网络常见故障问答(二)
1 如何看ROUTER的CPU利用率,一般在多少的范围是正常的?
show proc cpu 一般来说不应超过80% 。
The Cisco routers are not overutilized. (5-minute CPU utilization under 75%)
2 求助!CISCO ROUTER 如何用PC(WIN95)用TFTP传文件。
在win95端安装一个TFTP软件。
在cisco端需要键入TFTP地址时,写你win95的地址就可。
tftp还是不要用CISCO自己的那个的好,非常容易死机的,连CISCO的工程师都不喜欢用,很多都是用walusoft的tftp pro 3.x,稳定很多。
3 内部网192.168.200.X; 路由器WAN口IP地址为202.44.0.148 ;我将192.168.200.10.-192.168.200.254做单向NAT指向202.44.0.148 ; 192.168.200.10以内为服务器,他们单独做双向NAT与各自真地址绑定。以上情况,我用3COM路由器好做,主要是192.168.200.10-192.168.200.254 这段地址,用CISCO的路由器如何配置?
在CISCO路由器上,你可以用Translate Inside Source Addresses 的方法将你的服务器与真地址绑定。 10-254的地址可以用Overloading Inside Global address的办法(设个IP POOL)。
4 请问在同一台CISCO交换机上能否设置多个TRUNK?
当然可以了
5 在路由器和交换机之间如何同步时间?
起NTP
6 双绞线和同轴电缆最远能连多少米?
10BaseT and 100BaseT (Star) 100 from hub to station
10Base5 (Bus) 500
10Base2 (Bus) 185
加中继可以延长,四个网段和三个中继器(有源)
所以,细缆:4*185;粗缆:4*500;对绞线:4*100(最少)
我记得好像可以5*185/500/100
7 我的cisco2511的e0口的collision 和 deferred 的数目增张得很快, 不到一天的时间,collision 与 deferred就分别增到了 7300 与 2300 的大数,在这一天的时间段内,我lan PC上网有时很慢,不知这collision 和deferred 是否是正常的,他是否对lan的上网速度有时间段的影响? 还有就是,LAN上的server网卡的carri及colli也是增得较大的。不知这与 什么有关呢? 请指点。 谢谢。
估计微机数量较多,传送数据较频繁,导致冲突增大
当E0口上接较多PC时就会这样,这说明利用率高,正常!
8 谁有Cisco1603通过ISDN上163的例子?
isdn switch-type是isdn交换机的类型,在广东的话应该是primary-net5,
spid是系统配置id号,是交换机必须要有的,我想1600这个是肯定要佩的吧?
你给你的bri 0口配了ppp嘛?你的isdn无法连接也有可能是电信局的关系哦
这是一个2503拨号ISDN上163的一个配置文件。地点是哈尔滨
User Access Verification
Password:
Router>en
Password:
Router#sh runn
Building configuration...
Current configuration:
!
version 11.3
no service password-encryption
!
hostname Router
!
enable password *******
!
ip nat inside source list 1 interface Dialer0 overload
isdn switch-type basic-net3
!
!
interface Ethernet0
ip address 192.168.1.34 255.255.255.0 secondary
ip address *.*.*.* 255.255.255.224
ip access-group 102 in
ip nat inside
no cdp enable
!
interface Serial0
ip address *.*.*.* 255.255.255.252
ip access-group 2 in
ip nat outside
no cdp enable
!
interface Serial1
no ip address
shutdown
!
interface BRI0
no ip address
encapsulation ppp
dialer pool-member 1
!
interface Dialer0
ip address negotiated
ip nat outside
encapsulation ppp
bandwidth 64
no keepalive
dialer remote-name rtr2-a-1-hlhr.hl.cn.net
dialer string 163 class 163map
dialer load-threshold 64 either
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username pmodernjd password 7 00131A08560B5B56
ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
map-class dialer 163map
dialer idle-timeout 60
dialer fast-idle 30
dialer enable-timeout 1
no logging buffered
no logging trap
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 deny 192.168.1.0 0.0.0.255
access-list 2 permit any
access-list 101 deny ip any host 151.196.194.123
access-list 101 deny ip any host 209.1.144.192
access-list 101 permit ip any any
access-list 102 deny udp host 192.168.1.103 host 202.97.224.68
access-list 102 permit ip any any
access-list 103 deny ip any 0.0.0.255 255.255.255.0
access-list 103 permit ip any any
dialer-list 1 protocol ip list 103
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
access-class 1 in
password cw1990
login
!
end
Router#sh start
Using 1508 out of 32762 bytes
!
version 11.3
no service password-encryption
!
hostname Router
!
enable password modernjd
!
ip nat inside source list 1 interface BRI0 overload
isdn switch-type basic-net3
!
!
interface Ethernet0
ip address 192.168.1.34 255.255.255.0 secondary
ip address 202.97.251.34 255.255.255.224
ip access-group 102 in
ip nat inside
no cdp enable
!
interface Serial0
ip address 202.97.240.214 255.255.255.252
ip access-group 2 in
ip nat outside
no cdp enable
!
interface Serial1
no ip address
shutdown
!
interface BRI0
ip address negotiated
ip nat outside
encapsulation ppp
no keepalive
dialer idle-timeout 60
dialer fast-idle 30
dialer enable-timeout 1
dialer string 163
dialer load-threshold 128 either
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username pmodernjd password 7 071828421C594955
ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 BRI0
!
no logging buffered
no logging trap
no logging trap
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 deny 192.168.1.0 0.0.0.255
access-list 2 permit any
access-list 101 deny ip any host 151.196.194.123
access-list 101 deny ip any host 209.1.144.192
access-list 101 permit ip any any
access-list 102 deny udp host 192.168.1.103 host 202.97.224.68
access-list 102 permit ip any any
access-list 103 deny ip any 0.0.0.255 255.255.255.0
access-list 103 permit ip any any
dialer-list 1 protocol ip list 103
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
access-class 1 in
password *******
login
!
end
Router#
9 如何在拨号线路上实现桥接功能(即支持NETBIOS广播)?
在客户端的LMHOSTS文件中加入 服务器名与IP的影射或在RAS端建WINS服务器,客户端中WINS指向WINS服务器
10 模型:A端-------ROUTER--------b端
XXXX 172.1.1.1 YYYY
目的: a端网除了xxxx以外的机都不可访问b端,b端网除了yyyy以外的机都可访问a端,怎样设?
设置access list 就可以了 。
48-bits MAC address access list 的access-list号是700-799
还有个extend MAC address access list是1100-1199但是没有用过
11 有一个企业,内部想通过2509拔号上网。IP pool用内部地址。 如何转换成合法IP地址? 用这种方案可行么? 或者是用NT机建立一个DHCP服务器,动态分配IP地址,如何?是否可行?
没问题。在2509上配置DDR,然后利用NAT功能设立IP POOL。内部网用私有地址。 不须用DHCP。
12 如何将三地(各地距离一千多公里)的LAN通过DDN连接在一起,务必令每地的LAN同属于同一个网段(因为要运行某一软件,此软件前提是工作站必须是属于同一网络)。 需要什么网络设备等等。
路由器桥接
13 RJ-21 Telco接口是什么接口,用于什么情况?
Telco接口 is Rj11
voice interface have :fxo,fxs,e&m
fxs is connect tel,fxo & e&m is connect PBX
14 CISCO 2511 的配置问题:
采用OSPF协议.现配置如下:
interface Ethernet0
ip address 10.88.132.5 255.255.252.0
!
interface Async1
ip unnumbered Ethernet0
ip tcp header-compression passive
encapsulation ppp
bandwidth 36
keepalive 10
async mode interactive
peer default ip address 10.88.167.1
no fair-queue
no cdp enable
!
(略)
.
!
router ospf 1
network 10.88.167.1 0.0.0.0 area 10.88.132.1
!
line 1
script dialer cisco-default
modem InOut
autocommand ppp
transport input all
rxspeed 57600
txspeed 57600
flowcontrol hardware
!
.
.
远程点拨号后,能PING通10.88.132.5,但不能PING通与此地址同网段的其他地址。 请问如何解决?
add a route: ip route 0.0.0.0 0.0.0.0 e0
在ospf中加上e0的网段
router ospf 1
network 10.88.167.1 0.0.0.0 area 10.88.132.1
network 10.88.132.5 0.0.3.255 a 1
你用OSPF干什么?是不是别的路由器(和E0口连的)用的是OSPF?
加两条:
ip classless
ip route 0.0.0.0 0.0.0.0 e0
肯定ok了。
15 请教2924交换机删除配置的命令?
erase startup-config
16 version 12.0
service timestamps debug datetime
service timestamps log uptime
请问各位大侠,上述两句配置是什么意思?timestamps是什么东东?
这是关于时间戳的配置,目的是使log都带有发生时的时间,便于排错。
17 如何用custom queue来限制某种流量的带宽? 我想在一个64Kb 的interface上把http访问的流量限制在最高每秒6.4Kb,把其他的带宽都留给桥(桥优先),如何配置呢? 看书讲的有点模糊,希望能得到大家的帮助
如果你想把 http 的流量限制在 10%,把其他的 90% 带宽都留给桥,可以用 Queuing。
但如果想把 http 的流量限制在 6.4k,把其他的 57.6k 带宽都留给桥,那就要用Traffic Shaping。
queue-list 1 protocol ip 1 tcp 80
queue-list 1 default 2
queue-list 1 queue 2 byte-count 13500
!
interface serial 0
custom-queue-list 1
注:
1. http 的 tcp port 为 80
2. 缺省的 bye-count 为 1500,因此 1500x9=13500
18 请教ATM LECS 的“WELL-KNOWN LECS ATM 地址”的具体工作原理?
The LEC knows the ATM address of the LECS in 1 of 3
ways
1. The LECS address can be hard- coded in the LEC
2. ILMI
When the LEC attaches to the ATM Switch, it sets up an ILMI VCC to
exchange management information with the switch.
If the switch is configured (hard coded) with 1 or more LECS addresses
, the LEC can
obtain these addresses when it ILMIs
3. LECS Well Known Address (WKA)
When a LECS connects to the switch, it registers the LECS WKA
Using the WKA in an environment with multiple LECS can be
non- deterministic (you may not be able to determine which LECS will b
e used -
depending on the configuration of the switches)
(4.) The LEC can also connect to the LECS using the well- known
PVC
This is rarely used
ATM FORUM 中定义ATM LECS的地址是47.**.**.……默认地址,如果是通过WKA寻址,LEC BOOT的时候,就会发出向47.……ATM地址建立SVC的UNI信令,如果和LEC直接相连的ATM交换机提供LECS服务的话,就一切OK,如果不是,必须有到LECS的路由(通俗一点,ATM里不叫路由)
19 Modem远程拨入CISCO 2610,怎么才能登陆NT DOMAIN???
在NT上起WINS服务,再在服务器和客户机上的IP/WINS内配服务器的IP地址
20 给一中学校园网做方案,L3交换机(www,email等server与它连)连CISCO3600通过256KDDN出去到CHINANET和CERNET,又有图书馆的WEB SERVER连在CISCO2511上,而2511也通过128KDDN连INTERNET,同时图书馆的所有公共资源也可通过3600进来访问(图书馆处与整个校园网的LAN内,是个小的VLAN)。3600和2511之间边界路由,目的是流量控制和负载平衡。它们之间的路由怎么设置?望各路高手不吝指教!
first,how you connect you router to chinanet and cernet,by static default route or dynamic route??if by dynamic route,you should cooperate with the router of telecom; if by static route,you need only configure two default route,recommend for this second,you should need to decide which route protocol to run between the cisco 3600 and cisco 2501,such as ibgp third,decide the as number you use,such as 65444(65412-65535 is private as number) fouth,configure you router:
routeA's address:10.0.0.2, routeB's address:10.0.0.1
routeA(config)#router bgp 65444
routeA(config-router)#network *.*.*.* ;your network number connected to router A
routeA(config-router)#neighbor 10.0.0.1 remote-as 65444
routeB(config)#router bgp 65444
routeB(config-router)#network *.*.*.* ;your network number connected to router b
routeB(config-router)#neighbor 10.0.0.2 remote-as 65444
21 请教各位高手如何再路由器上关闭TCP/UDP端口?
用扩展的acl
22 我想远程维护,有谁配置过AUX端口?
Client
hostname client
!
enable password cisco
!
username server password 0 cisco
!
chat-script dialup ABORT ERROR ABORT BUSY "" "ATDT14" TIMEOUT 30 CONNE
CT
!
interface Async1
ip address 10.5.1.2 255.255.255.0
encapsulation ppp
dialer in-band
dialer map ip 10.5.1.1 name server modem-script dialup 14
dialer-group 1
async default routing
async dynamic routing
async mode dedicated
priority-group 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Async1
no ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
script dialer dialup
modem InOut
speed 115200
line vty 0 4
password cisco
login
!
end
-------------
server
hostname server
!
enable secret 5 $1$N/2B$NziQD/0HIqiTdHJGcUn2j1
enable password cisco
!
username router password 0 cisco
memory-size iomem 15
ip subnet-zero
!
!
interface Async1
ip address 10.5.1.1 255.255.255.0
encapsulation ppp
dialer in-band
dialer map ip 10.5.1.2 name qinzhou broadcast
async default routing
async dynamic routing
async mode dedicated
priority-group 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Async1
!
line con 0
transport input none
line aux 0
modem InOut
transport input all
speed 115200
line vty 0 4
password cisco
login
!
end
23 我现在想知道CISCO ISDN 的2B要如何配置,1B又如何配置???
在附加设置里加$p4可获得2B,加$p3可获得1B
interface bri0
isdn spid1 12347897433412 3874834
isdn spid2 12347897433412 3874834
配完后重新初始化BRI端口
24 我在async17上配了ppp如下:
interface Async17
ip address 192.169.2.1 255.255.255.252
no ip directed-broadcast
encapsulation ppp
dialer in-band
dialer map ip 192.169.2.2 name down broadcast
dialer-group 1
ppp authentication chap
为何ppp跑不起来,提示this line may not use ppp ,请高手指点
加入
autoselect ppp(LINE配置)
ASYNC配置加入:
async dynamic address
async dynamic routing
async mode interactive
ip unnumbered Ethernet0
ip tcp header-compression passive
25 我在CISCO 2511中设置了如下命令:
ip domain-name mydomain.com
ip name-server 10.10.10.20
async-bootp nbns-server 10.10.10.20
async-bootp dns-server 10.10.10.20
结果发现,拨号上后无法实现域名解析。但我已试过在2511上是可以PING名字的。请问这是为何?
async-bootp dns-server x.x.x.x
26 PC机串口配置成9600、8N1、协议自动检测,就是无法连上ROUTER; 想通过TELNET远程登录过去,又因为ROUTER没设口令,也连不上去。 不知谁有高招。
1.Check the cable,it isn't a normal network UTP.
2.Try the aux port,it can be use like console sometimes
You need cross cable,PLs chk
应该是roll over, 1-8全反的线
另外检查PC的COM口是否是好的
1 如何看ROUTER的CPU利用率,一般在多少的范围是正常的?
show proc cpu 一般来说不应超过80% 。
The Cisco routers are not overutilized. (5-minute CPU utilization under 75%)
2 求助!CISCO ROUTER 如何用PC(WIN95)用TFTP传文件。
在win95端安装一个TFTP软件。
在cisco端需要键入TFTP地址时,写你win95的地址就可。
tftp还是不要用CISCO自己的那个的好,非常容易死机的,连CISCO的工程师都不喜欢用,很多都是用walusoft的tftp pro 3.x,稳定很多。
3 内部网192.168.200.X; 路由器WAN口IP地址为202.44.0.148 ;我将192.168.200.10.-192.168.200.254做单向NAT指向202.44.0.148 ; 192.168.200.10以内为服务器,他们单独做双向NAT与各自真地址绑定。以上情况,我用3COM路由器好做,主要是192.168.200.10-192.168.200.254 这段地址,用CISCO的路由器如何配置?
在CISCO路由器上,你可以用Translate Inside Source Addresses 的方法将你的服务器与真地址绑定。 10-254的地址可以用Overloading Inside Global address的办法(设个IP POOL)。
4 请问在同一台CISCO交换机上能否设置多个TRUNK?
当然可以了
5 在路由器和交换机之间如何同步时间?
起NTP
6 双绞线和同轴电缆最远能连多少米?
10BaseT and 100BaseT (Star) 100 from hub to station
10Base5 (Bus) 500
10Base2 (Bus) 185
加中继可以延长,四个网段和三个中继器(有源)
所以,细缆:4*185;粗缆:4*500;对绞线:4*100(最少)
我记得好像可以5*185/500/100
7 我的cisco2511的e0口的collision 和 deferred 的数目增张得很快, 不到一天的时间,collision 与 deferred就分别增到了 7300 与 2300 的大数,在这一天的时间段内,我lan PC上网有时很慢,不知这collision 和deferred 是否是正常的,他是否对lan的上网速度有时间段的影响? 还有就是,LAN上的server网卡的carri及colli也是增得较大的。不知这与 什么有关呢? 请指点。 谢谢。
估计微机数量较多,传送数据较频繁,导致冲突增大
当E0口上接较多PC时就会这样,这说明利用率高,正常!
8 谁有Cisco1603通过ISDN上163的例子?
isdn switch-type是isdn交换机的类型,在广东的话应该是primary-net5,
spid是系统配置id号,是交换机必须要有的,我想1600这个是肯定要佩的吧?
你给你的bri 0口配了ppp嘛?你的isdn无法连接也有可能是电信局的关系哦
这是一个2503拨号ISDN上163的一个配置文件。地点是哈尔滨
User Access Verification
Password:
Router>en
Password:
Router#sh runn
Building configuration...
Current configuration:
!
version 11.3
no service password-encryption
!
hostname Router
!
enable password *******
!
ip nat inside source list 1 interface Dialer0 overload
isdn switch-type basic-net3
!
!
interface Ethernet0
ip address 192.168.1.34 255.255.255.0 secondary
ip address *.*.*.* 255.255.255.224
ip access-group 102 in
ip nat inside
no cdp enable
!
interface Serial0
ip address *.*.*.* 255.255.255.252
ip access-group 2 in
ip nat outside
no cdp enable
!
interface Serial1
no ip address
shutdown
!
interface BRI0
no ip address
encapsulation ppp
dialer pool-member 1
!
interface Dialer0
ip address negotiated
ip nat outside
encapsulation ppp
bandwidth 64
no keepalive
dialer remote-name rtr2-a-1-hlhr.hl.cn.net
dialer string 163 class 163map
dialer load-threshold 64 either
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username pmodernjd password 7 00131A08560B5B56
ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
map-class dialer 163map
dialer idle-timeout 60
dialer fast-idle 30
dialer enable-timeout 1
no logging buffered
no logging trap
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 deny 192.168.1.0 0.0.0.255
access-list 2 permit any
access-list 101 deny ip any host 151.196.194.123
access-list 101 deny ip any host 209.1.144.192
access-list 101 permit ip any any
access-list 102 deny udp host 192.168.1.103 host 202.97.224.68
access-list 102 permit ip any any
access-list 103 deny ip any 0.0.0.255 255.255.255.0
access-list 103 permit ip any any
dialer-list 1 protocol ip list 103
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
access-class 1 in
password cw1990
login
!
end
Router#sh start
Using 1508 out of 32762 bytes
!
version 11.3
no service password-encryption
!
hostname Router
!
enable password modernjd
!
ip nat inside source list 1 interface BRI0 overload
isdn switch-type basic-net3
!
!
interface Ethernet0
ip address 192.168.1.34 255.255.255.0 secondary
ip address 202.97.251.34 255.255.255.224
ip access-group 102 in
ip nat inside
no cdp enable
!
interface Serial0
ip address 202.97.240.214 255.255.255.252
ip access-group 2 in
ip nat outside
no cdp enable
!
interface Serial1
no ip address
shutdown
!
interface BRI0
ip address negotiated
ip nat outside
encapsulation ppp
no keepalive
dialer idle-timeout 60
dialer fast-idle 30
dialer enable-timeout 1
dialer string 163
dialer load-threshold 128 either
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username pmodernjd password 7 071828421C594955
ppp multilink
!
ip classless
ip route 0.0.0.0 0.0.0.0 BRI0
!
no logging buffered
no logging trap
no logging trap
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 deny 192.168.1.0 0.0.0.255
access-list 2 permit any
access-list 101 deny ip any host 151.196.194.123
access-list 101 deny ip any host 209.1.144.192
access-list 101 permit ip any any
access-list 102 deny udp host 192.168.1.103 host 202.97.224.68
access-list 102 permit ip any any
access-list 103 deny ip any 0.0.0.255 255.255.255.0
access-list 103 permit ip any any
dialer-list 1 protocol ip list 103
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
access-class 1 in
password *******
login
!
end
Router#
9 如何在拨号线路上实现桥接功能(即支持NETBIOS广播)?
在客户端的LMHOSTS文件中加入 服务器名与IP的影射或在RAS端建WINS服务器,客户端中WINS指向WINS服务器
10 模型:A端-------ROUTER--------b端
XXXX 172.1.1.1 YYYY
目的: a端网除了xxxx以外的机都不可访问b端,b端网除了yyyy以外的机都可访问a端,怎样设?
设置access list 就可以了 。
48-bits MAC address access list 的access-list号是700-799
还有个extend MAC address access list是1100-1199但是没有用过
11 有一个企业,内部想通过2509拔号上网。IP pool用内部地址。 如何转换成合法IP地址? 用这种方案可行么? 或者是用NT机建立一个DHCP服务器,动态分配IP地址,如何?是否可行?
没问题。在2509上配置DDR,然后利用NAT功能设立IP POOL。内部网用私有地址。 不须用DHCP。
12 如何将三地(各地距离一千多公里)的LAN通过DDN连接在一起,务必令每地的LAN同属于同一个网段(因为要运行某一软件,此软件前提是工作站必须是属于同一网络)。 需要什么网络设备等等。
路由器桥接
13 RJ-21 Telco接口是什么接口,用于什么情况?
Telco接口 is Rj11
voice interface have :fxo,fxs,e&m
fxs is connect tel,fxo & e&m is connect PBX
14 CISCO 2511 的配置问题:
采用OSPF协议.现配置如下:
interface Ethernet0
ip address 10.88.132.5 255.255.252.0
!
interface Async1
ip unnumbered Ethernet0
ip tcp header-compression passive
encapsulation ppp
bandwidth 36
keepalive 10
async mode interactive
peer default ip address 10.88.167.1
no fair-queue
no cdp enable
!
(略)
.
!
router ospf 1
network 10.88.167.1 0.0.0.0 area 10.88.132.1
!
line 1
script dialer cisco-default
modem InOut
autocommand ppp
transport input all
rxspeed 57600
txspeed 57600
flowcontrol hardware
!
.
.
远程点拨号后,能PING通10.88.132.5,但不能PING通与此地址同网段的其他地址。 请问如何解决?
add a route: ip route 0.0.0.0 0.0.0.0 e0
在ospf中加上e0的网段
router ospf 1
network 10.88.167.1 0.0.0.0 area 10.88.132.1
network 10.88.132.5 0.0.3.255 a 1
你用OSPF干什么?是不是别的路由器(和E0口连的)用的是OSPF?
加两条:
ip classless
ip route 0.0.0.0 0.0.0.0 e0
肯定ok了。
15 请教2924交换机删除配置的命令?
erase startup-config
16 version 12.0
service timestamps debug datetime
service timestamps log uptime
请问各位大侠,上述两句配置是什么意思?timestamps是什么东东?
这是关于时间戳的配置,目的是使log都带有发生时的时间,便于排错。
17 如何用custom queue来限制某种流量的带宽? 我想在一个64Kb 的interface上把http访问的流量限制在最高每秒6.4Kb,把其他的带宽都留给桥(桥优先),如何配置呢? 看书讲的有点模糊,希望能得到大家的帮助
如果你想把 http 的流量限制在 10%,把其他的 90% 带宽都留给桥,可以用 Queuing。
但如果想把 http 的流量限制在 6.4k,把其他的 57.6k 带宽都留给桥,那就要用Traffic Shaping。
queue-list 1 protocol ip 1 tcp 80
queue-list 1 default 2
queue-list 1 queue 2 byte-count 13500
!
interface serial 0
custom-queue-list 1
注:
1. http 的 tcp port 为 80
2. 缺省的 bye-count 为 1500,因此 1500x9=13500
18 请教ATM LECS 的“WELL-KNOWN LECS ATM 地址”的具体工作原理?
The LEC knows the ATM address of the LECS in 1 of 3
ways
1. The LECS address can be hard- coded in the LEC
2. ILMI
When the LEC attaches to the ATM Switch, it sets up an ILMI VCC to
exchange management information with the switch.
If the switch is configured (hard coded) with 1 or more LECS addresses
, the LEC can
obtain these addresses when it ILMIs
3. LECS Well Known Address (WKA)
When a LECS connects to the switch, it registers the LECS WKA
Using the WKA in an environment with multiple LECS can be
non- deterministic (you may not be able to determine which LECS will b
e used -
depending on the configuration of the switches)
(4.) The LEC can also connect to the LECS using the well- known
PVC
This is rarely used
ATM FORUM 中定义ATM LECS的地址是47.**.**.……默认地址,如果是通过WKA寻址,LEC BOOT的时候,就会发出向47.……ATM地址建立SVC的UNI信令,如果和LEC直接相连的ATM交换机提供LECS服务的话,就一切OK,如果不是,必须有到LECS的路由(通俗一点,ATM里不叫路由)
19 Modem远程拨入CISCO 2610,怎么才能登陆NT DOMAIN???
在NT上起WINS服务,再在服务器和客户机上的IP/WINS内配服务器的IP地址
20 给一中学校园网做方案,L3交换机(www,email等server与它连)连CISCO3600通过256KDDN出去到CHINANET和CERNET,又有图书馆的WEB SERVER连在CISCO2511上,而2511也通过128KDDN连INTERNET,同时图书馆的所有公共资源也可通过3600进来访问(图书馆处与整个校园网的LAN内,是个小的VLAN)。3600和2511之间边界路由,目的是流量控制和负载平衡。它们之间的路由怎么设置?望各路高手不吝指教!
first,how you connect you router to chinanet and cernet,by static default route or dynamic route??if by dynamic route,you should cooperate with the router of telecom; if by static route,you need only configure two default route,recommend for this second,you should need to decide which route protocol to run between the cisco 3600 and cisco 2501,such as ibgp third,decide the as number you use,such as 65444(65412-65535 is private as number) fouth,configure you router:
routeA's address:10.0.0.2, routeB's address:10.0.0.1
routeA(config)#router bgp 65444
routeA(config-router)#network *.*.*.* ;your network number connected to router A
routeA(config-router)#neighbor 10.0.0.1 remote-as 65444
routeB(config)#router bgp 65444
routeB(config-router)#network *.*.*.* ;your network number connected to router b
routeB(config-router)#neighbor 10.0.0.2 remote-as 65444
21 请教各位高手如何再路由器上关闭TCP/UDP端口?
用扩展的acl
22 我想远程维护,有谁配置过AUX端口?
Client
hostname client
!
enable password cisco
!
username server password 0 cisco
!
chat-script dialup ABORT ERROR ABORT BUSY "" "ATDT14" TIMEOUT 30 CONNE
CT
!
interface Async1
ip address 10.5.1.2 255.255.255.0
encapsulation ppp
dialer in-band
dialer map ip 10.5.1.1 name server modem-script dialup 14
dialer-group 1
async default routing
async dynamic routing
async mode dedicated
priority-group 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Async1
no ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
script dialer dialup
modem InOut
speed 115200
line vty 0 4
password cisco
login
!
end
-------------
server
hostname server
!
enable secret 5 $1$N/2B$NziQD/0HIqiTdHJGcUn2j1
enable password cisco
!
username router password 0 cisco
memory-size iomem 15
ip subnet-zero
!
!
interface Async1
ip address 10.5.1.1 255.255.255.0
encapsulation ppp
dialer in-band
dialer map ip 10.5.1.2 name qinzhou broadcast
async default routing
async dynamic routing
async mode dedicated
priority-group 1
!
ip classless
ip route 0.0.0.0 0.0.0.0 Async1
!
line con 0
transport input none
line aux 0
modem InOut
transport input all
speed 115200
line vty 0 4
password cisco
login
!
end
23 我现在想知道CISCO ISDN 的2B要如何配置,1B又如何配置???
在附加设置里加$p4可获得2B,加$p3可获得1B
interface bri0
isdn spid1 12347897433412 3874834
isdn spid2 12347897433412 3874834
配完后重新初始化BRI端口
24 我在async17上配了ppp如下:
interface Async17
ip address 192.169.2.1 255.255.255.252
no ip directed-broadcast
encapsulation ppp
dialer in-band
dialer map ip 192.169.2.2 name down broadcast
dialer-group 1
ppp authentication chap
为何ppp跑不起来,提示this line may not use ppp ,请高手指点
加入
autoselect ppp(LINE配置)
ASYNC配置加入:
async dynamic address
async dynamic routing
async mode interactive
ip unnumbered Ethernet0
ip tcp header-compression passive
25 我在CISCO 2511中设置了如下命令:
ip domain-name mydomain.com
ip name-server 10.10.10.20
async-bootp nbns-server 10.10.10.20
async-bootp dns-server 10.10.10.20
结果发现,拨号上后无法实现域名解析。但我已试过在2511上是可以PING名字的。请问这是为何?
async-bootp dns-server x.x.x.x
26 PC机串口配置成9600、8N1、协议自动检测,就是无法连上ROUTER; 想通过TELNET远程登录过去,又因为ROUTER没设口令,也连不上去。 不知谁有高招。
1.Check the cable,it isn't a normal network UTP.
2.Try the aux port,it can be use like console sometimes
You need cross cable,PLs chk
应该是roll over, 1-8全反的线
另外检查PC的COM口是否是好的
2456
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
