企业网
OSPF分流
组网需求:
实现拓扑图中的生产业务与办公业务分流。
IP地址规划如下:
-、基本信息及链路配置,连通性测试(略)
二、
总部二层网络业务分流策略部署
配置如下:
SW1,SW2上分别创建vlan20,21,22,300,901 SW3创建vlan20,21,22,300 SW9、SW10创建vlan 36、37、300
生成树的配置,总部生产和网管以SW1为根,办公以SW2为根,互作备份。
SW1:
spanning-tree vlan 1 priority 0
spanning-tree vlan 20 priority 0
spanning-tree vlan 21 priority 4096
spanning-tree vlan 22 priority 0
spanning-tree vlan 23 priority 4096
spanning-tree vlan 300 priority 0
no spanning-tree vlan 901 //901作为互联VLAN,需关闭生成树
SW2:
spanning-tree vlan 1 priority 4096
spanning-tree vlan 20 priority 4096
spanning-tree vlan 21 priority 0
spanning-tree vlan 22 priority 4096
spanning-tree vlan 23 priority 0
spanning-tree vlan 300 priority 4096
no spanning-tree vlan 901 //901作为互联VLAN,需关闭生成树
SW3上的STP使用默认值就行了,现在VLAN1,20,22,300是走SW1,VLAN21,23走SW2.
总部HSRP/VRRP的配置:生产网管以SW1为主网关,办公以SW2为主网关,互作备份
SW1:interface Vlan20
standby 20 ip 172.16.20.1
standby 20 priority 200
standby 20 preempt
interface Vlan21
standby 21 ip 172.16.21.1
standby 21 preempt
interface Vlan22
standby 22 ip 172.16.22.1
standby 22 priority 200
standby 23 preempt
interface Vlan23
standby 23 ip 172.16.23.1
standby 23 preempt
interface Vlan300
standby 19 ip 172.16.19.1
standby 19 priority 200
standby 19 preempt
SW2:
interface Vlan20
standby 20 ip 172.16.20.1
standby 20 preempt
interface Vlan21
standby 21 ip 172.16.21.1
standby 21 priority 200
standby 21 preempt
interface Vlan22
standby preempt
standby 22 ip 172.16.22.1
interface Vlan23
standby 23 ip 172.16.23.1
standby 23 priority 200
standby 23 preempt
interface Vlan300
standby 19 ip 172.16.19.1
standby 19 preempt
分部HSRP/VRRP的配置:生产网管以RT7为主网关,办公以RT8为主网关,互作备份
RT7:
interface FastEthernet2/0
ip address 172.16.35.2 255.255.255.0
vrrp 19 ip 172.16.35.1
vrrp 19 priority 150
interface FastEthernet2/0.36
encapsulation dot1Q 36
ip address 172.16.36.2 255.255.255.0
vrrp 36 ip 172.16.36.1
vrrp 36 priority 200
interface FastEthernet2/0.37
encapsulation dot1Q 37
ip address 172.16.37.2 255.255.255.0
vrrp 37 ip 172.16.37.1
RT8:
interface FastEthernet2/0
ip address 172.16.35.3 255.255.255.0
vrrp 19 ip 172.16.35.1
interface FastEthernet2/0.36
encapsulation dot1Q 36
ip address 172.16.36.3 255.255.255.0
vrrp 36 ip 172.16.36.1
interface FastEthernet2/0.37
encapsulation dot1Q 37
ip address 172.16.37.3 255.255.255.0
vrrp 37 ip 172.16.37.1
vrrp 37 priority 200
SW1的HSRP:
现在我们完成了总部和分部二层网络的业务分流
二、
单区域OSPF的配置:
SW1:
router ospf 1
router-id 172.16.0.1
passive-interface default //工程化配置,不需要的接口要配置成被动接口
no passive-interface vlan 901
no passive-interface f1/1
network 172.16.0.1 0.0.0.0 area 0
network 172.16.1.0 0.0.0.3 area 0
network 172.16.1.8 0.0.0.3 area 0
network 172.16.20.0 0.0.0.255 area 0
network 172.16.21.0 0.0.0.255 area 0
int vlan 901
ip ospf network point-to-point //配置成点对点
int f1/1
ip ospf network point-to-point //配置成点对点
SW2:
router ospf 1
router-id 172.16.0.2
passive-interface default //工程化配置,不需要的接口要配置成被动接口
no passive-interface vlan 901
no passive-interface f1/1
network 172.16.0.2 0.0.0.0 area 0
network 172.16.1.4 0.0.0.3 area 0
network 172.16.1.8 0.0.0.3 area 0
network 172.16.20.0 0.0.0.255 area 0
network 172.16.21.0 0.0.0.255 area 0
int vlan 901
ip ospf network point-to-point //配置成点对点
int f1/1
ip ospf network point-to-point //配置成点对点
RT5:
router ospf 1
router-id 172.16.0.5
passive-interface default
no passive-interface f2/0
no passive-interface f1/0
no passive-interface s0/0
network 172.16.0.5 0.0.0.0 area 0
network 172.16.1.0 0.0.0.3 area 0
network 172.16.1.12 0.0.0.3 area 0
network 172.16.33.0 0.0.0.3 area 0
int f1/0
ip ospf network point-to-point //配置成点对点
int f2/0
ip ospf network point-to-point //配置成点对点
RT6:
router ospf 1
router-id 172.16.0.6
passive-interface default
no passive-interface f2/0
no passive-interface f1/0
no passive-interface s0/0
network 172.16.0.6 0.0.0.0 area 0
network 172.16.1.4 0.0.0.3 area 0
network 172.16.1.12 0.0.0.3 area 0
network 172.16.33.4 0.0.0.3 area 0
int f1/0
ip ospf network point-to-point //配置成点对点
int f2/0
ip ospf network point-to-point //配置成点对点
RT7:
router ospf 1
router-id 172.16.32.1
passive-interface default
no passive-interface s0/0
no passive-interface f1/0
network 172.16.32.1 0.0.0.0 area 0
network 172.16.33.0 0.0.0.3 area 0
network 172.16.33.12 0.0.0.3 area 0
network 172.16.35.0 0.0.0.255 area 0
network 172.16.36.0 0.0.0.255 area 0
network 172.16.37.0 0.0.0.255 area 0
int f1/0
ip ospf network point-to-point //配置成点对点
RT8:
router ospf 1
router-id 172.16.32.2
passive-interface default
no passive-interface s0/0
no passive-interface f1/0
network 172.16.32.2 0.0.0.0 area 0
network 172.16.33.4 0.0.0.3 area 0
network 172.16.33.12 0.0.0.3 area 0
network 172.16.35.0 0.0.0.255 area 0
network 172.16.36.0 0.0.0.255 area 0
network 172.16.37.0 0.0.0.255 area 0
int f1/0
ip ospf network point-to-point //配置成点对点
三、
单区域OSPF业务分流策略部署:
RT7:
int f2/0.36
ip ospf cost 1000
int f2/0.37
ip ospf cost 2000
int f2/0
ip ospf cost 1000
RT8:
int f2/0.36
ip ospf cost 2000
int f2/0.37
ip ospf cost 1000
int f2/0
ip ospf cost 2000
SW1:
int vlan 20
ip ospf cost 1000
int vlan 21
ip ospf cost 2000
int vlan 22
ip ospf cost 1000
int vlan 23
ip ospf cost 2000
int vlan 300
ip ospf cost 1000
SW2:
int vlan 20
ip ospf cost 2000
int vlan 21
ip ospf cost 1000
int vlan 22
ip ospf cost 2000
int vlan 23
ip ospf cost 1000
int vlan 300
ip ospf cost 2000
调整平面间的流量:
SW、SW2:
int vlan 901
ip ospf cost 100
RT5、RT6:
int f1/0
ip ospf cost 101
RT7、RT8:
ip ospf cost 170
现在测试一下:
总部生产访问办公生产:VPC3-SW3-SW1-RT5-RT7-SW9-VPC5
总部生产访问分部办公:VPC3-SW3-SW1-SW2-RT6-RT8-SW10
其它的大家慢慢去测试下吧!
转载于:https://blog.51cto.com/tangfangxiao/656682
1341
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
