云计算网络vlan拓扑笔记

设置vlan和IP【VLAN 2---- ->10.0.2.0/24。VLAN 3--->10.0.3.0/24。VLAN 20---->10.0.20.0/24。VLAN 30---->10.0.30.0/24】
vlan【sw3vlan设置】
[sw3]vlan batch 2 3 20 30
0/0/1]port link-type access
0/0/1]port default vlan 2
0/0/2]port link-type access
0/0/2]port default vlan 3
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 3 20 30
0/0/4]po li t
0/0/4]po t all v 2 3 20 30
【sw4vlan设置】
[sw4]vlan batch 2 3 20 30
0/0/1]port link-type access
0/0/1]port default vlan 20
0/0/2]port link-type access
0/0/2]port default vlan 30
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 3 20 30
0/0/4]po li t
0/0/4]po t all v 2 3 20 30
【sw1和sw2链路聚合】
[sw1]vlan batch 2 3 20 30
[sw1]interface Eth-Trunk 0
[sw1-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2
[sw1-Eth-Trunk0]port link-type trunk
[sw1-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 3 20 30
0/0/4]port link-type trunk
0/0/4]port trunk allow-pass vlan 2 3 20 30
dis vlan

[sw2]vlan batch 2 3 20 30
[sw2]interface Eth-Trunk 0
[sw2-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2
[sw2-Eth-Trunk0]port link-type trunk
[sw2-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 3 20 30
0/0/4]port link-type trunk
0/0/4]port trunk allow-pass vlan 2 3 20 30
SW1为VLAN 2/3的主根及主网关，SW2为v1an 20/30的主根及主网关，sw1和sw2相互备份
天生树协议设置【sw3】
[sw3]stp enable
[sw3]stp mode mstp
[sw3]stp region-configuration     —进入MSTP域设置视图
[sw3-mst-region]region-name aa    修改域名【默认域名为当地MAC地址】
[sw3-mst-region]revision-level 100
[sw3-mst-region]instance 1 vlan 2 3
[sw3-mst-region]instance 2 vlan 20 30
[sw3-mst-region]active region-configuration    【激活域，无激活则无效】
【sw4】
[sw4]stp en
[sw4]stp m m
[sw4]stp re                  【可以将 ] 后面的代码全部复制粘贴快速设置】
[sw4-mst-region]region-name aa
[sw4-mst-region]revision-level 100
[sw4-mst-region]instance 1 vlan 2 3
[sw4-mst-region]instance 2 vlan 20 30
[sw4-mst-region]active region-configuration
【sw1和sw2也是一样的设置】
[sw1]stp instance 1 root primary   做实例1主根
[sw1]stp instance 2 root secondary  备份根
[sw2]stp instance 2 root primary
[sw2]stp instance 1 root secondary
[sw3-GigabitEthernet0/0/1]stp edged-port enable【开启边缘端口功能，可不开】
设置三层交换机要有VRRP，vlanif三层接口【sw1】
[sw1]int Vlanif 2
[sw1-Vlanif2]ip ad 10.0.2.1 24
[sw1-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.254
[sw1-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.100
[sw1-Vlanif2]vrrp vrid 1 priority 120
[sw1-Vlanif2]vrrp vrid 1 preempt-mode timer delay 20
[sw1-Vlanif2]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
[sw1]int Vlanif 3
[sw1-Vlanif3]ip ad 10.0.3.1 24
[sw1-Vlanif3]vrrp vrid 1 virtual-ip 10.0.3.254
[sw1-Vlanif3]vrrp vrid 1 priority 120
[sw1-Vlanif3]vrrp vrid 1 preempt-mode timer delay 20
[sw1-Vlanif3]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
备份网关20和30
[sw1]int Vlanif 20
[sw1-Vlanif20]ip ad 10.0.20.1 24
[sw1-Vlanif20]vrrp vrid 1 virtual-ip 10.0.20.254
[sw1]int Vlanif 30
[sw1-Vlanif30]ip ad 10.0.30.1 24
[sw1-Vlanif30]vrrp vrid 1 virtual-ip 10.0.30.254
dis cu

[sw2]interface Vlanif 2
[sw2-Vlanif2]ip ad 10.0.2.2 24
[sw2-Vlanif2]vrrp vrid 1 virtual-ip 10.0.2.254
[sw2]interface Vlanif 3
[sw2-Vlanif3]ip ad 10.0.3.2 24
[sw2-Vlanif3]vrrp vrid 1 virtual-ip 10.0.3.254

[sw2]int v 20
[sw2-Vlanif20]ip ad 10.0.20.2 24
[sw2-Vlanif20]vrrp vrid 1 virtual-ip 10.0.20.254
[sw2-Vlanif20]vrrp vrid 1 priority 120
[sw2-Vlanif20]vrrp vrid 1 preempt-mode timer delay 20
[sw2-Vlanif20]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
[sw2]int v 30
[sw2-Vlanif30]ip ad 10.0.30.2 24
[sw2-Vlanif30]vrrp vrid 1 virtual-ip 10.0.30.254
[sw2-Vlanif30]vrrp vrid 1 priority 120
[sw2-Vlanif30]vrrp vrid 1 preempt-mode timer delay 20
[sw2-Vlanif30]vrrp vrid 1 track interface GigabitEthernet 0/0/5 reduced 30
dis vrrp brief

交换机DHCP设置
[sw1]dhcp enable
[sw1]ip pool vlan2
[sw1-ip-pool-vlan2]network 10.0.2.0 mask 25
[sw1-ip-pool-vlan2]gateway-list 10.0.2.100
[sw1-ip-pool-vlan2]dns-list 8.8.8.8
[sw2]dhcp enable
[sw2]ip pool vlan2
[sw2-ip-pool-vlan2]network 10.0.2.128 mask 25
[sw2-ip-pool-vlan2]gateway-list 10.0.2.254
[sw2-ip-pool-vlan2]dns-list 8.8.8.8
[sw2]int v 2
[sw2-Vlanif2]dhcp select global
互联网vlan设置
[sw1]vlan 11
[sw1-vlan11]q
[sw1]int g 0/0/5
0/0/5]port link-type access
0/0/5]port default vlan 11
[sw1]int v 11
[sw1-Vlanif11]ip ad 10.0.11.1 30
[sw2]vlan 12
[sw2-vlan12]q
[sw2]int g 0/0/5
0/0/5]port link-type access
0/0/5]port default vlan 12
[sw2]int v 12
[sw2-Vlanif12]ip ad 10.0.11.5 30
[r1]int g 0/0/1
0/0/1]ip ad 10.0.11.2 30
0/0/1]int g 0/0/2
0/0/2]ip ad 10.0.11.6 30
[sw1]ospf 1
[sw1-ospf-1]area 0
0.0.0.0]network 10.0.2.1 0.0.0.0
0.0.0.0]network 10.0.3.1 0.0.0.0
0.0.0.0]network 10.0.11.1 0.0.0.0
0.0.0.0]network 10.0.20.1 0.0.0.0
0.0.0.0]network 10.0.30.1 0.0.0.0
[sw2]ospf 1
[sw2-ospf-1]area 0
0.0.0.0]network 10.0.2.2 0.0.0.0
0.0.0.0]network 10.0.3.2 0.0.0.0
0.0.0.0]network 10.0.11.5 0.0.0.0
0.0.0.0]network 10.0.20.2 0.0.0.0
0.0.0.0]network 10.0.30.2 0.0.0.0
[r1]ospf 1
[r1-ospf-1]area 0
0.0.0.0]network 10.0.11.2 0.0.0.0
0.0.0.0]network 10.0.11.6 0.0.0.0
dis ospf p b

[sw1-ospf-1]silent-interface Vlanif 2
[sw1-ospf-1]silent-interface Vlanif 3
[sw1-ospf-1]silent-interface Vlanif 20
[sw1-ospf-1]silent-interface Vlanif 30
[sw2]ospf 1
[sw2-ospf-1]silent-interface Vlanif 2
[sw2-ospf-1]silent-interface Vlanif 3
[sw2-ospf-1]silent-interface Vlanif 20
[sw2-ospf-1]silent-interface Vlanif 30
[sw1]vlan 13
[sw1]int e 0
[sw1-Eth-Trunk0]port trunk allow-pass vlan 13
[sw2]vlan 13
[sw2]int e 0
[sw2-Eth-Trunk0]port trunk allow-pass vlan 13
[sw1]和[sw2]
int v 13
[sw1-Vlanif13]ip ad 10.0.13.1 30
[sw2-Vlanif13]ip ad 10.0.13.2 30
[sw1]0.0.0.0]network 10.0.13.1 0.0.0.0
[sw2]0.0.0.0]network 10.0.13.2 0.0.0.0
路由器之间使用静态协议设置
外网设置
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip ad 202.1.1.1 30
[isp]int g 0/0/0
[isp-GigabitEthernet0/0/0]ip ad 202.1.1.2 30
[isp]interface LoopBack 0          【环回接口】
[isp-LoopBack0]ip ad 100.100.100.100 32
[isp]ip route-static 0.0.0.0 0 202 1 1 2    【缺省路由】
[r1]ospf 1
[r1-ospf-1]default-route-advertise
[sw1]dis ip ro p o

AR1设置为企业出口路由器
因为是公网，不能有私有路由，要用ACL
[r1]acl 2000
[r1-acl-basic-2000]ru p s 10.0.0.0 0.0.255.255
0/0/0]nat o 2000

创建sub-vlan，并将相关接口划入VLAN中
设置super-vlan
[sw1]int e 0
[sw1-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2
[sw1]vlan b 2 3 20 30 301 302
[sw1]vlan 100
[sw1-vlan100]aggregate-vlan       【超级vlan，将vlan 100设定为spuer-vlan】
[sw1-vlan100]access-vlan 2 3 301     ---将sub-vlan参加到super-vlan中
[sw1]vlan 200
[sw1-vlan200]aggregate-vlan
[sw1-vlan200]access-vlan 20 30 302
[sw1]interface Eth-Trunk 0
[sw1-Eth-Trunk0]port link-type trunk
[sw1-Eth-Trunk0]port trunk allow-pass vlan 2 3 20 30 301 302
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302
0/0/4]port link-type trunk
0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302
[sw2]int e 0
[sw2-Eth-Trunk0]trunkport GigabitEthernet 0/0/1 to 0/0/2
[sw2]vlan b 2 3 20 30 301 302
[sw2]vlan 100
[sw2-vlan100]aggregate-vlan
[sw2-vlan100]access-vlan 2 3 301
[sw2]vlan 200
[sw2-vlan200]aggregate-vlan
[sw2-vlan200]access-vlan 20 30 302
[sw2]interface Eth-Trunk 0
[sw2-Eth-Trunk0]po li t
[sw2-Eth-Trunk0]po t all v 2 3 20 30 301 302
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302
0/0/4]port link-type trunk
0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302

[sw3]和[sw4]
vlan b 2 3 20 30 301 302
vlan 100
aggregate-vlan
access-vlan 2 3 301
vlan 200
aggregate-vlan
access-vlan 20 30 302
[sw3]0/0/1]po li a               [sw4]0/0/1]po li a
0/0/1]po de v 2                      0/0/1]po de v 20
0/0/2]po li a                         0/0/2]po li a
0/0/2]po de v 3                      0/0/2]po de v 30  
0/0/3]port link-type trunk
0/0/3]port trunk allow-pass vlan 2 to 3 20 30 301 to 302
0/0/4]port link-type trunk
0/0/4]port trunk allow-pass vlan 2 to 3 20 30 301 to 302
[sw1—4]
stp region-configuration
region-name aa
revision-level 100
instance 1 vlan 2 3 301
instance 2 vlan 20 30 302
active region-configuration
[sw1]stp instance 1 root primary   做实例1主根
[sw1]stp instance 2 root secondary  备份根
[sw2]stp instance 2 root primary
[sw2]stp instance 1 root secondary
[sw1]interface Vlanif 100
[sw1-Vlanif100]ip ad 10.0.100.1 24
[sw1-Vlanif100]vrrp vrid 1 virtual-ip 10.0.100.254
[sw1-Vlanif100]vrrp vrid 1 priority 120
[sw1]interface Vlanif 200
[sw1-Vlanif200]ip ad 10.0.200.1 24
[sw1-Vlanif200]vrrp vrid 1 virtual-ip 10.0.200.254
[sw1-Vlanif200]vrrp vrid 1 priority 120
[sw2]interface Vlanif 100
[sw2-Vlanif100]ip ad 10.0.100.2 24
[sw2-Vlanif100]vrrp vrid 1 virtual-ip 10.0.100.254
[sw2-Vlanif100]vrrp vrid 1 priority 120
[sw2]interface Vlanif 200
[sw2-Vlanif200]ip ad 10.0.200.2 24
[sw2-Vlanif200]vrrp vrid 1 virtual-ip 10.0.200.254
[sw2-Vlanif200]vrrp vrid 1 priority 120
[sw1]和[sw2]实现super-vlan之间的PC通讯
int v 100
vrrp advertise send-mode 301
arp-proxy inter-sub-vlan-proxy enable
int v 200
vrrp advertise send-mode 302
arp-proxy inter-sub-vlan-proxy enable

免责声明：如果侵犯了您的权益，请联系站长，我们会及时删除侵权内容，谢谢合作！更多信息从访问主页：qidao123.com:ToB企服之家，中国第一个企服评测及商务社交产业平台。