园区网配置简谈

 昨天上论坛看到有人发了个图，我看了下这个图基本包涵了na np的交换配置，一时手痒就配置了下，我配的只是简要的，有的细节没有配置大家看时想想要自己应该怎么配？

我们把tftp省略了，其他的照旧

 

电信：interface Loopback0

 ip address 1.1.1.1 255.255.255.0

!

interface Serial0/0

 ip address 172.16.1.1 255.255.255.0

 serial restart-delay 0

 no fair-queue

网通;interface Loopback0

 ip address 2.2.2.2 255.255.255.0

!

interface Serial0/0

 ip address 172.16.2.2 255.255.255.0

 serial restart-delay 0

 no fair-queue

r1；

 

interface Loopback0

 ip address 3.3.3.3 255.255.255.0

!

interface Serial0/0

 ip address 172.16.1.3 255.255.255.0

 

interface Ethernet1/0

 ip address 192.168.1.3 255.255.255.0

 half-duplex

!

interface Ethernet1/1

 ip address 192.168.2.3 255.255.255.0

 half-duplex

!         

interface Ethernet1/2

 ip address 192.168.3.3 255.255.255.0

 

interface Ethernet1/3

 ip address 192.168.4.3 255.255.255.0

 

router ospf 10

 router-id 3.3.3.3

 log-adjacency-changes

 network 3.3.3.3 0.0.0.0 area 0

 network 172.16.1.0 0.0.0.255 area 0

 network 192.168.1.0 0.0.0.255 area 0

 network 192.168.2.0 0.0.0.255 area 0

 network 192.168.3.0 0.0.0.255 area 0

 network 192.168.4.0 0.0.0.255 area 0

 

ip route 0.0.0.0 0.0.0.0 172.16.1.1

ip nat pool NAT 172.16.1.10 172.16.1.80 netmask 255.255.255.0

ip nat pool vlan10 172.16.1.80 172.16.1.100 netmask 255.255.0.0

ip nat pool vlan20 172.16.1.110 172.16.1.120 netmask 255.255.255.0

ip nat inside source list 1 pool NAT

ip nat inside source list 2 pool NAT

ip nat inside source list 3 pool vlan10 overload

ip nat inside source list 4 pool vlan20 overload

access-list 1 permit 192.168.10.0 0.0.0.255

access-list 2 permit 192.168.20.0 0.0.0.255

access-list 3 permit any

access-list 4 permit any

r2;interface Loopback0

 ip address 4.4.4.4 255.255.255.0

!

interface Serial0/0

 ip address 172.16.2.4 255.255.255.0

 

interface Ethernet1/0

 ip address 192.168.1.4 255.255.255.0

 half-duplex

!

interface Ethernet1/1

 ip address 192.168.2.4 255.255.255.0

 half-duplex

!

interface Ethernet1/2

 ip address 192.168.5.4 255.255.255.0

 half-duplex

!

interface Ethernet1/3

 ip address 192.168.6.4 255.255.255.0

 

router ospf 10

 router-id 4.4.4.4

 log-adjacency-changes

 network 4.4.4.4 0.0.0.0 area 0

 network 192.168.1.0 0.0.0.255 area 0

 network 192.168.2.0 0.0.0.255 area 0

 network 192.168.5.0 0.0.0.255 area 0

 network 192.168.6.0 0.0.0.255 area 0

 default-information originate

!

ip http server

ip route 0.0.0.0 0.0.0.0 172.16.2.2

ip route 172.16.0.0 255.255.0.0 172.16.1.1

ip route 172.16.0.0 255.255.0.0 172.16.2.2

!

!

ip nat pool NATT 172.16.2.10 172.16.2.50 netmask 255.255.255.0

ip nat pool vlan20 172.16.2.89 172.16.2.123 netmask 255.255.0.0

ip nat inside source list 1 pool NATT

ip nat inside source list 2 pool NATT

ip nat inside source list 3 pool vlan20 overload

!

access-list 1 permit 192.168.10.0 0.0.0.255

access-list 2 permit 192.168.20.0 0.0.0.255

access-list 3 permit 192.168.6.0 0.0.0.255

access-list 3 permit any

sw1:

 

spanning-tree uplinkfast

spanning-tree backbonefast

spanning-tree vlan 10 priority 8192

spanning-tree vlan 20 priority 16384

spanning-tree vlan 30 priority 8192

spanning-tree vlan 40 priority 16384

 

interface Loopback0

 ip address 5.5.5.5 255.255.255.0

!

interface Port-channel1

 switchport mode trunk

!

interface FastEthernet0/0

 ip address 192.168.3.5 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 192.168.5.5 255.255.255.0

 

interface FastEthernet1/1

 switchport mode trunk

 channel-group 1 mode on

!

interface FastEthernet1/2

 switchport mode trunk

 channel-group 1 mode on

!

interface FastEthernet1/3

 switchport mode trunk

!

interface FastEthernet1/4

 switchport mode trunk

!

interface FastEthernet1/5

 switchport mode trunk

 

interface Vlan10

 ip address 192.168.10.254 255.255.255.0

 standby 11 ip 192.168.10.1

 standby 11 priority 150

 standby 11 preempt

!

interface Vlan20

 ip address 192.168.20.254 255.255.255.0

ip default-gateway  指向汇聚层路由     实行切换 实现高可用性

 standby 12 ip 192.168.20.1

 standby 12 preempt

!

interface Vlan30

 ip address 192.168.30.254 255.255.255.0

 standby 11 ip 192.168.30.1

 standby 11 priority 150

 standby 11 preempt

!

interface Vlan40

 ip address 192.168.40.254 255.255.255.0

 standby 12 ip 192.168.40.1

 standby 12 preempt

 

router ospf 10

 router-id 5.5.5.5

 log-adjacency-changes

 network 5.5.5.5 0.0.0.0 area 1

 network 192.168.3.0 0.0.0.255 area 0

 network 192.168.5.0 0.0.0.255 area 0

 network 192.168.10.0 0.0.0.255 area 1

 network 192.168.20.0 0.0.0.255 area 1

!

ip route 0.0.0.0 0.0.0.0 172.16.1.3

ip route 0.0.0.0 0.0.0.0 3.3.3.3

ip route 0.0.0.0 0.0.0.0 192.168.3.3

ip route 172.16.0.0 255.255.0.0 172.16.1.3

sw2;spanning-tree uplinkfast

spanning-tree backbonefast

spanning-tree vlan 10 priority 16384

spanning-tree vlan 20 priority 8192

spanning-tree vlan 30 priority 16384

spanning-tree vlan 40 priority 8192

 

interface Loopback0

 ip address 6.6.6.6 255.255.255.0

!

interface Port-channel1

 switchport mode trunk

!

interface FastEthernet0/0

 ip address 192.168.4.6 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 192.168.6.6 255.255.255.0

 

interface FastEthernet1/1

 switchport mode trunk

 channel-group 1 mode on

!

interface FastEthernet1/2

 switchport mode trunk

 channel-group 1 mode on

!

interface FastEthernet1/3

 no switchport

 ip address 192.168.7.6 255.255.255.0

!

interface FastEthernet1/4

 switchport mode trunk

!

interface FastEthernet1/5

!

interface FastEthernet1/6

 switchport mode trunk

 

interface Vlan10

 ip address 192.168.10.252 255.255.255.0

 standby 11 ip 192.168.10.1

 standby 11 preempt

!

interface Vlan20

 ip address 192.168.20.252 255.255.255.0

 standby 12 ip 192.168.20.1

 standby 12 priority 150

 standby 12 preempt

!

interface Vlan30

 ip address 192.168.30.252 255.255.255.0

 standby 11 ip 192.168.30.1

 standby 11 preempt

!

interface Vlan40

 ip address 192.168.40.252 255.255.255.0

 standby 12 ip 192.168.40.1

 standby 12 priority 150

 standby 12 preempt

 

router ospf 10

 router-id 6.6.6.6

 log-adjacency-changes

 network 6.6.6.6 0.0.0.0 area 2

 network 192.168.4.0 0.0.0.255 area 0

 network 192.168.6.0 0.0.0.255 area 0

 network 192.168.7.0 0.0.0.255 area 3

 network 192.168.30.0 0.0.0.255 area 2

 network 192.168.40.0 0.0.0.255 area 2

!

ip route 0.0.0.0 0.0.0.0 172.16.2.2

ip route 0.0.0.0 0.0.0.0 192.168.6.4

接入层交换机1：

 

interface FastEthernet1/3

 switchport mode trunk

!

interface FastEthernet1/4

 switchport mode trunk

!

interface FastEthernet1/5

 switchport mode trunk

 

interface FastEthernet1/0

 switchport access vlan 10

 spanning-tree portfast

接入层交换机2：interface FastEthernet1/5

 switchport mode trunk

!

interface FastEthernet1/6

 switchport mode trunk

 

interface FastEthernet1/0

 switchport access vlan 20

 spanning-tree portfast

 

interface FastEthernet1/5

 switchport mode trunk

!

interface FastEthernet1/6

 switchport mode trunk

 

 

 

 

 

 注意：要在路由3 4 5 6注入默认路由否则流量不知道前往那走，

如sw5注入两条默认路由到3   4  在3 4 上做pbr 做流量均衡

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

我直接是show run  复制的，对不起大家了，有空再好好写！

 

Router1 S0/0 <----> Router3 S0/0 

Router2 S0/0 <----> Router4 S0/0 

 

Router3 E1/0 <----> Router4 E1/0 

Router3 E1/1 <----> Router4 E1/1 

 

Router3 E1/2 <----> Router5 F0/0 ip 

Router3 E1/3 <----> Router6 F0/0 

 

Router4 E1/2 <----> Router5 F0/1 ip

Router4 E1/3 <----> Router6 F0/1 

 

Router5 F1/1 <----> Router6 F1/1 

Router5 F1/2 <----> Router6 F1/2 trunk hrsp

 

Router5 F1/3 <----> Router8 F1/3 

Router5 F1/4 <----> Router8 F1/5 

Router5 F1/5 <----> Router9 F1/5 

 

Router6 F1/4 <----> Router8 F1/4 

Router6 F1/6 <----> Router9 F1/6 

 

Router6 F1/3 <----> Router7 F1/3  dhcp

Router8 F1/0 <----> VPCS V0/1 

VPCS V0/2 <----> Router9 F1/0 

 

本文转自q狼的诱惑 51CTO博客，原文链接：http://blog.51cto.com/liangrui/420948，如需转载请自行联系原作者