武汉CBD网络建设项目
2014-04-26 10:31
411 查看
第一部分 网络系统架构调整
1.1、网络系统拓扑图
第二部分 网络IP地址规划
2.1、网络设备IP地址规划表
| Vlan编号 | 是否DHCP | Vlan网关 | 子网 | 子网掩码 |
| 10 | 否 | 192.168.10.254 | 192.168.10.0 | 24 |
| 20 | 否 | 192.168.20.254 | 192.168.20.0 | 24 |
| 30 | 否 | 192.168.30.254 | 192.168.30.0 | 24 |
| 40 | 否 | 192.168.40.254 | 192.168.40.0 | 24 |
| 50 | 否 | 192.168.50.254 | 192.168.50.0 | 24 |
| 99 | 否 | 172.16.99.1 | 172.16.99.0 | 24 |
| 100 | 否 | 172.16.98.1 | 172.16.98.0 | 24 |
第三部分 交换机配置文件
3.1 核心交换机1配置
<hexin01>sySystem View: return to User View withCtrl+Z.
[hexin01]dis cu
#
version 5.20, Release 2202
#
sysname hexin01
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnet server enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
vlan 50
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool vlan10
network 192.168.10.0 mask 255.255.255.0
gateway-list 192.168.10.254
dns-list 61.232.206.103
#
dhcp server ip-pool vlan50
network 192.168.50.0 mask 255.255.255.0
gateway-list 192.168.50.254
dns-list 61.232.206.103
#
user-group system
#
#
interface NULL0
#
interface Vlan-interface1
ipaddress 172.16.1.1 255.255.255.0
#
interface Vlan-interface10
ipaddress 192.168.10.250 255.255.255.0
vrrpvrid 1 virtual-ip 192.168.10.254
vrrpvrid 1 priority 110
vrrpvrid 1 preempt-mode timer delay 5
vrrpvrid 1 track interface Vlan-interface99 reduced 30
#
interface Vlan-interface20
ipaddress 192.168.20.250 255.255.255.0
#
interface Vlan-interface30
ipaddress 192.168.30.250 255.255.255.0
#
interface Vlan-interface40
ipaddress 192.168.40.250 255.255.255.0
vrrpvrid 4 virtual-ip 192.168.40.254
vrrpvrid 4 preempt-mode timer delay 5
#
interface Vlan-interface50
ipaddress 192.168.50.250 255.255.255.0
vrrpvrid 5 virtual-ip 192.168.50.254
vrrpvrid 5 preempt-mode timer delay 5
#
interface Vlan-interface99
ipaddress 172.16.99.1 255.255.255.0
#
interface Vlan-interface100
#
interface GigabitEthernet1/0/1
#
interface GigabitEthernet1/0/2
#
interface GigabitEthernet1/0/3
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
interface GigabitEthernet1/0/9
#
interface GigabitEthernet1/0/10
#
interface GigabitEthernet1/0/11
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
interface GigabitEthernet1/0/21
#
interface GigabitEthernet1/0/22
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
portaccess vlan 99
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
iproute-static 0.0.0.0 0.0.0.0 172.16.99.2
#
dhcpserver forbidden-ip 192.168.10.250 192.168.10.254
dhcpserver forbidden-ip 192.168.50.250 192.168.50.254
dhcpserver forbidden-ip 192.168.50.1
dhcpserver forbidden-ip 192.168.10.1
dhcpserver forbidden-ip 192.168.10.251
dhcpserver forbidden-ip 192.168.50.251
#
dhcpenable
#
user-interface aux 0 8
return
[hexin01]
3.2 核心交换机2配置
[hexin02]dis cu#
version 5.20, Release 2202
#
sysname hexin02
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnet server enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
vlan 50
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool vlan10
network 192.168.10.0 mask 255.255.255.0
gateway-list 192.168.10.254
dns-list 61.232.206.103
#
dhcp server ip-pool vlan50
network 192.168.50.0 mask 255.255.255.0
gateway-list 192.168.50.254
dns-list61.232.206.103
#
user-group system
#
#
interface NULL0
#
interface Vlan-interface1
ipaddress 172.16.1.2 255.255.255.0
#
interface Vlan-interface10
ipaddress 192.168.10.251 255.255.255.0
vrrpvrid 1 virtual-ip 192.168.10.254
vrrpvrid 1 preempt-mode timer delay 5
#
interface Vlan-interface20
ipaddress 192.168.20.251 255.255.255.0
#
interface Vlan-interface30
ipaddress 192.168.30.251 255.255.255.0
#
interface Vlan-interface40
ipaddress 192.168.40.251 255.255.255.0
vrrpvrid 4 virtual-ip 192.168.40.254
vrrpvrid 4 priority 110
vrrpvrid 4 preempt-mode timer delay 5
vrrpvrid 4 track interface Vlan-interface99 reduced 30
#
interface Vlan-interface50
ipaddress 192.168.50.251 255.255.255.0
vrrpvrid 5 virtual-ip 192.168.50.254
vrrpvrid 5 priority 110
vrrpvrid 5 preempt-mode timer delay 5
vrrpvrid 5 track interface Vlan-interface99 reduced 30
#
interface Vlan-interface99
ipaddress 172.16.98.1 255.255.255.0
#
interface GigabitEthernet1/0/1
#
interface GigabitEthernet1/0/2
#
interface GigabitEthernet1/0/3
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
interface GigabitEthernet1/0/9
#
interface GigabitEthernet1/0/10
#
interface GigabitEthernet1/0/11
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
interface GigabitEthernet1/0/21
#
interface GigabitEthernet1/0/22
portlink-type trunk
porttrunk permit vlan all
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
portaccess vlan 99
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
iproute-static 0.0.0.0 0.0.0.0 172.16.98.2
#
dhcpserver forbidden-ip 192.168.10.250 192.168.10.254
dhcpserver forbidden-ip 192.168.50.250 192.168.50.254
dhcpserver forbidden-ip 192.168.50.1
dhcpserver forbidden-ip 192.168.10.1
dhcpserver forbidden-ip 192.168.50.251
dhcpserver forbidden-ip 192.168.10.251
#
return
[hexin02]
3.3 机房接入交换机配置
<H3C-SW>sySystem View: return to User View withCtrl+Z.
[hexin01]dis cu
#
version 5.20, Release 2202
#
sysname hexin01
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnet server enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
vlan 50
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
interface Vlan-interface99
ipaddress 172.16.99.2 255.255.255.0
#
interface Vlan-interface100
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 50
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 50
#
interface GigabitEthernet1/0/3
port link-type access
port access vlan 50
#
interface GigabitEthernet1/0/4
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/5
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/6
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/7
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/8
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/9
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/10
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/11
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/12
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/13
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/14
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/15
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/16
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/17
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/18
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/19
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/20
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/21
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/22
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
iproute-static 0.0.0.0 0.0.0.0 172.16.99.1
#
dhcpenable
#
user-interface aux 0 8
user-interface vty 0 4
authentication-mode none
userprivilege level 3
setauthentication password simple fhgj
#
return
3.4 办公区接入交换机1
<bangong-1>sySystem View: return to User View withCtrl+Z.
[hexin01]dis cu
#
version 5.20, Release 2202
#
sysname hexin01
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnet server enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
vlan 50
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
interface Vlan-interface99
ipaddress 172.16.99.3 255.255.255.0
#
interface Vlan-interface100
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/3
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/4
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/5
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/6
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/7
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/8
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/9
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/10
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/11
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/12
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/13
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/14
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/15
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/16
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/17
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/18
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/19
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/20
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/21
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/22
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
iproute-static 0.0.0.0 0.0.0.0 172.16.99.1
#
dhcpenable
#
user-interface aux 0 8
user-interface vty 0 4
authentication-mode none
userprivilege level 3
setauthentication password simple fhgj
#
Return
3.5 办公区接入交换机2
<bangong-2>sySystem View: return to User View withCtrl+Z.
[hexin01]dis cu
#
version 5.20, Release 2202
#
sysname hexin01
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnetserver enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
vlan 50
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
interface Vlan-interface99
ipaddress 172.16.99.4 255.255.255.0
#
interface Vlan-interface100
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/3
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/4
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/5
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/6
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/7
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/8
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/9
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/10
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/11
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/12
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/13
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/14
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/15
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/16
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/17
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/18
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/19
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/20
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/21
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/22
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
iproute-static 0.0.0.0 0.0.0.0 172.16.99.1
#
dhcpenable
#
user-interface aux 0 8
user-interface vty 0 4
authentication-mode none
userprivilege level 3
setauthentication password simple fhgj
#
Return
3.6 办公区接入交换机3
<bangong-3>sySystem View: return to User View withCtrl+Z.
[hexin01]dis cu
#
version 5.20, Release 2202
#
sysname hexin01
#
irfmac-address persistent timer
irfauto-update enable
undoirf link-delay
#
domain default enable system
#
telnet server enable
#
undoip ttl-expires
#
vlan 1
#
vlan 10
#
vlan 99 to 100
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-urldisable
#
interface Vlan-interface99
ipaddress 172.16.99.5 255.255.255.0
#
interface Vlan-interface100
#
interface GigabitEthernet1/0/1
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/3
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/4
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/5
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/6
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/7
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/8
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/9
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/10
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/11
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/12
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/13
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/14
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/15
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/16
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/17
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/18
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/19
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/20
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/21
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/22
port link-type access
port access vlan 10
#
interface GigabitEthernet1/0/23
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/24
portlink-type trunk
porttrunk permit vlan 1 to 98 100 to 4094
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 中小型网络项目建设案例[转51CTO]
- 某网络建设、运维及光缆资源管理系统项目申报
- 富琪整装产业园与动点网络成功签约三网合一网站建设项目
- 网络远程教育实施方案交流之(二)——网络教育平台项目的建设
- 某网络建设、运维及资源管理系统项目申报
- 中小型网络项目建设案例
- 大亚湾区“智慧医疗”数据与网络安全异地容灾备份二期建设项目
- 中小型网络项目建设案例
- 中小型网络项目建设案例
- 第三周 【项目2 - 建设“顺序表”算法库】
- ---大志成---------为您提供最有发展前景的网络创业项目--------
- 需求挖掘五步曲,快速建设大数据项目
- Android项目技术总结:网络连接总结
- 项目总结——深入浅出socket网络编程
- 现代软件工程_团队项目_阿尔法阶段_团队建设_第一次会议记录
- UE4_网络项目04
- 项目管理中的团队建设的精华
- 草根程序员转型做项目管理走过的点点滴滴之(十四、五)人团队及2013年团队的建设目标
- 送给有执行力的学员一个很有潜力的网络赚钱项目
- 使用负载均衡技术建设高负载的网络站点