实验均是在dynamips下完成的,拓扑图是在visio2007里完成的。
在这里,晚生用三个三层核心交换机相互连接,这样的好处是内网数据完全可以在
SW2-SW3之间完成,同时也起到了路由配备的功能:
路由一:SW5<->SW3<->SW2<->SW4<->SW5
路由二:SW5<->SW3<->SW1<->SW2<->SW4
当然有了备份路由就有了负载均衡的问题。在这个实验中,内网间的数据我没有考虑,主要是到外网的上传与下载我进行了负载均衡(用了了MSTP与VRRP)。VRRP是在SW2 SW3上实现的。
特别声明:由于dynimaps里不能做mstp。我就在每一个vlan里自行指定了root设备,我想原理都是一样的。
下面是SW1的配置:
sw1#wrBuilding configuration... *Mar 1 02:39:40.107: %SYS-5-CONFIG_I: Configured from console by lgl on console [OK]
sw1#show run
Building configuration... Current configuration : 1613 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sw1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$TPal$URu8gOi3eyzCISshPTSbz.
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
spanning-tree vlan 200 priority 4096
username lgl secret 5 $1$9ldD$v05aG/XH5OpQGigXzWbYj0
!
interface FastEthernet0/0
description link_to router2_f0/0
!
interface FastEthernet0/1
description link_to sw2_f0/1
switchport access vlan 200
!
interface FastEthernet0/2
description link_to sw3_f0/2
switchport access vlan 200
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
no ip address
!
interface Vlan200
description this is a route_vlan.
ip address 192.168.200.1 255.255.255.0
!
interface Vlan201
description this is a manager_vlan.
ip address 192.168.201.1 255.255.255.0
!
router ospf 100
log-adjacency-changes
network 192.168.200.0 0.0.0.255 area 0
network 192.168.201.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local !
end
sw1#show vlan-s VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15
200 router active Fa0/1, Fa0/2
201 manager active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active 下面是sw2的配置: sw2#sh run
Building configuration... Current configuration : 2471 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sw2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$MhqD$jQLhOt/TJtcoGu5ckWuVw1
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 20 priority 4096
spanning-tree vlan 201 priority 4096
username lgl secret 5 $1$Dcy8$BB9OkbojT9pFUA6ehLxmW.
!
interface FastEthernet0/0
!
interface FastEthernet0/1
description link_to sw1_f0/1
switchport access vlan 200
!
interface FastEthernet0/2
!
interface FastEthernet0/3
description link_to sw3_f0/3
switchport mode trunk
shutdown
!
interface FastEthernet0/4
description link_to sw4_f0/1
switchport trunk allowed vlan 1,10,20,30,40,200,201,1002-1005
switchport mode trunk
!
interface FastEthernet0/5
description link_to sw5_f0/5
switchport trunk allowed vlan 1-9,11-19,21-1005
switchport mode trunk
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
standby 1 ip 192.168.10.254
standby 1 priority 255
standby 1 preempt
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
standby 2 ip 192.168.20.254
standby 2 priority 255
standby 2 preempt
!
interface Vlan30
ip address 192.168.30.2 255.255.255.0
standby 3 ip 192.168.30.254
standby 3 preempt
!
interface Vlan40
ip address 192.168.40.2 255.255.255.0
standby 4 ip 192.168.40.254
standby 4 preempt
!
interface Vlan200
description this is a route_vlan.
ip address 192.168.200.2 255.255.255.0
!
interface Vlan201
description this is a manager_vlan.
ip address 192.168.201.2 255.255.255.0
!
router ospf 100
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 0
network 192.168.20.0 0.0.0.255 area 0
network 192.168.200.0 0.0.0.255 area 0
network 192.168.201.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 Vlan200 192.168.200.1
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
!
! end
sw2#show vlan-s VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/2, Fa0/3, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15
10 subnet1 active
20 subnet2 active
30 subnet3 active
40 subnet4 active
200 router active Fa0/1
201 manager active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw2#show stan br
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Vl10 1 255 P Active local 192.168.10.2 192.168.10.254
Vl20 2 255 P Active local 192.168.20.2 192.168.20.254
Vl30 3 100 P Standby 192.168.30.1 local 192.168.30.254
Vl40 4 100 P Standby 192.168.40.1 local 192.168.40.254 这里便是VRRP的配置,至于上传与下载的均衡晚生下次补上。 下面是SW3的配置: sw3#sh run
Building configuration... Current configuration : 2394 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sw3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$m5q/$gUeU1vlnQNCqBhjuyBmwK1
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
spanning-tree vlan 30 priority 4096
spanning-tree vlan 40 priority 4096
username lgl secret 5 $1$M5lL$L.l63fiL2sfKCttvzbJX2.
!
!
interface FastEthernet0/0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
description link_to sw1_f0/2
switchport access vlan 200
!
interface FastEthernet0/3
description link_to sw2_f0/3
switchport mode trunk
!
interface FastEthernet0/4
description link_to sw4 f0/2
switchport mode trunk
!
interface FastEthernet0/5
description link_to sw5_f0/2
switchport trunk allowed vlan 1-9,11-19,21-1005
switchport mode trunk
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.10.2 255.255.255.0
standby 1 ip 192.168.10.254
standby 1 preempt
!
interface Vlan20
ip address 192.168.20.2 255.255.255.0
standby 2 ip 192.168.20.254
standby 2 preempt
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
standby 3 ip 192.168.30.254
standby 3 priority 255
standby 3 preempt
!
interface Vlan40
ip address 192.168.40.1 255.255.255.0
standby 4 ip 192.168.40.254
standby 4 priority 255
standby 4 preempt
!
interface Vlan200
description this is a router_vlan
ip address 192.168.200.3 255.255.255.0
!
interface Vlan201
description this ia s manager_vlan
ip address 192.168.201.3 255.255.255.0
!
router ospf 100
log-adjacency-changes
network 192.168.30.0 0.0.0.255 area 0
network 192.168.40.0 0.0.0.255 area 0
network 192.168.200.0 0.0.0.255 area 0
network 192.168.201.0 0.0.0.255 area 0
!
ip default-gateway 192.168.201.2
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 Vlan200 192.168.200.1
!
control-plane
!
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
!
!
end
sw3#show vlan-s VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/1, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
10 subnet1 active
20 subnet2 active
30 subnet3 active
40 subnet4 active
200 router active Fa0/2
201 manager active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw3#show stan br
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Vl10 1 100 P Standby 192.168.10.1 local 192.168.10.254
Vl20 2 100 P Standby 192.168.20.1 local 192.168.20.254
Vl30 3 255 P Active local 192.168.30.2 192.168.30.254
Vl40 4 255 P Active local 192.168.40.2 192.168.40.254 这里便是VRRP的配置,至于上传与下载的均衡晚生下次补上。 下面是SW4的配置: sw4#wr
Building configuration...
[OK]
sw4#sh run
Building configuration... Current configuration : 1432 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sw4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$yIRs$S7d3sUYlPsTWTexDohPt41
!
no aaa new-model
memory-size iomem 5
no ip routing
!
!
no ip cef
no ip domain lookup
username lgl secret 5 $1$GL.y$WTjJj616UxnA2yOaNwXIz1
!
interface FastEthernet0/0
!
interface FastEthernet0/1
description link_to sw2_f0/4
switchport mode trunk
!
interface FastEthernet0/2
description link_to sw3_f0/4
switchport mode trunk
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 20
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan201
description this is a manager.
ip address 192.168.201.4 255.255.255.0
!
ip default-gateway 192.168.201.2
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
!
!
end
sw4#sh vlan-s VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
10 subnet1 active Fa0/3
20 subnet2 active Fa0/4
30 subnet3 active
40 subnet4 active
200 router active
201 manager active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active 下面是SW5的配置: sw5#sh run
Building configuration... Current configuration : 1432 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname sw5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$9Gj2$4hxaTtLUJgKiQdQ6pugWj1
!
no aaa new-model
memory-size iomem 5
no ip routing
!
!
no ip cef
no ip domain lookup
!
!
username lgl secret 5 $1$KRPX$TjX2m221QbG/mK2s.GDMq0
!
interface FastEthernet0/0
!
interface FastEthernet0/1
description link_to sw2_f0/5
switchport mode trunk
!
interface FastEthernet0/2
description link_to sw3_f0/5
switchport mode trunk
!
interface FastEthernet0/3
switchport access vlan 30
!
interface FastEthernet0/4
switchport access vlan 40
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan201
description this is a manager.
ip address 192.168.201.5 255.255.255.0
!
ip default-gateway 192.168.201.2
ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
!
!
end
sw5#show vlan-s VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
10 subnet1 active
20 subnet2 active
30 subnet3 active Fa0/3
40 subnet4 active Fa0/4
200 router active
201 manager active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active 以上只是交换机间的大致配置,还有很多安全方面与QOS等没有配置,由于最近比较忙,路由器和各交换机的安全配置晚些时候贴出来,希望谅解并多多指点。 。www.5156bt.cn 看累了吧。。。上去找点乐子乐乐!
本文出自 “guangliang520” 博客,转载请与作者联系!