单臂路由_第1张图片


vlan2_access_sw1  192.168.2.1

van3 _access_sw2  192.168.3.1

vlan4_server          192.168.4.1

core_sw1_f0/1    192.168.10.2

isp_route1_f0/1  192.168.10.2

isp_route_f0/0     192.168.10.1

isp_routepc         172.16.1.2


Router>enable 

Router#config terminal 

Router(config)#line console 0

Router(config-line)#exec-timeout 60

Router(config-line)#logging synchronous 

Router(config-line)#no ip domain-lookup

Router(config)#exit

Router(config)#hostname isp-route1

isp-route1(config)#enable secret level 15 cisco  加密特权密码

isp-route1(config)#ip domain-name cisco           配置ssh

isp-route1(config)#crypto key generate rsa

isp-route1(config)#aaa new-model 

isp-route1(config)#username cisco password cisco   ssh用户名密码

isp-route1(config)#ip ssh time-out 60

isp-route1(config)#ip ssh authentication-retries 3

isp-route1(config)#ip ssh time-out 120

isp-route1(config)#line vt

isp-route1(config)#line vty 0 4

isp-route1(config-line)#transport input ssh 

isp-route1(config-line)#do wr


isp-route1(config)#interface f0/1   配置于三层交换机直连口

isp-route1(config-if)#ip address 192.168.10.1 255.255.255.0

isp-route1(config-if)#no shutdown 

isp-route1(config-if)#do wr

isp-route1(config-if)#exit

isp-route1(config)#interface f0/0  配置测试isp_ip

isp-route1(config-if)#ip ad

isp-route1(config-if)#ip address 172.16.1.2  255.255.0.0

isp-route1(config-if)#no shu

isp-route1(config-if)#no shutdown 


isp-route1(config)#router rip   isp_route配置路由

isp-route1(config-router)#net

isp-route1(config-router)#network 192.168.10.1

isp-route1(config-router)#network 172.16.1.0

isp-route1(config-router)#do wr

isp-route1(config)#do show ip route

C    172.16.0.0/16 is directly connected, FastEthernet0/0

R    192.168.2.0/24 [120/1] via 192.168.10.2, 00:00:00, FastEthernet0/1

R    192.168.3.0/24 [120/1] via 192.168.10.2, 00:00:00, FastEthernet0/1

C    192.168.10.0/24 is directly connected, FastEthernet0/1


Switch>enable 

Switch#config terminal 

Switch(config)#line console 0

Switch(config-line)#exec-timeout 60

Switch(config-line)#logging synchronous

core-sw1(config)#hostname core-sw1

core-sw1(config)#no ip domain-lookup                 

core-sw1(config)#enable secret level 15 cisco   

core-sw1(config)#ip domain-name cisco.com                 配置ssh

core-sw1(config)#crypto key generate rsa

core-sw1(config)#aaa new-model

core-sw1(config)#username cisco password cisco

core-sw1(config)#ip ssh time-out 60

core-sw1(config)#ip ssh authentication-retries 3

core-sw1(config)#ip ssh time-out 120

core-sw1(config)#line vty 0 4

core-sw1(config-line)#transport input ssh 

core-sw1(config)#do wr

core-sw1(config)#exit


core-sw1#vlan database                         三层交换划分vlan

core-sw1(vlan)#vlan 2 name access-sw1

core-sw1(vlan)#exit

core-sw1#vlan database 

core-sw1(vlan)#vlan 3 name access-sw2

core-sw1(vlan)#exit

core-sw1(vlan)#vlan 4 name server

core-sw1(vlan)#exit

core-sw1(config)#vtp domain xin                配置vlan同步

core-sw1(config)#vtp mode server 

core-sw1(config)#vtp password cisco

core-sw1(config)#do wr



core-sw1(config)#interface range f0/23-24           启动trunk功能

core-sw1(config-if-range)#switchport mode access 

core-sw1(config-if-range)#switchport mode trunk 

core-sw1(config-if-range)#no shutdown 

core-sw1(config-if-range)#spanning-tree por

core-sw1(config-if-range)#spanning-tree portfast

core-sw1(config-if-range)#exit

core-sw1(config)#interface f0/23                   启动端口描述,用于后期网络故障排查

core-sw1(config-if)#description core-sw1-23 to access-sw2-23

core-sw1(config-if)#no shutdown 

core-sw1(config)#interface f0/24

core-sw1(config-if)#description core-sw-24 to access-sw1-24

core-sw1(config-if)#no shutdown


core-sw1(config)#interface range f0/2-5       核心交换机添加 服务器vlan

core-sw1(config-if-range)#switchport access vlan 4

core-sw1(config-if-range)#spanning-tree portfast 

core-sw1(config-if-range)#no shutdown

core-sw1(config-if-range)#de

core-sw1(config-if-range)#description core-sw1_2-5  to  vlan5_server

core-sw1(config-if-range)#do wr


core-sw1#config terminal                  配置二层vlan网关+dhcp分配ip

core-sw1(config)#interface vlan 2 

core-sw1(config-if)#ip address 192.168.2.1 255.255.255.0

core-sw1(config-if)#exit

core-sw1(config)#interface vlan 3 

core-sw1(config-if)#ip address 192.168.3.1 255.255.255.0

core-sw1(config-if)#no shutdown 

core-sw1(config)#interface vlan 3 

core-sw1(config-if)#ip address 192.168.4.1 255.255.255.0

core-sw1(config-if)#no shutdown 

core-sw1(config)#ip dhcp pool vlan2          配置dhcp功能

core-sw1(dhcp-config)#network 192.168.2.0 255.255.255.0  客户端分配dhcp网段

core-sw1(dhcp-config)#default-router 192.168.2.1  客户端分配 网关

core-sw1(dhcp-config)#dns-server 192.168.2.1     客户端分配dns地址 

core-sw1(dhcp-config)#exit

core-sw1(config)#ip dhcp excluded-address 192.168.2.1  排除地址

core-sw1(config)#do wr

core-sw1(config)#ip dhcp pool vlan3

core-sw1(dhcp-config)#network 192.168.3.0 255.255.255.0

core-sw1(dhcp-config)#default-router 192.168.3.1

core-sw1(dhcp-config)#exit

core-sw1(config)#ip dhcp excluded-address 192.168.3.1   dhcp排除ip

core-sw1(config)#do wr



core-sw1(config)#interface f0/1

core-sw1(config-if)#no switchport  开启三层功能

core-sw1(config-if)#ip address 192.168.10.2 255.255.255.0

core-sw1(config-if)#no shutdown 


core-sw1(config)#router rip                         配置vlan间路由

core-sw1(config-router)#net

core-sw1(config-router)#network 192.168.2.0

core-sw1(config-router)#network 192.168.3.0

core-sw1(config-router)#network 192.168.4.0 

core-sw1(config-router)#network 192.168.10.2

core-sw1(config-router)#do wr


core-sw1(config)#do show ip route

R    172.16.0.0/16 [120/1] via 192.168.10.1, 00:00:07, FastEthernet0/1

C    192.168.2.0/24 is directly connected, Vlan2

C    192.168.3.0/24 is directly connected, Vlan3

C    192.168.10.0/24 is directly connected, FastEthernet0/1

core-sw1#show arp                     dhcp分配ip地址

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  192.168.2.1             -   0001.429D.3E50  ARPA   Vlan2

Internet  192.168.2.2             0   0060.5C1C.9E89  ARPA   Vlan2

Internet  192.168.3.1             -   0001.429D.3E50  ARPA   Vlan3

Internet  192.168.3.2             0   000A.F368.EAB6  ARPA   Vlan3

Internet  192.168.3.3             0   0090.2BD2.C368  ARPA   Vlan3

core-sw1#show vlan

2    access-sw1                       active    

3    access-sw2                       active 

4    server                           active 


Switch>enable 

Switch#config t

Switch#config terminal 

Switch(config)#line console 0

Switch(config-line)#exec-timeout 60

Switch(config-line)#logging synchronous

Switch(config-line)#exit

Switch(config)#hostname access-sw1                       配置登入密码 特权密码,由于系统版本不支持ssh只能使用telnet

access-sw1(config)#no ip domain-lookup

access-sw1(config)#line vty 0 4

access-sw1(config-line)#password cisco

access-sw1(config-line)#exit

access-sw1(config)#enable secret level 15 cisco

access-sw1(config)#do wr



access-sw1(config)#interface f0/24

access-sw1(config-if)#description access-sw1-24 to core-sw1-24   端口描述

access-sw1(config-if)#switchport mode access    

access-sw1(config-if)#switchport mode trunk                       启用trunk

access-sw1(config-if)#spanning-tree portfast                  

access-sw1(config-if)#no shutdown 

access-sw1(config-if)#do wr  


access-sw1(config)#do vlan database              access-sw1配置vlan

access-sw1(vlan)#vlan 2 name access-sw1

access-sw1(vlan)#exit

access-sw1#config terminal 

access-sw1(config)#vtp domain xin                设置vlan同步

access-sw1(config)#vtp mode client 

access-sw1(config)#vtp password cisco

access-sw1(config)#do wr


access-sw1(config)#interface range f0/1-2       客户端加入vlan 

access-sw1(config-if-range)#switchport access vlan 2

access-sw1(config-if-range)#spanning-tree portfast 

access-sw1(config-if-range)#description access-sw1-1-2 to pc-1-2


Switch>enable 

Switch#config terminal 

Switch(config)#line console 0

Switch(config-line)#exec-timeout 60

Switch(config-line)#logging synchronous 

Switch(config-line)#exit

Switch(config)#hostname nam

Switch(config)#hostname access-sw2

access-sw2(config)#no ip domain-lookup

access-sw2(config)#line vty 0 4

access-sw2(config-line)#password cisco

access-sw2(config-line)#exit

access-sw2(config)#enable secret level 15 ciscco

access-sw2(config)#do wr


access-sw2(config)#interface f0/23

access-sw2(config-if)#description access-sw2-23 to core-sw2-23

access-sw2(config-if)#spanning-tree portfast 

access-sw2(config-if)#switchport mode access 

access-sw2(config-if)#switchport mode trunk 

access-sw2(config-if)#

access-sw2(config-if)#no shu

access-sw2(config-if)#no shutdown  

access-sw2(config-if)#do wr


access-sw2(config-if)#do vlan database            access-sw1配置vlan

access-sw2(vlan)#vlan 3 name access-sw2

access-sw2(vlan)#exit

access-sw2#config terminal 

access-sw2(config)#vtp domain xin                设置vlan同步

access-sw2(config)#vtp mode client 

access-sw2(config)#vtp password cisco

access-sw2(config)#do wr


access-sw2(config)#interface range f0/1-2    access-sw2配置vlan

access-sw2(config-if-range)#switchport access vlan 3 

access-sw2(config-if-range)#description access-sw1-1-2 to  pc1-2

access-sw2(config-if-range)#exit

access-sw2(config)#spanning-tree portfast 


show vlan

2    access-sw1                       active    Fa0/1, Fa0/2   配置vtp 三层vlan做修改 三层交换机也会同步

3    access-sw2                       active

4    server                              active