64 lines
1.9 KiB
Markdown
64 lines
1.9 KiB
Markdown
graph TD
|
|
subgraph Internet [外网区域]
|
|
style Internet fill:#E6F3FF,stroke:#99CCFF
|
|
Internet_Cloud(fa:fa-cloud Internet)
|
|
PC4(fa:fa-laptop PC4 - 外网用户)
|
|
end
|
|
|
|
Internet_Cloud -- WAN链路 --> R3(R3 - 模拟ISP)
|
|
R3 -- 链路 A --> R1
|
|
R3 -- 链路 B --> R2
|
|
|
|
subgraph Exit_Layer [出口层 - VRRP负载分担]
|
|
style Exit_Layer fill:#E6FFE6,stroke:#99FF99
|
|
R1(fa:fa-route R1 - 出口网关)
|
|
R2(fa:fa-route R2 - 出口网关)
|
|
end
|
|
|
|
subgraph Core_and_Security [核心与安全区_防火墙旁挂]
|
|
style Core_and_Security fill:#F5F5F5,stroke:#CCCCCC,stroke-width:2px
|
|
|
|
subgraph CORE_STACK [核心层_堆叠系统_S1+S2]
|
|
style CORE_STACK fill:#FFF5E6,stroke:#FFCC99
|
|
CORE((fa:fa-layer-group CORE))
|
|
end
|
|
|
|
subgraph FW_HA [安全层_防火墙双机热备]
|
|
style FW_HA fill:#FFECE6,stroke:#FFB399
|
|
FW1(fa:fa-shield-alt FW1)
|
|
FW2(fa:fa-shield-alt FW2)
|
|
end
|
|
|
|
FW1 <-.->|HRP 心跳线| FW2
|
|
end
|
|
|
|
subgraph Access_Layer [接入层]
|
|
style Access_Layer fill:#F0E6FF,stroke:#D1B3FF
|
|
S3(S3 - 员工区交换机)
|
|
S4(S4 - 服务器/访客区交换机)
|
|
end
|
|
|
|
subgraph End_Devices [内网终端设备]
|
|
PC1(fa:fa-computer PC1 <br> 员工区 VLAN 10)
|
|
Server(fa:fa-server Web服务器 <br> 服务器区 VLAN 20)
|
|
PC3(fa:fa-wifi PC3 <br> 访客区 VLAN 30)
|
|
end
|
|
|
|
%% 定义连接关系
|
|
%% 出口层 <--> 核心层
|
|
R1 -- Eth-Trunk 1 --> CORE
|
|
R2 -- Eth-Trunk 2 --> CORE
|
|
|
|
%% 防火墙旁挂流量路径
|
|
CORE -- "Untrust区 <br> (VLAN 200)" --> FW1 & FW2
|
|
FW1 & FW2 -- "Trust区 <br> (VLAN 300)" --> CORE
|
|
|
|
%% 核心层 <--> 接入层
|
|
CORE -- Trunk链路 --> S3
|
|
CORE -- Trunk链路 --> S4
|
|
|
|
%% 接入层 <--> 终端
|
|
S3 -- Access端口 --> PC1
|
|
S4 -- Access端口 --> Server
|
|
S4 -- Access端口 --> PC3
|