1. 采用PVST实现冗余性设计, 一台3层交换机作为VLAN1-5的根网桥,一台3层交换机作为VLAN6-10的根网桥,并且两台3层交换机上的所有端口在所有的生成树中都是转发状态,他们之间采用以太通道。
2. 2层交换机上采用上行速链路,连接PC的端口采用速端口技术。
3. 路由器提供DHCP服务,所有的PC都能够访问互联网。
4. VLAN的管理用VTP来实现。
5. 采用RIP路由协议来实现局域网的路由选择。
6. 配置所有设备的远程管理,方便以后的维护工作
实验步骤:
1、设置交换机端口类型和路由器接口IP地址
Router(config)#hostname SW-B
SW-B(config)#no ip domain lookup
SW-B(config)#line console 0
SW-B(config-line)#exec-timeout 0 0
SW-B(config-line)#logging synchronous
SW-B(config-line)#exit
SW-B(config)#interface f0/0
SW-B(config-if)#no switchport
SW-B(config-if)#ip add 172.16.2.2 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B(config)#interface range fastEthernet 0/1 - 5
SW-B(config-if-range)#switchport mode trunk
SW-B(config-if-range)#exit
SW-B(config)#
Router(config)#hostname SW-A
SW-A(config)#no ip domain lookup
SW-A(config)#line console 0
SW-A(config-line)#exec-timeout 0 0
SW-A(config-line)#logging synchronous
SW-A(config-line)#exit
SW-A(config)#interface range fastEthernet 0/2 - 6
SW-A(config-if-range)#switchport mode trunk
SW-A(config-if-range)#exit
SW-A(config)#interface f0/0
SW-A(config-if)#no switchport
SW-A(config-if)#ip add 172.16.1.2 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A(config)#ip routing
SW-A(config)#
Router(config)#hostname SW-C
SW-C(config)#no ip domain lookup
SW-C(config)#line console 0
SW-C(config-line)#exec-timeout 0 0
SW-C(config-line)#logging synchronous
SW-C(config-line)#exit
SW-C(config)#interface range fastEthernet 0/0 - 1
SW-C(config-if-range)#switchport mode trunk
Router(config)#hostname SW-D
SW-D(config)#no ip domain lookup
SW-D(config)#line console 0
SW-D(config-line)#exec-timeout 0 0
SW-D(config-line)#logging synchronous
SW-D(config-line)#exit
SW-D(config)#interface range fastEthernet 0/0 - 1
SW-D(config-if-range)#switchport mode trunk
Router(config)#hostname SW-E
SW-E(config)#no ip domain lookup
SW-E(config)#line console 0
SW-E(config-line)#exec-timeout 0 0
SW-E(config-line)#logging synchronous
SW-E(config)#interface range fastEthernet 0/0 - 1
SW-E(config-if-range)#switchport mode trunk
Router(config)#hostname R-A
R-A(config)#no ip domain lookup
R-A(config)#line console 0
R-A(config-line)#exec-ti
R-A(config-line)#exec-timeout 0 0
R-A(config-line)#logging synchronous
R-A(config-line)#exit
R-A(config)#interface f0/0
R-A(config-if)#ip add 172.16.1.1 255.255.255.0
R-A(config-if)#no shu
R-A(config-if)#exit
R-A(config)#interface f1/0
R-A(config-if)#ip add 172.16.2.1 255.255.255.0
R-A(config-if)#no shu
R-A(config-if)#exit
R-A(config)#interface dialer 1
R-A(config-if)#encapsulation ppp
R-A(config-if)#ip add 100.1.1.1 255.255.255.0
R-A(config-if)#no shu
R-A(config-if)#exit
R-A(config)#
Router(config)#hostname DHCP
DHCP(config)#no ip domain lookup
DHCP(config)#line console 0
DHCP(config-line)#exec-timeout 0 0
DHCP(config-line)#logging synchronous
DHCP(config-line)#exit
DHCP(config)#interface f0/0
DHCP(config-if)#ip add 172.16.3.10 255.255.255.0
DHCP(config-if)#no shu
DHCP(config-if)#exit
DHCP(config)#
2、创建VTP,实现VLAN的统一配置和管理
SW-A#vlan database
SW-A(vlan)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SW-A(vlan)#vtp server
Device mode already VTP SERVER.
SW-A(vlan)#vtp password 123
Setting device VLAN database password to 123.
SW-A(vlan)#vtp pruning
Pruning switched ON
SW-A(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
SW-A(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
SW-A(vlan)#vlan 30
VLAN 30 added:
Name: VLAN0030
SW-A(vlan)#vlan 40
VLAN 40 added:
Name: VLAN0040
SW-A(vlan)#exit
APPLY completed.
Exiting....
SW-B#vlan database
Device mode already VTP SERVER.
SW-B(vlan)#vtp domain cisco
Domain name already set to cisco .
SW-B(vlan)#vtp password 123
Setting device VLAN database password to 123.
SW-B(vlan)#vtp pruning
Pruning switched ON
SW-B(vlan)#exit
APPLY completed.
Exiting....
SW-C#vlan database
SW-C(vlan)#vtp client
Setting device to VTP CLIENT mode.
SW-C(vlan)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SW-C(vlan)#vtp password 123
Setting device VLAN database password to 123.
SW-C(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
SW-C#
SW-D#vlan database
SW-D(vlan)#vtp client
Setting device to VTP CLIENT mode.
SW-D(vlan)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SW-D(vlan)#vtp password 123
Setting device VLAN database password to 123.
SW-D(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
SW-D#
SW-E#vla database
SW-E(vlan)#vtp client
Setting device to VTP CLIENT mode.
SW-E(vlan)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SW-E(vlan)#vtp password 123
Setting device VLAN database password to 123.
SW-E(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
SW-E#
SW-E#show vlan-switch brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
40 VLAN0040 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
SW-E#
3、创建以太通道,增加网络带宽,实现负载分担
SW-B(config)#interface range fastEthernet 0/2 - 3
SW-B(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel1
SW-B(config-if-range)#exit
SW-B(config)#
SW-A(config)#interface range fastEthernet 0/2 - 3
SW-A(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel1
SW-A(config-if-range)#exit
SW-B#show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
R - Layer3 S - Layer2
U - in use
Group Port-channel Ports
-----+------------+--------------------------
1 Po1(SU) Fa0/2(P) Fa0/3(P)
SW-B#
4、设置管理VALN的IP地址,并启用远程管理
R-A(config)#enable password 123
R-A(config)#line vty 0 4
R-A(config-line)#login
% Login disabled on line 130, until 'password' is set
% Login disabled on line 131, until 'password' is set
% Login disabled on line 132, until 'password' is set
% Login disabled on line 133, until 'password' is set
% Login disabled on line 134, until 'password' is set
R-A(config-line)#password 123
R-A(config-line)#exit
R-A(config)#
SW-A(config)#interface vlan 1
SW-A(config-if)#ip address 172.16.3.20 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A(config)#line vty 0 4
SW-A(config-line)#login
% Login disabled on line 130, until 'password' is set
% Login disabled on line 131, until 'password' is set
% Login disabled on line 132, until 'password' is set
% Login disabled on line 133, until 'password' is set
% Login disabled on line 134, until 'password' is set
SW-A(config-line)#password 123
SW-A(config-line)#exit
SW-A(config)#enable password 123
SW-A(config)#exit
SW-A#
SW-B(config)#enable password 123
SW-B(config)#interface vlan 1
SW-B(config-if)#ip add 172.16.3.30 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B(config)#line vty 0 4
SW-B(config-line)#login
% Login disabled on line 130, until 'password' is set
% Login disabled on line 131, until 'password' is set
% Login disabled on line 132, until 'password' is set
% Login disabled on line 133, until 'password' is set
% Login disabled on line 134, until 'password' is set
SW-B(config-line)#password 123
SW-B(config-line)#exit
SW-C(config)#enable password 123
SW-C(config)#interface vlan 1
SW-C(config-if)#ip add 172.16.3.40 255.255.255.
SW-C(config-if)#no shu
SW-C(config-if)#exit
SW-C(config)#line vty 0 4
SW-C(config-line)#login
% Login disabled on line 130, until 'password'
% Login disabled on line 131, until 'password'
% Login disabled on line 132, until 'password'
% Login disabled on line 133, until 'password'
% Login disabled on line 134, until 'password'
SW-C(config-line)#password 123
SW-C(config-line)#exit
SW-D(config)#enable password 123
SW-D(config)#line vty 0 4
SW-D(config-line)#login
% Login disabled on line 130, until 'password' is set
% Login disabled on line 131, until 'password' is set
% Login disabled on line 132, until 'password' is set
% Login disabled on line 133, until 'password' is set
% Login disabled on line 134, until 'password' is set
SW-D(config-line)#password 123
SW-D(config-line)#exit
SW-D(config)#interface vlan 1
SW-D(config-if)#ip add 172.16.3.50 255.255.255.0
SW-D(config-if)#no shu
SW-D(config-if)#exit
SW-E(config)#enable password 123
SW-E(config)#line vty 0 4
SW-E(config-line)#login
% Login disabled on line 130, until 'password' is set
% Login disabled on line 131, until 'password' is set
% Login disabled on line 132, until 'password' is set
% Login disabled on line 133, until 'password' is set
% Login disabled on line 134, until 'password' is set
SW-E(config-line)#password 123
SW-E(config-line)#exit
SW-E(config)#inte
SW-E(config)#interface vlan 1
SW-E(config-if)#ip add 172.16.3.60 255.255.255.0
SW-E(config-if)#no shu
5、设置SW-A为VLAN10 、VLAN20的根网桥,为VLAN30、VLAN40的备份根网桥;SW-B为VLAN30、VLAN40的根网桥,为VLAN10 、VLAN20的备份根网桥。
SW-A(config)#spanning-tree vlan 10 root primary
SW-A(config)#spanning-tree vlan 20 root primary
SW-A(config)#spanning-tree vlan 30 root secondary
SW-A(config)#spanning-tree vlan 40 root secondary
SW-A(config)#
SW-B(config)#spanning-tree vlan 30 root primary
SW-B(config)#spanning-tree vlan 40 root primary
SW-B(config)#spanning-tree vlan 10 root secondary
SW-B(config)#spanning-tree vlan 20 root secondary
SW-B(config)#
6、在SW-A和SW-B上配置VLAN虚接口,实现VLAN间互通
SW-A(config)#ip routing
SW-A(config)#interface vlan 10
SW-A(config-if)#ip add 192.168.1.1 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A(config)#interface vlan 20
SW-A(config-if)#ip add 192.168.2.1 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A(config)#interface vlan 30
SW-A(config-if)#ip add 192.168.3.1 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A(config)#interface vlan 40
SW-A(config-if)#ip add 192.168.4.1 255.255.255.0
SW-A(config-if)#no shu
SW-A(config-if)#exit
SW-A#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.1.0 is directly connected, FastEthernet0/0
C 172.16.3.0 is directly connected, Vlan1
C 192.168.4.0/24 is directly connected, Vlan40
C 192.168.1.0/24 is directly connected, Vlan10
C 192.168.2.0/24 is directly connected, Vlan20
C 192.168.3.0/24 is directly connected, Vlan30
SW-A#
SW-B(config)#ip routing
SW-B(config)#interface vlan 10
SW-B(config-if)#ip add 192.168.1.2 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B(config)#interface vlan 20
SW-B(config-if)#ip add 192.168.2.2 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B(config)#interface vlan 30
SW-B(config-if)#ip add 192.168.3.2 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B(config)#interface vlan 40
SW-B(config-if)#ip add 192.168.4.2 255.255.255.0
SW-B(config-if)#no shu
SW-B(config-if)#exit
SW-B#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.2.0 is directly connected, FastEthernet0/0
C 172.16.3.0 is directly connected, Vlan1
C 192.168.4.0/24 is directly connected, Vlan40
C 192.168.1.0/24 is directly connected, Vlan10
C 192.168.2.0/24 is directly connected, Vlan20
C 192.168.3.0/24 is directly connected, Vlan30
SW-B#
7、设置局域网路由通信,用RIP路由来实现
R-A(config)#router rip
R-A(config-router)#network 172.16.0.0
R-A(config-router)#version 2
R-A(config-router)#exit
R-A(config)#
SW-A(config)#router rip
SW-A(config-router)#network 172.16.0.0
SW-A(config-router)#network 192.168.1.0
SW-A(config-router)#network 192.168.2.0
SW-A(config-router)#network 192.168.3.0
SW-A(config-router)#network 192.168.4.0
SW-A(config-router)#version 2
SW-A(config-router)#exit
SW-A(config)#exit
SW-B(config)#router rip
SW-B(config-router)#network 172.16.0.0
SW-B(config-router)#network 192.168.1.0
SW-B(config-router)#network 192.168.2.0
SW-B(config-router)#network 192.168.3.0
SW-B(config-router)#network 192.168.4.0
SW-B(config-router)#version 2
SW-B(config-router)#exit
SW-B(config)#exit
DHCP(config)#router rip
DHCP(config-router)#network 172.16.0.0
DHCP(config-router)#version 2
DHCP(config-router)#exit
8、配置DHCP服务器,并排除网关的地址
DHCP(config)#ip dhcp pool vlan10
DHCP(dhcp-config)#network 192.168.1.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.1.1 192.168.1.2
DHCP(dhcp-config)#dns-server 200.1.1.1
DHCP(dhcp-config)#exit
DHCP(config)#ip dhcp pool vlan20
DHCP(dhcp-config)#network 192.168.2.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.2.1 192.168.2.2
DHCP(dhcp-config)#dns-server 200.1.1.1
DHCP(dhcp-config)#exit
DHCP(config)#ip dhcp pool vlan30
DHCP(dhcp-config)#network 192.168.3.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.3.1 192.168.3.2
DHCP(dhcp-config)#dns-server 200.1.1.1
DHCP(dhcp-config)#exit
DHCP(config)#ip dhcp pool vlan40
DHCP(dhcp-config)#network 192.168.4.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.4.1 192.168.4.2
DHCP(dhcp-config)#dns-server 200.1.1.1
DHCP(dhcp-config)#exit
DHCP(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.2
DHCP(config)#ip dhcp excluded-address 192.168.2.1 192.168.2.2
DHCP(config)#ip dhcp excluded-address 192.168.3.1 192.168.3.2
DHCP(config)#ip dhcp excluded-address 192.168.4.1 192.168.4.2
9、配置DHCP中继,使VLAN20、VLAN30、VLAN40的主机能够申请到IP地址
SW-B(config)#interface vlan 10
SW-B(config-if)#ip helper-address 172.16.3.10
SW-B(config-if)#exit
SW-B(config)#interface vlan 20
SW-B(config-if)#ip helper-address 172.16.3.10
SW-B(config-if)#exit
SW-B(config)#interface vlan 30
SW-B(config-if)#ip helper-address 172.16.3.10
SW-B(config-if)#exit
SW-B(config)#interface vlan 40
SW-B(config-if)#ip helper-address 172.16.3.10
SW-B(config-if)#exit
SW-B(config)#
SW-A(config)#interface vlan 10
SW-A(config-if)#ip helper-address 172.16.3.10
SW-A(config-if)#exit
SW-A(config)#interface vlan 20
SW-A(config-if)#ip helper-address 172.16.3.10
SW-A(config-if)#exit
SW-A(config)#interface vlan 30
SW-A(config-if)#ip helper-address 172.16.3.10
SW-A(config-if)#exit
SW-A(config)#interface vlan 40
SW-A(config-if)#ip helper-address 172.16.3.10
SW-A(config-if)#exit
SW-A(config)#
10、在SW-C、SW-D、SW-E、SW-F上启动上行速链路和速端口
SW-C(config)#spanning-tree uplinkfast
SW-C(config)#interface range fastEthernet 0/2 - 15
SW-C(config-if-range)#spanning-tree portfast
SW-D(config)#spanning-tree uplinkfast
SW-D(config)#interface range fastEthernet 0/2 - 15
SW-D(config-if-range)#spanning-tree portfast
SW-E(config)#spanning-tree uplinkfast
SW-E(config)#interface range fastEthernet 0/2 - 15
SW-E(config-if-range)#spanning-tree portfast
SW-F(config)#spanning-tree uplinkfast
SW-F(config)#interface range fastEthernet 0/2 - 15
SW-F(config-if-range)#spanning-tree portfast
本文出自 “DELL-服务器销售” 博客,谢绝转载!