华为交换机实现DHCP VRRPMSTP及链路聚合

华为交换机实现vrrp、dhcp、mstp及链路聚合_第1张图片

接入层为普通的交换机,汇聚层实现VRRPMSTP。划分vlan10vlan20vlan30vlan100vlan101。其中vlan10vlan20vlan30作为用户接,vlan100为服务器接入,vlan101为管理vlan。实现vlan10的数据经过HJA交换机达到HXvlan20的数据通过HJB交换机到达HXCloud1另一端连接了08server一台虚拟机,实现dhcp自动分配功能。

 

Ip规划:

Vlan10172.16.10.0/24    网关:172.16.10.254/24

Vlan20172.16.20.0/24    网关:172.16.20.254/24

Vlan30172.16.30.0/24    网关:172.16.30.253/24

Vlan100:172.16.1.0/24      网关:172.16.1.254/24

Vlan101:172.16.101.0/24

 

08server虚拟机配置dhcp服务器,手动配置静态ip地址为172.16.1.1/24,另外需要手动添加3条静态路由

route add 172.16.30.0 mask255.255.255.0 –p172.16.1.254

route add 172.16.10.0 mask 255.255.255.0 –p172.16.1.254

route add 172.16.20.0 mask 255.255.255.0 –p172.16.1.254

 

配置思路:

1:配置trunk,交换机端口划入对应的vlan,配置eth-trunk

2:配置vlan路由

3:配置路由协议ospf

4:配置vrrp,实现虚拟网关及备份

5:配置SMTP,实现负载均衡及备份

 

核心交换机HX的配置

Username:admin

Password:

dis save

#

sysname HX

#

vlan batch 10 20 30 100

#

stp instance 0 root primary

stp instance 1 root primary

stp instance 2 root primary

stp instance 3 root primary

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

dhcp enable

#

diffserv domain default

#

stp region-configuration

 region-name TEST

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user admin privilege level 15

 local-user admin service-type terminal

 local-user huawei password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user huawei privilege level 15

 local-user huawei service-type telnet

#

interface Vlanif1

 ipaddress 172.16.101.1 255.255.255.0

#

interface Vlanif10

 ipaddress 172.16.10.253 255.255.255.0

 dhcpselect relay

 dhcprelay server-ip 172.16.1.1

#

interface Vlanif20

 ipaddress 172.16.20.253 255.255.255.0

 dhcpselect relay

 dhcprelay server-ip 172.16.1.1

#

interface Vlanif30

 ipaddress 172.16.30.253 255.255.255.0

 dhcpselect relay

 dhcprelay server-ip 172.16.1.1

#

interface Vlanif100

 ipaddress 172.16.1.254 255.255.255.0

#

interface MEth0/0/1

#

interface GigabitEthernet0/0/1

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/3

 portlink-type access

 portdefault vlan 30

#

interface GigabitEthernet0/0/4

 portlink-type access

 portdefault vlan 100

#

interface GigabitEthernet0/0/5

 portlink-type access

 portdefault vlan 100

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

#

interface GigabitEthernet0/0/22

#

interface GigabitEthernet0/0/23

#

interface GigabitEthernet0/0/24

#

interface NULL0

#

ospf 1

 area0.0.0.1

 network 0.0.0.0 255.255.255.255

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 4

 authentication-mode aaa

#

Return

汇聚层交换机HJA配置

Username:admin

Password:

dis saved-configuration

#

sysname HJA

#

vlan batch 10 20 30 100

#

stp instance 1 priority 8192

stp instance 2 priority 16384

stp instance 0 root primary

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

stp region-configuration

 region-name TEST

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user admin privilege level 15

 local-user admin service-type terminal

 local-user huawei password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user huawei privilege level 15

 local-user huawei service-type telnet

#

interface Vlanif1

 ipaddress 172.16.101.2 255.255.255.0

#

interface Vlanif10

 ipaddress 172.16.10.251 255.255.255.0

 vrrpvrid 1 virtual-ip 172.16.10.254

 vrrpvrid 1 priority 120

 vrrpvrid 1 track interface GigabitEthernet0/0/1 reduced 15

 vrrpvrid 1 track interface Eth-Trunk0 reduced 15

#

interface Vlanif20

 ipaddress 172.16.20.251 255.255.255.0

 vrrpvrid 2 virtual-ip 172.16.20.254

#

interface Vlanif30

 ipaddress 172.16.30.251 255.255.255.0

#

interface MEth0/0/1

#

interface Eth-Trunk0

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/1

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/3

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/4

#

interface GigabitEthernet0/0/5

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

#

interface GigabitEthernet0/0/22

#

interface GigabitEthernet0/0/23

 eth-trunk 0

#

interface GigabitEthernet0/0/24

 eth-trunk 0

#

interface NULL0

#

ospf 1

 area0.0.0.1

 network 0.0.0.0 255.255.255.255

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 4

 authentication-mode aaa

#

return

汇聚层交换机HJB的配置

Username:admin

Password:       

dis saved-configuration

#

sysname HJB

#

vlan batch 10 20 30 100

#

stp instance 1 priority 16384

stp instance 2 priority 8192

stp instance 0 root primary

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

stp region-configuration

 region-name TEST

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 active region-configuration

#

drop-profile default

#

aaa

 authentication-schemedefault

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user admin privilege level 15

 local-user admin service-type terminal

 local-user huawei password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user huawei privilege level 15

 local-user huawei service-type telnet

#

interface Vlanif1

 ipaddress 172.16.101.3 255.255.255.0

#

interface Vlanif10

 ipaddress 172.16.10.252 255.255.255.0

 vrrpvrid 1 virtual-ip 172.16.10.254

#

interface Vlanif20

 ipaddress 172.16.20.252 255.255.255.0

 vrrpvrid 2 virtual-ip 172.16.20.254

 vrrpvrid 2 priority 120

 vrrpvrid 2 track interface GigabitEthernet0/0/1 reduced 15

 vrrpvrid 2 track interface Eth-Trunk0 reduced 15

#

interface Vlanif30

 ipaddress 172.16.30.252 255.255.255.0

#

interface MEth0/0/1

#

interface Eth-Trunk0

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/1

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/3

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/4

#

interface GigabitEthernet0/0/5

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

#

interface GigabitEthernet0/0/22

#

interface GigabitEthernet0/0/23

 eth-trunk 0

#

interface GigabitEthernet0/0/24

 eth-trunk 0

#

interface NULL0

#

ospf 1

 area0.0.0.1

 network 0.0.0.0 255.255.255.255

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 4

 authentication-mode aaa

#

Return

接入层交换机S1配置

Username:admin

Password:

dis save   

dis saved-configuration

#

sysname S1

#

vlan batch 10 20 30 100

#

stp instance 0 root primary

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

stp region-configuration

 region-name TEST

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user admin privilege level 15

 local-user admin service-type terminal

 local-user huawei password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user huawei privilege level 15

 local-user huawei service-type terminal

#

interface Vlanif1

 ipaddress 172.16.101.4 255.255.255.0

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/3

 portlink-type access

 portdefault vlan 10

#

interface Ethernet0/0/4

 portlink-type access

 portdefault vlan 20

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 3

user-interface vty 4

 authentication-mode aaa

#

Return

接入层交换机S2配置

Username:admin

Password:       

dis saved-configuration

#

sysname S2

#

vlan batch 10 20 30 100

#

stp instance 0 root primary

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

stp region-configuration

 region-name TEST

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user admin privilege level 15

 local-user admin service-type terminal

 local-user huawei password cipher$K&%QCXM$NYNZPO3JBXBHA!!

 local-user huawei privilege level 15

 local-user huawei service-type telnet

#

interface Vlanif1

 ipaddress 172.16.101.4 255.255.255.0

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/2

 portlink-type trunk

 porttrunk allow-pass vlan 2 to 4094

#

interface Ethernet0/0/3

 portlink-type access

 portdefault vlan 10

#

interface Ethernet0/0/4

 portlink-type access

 portdefault vlan 20

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

user-interface con 0

 authentication-mode aaa

user-interface vty 0 4

 authentication-mode aaa

#

Return