项目介绍
学习以下配置,能满足90%企业网络架构需求
项目背景:
企业网络核心交换机配置参考
vlan :不同部门,不同vlan
vlan interface : 每个vlan配置接口ip
route :90%企业配置静态路由就可以了
dhcp :配置DHCP中继,DHCP服务器通常配置到AD域控制器
trunk :指交换机端口的类型,通常级联用到
access:指交换机端口的类型,通常连接终端和电脑设备
eth-trunk:上行线路,多个端口绑定,提高上行带宽
策略路由: 略,多出口IP配置网关
一个华为交换机配置参考,可以满足1000信息点需求:
!Software Version V200R010C00SPC600
#
sysname HUAWEI
#
dns server 127.0.0.1
#
vlan batch 10 20 30 40 50 60 70 80 90 100
vlan batch 120
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name portal_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name multi_authen_profile
#
dhcp enable
#
radius-server template default
#
pki realm default
certificate-check none
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
dhcp server group 1
dhcp-server 172.26.0.10 0
#
dhcp server group 2
dhcp-server 172.26.1.1 0
#
dhcp server group 3
dhcp-server 172.26.2.20 0
#
aaa
authentication-scheme default
authentication-scheme radius
authentication-mode radius
authorization-scheme default
accounting-scheme default
local-aaa-user password policy administrator
password expire 0
domain default
authentication-scheme radius
radius-server default
domain default_admin
authentication-scheme default
local-user admin password irreversible-cipher $1a$3sT>VB3[a2$5L0*;r"}H1.@N{)`vbn95kY>=AGDj4j,SWIxZk-"$
local-user admin privilege level 15
local-user admin service-type terminal http
#
interface Vlanif1
ip address 172.26.1.2 255.255.254.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif10
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif20
ip address 172.26.2.2 255.255.254.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif30
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif40
ip address 172.26.4.2 255.255.254.0
#
interface Vlanif50
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif60
ip address 172.26.6.2 255.255.254.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif80
ip address 172.26.8.2 255.255.254.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif100
ip address 172.26.10.2 255.255.254.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlanif120
ip address 172.26.12.2 255.255.254.0
#
interface MEth0/0/1
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
mode lacp
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 20
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 20
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 40
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
port link-type access
port default vlan 60
#
interface GigabitEthernet0/0/7
port link-type access
port default vlan 80
#
interface GigabitEthernet0/0/8
port link-type access
port default vlan 80
#
interface GigabitEthernet0/0/9
port link-type access
port default vlan 80
#
interface GigabitEthernet0/0/10
port link-type access
port default vlan 80
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
port link-type access
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
port link-type access
#
interface GigabitEthernet0/0/25
#
interface GigabitEthernet0/0/26
#
interface GigabitEthernet0/0/27
#
interface GigabitEthernet0/0/28
#
interface GigabitEthernet0/0/29
#
interface GigabitEthernet0/0/30
#
interface GigabitEthernet0/0/31
#
interface GigabitEthernet0/0/32
#
interface GigabitEthernet0/0/33
#
interface GigabitEthernet0/0/34
#
interface GigabitEthernet0/0/35
#
interface GigabitEthernet0/0/36
#
interface GigabitEthernet0/0/37
port link-type access
#
interface GigabitEthernet0/0/38
#
interface GigabitEthernet0/0/39
#
interface GigabitEthernet0/0/40
#
interface GigabitEthernet0/0/41
#
interface GigabitEthernet0/0/42
#
interface GigabitEthernet0/0/43
#
interface GigabitEthernet0/0/44
#
interface GigabitEthernet0/0/45
#
interface GigabitEthernet0/0/46
#
interface GigabitEthernet0/0/47
eth-trunk 1
#
interface GigabitEthernet0/0/48
eth-trunk 1
#
interface GigabitEthernet0/0/49
#
interface GigabitEthernet0/0/50
#
interface GigabitEthernet0/0/51
#
interface GigabitEthernet0/0/52
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 172.26.1.1
#
user-interface con 0
authentication-mode aaa
user-interface vty 0 4
user privilege level 15
user-interface vty 16 20
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
return
版权说明:如非注明,本站文章均为 扬州驻场服务-网络设备调试-监控维修-南京泽同信息科技有限公司 原创,转载请注明出处和附带本文链接。
请在这里放置你的在线分享代码