在这里插入代码片1000人校园区网设计
1 、配置Eth-trunk实现链路冗余 vlan 900 管理WLAN
sys
undo in en
sysname JR-SW8
int Eth-Trunk 1
mode lacp-static
trunkport g0/0/1 0 /0/2
port link-type trunk
port trunk allow-pass vlan 200 900
qu
vlan batch 200 900
port-g g eth 0 /0/2 eth 0 /0/3
port link-type access
port default vlan 200
sys
sysname HX_SW1
int Eth-Trunk 1
trunkport g 0 /0/2 0 /0/5
port link-type trunk
port trunk allow-pass vlan 200 900
qu
vlan batch 10 20 30 40 200 900
sys
sysname JR_SW5
vlan batch 10 900
port group g e0/0/2 e0/0/3
port link-type access
port default vlan 10
int g 0 /0/1
port link-type trunk
port trunk allow-pass vlan 10 900
q
sys
sysname JR_SW6
vlan batch 20 900
int e0/0/1
port link-type access
port default vlan20
q
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 20 900
sys
sysname HJ_SW2
vlan batch 10 20 900
int g0/0/2
port link-type trunk
port trunk allow-pass vlan 10 900
int g0/0/3
port-type trunk
port trunk allow-pass vlan 20 900
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 900
sys
sysname JR_SW7
undo in en
vlan batch 30 900
port-g g e0/0/1 to e0/0/22
port link-type access
port default vlan 30
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 30 900
sys
sysname HJ_SW3
undo in en
vlan batch 30 900
qu
port-g g g0/0/1 g0/0/2
port link-type trunk
port trunk allow-pass vlan 30 900
qu
sys
sysname JR_SW9
undo in en
vlan batch 40 900
int e0/0/2
port link-type access
port default vlan 40
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 40 900
sys
sysname HJ_SW4
vlan batch 40 900
port-g g g0/0/1 g0/0/2
port link-type trunk
port trunk allow-pass vlan 20 900
qu
vlan 800
int g0/0/0
port link-type trunk
port trunk allow-pass vlan 10 20 900
int g0/0/3
port link-type trunk
port trunk allow-pass vlan 30 900
int g0/0/4
port link-type trunk
port trunk allow-pass vlan 40 900
int g0/0/24
port link-type access
port default vlan 800
qu
int vlan 10
ip add 192.168 .10.1 24
1000 人校园区网设计
1 、配置Eth-trunk实现链路冗余 vlan 900 管理WLAN
sys
undo in en
sysname JR-SW8
int Eth-Trunk 1
mode lacp-static
trunkport g0/0/1 g/0/2
port link-type trunk vlan
port trunk allow-pass vlan 200 900
qu
vlan batch 200 900
port-g g eth 0 /0/2 eth 0 /0/3
port link-type access
port default vlan 200
sys
sysname HX_SW1
int Eth-Trunk 1
trunkport g0/0/2 g0/0/5
port link-type trunk
port trunk allow-pass vlan 200 900
qu
vlan batch 10 20 30 40 200 900
sys
sysname JR_SW5
vlan batch 10 900
port group g e0/0/2 e0/0/3
port link-type access
port default vlan 10
int g 0 /0/1
port link-type trunk
port trunk allow-pass vlan 10 900
q
sys
sysname JR_SW6
vlan batch 20 900
int g0/0/1
port link-type access
port default vlan20
q
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 20 900
sys
sysname HJ_SW2
vlan batch 10 20 900
int g0/0/2
port link-type trunk
port allow-pass vlan 10 900
int g0/0/3
port-type trunk
port trunk allow-pass vlan 20 900
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 900
sys
sysname JR_SW7
undo in en
vlan batch 30 900
port-g g e0/0/1 to e0/0/22
port link-type access
port default vlan 30
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 30 900
sys
sysname HJ_SW3
undo in en
vlan batch 30 900
qu
port-g g g0/0/1 g0/0/2
port link-type trunk
port trunk allow-pass vlan 30 900
qu
sys
sysname JR_SW9
undo in en
vlan batch 40 900
int e0/0/2
port link-type access
port default vlan 40
int g0/0/1
port link-type trunk
port trunk allow-pass vlan 40 900
sys
sysname HJ_SW4
vlan batch 40 900
port-g g g0/0/1 g0/0/2
port link-type trunk
port trunk allow-pass vlan 20 900
qu
vlan 800
int g0/0/0
port link-type trunk
port trunk allow-pass vlan 10 20 900
int g0/0/3
port link-type trunk
port trunk allow-pass vlan 30 900
int g0/0/4
port link-type trunk
port trunk allow-pass vlan 40 900
int g0/0/24
port link-type access
port default vlan 800
qu
int vlan 10
ip add 192.168 .10.1 24
int vlan 20
ip add 192.168 .20.1 24
int vlan 30
ip add 192.168 .30.1 24
int vlan 40
ip add 192.168 .40.1 24
int vlan 200
ip add 192.168 .200.1 24
int vlan 800
ip add 192.168 .254.2 24
DHCP enable
ip pool SYL_vlan10
network 192.168 .10.0 mask 24
gateway-list 192.168 .10.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool SYL_vlan20
network 192.168 .20.0 mask 24
gateway-list 192.168 .20.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool JXL_vlan30
network 192.168 .30.0 mask 24
gateway-list 192.168 .30.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool XZL_vlan40
network 192.168 .40.0 mask 24
gateway-list 192.168 .40.1
dns-list 114.114 .114.114 8.8 .8.8
int vlan 10
dhcp select global
int vlan 20
dhcp select global
int vlan 30
dhcp select global
int vlan 40
dhcp select global
int g4/0/0
ip add 192.168 .254.1 24
int g3/0/0
ip add 12.1 .1.1 29
int g0/0/1
ip add 13.1 .1.1 29
int g1/0/0
ip add 192.168 .104.1 30
int g2/0/0
ip add 192.168 .105.1 30
qu
sysname YD_R2
int e0/0/0
ip add 12.1 .1.6 29
int loo 0
ip add 9.9 .9.9 24
description baidu
sysname LT_R3
int e0/0/0
ip add 13.1 .1.6 29
int loo 0
ip add 9.9 .9.9 24
sysname XXQ1_R4
int e0/0/1
ip add 192.168 .104.2 30
int e0/0/0
ip add 192.168 .100.1 24
sysname XXQ2_R5
int e0/0/0
ip add 192.168 .105.2 30
int e0/0/1
ip add 192.168 .150.1 24
sys
ospf 1 route-id 1.1 .1.1
area 0
network 192.168 .200.0 0.0 .0.255
network 192.168 .10.0 0.0 .0.255
network 192.168 .20.0 0.0 .0.255
network 192.168 .30.0 0.0 .0.255
network 192.168 .40.0 0.0 .0.255
network 192.168 .254.0 0.0 .0.255
sys
ospf 1 route-id 2.2 .2.2
area 0
network 192.168 .254.0 0.0 .0.255
network 192.168 .104.1 0.0 .0.0
network 192.168 .105.1 0.0 .0.0
sys
ospf 1 route-id 4.4 .4.4
area 0
network 192.168 .104.2 0.0 .0.0
network 192.168 .100.1 0.0 .0.0
sys
ospf 1 route-id 5.5 .5.5
area 0
network 192.168 .105.2 0.0 .0.0
network 192.168 .150.1 0.0 .0.0
ip route-static 0.0 .0.0 0 192.168 .254.1
sys
ip route-static 0.0 .0.0 0 12.1 .1.6
ip route-static 0.0 .0.0 0 13.1 .1.6 preference 70
acl 2000
rule 5 permit source 192.168 .0.0 0.0 .255.255
qu
int g3/0/0
nat server protocol tcp global curretn-intface www inside 192.168 .200.10 www
nat outbound 2000
int g0/0/1
nat server protocol tcp global curretn-intface www inside 192.168 .200.10 www
nat outbound 2000
sys
aaa
local-user aa privilege level 3 password cipher 123
local-user aa service-type telnet
qu
user-interface vty 0 4
protocol inbound telnet
telnet server enable
authentication-mode aaa
int vlan 900
ip add 192.168 .255.1 24
sys
aaa
local-user aa privilege level 3 password cipher 123
local-user aa service-type telnet
qu
user-interface vty 0 4
protocol inbound telnet
telnet server enable
authentication-mode aaa
int vlan 900
ip add 192.168 .255.8 24
qu
ip route-static 0.0 .0.0 192.168 .255.1
acl 3000
rule 5 permit ip source 192.168 .40.0 0.0 .0.255 destination 192.168 .200.20 0
rule 10 deny ip source any destination 192.168 .200.20 0
int Eth-Trunk1
traffic-filter outbound acl 3000
sys
acl 3001
rule permit ip destination 192.168 .0.0 0.0 .255.255
rule deny ip source 192.168 .20.0 0.0 .0.255
int g4/0/0
traffic-filter inbound acl 3001
snmp-agent sys-info version allo
snmp-agent community write 123
snmp-agent community read 456
DHCP enable
ip pool SYL_vlan10
network 192.168 .10.0 mask 24
gateway-list 192.168 .10.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool SYL_vlan20
network 192.168 .20.0 mask 24
gateway-list 192.168 .20.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool JXL_vlan30
network 192.168 .30.0 mask 24
gateway-list 192.168 .30.1
dns-list 114.114 .114.114 8.8 .8.8
ip pool XZL_vlan40
network 192.168 .40.0 mask 24
gateway-list 192.168 .40.1
dns-list 114.114 .114.114 8.8 .8.8
int vlan 10
dhcp select global
int vlan 20
dhcp select global
int vlan 30
dhcp select global
int vlan 40
dhcp select global
int g4/0/0
ip add 192.168 .254.1 24
int g3/0/0
ip add 12.1 .1.1 29
int g0/0/1
ip add 13.1 .1.1 29
int g1/0/0
ip add 192.168 .104.1 30
int g2/0/0
ip add 192.168 .105.1 30
qu
sysname YD_R2
int e0/0/0
ip add 12.1 .1.6 29
int loo 0
ip add 9.9 .9.9 24
description baidu
sysname LT_R3
int e0/0/0
ip add 13.1 .1.6 29
loo 0
ip add 9.9 .9.9 24
sysname XXQ1_R4
int e0/0/1
ip add 192.168 .104.2 30
int e0/0/0
ip add 192.168 .100.1 24
sysname XXQ2_R5
int e0/0/0
ip add 192.168 .105.2 30
int e0/0/1
ip add 192.168 .105.1 24
sys
ospf 1 route-id 1.1 .1.1
area 0
network 192.168 .200.0 0.0 .0.255
network 192.168 .10.0 0.0 .0.255
network 192.168 .20.0 0.0 .0.255
network 192.168 .30.0 0.0 .0.255
network 192.168 .40.0 0.0 .0.255
network 192.168 .254.0 0.0 .0.255
sys
ospf 1 route-id 2.2 .2.2
area 0
network 192.168 .254.0 0.0 .0.255
network 192.168 .104.1 0.0 .0.0
network 192.168 .105.1 0.0 .0.0
sys
ospf 1 route-id 4.4 .4.4
area 0
network 192.168 .104.2 0.0 .0.0
network 192.168 .100.1 0.0 .0.0
sys
ospf 1 route-id 5.5 .5.5
area 0
network 192.168 .105.2 0.0 .0.0
network 192.168 .150.1 0.0 .0.0
sys
ip route-static 0.0 .0.0 0 12.1 .1.6
ip route-static 0.0 .0.0 0 13.1 .1.6 preference 70
acl 2000
rule 5 permit source 192.168 .0.0 0.0 .255.255
qu
int g3/0/0
nat outbound 2000
int g 0 /0/1p
int g3/0/0
nat server protocol tcp global curretn-intface www inside 192.168 .200.10 www
nat outbound 2000
int g0/0/1
nat server protocol tcp global curretn-intface www inside 192.168 .200.10 www
nat outbound 2000
sys
aaa
local-user aa privilege level 3 password cipher 123
local-user aa service-type telnet
qu
user-interface vty 0 4
protocol inbound telnet
authentication-mode aaa
q
telnet server enable
int vlan 900
ip add 192.168 .255.1 24
sys
aaa
local-user aa privilege level 3 password cipher 123
local-user aa service-type telnet
qu
user-interface vty 0 4
protocol inbound telnet
authentication-mode aaa
int vlan 900
ip add 192.168 .255.8 24
qu
telnet server enable
ip route-static 0.0 .0.0 0 192.168 .255.1
acl 3000
rule 5 permit ip source 192.168 .40.0 0.0 .0.255 destination 192.168 .200.20 0
rule 10 deny ip source any destination 192.168 .200.20 0
int Eth-Trunk1
traffic-filter outbound acl 3000
sys
acl 3001
rule permit ip destination 192.168 .0.0 0.0 .255.255
rule deny ip source 192.168 .20.0 0.0 .0.255
int g4/0/0
traffic-filter inbound acl 3001
snmp-agent sys-info version allo
snmp-agent community write 123
snmp-agent community read 456