通信人家园

标题: Cisco3750的一个配置实例  [查看完整版帖子] [打印本页]
时间:  2010-3-11 20:23
作者: 见龙在天     标题: Cisco3750的一个配置实例

BODY { FONT-FAMILY:Tahoma; FONT-SIZE:10pt }P { FONT-FAMILY:Tahoma; FONT-SIZE:10pt }DIV { FONT-FAMILY:Tahoma; FONT-SIZE:10pt }TD { FONT-FAMILY:Tahoma; FONT-SIZE:10pt }# telnet连接Cisco交换机,要知道交换机本身的地址:# User Access Verification

Password:
HZCTC-CMS-C3750>
HZCTC-CMS-C3750>

# enable特权模式,能够修改各种配置:
HZCTC-CMS-C3750>en
Password:
HZCTC-CMS-C3750#

# 显示交换机的所有配置信息:
HZCTC-CMS-C3750#show run
Building configuration...

Current configuration : 9169 bytes
!
version 12.2

# 关闭PAD(Packet assembler/Disassembly,即装配器与拆卸器(分组交换网络或设备之间的接口))服务:
no service pad

# 在调试和log级别的输出包中添加时间戳:
service timestamps debug uptime
service timestamps log uptime

# 对存储在配置文件中的所有口令和类似数据(如CHAP)进行加密:
service password-encryption
!

# 配置本台交换机名字
hostname HZCTC-CMS-C3750
!

# 设置enable时的密码,5表示?,后面的乱码表示MD5之后的密码
enable secret 5 $1$HF2x$FLMlWAC1n4MDf.dT/EIhF/
!

# 去掉AAA接入控制模式
no aaa new-model

# 设置时钟的时区
clock timezone beijing 8

#
switch 1 provision ws-c3750g-48ts

# 设置路由时的MTU大小
system mtu routing 1500

# 设置VTP(VLAN中继协议,自动将VLAN的变化广播到网络中的其他交换机)为透明模式
# VTP透明模式下的交换机忽略所有接收到的VTP信息,但能够将接收到的VTP报文转发出去
vtp mode transparent

# 可以使用全0网段
ip subnet-zero

# 启动路由功能,本交换机上的VLAN间可以通讯,注意VLAN要设IP地址,作为VLAN内计算机的网关
ip routing

# 关闭动态域名解析
no ip domain-lookup
!

# 建立连接到RNO路由器的多播边界,并且设置为PIM(独立组播协议)希疏模式
ip multicast-routing distributed
!

# 组播VLAN注册
# MVR检测当前的其他VLAN是否也有加入组播的请求,如果有这样的请求,就把数据流复制给这些新提
#   交组播请求的VLAN,一个交换机设置一个vlan就可以了
mvr vlan 30
!
!
!
!

#
no file verify auto

# 设置生成树模式为PVST格式
spanning-tree mode pvst

# 设置交换机端口在STP(生成树协议)下使用快速模式,必须保证不存在环路的情况下才能使用。
spanning-tree portfast default

# 不用生成树的BPDU(桥协议数据单元)传输优化
no spanning-tree optimize bpdu transmission

# 扩展生成树的系统ID,为了能够在一个机框里支持1024个MAC地址
spanning-tree extend system-id
!

#
vlan internal allocation policy ascending
!

# 定义一个VLAN,ID为10,名字为OSS
vlan 10
name OSS
!
vlan 20
name IPTV_CX(VCC)
!
vlan 30
name IPTV_MS
!
vlan 50  
name IPTV_onlinesvr
!
vlan 100
name IPVS_svr
!
vlan 110
name NAS
!
vlan 150
name DECODER
!
!

# 环回接口不设置IP地址
interface Loopback0
no ip address
!

# 设置GE口1/0/1, 描述为Connect_to_PE2950_1_NAS_GE1,该接口属于10号VLAN,模式为access(还有三
# 种:trunk,dynamic,desirable),access模式只能接主机类型,该接口使用快速模式的STP。
interface GigabitEthernet1/0/1
description Connect_to_PE2950_1_NAS_GE1
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/2
description Connect_to_PE2950_1_NAS_GE1
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/3
description Connect_to_PE2950_2_NAS_GE1
switchport access vlan 110
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/4
description Connect_to_PE2950_2_NAS_GE2
switchport access vlan 110
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/5
description Connect_to_
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/6
description Connect_to_
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
description Connect_to_SS01
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/8
description Connect_to_SS02
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/9
description Connect_to_AAA01
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/10
description Connect_to_STB
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/11
description Connect_to_MS01
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/12
description Connect_to_MS01
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 150
switchport mode access
!
interface GigabitEthernet1/0/14
switchport access vlan 150
switchport mode access
!
interface GigabitEthernet1/0/15
switchport access vlan 150
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/17
description Connect_to_
switchport access vlan 100
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/18
description Connect_to_
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/19
description Connect_to_CEC(for CE)
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/20
description Connect_to_CE
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/21
description Connect_to_BACKUP
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/22
description Connect_to_BACKUP
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/23
description Connect_to_CX01_GE2
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/24
description Connect_to_CX02_GE2
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/25
description Connect_to_CEC01
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/26
description Connect_to_CEC02
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/27
description Connect_to_VCC01
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
description Connect_to_VCC02
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/29
description Connect_to_CX01_GE1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/30
description Connect_to_CX02_GE1
switchport access vlan 20
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/31
description Connect_to_ME01_GE2
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/32
description Connect_to_ME02_GE2
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/33
description Connect_to_USC01
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/34
description Connect_to_USC02
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/35
description Connect_to_EPG01
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/36
description Connect_to_EPG02
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/37
description Connect_to_MD01
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/38
description Connect_to_ME02
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/39
description Connect_to_CMM01
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/40
description Connect_to_CMM02
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/41
description Connect_to_ME01_GE1
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/42
description Connect_to_ME02_GE1
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/43
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/44
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/45
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/46
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/47
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/48
description Connect_to
switchport access vlan 10
switchport mode access
spanning-tree portfast
!

# 设置GE口1/0/49, 描述为Connect_to_MAN_7609_7/28,设置该接口为路由口(no switchport把二层的交换接口转换为
# 三层的IP接口,三层接口必须具有IP),该接口的IP地址和掩码分别是122.224.109.26和255.255.255.252。
interface GigabitEthernet1/0/49
description Connect_to_MAN_7609_7/28
no switchport
ip address 122.224.109.26 255.255.255.252
!

# 设置GE口1/0/50, 描述为Connect_to_IPTV_4506_2_1/2,设置该接口为路由口,该接口的IP地址和掩码分别
# 是122.224.109.30和255.255.255.252,设置PIM模式为sparse稀疏模式(还有dense密集和sparse-dense模式)。
# 在非dense模式下,PIM需要借助RP(redezvous point汇聚点)来实现多播路由转发和多播数据转发,RP的建立
# 方式有三种,分别是static,autorp 以及 bsr,所有多播源将数据发给RP,再由RP转发给接收者,这样避免
# 了FULL MESH拓扑下大量的FLOOD。
# 该接口要进行速度协商。
interface GigabitEthernet1/0/50
description Connect_to_IPTV_4506_2_1/2
no switchport
ip address 122.224.109.30 255.255.255.252
ip pim sparse-mode
speed nonegotiate
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!

# 设置1号VLAN,没有IP地址,关闭掉
interface Vlan1
no ip address
shutdown
!

# 设置10号VLAN,描述为OSS,IP地址和掩码为122.224.108.129和255.255.255.224,打开组播PIM协议为sparse模式。
# 处于一个VLAN中的物理接口的IP地址可以自由的在VLAN地址段里面随便选择。
interface Vlan10
description OSS
# 表示子网地址为122.224.108.128,掩码为255.255.255.224(27位),广播地址为122.224.108.159,
# 子网可用地址为122.224.108.129到122.224.108.158,其中122.224.108.129做了这个VLAN的网关地址。
ip address 122.224.108.129 255.255.255.224
ip pim sparse-mode
!        
interface Vlan20
description IPTV_CX(VCC)
ip address 122.224.108.193 255.255.255.240
ip pim sparse-dense-mode
!
interface Vlan30
description IPTV_MS
ip address 122.224.108.209 255.255.255.240
ip pim sparse-mode
!
interface Vlan50
description IPTV_onlinesvr
ip address 122.224.108.161 255.255.255.224
ip pim sparse-mode
!
interface Vlan100
description IPVS_svr
ip address 122.224.108.225 255.255.255.240
ip pim sparse-mode
!
interface Vlan110
description NAS
ip address 122.224.109.17 255.255.255.248
ip pim sparse-mode
!
interface Vlan150
description DECODER
ip address 122.224.108.241 255.255.255.240
ip pim sparse-dense-mode
# management表示是管理VLAN,其管理地址为122.224.108.241,可以用telnet连接它。
management
!

# 配置OSPF路由,进程号为100,记录OSPF邻居状态的改变
router ospf 100
log-adjacency-changes
# 链路速率大于100Mbps的时候必须设置自动计算参考带宽,设置参考带宽为10000Mbps,
# 这个值必须在OSPF整个AS里面的每台路由器上都要配置,并且保持一致性
auto-cost reference-bandwidth 10000
# 将所有本路由器的直连接口以外部路由方式送进本路由协议
redistribute connected subnets
# 将静态路由分发到本路由协议中
redistribute static
# 配置所有接口为被动模式,告知动态路由协议不要通过该接口发送网络广播,也就不会发出路由更新
passive-interface default
# 开放GE口1/0/50为非被动模式,连接到其他路由器或交换机
no passive-interface GigabitEthernet1/0/50
# 配置网络地址为122.224.109.30,0.0.0.0(掩码的反码)表示这个网段只存在一台主机,区域为0
network 122.224.109.30 0.0.0.0 area 0
!

# RIP是Classful,它在做路由广播时不带掩码信息
# OSPF,EIGRP,BGP4是Classless的,它们在做路由广播时带掩码信息
# classful和classless可以同时运行在同一个路由器上
ip classless

# 配置默认路由,目的地址0.0.0.0,掩码0.0.0.0,网关为122.224.109.25
ip route 0.0.0.0 0.0.0.0 122.224.109.25

# 配置使用http服务,就是可以通过http来配置修改本路由器的参数
ip http server

# 本路由器的http服务改成https://方式
ip http secure-server
!
!

# 建立名字为WAN-ACL的IP ACL扩展,拒绝所有的ICMP消息,拒绝端口为1521的TCP消息,允许其他所有IP消息
ip access-list extended WAN-ACL
deny   icmp any any
# 第一个any为源地址或源网络,第二个any表示掩码的反码,eq 1521表示端口等于1521
deny   tcp any any eq 1521
permit ip any any
!
!

#
control-plane
!
!

# 配置串口0,配置虚终端0到4号
line con 0
line vty 0 4
# 允许TELNET登入
access-class TELNET in
# 自动退出连接终端时间为15分0秒,就是15分钟不动就自动退出终端
exec-timeout 15 0
# 在login的时候等待操作员输入的最长时间为180秒,180秒没有输入,就会超时
timeout login response 180
# 设置的口令
password 7 033E7134333912
# 登录时需要口令检查
login

# 设置虚终端5到15
line vty 5 15
# 登录时需要口令检查
login
!
!

# 设置会话编号为1的监控接口,监控的是源接口为Gi1/0/11的数据流
monitor session 1 source interface Gi1/0/11

# 结束输出
end

HZCTC-CMS-C3750#



通信人家园 (https://www.txrjy.com/) Powered by C114