全部博文(131)
分类: WINDOWS
2009-02-21 18:01:23
STP & VTP交换机配置实例(3.5.5.3.1-1)
步骤一、交换机和PC机的基本配置
步骤二、关闭交换机的所有端口,然后启用接入端口
S1(config)#int range f0/1 - 24
S1(config-if-range)#shutdown
S1(config-if-range)#int range g1/1 - 2
S1(config-if-range)#shutdown
S1(config-if-range)#int f0/6
S1(config-if)#switchport mode access
S1(config-if)#no shut
S1(config-if)#int f0/11
S1(config-if)#switchport mode access
S1(config-if)#no shut
S1(config-if)#int f0/18
S1(config-if)#switchport mode access
S1(config-if)#no shut
(交换机S2、S3配置参考S1)
步骤三、配置中继链路和本征VLAN
S1(config)#int range f0/1 – 4
S1(config-if-range)#switchport mode trunk
S1(config-if-range)#switchport trunk native vlan 99
S1(config-if-range)#no shut
(交换机S2、S3配置参考S1)
步骤四、配置VTP
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
S1(config)#vtp password cisco
Setting device VLAN database password to cisco
S2(config)#vtp mode client
Device mode already VTP CLIENT.
S2(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
S2(config)#vtp password cisco
Setting device VLAN database password to cisco
S3(config)#vtp mode client
Device mode already VTP CLIENT.
S3(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
S3(config)#vtp password cisco
Setting device VLAN database password to cisco
步骤五、在S1(VTP Server)上配置VLAN
S1(config)#vlan 10
S1(config-vlan)#name staff
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#name students
S1(config-vlan)#exit
S1(config)#vlan 30
S1(config-vlan)#name guest
S1(config-vlan)#exit
S1(config)#vlan 99
S1(config-vlan)#name management
S1(config-vlan)#exit
(配置至此,用#sh vlan brief命令查看S2、S3交换机的vlan配置,会看到VTP Server已经将VLAN信息传播至两个交换机)
步骤六、为各个VLAN分配接口
S1(config)#interface range fa0/6 - 10
S1(config-if-range)#switchport access vlan 10
S1(config-if-range)#interface range fa0/11-17
S1(config-if-range)#switchport access vlan 20
S1(config-if-range)#interface range fa0/18-24
S1(config-if-range)#switchport access vlan 30
S1(config-if-range)#exit
(交换机S2、S3配置参考S1)
步骤七、接入层交换机上配置端口安全功能
S1(config)#interface fa0/6
S1(config-if)#switchport port-security
S1(config-if)#switchport port-security maximum 1
S1(config-if)#switchport port-security mac-address sticky
S1(config-if)#interface fa0/11
S1(config-if)#switchport port-security
S1(config-if)#switchport port-security maximum 1
S1(config-if)#switchport port-security mac-address sticky
S1(config-if)#interface fa0/18
S1(config-if)#switchport port-security
S1(config-if)#switchport port-security maximum 1
S1(config-if)#switchport port-security mac-address sticky
S1(config-if)#end
(交换机S2、S3配置参考S1)
步骤八、为各交换机配置管理VLAN地址和默认网关
S1(config)#ip default-gateway 192.168.1.1
S1(config)#interface vlan99
S1(config-if)#ip address 192.168.99.11 255.255.255.0
S1(config-if)#no shutdown
S2(config)#ip default-gateway 192.168.1.1
S2(config)#interface vlan99
S2(config-if)#ip address 192.168.99.12 255.255.255.0
S2(config-if)#no shutdown
S3(config)#ip default-gateway 192.168.1.1
S3(config)#interface vlan99
S3(config-if)#ip address 192.168.99.13 255.255.255.0
S3(config-if)#no shutdown
步骤九、按下列要求配置并改良STP
S1 成为 VLAN 10 的根桥(优先级 4096)、VLAN 20 的备用根桥(优先级 16384)
S2 成为 VLAN 20 的根桥(优先级 4096)、VLAN 30 的备用根桥(优先级 16384)
S3 成为 VLAN 30 的根桥(优先级 4096)、VLAN 10 的备用根桥(优先级 16384)
S1(config)#spanning-tree vlan 10 priority 4096
S1(config)#spanning-tree vlan 20 priority 16384
S2(config)#spanning-tree vlan 20 priority 4096
S2(config)#spanning-tree vlan 30 priority 16384
S3(config)#spanning-tree vlan 30 priority 4096
S3(config)#spanning-tree vlan 10 priority 16384
