作者:林小熊
1如捅、vlan的基本配置:
創(chuàng)建vlan? ? vlan vlan-id[alias vlan-alias]
刪除vlan? ? undo vlan vlan-id
vlan視圖下配置一個或一組端口屬于某個VLAN
? port interface-type{interface-num[to interface-num]}$<1-10>
借口視圖下配置蓋端口屬于某個VLAN? port access vlan-id
2袜腥、trunk的基本配置
指定端口類型:trunk筒饰,access缓溅,hybrid
? ? ? ? ? ? port link-type{trunk/access/hybrid}
取消端口類型的設(shè)置? ?
? ? ? ? ? ? undo port-type{trunk/access/hybrid}
設(shè)置trunk端口可以通過的VLAN
[undo]port trunk permit vlan{{vlan-id[to vlan-id]}$<1-10>|all}
顯示VLAN的信息?
? ? ? ? ? display vlan vlan-id
3惠昔、配置參考
路由器A的配置
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip address 10.1.1.1. 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack1
[RTA-LoopBack1]ip address 1.1.1.1 32
[RTA-LoopBack1]quit
[RTA]ip route-static 2.2.2.2 32 10.1.1.2
路由器B的配置
[RTB]interface Ethernet0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 30
[RTB-Ethernet0/0]quit
[RTB]interface LoopBack1
[RTB-LoopBack1]ip address 2.2.2.2 32
[RTB-LoopBAck1]quit
[RTB]ip route-static 0.0.0.0 10.1.1.1
RIP協(xié)議配置
參考配置:
路由器A的配置:
[RTA]inetrface Ethernet 0/0
[RTA-Etnernet0/0]ip address 10.1.1.1 30
[RTA-Ethernet0/0]rip version2 multicast
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack1]ip address 1.1.1.1.1 32
[RTA-LoopBack1]rip version 2 multicast
[RTA-LoopBack]quit
[RTA]rip
[RTA-rip]network 1.1.1.1
[RTA-rip]network 10.1.1.0
[RTA-rip]undo summary
路由器B的配置
[RTB]interface Ethernet0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 30
[RTB-Ethernet0/0]rip version 2 multicast
[RTB-Ethernet0/0]quit
[RTB]interface LoopBack 0
[RTB-LoopBack1]ip address 2.2.2.2 32
[RTB-LoopBack1]rip version 2multicast
[RTB-LoopBack1]quit
[RTB]interface Ethernet 0/1
[RTB-Serial1/0]ip address 192.2.2.1 30
[RTB-Serial1/0]rip varsion 2 multicast
[RTB-Serial1/0]rip authentication-mode md5 uaual Huawei
[RTB-Serial1/0]quit
[RTB]rip
[RTB-rip]network 192.2.2.0
[RTB-rip]network 2.2.2.2
[RTB-rip]network 10.1.1.0
[RTB-rip]undo summary
路由器C的配置:
[RTC]interface Ethernet 0/1
[RTC-Serial1/0]ip address 192.2.2.2 30
[RTC-Serial1/0]rip version 2 multicast
[RTC-Serial1/0]rip authentication-mode md5 usual Huawei
[RTC-Serial1/0]quit
[RTC]interface LoopBack 0
[RTC-LoopBack1]ip address 3.3.3.3 32
[RTC-LoopBack1]rip version 2 mutilcast
[RTC-LoopBack1]quit
[RTC]rip
[RTC-rip]network 3.3.3.3
[RTC-rip]network 192.2.2.0
[RTC-rip]undo summary
OSPF協(xié)議配置(最短路徑選擇路由協(xié)議)
四臺路由器RTA洒沦,RTB豹绪,RTC以及RTD,RTA與RTB屬于Area1申眼,RTB與RTC屬于Area0瞒津,RTC與RTD屬于Area2.
配置步驟:
1蝉衣、指定Router ID
在system-view視圖下,指定一個RouterID巷蚪,
2买乃、運(yùn)行OSPF
在system-view視圖下,采用默認(rèn)的進(jìn)程1
3钓辆、創(chuàng)建區(qū)域
在OSPF視圖下創(chuàng)建一個骨干區(qū)域Area0
4剪验、通告網(wǎng)絡(luò)
在Area視圖下通告相應(yīng)的網(wǎng)絡(luò)
參考配置1、端口配置 配置RTAsystem-view
[Quidway]sysname RTA
[RTA]interface loopback 0
[RTA-LoopBack0]ip address 1.1.1.1 255.255.255.255
[RTA-LoopBack0]quit
[RTA]interface ethernet 0/0
[RTA-Ethernet0/0]ip address 10.1.1.1 255.255.255.252
[RTA-Ethernet0/0]quit
[RTA]interface serial 2/0
[RTA-Serial2/0]ip address 192.1.1.1 255.255.555.252
[RTA-Serial2/0]quit
配置RTBsystem-view
[Quidway]sysname RTB
[RTB]interface loopback 0
[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255
[RTB-LoopBack0]quit
[RTB]interface Ethernet 0/0
[RTB-Ethernet0/0]ip address 10.1.1.2 255.255.255.252
[RTB-Ethernet0/0]quit
[RTB]interface serial 2/0
[RTB-Serial2/0]ip address 192.2.2.2 255.255.255.252
[RTB-Serial2/0]quit
配置RTCsystem-view
[Quidway]sysname RTC
[RTC]interface loopback 0
[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255
[RTC-LoopBack0]quit
[RTC]interface Ethernet 0/0
[RTC-Ethernet0/0]ip address 10.2.2.2 255.255.255.252
[RTC-Ethernet0/0]quit
[RTC]interface serial 2/0
[RTC-Serial2/0]ip address 192.2.2.1 255.255.255.252
[RTC-Serial2/0]quit
配置RTDsystem-view
[Quidway]sysname RTD
[RTD]interface loopback 0
[RTD-LoopBack0]ip address 4.4.4.4 255.255.255.255
[RTD-LoopBack0]quit
[RTD]interface ethernet0/0
[RTD-Ethernet0/0]ip address 10.2.2.1 255.255.255.252
[RTD-Ethernet0/0]quit
[RTD]interface serial2/0
[RTD-Serial2/0]ip address 192.1.1.2 255.255.255.252
[RTD-Serial2/0]quit
OSPF配置
配置RTA
指定Router ID
[RTA]router id 1.1.1.1
運(yùn)行OSPF
[RTA]opsf
創(chuàng)建區(qū)域0
[RTA-opsf-1]area 0
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTA-ospf-1-area-0.0.0.0]net 10.1.1.0. 0.0.0.3
[RTA-opsf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3
[RTA-opsf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0
配置RTB
指定Router ID
[RTB]router id 2.2.2.2
運(yùn)行opsf
[RTB]opsf
創(chuàng)建區(qū)域0
[RTB-ospf-1]area 0
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTB-opsf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0
配置RTC
指定Router ID
[RTCrouter id 3.3.3.3
運(yùn)行OSPF
[RTC]ospf
創(chuàng)建區(qū)域0
[RTC-ospf-1]area 0
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTC-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
配置RTD
指定Router ID
[RTD]router id 4.4.4.4
運(yùn)行ospf
[RTD]ospf
創(chuàng)建區(qū)域0
[RTD-ospf-1]area 0
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTD-ospf-1-area-0.0.0.0]net 10.2.2.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.0]net 192.1.1.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.0]net 4.4.4.0 0.0.0.0
ospf多區(qū)域試驗(yàn)配置配置參考配置RTAsystem-view
[RTA]int loopback 0
[RTA-LoopBack0]ip add 1.1.1.1 255.255.255.255
[RTA-LoopBAck0]quit
[RTA]int ethernet 0/0
[RTA-Ethernet0/0]ip add 10.1.1.1 255.255.255.252
[RTA-Ethernet0/0]undo shutdown
配置RTB
system-view
[RTB]int loopback 0
[RTB-LoopBack0]ip add 2.2.2.2 255.255.255.252
[RTB]int ethernet 0/0
[RTB-Ethernet0/0]ip add 10.1.1.2 255.255.255.252
[RTB-Ethernet0/0]undo shutdown
[RTB]int serial 2/0
[RTB-Serial2/0]ip add 192.2.2.2 255.255.255.252
配置RTC
system-view
[RTC]int loopback 0
[RTC-LoopBack0]ip add 3.3.3.3 255.255.255.252
[RTC]int ethernet 0/0
[RTC-Ethernet0/0]ip add 10.2.2.2 255.255.255.252
[RTC-Ethernet0/0]undo shutdowm
[RTC]int? serial 2/0
[RTC-Serial2/0]ip add 192.2.2.1 255.255.255.252
[RTC-Serial2/0]undo shutdown
配置RTD
system-view
[RTD]int loopback 0
[RTD-LoopBack0]ip add 10.10.1.4 255.255.255.255
[RTD]int ethernet 0/0
[RTD-Ethernet0/0]ip add 10.2.2.1 255.255.255.252
[RTD-Ethernet0/0]undo shutdown
ospf配置
配置RTA
指定Router ID
[RTA]router id 1.1.1.1
運(yùn)行OSPF
[RTA]ospf
創(chuàng)建區(qū)域1
[RTA-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.1]network 1.1.1.1 0.0.0.0
配置RTB
指定Router ID
[RTB]router id 2.2.2.2
運(yùn)行OSPF
[RTB]ospf
創(chuàng)建區(qū)域0
[RTB-ospf-1]area 0
創(chuàng)建區(qū)域1
[RTB-ospf-1]area 1
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
在區(qū)域1視圖下通告網(wǎng)絡(luò)
[RTB-ospf-1-area-0.0.0.1]network 10.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.1]network 2.2.2.2 0.0.0.0
配置RTC
指定Router ID
[RTC]router id 3.3.3.3
運(yùn)行ospf
[RTC]ospf
創(chuàng)建區(qū)域0
[RTC-ospf-1]area 0
創(chuàng)建區(qū)域2
[RTC-ospf-1]area 2
在區(qū)域0視圖下通告網(wǎng)絡(luò)
[RTC-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
在區(qū)域2視圖下通告網(wǎng)絡(luò)
[RTC-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3
[RTC-ospf-1-area-0.0.0.2]network 3.3.3.3 0.0.0.0
配置RTD
指定Router ID
[RTD]router id 10.10.1.4
運(yùn)行ospf
[RTD]ospf
創(chuàng)建區(qū)域2
[RTD-ospf-1]area 2
在區(qū)域2視圖下通告網(wǎng)絡(luò)
[RTD-ospf-1-area-0.0.0.2]network 10.2.2.0 0.0.0.3
[RTD-ospf-1-area-0.0.0.2]network 4.4.4.4 0.0.0.0
acl基本配置配置參考1.RTA的配置配置接口system-view
[Quidway]sysname RTA
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip add 30.1.1.1 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip address 1.1.1.1 32
[RTA-loopBack0]quit
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
2前联、RTB的配置配置接口sysname-view
[Quidway]sysname RTB
[RTB]interface Rthernet 0/0
[RTB-Ethernet0/0]ip add 30.1.1.2 30
[RTB-Ethernet0/0]quit
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]ip add 20.1.1.1 30
[RTB-Ethernet0/1]quit
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3
創(chuàng)建ACL并配置規(guī)則
[RTB]acl number 2000 match-order auto
[RTB-acl-basic-2000]rule permit source 10.1.1.0 0.0.0.255
[RTB-acl-basic-2000]rule permit source 20.1.1.0 0.0.0.3
[RTB-acl-basic-2000]rule permit deny source any
啟用防火墻
[RTB]firewall enable
在接口上應(yīng)用防火墻
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]firewall packet-fillter 2000 inbound
2功戚、交換機(jī)的配置system-view
[Quidway]vlan 2
[Quidway-vlan2]port Ethernet 0/5 to Ethernet 0/8
[Quidway-vlan2]vlan 3
[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12
[Quidway-vlan3]vlan 4
[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16
[Quidway]interface vlan 1
[Quidway-Vlan-interface1]ip address 20.1.1.2 25.255.255.0
[Quidway-Vlan-interface1]quit
[Quidway]interface vlan 2
[Quidway-Vlan-interface2]ip address 10.1.1.2 255.255.255.0
[Quidway-Vlan-interface2]quit
[Quidway]interface Vlan-interface 3
[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0
[Quidway-Vlan-interface3]quit
[Quidway]interface Vlan-interface 4
[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0
[Quidway-Vlan-interface4]quit
配置高級ACL業(yè)務(wù)配置配置步驟1、配置組網(wǎng)圖中相關(guān)接口2似嗤、設(shè)備之間啟用ospf,使用個網(wǎng)段可以互通3啸臀、啟用acl,并進(jìn)行規(guī)則配置4烁落、在相應(yīng)接口應(yīng)用acl配置參考1乘粒、RTA的配置 配置接口system-view
[Quidway]sysname RTA
[RTA]interface Ethernet 0/0
[RTA-Ethernet0/0]ip address 30.1.1.1 30
[RTA-Ethernet0/0]quit
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip address 1.1.1.1 32
[RTA-LoopBack0]quit
[RTA]ospf
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTA-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[RTA]ftp server enable
[RTA]local-user huawei password simple huawei
[RTA]local-user huawei service-type ftp
2、RTB的配置配置接口system-view
[Quidway]sysname RTB
[RTB]int Ethernet 0/0
[RTB-Ethernet0/0]ip address 30.1.1.1 30
[RTB-Ethernet0/0]quit
[RTB]interface Ethernet 0/1
[RTB-Ethernet0/1]ip address 20.1.1.1 30
[RTB-Ethernet0/1]quit
[RTB]ospf
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.3
創(chuàng)建ACL并配置規(guī)則
[RTB]acl number 3000
[RTB-acl-adv-3000]rule permit ospf
[RTB-acl-adv-3000]rule permit tcp source 10.1.1.0 .0.0.0.255
destination 1.1.1.0 destination-port eq ftp
[RTB-acl-adv-3000]rule deny tcp source any destination any
啟用防火墻
[RTB]firewall enable
在接口上應(yīng)用防火墻
[RTB]interface Ethernet 0/1
[RTB Ethernet 0/1]firewall packet-filter 3000 inbound
3伤塌、配置交換機(jī)
[Quidway]system-view
[Quiday]vlan 2
[Quidway-valn2]port Ethernet 0/5 to Ethernet 0/8
[Quidway-vlan2]vlan3
[Quidway-vlan3]port Ethernet 0/9 to Ethernet 0/12
[Quidway-valn3]vlan4
[Quidway-vlan4]port Ethernet 0/13 to Ethernet 0/16
[Quidway]interface vlan1
[Quidway-Vlan-interface1]ip address 20.1.1.2 255.255.255.0
[Quidway-Vlan-interface1]quit
[Quidway]interface vlan2
[Quidway-Vlan-interface2]ip address 10.1.1.1 255.255.255.0
[Quidway-Vlan-interface2]quit
[Quidway]interface Vlan-interface 3
[Quidway-Vlan-interface3]ip address 10.1.2.1 255.255.255.0
[Quidway-Vlan-interface3]quit
[Quidway]interface Vlan-interface 4
[Quidway-Vlan-interface4]ip address 10.1.4.1 255.255.255.0
[Quidway-Vlan-interface4]quit
地址轉(zhuǎn)換配置
1灯萍、基本配置
配置RTA NAT出口路由器
配置內(nèi)網(wǎng)網(wǎng)關(guān)
[RTA-Ethernet0/1]ip address 192.168.1.1 255.255.255.0
配置出接口地址
[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0
配置公網(wǎng)IGP路由
[RTA]interface LoopBack 0
[RTA-LoopBack0]ip addr 1.1.1.1 255.255.255.255
[RTA]router id 1.1.1.1
[RTA]ospf
[RTA-ospf-1]area 0
[RTA-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
配置RTB公網(wǎng)路由器
配置接口地址
[RTB-Ethernet0/0]ip addr 10.1.1.2 255.255.255.0
[RTB-Ethernet12/0]ip address 192.2.2.2 255.255.255.252
[RTB-LoopBack0]ip address 2.2.2.2 255.255.255.255
配置IGP路由
[RTB]router id 2.2.2.2
[RTB]ospf
[RTB-ospf-1]area 0
[RTB-ospf-1-area-0.0.0.0]net 192.2.2.0 0.0.0.3
[RTB-ospf-1-area-0.0.0.0]net 10.1.1.0 0.0.0.255
配置RTC公網(wǎng)路由器
配置接口地址
[RTC-Serial3/0]ip addr 192.2.2.1 255.255.255.252
[RTC-LoopBack0]ip address 3.3.3.3 255.255.255.255
配置IGP路由
[RTC]router id 3.3.3.3
[RTC]ospf
[RTC-ospf-1]area 0
[RTC-ospf-area-0.0.0.0]net 192.2.2.0 0.0.0.3
配置RTD內(nèi)網(wǎng)FTP服務(wù)器RTD
使能FTP SERVER
[RTD]ftp server enable
配置FTP用戶
[RTD]local-user huawei password simple Huawei
[RTD]local-user huawei server-type ftp
[RTD]local-user huawei ftp-directory flash:/
配置接口與路由
[RTD-Ethernet0/0]ip addr 192.168.1.2 255.255.255.0
[RTD]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
NAT配置
配置EASY IP方式的NAT
配置ACL
[RTA]acl number 2001
[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255
[RTA-acl-basic-2001]rule deny
配置出接口NAT轉(zhuǎn)換
[RTA-Ethernet0/0]nat outbound 2001
配置IP POOL方式的NAT
配置ACL
[RTA]acl number 2001
[RTA-acl-basic-2001]rule permit source 192.168.1.0 0.0.0.255
[RTA-acl-basic-2001]rule deny
配置NAT轉(zhuǎn)換的地址池
[RTA]nat address-group 1 10.1.1.3 10.1.1.10
配置出接口NAT轉(zhuǎn)換
[RTA-Ethernet0/0]ip addr 10.1.1.1 255.255.255.0
[RTA-Ethernet0/0]nat outbound 2001 address-group 1
DHCP配置配置參考端口配置:
system-view
[RTA]int ethernet 0/0
[RTA-Ethernet0/0]ip addr 192.168.1.1 255.255.255.
DHCP配置
啟動DHCP服務(wù)
[Quidway]dhcp enable
配置不參與自動分配的IP地址(出口網(wǎng)關(guān)地址)
[Quidway]dhcp server forbidden-ip 192.168.1.2 255.255.255.0
配置DHCP地址池1的共有屬性
[Quidway]interface vlan 1
[Quidway-Vlan-interface1]
[Quidway-Vlan-interface1]ip address 192.168.1.2 255.255.255.0
[Quidway]dhcp server ip-pool 1
[Quidway-dhcp-pool-1]network 192.168.1.0 mask 255.255.255.0
[Quidway-dhcp-pool-1]gateway-list 192.168.1.1
[Quidway-dhcp-pool-1]dns-list 202.106.196.152 202.106.196.115
[Quidway-dhcp-pool-1]domain-name huawei.com
[Quidway]quitsave
? ? ? ? ? ? ? VLAN配置示例
S1(S2(PC1,PC3),S3(PC2,PC4),S4(PC5,PC6))
PC1和PC2,PC3每聪、PC4旦棉、PC5,PC6單獨(dú)药薯。為了阻斷不同區(qū)域之間的二層通信绑洛,劃分了3個VLAN,分別為VLAN10童本、VLAN20真屯、VLAN30。
配置步驟:
在交換機(jī)上創(chuàng)建VLAN穷娱。
配置交換機(jī)上連接PC的端口Access模式绑蔫,并加入相應(yīng)的VLAN。
配置交換機(jī)之間互聯(lián)的端口為Trunk模式鄙煤,并加入VLAN晾匠。
VLAN10 具體配置:
要在交換機(jī)上配置VLAN,進(jìn)入系統(tǒng)視圖:
配置S2:
sysname-view
[S2]vlan 10
[S2-vlan10]quit
配置S3:
system-view
[S3]vlan 10
[S3-vlan10]quit
t配置S1:
system-view
[S1]vlan 10
[S1-vlan10]quit
配置S2:
[S2]interface gigabitethernet 1/0/1
[S2-Gigabitethernet1/0/1]port link-type access
[S2-Gigabitethernet1/0/1]port default vlan 10
[S2-Gigabitethernet1/0/1]quit
[S2]interface gigabitethernet1/0/2
[S2-Gigabitethernet1/0/2]port link-type trunk
[S2-Gigabitethernet1/0/2]port thrunk allow-pass vlan 10
[S2-Gigabitethernet1/0/2]quit
配置S3
[S3]interface gigabitethernet 1/0/1
[S3-Gigabitethernet1/0/1]port link-type access
[S3-Gigabitethernet1/0/1]port default vlan10
[S3-Gigabitethernet1/0/1]quit
[S3]interface gigabitethernet 1/0/2
[S3-Gigabitethernet1/0/2]port link-type trunk
[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan 10
[S3-Gigabitethernet1/0/2]quit
配置S1:
[S1]interface gigabitethernet 1/0/1
[S1-Gigabitethernet1/0/1]port link-type trunk
[S1-Gigabitethernet1/0/1]port trunk allow-pass vlan 10
[S1-Gigabitethernet1/0/1]quit
[S1]interface gigabitethernet 1/0/2
[S1-Gigabitethernet1/0/2]port link-type trunk
[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan 10
[S1-Gigabitethernet1/0/2]quit
為了對配置好的VLAN進(jìn)行display port vlan 命令來查看交換機(jī)當(dāng)前各端口的類型及加入的VLAN
GVRP配置示例
1梯刚、在每臺交換機(jī)的全局及端口使能功能
2、配置交換機(jī)的二層連通性薪寓,即將交換機(jī)的某些端口配置Trunk端口并配置允許相應(yīng)的vlan幀通過亡资。
3澜共、在交換機(jī)S1和S4上配置靜態(tài)vlan1000
配置步驟
在交換機(jī)的系統(tǒng)視圖下執(zhí)行命令gvrp來使能GVRP功能。
配置S1锥腻,在S1上全局使能GVRP功能嗦董。system-view
[Quidway]sysname S1
[S1]gvrp
配置S2,在S2上全局使能GVRP功能system-view
[Quidway]sysname S2
[S2]gvrp
配置S3瘦黑,在S3上全局使能GVRP功能system-view
[Quidway]sysname S3
[S3]gvrp
配置S4京革,在S4上全局使能GVRP功能system-view
[Quidway]sysname S4
[S4]gvrp
配置相關(guān)的端口為Trunk端口,并允許相應(yīng)的VLAN通過幸斥,GVRP功能只能配置在Trunk類型的端口上
配置S1的端口:
[S1]interface gigabitethernet 1/0/1
[S1-Gigabitethernet1/0/1]port link-type access
[S1-Gigabitethernet1/0/1]port default vlan 1000
[S1-Gigabitethernet1/0/1]quit
[S1]interface gigabitethernet1/0/2
[S1-Gigabitethernet1/0/2]gvrp
[S1-Gigabitethernet1/0/2]port link-type trunk
[S1-Gigabitethernet1/0/2]port trunk allow-pass vlan
[S1-Gigabitethernet1/0/2]quit
配置S2的端口
[S2]interface gigabitethernet 1/0/1
[S2-Gigabitethernet1/0/1]gvrp
[S2-Gigabitethernet1/0/1]port link-type trunk
[S2-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S2-Gigabitethernet1/0/1]quit
[S2]interface gigabitethernet 1/0/2
[S2-Gigabitethernet1/0/2]gvrp
[S2-Gigabitethernet1/0/2]port link-type trunk
[S2-Gigabitethernet1/0/2]port trunk allow-pass vlan all
[S2-Gigabitethernet1/0/2]quit
配置S3的端口
[S3]interface gigabitethernet 1/0/1
[S3-Gigabitethernet1/0/1]gvrp
[S3-Gigabitethernet1/0/1]port link-type trunk
[S3-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S3-Gigabitethernet1/0/1]quit
[S3]interface gigabitethernet 1/0/2
[S3-Gigabitethernet1/0/2]port link-type trunk?
[S3-Gigabitethernet1/0/2]port trunk allow-pass vlan all
[S3-Gigabitethernet1/0/2]quit
配置S4的端口
[S4]interface gigabitethernet 1/0/1
[S4-Gigabitethernet1/0/1]gvrp
[S4-Gigabitethernet1/0/1]port link-type trunk
[S4-Gigabitethernet1/0/1]port trunk allow-pass vlan all
[S4-Gigabitethernet1/0/1]quit
[S4]interface gigabitethernet1/0/2
[S4-Gigabitethernet1/0/2]gvrp
[S4-Gigabitethernet1/0/2]port link-type access
[S4-Gigabitethernet1/0/2]port default vlan 1000
[S4-Gigabitethernet1/0/2]quit
路由協(xié)議:
默認(rèn)路由的配置:
R3----->R1(------>S1(PC1,PC2))----->R2---->S2(PC3,PC4))
配置思路:
在路由器R1上配置一條靜態(tài)路由匹摇,目的地掩碼為2.0.0.0/8,下一跳地址為R2的GE1/0/1接口的IP地址12.0.0.2
出接口為R1的GE1/0/1接口甲葬。另外廊勃,在R1上配置一條默認(rèn)路由,該默認(rèn)路由的下一跳IP地址為R3的GE2/0/0接口的IP地址
23.0.0.1
在路由器R2上配置一條靜態(tài)路由经窖,目的掩碼為1.0.0.0/8,下一跳IP地址為R1的GE1/0/1接口的IP地址12.0.0.1坡垫,出口為R2的GE1/0/1接口。另外画侣,在R2上配置一條默認(rèn)路由冰悠,該默認(rèn)路由的下一跳IP地址為R1的GE1/0/1接口的IP地址12.0.0.1
出接口為R2的GE1/0/1接口
在R3上配置分配一條去往1.0.0.0/8和2.0.0.0/8的靜態(tài)路由,下一跳IP地址均為R1的GE2/0/0接口的IP地址23.0.0.2配乱,出街口均為R3的GE2/0/0接口
配置步驟R1system-view
[R1]ip route-static 2.0.0.8 12.0.0.2 gigabitethernet 1/0/1
[R1]ip route-static 0.0.0.0 23.0.0.1 gigabitethernet 2/0/0
配置R2system-view
[R2]ip route-static 1.0.0.0 8 12.0.0.1 gigabitethernet 1/0/1
[R2]ip route-static 0.0.0.0 0 12.0.0.1 gigabitethernet 1/0/1
配置R3system-view
[R3]ip route-static 1.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0
[R3]ip route-static 2.0.0.0 8 23.0.0.2 gigabitethernet 2/0/0
RIP協(xié)議(路由信息協(xié)議):R2(R1屿脐,R3)
路由協(xié)議兩大類:一類IGP(內(nèi)部網(wǎng)關(guān)協(xié)議),一類EGP(外部網(wǎng)關(guān)協(xié)議)
配置思路
在個路由器上啟動RIP進(jìn)程宪卿,在RIP進(jìn)程中發(fā)布網(wǎng)段信息
配置步驟
要在路由器上配置RIP的诵,必須進(jìn)入系統(tǒng)視圖,然后執(zhí)行命令rip[process-id]
以啟動RIP進(jìn)程佑钾,并進(jìn)入RIP視圖西疤。
配置R1:system-view
[R1]rip
[R1-rip-1]
配置R2:system-view
[R2]rip
[R2-rip-1]
配置R3:system-view
[R3]rip
[R3rip-1]
啟動RIP進(jìn)程之后,還需要通過network network-address 命令發(fā)布指定的網(wǎng)段休溶,
其中network-address必須是一個自然網(wǎng)段地址
配置R1
[R1-rip-1]network 12.0.0.0
[R1-rip-1]network 172.16.0.0
配置R2:
[R2-rip-1]network 12.0.0.0
[R2-rip-1]network 23.0.0.0
[R2-rip-1]network 2.0.0.0
配置R3:
[R3-rip-1]network 23.0.0.0
[R3-rip-1]network 192.168.0.0
[R3-rip-1]network 192.168.1.0
[R3-rip-1]network 192.168.2.0
[R3-rip-1]network 192.168.3.0
VLANIF 接口配置示例S1(S2(PC1,PC2),S3(PC3,PC4))啟用S1的三層交換功能代赁,并通過在三層交換機(jī)S1上配置VLANIF接口,實(shí)現(xiàn)不同VLAN間用戶的三層通信兽掰。1芭碍、配置思路在交換機(jī)上S1創(chuàng)建VLAN(S2和S3無需創(chuàng)建VLAN)。配置交換機(jī)S1的端口在交換機(jī)S1上創(chuàng)建VLANIF接口并配置IP地址孽尽,實(shí)現(xiàn)不同VLAN之間的三層互通2窖壕、配置步驟s1上創(chuàng)建VLAN10和VLAN20
system-view
[S1]vlan batch 10 20
S1上進(jìn)行端口配置
[S1]interface gigabitethernet 0/0/1
[S1-Gigabitethernet0/0/1]port link-type access
[S1-Gigabitethernet0/0/1]port default vlan 10
[S1-Gigabitethernet0/0/1]quit
[S1]interface gigabitethernet 0/0/2
[S1-Gigabitethernet0/0/2]port link-type access
[S1-Gigabitethernet0/0/2]port default vlan 20
[S1-Gigabitethernet0/0/2]quit
S1上配置VLANIF接口
[S1]interface vlanif 10
[S1-Vlanif10]ip address 192.168.100.1 24
[S1-Vlanif10]quit
[S1]interface vlanif 20
[S1-Vlanif20]ip address 192.168.200.1 24
[S1-Vlanif20]quit
