,40
+ no shutdown
+!
+end
+write memory

VPCS-Portal.md

@@ -0,0 +1,9 @@
+ip 10.10.6.10 255.255.255.0 10.10.6.1
+
+VPCS> ping 10.10.6.1
+
+10.10.6.1 icmp_seq=1 timeout
+84 bytes from 10.10.6.1 icmp_seq=2 ttl=255 time=0.457 ms
+84 bytes from 10.10.6.1 icmp_seq=3 ttl=255 time=0.493 ms
+84 bytes from 10.10.6.1 icmp_seq=4 ttl=255 time=0.461 ms
+84 bytes from 10.10.6.1 icmp_seq=5 ttl=255 time=0.444 ms

WEB.md

@@ -0,0 +1,13 @@
+enable
+configure terminal
+!
+interface e0/0
+ ip address 10.10.5.60 255.255.255.0
+ no shutdown
+!
+ip route 0.0.0.0 0.0.0.0 10.10.5.1
+!
+ip http server
+!
+end
+write memory