云计算网络vlan拓扑笔记

wb189

已于 2024-11-09 22:03:45 修改

阅读量920

点赞数 11

文章标签：云计算网络笔记

于 2024-11-06 09:27:37 首次发布

本文链接：https://blog.youkuaiyun.com/wb189/article/details/143515417

版权

配置vlan和IP【VLAN 2---- ->10.0.2.0/24。VLAN 3--->10.0.3.0/24。VLAN 20---->10.0.20.0/24。VLAN 30---->10.0.30.0/24】

vlan【sw3vlan配置】

[sw3]vlan batch 2 3 20 30

0/0/1]port link-type access

0/0/1]port default vlan 2

0/0/2]port link-type access

0/0/2]port default vlan 3

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 3 20 30

0/0/4]po li t

0/0/4]po t all v 2 3 20 30

【sw4vlan配置】

[sw4]vlan batch 2 3 20 30

0/0/1]port link-type access

0/0/1]port default vlan 20

0/0/2]port link-type access

0/0/2]port default vlan 30

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 3 20 30

0/0/4]po li t

0/0/4]po t all v 2 3 20 30

【sw1和sw2链路聚合】

[sw1]vlan batch 2 3 20 30

[sw1]interface Eth-Trunk 0

[sw1-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2

[sw1-Eth-Trunk0]port link-type trunk

[sw1-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 3 20 30

0/0/4]port link-type trunk

0/0/4]port trunk allow-pass vlan 2 3 20 30

dis vlan

[sw2]vlan batch 2 3 20 30

[sw2]interface Eth-Trunk 0

[sw2-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2

[sw2-Eth-Trunk0]port link-type trunk

[sw2-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 3 20 30

0/0/4]port link-type trunk

0/0/4]port trunk allow-pass vlan 2 3 20 30

SW1为VLAN 2/3的主根及主网关，SW2为v1an 20/30的主根及主网关，sw1和sw2互相备份

生成树协议配置【sw3】

[sw3]stp enable

[sw3]stp mode mstp

[sw3]stp region-configuration —进入MSTP域配置视图

[sw3-mst-region]region-name aa 修改域名【默认域名为本地MAC地址】

[sw3-mst-region]revision-level 100

[sw3-mst-region]instance 1 vlan 2 3

[sw3-mst-region]instance 2 vlan 20 30

[sw3-mst-region]active region-configuration 【激活域，无激活则无效】

【sw4】

[sw4]stp en

[sw4]stp m m

[sw4]stp re 【可以将 ] 后面的代码全部复制粘贴快速配置】

[sw4-mst-region]region-name aa

[sw4-mst-region]revision-level 100

[sw4-mst-region]instance 1 vlan 2 3

[sw4-mst-region]instance 2 vlan 20 30

[sw4-mst-region]active region-configuration

【sw1和sw2也是一样的配置】

[sw1]stp instance 1 root primary 做实例1主根

[sw1]stp instance 2 root secondary 备份根

[sw2]stp instance 2 root primary

[sw2]stp instance 1 root secondary

[sw3-GigabitEthernet0/0/1]stp edged-port enable【开启边缘端口功能，可不开】

配置三层交换机要有VRRP，vlanif三层接口【sw1】

[sw1]int Vlanif 2

[sw1-Vlanif2]ip ad 10.0.2.1 24

[sw1-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.254

[sw1-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.100

[sw1-Vlanif2]vrrp vrid 1 priority 120

[sw1-Vlanif2]vrrp vrid 1 preempt-mode timer delay 20

[sw1-Vlanif2]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

[sw1]int Vlanif 3

[sw1-Vlanif3]ip ad 10.0.3.1 24

[sw1-Vlanif3]vrrp vrid 1 virtual-ip 10.0.3.254

[sw1-Vlanif3]vrrp vrid 1 priority 120

[sw1-Vlanif3]vrrp vrid 1 preempt-mode timer delay 20

[sw1-Vlanif3]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

备份网关20和30

[sw1]int Vlanif 20

[sw1-Vlanif20]ip ad 10.0.20.1 24

[sw1-Vlanif20]vrrp vrid 1 virtual-ip 10.0.20.254

[sw1]int Vlanif 30

[sw1-Vlanif30]ip ad 10.0.30.1 24

[sw1-Vlanif30]vrrp vrid 1 virtual-ip 10.0.30.254

dis cu

[sw2]interface Vlanif 2

[sw2-Vlanif2]ip ad 10.0.2.2 24

[sw2-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.254

[sw2]interface Vlanif 3

[sw2-Vlanif3]ip ad 10.0.3.2 24

[sw2-Vlanif3]vrrp vrid 1 virtual-ip 10.0.3.254

[sw2]int v 20

[sw2-Vlanif20]ip ad 10.0.20.2 24

[sw2-Vlanif20]vrrp vrid 1 virtual-ip 10.0.20.254

[sw2-Vlanif20]vrrp vrid 1 priority 120

[sw2-Vlanif20]vrrp vrid 1 preempt-mode timer delay 20

[sw2-Vlanif20]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

[sw2]int v 30

[sw2-Vlanif30]ip ad 10.0.30.2 24

[sw2-Vlanif30]vrrp vrid 1 virtual-ip 10.0.30.254

[sw2-Vlanif30]vrrp vrid 1 priority 120

[sw2-Vlanif30]vrrp vrid 1 preempt-mode timer delay 20

[sw2-Vlanif30]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30

dis vrrp brief

交换机DHCP配置

[sw1]dhcp enable

[sw1]ip pool vlan2

[sw1-ip-pool-vlan2]network 10.0.2.0 mask 25

[sw1-ip-pool-vlan2]gateway-list 10.0.2.100

[sw1-ip-pool-vlan2]dns-list 8.8.8.8

[sw2]dhcp enable

[sw2]ip pool vlan2

[sw2-ip-pool-vlan2]network 10.0.2.128 mask 25

[sw2-ip-pool-vlan2]gateway-list 10.0.2.254

[sw2-ip-pool-vlan2]dns-list 8.8.8.8

[sw2]int v 2

[sw2-Vlanif2]dhcp select global

互联网vlan配置

[sw1]vlan 11

[sw1-vlan11]q

[sw1]int g 0/0/5

0/0/5]port link-type access

0/0/5]port default vlan 11

[sw1]int v 11

[sw1-Vlanif11]ip ad 10.0.11.1 30

[sw2]vlan 12

[sw2-vlan12]q

[sw2]int g 0/0/5

0/0/5]port link-type access

0/0/5]port default vlan 12

[sw2]int v 12

[sw2-Vlanif12]ip ad 10.0.11.5 30

[r1]int g 0/0/1

0/0/1]ip ad 10.0.11.2 30

0/0/1]int g 0/0/2

0/0/2]ip ad 10.0.11.6 30

[sw1]ospf 1

[sw1-ospf-1]area 0

0.0.0.0]network 10.0.2.1 0.0.0.0

0.0.0.0]network 10.0.3.1 0.0.0.0

0.0.0.0]network 10.0.11.1 0.0.0.0

0.0.0.0]network 10.0.20.1 0.0.0.0

0.0.0.0]network 10.0.30.1 0.0.0.0

[sw2]ospf 1

[sw2-ospf-1]area 0

0.0.0.0]network 10.0.2.2 0.0.0.0

0.0.0.0]network 10.0.3.2 0.0.0.0

0.0.0.0]network 10.0.11.5 0.0.0.0

0.0.0.0]network 10.0.20.2 0.0.0.0

0.0.0.0]network 10.0.30.2 0.0.0.0

[r1]ospf 1

[r1-ospf-1]area 0

0.0.0.0]network 10.0.11.2 0.0.0.0

0.0.0.0]network 10.0.11.6 0.0.0.0

dis ospf p b

[sw1-ospf-1]silent-interface Vlanif 2

[sw1-ospf-1]silent-interface Vlanif 3

[sw1-ospf-1]silent-interface Vlanif 20

[sw1-ospf-1]silent-interface Vlanif 30

[sw2]ospf 1

[sw2-ospf-1]silent-interface Vlanif 2

[sw2-ospf-1]silent-interface Vlanif 3

[sw2-ospf-1]silent-interface Vlanif 20

[sw2-ospf-1]silent-interface Vlanif 30

[sw1]vlan 13

[sw1]int e 0

[sw1-Eth-Trunk0]port trunk allow-pass vlan 13

[sw2]vlan 13

[sw2]int e 0

[sw2-Eth-Trunk0]port trunk allow-pass vlan 13

[sw1]和[sw2]

int v 13

[sw1-Vlanif13]ip ad 10.0.13.1 30

[sw2-Vlanif13]ip ad 10.0.13.2 30

[sw1]0.0.0.0]network 10.0.13.1 0.0.0.0

[sw2]0.0.0.0]network 10.0.13.2 0.0.0.0

路由器之间使用静态协议配置

外网配置

[r1]int g 0/0/0

[r1-GigabitEthernet0/0/0]ip ad 202.1.1.1 30

[isp]int g 0/0/0

[isp-GigabitEthernet0/0/0]ip ad 202.1.1.2 30

[isp]interface LoopBack 0 【环回接口】

[isp-LoopBack0]ip ad 100.100.100.100 32

[isp]ip route-static 0.0.0.0 0 202 1 1 2 【缺省路由】

[r1]ospf 1

[r1-ospf-1]default-route-advertise

[sw1]dis ip ro p o

AR1配置为企业出口路由器

因为是公网，不能有私有路由，要用ACL

[r1]acl 2000

[r1-acl-basic-2000]ru p s 10.0.0.0 0.0.255.255

0/0/0]nat o 2000

创建sub-vlan，并将相关接口划入VLAN中

配置super-vlan

[sw1]int e 0

[sw1-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2

[sw1]vlan b 2 3 20 30 301 302

[sw1]vlan 100

[sw1-vlan100]aggregate-vlan 【超级vlan，将vlan 100设定为spuer-vlan】

[sw1-vlan100]access-vlan 2 3 301 ---将sub-vlan加入到super-vlan中

[sw1]vlan 200

[sw1-vlan200]aggregate-vlan

[sw1-vlan200]access-vlan 20 30 302

[sw1]interface Eth-Trunk 0

[sw1-Eth-Trunk0]port link-type trunk

[sw1-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30 301 302

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

0/0/4]port link-type trunk

0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

[sw2]int e 0

[sw2-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2

[sw2]vlan b 2 3 20 30 301 302

[sw2]vlan 100

[sw2-vlan100]aggregate-vlan

[sw2-vlan100]access-vlan 2 3 301

[sw2]vlan 200

[sw2-vlan200]aggregate-vlan

[sw2-vlan200]access-vlan 20 30 302

[sw2]interface Eth-Trunk 0

[sw2-Eth-Trunk0]po li t

[sw2-Eth-Trunk0]po t all v 2 3 20 30 301 302

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

0/0/4]port link-type trunk

0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

[sw3]和[sw4]

vlan b 2 3 20 30 301 302

vlan 100

aggregate-vlan

access-vlan 2 3 301

vlan 200

aggregate-vlan

access-vlan 20 30 302

[sw3]0/0/1]po li a [sw4]0/0/1]po li a

0/0/1]po de v 2 0/0/1]po de v 20

0/0/2]po li a 0/0/2]po li a

0/0/2]po de v 3 0/0/2]po de v 30

0/0/3]port link-type trunk

0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

0/0/4]port link-type trunk

0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

[sw1—4]

stp region-configuration

region-name aa

revision-level 100

instance 1 vlan 2 3 301

instance 2 vlan 20 30 302

active region-configuration

[sw1]stp instance 1 root primary 做实例1主根

[sw1]stp instance 2 root secondary 备份根

[sw2]stp instance 2 root primary

[sw2]stp instance 1 root secondary

[sw1]interface Vlanif 100

[sw1-Vlanif100]ip ad 10.0.100.1 24

[sw1-Vlanif100]vrrp vrid 1 virtual-ip 10.0.100.254

[sw1-Vlanif100]vrrp vrid 1 priority 120

[sw1]interface Vlanif 200

[sw1-Vlanif200]ip ad 10.0.200.1 24

[sw1-Vlanif200]vrrp vrid 1 virtual-ip 10.0.200.254

[sw1-Vlanif200]vrrp vrid 1 priority 120

[sw2]interface Vlanif 100

[sw2-Vlanif100]ip ad 10.0.100.2 24

[sw2-Vlanif100]vrrp vrid 1 virtual-ip 10.0.100.254

[sw2-Vlanif100]vrrp vrid 1 priority 120

[sw2]interface Vlanif 200

[sw2-Vlanif200]ip ad 10.0.200.2 24

[sw2-Vlanif200]vrrp vrid 1 virtual-ip 10.0.200.254

[sw2-Vlanif200]vrrp vrid 1 priority 120

[sw1]和[sw2]实现super-vlan之间的PC通信

int v 100

vrrp advertise send-mode 301

arp-proxy inter-sub-vlan-proxy enable

int v 200

vrrp advertise send-mode 302

arp-proxy inter-sub-vlan-proxy enable