H3C交换机(S5500)策略路由配置笔记
2014-02-18 09:05
656 查看
写过华为S8508的策略路由,这次碰到一台H3C S5500,在配置上和华为交换机有些不同。大致配置如下:拓扑图:
![](http://guanjianfeng.com/wp-content/uploads/2009/08/h3c55002.gif)
网络情况如下:用户1网络:172.16.1.0/24
用户2网络: 192.168.1.0/24
至出口1网络:172.16.100.0/24
至出口2网络:192.168.100.0/24实现功能:用户1通过互联网出口1,用户2通过互联网出口2。
功能实现:在三层交换台机上配置默认路由,将数据包丢向192.168.100.253,再利用策略路由,凡是用户2网络IP192.168.1.0/24的地址都丢向172.16.100.253。配置步骤:说明:这里接口的配置等操作就不在写了。1、首先建立默认路由,将所有的数据包都丢往出口2的下一节点192.168.100.253[H3C5500] ip route-static 0.0.0.0 0.0.0.0 192.168.100.2532、配置流分类1,对象为172.16.1.0/24的数据[H3C5500]acl number 3001[H3C5500-acl-adv-3001] rule 0 permit ip source 172.16.1.0 0.0.0.255[H3C5500] quit[H3C5500] traffic classifier 1[H3C5500-classifier-1] if-match acl 3001[H3C5500-classifier-1] quit3、配置刚才定义的流分类的行为,定义如果匹配就下一跳至出口1即172.16.100.253[H3C5500] traffic behavior 1[H3C5500-behavior-1] redirect next-hop 172.16.100.253[H3C5500-behavior-1] quit4、将刚才设置的应用至QOS策略中,定义policy 1[H3C5500] qos policy 1[H3C5500-qospolicy-1] classifier 1 behavior 1[H3C5500-qospolicy-1] quit5、在接口上应用定义的QOS策略policy 1[H3C5500] interface GigabitEthernet 1/0/15[H3C5500-GigabitEthernet1/0/15] qos apply policy 1 inbound[H3C5500-GigabitEthernet1/0/15] quit至此,配置已完成。配置文件(略过一些接口配置信息):version 5.20, Release 2102P02
#
sysname H3C5500
#
domain default enable system
#
telnet server enable
#
vlan 1
#
vlan 100 to 103
#
traffic classifier 1 operator and
if-match acl 3001
#
traffic behavior 1
redirect next-hop 172.16.100.253
#
qos policy 1
classifier 1 behavior 1
#
dhcp server ip-pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.254
dns-list 221.228.255.1
#
dhcp server ip-pool 2
network 172.16.1.0 mask 255.255.255.0
gateway-list 172.16.1.254
dns-list 221.228.255.1
#
local-user huawei
password cipher .]@USE=B,53Q=^Q`M<1!!
service-type telnet terminal
level 3
#
acl number 3001
rule 0 permit ip source 172.16.1.0 0.0.0.255
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.0.254 255.255.255.0
#
interface Vlan-interface100
ip address 192.168.100.254 255.255.255.0
#
interface Vlan-interface101
ip address 192.168.1.254 255.255.255.0
#
interface Vlan-interface102
ip address 172.16.100.254 255.255.255.0
#
interface Vlan-interface103
ip address 172.16.1.254 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 100
speed 1000
duplex full
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 102
speed 1000
duplex full
#
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 101 103
speed 1000
duplex full
qos apply policy 1 inbound
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 101 103
speed 1000
duplex full
qos apply policy 1 inbound
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.253
#
dhcp enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
return
![](http://guanjianfeng.com/wp-content/uploads/2009/08/h3c55002.gif)
网络情况如下:用户1网络:172.16.1.0/24
用户2网络: 192.168.1.0/24
至出口1网络:172.16.100.0/24
至出口2网络:192.168.100.0/24实现功能:用户1通过互联网出口1,用户2通过互联网出口2。
功能实现:在三层交换台机上配置默认路由,将数据包丢向192.168.100.253,再利用策略路由,凡是用户2网络IP192.168.1.0/24的地址都丢向172.16.100.253。配置步骤:说明:这里接口的配置等操作就不在写了。1、首先建立默认路由,将所有的数据包都丢往出口2的下一节点192.168.100.253[H3C5500] ip route-static 0.0.0.0 0.0.0.0 192.168.100.2532、配置流分类1,对象为172.16.1.0/24的数据[H3C5500]acl number 3001[H3C5500-acl-adv-3001] rule 0 permit ip source 172.16.1.0 0.0.0.255[H3C5500] quit[H3C5500] traffic classifier 1[H3C5500-classifier-1] if-match acl 3001[H3C5500-classifier-1] quit3、配置刚才定义的流分类的行为,定义如果匹配就下一跳至出口1即172.16.100.253[H3C5500] traffic behavior 1[H3C5500-behavior-1] redirect next-hop 172.16.100.253[H3C5500-behavior-1] quit4、将刚才设置的应用至QOS策略中,定义policy 1[H3C5500] qos policy 1[H3C5500-qospolicy-1] classifier 1 behavior 1[H3C5500-qospolicy-1] quit5、在接口上应用定义的QOS策略policy 1[H3C5500] interface GigabitEthernet 1/0/15[H3C5500-GigabitEthernet1/0/15] qos apply policy 1 inbound[H3C5500-GigabitEthernet1/0/15] quit至此,配置已完成。配置文件(略过一些接口配置信息):version 5.20, Release 2102P02
#
sysname H3C5500
#
domain default enable system
#
telnet server enable
#
vlan 1
#
vlan 100 to 103
#
traffic classifier 1 operator and
if-match acl 3001
#
traffic behavior 1
redirect next-hop 172.16.100.253
#
qos policy 1
classifier 1 behavior 1
#
dhcp server ip-pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.254
dns-list 221.228.255.1
#
dhcp server ip-pool 2
network 172.16.1.0 mask 255.255.255.0
gateway-list 172.16.1.254
dns-list 221.228.255.1
#
local-user huawei
password cipher .]@USE=B,53Q=^Q`M<1!!
service-type telnet terminal
level 3
#
acl number 3001
rule 0 permit ip source 172.16.1.0 0.0.0.255
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.0.254 255.255.255.0
#
interface Vlan-interface100
ip address 192.168.100.254 255.255.255.0
#
interface Vlan-interface101
ip address 192.168.1.254 255.255.255.0
#
interface Vlan-interface102
ip address 172.16.100.254 255.255.255.0
#
interface Vlan-interface103
ip address 172.16.1.254 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 100
speed 1000
duplex full
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 102
speed 1000
duplex full
#
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 101 103
speed 1000
duplex full
qos apply policy 1 inbound
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 101 103
speed 1000
duplex full
qos apply policy 1 inbound
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.253
#
dhcp enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
return
相关文章推荐
- 路由策略、策略路由笔记
- Linux 路由 学习笔记 之五 策略规则相关的数据结构以及ipv4策略规则的初始化
- Cisco 基于策略路由的配置实例
- 路由交换笔记(九)---OSPF定义,特点,作用和基本配置
- Fortigate 防火墙策略路由配置实现双链路互访
- Cisco 3640策略路由配置
- 使用 ip route , ip rule , iptables 配置策略路由
- Cisco 3640策略路由配置
- Quidway NE40策略路由的配置
- 策略路由以及使用 ip route , ip rule , iptables 配置策略路由实例
- iproute2 策略路由与流量控制笔记
- iproute2 策略路由与流量控制笔记
- 使用Linux 策略路由配置多网卡路由
- H3C 5500 策略路由配置
- 华为Quidway 8508交换机上做策略路由笔记
- “TI门外汉”网路知识笔记三 cisco路由交换的远程登陆配置
- Linux 路由 学习笔记 之六 策略规则的添加
- h3c交换机的vlan控制策略路由设置
- Cisco 3640策略路由配置