奇葩网络构建_第1张图片
交换机6/5/8作为2层交换机设置trunk链路和VLAN就好,这个图主要是生成树配置是个重点,交换机间的线路均为trunk链路,其中这图存在一个问题就是同一个VLAN的根和网关不在一台交换机上,这样存在一条次优路由,会有延迟。
注意:在路由器1中重分发外网的默认路由是不行的,需要在rip总敲其他命令[Huawei-rip-1]default-route originate
主要设备配置如下:
交换机1sysname Huawei
#
vlan batch 10 14 to 20 30 88
#
stp instance 10 priority 4096
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 111
instance 8 vlan 88
instance 10 vlan 10
instance 20 vlan 20
instance 30 vlan 30
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
ip address 192.168.120.1 255.255.255.0
#
interface Vlanif10
ip address 192.168.10.253 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.250
#
interface Vlanif14
ip address 192.168.14.1 255.255.255.0
#
interface Vlanif17
ip address 192.168.17.2 255.255.255.0
#
interface Vlanif19
ip address 192.168.19.1 255.255.255.0
#
interface Vlanif20
ip address 192.168.20.254 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.250
vrrp vrid 2 priority 120
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/11
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/13
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/14
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/15
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/16
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/17
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
rip 1
network 192.168.14.0
network 192.168.17.0
network 192.168.19.0
network 192.168.10.0
network 192.168.20.0
network 192.168.120.0
#
user-interface con 0
user-interface vty 0 4
#
port-group 1
group-member GigabitEthernet0/0/9
group-member GigabitEthernet0/0/10
group-member GigabitEthernet0/0/11
group-member GigabitEthernet0/0/12
group-member GigabitEthernet0/0/13
group-member GigabitEthernet0/0/14
group-member GigabitEthernet0/0/15
---- More ----
交换机2
sysname Huawei
#
vlan batch 10 14 to 20 30 88
#
stp instance 8 priority 4096
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 111
instance 8 vlan 88
instance 10 vlan 10
instance 20 vlan 20
instance 30 vlan 30
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
ip address 192.168.120.2 255.255.255.0
#
interface Vlanif16
ip address 192.168.16.2 255.255.255.0
#
interface Vlanif17
ip address 192.168.17.1 255.255.255.0
#
interface Vlanif18
ip address 192.168.18.2 255.255.255.0
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/9
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/11
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/13
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
rip 1
network 192.168.16.0
network 192.168.18.0
network 192.168.17.0
network 192.168.120.0
#
user-interface con 0
user-interface vty 0 4
#
port-group 1
group-member GigabitEthernet0/0/8
group-member GigabitEthernet0/0/9
group-member GigabitEthernet0/0/10
group-member GigabitEthernet0/0/11
group-member GigabitEthernet0/0/12
group-member GigabitEthernet0/0/13
#
交换机3
sysname Huawei
#
vlan batch 10 14 to 20 30 88
#
stp instance 20 priority 4096
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name 111
instance 8 vlan 88
instance 10 vlan 10
instance 20 vlan 20
instance 30 vlan 30
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.10.254 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.250
vrrp vrid 1 priority 120
#
interface Vlanif15
ip address 192.168.15.2 255.255.255.0
#
interface Vlanif16
ip address 192.168.16.1 255.255.255.0
#
interface Vlanif19
ip address 192.168.192.2 255.255.255.0
#
interface Vlanif20
ip address 192.168.20.253 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.250
#
interface Vlanif88
ip address 192.168.88.254 255.255.255.0
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 88
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/6
port link-type access
port default vlan 20
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/11
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/13
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/14
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/15
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/16
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/17
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/18
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/19
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/20
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/21
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/22
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/23
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
rip 1
network 192.168.10.0
network 192.168.20.0
network 192.168.15.0
network 192.168.16.0
network 192.168.19.0
network 192.168.88.0
#
user-interface con 0
user-interface vty 0 4
#
交换机4
#
sysname Huawei
#
vlan batch 10 14 to 20 30 88
#
stp instance 30 priority 4096
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
dhcp enable
#
diffserv domain default
#
stp region-configuration
region-name 111
instance 8 vlan 88
instance 10 vlan 10
instance 20 vlan 20
instance 30 vlan 30
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif14
ip address 192.168.14.2 255.255.255.0
#
interface Vlanif15
ip address 196.168.15.1 255.255.255.0
#
interface Vlanif18
ip address 192.168.18.1 255.255.255.0
#
interface Vlanif30
ip address 192.168.30.254 255.255.255.0
dhcp select relay
dhcp relay server-ip 192.168.88.1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
port link-type access
port default vlan 30
#
interface GigabitEthernet0/0/8
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/11
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/12
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/13
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/14
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/15
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/16
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/17
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/18
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
rip 1
network 192.168.15.0
network 192.168.14.0
network 192.168.18.0
network 192.168.30.0
#
user-interface con 0
user-interface vty 0 4
路由器R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.120.254 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.200.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 192.168.199.2 255.255.255.0
#
interface NULL0
#
rip 1
default-route originate
network 192.168.120.0
import-route static
#
ip route-static 0.0.0.0 0.0.0.0 192.168.200.1 preference 100
ip route-static 0.0.0.0 0.0.0.0 192.168.199.1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac