基于Cat 4908-l3和Cat 3500园区网实例1
1.说明
Cisco的4908-l3的配置比较繁杂,通过IRB来实现不同桥接组之间的通讯 可以与trunk互连 但是,要对每个单独的桥接组进行封装。本实例中主要介绍在一个基于4908为中心,3500为二级交换机的园区网方案设计以及每个设备的调试过程等。着重介绍4908的配置过程 至于3500的配置请见 基本配置栏目中 关于 3500全系列配置的文章。在此,不赘述!
至于vlan分配等,通过基本配置自己体会吧 呵呵!
2.拓扑图
3.4908_Center_A 配置
User Access Verification
PassWord:
Password:
Center_A>en
Password:
Center_A#sho run
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname Center_A
enable secret 5 $1$OHq9$9XvRCkMWcYtsC4glw.NYG.
enable password cisco
ip subnet-zero
no ip domain-lookup
bridge irb (启用IRB 有点儿象 Ip routing)
!
interface GigabitEthernet1
no ip address
no ip directed-broadcast
对物理端口不做配置,通过子接口进行封装。从下面对子接口的封装可以看出G1下面有三个bridge group (1、40、50)
interface GigabitEthernet1.1
encapsulation isl 1
no ip redirects
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet1.40
encapsulation isl 40
no ip redirects
no ip directed-broadcast
bridge-group 40
interface GigabitEthernet1.50
encapsulation isl 50
no ip redirects
no ip directed-broadcast
bridge-group 50
接着进入g2的配置
interface GigabitEthernet2
no ip address
no ip directed-broadcast
interface GigabitEthernet2.1
encapsulation isl 1
no ip redirects
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet2.10
encapsulation isl 10
no ip redirects
no ip directed-broadcast
bridge-group 10
interface GigabitEthernet2.20
encapsulation isl 20
no ip redirects
no ip directed-broadcast
bridge-group 20
interface GigabitEthernet2.30
encapsulation isl 30
no ip redirects
no ip directed-broadcast
bridge-group 30
interface GigabitEthernet2.40
encapsulation isl 40
no ip redirects
no ip directed-broadcast
bridge-group 40
interface GigabitEthernet2.50
encapsulation isl 50
no ip redirects
no ip directed-broadcast
bridge-group 50
interface GigabitEthernet3
no ip address
no ip directed-broadcast
interface GigabitEthernet3.1
encapsulation isl 1
no ip redirects
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet3.150
encapsulation isl 150
no ip redirects
no ip directed-broadcast
bridge-group 150
interface GigabitEthernet4
no ip address
no ip directed-broadcast
interface GigabitEthernet4.1
encapsulation isl 1
no ip redirects
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet4.110
encapsulation isl 110
no ip redirects
no ip directed-broadcast
bridge-group 110
interface GigabitEthernet4.120
encapsulation isl 120
no ip redirects
no ip directed-broadcast
bridge-group 120
interface GigabitEthernet4.130
encapsulation isl 130
no ip redirects
no ip directed-broadcast
bridge-group 130
interface GigabitEthernet4.140
encapsulation isl 140
no ip redirects
no ip directed-broadcast
bridge-group 140
端口G5 G6 G7用于服务器的连接
interface GigabitEthernet5
no ip address
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet6
no ip address
no ip directed-broadcast
bridge-group 1
interface GigabitEthernet7
no ip address
no ip directed-broadcast
bridge-group 1
端口G8预留
interface GigabitEthernet8
no ip address
no ip directed-broadcast
shutdown
上述的br-group有点象 VLAN的划分过程
以下是对每个br-group 加上网关(可以这样理解)
interface BVI1
ip address 10.1.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI10
ip address 10.10.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI20
ip address 10.20.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI30
ip address 10.30.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI40
ip address 10.40.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI50
ip address 10.50.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI110
ip address 10.110.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI120
ip address 10.120.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI130
ip address 10.130.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI140
ip address 10.140.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
interface BVI150
ip address 10.150.0.1 255.255.0.0
no ip directed-broadcast
no ip route-cache cef
ip classless
在每个br-group中指定可路由的协议
bridge 1 protocol ieee
bridge 1 route ip
bridge 10 protocol ieee
bridge 10 route ip
bridge 20 protocol ieee
bridge 20 route ip
bridge 30 protocol ieee
bridge 30 route ip
bridge 40 protocol ieee
bridge 40 route ip
bridge 50 protocol ieee
bridge 50 route ip
bridge 110 protocol ieee
bridge 110 route ip
bridge 120 protocol ieee
bridge 120 route ip
bridge 130 protocol ieee
bridge 130 route ip
bridge 140 protocol ieee
bridge 140 route ip
bridge 150 protocol ieee
bridge 150 route ip
line con 0
password cisco
transport input none
line aux 0
password cisco
line vty 0 4
password cisco
login
end
就可以了
Center_A#
不过不能通过4908实现 VTP server client的配置!
只能通过透明传输 不过 对于二级的堆叠组可以局域实现 server client的配置
4.Center_B 配置
Center_B#show run
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname Center_B
enable secret 5 $1$364f$eocY1OMDhoSaEqXPZ3oIY/
enable password cisco
!
!
!
ip subnet-zero
!
interface FastEthernet0/1
switchport access vlan 130
interface FastEthernet0/2
interface FastEthernet0/3
interface FastEthernet0/4
interface FastEthernet0/5
interface FastEthernet0/6
interface FastEthernet0/7
interface FastEthernet0/8
interface FastEthernet0/9
interface FastEthernet0/10
interface FastEthernet0/11
interface FastEthernet0/12
interface FastEthernet0/13
interface FastEthernet0/14
interface FastEthernet0/15
interface FastEthernet0/16
interface FastEthernet0/17
interface FastEthernet0/18
interface FastEthernet0/19
interface FastEthernet0/20
interface FastEthernet0/21
switchport access vlan 150
interface FastEthernet0/22
switchport access vlan 150
interface FastEthernet0/23
switchport access vlan 150
interface FastEthernet0/24
switchport access vlan 150
interface GigabitEthernet0/1
switchport mode trunk
interface GigabitEthernet0/2
switchport mode trunk
interface VLAN1
ip address 10.1.2.1 255.255.0.0
no ip directed-broadcast
no ip route-cache
!
line con 0
password cisco
transport input none
stopbits 1
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
end
Center_B# show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1,Fa0/2, Fa0/3, Fa0/4, Fa0/5,
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12, Fa0/13,
Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Fa0/18, Fa0/19, Fa0/20
150 wailian active Fa0/21, Fa0/22, Fa0/23, Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
130 enet 100130 1500 - - - - - 0 0
150 enet 100150 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Center_B#
5.bluestudy1 配置
bluestudy1#show run
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname bluestudy1
enable secret 5 $1$oGOc$Jh0uRraaxrbjklW4.22Na0
enable password cisco
!
!
!
ip subnet-zero
!
interface FastEthernet0/1
switchport access vlan 50
interface FastEthernet0/2
switchport access vlan 50
interface FastEthernet0/3
switchport access vlan 50
interface FastEthernet0/4
switchport access vlan 50
interface FastEthernet0/5
switchport access vlan 50
interface FastEthernet0/6
switchport access vlan 50
interface FastEthernet0/7
switchport access vlan 50
interface FastEthernet0/8
switchport access vlan 50
interface FastEthernet0/9
switchport access vlan 50
interface FastEthernet0/10
switchport access vlan 50
interface FastEthernet0/11
switchport access vlan 50
interface FastEthernet0/12
switchport access vlan 50
interface FastEthernet0/13
switchport access vlan 50
interface FastEthernet0/14
switchport access vlan 40
interface FastEthernet0/15
switchport access vlan 40
interface FastEthernet0/16
switchport access vlan 40
interface FastEthernet0/17
switchport access vlan 40
interface FastEthernet0/18
switchport access vlan 40
interface FastEthernet0/19
switchport access vlan 40
interface FastEthernet0/20
switchport access vlan 40
interface FastEthernet0/21
switchport access vlan 40
interface FastEthernet0/22
switchport access vlan 40
interface FastEthernet0/23
switchport access vlan 40
interface FastEthernet0/24
switchport access vlan 40
interface GigabitEthernet0/1
switchport mode trunk
interface GigabitEthernet0/2
switchport mode trunk
interface VLAN1
ip address 10.1.10.1 255.255.0.0
no ip directed-broadcast
no ip route-cache
ip default-gateway 10.1.0.1
line con 0
password cisco
transport input none
stopbits 1
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
end
bluestudy1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active
40 jiben active Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Fa0/18, Fa0/19, Fa0/20, Fa0/21,
Fa0/22, Fa0/23, Fa0/24
50 jiaoshi active Fa0/1, Fa0/2, Fa0/3, Fa0/4,
Fa0/5, Fa0/6, Fa0/7, Fa0/8,
Fa0/9, Fa0/10, Fa0/11, Fa0/12,
Fa0/13
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
3 enet 100003 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
50 enet 100050 1500 - - - - - 0 0
1002 fddi 101002 1500 - 0 - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
bluestudy1#
bluestudy1#
6.bluestudy2_C 配置
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname bluestudy2_C
enable secret 5 $1$wdBN$5M0mlLk09wutc44dApZat0
enable password cisco
!
!
!
ip subnet-zero
!
interface FastEthernet0/1
switchport access vlan 110
interface FastEthernet0/2
switchport access vlan 110
interface FastEthernet0/3
switchport access vlan 110
interface FastEthernet0/4
switchport access vlan 110
interface FastEthernet0/5
switchport access vlan 120
interface FastEthernet0/6
switchport access vlan 120
interface FastEthernet0/7
switchport access vlan 120
interface FastEthernet0/8
switchport access vlan 120
interface FastEthernet0/9
switchport access vlan 120
interface FastEthernet0/10
switchport access vlan 120
interface FastEthernet0/11
switchport access vlan 120
interface FastEthernet0/12
switchport access vlan 120
interface FastEthernet0/13
switchport access vlan 120
interface FastEthernet0/14
switchport access vlan 120
interface FastEthernet0/15
switchport access vlan 120
interface FastEthernet0/16
switchport access vlan 120
interface FastEthernet0/17
switchport access vlan 120
interface FastEthernet0/18
switchport access vlan 120
interface FastEthernet0/19
switchport access vlan 120
interface FastEthernet0/20
switchport access vlan 120
interface FastEthernet0/21
switchport access vlan 140
interface FastEthernet0/22
switchport access vlan 140
interface FastEthernet0/23
switchport access vlan 140
interface FastEthernet0/24
switchport access vlan 140
interface FastEthernet0/25
switchport access vlan 140
interface FastEthernet0/26
switchport access vlan 140
interface FastEthernet0/27
switchport access vlan 140
interface FastEthernet0/28
switchport access vlan 140
interface FastEthernet0/29
switchport access vlan 140
interface FastEthernet0/30
switchport access vlan 140
interface FastEthernet0/31
switchport access vlan 140
interface FastEthernet0/32
switchport access vlan 140
interface FastEthernet0/33
switchport access vlan 140
interface FastEthernet0/34
switchport access vlan 140
interface FastEthernet0/35
switchport access vlan 140
interface FastEthernet0/36
switchport access vlan 140
interface FastEthernet0/37
switchport access vlan 140
interface FastEthernet0/38
switchport access vlan 140
interface FastEthernet0/39
switchport access vlan 140
interface FastEthernet0/40
switchport access vlan 140
interface FastEthernet0/41
switchport access vlan 140
interface FastEthernet0/42
switchport access vlan 140
interface FastEthernet0/43
switchport access vlan 140
interface FastEthernet0/44
switchport access vlan 140
interface FastEthernet0/45
switchport access vlan 140
interface FastEthernet0/46
switchport access vlan 140
interface FastEthernet0/47
switchport access vlan 140
interface FastEthernet0/48
switchport access vlan 140
interface GigabitEthernet0/1
switchport mode trunk
interface GigabitEthernet0/2
switchport mode trunk
interface VLAN1
ip address 10.1.40.1 255.255.0.0
no ip directed-broadcast