Loading... ![拓扑图](https://cdn.xt6a.com/typecho/uploads/2023/10/2812313203.png) ## 交换机的配置 Switch(config)# line vty 0 4 Switch(config-line)# transport input telnet Switch(config-line)# password Tel2023 Switch(config-line)# login Switch(config-line)# exit Switch(config)# enable password 2023 /* 所有交换机配置,为所有网络设备开启 telnet 服务端功能,使其可以远程配置。其中,远程访问密码为 Tel2023,特权明文密码为 2023。 BJ_CORE: BJ_CORE(config)# int range f0/23-24 BJ_CORE(config-if)# switchport trunk encapsulation dot1q BJ_CORE(config-if)# switchport mode trunk /* 交换机的端口 23 和 24 设置为 Trunk 模式 BJ_CORE(config-if)#exit BJ_CORE(config)# vtp mode server BJ_CORE(config)# vtp domain Office BJ_CORE(config)# vtp password 2023 BJ_CORE(config)# vtp version 2 BJ_CORE(config)# exit /* VTP的server配置 BJ_CORE#vlan database BJ_CORE(vlan)# vlan 10 name office BJ_CORE(vlan)# vlan 99 name sales BJ_CORE(vlan)# vlan 100 name core BJ_CORE(vlan)# exit BJ_CORE#conf t BJ_CORE(config)# int vlan 1 BJ_CORE(config-if)# ip addr 192.168.0.5 255.255.255.252 BJ_CORE(config-if)# no shutdown BJ_CORE(config-if)# exit BJ_CORE(config)# int vlan 10 BJ_CORE(config-if)# ip addr 192.168.10.254 255.255.255.0 BJ_CORE(config-if)# no shutdown BJ_CORE(config-if)# exit BJ_CORE(config)# int vlan 99 BJ_CORE(config-if)# ip addr 192.168.99.254 255.255.255.0 BJ_CORE(config-if)# no shutdown BJ_CORE(config-if)# exit BJ_CORE(config)# int vlan 100 BJ_CORE(config-if)# ip addr 192.168.100.254 255.255.255.0 BJ_CORE(config-if)# no shutdown BJ_CORE(config-if)# exit /*IP地址的配置 BJ_CORE(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.10 BJ_CORE(config)# ip dhcp pool office BJ_CORE(dhcp-config)# network 192.168.10.0 255.255.255.0 BJ_CORE(dhcp-config)# default-router 192.168.10.254 BJ_CORE(dhcp-config)# dns-server 192.168.100.100 BJ_CORE(dhcp-config)# exit /*DHCP的配置 BJ_SW1: BJ_SW1(config)# int f0/23 BJ_SW1(config-if)# switchport trunk encapsulation dot1q BJ_SW1(config-if)# switchport mode trunk /* 交换机的端口 23 设置为 Trunk 模式 BJ_SW1(config-if)# exit BJ_SW1(config)# vtp mode client BJ_SW1(config)# vtp domain Office BJ_SW1(config)# vtp password 2023 BJ_SW1(config)# vtp version 2 /* VTP的client配置 BJ_SW1(config)#int r f0/6-15 BJ_SW1(config-if-range)#switchport access vlan 10 BJ_SW1(config-if-range)#exit BJ_SW1(config)#int r f0/16-20 BJ_SW1(config-if-range)#switchport access vlan 99 BJ_SW1(config-if-range)#exit BJ_SW1(config)#int r f0/1-5 BJ_SW1(config-if-range)# switchport access vlan 100 BJ_SW1(config)# exit /*VLAN划分的配置 BJ_SW1(config)# interface FastEthernet0/21 BJ_SW1(config-if)# channel-group 1 mode active BJ_SW1(config-if)# exit BJ_SW1(config)# interface FastEthernet0/22 BJ_SW1(config-if)# channel-group 1 mode active BJ_SW1(config-if)# exit BJ_SW1(config)# interface Port-channel1 BJ_SW1(config-if)# switchport mode trunk BJ_SW1(config-if)# exit BJ_SW1(config)# interface FastEthernet0/1 BJ_SW1(config-if)# spanning-tree portfast BJ_SW1(config-if)# exit /*BJ_SW1 和 BJ_SW2 之间配置链路聚合 BJ_SW1(config)# interface FastEthernet0/1 BJ_SW1(config-if)# spanning-tree portfast BJ_SW1(config-if)# exit /*BJ_SER的接口上启用PortFast功能 BJ_SW2: BJ_SW2(config)#int f0/24 BJ_SW2(config-if)#switchport trunk encapsulation dot1q BJ_SW2(config-if)#switchport mode trunk /* 交换机的端口 24 设置为 Trunk 模式 BJ_SW2(config-if)#exit BJ_SW2(config)# vtp mode client BJ_SW2(config)# vtp domain Office BJ_SW2(config)# vtp password 2023 BJ_SW2(config)# vtp version 2 /* VTP的client配置 BJ_SW2(config)#int r f0/1-15 BJ_SW2(config-if-range)#switchport access vlan 10 BJ_SW2(config-if-range)#exit BJ_SW2(config)#int r f0/16-18 BJ_SW2(config-if-range)#switchport access vlan 99 BJ_SW2(config-if-range)#exit BJ_SW2(config)#int r f0/19-20 BJ_SW2(config-if-range)#switchport access vlan 100 BJ_SW2(config-if-range)#exit /*VLAN划分的配置 BJ_SW2(config)# interface FastEthernet0/21-22 BJ_SW2(config-if)# channel-group 1 mode active BJ_SW2(config-if)# lacp port-priority 32768 /*设置LACP端口优先级为32768,以便根据BJ_SW1的接口状态进行动态同步。 BJ_SW2(config-if)# exit BJ_SW2(config)# interface Port-channel1 BJ_SW2(config-if)# switchport mode trunk BJ_SW2(config-if)# exit /*BJ_SW1 和 BJ_SW2 之间配置链路聚合 BJ_SW2(config)# interface FastEthernet0/1 BJ_SW2(config-if)# switchport mode access BJ_SW2(config-if)# switchport port-security BJ_SW2(config-if)# switchport port-security maximum 1 BJ_SW2(config-if)# switchport port-security violation shutdown BJ_SW2(config-if)# exit /* BJ_PC的端口开启端口安全功能,限制接口的最大连接数为1 BJ_SW2(config)# ip dhcp snooping BJ_SW2(config)# interface FastEthernet0/1 BJ_SW2(config-if)# ip dhcp snooping trust BJ_SW2(config-if)# exit /*BJ_PC的接口,启用DHCP snooping功能 BJ_SW2(config-if)# ip arp inspection trust /*BJ_PC的接口上启用动态ARP检查功能 5)使用默认的生成树协议。并将 BJ_CORE 作为所有 VLAN 的根,BJ_SW1 作为 VLAN100 的备份根,BJ_SW2 作为 VLAN10 的备份根; BJ_CORE上的配置: BJ_CORE(config)# spanning-tree mode pvst BJ_CORE(config)# spanning-tree vlan 1-4094 root primary BJ_SW1上的配置: BJ_SW1(config)# spanning-tree mode pvst BJ_SW1(config)# spanning-tree vlan 100 root secondary BJ_SW2上的配置: BJ_SW2(config)# spanning-tree mode pvst BJ_SW2(config)# spanning-tree vlan 10 root secondary ## 路由的配置 Router(config)# line vty 0 4 Router(config-line)# transport input telnet Router(config-line)# password Sky2023 Router(config-line)# login Router(config-line)# exit Router(config)# enable password admin1234 /* 所有交换机配置,为所有网络设备开启telnet服务端功能,使其可以远程配置。其中,远程访问密码为Sky2023,特权密码为admin1234。(密码为明文) BJ_RTR(config)# interface Loopback0 BJ_RTR(config-if)# ip address 1.1.1.4 255.255.255.255 BJ_RTR(config-if)# no shutdown BJ_RTR(config-if)# exit BJ_RTR(config)# interface GigabitEthernet0/0 BJ_RTR(config-if)# ip address 192.168.0.6 255.255.255.252 BJ_RTR(config-if)# ip nat inside BJ_RTR(config-if)# no shutdown BJ_RTR(config-if)#ex BJ_RTR(config)#interface GigabitEthernet0/1 BJ_RTR(config-if)#ip address 135.2.1.2 255.255.255.248 BJ_RTR(config-if)# ip nat outside BJ_RTR(config-if)# no shutdown BJ_RTR(config)#router ospf 100 BJ_RTR(config-router)#router-id 1.1.1.4 BJ_RTR(config-router)# network 135.2.1.0 0.0.0.7 area 0 BJ_RTR(config-router)#exit BJ_RTR(config)#ip nat pool Office 135.2.1.6 135.2.1.6 netmask 255.255.255.0 BJ_RTR(config)#ip nat inside source list 10 pool Office overload BJ_RTR(config)#ip nat inside source static 192.168.100.100 135.2.1.5 BJ_RTR(config)#ip route 192.168.100.0 255.255.255.0 192.168.0.5 BJ_RTR(config)#ip route 192.168.10.0 255.255.255.0 192.168.0.5 BJ_RTR(config)#access-list 10 permit 192.168.10.0 0.0.0.255 IR1上配置: interface Loopback0 ip address 1.1.1.1 255.255.255.255 interface GigabitEthernet0/1 ip address 135.2.1.1 255.255.255.248 interface Serial0/1/0 ip address 201.100.1.1 255.255.255.248 interface Serial0/1/1 ip address 132.2.1.1 255.255.255.248 router ospf 100 router-id 1.1.1.1 network 135.2.1.0 0.0.0.7 area 0 network 201.100.1.0 0.0.0.7 area 0 network 132.2.1.0 0.0.0.7 area 0 IR2上配置: interface Loopback0 ip address 1.1.1.2 255.255.255.255 interface GigabitEthernet0/0 ip address 134.2.1.1 255.255.255.248 interface GigabitEthernet0/1 ip address 209.100.1.254 255.255.255.0 interface Serial0/1/0 ip address 201.100.1.2 255.255.255.248 interface Serial0/1/1 ip address 133.2.1.1 255.255.255.248 router ospf 100 router-id 1.1.1.2 log-adjacency-changes network 201.100.1.0 0.0.0.7 area 0 network 133.2.1.0 0.0.0.7 area 0 network 134.2.1.0 0.0.0.7 area 0 network 209.100.1.0 0.0.0.255 area 0 IR3上配置: interface Loopback0 ip address 1.1.1.3 255.255.255.255 interface GigabitEthernet0/0 ip address 202.100.1.254 255.255.255.0 interface GigabitEthernet0/1 ip address 219.100.1.254 255.255.255.0 interface Serial0/1/0 ip address 132.2.1.2 255.255.255.248 interface Serial0/1/1 ip address 133.2.1.2 255.255.255.248 router ospf 100 router-id 1.1.1.3 log-adjacency-changes network 132.2.1.0 0.0.0.7 area 0 network 133.2.1.0 0.0.0.7 area 0 network 219.100.1.0 0.0.0.255 area 0 network 202.100.1.0 0.0.0.255 area 0 SH_RTR上的配置: interface Loopback0 ip address 1.1.1.5 255.255.255.255 interface GigabitEthernet0/0 ip address 172.16.100.1 255.255.255.0 ip nat inside interface GigabitEthernet0/1 ip address 134.2.1.2 255.255.255.248 ip nat outside router ospf 100 router-id 1.1.1.5 network 134.2.1.0 0.0.0.7 area 0 ip nat pool NAT 134.2.1.5 134.2.1.5 netmask 255.255.255.248 ip nat inside source list 1 pool NAT access-list 1 permit 172.16.100.0 0.0.0.255 最后修改:2023 年 10 月 22 日 © 允许规范转载 打赏 赞赏作者 支付宝微信 赞 4 如果觉得我的文章对你有用,请随意赞赏