《2022年某大型网络的配置实例 .pdf》由会员分享,可在线阅读,更多相关《2022年某大型网络的配置实例 .pdf(27页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、某大型网络的配置实例(Cisco Catalyst 6506/3500/2900)说明这是一个比较综合的实例, 从拓扑图上可以看出, 它所包含的设备和技术。 以下对这个例子作些说明。1.对于内部局域网,选用Cisco的 Catalyst 6506作为中心交换机,二级交换采用Catalyst 3500 ,同时为了说明Trunk ,又加了一个Catalyst 2900 作为三级交换,对于终端连接用了Catalyst 1900交换机,这样就可以在Catalyst 6506与Catalyst 3500之间以及 Catalyst 3500与 Catalyst 2900 之间建立 Trunk ,实现跨交换
2、机的VLAN 。注: Catalyst 2900系列如果要实现Trunk ,软件必须是企业版的,关于类似疑问可以至疑难杂谈栏目。2.对于外连上 ,主要是专线连接和拨号访问,当然种类比较多.包括了DDN 、ISDN 、Frame Relay、 E1 线路等。3.本例给出设备的基本配置。4.对于多设备的连接问题,值得注意的是路由问题,本实例外连部分采用静态路由而内部局域网采用动态路由. 5.在本例的帧中继配置中,运用了IP Unnumbered ,可以节省地址资源,有兴趣可以注意一下网络拓展图名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - -
3、- - 名师精心整理 - - - - - - - 第 1 页,共 27 页 - - - - - - - - - VLAN 划分问题对于交换设备本例中划到VLAN 1 中,而对于外连设备的所有以太网端口,均划到VLAN 2 中,下面给出各 VLAN 的名称和网关地址 ,本例划分 8 个 VLAN. VLAN ID VLAN Name Gateway VLAN 1 Bluestudy 1 10.1.0.1/16 VLAN 2 Bluestudy 2 10.2.0.1/16 VLAN 3 Bluestudy 3 10.3.0.1/16 VLAN 4 Bluestudy 4 10.4.0.1/16 V
4、LAN 5 Bluestudy 5 10.5.0.1/16 VLAN 6 Bluestudy 6 10.6.0.1/16 VLAN 7 Bluestudy 7 10.7.0.1/16 VLAN 8 Bluestudy 8 10.8.0.1/16 Catalyst 6506 的配置名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 2 页,共 27 页 - - - - - - - - - Enter password: enable Enter password: config t set
5、 system name Bluestudy set time 10/30/2000 9:30:00 set password set enablepass set interface sc0 10.1.0.2/16 set ip route default 10.1.0.1 set ip dns server 10.1.0.100 set ip dns domain set ip dns enable set vtp domain bluestudy mode server set vlan 1 name Bluestudy 1 set vlan 2 name Bluestudy 2 set
6、 vlan 3 name Bluestudy 3 set vlan 4 name Bluestudy 4 set vlan 5 name Bluestudy 5 set vlan 6 name Bluestudy 6 set vlan 7 name Bluestudy 7 set vlan 8 name Bluestudy 8 set port negotiation 2/1-8 enable set port name 2/1-8 GEC 802.1Q Trunk set trunk 2/1-8 desirable dot1q set port speed 2/1-8 1000 set vl
7、an 1 3/1-48 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 3 页,共 27 页 - - - - - - - - - 对于 6506 的交换机方面的配置只需做出Trunk即可,因为要实现跨交换机之间的虚网 ,下面配置 6506 的路由模块 ,因为 6506 的路由模块现在与管理引擎模块集成在了一起 ,所以,默认命令是 :Session 15 ,详情请见6506 路由设置 . Catalyst 6506RSM模块的配置(enable) session 15 Trying R
8、outer-15. Connected to Router-15. Escape character is . enable configure terminal hostname bluestudy enable password password line vty 0 6 password secret_word ip domain-name ip name-server 10.1.0.100 interface vlan 1 ip address 10.1.0.1 255.255.0.0 no shutdown interface vlan 2 ip address 10.2.0.1 2
9、55.255.0.0 no shutdown interface vlan 3 ip address 10.3.0.1 255.255.0.0 no shutdown interface vlan 4 ip address 10.4.0.1 255.255.0.0 no shutdown interface vlan 5 ip address 10.5.0.1 255.255.0.0 no shutdown 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 4 页,共 27 页 - -
10、 - - - - - - - interface vlan 6 ip address 10.6.0.1 255.255.0.0 no shutdown interface vlan 7 ip address 10.7.0.1 255.255.0.0 no shutdown interface vlan 8 ip address 10.8.0.1 255.255.0.0 no shutdown router rip version 2 network 10.0.0.0 ip route 0.0.0.0 0.0.0.0 10.2.0.12 ip route 192.168.2.0 255.255.
11、255.0 10.2.0.13 ip route 192.168.3.0 255.255.255.240 10.2.0.11 ip route 192.168.4.0 255.255.255.0 10.2.0.11 ip route 192.168.5.0 255.255.255.0 10.2.0.11 ip route 192.168.6.0 255.255.255.0 10.2.0.11 copy running-config startup-config Building configuration. OK 这里给出的是单纯的命令行,略去了一些默认状况的设置. Catalyst 3500
12、 的配置! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname bluestudy ! enable password password 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 5 页,共 27 页 - - - - - - - - - ! username bluestud
13、y password password username test password password ! 省略端口的显示! interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet0/2 ! interface VLAN1 ip address 10.1.0.4 255.255.0.0 ip helper-address 10.1.0.100 ip directed-broadcast no ip route-cache
14、 ! ip default-gateway 10.1.0.1 interface Ethernet1/1(与 2900 对接) switchport trunk encapsulation dot1q switchport mode trunk ! interface Ethernet1/2(与 1900 A对接) switchport access VLAN 3 no shut ! 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 6 页,共 27 页 - - - - - - - -
15、 - interface Ethernet1/3(与 1900 B对接) switchport access VLAN 4 no shut ! snmp-server engineID local 000000090200000216BE4E80 snmp-server community public RO snmp-server community private RW snmp-server chassis-id 0 x17 (打开简单的网络管理,便于以后,Cisco 网管软件识别和管理)! line con 0 login local transport input none stop
16、bits 1 line vty 0 4 login local line vty 5 15 login ! end Catalyst 2900 的配置2900 的配置与 3500 的相似 ,命令如下hostname bluestudy ! enable password password ! username bluestudy password password username test password password ! 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 7
17、页,共 27 页 - - - - - - - - - 省略端口的显示! interface Ethernet0/1(与 3500 对接) switchport trunk encapsulation dot1q switchport mode trunk ! interface VLAN1 ip address 10.1.0.3 255.255.0.0 ip helper-address 10.1.0.100 ip directed-broadcast no ip route-cache ! ip default-gateway 10.1.0.1 ! interface Ethernet0/2
18、(与 1900 C对接) switchport access VLAN 5 no shut ! interface Ethernet0/3(与 1900 D对接) switchport access VLAN 6 no shut ! snmp-server engineID local 000000090200000216BE4E80 snmp-server community public RO snmp-server community private RW snmp-server chassis-id 0 x17 名师资料总结 - - -精品资料欢迎下载 - - - - - - - -
19、- - - - - - - - - - 名师精心整理 - - - - - - - 第 8 页,共 27 页 - - - - - - - - - ! line con 0 login local transport input none stopbits 1 line vty 0 4 login local line vty 5 15 login ! end Cisco Catalyst 1900 的配置对于 1900 的配置就相对容易得多了只需在 enable 状态下键入Setup 就会进入配置向导给出交换机的IP 地址:10.3.0.5 掩码:255.255.0.0 网关:10.3.0.1
20、就可以了 ,另外应该打开简单的网络管理协议SNMP snmp-server community public RO snmp-server community private RW 即可名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 9 页,共 27 页 - - - - - - - - - PIX 520A的基本配置PIX Version 4.2(4) nameif ethernet0 outside security0 nameif ethernet1 inside securit
21、y100 enable password password encrypted passwd password encrypted hostname pix_A fixup protocol ftp 21 fixup protocol http 80 fixup protocol smtp 25 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol sqlnet 1521 names no failover failover timeout 0:00:00 failover ip address outside 0.0.0
22、.0 failover ip address inside 0.0.0.0 pager lines 24 no logging console 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 10 页,共 27 页 - - - - - - - - - logging monitor debugging logging buffered debugging no logging trap logging facility 20 interface ethernet0 auto inte
23、rface ethernet1 auto ip address outside 192.168.0.1 255.255.255.252 ip address inside 10.2.0.13 255.255.0.0 arp timeout 14400 nat (inside ) 0 192.168.0.0 255.255.255.252 rip outside passive no rip outside default no rip inside passive rip inside default route outside 192.168.2.0 255.255.255.0 192.16
24、8.0.2 route inside 0.0.0.0 0.0.0.0 10.2.0.1 timeout xlate 3:00:00 conn 1:00:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolut esnmp-server community public RO 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 11 页,共 27 页 - - - - - - - - - snm
25、p-server community private RW telnet 10.2.0.200 255.255.255.255 telnet timeout 15 mtu outside 1500 mtu inside 1500 floodguard 0 Cisco 2610A 的配置Current configuration: ! version 11.3 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname 2610A ! enable pas
26、sword password ! username bluestudy password password 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 12 页,共 27 页 - - - - - - - - - no ip domain-lookup! ! interface Ethernet0/0 ip address 192.168.0.2 255.255.255.252 no shut ! interface Serial0/0 ip address 192.168.0.5
27、 255.255.255.252 no shut ! interface Serial0/1 no ip address shutdown ! ip route 0.0.0.0 0.0.0.0 192.168.0.1 ip route 192.168.2.0 255.255.255.0 192.168.0.6 ! snmp-server community public RO snmp-server community private RW ! line con 0 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理
28、- - - - - - - 第 13 页,共 27 页 - - - - - - - - - line aux 0 line vty 0 4 login local ! no scheduler allocate end Cisco 1603的配置Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 1603 ! enable secret password enabl
29、e password password ! 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 14 页,共 27 页 - - - - - - - - - memory-size iomem 25 ip subnet-zero ! interface Serial0 ip address 192.168.0.6 255.255.255.252 no ip directed-broadcast ! interface Ethernet0 ip address 192.168.2.1 255
30、.255.255.0 no ip unreachables no ip directed-broadcast ! ip classless ip route 0.0.0.0 0.0.0.0 s0 no ip http server ! snmp-server community public RO snmp-server community private RW ! line con 0 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 15 页,共 27 页 - - - - - -
31、- - - password password transport input none line aux 0 line vty 0 4 password password login ! no scheduler allocate end PIX 520B的基本配置PIX Version 4.2(4) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password password encrypted passwd password encrypted hostname pix520
32、_B fixup protocol ftp 21 fixup protocol http 80 fixup protocol smtp 25 fixup protocol h323 1720 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 16 页,共 27 页 - - - - - - - - - fixup protocol rsh 514 fixup protocol sqlnet 1521 names no failover failover timeout 0:00:00 f
33、ailover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 pager lines 24 no logging console no logging monitor no logging buffered no logging trap logging facility 20 interface ethernet0 auto interface ethernet1 auto ip address outside 202.108.66.97 255.255.255.248 ip address inside 10.2
34、.0.12 255.255.0.0 arp timeout 14400 global (outside) 1 202.108.66.100 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 no rip outside passive 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 17 页,共 27 页 - - - - - - - - - no rip outside default no rip inside passive no rip inside def
35、ault route outside 0.0.0.0 0.0.0.0 202.109.77.98 timeout xlate 3:00:00 conn 1:00:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps telnet 10.2.0.200 255.255.255.255 te
36、lnet timeout 15 mtu outside 1500 mtu inside 1500 floodguard 0 Cisco 2610B 的配置Current configuration: ! version 11.3 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 18 页,共 27 页 - - - - - - - - - service timestamps debug uptime service timestamps log uptime service passw
37、ord-encryption ! hostname 2610B ! enable password password ! username bluestudy password password no ip domain-lookup! ! interface Ethernet0/0 ip address 202.108.66.98 255.255.255.248 no shut ! interface Serial0/0 ip address 202.108.8.1 255.255.255.252 no shut ! interface Serial0/1 no ip address 名师资
38、料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 19 页,共 27 页 - - - - - - - - - shutdown ! ip route 0.0.0.0 0.0.0.0 202.108.8.2 ! snmp-server community public RO snmp-server community private RW ! line con 0 line aux 0 line vty 0 4 login local ! no scheduler allocate end C
39、isco 2610c 的配置version 11.2 service udp-small-servers service tcp-small-servers ! hostname 2610C ! enable secret cisco ! ip subnet-zero 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 20 页,共 27 页 - - - - - - - - - no ip domain-lookup ! ip address-pool local isdn switch
40、-type basic-net3 interface Ethernet0 ip address 10.2.0.11 255.255.0.0 ! interface Serial0 no ip address encapsulation frame-relay frame-relay lmi-type ansi ! interface Serial0.1 point-to-point description Frame Relay to bluestudy1 ip unnumbered Ethernet0 frame-relay interface-dlci 10 ! interface Ser
41、ial0.2 point-to-point description Frame Relay to bluestudy2 ip unnumbered Ethernet0 frame-relay interface-dlci 11 ! interface BRI1/0 no ip address shutdown isdn switch-type basic-net3 ! interface BRI1/1 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 21 页,共 27 页 - - -
42、 - - - - - - ip address 192.168.3.1 255.255.255.240 encapsulation ppp timeout absolute 60 0 dialer idle-timeout 3600 dialer-group 1 isdn switch-type basic-net3 peer default ip address pool default ppp authentication chap pap callin ! interface BRI1/2 no ip address encapsulation ppp shutdown isdn swi
43、tch-type basic-net3 ! interface BRI1/3 no ip address encapsulation ppp shutdown isdn switch-type basic-net3 no peer default ip address 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 22 页,共 27 页 - - - - - - - - - ! ip local pool default 192.168.3.3 192.168.3.14 ip htt
44、p server ip classless ip route 192.168.5.0 255.255.255.0 serial0.1 ip route 192.168.4.0 255.255.255.0 serial0.2 ip route 0.0.0.0 0.0.0.0 10.2.0.1 ! access-list 1 permit any dialer-list 1 protocol ip list 1 line con 0 password console login line aux 0 line vty 0 4 password telnet login ! end Cisco 17
45、20A 的配置version 11.2 service udp-small-servers service tcp-small-servers hostname bluestudy1 ! enable secret cisco ! 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 23 页,共 27 页 - - - - - - - - - ip subnet-zero no ip domain-lookup ! interface Fastethernet0 ip address 19
46、2.168.5.1 255.255.255.0 ! interface Serial0 no ip address encapsulation frame-relay ! interface Serial0.1 point-to-point description Frame Relay to bluestudy ip unnumbered Ethernet0 frame-relay interface-dlci 10 ! ip http server ip classless ip route 0.0.0.0 0.0.0.0 serial0.1 ! line con 0 password c
47、onsole login line aux 0 line vty 0 4 password bluestudy1 login ! end Cisco 1720B 的配置version 11.2 service udp-small-servers service tcp-small-servers 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 24 页,共 27 页 - - - - - - - - - hostname bluestudy1 ! enable secret cisco
48、 ! ip subnet-zero no ip domain-lookup ! interface Fastethernet0 ip address 192.168.4.1 255.255.255.0 ! interface Serial0 no ip address encapsulation frame-relay ! interface Serial0.1 point-to-point description Frame Relay to bluestudy ip unnumbered Ethernet0 frame-relay interface-dlci 11 ! ip http s
49、erver ip classless ip route 0.0.0.0 0.0.0.0 serial0.1 ! line con 0 password console login line aux 0 line vty 0 4 password bluestudy2 login ! end Lucent MAX 6000 名师资料总结 - - -精品资料欢迎下载 - - - - - - - - - - - - - - - - - - 名师精心整理 - - - - - - - 第 25 页,共 27 页 - - - - - - - - - 对于阵列式访问服务器 (朗讯的 MAX 6000),可以
50、起到小型 ISP 的作用,如果作了 Callback的配置,那么员工就可以在家里也能够登陆到公司的网络。而且,因为 E1 线路通常是包月的,因此,可以省去员工的上网费用,当然也可以通过计费费软件,适当收费,实现以网养网。对于其配置只要将大于30 个 IP 地址加入地址池中,然后将所有路由指向中心交换机即可。对于 MAX6000的配置,通常是菜单形式的,可以根据向导进行配置。在此,省略其配置。但是,以前遇到一个问题,MAX 6000接入中心交换机( 3Com 3500)时,将其路由指向 3500 ,而 3500 也将拨入用户网络指向MAX 6000 ,但是产生如下现象现象如下:1. 由 MAX6