网站导航
> 技术文档 > 云计算融合网络部署实例_switchover timeout 4000

云计算融合网络部署实例_switchover timeout 4000

网友: 技术文档 2025-07-30 13:57:42

这是我当年参加的网络比赛的练习题目,我将其分享出来。

模块一:云计算融合网络部署

CII网络公司总部设有研发、市场、供应链、售后等4个部门,统一进行IP地址及业务资源的规划和分配。公司总部及亚太地区的网络拓扑结构如图所示。
其中两台S6000交换机(用S5750-E代替)编号为S4、S5,用于服务器高速接入;两台S5750编号为S2、S3,作为总部的核心交换机;两台RSR20路由器编号为R2、R3,作为总部的核心路由器,一台EG2000(用RSR20代替)编号为EG1,作为总部互联网出口网关1。一台S2910编号为S1,作为总部接入交换机;一台RSR20路由器编号为R1,作为分支机构路由器,一台EG2000(用RSR20代替)编号为EG2,作为分部互联网出口网关2。一台S5750编号为S6作为分部核心交换机,一台S2910编号为S7,作为分部接入交换机。3台AP520编号为AP1,AP2,AP3分别作为总部与分部的无线接入点。
云计算融合网络部署实例_switchover timeout 4000
请根据拓扑图及网络物理连接表完成设备的连线。
设备互联规范主要对各种网络设备的互联进行规范定义,在项目实施中,如用户无特殊要求,应根据规范要求进行各级网络设备的互联,统一现场设备互联界面,结合规范的线缆标签使用,使网络结构清晰明了,方便后续的维护。如下“表1-8 网络物理连接表”。

表1-8网络物理连接表

源设备名称设备接口接口描述目标设备名称设备接口S1Gi0/1Con_To_PC1PC1 S1Gi0/5Con_To_PC2PC2 S1Gi0/21Con_To_AP1AP1 S1Gi0/22Con_To_AP2AP2 S1Gi0/23Con_To_S2_Gi0/1S2Gi0/1S1Gi0/24Con_To_S3_Gi0/1S3Gi0/1S2Gi0/1Con_To_S1_Gi0/23S1Gi0/23S2Gi0/2Con_To_S3_Gi0/2S3Gi0/2S2Gi0/3Con_To_S3_Gi0/3S3Gi0/3S2Gi0/4Con_To_R2_Gi0/0R2Gi0/0S2Gi0/5Con_To_AC1_Gi0/1AC1Gi0/1S3Gi0/1Con_To_S1_Gi0/24S1Gi0/24S3Gi0/2Con_To_S2_Gi0/2S2Gi0/2S3Gi0/3Con_To_S2_Gi0/3S2Gi0/3S3Gi0/4Con_To_R3_Gi0/0R3Gi0/0S3Gi0/5Con_To_AC2_Gi0/1AC2Gi0/1R2FA1/1Con_To_S4_Gi0/1S4Gi0/1R2Gi0/0Con_To_S2_Gi0/4S2Gi0/4R2Gi0/1Con_To_EG1_Gi0/1EG1Gi0/0R2S2/0Con_To_R1_S2/0R1S2/0R2S3/0Con_To_R3_S3/0R3S3/0R3FA1/1Con_To_S5_Gi0/1S5Gi0/1R3Gi0/0Con_To_S3_Gi0/4S3Gi0/4R3Gi0/1Con_To_EG1_Gi0/1EG1Gi0/1R3S2/0Con_To_R1_S3/0R1S3/0R3S3/0Con_To_R2_S3/0R2S3/0S4Gi0/1Con_To_R2_FA1/1R2FA1/1S4Gi0/2Con_To_S5_Gi0/2S5Gi0/2S4Gi0/5Con_To_Cloud_M云平台(主用) S4Gi0/23 S5Gi0/23S4Gi0/24 S5Gi0/24S5Gi0/1Con_To_R3_FA1/1R3FA1/1S5Gi0/2Con_To_S4_Gi0/2S4Gi0/2S5Gi0/5Con_To_Cloud_B云平台(备用) S5Gi0/23 S4Gi0/23S5Gi0/24 S4Gi0/24R1S2/0Con_To_R2_S2/0R2S2/0R1S3/0Con_To_R3_S2/0R3S2/0R1Gi0/0Con_To_S6_Gi0/1S6Gi0/1R1Gi0/1Con_To_EG2_Gi0/0EG2Gi0/0S6Gi0/1Con_To_R1_Gi0/0R1Gi0/0S6Gi0/2Con_To_AP3_Gi0/0AP3Gi0/0S6Gi0/3Con_To_S7_Gi0/24S7Gi0/24S7Gi0/1Con_To_PC3PC3 S7Gi0/24Con_To_S6_Gi0/3S6Gi0/3EG1GI0/1Con_To_R2_Gi0/1R2Gi0/1EG1GI0/2Con_To_R3_Gi0/1R3Gi0/1EG1GI0/3Con_To_EG2_Gi0/3EG2GI0/3EG2GI0/1Con_To_R1_Gi0/1R1Gi0/1EG2GI0/3Con_To_EG1_Gi0/3EG1GI0/3

公司有4个不同业务部门和分部,彼此间需要互联互通,同时也需要对某些业务进行互访限制。另外,各业务对网络可靠性要求较高,要求网络核心区域发生故障时的中断时间尽可能短。还有,网络部署时要考虑到网络的可管理性,并合理利用网络资源。

  1. 虚拟局域网及IPv4地址部署
    为了减少广播,需要规划并配置VLAN。具体要求如下:
    (1)配置合理,Trunk链路上不允许不必要VLAN的数据流通过。
    (2)为节省IP资源,隔离广播风暴、病毒攻击,控制端口二层互访,在分部S6、S7交换机使用Private Vlan。
    (3)为隔离网络中部分终端用户间的二层互访,在交换机S1上使用端口保护。
    (4)根据上述信息及表1-9、表1-10,在各设备上完成VLAN配置和端口分配以及IPv4地址。

表1-9网络设备名称表

拓扑图中设备名称配置主机名(hostname名)S1ZB-S2910-01S2ZB-S5750-01S3ZB-S5750-02S4ZB-VSU-S6000S5ZB-VSU-S6000S6FB-S5750-01S7FB-2910-01R1FB-RSR20-01R2ZB-RSR20-01R3ZB-RSR20-02AC1ZB-WS6008-01AC2ZB-WS6008-02EG1ZB-EG2000-01EG2FB-EG2000-01AP1ZB-AP520-01AP2ZB-AP520-02AP3FB-AP520-01

表1-10 IPv4地址分配表

设备接口或VLANVLAN名称二层或三层规划(XX代表工位号)说明S1VLAN10ResGi0/1至Gi0/4研发VLAN20SalesGi0/5至Gi0/8市场VLAN30SupplyGi0/9至Gi0/12供应链VLAN40ServiceGi0/13至Gi0/16售后VLAN50APGi0/21至Gi0/22无线APVLAN100Manage192.XX.100.4/24设备管理VLANS2VLAN10Res192.XX.10.252/24研发VLAN20Sales192.XX.20.252/24市场VLAN30Supply192.XX.30.252/24供应链VLAN40Service192.XX.40.252/24售后VLAN50AP192.XX.50.252/24无线APVLAN100Manage192.XX.100.252/24设备管理VLANGi0/4 10.XX.0.1/30 Gi0/5 TRUNK互联ACLoopBack 0 11.XX.0.202/32 S3VLAN10Res192.XX.10.253/24研发VLAN20Sales192.XX.20.253/24市场VLAN30Supply192.XX.30.253/24供应链VLAN40Service192.XX.40.253/24售后VLAN50AP192.XX.50.253/24无线APVLAN100Manage192.XX.100.253/24设备管理VLANGi0/4 10.XX.0.5/30 Gi0/5 TRUNK互联ACLoopBack 0 11.XX.0.203/32 AC1LoopBack 0 11.XX.0.204/32 VLAN60Wiressless192.XX.60.252/24无线用户Vlan100Manage192.XX.100.2/24管理与互联VLANAC2LoopBack 0 11.XX.0.205/32 VLAN60Wiressless192.XX.60.253/24无线用户Vlan100Manage192.XX.100.3/24管理与互联VLANS4VLAN100Con_To_Cloud193.XX.0.1/30互联云平台Gi0/1 10.XX.0.9/30 LoopBack 0 11.XX.0.45/32 S5VLAN100Con_To_Cloud193.XX.0.1/30互联云平台(备用)Gi0/1 10.XX.0.13/30 LoopBack 0 11.XX.0.45/32 EG1GI0/2 195.XX.0.1/24与EG2互联GI0/0 10.XX.0.34/30 GI0/1 10.XX.0.38/30 LoopBack 0 11.XX.0.11/32 EG2GI0/2 195.XX.0.2/24与EG1互联GI0/0 10.XX.0.42/30 LoopBack 0 11.XX.0.12/32 R1S2/0 10.XX.0.17/30 S2/1 10.XX.0.21/30 Gi0/0 10.XX.0.25/30 Gi0/1 10.XX.0.41/30 LoopBack 0 11.XX.0.1/32 R2Gi0/0 10.XX.0.2/30 FA1/1(vlan100) 10.XX.0.10/30SVI接口互联Gi0/1 10.XX.0.33/30 S2/0 10.XX.0.18/30 S3/0 10.XX.0.29/30 LoopBack 0 11.XX.0.2/32 R3Gi0/0 10.XX.0.6/30 FA1/1(vlan100) 10.XX.0.14/30SVI接口互联Gi0/1 10.XX.0.37/30 S2/0 10.XX.0.22/30 S3/0 10.XX.0.30/30 LoopBack 0 11.XX.0.3/32 S6Gi0/1 10.XX.0.26/30 VLAN10Pvlan194.XX.10.254/24分部有线用户VLAN20Wireless_user194.XX.20.254/24分部无线用户VLAN30AP194.XX.30.254/24分部无线APVLAN100Manage194.XX.100.254/24设备管理VLANLoopBack 0 11.XX.0.6/32 S7VLAN10Pvlan Primaty vlanVLAN11Community_vlanGi0/1至Gi0/4community vlanVLAN12Isolated_vlanGi0/5至Gi0/8isolated vlanVLAN100Manage194.XX.100.1/24设备管理VLANPC机PC1 自动获取 PC2 192.XX.20.2/24 PC3 194.XX.10.2/24 
  1. MSTP及VRRP部署
    在总部交换机S2、S3上配置MSTP防止二层环路;要求所有数据流经过S2转发,S2失效时经过S3转发。所配置的参数要求如下:
    (1)region-name为ruijie;
    (2)revision版本为1;
    (3)实例值为1;
    (4)S2作为实例中的主根, S3作为实例中的从根。
    (5)在S2和S3上配置VRRP,实现主机的网关冗余。所配置的参数要求如表1-11。

表1-11 S2和S3的VRRP参数表

VLANVRRP备份组号(VRID)VRRP虚拟IPVLAN1010192.xx.10.254VLAN2020192.xx.20.254VLAN3030192.xx.30.254VLAN4040192.xx.40.254VLAN5050192.xx.50.254VLAN100(交换机间)100192.xx.100.254

(6)S2作为所有主机的实际网关,S3作为所有主机的备份网关;其中各VRRP组中高优先级设置为150,低优先级设置为120。

  1. DHCP中继与安全
    在交换机S2、S3上配置DHCP中继,对VLAN10以内的用户进行中继,使得总部PC1用户使用DHCP Relay方式获取IP地址。具体要求如下:
    (1)DHCP服务器搭建于R2上;
    (2)为了防止DHCP服务器欺骗及用户私设静态IP地址,在S1交换机部署DHCP Snooping功能。

  2. 网络设备虚拟化
    两台核心交换机通过VSU虚拟化为一台设备进行管理,从而实现高可靠性。当任意交换机或板卡故障时,都能保障能够实现设备、链路切换,保护客户业务。
    (1)规划S4和S5间的Gi0/23-24端口作为VSL链路,使用VSU技术实现网络设备虚拟化。其中S4为主,S5为备;
    (2)规划S4和S5间的Gi0/2端口作为双主机检测链路,配置基于BFD的双主机检,当VSL的所有物理链路都异常断开时,备机会切换成主机,从而保障网络正常;
    (3)主设备:Domain id:1,switch id:1,priority 200, description:S2910-24GT4XS-E-1;
    (4)备设备:Domain id:1,switch id:2,priority 150, description:S2910-24GT4XS-E-2。

  3. 路由协议部署
    因历史原因,总部使用静态路由、OSPF多协议组网。其中S2、S3、S4、S5、R2、R3使用OSPF协议,R2、R3与总部出口网关及分部R1间使用静态路由协议,分部使用静态路由协议。要求网络具有安全性、稳定性。具体要求如下:
    (1)OSPF进程号为10,规划多区域0(S2、S3、R2、R3)、区域1(S4、S5、R2、R3);
    (2)R2、R3互联链路规划入区域0;
    (3)要求业务网段中不出现协议报文;
    (4)要求所有路由协议都发布具体网段;
    (5)为了管理方便,需要发布Loopback地址;
    (6)优化OSPF相关配置,以尽量加快OSPF收敛;
    (7)重发布路由进OSPF中使用类型1;
    (8)采用浮动静态路由,主静态路由优先级为10,备份静态路由优先级为100。
    注意:(S4/S5需要重发布云平台(172.16.0.0/22)静态路由至总部内网)。

  4. 广域网链路配置与安全部署
    总部路由器与分部路由器间属于广域网链路,其中R1-R2间所租用线路带宽为2M,R1-R3间所租用线路带宽为1M。R2-R3间线路带宽为2M。总部路由器与分部路由器间属于广域网链路。需要使用PPP进行安全保护。PPP的具体要求如下:
    (1)使用CHAP协议;
    (2)单向认证,用户名+验证口令方式,R1为认证客户端,R2、R3为认证服务端;
    (3)用户名和密码均为ruijie。

  5. 路由选路部署
    考虑到从分部到总部有两条广域网线路,且其带宽不一样。所以规划R1-R2间为主线路,R1-R3间为备线路。另外总部局域网到互联网数据,经规划R2-EG1为主线路,R3-EG1为备线路。根据以上需求,在路由器上进行合理的路由协议配置。具体要求如下:
    (1)修改链路或接口开销COST值,且其值必须为5或10;
    (2)总部用户区与互联网互通主路径规划为:S1-S2-R2-EG1;
    (3)总部与分部互通主路径为:S1-S2-R2-R1或(S4/S5)-R2-R1;
    (4)主链路故障可无缝切换到备用链路上;
    (5)要求来回数据流一致。

  6. PBR配置与部署
    考虑到分部到总部间有2条广域网线路,为合理利用带宽,规划从分部去往总部的SSH数据通过R1-R2的线路转发,从分部去往总部的WEB数据通过R1-R3的线路转发。为达到上述目的,采用PBR来实现。具体要求如下:
    (1)Route-map策略名为fenliu;
    (2)分部去往总部的SSH数据由ACL101来定义;
    (3)分部去往总部的WEB数据由ACL102来定义。

  7. QoS部署
    为了防止大量用户不断突发的数据导致网络拥挤,必须对接入的用户流量加以限制。所配置的参数要求如下
    (1)总部设备S1的Gi0/1至Gi0/16接口处方向设置接口限速,限速10M/S;
    (2)分部设备R1做流量整形,G0/0接口对接收的报文进行流量控制,下行报文流量不能超过1Mbps,如果超过流量限制则将违规报文丢弃。

模块二:移动互联网络组建与优化

为满足“互联网+”时代下,员工移动办公的发展趋势,公司总部与分部均需要规划和部署移动互联无线网络,同时为保证无线用户安全、可靠的访问互联网,我们需要进行无线网络安全及性能优化配置,确保员工有良好的上网体验。

  1. 无线网络基础部署
    (1)使用AC为总部无线用户DHCP 服务器,使用(S2/S3)为总部AP的DHCP 服务器,S2分配地址范围为其网段的1至100,S3分配地址为其网段的101至200。使用S6为分部无线用户与AP DHCP服务器,为其终端自动分配地址;
    (2)创建总部 SSID 为 Ruijie-ZB_XX(XX代表工位号),AP-Group为ZB,总部无线用户关联SSID后可自动获取地址;
    (3)创建分部 SSID 为 Ruijie-FB_XX(XX代表工位号),AP-Group为FB,分部无线用户关联SSID后可自动获取地址;
    (4)调整信道使得总部AP间信道不冲突。
  2. AC热备部署
    AC1为主用,AC2为备用。AP与AC1、AC2均建立隧道,当AP与AC1失去连接时能无缝切换至AC2并提供服务。
  3. 无线安全部署
    具体配置参数如下:
    (1)无线用户接入无线网络时需要采用基于 WPA2 加密方式,其口令为 XXX(现场提供);
    (2)为避免无线网络被非法用户通过SSID搜索到,并建立非法连接,需要禁用AP广播SSID,隐藏无线SSID;
    (3)为了防御无线局域网ARP欺骗影响用户上网体验,配置无线环境ARP欺骗防御功能。
  4. 无线性能优化
    (1)关闭低速率(1M,6M)应用接入;
    (2)设备总部无线用户启用集中转发模式,各分公司无线用户启用本地转发模式。

模块三:网络空间安全部署

公司总部与分部无线用户需要通过独立的互联网线路访问外网资源,同时针对访问资源进行用户身份认证与信息审计监督,另外满足出差在外的员工可以访问总部内部服务器资源,需针对出口用户提供远程VPN功能。

  1. 出口NAT部署
    具体配置参数如下:
    (1)总部与分部出口网关上配置访问控制列表ACL 110,仅允许无线用户与研发部门在周一到周五的上班时间通过NAPT访问互联网,NAPT映射到互联网接口上;
    (2)在总部EG上配置,使公司总部核心交换R2(11.XX.0.2)(XX代表工位号)设备的SSH服务可以通过互联网被访问,从互联网访问的地址是195.XX.0.20(XX代表工位号)。
  2. VPN部署
    分部R1至R2、R3两条专线均发生故障时确保分部可正常访问总部服务器区,要求在总部与分部EG上启用IPSEC VPN建立IPSEC隧道,实现总部与分部有线用户数据互通及加密处理。VPN需要采用隧道模式、预共享密码为 123456,加密认证方式为 ESP-DES、ESP-HASH-MD5 ,DH使用组1,与此同时总部关闭WEB认证功能。
  3. 设备与网络管理部署
    (1)为路由器开启SSH服务端功能,用户名和密码为admin,密码为明文类型;
    (2)为交换机开启Telnet功能,对所有Telnet用户采用本地认证的方式。创建本地用户,设定用户名和密码为admin,密码为明文类型。

具体部署实施

方法:同时在每台设备上使用show running-config命令,查看对应设备的配置信息。

S1

hostname S1redundancy auto-sync time-period 3600 auto-sync standard switchover timeout 4000vlan 1vlan 10vlan 20vlan 30vlan 40vlan 50vlan 100username admin password adminno service password-encryptionip dhcp snoopingspanning-tree mst configuration revision 1 name ruijie instance 0 vlan 1-9, 11-19, 21-29, 31-39, 41-49, 51-99, 101-4094 instance 1 vlan 10, 20, 30, 40, 50, 100spanning-treeinterface GigabitEthernet 0/1 switchport access vlan 10 ip verify source port-security arp-check rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/2 switchport access vlan 10 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/3 switchport access vlan 10 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/4 switchport access vlan 10 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/5 switchport access vlan 20 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/6 switchport access vlan 20 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/7 switchport access vlan 20 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/8 switchport access vlan 20 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/9 switchport access vlan 30 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/10 switchport access vlan 30 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/11 switchport access vlan 30 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/12 switchport access vlan 30 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/13 switchport access vlan 40 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/14 switchport access vlan 40 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/15 switchport access vlan 40 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/16 switchport access vlan 40 rate-limit input 10000 1024 rate-limit output 10000 1024interface GigabitEthernet 0/17interface GigabitEthernet 0/18interface GigabitEthernet 0/19interface GigabitEthernet 0/20interface GigabitEthernet 0/21 switchport access vlan 50interface GigabitEthernet 0/22 switchport access vlan 50interface GigabitEthernet 0/23 switchport mode trunk ip dhcp snooping trustinterface GigabitEthernet 0/24 switchport mode trunk ip dhcp snooping trustinterface VLAN 100 no ip proxy-arp ip address 192.26.100.4 255.255.255.0 line con 0line vty 0 4 login localend

S2

hostname S2 redundancy auto-sync time-period 3600 auto-sync standard switchover timeout 4000vlan 1 vlan 10 vlan 20 vlan 30 vlan 40 vlan 50 vlan 100 username admin password adminno service password-encryptionservice dhcpip helper-address 10.168.0.2 ip dhcp excluded-address 192.168.50.101 192.168.50.254ip dhcp pool appool option 138 ip 11.168.0.204 network 192.168.50.0 255.255.255.0 default-router 192.168.50.254 spanning-tree mst configuration revision 1 name ruijie instance 0 vlan 1-9, 11-19, 21-29, 31-39, 41-49, 51-99, 101-4094 instance 1 vlan 10, 20, 30, 40, 50, 100spanning-tree mst 1 priority 4096spanning-treeinterface GigabitEthernet 0/1 switchport mode trunk interface GigabitEthernet 0/2 port-group 1 interface GigabitEthernet 0/3 port-group 1 interface GigabitEthernet 0/4 no switchport ip ospf network point-to-pointip ospf cost 5 no ip proxy-arp ip address 10.168.0.1 255.255.255.252 interface GigabitEthernet 0/5 switchport mode trunk interface GigabitEthernet 0/6 interface GigabitEthernet 0/7 interface GigabitEthernet 0/8 interface GigabitEthernet 0/9 interface GigabitEthernet 0/10 interface GigabitEthernet 0/11 interface GigabitEthernet 0/12 interface GigabitEthernet 0/13 interface GigabitEthernet 0/14 interface GigabitEthernet 0/15 interface GigabitEthernet 0/16 interface GigabitEthernet 0/17 interface GigabitEthernet 0/18 interface GigabitEthernet 0/19 interface GigabitEthernet 0/20 interface GigabitEthernet 0/21 interface GigabitEthernet 0/22 interface GigabitEthernet 0/23 interface GigabitEthernet 0/24 interface AggregatePort 1 switchport mode trunk interface Loopback 0 ip address 11.168.0.202 255.255.255.255 interface VLAN 10 no ip proxy-arp ip address 192.168.10.252 255.255.255.0 vrrp 10 priority 150 vrrp 10 ip 192.168.10.254 interface VLAN 20 no ip proxy-arp ip address 192.168.20.252 255.255.255.0 vrrp 20 priority 150 vrrp 20 ip 192.168.20.254 interface VLAN 30 no ip proxy-arp ip address 192.168.30.252 255.255.255.0 vrrp 30 priority 150 vrrp 30 ip 192.168.30.254 interface VLAN 40 no ip proxy-arp ip address 192.168.40.252 255.255.255.0 vrrp 40 priority 150 vrrp 40 ip 192.168.40.254 interface VLAN 50 no ip proxy-arp ip address 192.168.50.252 255.255.255.0 vrrp 50 priority 150 vrrp 50 ip 192.168.50.254 interface VLAN 100 no ip proxy-arp ip address 192.168.100.252 255.255.255.0 vrrp 100 priority 150 vrrp 100 ip 192.168.100.254 router ospf 10 passive-interface VLAN 10 passive-interface VLAN 20 passive-interface VLAN 30 passive-interface VLAN 40 passive-interface VLAN 50 passive-interface VLAN 100 network 10.168.0.0 0.0.0.3 area 0 network 11.168.0.202 0.0.0.0 area 0 network 192.168.10.0 0.0.0.255 area 0 network 192.168.20.0 0.0.0.255 area 0 network 192.168.30.0 0.0.0.255 area 0 network 192.168.40.0 0.0.0.255 area 0 network 192.168.50.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0 ip route 10.168.0.16 255.255.255.252 10.168.0.2ip route 10.168.0.36 255.255.255.252 10.168.0.2ip route 11.168.0.204 255.255.255.255 192.168.100.2ip route 11.168.0.205 255.255.255.255 192.168.100.253ip route 194.168.30.0 255.255.255.0 10.168.0.2 line con 0line vty 0 4 login local end

S3

hostname S3 redundancy auto-sync time-period 3600 auto-sync standard switchover timeout 4000 vlan 1 vlan 10 name Res vlan 20 name Sales vlan 30 name Supply vlan 40 name Service vlan 50 name Ap vlan 100 name Manage no service password-encryptionservice dhcpip helper-address 10.168.0.2 ip dhcp excluded-address 192.168.50.1 ip dhcp excluded-address 192.168.50.1 192.168.50.100ip dhcp excluded-address 192.168.50.201 192.168.50.255 ip dhcp pool S3 option 138 ip 11.168.0.204 network 192.168.50.0 255.255.255.0 default-router 192.168.50.254 spanning-tree mst configuration revision 1 name ruijie instance 0 vlan 1-9, 11-19, 21-29, 31-39, 41-49, 51-99, 101-4094 instance 1 vlan 10, 20, 30, 40, 50, 100spanning-tree mst 1 priority 8192spanning-treeinterface GigabitEthernet 0/1 switchport mode trunk interface GigabitEthernet 0/2 port-group 1 interface GigabitEthernet 0/3 port-group 1 interface GigabitEthernet 0/4no switchip ospf network point-to-pointip ospf cost 10no ip proxy-arpip address 10.168.0.5 255.255.255.252interface GigabitEthernet 0/5 switchport mode trunk interface GigabitEthernet 0/6 interface GigabitEthernet 0/7 interface GigabitEthernet 0/8 interface GigabitEthernet 0/9 interface GigabitEthernet 0/10 interface GigabitEthernet 0/11 interface GigabitEthernet 0/12 interface GigabitEthernet 0/13 interface GigabitEthernet 0/14 interface GigabitEthernet 0/15 interface GigabitEthernet 0/16 interface GigabitEthernet 0/17 interface GigabitEthernet 0/18 interface GigabitEthernet 0/19 interface GigabitEthernet 0/20 interface GigabitEthernet 0/21 interface GigabitEthernet 0/22 interface GigabitEthernet 0/23 interface GigabitEthernet 0/24 interface AggregatePort 1 switchport mode trunk interface Loopback 0 ip address 11.168.0.203 255.255.255.255 interface VLAN 10 no ip proxy-arp ip address 192.168.10.253 255.255.255.0 vrrp 10 priority 120 vrrp 10 ip 192.168.10.254 interface VLAN 20 no ip proxy-arp ip address 192.168.20.253 255.255.255.0 vrrp 20 priority 120 vrrp 20 ip 192.168.20.254 interface VLAN 30 no ip proxy-arp ip address 192.168.30.253 255.255.255.0 vrrp 30 priority 120 vrrp 30 ip 192.168.30.254 interface VLAN 40 no ip proxy-arp ip address 192.168.40.253 255.255.255.0 vrrp 40 priority 120 vrrp 40 ip 192.168.40.254 interface VLAN 50 no ip proxy-arp ip address 192.168.50.253 255.255.255.0 vrrp 50 priority 120 vrrp 50 ip 192.168.50.254 interface VLAN 100 no ip proxy-arp ip address 192.168.100.253 255.255.255.0 vrrp 100 priority 120 vrrp 100 ip 192.168.100.254 router ospf 10 passive-interface VLAN 10 passive-interface VLAN 20 passive-interface VLAN 30 passive-interface VLAN 40 passive-interface VLAN 50 passive-interface VLAN 100 network 10.128.0.4 0.0.0.3 area 0 network 11.128.0.203 0.0.0.0 area 0 network 192.168.10.0 0.0.0.255 area 0 network 192.168.20.0 0.0.0.255 area 0 network 192.168.30.0 0.0.0.255 area 0 network 192.168.40.0 0.0.0.255 area 0 network 192.168.50.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0 ip route 11.168.0.204 255.255.255.255 192.168.100.252 line con 0line vty 0 4 login end

S4/S5(做的堆叠,两台当一台用)

hostname VSU redundancy auto-sync time-period 3600 auto-sync standard switchover timeout 4000 vlan 1 vlan 100 no service password-encryption interface GigabitEthernet 1/0/1 no switchport ip ospf network point-to-point no ip proxy-arp ip address 10.168.0.9 255.255.255.252 interface GigabitEthernet 1/0/2 no switchport no ip proxy-arp no lldp enable interface GigabitEthernet 1/0/3 interface GigabitEthernet 1/0/4 interface GigabitEthernet 1/0/5 interface GigabitEthernet 1/0/6 interface GigabitEthernet 1/0/7 interface GigabitEthernet 1/0/8 interface GigabitEthernet 1/0/9 interface GigabitEthernet 1/0/10 interface GigabitEthernet 1/0/11 interface GigabitEthernet 1/0/12 interface GigabitEthernet 1/0/13 interface GigabitEthernet 1/0/14 interface GigabitEthernet 1/0/15 interface GigabitEthernet 1/0/16 interface GigabitEthernet 1/0/17 interface GigabitEthernet 1/0/18 interface GigabitEthernet 1/0/19 interface GigabitEthernet 1/0/20 interface GigabitEthernet 1/0/21 interface GigabitEthernet 1/0/22 interface GigabitEthernet 1/0/23 interface GigabitEthernet 1/0/24 interface GigabitEthernet 2/0/1 no switchport ip ospf network point-to-point no ip proxy-arp ip address 10.168.0.13 255.255.255.252 interface GigabitEthernet 2/0/2 no switchport no ip proxy-arp no lldp enable interface GigabitEthernet 2/0/3 interface GigabitEthernet 2/0/4 interface GigabitEthernet 2/0/5 interface GigabitEthernet 2/0/6 interface GigabitEthernet 2/0/7 interface GigabitEthernet 2/0/8 interface GigabitEthernet 2/0/9 interface GigabitEthernet 2/0/10 interface GigabitEthernet 2/0/11 interface GigabitEthernet 2/0/12 interface GigabitEthernet 2/0/13 interface GigabitEthernet 2/0/14 interface GigabitEthernet 2/0/15 interface GigabitEthernet 2/0/16 interface GigabitEthernet 2/0/17 interface GigabitEthernet 2/0/18 interface GigabitEthernet 2/0/19 interface GigabitEthernet 2/0/20 interface GigabitEthernet 2/0/21 interface GigabitEthernet 2/0/22 interface GigabitEthernet 2/0/23 interface GigabitEthernet 2/0/24 interface Loopback 0 ip address 11.168.0.45 255.255.255.255 interface Loopback 1 ip address 172.16.0.1 255.255.252.0 interface VLAN 100 no ip proxy-arp ip address 193.168.0.1 255.255.255.252 switch virtual domain 1 dual-active detection bfd dual-active bfd interface GigabitEthernet 1/0/2 dual-active bfd interface GigabitEthernet 2/0/2router ospf 10 network 10.168.0.8 0.0.0.3 area 1 network 10.168.0.12 0.0.0.3 area 1 network 11.168.0.45 0.0.0.0 area 1 ip route 10.168.0.16 255.255.255.252 10.168.0.10ip route 10.168.0.20 255.255.255.252 10.168.0.14 line con 0line vty 0 4 login end

S6

hostname S6 redundancy auto-sync time-period 3600 auto-sync standard switchover timeout 4000 diagnostic bootup level bypassvlan 1 vlan 10 name Pvlan private-vlan primary private-vlan association add 11-12 vlan 11 private-vlan community vlan 12 private-vlan isolated vlan 20 name Wirelessuser vlan 30 name AP vlan 100 name Manageusername admin password adminno service password-encryptionservice dhcp ip dhcp pool client network 194.168.20.0 255.255.255.0 default-router 194.168.20.254 ip dhcp pool Wireless option 138 ip 11.26.0.204 network 194.168.30.0 255.255.255.0 default-router 194.168.30.254 interface GigabitEthernet 0/1 no switchport no ip proxy-arp ip address 10.168.0.26 255.255.255.252 interface GigabitEthernet 0/2 switchport mode trunk switchport trunk native vlan 30 interface GigabitEthernet 0/3 switchport mode trunk interface GigabitEthernet 0/4 interface GigabitEthernet 0/5 interface GigabitEthernet 0/6 interface GigabitEthernet 0/7 interface GigabitEthernet 0/8 interface GigabitEthernet 0/9 interface GigabitEthernet 0/10 interface GigabitEthernet 0/11 interface GigabitEthernet 0/12 interface GigabitEthernet 0/13 interface GigabitEthernet 0/14 interface GigabitEthernet 0/15 interface GigabitEthernet 0/16 interface GigabitEthernet 0/17 interface GigabitEthernet 0/18 interface GigabitEthernet 0/19 interface GigabitEthernet 0/20 interface GigabitEthernet 0/21 interface GigabitEthernet 0/22 interface GigabitEthernet 0/23 switchport mode trunk interface GigabitEthernet 0/24 interface Loopback 0 ip address 11.168.0.6 255.255.255.255 interface VLAN 10 no ip proxy-arp ip address 194.168.10.254 255.255.255.0 private-vlan mapping add 11-12 interface VLAN 20 no ip proxy-arp ip address 194.168.20.254 255.255.255.0 interface VLAN 30 no ip proxy-arp ip address 194.168.30.254 255.255.255.0 interface VLAN 100 no ip proxy-arp ip address 194.168.100.254 255.255.255.0 ip route 0.0.0.0 0.0.0.0 10.168.0.25 line con 0line vty 0 4 login local end

R1

hostname R1webmaster level 0 username admin password 7 04361c0b370d diffserv domain default no cwmproute-map fenliu permit 10 match ip address 101 set ip next-hop 10.168.0.18 route-map fenliu permit 20 match ip address 102 set ip next-hop 10.168.0.22 route-map fenliu permit 30 vlan 1 username admin password adminno service password-encryption control-plane control-plane protocol acpp bw-rate 1250 bw-burst-rate 2500 control-plane manage port-filter arp-car 5 acpp bw-rate 1250 bw-burst-rate 2500 control-plane data glean-car 5 acpp bw-rate 1250 bw-burst-rate 2500 web-auth mac-check enable enable service ssh-serverenable service web-server httpenable service web-server https interface Serial 2/0 encapsulation PPP ppp chap hostname ruijie ppp chap password ruijie ip address 10.168.0.17 255.255.255.252 clock rate 64000 interface Serial 2/1 encapsulation PPP ppp chap hostname ruijie ppp chap password ruijie ip address 10.168.0.21 255.255.255.252 interface GigabitEthernet 0/0 ip address 10.168.0.25 255.255.255.252 duplex auto speed auto interface GigabitEthernet 0/1 ip address 10.168.0.41 255.255.255.252 duplex auto speed auto interface GigabitEthernet 0/2 duplex auto speed auto interface GigabitEthernet 0/3 duplex auto speed auto interface GigabitEthernet 1/0 interface GigabitEthernet 1/1 interface GigabitEthernet 1/2 interface GigabitEthernet 1/3 interface GigabitEthernet 1/4 interface GigabitEthernet 1/5 interface GigabitEthernet 1/6 interface GigabitEthernet 1/7 interface GigabitEthernet 1/8 interface GigabitEthernet 1/9 interface GigabitEthernet 1/10 interface GigabitEthernet 1/11 interface GigabitEthernet 1/12 interface GigabitEthernet 1/13 interface GigabitEthernet 1/14 interface GigabitEthernet 1/15 interface GigabitEthernet 1/16 interface GigabitEthernet 1/17 interface GigabitEthernet 1/18 interface GigabitEthernet 1/19 interface GigabitEthernet 1/20 interface GigabitEthernet 1/21 interface GigabitEthernet 1/22 interface GigabitEthernet 1/23 interface Loopback 0 ip address 11.168.0.1 255.255.255.255 interface VLAN 1 ip address 192.168.1.1 255.255.255.0ip route 10.168.0.0 255.255.255.252 10.168.0.18ip route 10.168.0.4 255.255.255.252 10.168.0.18ip route 11.168.0.204 255.255.255.255 10.168.0.18 10ip route 11.168.0.204 255.255.255.255 10.168.0.22 100ip route 11.168.0.205 255.255.255.255 10.168.0.18 10ip route 11.168.0.205 255.255.255.255 10.168.0.22 100ip route 172.16.0.0 255.255.252.0 10.168.0.18 10ip route 172.16.0.0 255.255.252.0 10.168.0.22 100ip route 192.168.10.0 255.255.255.0 10.168.0.18 10ip route 192.168.10.0 255.255.255.0 10.168.0.22 100ip route 192.168.20.0 255.255.255.0 10.168.0.18 10ip route 192.168.20.0 255.255.255.0 10.168.0.22 100ip route 192.168.30.0 255.255.255.0 10.168.0.18 10ip route 192.168.30.0 255.255.255.0 10.168.0.22 100ip route 192.168.40.0 255.255.255.0 10.168.0.18 10ip route 192.168.40.0 255.255.255.0 10.168.0.22 100ip route 192.168.60.0 255.255.255.0 10.168.0.18 10ip route 192.168.60.0 255.255.255.0 10.168.0.22 100ip route 193.168.0.0 255.255.255.252 10.168.0.18 10ip route 193.168.0.0 255.255.255.252 10.168.0.22 100ip route 194.168.0.0 255.255.0.0 10.168.0.26ip route 194.168.10.0 255.255.255.0 10.168.0.26ip route 195.168.0.0 255.255.255.0 10.168.0.42 ref parameter 75 100line con 0line vty 0 4 transport input ssh login local end

R2

hostname R2webmaster level 0 username admin password 7 073f07221c1cvlan 1 vlan 100 username admin password adminusername ruijie password ruijieno service password-encryptionservice dhcp ip dhcp pool vlan10 network 192.168.10.0 255.255.255.0 default-router 192.168.10.254 control-plane control-plane protocol no acpp control-plane manage no port-filter no arp-car no acpp control-plane data no glean-car no acpp enable service ssh-serverenable service web-server httpenable service web-server httpsinterface Serial 2/0 encapsulation PPP ppp authentication chap ip address 10.168.0.18 255.255.255.252 interface Serial 3/0 encapsulation PPP ip ospf network point-to-point ip address 10.168.0.29 255.255.255.252 interface FastEthernet 1/0 interface FastEthernet 1/1 switchport access vlan 100 interface FastEthernet 1/2 interface FastEthernet 1/3 interface FastEthernet 1/4 interface FastEthernet 1/5 interface FastEthernet 1/6 interface FastEthernet 1/7 interface FastEthernet 1/8 interface FastEthernet 1/9 interface FastEthernet 1/10 interface FastEthernet 1/11 interface FastEthernet 1/12 interface FastEthernet 1/13 interface FastEthernet 1/14 interface FastEthernet 1/15 interface FastEthernet 1/16 interface FastEthernet 1/17 interface FastEthernet 1/18 interface FastEthernet 1/19 interface FastEthernet 1/20 interface FastEthernet 1/21 interface FastEthernet 1/22 interface FastEthernet 1/23 interface GigabitEthernet 0/0 ip ospf network point-to-point ip ospf cost 5 ip address 10.168.0.2 255.255.255.252 duplex auto speed auto interface GigabitEthernet 0/1 ip address 10.168.0.33 255.255.255.252 duplex auto speed auto interface Loopback 0 ip address 11.168.0.2 255.255.255.255 interface VLAN 100 ip address 10.168.0.10 255.255.255.252router ospf 10 redistribute static metric-type 1 subnets network 10.168.0.0 0.0.0.3 area 0 network 10.168.0.8 0.0.0.3 area 1 network 10.168.0.28 0.0.0.3 area 0 network 11.168.0.2 0.0.0.0 area 0 ip route 10.168.0.24 255.255.255.252 10.168.0.17ip route 11.168.0.1 255.255.255.255 10.168.0.17ip route 11.168.0.204 255.255.255.255 10.168.0.1ip route 11.168.0.205 255.255.255.255 10.168.0.1ip route 172.16.0.0 255.255.252.0 10.168.0.9ip route 194.168.10.0 255.255.255.0 10.168.0.34ip route 194.168.30.0 255.255.255.0 10.168.0.17ip route 195.168.0.0 255.255.255.0 10.168.0.34ref parameter 75 140line con 0line aux 0line vty 0 4 transport input ssh login local end

R3

hostname R3vlan 1 vlan 100 username admin password adminusername ruijie password ruijieno service password-encryptioncontrol-plane control-plane protocol no acpp control-plane manage no port-filter no arp-car no acpp control-plane data no glean-car no acpp enable service ssh-serverenable service web-server httpenable service web-server httpsinterface Serial 2/0 encapsulation PPP ppp authentication chap ip address 10.168.0.22 255.255.255.252 clock rate 64000 interface Serial 3/0 encapsulation PPP ip ospf network point-to-point ip address 10.168.0.30 255.255.255.252 clock rate 64000 interface FastEthernet 1/0 interface FastEthernet 1/1 switchport access vlan 100 interface FastEthernet 1/2 interface FastEthernet 1/3 interface FastEthernet 1/4 interface FastEthernet 1/5 interface FastEthernet 1/6 interface FastEthernet 1/7 interface FastEthernet 1/8 interface FastEthernet 1/9 interface FastEthernet 1/10 interface FastEthernet 1/11 interface FastEthernet 1/12 interface FastEthernet 1/13 interface FastEthernet 1/14 interface FastEthernet 1/15 interface FastEthernet 1/16 interface FastEthernet 1/17 interface FastEthernet 1/18 interface FastEthernet 1/19 interface FastEthernet 1/20 interface FastEthernet 1/21 interface FastEthernet 1/22 interface FastEthernet 1/23 interface GigabitEthernet 0/0 ip ospf network point-to-point ip ospf cost 10 ip address 10.168.0.6 255.255.255.252 duplex auto speed auto interface GigabitEthernet 0/1 ip address 10.168.0.37 255.255.255.252 duplex auto speed auto interface Loopback 0 ip address 11.168.0.3 255.255.255.255 interface VLAN 100 ip address 10.168.0.14 255.255.255.252router ospf 10 redistribute static metric-type 1 subnets network 10.168.0.4 0.0.0.3 area 0 network 10.168.0.12 0.0.0.3 area 1 network 10.168.0.28 0.0.0.3 area 0 network 11.168.0.3 0.0.0.0 area 0ip route 10.168.0.24 255.255.255.252 10.168.0.17ip route 10.168.0.24 255.255.255.252 10.168.0.21ip route 11.168.0.1 255.255.255.255 10.168.0.21ip route 11.168.0.204 255.255.255.255 10.168.0.5ip route 11.168.0.205 255.255.255.255 10.168.0.5ip route 172.16.0.0 255.255.252.0 10.168.0.13ip route 194.168.10.0 255.255.255.0 10.168.0.38ip route 194.168.30.0 255.255.255.0 10.168.0.21ip route 195.168.0.0 255.255.255.0 10.168.0.38ref parameter 75 140line con 0line aux 0line vty 0 4 transport input ssh login localend

AC1

hostname AC1 wlan-config 1 Ruijie-ZB_176 ssid-code utf-8 no enable-broad-ssid wlan-config 2 Ruijie-FB_176 ssid-code utf-8 no enable-broad-ssid tunnel local ap-group FB interface-mapping 2 20 ap-wlan-id 1 ap-group ZB interface-mapping 1 60 ap-wlan-id 1 ap-group default ap-config all ac-controller country CN 802.11g network rate 1 disabled 802.11g network rate 2 disabled 802.11g network rate 5 disabled 802.11g network rate 6 disabled 802.11g network rate 9 supported 802.11g network rate 11 mandatory 802.11g network rate 12 supported 802.11g network rate 18 supported 802.11g network rate 24 supported 802.11g network rate 36 supported 802.11g network rate 48 supported 802.11g network rate 54 supported 802.11b network rate 1 disabled 802.11b network rate 2 disabled 802.11b network rate 5 disabled 802.11b network rate 11 mandatory 802.11a network rate 6 disabled 802.11a network rate 9 supported 802.11a network rate 12 mandatory 802.11a network rate 18 supported 802.11a network rate 24 mandatory 802.11a network rate 36 supported 802.11a network rate 48 supported 802.11a network rate 54 supportedip dhcp snooping no identify-application enable no cwmp service dhcp ip dhcp pool Wireless network 192.168.60.0 255.255.255.0 default-router 192.168.60.254 install 0 WS6008 sysmac c470.abe7.386b enable service web-server httpenable service web-server httpswebmaster level 0 username admin password 7 06073a0e261bno service password-encryption redundancy link-check disable nfpp wids frn vlan 1 vlan 60 name Wireless vlan 100 name Manage interface GigabitEthernet 0/1 switchport mode trunk ip dhcp snooping trust interface GigabitEthernet 0/2 interface GigabitEthernet 0/3 interface GigabitEthernet 0/4 interface GigabitEthernet 0/5 interface GigabitEthernet 0/6 interface GigabitEthernet 0/7 interface GigabitEthernet 0/8 interface Loopback 0 ip address 11.168.0.204 255.255.255.255 interface VLAN 1 interface VLAN 60 ip address 192.168.60.252 255.255.255.0 vrrp 1 ip 192.168.60.254 vrrp 1 priority 150 interface VLAN 100 ip address 192.168.100.2 255.255.255.0 wlan hot-backup 11.168.0.205context 1 priority level 1 wlan hot-backup enable wlansec 1 security rsn enable security rsn ciphers aes enable security rsn akm psk enable security rsn akm psk set-key ascii 12345678 arp-check ip verify source port-security ip route 0.0.0.0 0.0.0.0 192.168.100.252 line console 0line vty 0 4 login end

EG1

interface GigabitEthernet 0/0 ip address 192.168.1.1 255.255.255.0 ip nat inside interface GigabitEthernet 0/1 ip address 10.168.0.34 255.255.255.252 ip nat inside interface GigabitEthernet 0/2 ip address 10.168.0.38 255.255.255.252 ip nat inside interface GigabitEthernet 0/3 ip address 195.168.0.1 255.255.255.0 crypto map mymap interface GigabitEthernet 0/4 interface GigabitEthernet 0/5 interface GigabitEthernet 0/6 interface GigabitEthernet 0/7 interface GigabitEthernet 0/8 interface GigabitEthernet 0/9 interface Loopback 0 ip address 11.168.0.11 255.255.255.255 interface SSLVPN 0 interface SSLVPN 1 app route switchapp route mode new-flow ip nat pool ssh prefix-length 24 address 195.168.0.20 195.168.0.20 match interface GigabitEthernet 0/1 ip nat outside source list 111 pool sship nat inside source list 1 pool nat_pool overloadip nat inside source list 110 interface GigabitEthernet 0/3 overload ip route 10.168.0.0 255.255.255.252 10.168.0.33ip route 192.168.10.0 255.255.255.0 10.168.0.33 10ip route 192.168.10.0 255.255.255.0 10.168.0.37 100ip route 192.168.20.0 255.255.255.0 10.168.0.33 10ip route 192.168.20.0 255.255.255.0 10.168.0.37 100ip route 192.168.30.0 255.255.255.0 10.168.0.33 10ip route 192.168.30.0 255.255.255.0 10.168.0.37 100ip route 192.168.40.0 255.255.255.0 10.168.0.33 10ip route 192.168.40.0 255.255.255.0 10.168.0.37 100ip route 192.168.60.0 255.255.255.0 10.168.0.33 10ip route 192.168.60.0 255.255.255.0 10.168.0.37 100ip route 194.168.10.0 255.255.255.0 195.168.0.2 line console 0line vty 0 4 login end

EG2

hostname EG2vlan 1no service password-encryptionip access-list extended 110 10 permit ip 194.168.20.0 0.0.0.255 195.168.0.0 0.0.0.255 time-range working_time ip access-list extended 112 10 permit ip 194.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255 control-plane control-plane protocol no acpp control-plane manage no port-filter no arp-car no acpp control-plane data no glean-car no acppenable service web-server httpenable service web-server https crypto isakmp policy 1 encryption 3des authentication pre-share hash md5 crypto isakmp key 7 151b5f72467e7a address 195.168.0.1crypto ipsec transform-set myset esp-3des esp-md5-hmac crypto map mymap 1 ipsec-isakmp set peer 195.168.0.1 set transform-set myset match address 112interface FastEthernet 1/0 interface FastEthernet 1/1 interface FastEthernet 1/2 interface FastEthernet 1/3 interface FastEthernet 1/4 interface FastEthernet 1/5 interface FastEthernet 1/6 interface FastEthernet 1/7 interface FastEthernet 1/8 interface FastEthernet 1/9 interface FastEthernet 1/10 interface FastEthernet 1/11 interface FastEthernet 1/12 interface FastEthernet 1/13 interface FastEthernet 1/14 interface FastEthernet 1/15 interface FastEthernet 1/16 interface FastEthernet 1/17 interface FastEthernet 1/18 interface FastEthernet 1/19 interface FastEthernet 1/20 interface FastEthernet 1/21 interface FastEthernet 1/22 interface FastEthernet 1/23 interface GigabitEthernet 0/0 ip nat outside ip address 195.168.0.2 255.255.255.0 crypto map mymap duplex auto speed auto interface GigabitEthernet 0/1 ip nat inside ip address 10.168.0.42 255.255.255.252 duplex auto speed auto interface Loopback 0 ip address 11.168.0.12 255.255.255.255 ip nat inside source list 110 interface GigabitEthernet 0/0 overloadip route 10.168.0.24 255.255.255.252 10.168.0.41ip route 192.168.20.0 255.255.255.0 195.168.0.1ip route 194.168.10.0 255.255.255.0 10.168.0.41ip route 194.168.20.0 255.255.255.0 10.168.0.41ref parameter 75 140line con 0line aux 0line vty 0 4 login End

最终路由情况

云计算融合网络部署实例_switchover timeout 4000
云计算融合网络部署实例_switchover timeout 4000
云计算融合网络部署实例_switchover timeout 4000

网络标签:

相关问题