junipar 发表于 2012-12-25 16:20:00

[分享]思科交换机配置简要

说明<br/>本手册只包括日常使用的有关命令及特性,其它未涉及的命令及特性请参考英文的详细配置手册。<br/>配置端口<br/>配置一组端口<br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface range {port-range} &nbsp;&nbsp; &nbsp;进入组配置状态<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;可以使用平时的端口配置命令进行配置<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退回<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces &nbsp;&nbsp; &nbsp;验证配置<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存<br/><br/>当使用interface range命令时有如下的规则:<br/>?&nbsp;&nbsp; &nbsp;有效的组范围:<br/>o&nbsp;&nbsp; &nbsp;vlan从1 到4094 <br/>o&nbsp;&nbsp; &nbsp;fastethernet 槽位/{first port} - {last port}, 槽位为0<br/>o&nbsp;&nbsp; &nbsp;gigabitethernet槽位/{first port} - {last port},槽位为0<br/>o&nbsp;&nbsp; &nbsp;port-channel port-channel-number - port-channel-number, port-channel号从1到64<br/>?&nbsp;&nbsp; &nbsp;端口号之间需要加入空格,如:interface range fastethernet 0/1 – 5 是有效的,而interface range fastethernet 0/1-5 是无效的.<br/>?&nbsp;&nbsp; &nbsp;interface range 命令只能配置已经存在的interface vlan<br/>?&nbsp;&nbsp; &nbsp;所有在同一组的端口必须是相同类别的。<br/>见以下例子:<br/>Switch# configure terminal<br/><br/>Switch(config)# interface range fastethernet0/1 - 5 <br/><br/>Switch(config-if-range)# no shutdown <br/>Switch(config-if-range)#<br/>*Oct&nbsp; 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up<br/>*Oct&nbsp; 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up<br/>*Oct&nbsp; 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up<br/>*Oct&nbsp; 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to up<br/>*Oct&nbsp; 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to up<br/>*Oct&nbsp; 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/05, <br/>changed state to up<br/>*Oct&nbsp; 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed <br/>state to up<br/>*Oct&nbsp; 6 08:24:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed <br/>state to up<br/><br/>
[此贴子已经被作者于2012/12/25 16:22:01编辑过]

junipar 发表于 2012-12-25 16:22:00

&nbsp;以下的例子显示使用句号来配置不同类型端口的组:<br/>Switch# configure terminal<br/><br/>Switch(config)# interface range fastethernet0/1 - 3, gigabitethernet0/1 - 2 <br/><br/>Switch(config-if-range)# no shutdown <br/>Switch(config-if-range)#<br/>*Oct&nbsp; 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up<br/>*Oct&nbsp; 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up<br/>*Oct&nbsp; 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up<br/>*Oct&nbsp; 6 08:29:28: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up<br/>*Oct&nbsp; 6 08:29:28: %LINK-3-UPDOWN: Interface GigabitEthernet0/2, changed state to up<br/>*Oct&nbsp; 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/ 1, <br/>changed state to up<br/>*Oct&nbsp; 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/ 2, <br/>changed state to up<br/>*Oct&nbsp; 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/ 3, <br/>changed state to up<br/>&nbsp;<br/>配置二层端口<br/>思科三层交换机的所有端口缺省的端口都是二层口,如果此端口已经配置成三层端口的话,则需要用switchport来使其成为二层端口。<br/>配置端口速率及双工模式<br/>可以配置快速以太口的速率为10/100Mbps及千兆以太口的速率为10/100/1000-Mbps; 但对于GBIC端口则不能配置速率及双工模式,有时可以配置nonegotiate,当需要联接不支持自适应的其它千兆端口时<br/>&nbsp;&nbsp; &nbsp;命令&nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态.<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入端口配置状态.<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;speed {10 | 100 | 1000 | auto | nonegotiate}&nbsp;&nbsp; &nbsp;设置端口速率 <br/>注&nbsp;&nbsp; 1000 只工作在千兆口. GBIC模块只工作在1000 Mbps下. nonegotiate 只能在这些GBIC上用 1000BASE-SX, -LX, and -ZX GBIC.<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;duplex {auto | full | half}&nbsp;&nbsp; &nbsp;设置全双工或半双工. <br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id&nbsp;&nbsp; &nbsp;显示有关配置情况<br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存<br/><br/>

junipar 发表于 2012-12-25 16:23:00

&nbsp;<br/>Switch# configure terminal<br/><br/>Switch(config)# interface fastethernet0/3<br/><br/>Switch(config-if)# speed 10<br/><br/>Switch(config-if)# duplex half<br/>端口描述 <br/><br/>&nbsp;&nbsp; &nbsp;命令&nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置模式<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入要加入描述的端口<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;description string&nbsp;&nbsp; &nbsp;加入描述 (最多240个字符).<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退回.<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id description<br/>or<br/>show running-config&nbsp;&nbsp; &nbsp;验证.<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存<br/><br/>Use the no description interface configuration command to delete the description.<br/>This example shows how to add a description on Fast Ethernet interface 0/4 and to verify the description:<br/>Switch# config terminal<br/><br/>Enter configuration commands, one per line.&nbsp; End with CNTL/Z.<br/>Switch(config)# interface fastethernet0/4<br/><br/>Switch(config-if)# description Connects to Marketing<br/><br/>Switch(config-if)# end<br/><br/>Switch# show interfaces fastethernet0/4 description<br/><br/>Interface Status&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Protocol Description<br/>Fa0/4&nbsp;&nbsp;&nbsp;&nbsp; up&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; down&nbsp;&nbsp;&nbsp;&nbsp; Connects to Marketing<br/>配置三层口<br/>思科交换机有三种类型的三层端口:<br/>?&nbsp;&nbsp; &nbsp;SVIs: 即interface vlan<br/>________________________________________<br/>&nbsp;<br/>Note&nbsp; 当生成一个interface Vlan时,只有当把某一物理端口分配给它时才能被激活 <br/>________________________________________<br/>?&nbsp;&nbsp; &nbsp;三层以太网通道口(EtherChannel)<br/>?&nbsp;&nbsp; &nbsp;.路由口:路由口是指某一物理端口在端口配置状态下用no switchport命令生成的端口 <br/>所有的三层都需要IP地址以实现路由交换<br/>配置步骤如下:<br/>&nbsp;&nbsp; &nbsp;命令&nbsp;&nbsp; &nbsp;目的<br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface {{fastethernet | gigabitethernet} interface-id} | {vlan vlan-id} | {port-channel port-channel-number}&nbsp;&nbsp; &nbsp;进入端口配置状态<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;no switchport&nbsp;&nbsp; &nbsp;把物理端口变成三层口<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;ip address ip_address subnet_mask &nbsp;&nbsp; &nbsp;配置IP地址和掩码<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;no shutdown&nbsp;&nbsp; &nbsp;激活端口<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces <br/>show ip interface <br/>show running-config interface &nbsp;&nbsp; &nbsp;验证配置<br/>Step 8 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存配置

junipar 发表于 2012-12-25 16:25:00

&nbsp;配置举例如下:<br/>Switch# configure terminal<br/><br/>Enter configuration commands, one per line.&nbsp; End with CNTL/Z.<br/>Switch(config)# interface gigabitethernet0/2<br/><br/>Switch(config-if)# no switchport<br/><br/>Switch(config-if)# ip address 192.20.135.21 255.255.255.0<br/><br/>Switch(config-if)# no shutdown<br/><br/>Switch(config-if)# end <br/><br/>&nbsp;<br/>show ip interface命令:<br/>Switch# show ip interface gigabitethernet0/2<br/><br/>GigabitEthernet0/2 is up, line protocol is up<br/>&nbsp; Internet address is 192.20.135.21/24<br/>&nbsp; Broadcast address is 255.255.255.255<br/>&nbsp; Address determined by setup command<br/>&nbsp; MTU is 1500 bytes<br/>&nbsp; Helper address is not set<br/>&nbsp; Directed broadcast forwarding is disabled<br/>&nbsp;<br/>&lt;output truncated&gt;<br/>监控及维护端口<br/>监控端口和控制器的状态<br/>主要命令见下表:<br/>Show Commands for Interfaces Command &nbsp;&nbsp; &nbsp;目的 <br/>show interfaces &nbsp;&nbsp; &nbsp;显示所有端口或某一端口的状态和配置.<br/>show interfaces interface-id status &nbsp;&nbsp; &nbsp;显示一系列端口的状态或错误-关闭的状态<br/>show interfaces switchport&nbsp;&nbsp; &nbsp;显示二层端口的状态,可以用来决定此口是否为二层或三层口。<br/>show interfaces description&nbsp;&nbsp; &nbsp;显示端口描述<br/>show ip interface &nbsp;&nbsp; &nbsp;显示所有或某一端口的IP可用性状态<br/>show running-config interface &nbsp;&nbsp; &nbsp;显示当前配置中的端口配置情况<br/>show version&nbsp;&nbsp; &nbsp;显示软硬件等情况<br/><br/>

junipar 发表于 2012-12-25 16:25:00

&nbsp;举例如下:<br/>Switch# show interfaces status<br/><br/>&nbsp;<br/>Port&nbsp;&nbsp;&nbsp; Name&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Status&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Vlan&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Duplex&nbsp; Speed Type<br/>Gi0/1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; connected&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp; a-full&nbsp; a-100 10/100/1000Base<br/>TX<br/>Gi0/2&nbsp;&nbsp; wce server 20.20.2 disabled&nbsp;&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/3&nbsp;&nbsp; ip wccp web-cache&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/5&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; disabled&nbsp;&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/7&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; disabled&nbsp;&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; disabled&nbsp;&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp;&nbsp; 100 10/100/1000Base TX<br/>Gi0/9&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/10&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto 10/100/1000Base TX<br/>Gi0/11&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; disabled&nbsp;&nbsp;&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto unknown<br/>Gi0/12&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; notconnect&nbsp;&nbsp; routed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto&nbsp;&nbsp; auto unknown<br/><br/>

junipar 发表于 2012-12-25 16:26:00

&nbsp;Switch# show interfaces fastethernet 0/1 switchport<br/><br/>Name: Fa0/1<br/>Switchport: Enabled<br/>Administrative Mode: static access<br/>Operational Mode: down<br/>Administrative Trunking Encapsulation: dot1q<br/>Negotiation of Trunking: Off<br/>Access Mode VLAN: 1 (default)<br/>Trunking Native Mode VLAN: 1 (default)<br/>Trunking VLANs Enabled: ALL<br/>Pruning VLANs Enabled: 2-1001<br/>&nbsp;<br/>Protected: false<br/>Unknown unicast blocked: disabled<br/>Unknown multicast blocked: disabled<br/>&nbsp;<br/>Voice VLAN: dot1p (Inactive)<br/>Appliance trust: 5<br/><br/><br/>Switch# show running-config interface fastethernet0/2<br/><br/>Building configuration...<br/>&nbsp;<br/>Current configuration : 131 bytes<br/>!<br/>interface FastEthernet0/2<br/>&nbsp;switchport mode access<br/>&nbsp;switchport protected<br/>&nbsp;no ip address<br/>&nbsp;mls qos cos 7<br/>&nbsp;mls qos cos override<br/>end<br/>刷新、重置端口及计数器<br/>Clear命令&nbsp;&nbsp; &nbsp;目的 <br/>clear counters &nbsp;&nbsp; &nbsp;清除端口计数器.<br/>clear interface interface-id&nbsp;&nbsp; &nbsp;重置某一端口的硬件逻辑<br/>clear line &nbsp;&nbsp; &nbsp;重置异步串口的硬件逻辑<br/><br/>________________________________________<br/>&nbsp;<br/>Note&nbsp;&nbsp; clear counters 命令只清除用show interface所显示的计数,不影响用snmp得到的计数 <br/>________________________________________<br/>举例如下:<br/>Switch# clear counters fastethernet0/5 <br/>Clear "show interface" counters on this interface y <br/>Switch#<br/>*Sep 30 08:42:55: %CLEAR-5-COUNTERS: Clear counter on interface FastEthernet0/5<br/>by vty1 (171.69.115.10)<br/>&nbsp;<br/>可使用clear interface 或 clear line 命令来清除或重置某一端口或串口,在大部分情况下并不需要这样做:<br/>Switch# clear interface fastethernet0/5 <br/><br/>关闭和打开端口<br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface {vlan vlan-id} | {{fastethernet | gigabitethernet} interface-id} | {port-channel port-channel-number}&nbsp;&nbsp; &nbsp;选择要关闭的端口<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;shutdown&nbsp;&nbsp; &nbsp;关闭<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;show running-config&nbsp;&nbsp; &nbsp;验证<br/><br/>使用 no shutdown 命令重新打开端口.

junipar 发表于 2012-12-25 16:27:00

&nbsp;举例如下:<br/>Switch# configure terminal<br/><br/>Switch(config)# interface fastethernet0/5 <br/>Switch(config-if)# shutdown <br/>Switch(config-if)#<br/>*Sep 30 08:33:47: %LINK-5-CHANGED: Interface FastEthernet0/5, changed state to a <br/>administratively down<br/>&nbsp;<br/>Switch# configure terminal<br/><br/>Switch(config)# interface fastethernet0/5 <br/>Switch(config-if)# no shutdown <br/>Switch(config-if)#<br/>*Sep 30 08:36:00: %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to up<br/>&nbsp;<br/>配置VLAN<br/>理解VLAN<br/>&nbsp;一个VLAN就是一个交换网,其逻辑上按功能、项目、应用来分而不必考虑用户的物理位置。任何交换口都可以属于某一VLAN, IP包、广播包及组播包均可以发送或广播给在此VLAN内的最终用户。每一个VLAN均可看成是一个逻辑网络,发往另一VLAN的数据包必须由路由器或网桥转发(如下图)。由于VLAN被看成是一个逻辑网络,其具有自己的网桥管理信息庫 (MIB) 并可支持自己的生成树<br/><br/>&nbsp;VLAN作为逻辑定义的网络示意图<br/><br/>&nbsp;<br/>VLAN常常与IP子网相联系,同一IP子网属于同一VLAN。在VLAN之间的数据包可以由VLAN端口进行转发。<br/>可支持的VLAN<br/>思科交换机支持1005个 VLAN,可以分别是VTP client, server, 及 transparent modes. VLAN号可以从1到4094. VLAN号1002到1005保留给令牌环及FDDI VLAN. VTP只能学习到普通范围的VLAN, 即从VLAN到1到1005; VLAN号大于1005属于扩展VLAN,不存在VLAN数据庫中。 交换机必须配置成VTP透明模式当需要生成VLAN 号从1006到4094. <br/>本交换机支持基于每一VLAN的生成树(PVST),最多支持128个生成树。本交换机支持ISL及IEEE 802.1Q trunk二种封装。<br/>配置正常范围的VLAN<br/>VLAN号1, 1002到1005是自动生成的不能被去掉。 <br/>VLAN号1到1005的配置被写到文件vlan.dat 中, 可以用show vlan 命令查看, vlan.dat 文件存放在NVRAM中. <br/>________________________________________<br/>&nbsp;<br/>注意&nbsp;&nbsp; 不要手工删除vlan.dat 文件,可能造成VLAN的不完整。 如要删除vlan需要用有关的命令来进行<br/>________________________________________<br/>生成、修改以太网VLAN

junipar 发表于 2012-12-25 16:27:00

&nbsp;&nbsp;&nbsp;&nbsp; 命令&nbsp;&nbsp; &nbsp;目的<br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;vlan vlan-id&nbsp;&nbsp; &nbsp;输入一个VLAN号, 然后进入vlan配置状态,可以输入一个新的VLAN号或旧的来进行修改。 <br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;name vlan-name&nbsp;&nbsp; &nbsp;(可选)输入一个VLAN名,如果没有配置VLAN名,缺省的名字是VLAN号前面用0填满的4位数,如VLAN0004是VLAN4的缺省名字<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;mtu mtu-size&nbsp;&nbsp; &nbsp;(可选) 改变MTU大小<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;show vlan {name vlan-name | id vlan-id}&nbsp;&nbsp; &nbsp;验证<br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup config&nbsp;&nbsp; &nbsp;(可选) 保存配置<br/>用no vlan name 或 no vlan mtu 退回到缺省的vlan配置状态<br/>举例如下:<br/>Switch# configure terminal<br/><br/>Switch(config)# vlan 20<br/><br/>Switch(config-vlan)# name test20<br/><br/>Switch(config-vlan)# end<br/><br/><br/><br/>也可以在enable状态下,进行VLAN配置:<br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;vlan database&nbsp;&nbsp; &nbsp;进入VLAN配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;vlan vlan-id name vlan-name&nbsp;&nbsp; &nbsp;加入VLAN号及VLAN名<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;vlan vlan-id mtu mtu-size&nbsp;&nbsp; &nbsp;(可选) 修改MTU大小<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;exit&nbsp;&nbsp; &nbsp;更新VLAN数据庫并退出<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;show vlan {name vlan-name | id vlan-id}&nbsp;&nbsp; &nbsp;验证配置<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup config&nbsp;&nbsp; &nbsp;保存配置(可选)<br/><br/>举例如下:<br/>Switch# vlan database<br/><br/>Switch(vlan)# vlan 20 name test20<br/><br/>Switch(vlan)# exit<br/><br/>APPLY completed.<br/>Exiting....<br/>Switch# <br/>删除VLAN<br/>当删除一个处于VTP服务器的交换机上删除VLAN时,则此VLAN将在所有相同VTP的交换机上删除。当在透明模式下删除时,只在当前交换机上删除。<br/>&nbsp;<br/>注意&nbsp;&nbsp; 当删除一个VLAN时,原来属于此VLAN的端口将处于非激活的状态,直到将其分配给某一VLAN。<br/>________________________________________<br/><br/><br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;no vlan vlan-id&nbsp;&nbsp; &nbsp;删除某一VLAN. <br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;show vlan brief&nbsp;&nbsp; &nbsp;验证<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup config&nbsp;&nbsp; &nbsp;保存<br/><br/>也可用vlan database 进入VLAN配置状态,用no vlan vlan-id 来删除。<br/>将端口分配给一个VLAN

junipar 发表于 2012-12-25 16:28:00

&nbsp;&nbsp;&nbsp;&nbsp; 命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入要分配的端口<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;switchport mode access&nbsp;&nbsp; &nbsp;定义二层口<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;switchport access vlan vlan-id&nbsp;&nbsp; &nbsp;把端口分配给某一VLAN<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;show running-config interface interface-id &nbsp;&nbsp; &nbsp;验证端口的VLAN号<br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id switchport&nbsp;&nbsp; &nbsp;验证端口的管理模式和VLAN情况<br/>Step 8 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存配置<br/><br/>使用 default interface interface-id 还原到缺省配置状态。<br/>举例如下:<br/>Switch# configure terminal <br/>Enter configuration commands, one per line.&nbsp; End with CNTL/Z.<br/>Switch(config)# interface fastethernet0/1 <br/><br/>Switch(config-if)# switchport mode access <br/><br/>Switch(config-if)# switchport access vlan 2<br/><br/>Switch(config-if)# end <br/>Switch#<br/>配置VLAN Trunks<br/><br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入端口配置状态<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;switchport trunk encapsulation {isl | dot1q | negotiate}&nbsp;&nbsp; &nbsp;配置trunk封装ISL 或 802.1Q 或自动协商<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;switchport mode {dynamic {auto | desirable} | trunk}&nbsp;&nbsp; &nbsp;配置二层trunk模式。<br/>?&nbsp;&nbsp; &nbsp;dynamic auto—自动协商是否成为trunk<br/>?&nbsp;&nbsp; &nbsp;dynamic desirable—把端口设置为trunk如果对方端口是trunk, desirable, 或自动模式<br/>?&nbsp;&nbsp; &nbsp;trunk—设置端口为强制的trunk方式,而不理会对方端口是否为trunk<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;switchport access vlan vlan-id&nbsp;&nbsp; &nbsp;(可选) 指定一个缺省VLAN, 如果此端口不再是trunk<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;switchport trunk native vlan vlan-id&nbsp;&nbsp; &nbsp;指定802.1Q native VLAN号 <br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 8 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id switchport&nbsp;&nbsp; &nbsp;显示有关switchport 的配置<br/>Step 9 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id trunk&nbsp;&nbsp; &nbsp;显示有关trunk的配置<br/>Step 10 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存配置<br/>举例:<br/>Switch# configure terminal <br/><br/>Enter configuration commands, one per line.&nbsp; End with CNTL/Z.<br/>Switch(config)# interface fastethernet0/4 <br/><br/>Switch(config-if)# switchport mode trunk <br/><br/>Switch(config-if)# switchport trunk encapsulation dot1q <br/><br/>Switch(config-if)# end <br/><br/>

junipar 发表于 2012-12-25 16:28:00

&nbsp;定义trunk允许的VLAN<br/>缺省情况下trunk允许所有的VLAN通过。可以使用 switchport trunk allowed vlan remove vlan-list 来去掉某一VLAN <br/>&nbsp;&nbsp; &nbsp;Command &nbsp;&nbsp; &nbsp;Purpose <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入端口配置<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;switchport mode trunk&nbsp;&nbsp; &nbsp;配置二层口为trunk<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;switchport trunk allowed vlan {add | all | except | remove} vlan-list &nbsp;&nbsp; &nbsp;(可选) 配置trunk允许的VLAN. <br/>使用add, all, except,&nbsp; remove关健字<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id switchport &nbsp;&nbsp; &nbsp;验证VLAN配置情况.<br/>Step 7 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存配置<br/><br/>回到允许所有VLAN通过时, 可用no switchport trunk allowed vlan 端口配置命令.<br/>举例如下:<br/>Switch(config)# interface fastethernet0/1<br/><br/>Switch(config-if)# switchport trunk allowed vlan remove 2<br/><br/>Switch(config-if)# end<br/><br/>配置Native VLAN(802.1q)<br/>封装802.1q的trunk端口可以接受带有标签和不带标签的数据流,交换机向native vlan传送不带标签的数据流,缺省情况下native VLAN是1。<br/><br/>&nbsp;&nbsp; &nbsp;命令 &nbsp;&nbsp; &nbsp;目的 <br/>Step 1 &nbsp;&nbsp;&nbsp; &nbsp;configure terminal&nbsp;&nbsp; &nbsp;进入配置状态<br/>Step 2 &nbsp;&nbsp;&nbsp; &nbsp;interface interface-id&nbsp;&nbsp; &nbsp;进入配置成802.1qtrunk的端口<br/>Step 3 &nbsp;&nbsp;&nbsp; &nbsp;switchport trunk native vlan vlan-id&nbsp;&nbsp; &nbsp;配置native VLAN号<br/>Step 4 &nbsp;&nbsp;&nbsp; &nbsp;end&nbsp;&nbsp; &nbsp;退出<br/>Step 5 &nbsp;&nbsp;&nbsp; &nbsp;show interfaces interface-id switchport&nbsp;&nbsp; &nbsp;验证native VLAN配置<br/>Step 6 &nbsp;&nbsp;&nbsp; &nbsp;copy running-config startup-config&nbsp;&nbsp; &nbsp;保存配置<br/><br/>使用no switchport trunk native vlan 端口配置命令回到缺省的状态<br/>使用STP实现负载均衡<br/>负载均衡可以使用流量分流到其它平行的trunks上去. 交换机为了避免环路, STP通常是阻断所有端口交换机之间只留一条链路 。使用负载均衡后, 可以把不同VLAN的流量分配到不同的trunk上。 <br/>可以通过配置STP端口权值STP路径值来实现负载均衡. 如果使用STP端口权值来配置那么二条负载均衡的trunk必须联同一交换机上。使用路径值则即可以联相同的交换机与可以联不同的交换机。<br/>使用STP端口权值的负载均衡<br/>当同一台交换机的二个口形成环路时, STP端口权值用来决定那个口是enable的,那个口是阻断的。 可以通过配置端口权值来决定二对trunk各走那些VLAN, 有较高权值的端口(数字较小的)vlan, 将处于转发状态,同一个VLAN在另一个trunk有较低的权值(数字较大)则将处在阻断状态。 即同一VLAN只在一个trunk上发送接受。<br/><br/>
页: [1]
查看完整版本: [分享]思科交换机配置简要