A3 网络架构¶

A3.1 集团总体网络架构¶

graph 

Internet[互联网]

subgraph 上海总部
CTFW[总部防火墙<br>公网IP:116.228.114.70<br>内网IP:10.10.x.x/16]

end

subgraph 上海总部宿舍
ROUT1[路由<br>弹性公网IP<br>内网IP:192.168.x.x/16]

end

subgraph 建德工厂
FactoryFW[工厂防火墙<br>固定公网IP<br>内网IP:10.11.x.x/16]

end

subgraph 建德工厂宿舍
ROUT2[路由<br>弹性公网IP<br>内网IP:192.168.x.x/16]

end

subgraph 虹桥分部
HQFW[虹桥路由器<br>弹性公网IP<br>内网IP:192.168.0.x/24]

end

Internet <--> CTFW
Internet <--> FactoryFW
Internet <--> HQFW
Internet <--> ROUT1
Internet <--> ROUT2

FactoryFW --->|IPSec VPN| CTFW

A3.2 上海总部网络架构¶

graph TD

CTFW[总部防火墙]

CTCore[核心交换机]

CTAgg[汇聚交换机]

CTAccess1[接入交换机-办公区]
CTAccess2[接入交换机-服务区]

CTFW --> CTCore
CTCore --> CTAgg

CTAgg --> CTAccess1
CTAgg --> CTAccess2

CTAccess1 --> Office[办公有线网络<br>VLAN10]
CTAccess1 --> Wifi1[PCWIFI-OFFICE<br>VLAN30]
CTAccess1 --> Wifi2[PCWIFI-GUEST<br>VLAN40]
CTAccess2 --> Server[服务器<br>VLAN52]
CTAccess2 --> Camera[监控<br>VLAN50]
CTAccess2 --> Printer[打印机 <br>VLAN53]
CTAccess2 --> Access[门禁考勤 <br>VLAN51]
CTAccess2 --> TV[投屏电视 <br>VLAN54]

A3.3 建德工厂网络架构¶

graph TD

FactoryFW[工厂防火墙]

FactoryCore[核心交换机]

FactoryAgg[汇聚交换机]

FactoryAccess1[接入交换机-办公有线网络]
FactoryAccess2[接入交换机-生产]

FactoryFW --> FactoryCore
FactoryCore --> FactoryAgg

FactoryAgg --> FactoryAccess1
FactoryAgg --> FactoryAccess2

FactoryAccess1 --> Office[办公有线网络<br>VLAN10]
FactoryAccess1 --> Server[服务器<br>VLAN52]
FactoryAccess1 --> Camera[监控<br>VLAN50]
FactoryAccess1 --> Printer[打印机<br>VLAN53]
FactoryAccess1 --> Access[门禁考勤<br>VLAN51]

FactoryAccess2 --> Prod[生产车间<br>VLAN12]

A3.4 虹桥办公室网络架构¶

graph TD

HQRT[虹桥路由器]
HQCore[交换机]

HQRT --> HQCore

HQCore --> Office[PCWIFI-OFFICE<br>IP:192.168.0.x/24]
HQCore --> Camera[监控<br>IP:192.168.0.10]
HQCore --> Printer[打印机<br>IP:192.168.0.47]

A3.5 新厂房车间临时办公架构¶

graph TD

WHCPE[华为CPE]
WHCore[POE交换机]

WHCPE --> WHCore

WHCore --> Workshop1[1车间1层<br>AP1]
WHCore --> Workshop2[2车间1层<br>AP2]