目录
目标:
搭建:
思路:
配置:
1、eth-trunk
sw1和sw2
[sw1]interface Eth-Trunk 0
[sw1-Eth-Trunk0]q
[sw1-GigabitEthernet0/0/1]eth-trunk 0
sw1和sw2的两个口都这么配2、TRUNK干道
[sw1]port g
[sw1]port-
[sw1]port-gro
[sw1]port-group g
[sw1]port-group group-member g0/0/2 to g0/0/3 eth
[sw1]port-group group-member g0/0/2 to g0/0/3 Eth-Trunk 0
[sw1-port-group]port link-type trunk
[sw1-port-group]port trunk allow-pass vlan 1 to 2
将所要改的口绑在一个组里进行统一设置 sw2 3 4同sw13、vlan
1)在sw1-4创建vlan2
2)进入sw3 sw4将接口设置为access (默认vlan1) 再将属于vlan2 的口配置vlan2
4、STP
创建树 , 对vlan进行分组
[sw2]stp mode mstp
[sw2]stp enable
[sw2]stp region-configuration
[sw2-mst-region] region-name a
[sw2-mst-region] instance 1 vlan 1
[sw2-mst-region] instance 2 vlan 2
[sw2-mst-region] active region-configurationsw1 2 3 4 均为以上配置
此时查看树的根网桥以及被堵塞的端口
sw1
sw3
sw4
可以发现汇聚层的eth-trunk链路和sw4的0/0/1口被逻辑堵塞 ,而根网桥为sw3
而我们的目标是sw1 应该是组1的主根组2的备份根 , sw2应该是组2的主根组1的备份根,网关也应该在sw1和sw2上实现3合1
配置:
sw1
[sw1]stp instance 1 root primary
[sw1]stp instance 2 root secondary sw2
[sw2]stp instance 2 root primary
[sw2]stp instance 1 root secondary 此时再看brief
已完成根网桥配置
此时sw3、 4的0/0/2 为组1的阻塞口,0/0/1为组2的阻塞口
然后再将连接电脑的接口设置为边缘接口,来提高效率
[sw3]port-group group-member e0/0/1 e0/0/2
[sw3-port-group]stp
Jul 22 2021 12:35:53-08:00 sw3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.191.3.1 configurations have been changed. The current change number is 15, the change loop count is 0, and the maximum number of records is 4095.eng
[sw3-port-group]stp eng
[sw3-port-group]stp edg
[sw3-port-group]stp edged-port en
[sw3-port-group]stp edged-port enable
[sw3-Ethernet0/0/1]stp edged-port enable
[sw3-Ethernet0/0/2]stp edged-port enable
sw4同sw3SVI
先配svi ip
[sw1]interface vlan 1
[sw1-Vlanif1]ip add 172.16.1.1 25
[sw1]int vlan 2
[sw1-Vlanif2]ip add 172.16.1.129 25
[sw1-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.126
[sw1-Vlanif1]vrrp vrid 1 priority 120 //调整优先级让它当老大
[sw1-Vlanif1]vrrp vrid 1 track interface g0/0/5 reduced 30 //打开上行链路追踪 当g0/0/5口断后下调优先级30 让sw2当老大
[sw1-Vlanif1]dis this
#
interface Vlanif1
ip address 172.16.1.1 255.255.255.128
vrrp vrid 1 virtual-ip 172.16.1.126
vrrp vrid 1 priority 120
vrrp vrid 1 track interface GigabitEthernet0/0/5 reduced 30
#
return
设置vlan2
[sw1-Vlanif1]int vlan 2
[sw1-Vlanif2]vrrp vrid 1 virtual-ip 172.16.1.254 //备份
[sw1-Vlanif2]dis this
#
interface Vlanif2
ip address 172.16.1.129 255.255.255.128
vrrp vrid 1 virtual-ip 172.16.1.254 在sw2 上同样的操作
[sw2]int vlan 1
[sw2-Vlanif1]vrrp vrid 1 virtual-ip 172.16.1.126 //备份
[sw2-Vlanif2]vrrp vrid 1 virtual-ip 172.16.1.254
[sw2-Vlanif2]vrrp vrid 1 priority 120
[sw2-Vlanif2]vrrp vrid 1 track int g 0/0/5 reduced 30 //开启上行链路追踪
DHCP
[sw1]dhcp enable
[sw1-ip-pool-v1]network 172.16.1.0 mask 25
[sw1-ip-pool-v1]gateway-list 172.16.1.126
[sw1-ip-pool-v1]dns-list 114.114.114.114
[sw1-ip-pool-v2]network 172.16.1.128 mask 25
[sw1-ip-pool-v2]dns-list 114.114.114.114
[sw1-ip-pool-v2]gateway-list 172.16.1.254
[sw1-Vlanif1]dhcp select global
[sw1-Vlanif2]dhcp select global
ip pool v1
gateway-list 172.168.1.126
network 172.168.1.0 mask 255.255.255.128
dns-list 114.114.114.114
#
ip pool v2
gateway-list 172.16.1.254
network 172.16.1.128 mask 255.255.255.128
dns-list 114.114.114.114
sw2与sw1相同 检查一下
路由
这里华为模拟器有个问题就是 g0/0/5口undo portswitch后无法配置ip 正常是可以直接配ip的,所以这里只能用SVI模拟一个三层接口
[sw1]int Vlanif 100
[sw1-Vlanif100]q
[sw1]int g0/0/5
[sw1-GigabitEthernet0/0/5]port link-type access
[sw1-GigabitEthernet0/0/5]port default vlan 100
[sw1-Vlanif100]ip add 172.16.0.1 30
[sw2-GigabitEthernet0/0/5]port link-type access
[sw2-GigabitEthernet0/0/5]port default vlan 100
[sw2-Vlanif100]ip add 172.16.0.5 30开始配置路由器r1 r2 此处略
内网上网
1.直接静态路由
2.ospf
三层及以上为区域0 其他为区域1
R1
[R1]ospf 1 rout
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]net
[R1-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255sw1
[sw1-ospf-1]dis this
#
ospf 1 router-id 1.1.1.2
area 0.0.0.0
network 172.16.0.1 0.0.0.0
area 0.0.0.1
network 172.16.1.1 0.0.0.0
network 172.16.1.129 0.0.0.0sw2
[sw2-ospf-1]dis this
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 172.16.0.5 0.0.0.0
area 0.0.0.1
network 172.16.1.2 0.0.0.0
network 172.16.1.130 0.0.0.0
#R1
此时再将底下两条路由汇聚成一条发上去
[sw1-ospf-1]
[sw1-ospf-1]area 1
[sw1-ospf-1-area-0.0.0.1]abr
[sw1-ospf-1-area-0.0.0.1]abr-summary 172.16.1
Jul 22 2021 13:59:55-08:00 sw1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.191.3.1 configurations have been changed. The current change number is 54, the change loop count is 0, and the maximum number of records is 4095..
[sw1-ospf-1-area-0.0.0.1]abr-summary 172.16.1.0 255.255.255.0
[sw2-ospf-1]
[sw2-ospf-1]ar
[sw2-ospf-1]area 1
[sw2-ospf-1-area-0.0.0.1]abr
[sw2-ospf-1-area-0.0.0.1]abr-summary 172.16.1.0 255
Jul 22 2021 13:58:25-08:00 sw2 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.191.3.1 configurations have been changed. The current change number is 45, the change loop count is 0, and the maximum number of records is 4095..255.255
[sw2-ospf-1-area-0.0.0.1]abr-summary 172.16.1.0 255.255.255.0
此时这里有几个问题:每个SVI会每隔10秒向所有未堵塞的trunk干道和pc发hello包 SVI数×trunk干道数=每10秒的hello包数
sw1与sw2会因为有几个svi就会建几个邻
此时下面的网络中会充斥着很多洪泛流量
解决:配置沉默接口
先沉默所有接口,再选择性打开
[sw1]ospf 1
[sw1-ospf-1]sli
[sw1-ospf-1]sil
[sw1-ospf-1]silent-interface all
[sw1-ospf-1]undo silent-interface GigabitEthernet 0/0/5
[sw1-ospf-1]undo silent-interface Eth-Trunk 0
[sw1-ospf-1]undo silent-interface Vlanif 1
[sw1-ospf-1]undo silent-interface Vlanif 100
sw2 同 sw1 缺省
[R1]ip route-static 0.0.0.0 0.0.0.0 12.1.1.2
[R1-ospf-1]default-route-advertise NAT
[R1]acl 2000
[R1-acl-basic-2000]rule
[R1-acl-basic-2000]rule p
[R1-acl-basic-2000]rule permit s
[R1-acl-basic-2000]rule permit source 172.16.0.0 0.0.255.255
[R1-acl-basic-2000]q
[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]nat ou
[R1-GigabitEthernet0/0/1]nat outbound 2000 验证
关掉随机一个交换机验证冗余成功
1321
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
