偶看新闻香港屈臣氏algae dha:网络组建、维护与设计之思科路由交换总结
来源:百度文库 编辑:偶看新闻 时间:2024/05/05 10:39:22
近期《网络组建、维护与设计》课程学习总结
一、路由器密码恢复
ctrl+break
>o
>o/r 0x2142
>i
would you like.........? no
enable
copy start runn
conf t
enable secret ****
end
copy runn start
conf t
config-register 0x2102
end
二、Cisco ios 文件的导入、导出
思科IOS的导出
1. Router# dir
2. Router#copy flash: tftp:
3. Source filename [ ]? C2500-i-l.|2|-21.bin
4. Addres or name of remote host [ ]? 备份计算机的地址 (tftp 的地址)
5. Destination filename [C2500-i-1.|2|-21.bin]? 备份文件名.bin 回车
(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 出现很多感叹号就说明成功了)
思科ios的导入
1. >o /r 0x2101
2. >i
3. router(boot)>en
4. router(boot)#copy tftp flash
5. [0 bytes used, 4194304 available, 4194304 total]
Address or name of remote host [255.255.255.255]? 192.168.25.32
6. Source file name?.bin(IOS映像文件名)
7. Destination file name [fengjiankun.bin]?
8. Accessing file ' fengjiankun.bin' on 192.168.25.32...
Loading geyi.bin from 192.168.25.32 (via Ethernet0): ! [OK]
9. Device needs erasure before copying new file
Erase flash device before writing? [confirm]
10. Copy ' fengjiankun.bin' from server
as ' fengjiankun.bin' into Flash WITH erase? [yes/no]y
11. Erasing device... eeeeeeeeeeeeeeee ...erased
Loading geyi.bin from 192.168.25.32 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!(!表示恢复成功)
12. 还原路由器虚拟寄存器的默认值(0x2102),恢复路由器的正常启动顺序,依次键入以下命令:
router(boot)#conf t
router(boot)(config)#config-register 0x2102 router(boot)(config)#exit
router(boot)#reload
三、telnet
En
Conf t
Enable secret 密码
Line vty 0 4
Password 密码
Login
End
四、nat 转换
Router>en
Router#conf t
Router(config)#int f 0/1
Router(config-if)#ip add 192.168.0.254 255.255.255.0
Router(config-if)#ip nat in
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f 0/0
Router(config-if)#ip add 192.168.1.1 255.255.255.0
Router(config-if)#ip nat out
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#ip nat pool net 192.168.1.1 192.168.1.1 netmask 255.255.255.0
Router(config)#ip nat inside source list 1 pool net overload
Router(config)#access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)#ip route 0.0.0.0 0.0.0.0 f0/0
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]五、Cisco 交换路由的实验
Switch>en
Switch#conf t
s32(config)#hostname S32 -----更改交换机名称
-----设置vlan端口
S32(config)#vlan 10
S32(config-vlan)#name vlan10
S32(config-vlan)#vlan 20
S32(config-vlan)#name vlan20
S32(config-vlan)#end
((s32>en
s32#vlan ?
database Configure VLAN database
s32#vlan d
s32(vlan)#vlan 10 name vlan10
VLAN 10 modified:
Name: vlan10
s32(vlan)#vlan 20 name vlan20
VLAN 20 modified:
Name: vlan20
s32(vlan)#vlan 30 name vlan30
VLAN 30 modified:
Name: vlan30
s32(vlan)#exit
APPLY completed.
Exiting....))
----聚合端口
S32#conf t
S32(config)#int range f0/1 - 5
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 10
S32(config-if-range)#^Z
%SYS-5-CONFIG_I: Configured from console by console
S32#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S32(config)#int range f0/6 - 10
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 20
S32(config)#int range f0/22 - 23
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 30
S32(config-if-range)#^Z
-----设置一条主干线连接路由器
s32(config)#in f 0/24
s32(config-if)#sw m t
s32(config-if)#no shut
s32(config-if)#end
----设置ip地址
Router>en
Router#conf t
Router(config)#
Router(config)#int f0/0
Router(config-if)#ip add 192.168.200.254 255.255.255.0
Router(config-if)#ip nat outside
Router(config-if)#no shut
Router#conf t
Router(config)#
Router(config)#int f0/1
Router(config-if)#ip add 192.168.0.254 255.255.255.0
Router(config-if)#ip nat inside
Router(config-if)#no shut
Router(config)#ip nat p net 192.168.200.254 192.168.200.254 ne
Router(config)#ip nat p net 192.168.200.254 192.168.200.254 netmask 255.255.255.0
Router(config)#ip nat in s l 1 p net o
Router(config)#acc
Router(config)#access-list 1 p 192.168.0.0 0.0.0.255
Router(config)#ip route 0.0.0.0 0.0.0.0 f 0/0
Router(config)#end
%SYS-5-CONFIG_I: Configured from console by console
---给路由设置子端口
Router(config)#in f 0/1.1
Router(config-subif)#en d 10
Router(config-subif)#ip add 192.168.11.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
Router(config)#in f 0/1.2
Router(config-subif)#en d 20
Router(config-subif)#ip add 192.168.12.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
Router(config)#in f 0/1.3Router(config-subif)#en d 30
Router(config-subif)#ip add 192.168.13.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
---保存
Router#copy runn start
Destination filename [startup-config]?
Building configuration...
[OK]
六、跨交换机VLAN_net_vlan_
1、设置vtp domain。 vtp domain 称为管理域。
交换vtp更新信息的所有交换机必须配置为相同的管理域。如果所有的交换机都以中继线相连,那么只要在核心交换机上设置一个管理域,网络上所有的交换机都加入该域,这样管理域里所有的交换机就能够了解彼此的vlan列表。
mainswitch #vlan database 进入vlan配置模式
mainswitch(vlan)#vtp domain mainswitch 设置vtp管理域名称 mainswitch
mainswitch(vlan)#vtp server 设置交换机为服务器模式
lanswitch01#vlan database 进入vlan配置模式
lanswitch01(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch01(vlan)#vtp client 设置交换机为客户端模式
lanswitch02#vlan database 进入vlan配置模式
lanswitch02(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch02(vlan)#vtp client 设置交换机为客户端模式
lanswitch03#vlan database 进入vlan配置模式
lanswitch03(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch03(vlan)#vtp client 设置交换机为客户端模式
注意:这里设置核心交换机为server模式是指允许在该交换机上创建、修改、删除vlan及其他一些对整个vtp域的配置参数,同步本vtp域中其他交换机传递来的最新的vlan信息;client模式是指本交换机不能创建、删除、修改vlan配置,也不能在nvram中存储vlan配置,但可同步由本vtp域中其他交换机传递来的vlan信息。
2、配置中继为了保证管理域能够覆盖所有的分支交换机,必须配置中继。
cisco交换机能够支持任何介质作为中继线,为了实现中继可使用其特有的isl标签。isl(inter-switch link)是一个在交换机之间、交换机与路由器之间及交换机与服务器之间传递多个vlan信息及vlan数据流的协议,通过在交换机直接相连的端口配置isl封装,即可跨越交换机进行整个网络的vlan分配和进行配置。
在核心交换机端配置如下:
mainswitch(config)#interface f0/1
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/2
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/3
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
在分支交换机端配置如下:
lanswitch01(config)#interface f0/24
lanswitch01(config-if)#switchport mode trunk
lanswitch02(config)#interface f0/24
lanswitch02(config-if)#switchport mode trunk
lanswitch03(config)#interface f0/24
lanswitch03(config-if)#switchport mode trunk
此时,管理域算是设置完毕了。
3、创建vlan一旦建立了管理域,就可以创建vlan了。
mainswitch(vlan)#vlan 10 name vlan10 创建了一个编号为10 名字为vlan10的 vlan
mainswitch(vlan)#vlan 20 name vlan20t 创建了一个编号为20 名字为vlan20的 vlan
mainswitch(vlan)#vlan 30 name vlan30 创建了一个编号为30 名字为vlan30的 vlan
注意,这里的vlan是在核心交换机上建立的,其实,只要是在管理域中的任何一台vtp 属性为server的交换机上建立vlan,它就会通过vtp通告整个管理域中的所有的交换机。但如果要将具体的交换机端口划入某个vlan,就必须在该端口所属的交换机上进行设置。 4、将交换机端口划入vlan
例如,要将lanswitch01、lanswitch02、lanswitch03……分支交换机的端口1划入vlan10 vlan,端口2划入vlan20 vlan,端口3划入vlan30 vlan……
lanswitch01(config)#interface fastethernet 0/1 配置端口1
lanswitch01(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch01(config)#interface fastethernet 0/2 配置端口2
lanswitch01(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch01(config)#interface fastethernet 0/3 配置端口3
lanswitch01(config-if)#switchport access vlan 30 归属vlan30 vlan
lanswitch02(config)#interface fastethernet 0/1 配置端口1
lanswitch02(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch02(config)#interface fastethernet 0/2 配置端口2
lanswitch02(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch02(config)#interface fastethernet 0/3 配置端口3
lanswitch02(config-if)#switchport access vlan 30 归属vlan30 vlan
lanswitch03(config)#interface fastethernet 0/1 配置端口1
lanswitch03(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch03(config)#interface fastethernet 0/2 配置端口2
lanswitch03(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch03(config)#interface fastethernet 0/3 配置端口3
lanswitch03(config-if)#switchport access vlan 30 归属vlan30 vlan5、路由器1:
interface FastEthernet0/1
ip address 192.168.0.254 255.255.255.0
ip access-group 110 in
duplex auto
speed auto
interface FastEthernet0/1.1
encapsulation dot1Q 10
ip address 192.168.11.254 255.255.255.0
interface FastEthernet0/1.2
encapsulation dot1Q 20
ip address 192.168.12.254 255.255.255.0
interface FastEthernet0/1.3
encapsulation dot1Q 30
ip address 192.168.13.254 255.255.255.0
access-list 110 deny ip any 192.168.12.0 0.0.0.255
access-list 110 permit ip any any
七、中期总结
1、实验设备清单:
设备型号
设备名称
设备参数
Cisco2621Xm
Mainroute
Lan:192.168.15.254/25 wan:192.168.0.254/24
CiscoSwitch2960
Mainswitch、Lanswitch01、Lanswitch02、Lanswitch03
交换机0
Web服务器
Web01、web02
Web01:192.168.14.2/24 web02:192.168.15.1/24
Dns服务器
Dns
192.168.14.1/24
客户机
C1-1--c1-3
192.168.11.1—3/24
客户机
C2-1—c2-3
192.168.12.1—3/24
客户机
C3-1—c3-3
192.168.13.1—3/24
客户机
Client
192.168.15.2/24
2、具体配置:交换:
mainswitch #vlan database
mainswitch(vlan)#vtp domain mainswitch
mainswitch(vlan)#vtp server
lanswitch01#vlan database
lanswitch01(vlan)#vtp domain mainswitch
lanswitch01(vlan)#vtp client
lanswitch02#vlan database
lanswitch02(vlan)#vtp domain mainswitch
lanswitch02(vlan)#vtp client
lanswitch03#vlan database
lanswitch03(vlan)#vtp domain mainswitch
lanswitch03(vlan)#vtp client
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/2
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/3
mainswitch(config-if)#switchport mode trunk
lanswitch01(config)#interface f0/24
lanswitch01(config-if)#switchport mode trunk
lanswitch02(config)#interface f0/24
lanswitch02(config-if)#switchport mode trunk
lanswitch03(config)#interface f0/24
lanswitch03(config-if)#switchport mode trunk
mainswitch(vlan)#vlan 10 name vlan10
mainswitch(vlan)#vlan 20 name vlan20t
mainswitch(vlan)#vlan 30 name vlan30
mainswitch(vlan)#vlan 40 name vlan40
lanswitch01(config)#interface fastethernet 0/1
lanswitch01(config-if)#switchport access vlan 10
lanswitch01(config)#interface fastethernet 0/2
lanswitch01(config-if)#switchport access vlan 20
lanswitch01(config)#interface fastethernet 0/3
lanswitch01(config-if)#switchport access vlan 30
lanswitch02(config)#interface fastethernet 0/1
lanswitch02(config-if)#switchport access vlan 10
lanswitch02(config)#interface fastethernet 0/2
lanswitch02(config-if)#switchport access vlan 20
lanswitch02(config)#interface fastethernet 0/3
lanswitch02(config-if)#switchport access vlan 30
lanswitch03(config)#interface fastethernet 0/1
lanswitch03(config-if)#switchport access vlan 10
lanswitch03(config)#interface fastethernet 0/2
lanswitch03(config-if)#switchport access vlan 20
lanswitch03(config)#interface fastethernet 0/3
lanswitch03(config-if)#switchport access vlan 30
lanswitch03(config)#interface fastethernet 0/3 – 6
lanswitch03(config-if)#switchport access vlan 40
mainswitch(config)#interface f0/24
mainswitch(config-if)#switchport mode trunk路由:interface FastEthernet0/0
ip address 192.168.15.254 255.255.255.0
ip nat outside
interface FastEthernet0/1
ip address 192.168.0.254 255.255.255.0
ip nat inside
interface FastEthernet0/1.1
encapsulation dot1Q 10
ip address 192.168.11.254 255.255.255.0
ip access-group 101 in
ip access-group 101 out
interface FastEthernet0/1.2
encapsulation dot1Q 20
ip address 192.168.12.254 255.255.255.0
ip access-group 101 in
ip access-group 101 out
interface FastEthernet0/1.3
encapsulation dot1Q 30
ip address 192.168.13.254 255.255.255.0
interface FastEthernet0/1.4
encapsulation dot1Q 40
ip address 192.168.14.254 255.255.255.0
ip nat pool c35 192.168.15.254 192.168.15.254 netmask 255.255.255.0
ip nat inside source list 1 pool c35 overload
ip nat inside source static tcp 192.168.14.2 80 192.168.15.254 80
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
access-list 101 deny ip 192.168.11.0 0.0.0.255 192.168.12.0 0.0.0.255
access-list 101 deny ip 192.168.11.0 0.0.0.255 192.168.13.0 0.0.0.255
access-list 101 deny ip 192.168.12.0 0.0.0.255 192.168.13.0 0.0.0.255
access-list 101 permit ip any any
3、telnet
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret 123
Router(config)#line vty 0 4
Router(config-line)#pas
Router(config-line)#password 123
Router(config-line)#login
Router(config-line)#exit
Router(config)#acc 1 permit host 192.168.14.3
Router(config)#line vty 0 4
Router(config-line)#acc
Router(config-line)#access-class 1 in
Lanswitch01: lanswitch01#conf t
lanswitch01(config)#int vlan 40
lanswitch01(config-if)#ip add 192.168.14.110 255.255.255.0
lanswitch01(config-if)#no shut
lanswitch01(config-if)#exit
lanswitch01(config)#ena pass 111
lanswitch01(config)#line vty 0 4
lanswitch01(config-line)#pass 111
lanswitch01(config-line)#login
lanswitch01(config-line)#exit
lanswitch01(config)#acc 1 permit host 192.168.14.3
lanswitch01(config)#exit
lanswitch01#
lanswitch01#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]Lanswitch02: lanswitch02#conf t
lanswitch02(config)#int vlan 40
lanswitch02(config-if)#ip add 192.168.14.111 255.255.255.0
lanswitch02(config-if)#no shut
lanswitch02(config-if)#exit
lanswitch02(config)#ena pass 111
lanswitch02(config)#line vty 0 4
lanswitch02(config-line)#pass 111
lanswitch02(config-line)#login
lanswitch02(config-line)#exit
lanswitch02(config)#acc 1 permit host 192.168.14.3
lanswitch02(config)#exit
lanswitch02#
lanswitch02#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]Lanswitch03: lanswitch03#conf t
lanswitch03(config)#int vlan 40
lanswitch03(config-if)#ip add 192.168.14.112 255.255.255.0
lanswitch03(config-if)#no shut
lanswitch03(config-if)#exit
lanswitch03(config)#ena pass 111
lanswitch03(config)#line vty 0 4
lanswitch03(config-line)#pass 111
lanswitch03(config-line)#login
lanswitch03(config)#acc 1 permit host 192.168.14.3
lanswitch03(config)#exit
lanswitch03#
lanswitch03#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
八、静态路由
Route0: nterface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
ip nat inside
interface Serial1/0
ip address 192.168.2.1 255.255.255.0
ip nat outside
ip route 0.0.0.0 0.0.0.0 Serial1/0
Route1:
interface FastEthernet0/1
ip address 192.168.3.254 255.255.255.0
ip nat inside!
interface Serial1/0
ip address 192.168.2.2 255.255.255.0
ip nat outside
clock rate 128000
interface Serial1/1
ip address 192.168.4.1 255.255.255.0
ip nat outside
clock rate 64000
ip route 0.0.0.0 0.0.0.0 Serial1/0
ip route 0.0.0.0 0.0.0.0 Serial1/1
Route2:
interface FastEthernet0/1
ip address 192.168.5.254 255.255.255.0
ip nat inside
interface Serial1/1
ip address 192.168.4.2 255.255.255.0
ip nat outside
interface Serial1/2
ip address 192.168.6.1 255.255.255.0
ip nat outside
clock rate 72000
ip route 0.0.0.0 0.0.0.0 Serial1/1
ip route 0.0.0.0 0.0.0.0 Serial1/2
Route4: interface FastEthernet0/1
ip address 192.168.7.254 255.255.255.0
ip nat inside
interface Serial1/2
ip address 192.168.6.2 255.255.255.0
ip nat outside
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1/2
九、rip 协议
Route0:interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
interface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
router rip
network 192.168.1.0
network 192.168.2.0
ip route 0.0.0.0 0.0.0.0 Serial1/0
Route1:interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
interface FastEthernet0/1
ip address 192.168.3.254 255.255.255.0
router rip
network 192.168.2.0
network 192.168.3.0
ip route 0.0.0.0 0.0.0.0 Serial1/2
pc0:192.168.1.2/24
pc1:192.168.3.2/24
一、路由器密码恢复
ctrl+break
>o
>o/r 0x2142
>i
would you like.........? no
enable
copy start runn
conf t
enable secret ****
end
copy runn start
conf t
config-register 0x2102
end
二、Cisco ios 文件的导入、导出
思科IOS的导出
1. Router# dir
2. Router#copy flash: tftp:
3. Source filename [ ]? C2500-i-l.|2|-21.bin
4. Addres or name of remote host [ ]? 备份计算机的地址 (tftp 的地址)
5. Destination filename [C2500-i-1.|2|-21.bin]? 备份文件名.bin 回车
(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 出现很多感叹号就说明成功了)
思科ios的导入
1. >o /r 0x2101
2. >i
3. router(boot)>en
4. router(boot)#copy tftp flash
5. [0 bytes used, 4194304 available, 4194304 total]
Address or name of remote host [255.255.255.255]? 192.168.25.32
6. Source file name?.bin(IOS映像文件名)
7. Destination file name [fengjiankun.bin]?
8. Accessing file ' fengjiankun.bin' on 192.168.25.32...
Loading geyi.bin from 192.168.25.32 (via Ethernet0): ! [OK]
9. Device needs erasure before copying new file
Erase flash device before writing? [confirm]
10. Copy ' fengjiankun.bin' from server
as ' fengjiankun.bin' into Flash WITH erase? [yes/no]y
11. Erasing device... eeeeeeeeeeeeeeee ...erased
Loading geyi.bin from 192.168.25.32 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!(!表示恢复成功)
12. 还原路由器虚拟寄存器的默认值(0x2102),恢复路由器的正常启动顺序,依次键入以下命令:
router(boot)#conf t
router(boot)(config)#config-register 0x2102 router(boot)(config)#exit
router(boot)#reload
三、telnet
En
Conf t
Enable secret 密码
Line vty 0 4
Password 密码
Login
End
四、nat 转换
Router>en
Router#conf t
Router(config)#int f 0/1
Router(config-if)#ip add 192.168.0.254 255.255.255.0
Router(config-if)#ip nat in
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f 0/0
Router(config-if)#ip add 192.168.1.1 255.255.255.0
Router(config-if)#ip nat out
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#ip nat pool net 192.168.1.1 192.168.1.1 netmask 255.255.255.0
Router(config)#ip nat inside source list 1 pool net overload
Router(config)#access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)#ip route 0.0.0.0 0.0.0.0 f0/0
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]五、Cisco 交换路由的实验
Switch>en
Switch#conf t
s32(config)#hostname S32 -----更改交换机名称
-----设置vlan端口
S32(config)#vlan 10
S32(config-vlan)#name vlan10
S32(config-vlan)#vlan 20
S32(config-vlan)#name vlan20
S32(config-vlan)#end
((s32>en
s32#vlan ?
database Configure VLAN database
s32#vlan d
s32(vlan)#vlan 10 name vlan10
VLAN 10 modified:
Name: vlan10
s32(vlan)#vlan 20 name vlan20
VLAN 20 modified:
Name: vlan20
s32(vlan)#vlan 30 name vlan30
VLAN 30 modified:
Name: vlan30
s32(vlan)#exit
APPLY completed.
Exiting....))
----聚合端口
S32#conf t
S32(config)#int range f0/1 - 5
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 10
S32(config-if-range)#^Z
%SYS-5-CONFIG_I: Configured from console by console
S32#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S32(config)#int range f0/6 - 10
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 20
S32(config)#int range f0/22 - 23
S32(config-if-range)#switchport mode access
S32(config-if-range)#switchport access vlan 30
S32(config-if-range)#^Z
-----设置一条主干线连接路由器
s32(config)#in f 0/24
s32(config-if)#sw m t
s32(config-if)#no shut
s32(config-if)#end
----设置ip地址
Router>en
Router#conf t
Router(config)#
Router(config)#int f0/0
Router(config-if)#ip add 192.168.200.254 255.255.255.0
Router(config-if)#ip nat outside
Router(config-if)#no shut
Router#conf t
Router(config)#
Router(config)#int f0/1
Router(config-if)#ip add 192.168.0.254 255.255.255.0
Router(config-if)#ip nat inside
Router(config-if)#no shut
Router(config)#ip nat p net 192.168.200.254 192.168.200.254 ne
Router(config)#ip nat p net 192.168.200.254 192.168.200.254 netmask 255.255.255.0
Router(config)#ip nat in s l 1 p net o
Router(config)#acc
Router(config)#access-list 1 p 192.168.0.0 0.0.0.255
Router(config)#ip route 0.0.0.0 0.0.0.0 f 0/0
Router(config)#end
%SYS-5-CONFIG_I: Configured from console by console
---给路由设置子端口
Router(config)#in f 0/1.1
Router(config-subif)#en d 10
Router(config-subif)#ip add 192.168.11.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
Router(config)#in f 0/1.2
Router(config-subif)#en d 20
Router(config-subif)#ip add 192.168.12.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
Router(config)#in f 0/1.3Router(config-subif)#en d 30
Router(config-subif)#ip add 192.168.13.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#exit
---保存
Router#copy runn start
Destination filename [startup-config]?
Building configuration...
[OK]
六、跨交换机VLAN_net_vlan_
1、设置vtp domain。 vtp domain 称为管理域。
交换vtp更新信息的所有交换机必须配置为相同的管理域。如果所有的交换机都以中继线相连,那么只要在核心交换机上设置一个管理域,网络上所有的交换机都加入该域,这样管理域里所有的交换机就能够了解彼此的vlan列表。
mainswitch #vlan database 进入vlan配置模式
mainswitch(vlan)#vtp domain mainswitch 设置vtp管理域名称 mainswitch
mainswitch(vlan)#vtp server 设置交换机为服务器模式
lanswitch01#vlan database 进入vlan配置模式
lanswitch01(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch01(vlan)#vtp client 设置交换机为客户端模式
lanswitch02#vlan database 进入vlan配置模式
lanswitch02(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch02(vlan)#vtp client 设置交换机为客户端模式
lanswitch03#vlan database 进入vlan配置模式
lanswitch03(vlan)#vtp domain mainswitch 设置vtp管理域名称mainswitch
lanswitch03(vlan)#vtp client 设置交换机为客户端模式
注意:这里设置核心交换机为server模式是指允许在该交换机上创建、修改、删除vlan及其他一些对整个vtp域的配置参数,同步本vtp域中其他交换机传递来的最新的vlan信息;client模式是指本交换机不能创建、删除、修改vlan配置,也不能在nvram中存储vlan配置,但可同步由本vtp域中其他交换机传递来的vlan信息。
2、配置中继为了保证管理域能够覆盖所有的分支交换机,必须配置中继。
cisco交换机能够支持任何介质作为中继线,为了实现中继可使用其特有的isl标签。isl(inter-switch link)是一个在交换机之间、交换机与路由器之间及交换机与服务器之间传递多个vlan信息及vlan数据流的协议,通过在交换机直接相连的端口配置isl封装,即可跨越交换机进行整个网络的vlan分配和进行配置。
在核心交换机端配置如下:
mainswitch(config)#interface f0/1
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/2
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/3
mainswitch(config-if)#switchport
mainswitch(config-if)#switchport trunk encapsulation isl 配置中继协议
mainswitch(config-if)#switchport mode trunk
在分支交换机端配置如下:
lanswitch01(config)#interface f0/24
lanswitch01(config-if)#switchport mode trunk
lanswitch02(config)#interface f0/24
lanswitch02(config-if)#switchport mode trunk
lanswitch03(config)#interface f0/24
lanswitch03(config-if)#switchport mode trunk
此时,管理域算是设置完毕了。
3、创建vlan一旦建立了管理域,就可以创建vlan了。
mainswitch(vlan)#vlan 10 name vlan10 创建了一个编号为10 名字为vlan10的 vlan
mainswitch(vlan)#vlan 20 name vlan20t 创建了一个编号为20 名字为vlan20的 vlan
mainswitch(vlan)#vlan 30 name vlan30 创建了一个编号为30 名字为vlan30的 vlan
注意,这里的vlan是在核心交换机上建立的,其实,只要是在管理域中的任何一台vtp 属性为server的交换机上建立vlan,它就会通过vtp通告整个管理域中的所有的交换机。但如果要将具体的交换机端口划入某个vlan,就必须在该端口所属的交换机上进行设置。 4、将交换机端口划入vlan
例如,要将lanswitch01、lanswitch02、lanswitch03……分支交换机的端口1划入vlan10 vlan,端口2划入vlan20 vlan,端口3划入vlan30 vlan……
lanswitch01(config)#interface fastethernet 0/1 配置端口1
lanswitch01(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch01(config)#interface fastethernet 0/2 配置端口2
lanswitch01(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch01(config)#interface fastethernet 0/3 配置端口3
lanswitch01(config-if)#switchport access vlan 30 归属vlan30 vlan
lanswitch02(config)#interface fastethernet 0/1 配置端口1
lanswitch02(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch02(config)#interface fastethernet 0/2 配置端口2
lanswitch02(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch02(config)#interface fastethernet 0/3 配置端口3
lanswitch02(config-if)#switchport access vlan 30 归属vlan30 vlan
lanswitch03(config)#interface fastethernet 0/1 配置端口1
lanswitch03(config-if)#switchport access vlan 10 归属vlan10 vlan
lanswitch03(config)#interface fastethernet 0/2 配置端口2
lanswitch03(config-if)#switchport access vlan 20 归属vlan20 vlan
lanswitch03(config)#interface fastethernet 0/3 配置端口3
lanswitch03(config-if)#switchport access vlan 30 归属vlan30 vlan5、路由器1:
interface FastEthernet0/1
ip address 192.168.0.254 255.255.255.0
ip access-group 110 in
duplex auto
speed auto
interface FastEthernet0/1.1
encapsulation dot1Q 10
ip address 192.168.11.254 255.255.255.0
interface FastEthernet0/1.2
encapsulation dot1Q 20
ip address 192.168.12.254 255.255.255.0
interface FastEthernet0/1.3
encapsulation dot1Q 30
ip address 192.168.13.254 255.255.255.0
access-list 110 deny ip any 192.168.12.0 0.0.0.255
access-list 110 permit ip any any
七、中期总结
1、实验设备清单:
设备型号
设备名称
设备参数
Cisco2621Xm
Mainroute
Lan:192.168.15.254/25 wan:192.168.0.254/24
CiscoSwitch2960
Mainswitch、Lanswitch01、Lanswitch02、Lanswitch03
交换机0
Web服务器
Web01、web02
Web01:192.168.14.2/24 web02:192.168.15.1/24
Dns服务器
Dns
192.168.14.1/24
客户机
C1-1--c1-3
192.168.11.1—3/24
客户机
C2-1—c2-3
192.168.12.1—3/24
客户机
C3-1—c3-3
192.168.13.1—3/24
客户机
Client
192.168.15.2/24
2、具体配置:交换:
mainswitch #vlan database
mainswitch(vlan)#vtp domain mainswitch
mainswitch(vlan)#vtp server
lanswitch01#vlan database
lanswitch01(vlan)#vtp domain mainswitch
lanswitch01(vlan)#vtp client
lanswitch02#vlan database
lanswitch02(vlan)#vtp domain mainswitch
lanswitch02(vlan)#vtp client
lanswitch03#vlan database
lanswitch03(vlan)#vtp domain mainswitch
lanswitch03(vlan)#vtp client
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/2
mainswitch(config-if)#switchport mode trunk
mainswitch(config)#interface f0/3
mainswitch(config-if)#switchport mode trunk
lanswitch01(config)#interface f0/24
lanswitch01(config-if)#switchport mode trunk
lanswitch02(config)#interface f0/24
lanswitch02(config-if)#switchport mode trunk
lanswitch03(config)#interface f0/24
lanswitch03(config-if)#switchport mode trunk
mainswitch(vlan)#vlan 10 name vlan10
mainswitch(vlan)#vlan 20 name vlan20t
mainswitch(vlan)#vlan 30 name vlan30
mainswitch(vlan)#vlan 40 name vlan40
lanswitch01(config)#interface fastethernet 0/1
lanswitch01(config-if)#switchport access vlan 10
lanswitch01(config)#interface fastethernet 0/2
lanswitch01(config-if)#switchport access vlan 20
lanswitch01(config)#interface fastethernet 0/3
lanswitch01(config-if)#switchport access vlan 30
lanswitch02(config)#interface fastethernet 0/1
lanswitch02(config-if)#switchport access vlan 10
lanswitch02(config)#interface fastethernet 0/2
lanswitch02(config-if)#switchport access vlan 20
lanswitch02(config)#interface fastethernet 0/3
lanswitch02(config-if)#switchport access vlan 30
lanswitch03(config)#interface fastethernet 0/1
lanswitch03(config-if)#switchport access vlan 10
lanswitch03(config)#interface fastethernet 0/2
lanswitch03(config-if)#switchport access vlan 20
lanswitch03(config)#interface fastethernet 0/3
lanswitch03(config-if)#switchport access vlan 30
lanswitch03(config)#interface fastethernet 0/3 – 6
lanswitch03(config-if)#switchport access vlan 40
mainswitch(config)#interface f0/24
mainswitch(config-if)#switchport mode trunk路由:interface FastEthernet0/0
ip address 192.168.15.254 255.255.255.0
ip nat outside
interface FastEthernet0/1
ip address 192.168.0.254 255.255.255.0
ip nat inside
interface FastEthernet0/1.1
encapsulation dot1Q 10
ip address 192.168.11.254 255.255.255.0
ip access-group 101 in
ip access-group 101 out
interface FastEthernet0/1.2
encapsulation dot1Q 20
ip address 192.168.12.254 255.255.255.0
ip access-group 101 in
ip access-group 101 out
interface FastEthernet0/1.3
encapsulation dot1Q 30
ip address 192.168.13.254 255.255.255.0
interface FastEthernet0/1.4
encapsulation dot1Q 40
ip address 192.168.14.254 255.255.255.0
ip nat pool c35 192.168.15.254 192.168.15.254 netmask 255.255.255.0
ip nat inside source list 1 pool c35 overload
ip nat inside source static tcp 192.168.14.2 80 192.168.15.254 80
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
access-list 101 deny ip 192.168.11.0 0.0.0.255 192.168.12.0 0.0.0.255
access-list 101 deny ip 192.168.11.0 0.0.0.255 192.168.13.0 0.0.0.255
access-list 101 deny ip 192.168.12.0 0.0.0.255 192.168.13.0 0.0.0.255
access-list 101 permit ip any any
3、telnet
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret 123
Router(config)#line vty 0 4
Router(config-line)#pas
Router(config-line)#password 123
Router(config-line)#login
Router(config-line)#exit
Router(config)#acc 1 permit host 192.168.14.3
Router(config)#line vty 0 4
Router(config-line)#acc
Router(config-line)#access-class 1 in
Lanswitch01: lanswitch01#conf t
lanswitch01(config)#int vlan 40
lanswitch01(config-if)#ip add 192.168.14.110 255.255.255.0
lanswitch01(config-if)#no shut
lanswitch01(config-if)#exit
lanswitch01(config)#ena pass 111
lanswitch01(config)#line vty 0 4
lanswitch01(config-line)#pass 111
lanswitch01(config-line)#login
lanswitch01(config-line)#exit
lanswitch01(config)#acc 1 permit host 192.168.14.3
lanswitch01(config)#exit
lanswitch01#
lanswitch01#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]Lanswitch02: lanswitch02#conf t
lanswitch02(config)#int vlan 40
lanswitch02(config-if)#ip add 192.168.14.111 255.255.255.0
lanswitch02(config-if)#no shut
lanswitch02(config-if)#exit
lanswitch02(config)#ena pass 111
lanswitch02(config)#line vty 0 4
lanswitch02(config-line)#pass 111
lanswitch02(config-line)#login
lanswitch02(config-line)#exit
lanswitch02(config)#acc 1 permit host 192.168.14.3
lanswitch02(config)#exit
lanswitch02#
lanswitch02#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]Lanswitch03: lanswitch03#conf t
lanswitch03(config)#int vlan 40
lanswitch03(config-if)#ip add 192.168.14.112 255.255.255.0
lanswitch03(config-if)#no shut
lanswitch03(config-if)#exit
lanswitch03(config)#ena pass 111
lanswitch03(config)#line vty 0 4
lanswitch03(config-line)#pass 111
lanswitch03(config-line)#login
lanswitch03(config)#acc 1 permit host 192.168.14.3
lanswitch03(config)#exit
lanswitch03#
lanswitch03#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
八、静态路由
Route0: nterface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
ip nat inside
interface Serial1/0
ip address 192.168.2.1 255.255.255.0
ip nat outside
ip route 0.0.0.0 0.0.0.0 Serial1/0
Route1:
interface FastEthernet0/1
ip address 192.168.3.254 255.255.255.0
ip nat inside!
interface Serial1/0
ip address 192.168.2.2 255.255.255.0
ip nat outside
clock rate 128000
interface Serial1/1
ip address 192.168.4.1 255.255.255.0
ip nat outside
clock rate 64000
ip route 0.0.0.0 0.0.0.0 Serial1/0
ip route 0.0.0.0 0.0.0.0 Serial1/1
Route2:
interface FastEthernet0/1
ip address 192.168.5.254 255.255.255.0
ip nat inside
interface Serial1/1
ip address 192.168.4.2 255.255.255.0
ip nat outside
interface Serial1/2
ip address 192.168.6.1 255.255.255.0
ip nat outside
clock rate 72000
ip route 0.0.0.0 0.0.0.0 Serial1/1
ip route 0.0.0.0 0.0.0.0 Serial1/2
Route4: interface FastEthernet0/1
ip address 192.168.7.254 255.255.255.0
ip nat inside
interface Serial1/2
ip address 192.168.6.2 255.255.255.0
ip nat outside
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1/2
九、rip 协议
Route0:interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
interface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
router rip
network 192.168.1.0
network 192.168.2.0
ip route 0.0.0.0 0.0.0.0 Serial1/0
Route1:interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
interface FastEthernet0/1
ip address 192.168.3.254 255.255.255.0
router rip
network 192.168.2.0
network 192.168.3.0
ip route 0.0.0.0 0.0.0.0 Serial1/2
pc0:192.168.1.2/24
pc1:192.168.3.2/24
网络组建与设计相关理论
校园学生宿舍网络组建设计与方案
!急!!学习总结:网络规划与设计
局域网的组建与维护
哪里有《GSM交换网络维护与优化》,电子版的下载?
VLAN与路由设计
怎么学“学校局域网组建与维护”
大型局域网的组建与维护?
网络管理与维护
求路由与交换的教学视频教程
求思科路由模拟器
求网络维护和局域网组建免费教程
局域网的设计与组建(论文)
找局域网的组建与维护相关资料
思科路由的基础问题
关于思科路由互访问题?
交换环境下的网络嗅探器设计(急啊!!)
如何方便网络与计算机的维护?
网络运行与维护的高手请进
网络管理与维护是什么专业
设计电路(列出元件清单):电话交换网络(实现40部电话之间的交换)
网络组建
网络组建
网络组建