Cisco实战配置三层交换的综合案例
网络基本情况
网络拓扑结构为:中心交换机采用Cisco Catalyst 4006-S3,
Supervisor Engine III G引擎位于第1插槽,用于实现三层交换;1块24口
1000Base-T模块位于第2插槽,用于连接网络服务器;1块6端口1000Base-X模块位
于第3插槽,用于连接6台骨干交换机。一台交换机采用Cisco Catalyst 3550-
24-EMI,并安装1块1000Base-X GBIC千兆模块。一台交换机采用Cisco
Catalyst 3550-24-SMI,也安装1块1000Base-X GBIC千兆模块。另外四台交换机
采用Cisco Catalyst 2950G-24-SMI,安装1块1000Base-T GBIC千兆模块。
所有服务器划分为一个VLAN,即VLAN 50。四台Catalyst 2950G-24-SMI交换机也只划分为一个VLAN,分别为VLAN 60、VLAN 70、VLAN 80和VLAN 90。
Catalyst 3550-24-EMI划分为4个VLAN,分别为VLAN 10、VLAN 20、VLAN 30和
VLAN 40。Catalyst 3550-24-SMI划分2个VLAN,分别为VLAN 60和VLAN 80,与另
外两台Catalyst 2950G-24-SMI交换机分别位于同一VLAN。
实例分析
由于所有Catalyst 2950G交换机都是一个独立的VLAN,因此,必须先在
这些交换机上创建VLAN(VLAN 60~VLAN 90),并将所有端口都指定至该VLAN。然
后,再在Catalyst 4006交换机相应端口上分别创建VLAN。Catalyst 4006的
1000Base-X端口分别与各Catalyst 2950G的1000Base-X端口连接。其中,
GigabitEthernet3/2端口连接至1号Catalyst 2950交换机(VLAN 60),GigabitEthernet3/3端口连接至2号Catalyst 2950交换机(VLAN 70),GigabitEthernet3/4端口连接至3号Catalyst 2950交换机(VLAN 80),GigabitEthernet3/5端口连接至4号Catalyst 2950交换机(VLAN 90),GigabitEthernet3/6端口连接至6号楼交换机(VLAN 80)。
由于在Catalyst 3550-24-EMI上划分有4个VLAN(VLAN 10~VLAN 40),而4个VLAN都需借助于一条1000Base-X链路实现与Catalyst 4006的GigabitEthernet3/1端口连接,因此,必须在Catalyst 4006与Catalyst 3550-24- EMI之间创建一个Trunk。
同样,在Catalyst 3550-24-SMI上划分有2个VLAN(VLAN 60和VLAN 80),而4个VLAN都需借助于一条1000Base-X链路实现与Catalyst 4006的GigabitEthernet3/6端口连接,因此,必须在Catalyst 4006与Catalyst 3550-24- EMI之间创建一个Trunk。
另外,所有服务器均连接至Catalyst 4006的1000Base-T模块,并单独成为一个VLAN(VLAN 90),因此,也必须为这些交换机创建一个VLAN,并将所有端口指定至该VLAN。需要注意的是,考虑到网络管理的需要,也可以剩余几个RJ-45端口(如21至24端口)不指定至任何VLAN,从而便于连接网络管理设备。默认状态下,所有端口都属于VLAN1,而且也只有在VLAN1中才能实现对网络中所有设备的管理。
配置清单
Cisco Catalyst 4006交换机配置清单
Current configuration : 5594 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname hsnc
!
boot system bootflash:cat4000-is-mz.121-8a.EW1.bin
no logging console
enable secret level 1 5 $1$rkQW$1HKyKdN5f.Ri5zxeoF8Yv/
!
ip subnet-zero
!
!
!
interface GigabitEthernet1/1
no snmp trap link-status
!--不为Supervisor Engine III G引擎中的1000Base-X插槽指定VLAN
interface GigabitEthernet1/2
no snmp trap link-status
!
!
interface GigabitEthernet2/1
switchport access vlan 50
no snmp trap link-status
!--将端口GigabitEthernet2/1指定至VLAN 50
!
interface GigabitEthernet2/2
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/3
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/4
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/5
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/6
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/7
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/8
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/9
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/10
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/11
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/12
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/13
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/14
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/15
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/16
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/17
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/18
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/19
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/20
switchport access vlan 50
no snmp trap link-status
!--不将GigabitEthernet2/20~24指定至任何VLAN
!
interface GigabitEthernet3/1
switchport trunk encapsulation dot1q
!--启用802.1Q Trunk封装协议,即在该端口创建Trunk
switchport trunk allowed vlan 1-80
!--允许vlan 1-90在该中继线通讯
!--可以拒绝或允许某个VLAN访问该Trunk
!--确保未被授权的VLAN通过该Trunk,实现VLAN的访问安全
switchport mode trunk
!--将该端口设置为Trunk
description netcenter
no snmp trap link-status
!
interface GigabitEthernet3/2
switchport access vlan 60
no snmp trap link-status
!--将端口GigabitEthernet3/2指定至VLAN 60
!
interface GigabitEthernet3/3
switchport access vlan 70
no snmp trap link-status
!--将端口GigabitEthernet3/3指定至VLAN 70
!
interface GigabitEthernet3/4
switchport access vlan 80
no snmp trap link-status
!--将端口GigabitEthernet3/4指定至VLAN 80
!
interface GigabitEthernet3/5
switchport access vlan 90
no snmp trap link-status
!--将端口GigabitEthernet3/5指定至VLAN 90
!
interface GigabitEthernet3/6
switchport trunk encapsulation dot1q
!--启用802.1Q Trunk封装协议,即在该端口创建Trunk
switchport trunk allowed vlan 1-80
!--允许vlan 1-90在该中继线通讯
!--可以拒绝或允许某个VLAN访问该Trunk
!--从而确保未被授权的VLAN通过该Trunk,实现VLAN访问安全
switchport mode trunk
!--将该端口设置为Trunk
description netcenter
no snmp trap link-status
!
interface Vlan1
description netmanger
no ip address
!
!--对VLAN1进行描述
interface Vlan10
description network center
no ip address
!--对VLAN2进行描述
!
interface Vlan20
description computer center
no ip address
!
interface Vlan30
description network lab
no ip address
!
interface Vlan40
description huaxuelou
no ip address
!
interface Vlan50
description wulilou
no ip address
!
interface Vlan60
description shengwulou
no ip address
!
interface Vlan70
description zhongwenxi
no ip address
!
interface Vlan80
description tushuguan
no ip address
!
!
line con 0
stopbits 1
line vty 0 4
password aaa
login
!
end
Cisco Catalyst 3550-EMI配置清单
Building configuration...
Current configuration : 4055 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname office
!
enable secret 5 $1$p0fU$JeyPOM0RuL.Fqfe71efHF1
!
ip subnet-zero
!
!
spanning-tree extend system-id
!
!
!
interface FastEthernet0/1
switchport access vlan 10
!--将端口FastEthernet0/1指定至VLAN 10
no ip address
!
interface FastEthernet0/2
switchport access vlan 10
no ip address
!
interface FastEthernet0/3
switchport access vlan 10
no ip address
!
interface FastEthernet0/4
switchport access vlan 10
no ip address
!
interface FastEthernet0/5
switchport access vlan 10
no ip address
!
interface FastEthernet0/6
switchport access vlan 20
no ip address
!--将端口FastEthernet0/6指定至VLAN 20
!
interface FastEthernet0/7
switchport access vlan 20
no ip address
!
interface FastEthernet0/8
switchport access vlan 20
no ip address
!
interface FastEthernet0/9
switchport access vlan 20
no ip address
!
interface FastEthernet0/10
switchport access vlan 20
no ip address
!
interface FastEthernet0/11
switchport access vlan 30
no ip address
!--将端口FastEthernet0/6指定至VLAN 30
!
interface FastEthernet0/12
switchport access vlan 30
no ip address
!
interface FastEthernet0/13
switchport access vlan 30
no ip address
!
interface FastEthernet0/14
switchport access vlan 30
no ip address
!
interface FastEthernet0/15
switchport access vlan 30
no ip address
!
interface FastEthernet0/16
switchport access vlan 30
no ip address
!
interface FastEthernet0/17
switchport access vlan 30
no ip address
!
interface FastEthernet0/18
switchport access vlan 30
no ip address
!
interface FastEthernet0/19
switchport access vlan 40
no ip address
!--将端口FastEthernet0/6指定至VLAN 40
!
interface FastEthernet0/20
switchport access vlan 40
no ip address
!
interface FastEthernet0/21
switchport access vlan 40
no ip address
!
interface FastEthernet0/22
switchport access vlan 30
no ip address
!
interface FastEthernet0/23
switchport access vlan 40
no ip address
!
interface FastEthernet0/24
switchport access vlan 40
no ip address
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
!--启用802.1Q Trunk封装协议,即在该端口创建Trunk
switchport trunk allowed vlan 1-80
!--允许vlan 1-80在该中继线通讯
switchport mode trunk
!--将该端口设置为Trunk
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
ip address 172.16.100.12 255.255.255.0
!--LAN1指定IP地址
no ip route-cache
no ip mroute-cache
!
ip classless
ip http server
!
!
!
!
line con 0
line vty 0 4
password aaa
login
line vty 5 15
login
!
end
Cisco Catalyst 3550-SMI配置清单
Building configuration...
Current configuration : 4055 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname office
!
enable secret 5 $1$p0fU$JeyPOM0RuL.Fqfe71efHF1
!
ip subnet-zero
!
!
spanning-tree extend system-id
!
!
!
interface FastEthernet0/1
switchport access vlan 60
!--将端口FastEthernet0/1指定至VLAN 60
no ip address
!
interface FastEthernet0/2
switchport access vlan 60
no ip address
!
interface FastEthernet0/3
switchport access vlan 60
no ip address
!
interface FastEthernet0/4
switchport access vlan 60
no ip address
!
interface FastEthernet0/5
switchport access vlan 60
no ip address
!
interface FastEthernet0/6
switchport access vlan 20
no ip address
!--将端口FastEthernet0/6指定至VLAN 20
!
interface FastEthernet0/7
switchport access vlan 20
no ip address
!
interface FastEthernet0/8
switchport access vlan 20
no ip address
!
interface FastEthernet0/9
switchport access vlan 20
no ip address
!
interface FastEthernet0/10
switchport access vlan 20
no ip address
!
interface FastEthernet0/11
switchport access vlan 80
no ip address
!--将端口FastEthernet0/6指定至VLAN 80
!
interface FastEthernet0/12
switchport access vlan 80
no ip address
!
interface FastEthernet0/13
switchport access vlan 80
no ip address
!
interface FastEthernet0/14
switchport access vlan 80
no ip address
!
interface FastEthernet0/15
switchport access vlan 80
no ip address
!
interface FastEthernet0/16
switchport access vlan 80
no ip address
!
interface FastEthernet0/17
switchport access vlan 80
no ip address
!
interface FastEthernet0/18
switchport access vlan 80
no ip address
!
interface FastEthernet0/19
switchport access vlan 80
no ip address
!--将端口FastEthernet0/6指定至VLAN 80
!
interface FastEthernet0/20
switchport access vlan 80
no ip address
!
interface FastEthernet0/21
switchport access vlan 80
no ip address
!
interface FastEthernet0/22
switchport access vlan 80
no ip address
!
interface FastEthernet0/23
switchport access vlan 80
no ip address
!
interface FastEthernet0/24
switchport access vlan 80
no ip address
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
!--启用802.1Q Trunk封装协议,即在该端口创建Trunk
switchport trunk allowed vlan 1-80
!--允许vlan 1-80在该中继线通讯
switchport mode trunk
!--从将该端口设置为Trunk
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
ip address 172.16.100.13 255.255.255.0
!--为LAN1指定IP地址
no ip route-cache
no ip mroute-cache
!
ip classless
ip http server
!
!
!
!
line con 0
line vty 0 4
password aaa
login
line vty 5 15
login
!
end
Cisco Catalyst 2950G配置清单
四台Cisco Catalyst 2950G的配置基本相同,下面仅列出VLAN 60的配置情况。
Building configuration...
Current configuration : 2143 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname msl
!
enable password aaa
!
ip subnet-zero
!
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport access vlan 60
no ip address
!
interface FastEthernet0/2
switchport access vlan 60
no ip address
!
interface FastEthernet0/3
switchport access vlan 60
no ip address
!
interface FastEthernet0/4
switchport access vlan 60
no ip address
!
interface FastEthernet0/5
switchport access vlan 60
no ip address
!
interface FastEthernet0/6
switchport access vlan 60
no ip address
!
interface FastEthernet0/7
switchport access vlan 60
no ip address
!
interface FastEthernet0/8
switchport access vlan 60
no ip address
!
interface FastEthernet0/9
switchport access vlan 60
no ip address
!
interface FastEthernet0/10
switchport access vlan 60
no ip address
!
interface FastEthernet0/11
switchport access vlan 60
no ip address
!
interface FastEthernet0/12
switchport access vlan 60
no ip address
!
interface FastEthernet0/13
switchport access vlan 60
no ip address
!
interface FastEthernet0/14
switchport access vlan 60
no ip address
!
interface FastEthernet0/15
switchport access vlan 60
no ip address
!
interface FastEthernet0/16
switchport access vlan 60
no ip address
!
interface FastEthernet0/17
switchport access vlan 60
no ip address
!
interface FastEthernet0/18
switchport access vlan 60
no ip address
!
interface FastEthernet0/19
switchport access vlan 60
no ip address
!
interface FastEthernet0/20
switchport access vlan 60
no ip address
!
interface FastEthernet0/21
switchport access vlan 60
no ip address
!
interface FastEthernet0/22
switchport access vlan 60
no ip address
!
interface FastEthernet0/23
switchport access vlan 60
no ip address
!
interface FastEthernet0/24
switchport access vlan 60
no ip address
!
interface GigabitEthernet0/1
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
ip address 172.16.100.10 255.255.255.0
!
ip classless
ip http server
!
!
!
!
line con 0
line vty 0 4
password aaa
login
line vty 5 15
login
!
end
以下内容 ancy 由撰写
经典的三层网络案例分析。改进中。。。新加很多先进技术噢!新增路由器的配置。
经典的三层网络案例分析。
目的:让不同的vlan 之间可以互相通讯。
IP规划
vlna ID ip网段 vlan网关
vlan 1 172.16.1.0/24 172.16.1.7-9
vlan 2 172.16.2.0/24 172.16.2.252-254
vlan 3 172.16.3.0/24 172.16.3.252-254
vlan 4 172.16.4.0/24 172.16.4.252-254
vlan 5 172.16.5.0/24 172.16.5.252-254
vlan 6 172.16.6.0/24 172.16.6.252-254
vlan 7 172.16.7.0/24 172.16.7.252-254
vlan 8 172.16.8.0/24 172.16.8.252-254
vlan 9 172.16.9.0/24 172.16.9.252-254
路由器配置
一、cisco路由器配置:
Enable
Configure terminal
Service password-encryption
Hostname cisco1721
Enable secret 654321
Enable password 123456
ip subnet-zero
ip name-server 202.96.134.133 202.96.172.218
interface fastethernet 0
ip address 61.142.221.5 255.255.255.240
speed auto
no shutdown
interface serial 0
ip unnumbered fastethernet 0
encapsulation ppp
no fair-queue
bandwidth 2048
no shutdown
exit
ip classless
ip route 0.0.0.0 0.0.0.0 serial 0
no ip http server
line con 0
line aux 0
line vty 0 4
password 12345678
login
no scheduler allocate
end
copy running-config startup-config
reload
请注意NAT等是在防火墙设置的.
交换机配置
一、Catalyst 4006-s3交换机配置:
Enable
Configure terminal
service pad
service password-encryption
hostname c4006-s3
enable password 123456.
Enable secret 654321
Ip subnet-zero
Ip name-server 172.16.8.1 172.16.8.2
ip routing
Exit
Vlan database
Vtp mode server
Vtp domain centervtp
Vlan 2 name vlan2
Vlan 3 name vlan3
Vlan 4 name vlan4
Vlan 5 name vlan5
Vlan 6 name vlan6
Vlan 7 name vlan7
Vlan 8 name vlan8
Vlan 9 name vlan9
Exit
Configure terminal
Interface port-channel 1
Interface gigabitethernet 2/1
channel-group 1
Interface gigabitethernet 2/2
channel-group 1
Interface gigabitethernet 2/1
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 2/3
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 2/4
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigbitethernet 2/5
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigbitethernet 2/6
switchport mode trunk
switchport trunk encapsulation dotlq
switchprot trunk allowed vlan all
interface gigbitethernet 2/7
switchport access vlan 9
no shutdown
interface range gigabitethernet 2/8 – 20
switchport mode access
switchport access vlan 8
no shutdown
spanning-tree portfast
interface gigabitethernet 3/1
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 3/2
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
spanning-tree vlan 1-9 root primary
spanning-tree backbonefast
interface vlan 1
ip address 172.16.1.7 255.255.255.0
no shutdown
standby 1 ip 172.16.1.9
standby 1 priority 110 preempt
interface vlan 2
ip address 172.16.2.252 255.255.255.0
no shutdown
standby 2 ip 172.16.2.254
standby 2 priority 110 preempt
interface vlan 3
ip address 172.16.3.252 255.255.255.0
no shutdown
standby 3 ip 172.16.3.254
standby 3 priority 110 preempt
interface vlan 4
ip address 172.16.4.252 255.255.255.0
no shutdown
standby 4 ip 172.16.4.254
standby 4 priority 110 preempt
interface vlan 5
ip address 172.16.5.252 255.255.255.0
no shutdown
standby 5 ip 172.16.5.254
standby 5 priority 110 preempt
interface vlan 6
ip address 172.16.6.252 255.255.255.0
no shutdown
standby 6 ip 172.16.6.254
standby 6 priority 110 preempt
interface vlan 7
ip address 172.16.7.252 255.255.255.0
no shutdown
standby 7 ip 172.16.7.254
standby 7 priority 110 preempt
interface vlan 8
ip address 172.16.8.252 255.255.255.0
no shutdown
standby 8 ip 172.16.8.254
standby 8 priority 110 preempt
interface vlan 9
ip address 172.16.9.252 255.255.255.0
no shutdown
standby 9 ip 172.16.9.254
standby 9 priority 110 preempt
exit
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.9.250
line con 0
line aux 0
line vty 0 15
password 12345678
login
end
copy running-config startup-config
reload
二、Catalyst 3550-12T交换机配置:
Enable
Configure terminal
service pad
service password-encryption
hostname c3550-12t
enable password 123456
enable secret 654321
ip subnet-zero
ip name-server 172.16.8.1. 172.16.8.2
ip routing
exit
vlan database
vtp mode server
vtp domain centervtp
vlan 2 name vlan2
vlan 3 name vlan3
vlan 4 name vlan4
vlan 5 name vlan5
vlan 6 name vlan6
vlan 7 name vlan7
vlan 8 name vlan8
vlan 9 name vlan9
exit
configure terminal
interface port-channel 1
interface gigabitethernet 0/1
channel-group 1
interface gigabitethernet 0/2
channel-group 1
exit
interface gigabitethernet 0/1
switchport mode trunk
switchport encapsulation dotlq
swithchport trunk allowed vlan all
interface gigabitethernet 0/3
switchport mode trunk
switchport trunk encapsulation dotlq
swithcport trunk allowed vlan all
interface gigabitethernet 0/4
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 0/5
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 0/6
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
interface gigabitethernet 0/7
switchport access vlan 9
no shutdown
interface range gigabitethernet 0/8 – 10
switchport mode access
switchport access vlan 8
no shutdown
spanning-tree portfast
interface gigabitethernet 0/11
switchport mode trunk
switchport trunk encapsulation dotlq
swithcprot trunk allowed vlan all
interface gigabitethernet 0/12
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
spanning-tree vlan 1-9 root secondary
spanning-tree backbonefast
interface vlan 1
ip address 172.16.1.8 255.255.255.0
no shutdown
standby 1 ip 172.16.1.9
standby 1 priority 100 preempt
interface vlan 2
ip address 172.16.2.253 255.255.255.0
no shutdown
standby 2 ip 172.16.2.254
standby 2 priority 100 preempt
interface vlan 3
ip address 172.16.3.253 255.255.255.0
not shutdown
standby 3 ip 172.16.3.254
standby 3 priority 100 preempt
interface vlan 4
ip address 172.16.4.253 255.255.255.0
no shutdown
standby 4 ip 172.16.4.254
standby 4 priority 100 preempt
interface vlan 5
ip addess 172.16.5.253 255.255.255.0
no shutdown
standby 5 ip 172.16.5.253
standby 5 priority 100 preempt
interface vlan 6
ip address 172.16.6.253 255.255.255.0
no shutdown
standby 6 ip 172.16.6.254
standby 6 priority 100 preempt
interface vlan 7
ip address 172.16.7.253 255.255.255.0
no shutdown
standby 7 ip 172.16.7.254
standby 7 priority 100 preempt
interface vlan 8
ip address 172.16.8.253 255.255.255.0
no shutdown
standby 8 ip 172.16.8.254
standby 8 priority 100 preempt
interface vlan 9
ip address 172.16.9.253 255.255.255.0
no shutdown
standby 9 ip 172.16.9.254
standby 9 priority 100 preempt
exit
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.9.250
ip http server
line con 0
line aux 0
line vty 0 15
password 12345678
login
end
copy running-config statup-config
reload
三、Catalyst 2950-24 vlan2 交换机配置:
Enable
Configure terminal
Service pad
Service password-encryption
Hostname c2950-241
Enable password 123456
Enable secret 654321
Ip subnet-zero
Interface vlan 1
Ip address 172.16.1.1 255.255.255.0
management
No shutdown
Ip default-gateway 172.16.1.9
Ip name-server 172.16.8.1 172.16.8.2
exit
Vlan database
Vtp mode client
Vtp domain centervtp
Exit
Configure terminal
Interface range fastethernet 0/1 – 20
Switchport mode access
Switchport accesss vlan 2
No shutdown
Spanning-tree portfast
Spanning-tree uplinkfast
Spanning-tree backbonefast
Interface gigabitethernet 0/1
Switchport mode trunk
Switchport trunk encapculation dotlq
Switchport trunk allowed vlan all
Spanning-tree cost 10
Interface gigabitethernet 0/2
Switchport mode trunk
Switchport trunk encapculation dotlq
Switchport trunk allowed vlan all
Spanning-tree cost 20
Exit
Line con 0
Line aux 0
Line vty 0 15
Password 12345678
Login
End
Copy running-config statup-config
Reload
四、catalyst 2950-24 vlan 3 交换机配置:
enable
configure terminal
service pad
service password-encryption
hostname c2950-242
enable password 123456
enable secret 654321
ip subnet-zero
interface vlan 1
ip address 172.16.1.2 255.255.255.0
management
no shutdown
ip default-gateway 172.16.1.9
ip name-server 172.16.8.1 172.16.8.2
exit
vlan database
vtp domain centervtp
vtp mode client
exit
configure terminal
interface range fastethernet 0/1 – 20
switchport mode access
switchport access vlan 3
no shutdown
spanning-tree portfast
spanning-tree uplinefast
spanning-tree backbonefast
interface gigabitethernet 0/1
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
spanning-tree cost 10
interface gigabitethernet 0/2
switchport mode trunk
switchport trunk encapsulation dotlq
switchport trunk allowed vlan all
spanning-tree cost 20
exit
line con 0
line aux 0
line vty 0 15
password 12345678
login
end
copy running-config startup-config
reload
文章录入:csh 责任编辑:csh
相关推荐
-
Cisco实战配置三层交换的综合案例
网络基本情况 网络拓扑结构为:中心交换机采用Cisco Catalyst 4006-S3, Supervisor Engine III G引擎位于第1插槽,用于实现三层交换;1块24口 1000Base-T模块位于第2插槽,用于连接网络服务器;1块6端口1000Base-X模块位 于第3插槽,用于连接6台骨干交换机.一台交换机采用Cisco Catalyst 3550- 24-EMI,并安装1块1000Base-X GBIC千兆模块.一台交换机采用Cisco Catalyst 3550-24-S
-
配置三层交换的综合事例
配置三层交换的综合事例 这个配置没有任何问题. 只要你能看明白,记住关键的命令,相信你已经对三层有更深的认识. **************************************************************** 网络基本情况 网络拓扑结构为:中心交换机采用Cisco Catalyst 4006-S3, Supervisor Engine III G引擎位于第1插槽,用于实现三层交换;1块24口 1000Base-T模块位于第2插槽,用于连接网络服务器;1块6端口10
-
Cisco路由器配置信息及口令的清除
Cisco 路由器配置信息及口令的清除 适用范围:所有IOS在10.0及以上版本的Cisco 2000.2500.3000.4000.7000系列路由器. 清除步骤如下: 1.用路由器所带的串口线连接到Console口,以下通过Win95的超级终端进行: 2.路由器加电后60秒内,按下CTRL(如果不行按CTRL-BREAK)键,等待出现"〉"提示符: 3.键入"〉e/s 2000002"命令,并记录下返回值,用在后面"Router(con
-
详解java_ 集合综合案例:斗地主
案例介绍 按照斗地主的规则,完成洗牌发牌的动作. 具体规则: 使用54张牌打乱顺序,三个玩家参与游戏,三人交替摸牌,每人17张牌,最后三张留作底牌. 案例分析 1.准备牌: 牌可以设计为一个ArrayList,每个字符串为一张牌. 每张牌由花色数字两部分组成,我们可以使用花色 集合与数字集合嵌套迭代完成每张牌的组装. 牌由Collections类的shuffle方法进行随机排序. 2.发牌 将每个人以及底牌设计为ArrayList,将最后3张牌直接存放于底牌,剩余牌通过对3取模依次发牌. 3.看
-
Java多线程编程综合案例详解
目录 Java多线程综合案例 数字加减 生产电脑 竞争抢答 Java多线程综合案例 数字加减 设计4个线程对象,两个线程执行减操作,两个线程执行加操作 public class ThreadDemo{ public static void main(String[] args) throws Exception { Resource res=new Resource(); AddThread at=new AddThread(res); SubThread st=new SubThread(re
-
Ajax案例集下载:新增分页查询案例(包括《Ajax开发精要》中的两个综合案例) 下载
在<Ajax开发精要>中,我构建了两个简单的综合范例.一个是支持增.删.改.模糊搜索的简单留言簿,另外一个是模拟MSN Space所提供的日志评论.固定链接.引用通告以及自定义列表管理的功能. 今天新增一个分页查询的案例.同样的,与之前的两个案例类似,分页查询的持久化数据依然来自xml文档,以方便网友的拷贝和部署.构建这个案例的方法与之前两个案例大致相当,都是使用XMLHttpRequest.responseXML获取数据,然后填充到页面的相应位置.构建过程中注意代码复用. <Ajax开
-
Flume环境部署和配置详解及案例大全
一.什么是Flume? flume 作为 cloudera 开发的实时日志收集系统,受到了业界的认可与广泛应用.Flume 初始的发行版本目前被统称为 Flume OG(original generation),属于 cloudera.但随着 FLume 功能的扩展,Flume OG 代码工程臃肿.核心组件设计不合理.核心配置不标准等缺点暴露出来,尤其是在 Flume OG 的最后一个发行版本 0.94.0 中,日志传输不稳定的现象尤为严重,为了解决这些问题,2011 年 10 月 22 号,c
-
在网关中使用Nginx配置HTTP透明代理案例
出于某些需求在网关级架设 HTTP 透明代理,劫持用户 HTTP 请求,转发或直接进行响应. iptables配置 iptables 用于将经过网关的 TCP 80 端口的上行流量转发至网关上的 Nginx 服务. 复制代码 代码如下: sudo iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT \--to-destination 网关IP:端口 Nginx 演示配置 复制代码 代码如下: worker_processe
-
PHP 文件编程综合案例-文件上传的实现
PHP文件上传1.upload.php 复制代码 代码如下: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <title>ddd</title> <meta http-equiv="content-type" content="text/html; charset=UTF
-
Cisco NAT 配置
Inside network: 3.3.3.4 (static to 2.2.2.24 outside) 3.3.3.5 (static to 2.2.2.25 outside) | | | 3.3.3.1 (ethernet 0) Router - the_lorax 2.2.2.1 (serial 0) | | | Outside network: 2.2.2.2 Router Configuration version 11.3 service timestamps debug uptim