Cisco 4000,6500交换机:
第一次连接交换机,配置终端参数为:
波特率:9600;数据位:8;停止位:1;奇偶校验:无;流控制:无。
连接上后看到:
console>
进入超级用户模式:
console> enable
console>(enable)
在此打入以下命令设置系统:
set system name 6506 #设置系统名称
set password _password #设置telnet密码
set enablepass _password #设置enable(超级用户)密码
set interface sc0 1 10.1.1.253/255.255.255.0 10.1.1.255 #设置本交换机的IP地址
set ip route 0.0.0.0/0.0.0.0 10.1.1.254 #设置默认网关
set ip alias default 0.0.0.0 #设置ip对应的设备名,方便管理
set ip alias 6506 10.1.1.253 #用途如:ping 2620, telnet 3548_2a
set vtp domain _domain # 设置设置VTP域名
set vtp passwd ******** # VTP域密码
set vlan 2 name vlan2 #建立VLAN
set vlan 3 name vlan3
...
set trunk 2/1 on dot1q 1-1005 #设置2/1为运行802.1Q协议的干道,允许vlan 1-1005通过
set trunk 2/2 nonegotiate isl 1-1005 #设置3/4为运行isl协议的干道,允许vlan 1-1005通过
...
set trunk 3/1 on dot1q 1-1005 #设置Port Channel(链路聚合)
set trunk 3/2 on dot1q 1-1005 #Port Channel 各成员要有相同配置
set port channel 3/1-2 mode on #如果是4000交换机,不要将连接L3模块的端口设为Channel,否则无法支持ACL
set vlan 5 2/1 #指定端口2/1到vlan 5
...
set port name 2/1 gg #设置端口名称
...
set mls flow full #设置多层交换流类型
说明: 1.任何命令输入之后立即保存并生效
2.本配置方法仅说明方法,具体参数选择参看最近配置文件
6506> (enable) show config
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default config
.........
................
................
..............
..
begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
#time: Thu Jan 4 2001, 08:27:22
!
#version 5.4(3) #软件版本
!
set password $2$lnsk$mgJ84scE.A51hpr0Zbdfv/ #加密后的telnet密码
set enablepass $2$RFAC$BDgIVKdk3gl1RD4.DaNcu. #加密后的enable密码
!
#system
set system name 6506 #系统名称
!
#!
#vtp
set vtp domain _domain # VTP域名
set vtp passwd _password # VTP域密码
set vlan 1 name default type ethernet mtu 1500 said 100001 state #建立VLAN
set vlan 2 name vlan2 type ethernet mtu 1500 said 100002 state act
set vlan 3 name valn3 type ethernet mtu 1500 said 100003 state acti
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 st
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101
e stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005
p ibm
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 10
ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip
set interface sc0 1 10.1.1.253/255.255.255.0 10.1.1.255 #本交换机的IP地址
set ip route 0.0.0.0/0.0.0.0 10.1.1.254 #默认网关
set ip alias default 0.0.0.0 #设置ip对应的设备名,方便管理
set ip alias 6506 10.1.1.253 #用途如:ping 2620, telnet 3548_2a
set ip alias msfc 10.1.1.254
set ip alias 4912 10.1.1.252
set ip alias 2620 10.1.8.250
...
!
#set boot command
set boot config-register 0x102 #启动寄存器值及启动文件
set boot system flash bootflash:cat6000-sup.5-4-3.bin
!
#mls
set mls flow full #多层交换流类型
!
#security ACLs #访问列表
clear security acl all
#server
set security acl ip server deny ip host 10.1.1.199 host 10.1.1.200
#
commit security acl all
!
# default port status is enable
!
!
#module 1 : 2-port 1000BaseX Supervisor #管理引擎(含2口千兆模块)
!
#module 2 : 8-port 1000BaseX Ethernet #8口千兆交换模块
set vlan 5 2/1 #指定端口2/1到vlan 5
set port name 2/1 gg #设置端口名称
set port name 2/2 cb
set port name 2/3 server1
set port name 2/4 server2
set port name 2/5 3548_2a
set udld enable 2/6-8 #未安装GBIC时激活检测
set trunk 2/1 off dot1q 1-1005 #设置2/1为运行802.1Q协议的干道,允许vlan 1-1005通过
set trunk 2/2 on dot1q 1-1005
set trunk 2/3 on dot1q 1-1005
set trunk 2/4 on dot1q 1-1005
set trunk 2/5 nonegotiate isl 1-1005
!
#module 3 : 8-port 1000BaseX Ethernet #8口千兆交换模块
set port name 3/4 3524_17a
set port name 3/5 3548_9b
set port name 3/6 3548_9a
set port name 3/7 3548_f4a
set port name 3/8 3548_12a
set udld enable 3/1-3
set trunk 3/1 on dot1q 1-1005
set trunk 3/4 nonegotiate isl 1-1005 #设置3/4为运行isl协议的干道,允许vlan 1-1005通过
set trunk 3/5 nonegotiate isl 1-1005
set trunk 3/6 nonegotiate isl 1-1005
set trunk 3/7 nonegotiate isl 1-1005
set trunk 3/8 nonegotiate isl 1-1005
!
#module 4 empty
!
#module 5 empty
!
#module 6 empty
!
#module 15 : 1-port Multilayer Switch Feature Card
set port name 15/1 msfc #路由、多层交换模块
!
#module 16 empty
end
Msfc 配置方法
功能:路由/多层交换/DHCP动态主机配置
进入配置:(通过6506,如过配置了telnet密码,也可直接telnet 10.1.1.254)
6506> (enable) session 15 (MSFC安装在交换引擎内,槽号为15 务份引擎内的MSFC为16)
Trying Router-15...
Connected to Router-15.
Escape character is '^]'.
msfc>enable 进入超级用户状态
Password:
msfc#config term 进入全局配置状态
Enter configuration commands, one per line. End with CNTL/Z.
msfc(config)#
hostname msfc #配置系统名称
enable secret ******** #配置超级用户密码
no ip dhcp conflict logging #不使用dhcp冲突记录
ip dhcp excluded-address 10.1.1.1 10.1.1.9 #不用于动态分配的地址范围
ip dhcp excluded-address 10.1.1.200 10.1.1.254
ip dhcp excluded-address 10.1.2.1 10.1.2.99
ip dhcp excluded-address 10.1.3.1 10.1.3.99
...
ip dhcp pool 1 #一个为动态分配赘的ip pool
network 10.1.1.0 255.255.255.0 #网络地址-不用于动态分配的地址范围=用于动态分配的地址范围
default-router 10.1.1.254 #为客户设定默认网关
netbios-name-server 10.1.8.4 10.1.8.5 #为客户设定主备wins服务器地址
netbios-node-type h-node #为客户设定节点类型
ip dhcp pool 2
network 10.1.2.0 255.255.255.0
default-router 10.1.2.254
netbios-name-server 10.1.2.4 10.1.2.5 #Vlan 2 wins服务器地址
netbios-node-type h-node
ip dhcp-server #启用DHCP 服务
interface Vlan1 #设置VLAN 1路由接口
msfc(config if)# ip address 10.1.1.254 255.255.255.0 #设置IP地址、子网掩码
no shutdown #启用端口
interface Vlan2 #对每个VLAN重复配置过程
ip address 10.1.2.254 255.255.255.0
no shutdown
msfc(config if)# exit
msfc(config)# exit
msfc# write ( 或 copy running-config startup-config ) 保存配置信息
msfc# exit 退出
msfc> exit 退出
msfc#show run
Building configuration...
Current configuration:
!
version 12.1 #软件版本
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname msfc #系统名称
!
boot system flash bootflash:c6msfc2-is-mz.121-2.E #启动文件
enable secret 5 $1$I/jn$OBwjsiHnMzgjKDplUSIeq0 #加密后的enable密码
!
ip subnet-zero
ip cef
no ip dhcp conflict logging #不使用dhcp冲突记录
ip dhcp excluded-address 10.1.1.1 10.1.1.9 #不用于动态分配的地址范围
ip dhcp excluded-address 10.1.1.200 10.1.1
ip dhcp excluded-address 10.1.2.1 10.1.2.99
ip dhcp excluded-address 10.1.3.1 10.1.3.99
ip dhcp excluded-address 10.1.4.1 10.1.4.99
ip dhcp excluded-address 10.1.5.1 10.1.5.99
ip dhcp excluded-address 10.1.6.1 10.1.6.99
ip dhcp excluded-address 10.1.7.1 10.1.7.99
ip dhcp excluded-address 10.1.7.200 10.1.7.2
ip dhcp excluded-address 10.1.6.200 10.1.6.2
ip dhcp excluded-address 10.1.5.200 10.1.5.2
ip dhcp excluded-address 10.1.4.200 10.1.4.2
ip dhcp excluded-address 10.1.3.200 10.1.3.2
ip dhcp excluded-address 10.1.2.200 10.1.2.2
ip dhcp excluded-address 10.1.8.1 10.1.8.99
ip dhcp excluded-address 10.1.8.200 10.1.8.2
!
ip dhcp pool 2 #一个为动态分配赘的ip pool
network 10.1.2.0 255.255.255.0 #网络地址-不用于动态分配的地址范围=用于动态分配的地址范围
default-router 10.1.2.254 #为客户设定默认网关
netbios-name-server 10.1.2.4 10.1.2.5 #为客户设定主备wins服务器地址
netbios-node-type h-node #为客户设定节点类型
!
ip dhcp pool 5
network 10.1.5.0 255.255.255.0
default-router 10.1.5.254
netbios-name-server 10.1.5.4 10.1.5.5
netbios-node-type h-node
!
ip dhcp pool 3
network 10.1.3.0 255.255.255.0
default-router 10.1.3.254
netbios-name-server 10.1.3.4 10.1.3.5
netbios-node-type h-node
!
ip dhcp pool 4
network 10.1.4.0 255.255.255.0
default-router 10.1.4.254
netbios-name-server 10.1.4.4 10.1.4.5
netbios-node-type h-node
!
ip dhcp pool 6
network 10.1.6.0 255.255.255.0
default-router 10.1.6.254
netbios-name-server 10.1.6.4 10.1.6.5
netbios-node-type h-node
!
ip dhcp pool 7
network 10.1.7.0 255.255.255.0
default-router 10.1.7.254
netbios-name-server 10.1.7.4 10.1.7.5
netbios-node-type h-node
!
ip dhcp pool 8
network 10.1.8.0 255.255.255.0
default-router 10.1.8.254
netbios-name-server 10.1.8.4 10.1.8.5
netbios-node-type h-node
!
ip dhcp pool 1
network 10.1.1.0 255.255.255.0
default-router 10.1.1.254
netbios-name-server 10.1.8.4 10.1.8.5
netbios-node-type h-node
!
mls rp ip #全局启用多层交换
!
!
!
interface Vlan1 #设置VLAN 1路由接口
ip address 10.1.1.254 255.255.255.0 #设置IP地址、子网掩码
!
interface Vlan2
!
interface Vlan3
ip address 10.1.3.254 255.255.255.0
!
interface Vlan4
ip address 10.1.4.254 255.255.255.0
!
interface Vlan5
ip address 10.1.5.254 255.255.255.0
!
interface Vlan6
ip address 10.1.6.254 255.255.255.0
!
interface Vlan7
ip address 10.1.7.254 255.255.255.0
!
interface Vlan8
ip address 10.1.8.254 255.255.255.0
!
ip classless
no ip http server
!
!
line con 0
transport input none
line vty 0 4
login #不允许直接telnet登录路由器
!
end
相关文章