欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  数据库

Catalyst4006交换机的配置实例

程序员文章站 2022-05-24 19:41:09
...

一、CAT4006引擎模块WS-X4013的 配置 清单 (其中包括:基本设置、VLAN的 配置 、通道 配置 、以及端口镜像口的1/2设置连接千兆IDS) Cisco Systems, Inc. Console Enter password: CAT4006> enable Enter password: CAT40 06> (enable) ....... ...........

一、CAT4006引擎模块WS-X4013的配置清单

(其中包括:基本设置、VLAN的配置、通道配置、以及端口镜像口的1/2设置连接千兆IDS)

Cisco Systems, Inc. Console

Enter password:

CAT4006> enable

Enter password:

CAT40

06> (enable)

.......

..................

..................

....................

....................

..

begin

!

# ***** NON-DEFAULT CONFIGURATION *****

!

!

#time: Mon Apr 11 2005, 22:02:13

!

#version 6.1(1)

!

!

#system web interface version(s)

set password *********************

set enablepass *********************

!

#test

!

#system

set system name CAT4006

!

#frame distribution method

set port channel all distribution mac both

!

#vtp

set vtp domain hngazk

set vlan 1 name default type ethernet mtu 1500 said 100001 state active

set vlan 16 name Old_Bangong type ethernet mtu 1500 said 100016 state active

set vlan 17 name Server_Manage type ethernet mtu 1500 said 100017 state active

set vlan 18 name New_Bangong type ethernet mtu 1500 said 100018 state active

set vlan 19 name Library type ethernet mtu 1500 said 100019 state active

set vlan 20 name New_Shiyanzhongxin type ethernet mtu 1500 said 100020 state active

set vlan 22 name Old_Shiyanzhongxin type ethernet mtu 1500 said 100022 state active

set vlan 23 name CaiZhuan_Jiashuyuan type ethernet mtu 1500 said 100023 state active

set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active

set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee

set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm

set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 0 stemaxhop 0 backupcrf off

!

#ip

set interface sc0 17 21x.xxx.17.253/255.255.255.0 21x.xxx.xxx.255

set interface sl0 down

set interface me1 down

set ip route 0.0.0.0/0.0.0.0 21x.xxx.xxx.254

!

#dns

set ip dns server 21x.xxx.xxx.2 primary

set ip dns enable

!

#syslog

set logging level cops 2 default

!

#set boot command

set boot config-register 0x2

set boot system flash bootflash:cat4000.6-1-1.bin

!

#mls

set mls nde disable

!

#port channel

set port channel 3/1-4 636

!

#module 1 : 2-port 1000BaseX Supervisor

set udld enable 1/1

set trunk 1/1 nonegotiate dot1q 1-1005

set trunk 1/2 nonegotiate dot1q 1-1005

!

#module 2 : 6-port 1000BaseX Ethernet

set vlan 20 2/3

set port name 2/1 Old_Shiyanzhongxin

set port name 2/2 Library

set port name 2/3 New_Shiyanzhongxin

set port name 2/4 New_Bangong

set port name 2/5 CaiZhuan_Jiashuyuan

set port name 2/6 Old_Shiyanzhongxin

set udld enable 2/6

set udld disable 2/3

set trunk 2/1 nonegotiate dot1q 1-1005

set trunk 2/2 nonegotiate dot1q 1-1005

set trunk 2/3 nonegotiate dot1q 1-1005

set trunk 2/4 nonegotiate dot1q 1-1005

set trunk 2/5 nonegotiate dot1q 1-1005

set trunk 2/6 nonegotiate dot1q 1-1005

!

#module 3 : 34-port Router Switch Card

set vlan 16 3/3-9,3/11-19,3/26-34

set vlan 17 3/10,3/20

set vlan 18 3/21

set vlan 19 3/22

set vlan 20 3/23

set vlan 22 3/24

set vlan 23 3/25

set port name 3/1 Firewall_Talent

set trunk 3/1 nonegotiate dot1q 1-1005

set trunk 3/2 nonegotiate dot1q 1-1005

set port channel 3/1-2 mode on

!

#module 4 : 34-port 10/100/1000 Ethernet

set vlan 16 4/5-9,4/11,4/15-34

set vlan 17 4/3-4,4/10,4/12-14

set trunk 4/1 nonegotiate dot1q 1-1005

set trunk 4/2 nonegotiate dot1q 1-1005

!

#module 5 empty

!

#module 6 empty

!

#switch port analyzer

set span 2/1-6,3/1-34,4/1-34 1/2 both inpkts disable learning enable create

end

CAT4006> (enable)

二、WS-X4232-L3三层路由模块的配置清单

(其中包括:VLAN路由、访问控制列表、三层模块与交换机背板通道的配置等等)

WS-X4232-L3#

Using 4055 out of 126968 bytes

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname WS-X4232-L3

!

enable secret 5 *****************

enable password **********

!

ip subnet-zero

!

!

!

interface Port-channel1

no ip address

no ip directed-broadcast

hold-queue 300 in

!

interface Port-channel1.1

encapsulation dot1Q 1 native

ip address 10.10.1.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.16

encapsulation dot1Q 16

ip address 21x.xxx.16.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.17

encapsulation dot1Q 17

ip address 21x.xxx.17.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.18

encapsulation dot1Q 18

ip address 21x.xxx.18.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.19

encapsulation dot1Q 19

ip address 21x.xxx.19.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.20

encapsulation dot1Q 20

ip address 21x.xxx.21.254 255.255.254.0 secondary

ip address 21x.xxx.20.254 255.255.254.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.22

encapsulation dot1Q 22

ip address 21x.xxx.22.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.23

encapsulation dot1Q 23

ip address 21x.xxx.23.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface FastEthernet1

no ip address

no ip directed-broadcast

shutdown

!

interface GigabitEthernet1

ip address 21x.xxx.xxx.xxx 255.255.255.240

ip access-group 110 in

ip access-group 110 out

no ip directed-broadcast

!

interface GigabitEthernet2

no ip address

no ip directed-broadcast

!

interface GigabitEthernet3

no ip address

no ip directed-broadcast

no negotiation auto

channel-group 1

!

interface GigabitEthernet4

no ip address

no ip directed-broadcast

no negotiation auto

channel-group 1

!

ip classless

ip route 0.0.0.0 0.0.0.0 2xx.xxx.xxx.xxx

!

access-list 110 deny tcp any any eq echo

access-list 110 deny tcp any any eq chargen

access-list 110 deny tcp any any eq 135

access-list 110 deny tcp any any eq 136

access-list 110 deny tcp any any eq 137

access-list 110 deny tcp any any eq 138

access-list 110 deny tcp any any eq 139

access-list 110 deny tcp any any eq 389

access-list 110 deny tcp any any eq 445

access-list 110 deny tcp any any eq 4444

access-list 110 deny udp any any eq tftp

access-list 110 deny udp any any eq 135

access-list 110 deny udp any any eq 136

access-list 110 deny udp any any eq netbios-ns

access-list 110 deny udp any any eq netbios-dgm

access-list 110 deny udp any any eq netbios-ss

access-list 110 deny udp any any eq 389

access-list 110 deny udp any any eq 445

access-list 110 deny udp any any eq 1434

access-list 110 deny udp any any eq 1433

access-list 110 deny udp any any eq 1025

access-list 110 deny udp any any eq 455

access-list 110 deny udp any any eq 5554

access-list 110 deny udp any any eq 9996

access-list 110 deny udp any any eq 6129

access-list 110 deny udp any any eq 3127

access-list 110 deny udp any any eq 2745

access-list 110 deny tcp any any eq 6669

access-list 110 deny tcp any any eq 1023

access-list 110 deny tcp any any eq 1024

access-list 110 deny tcp any any eq 3332

access-list 110 deny tcp any any eq 69

access-list 110 deny udp any any eq 593

access-list 110 deny tcp any any eq 593

access-list 110 permit ip any any

arp 127.0.0.2 0005.5e73.9300 ARPA

!

line con 0

transport input none

line aux 0

line vty 0 4

password **********

login

!

end

WS-X4332-L3#