Skip to main content


利用S5700、S2700和ER3260组的一个小型校园网(2)

2012-10-09 22:21 浏览:

  dhcp select interface

  dhcp server dns-list 202.96.104.28

  dhcp server dns-list 61.153.81.74

  dhcp server excluded-ip-address 192.168.3.1

  dhcp server excluded-ip-address 192.168.3.2

  dhcp server lease day 3

  quit

  interface vlanif 4

  ip address 192.168.4.254 24

  dhcp select interface

  dhcp server dns-list 202.96.104.28

  dhcp server dns-list 61.153.81.74

  dhcp server excluded-ip-address 192.168.4.1

  dhcp server excluded-ip-address 192.168.4.2

  dhcp server lease day 3

  quit

  interface vlanif 5

  ip address 192.168.5.254 24

  dhcp select interface

  dhcp server dns-list 202.96.104.28

  dhcp server dns-list 61.153.81.74

  dhcp server excluded-ip-address 192.168.5.1

  dhcp server excluded-ip-address 192.168.5.2

  dhcp server lease day 3

  quit

  port-group trunk

  group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4 g0/0/6 g0/0/23 g0/0/21

  port link-type trunk

  port trunk allow-pass vlan all

  quit

  #5700的所有接口都不连客户端。

  ip route-static 0.0.0.0 0.0.0.0 192.168.1.1

  # 配置默认路由,192.168.1.1是路由器的地址

  路由器路由器配置很简单,就加了4条静态路由:

  ip route-static 192.168.2.0 255.255.255.0 192.168.1.2

  ip route-static 192.168.3.0 255.255.255.0 192.168.1.2

  ip route-static 192.168.4.0 255.255.255.0 192.168.1.2

  ip route-static 192.168.5.0 255.255.255.0 192.168.1.2

  192.168.1.2是S5700的管理IP,

  以下是接入层交换机的配置,因为配置几乎差不多,所以就列一个做参考

  interface vlanif 1

  ip address 192.168.1.3 24

  quit

  #这个是给交换机配置的管理IP,前面楼的接入交换机IP是192.168.1.2---192.168.1.7后面一幢是192.168.1.11---192.168.1.15这样的话内网任何一台都可以登录到交换机,都是AAA认证,跟5700一样。

  vlan 2

  quit

  vlan 3

  quit

  interface GigabitEthernet 0/0/1

  port link-type trunk

  port trunk allow-pass vlan all

  quit

  所有的接入层的千兆口都是起TRUNK,连接到核心层。

  port-group vlan2 添加端口组,

  group-member ethernet 0/0/1 to ethernet 0/0/24

  port link-type access 设置端口为ACCESS模式

  port default vlan 2 加入VLAN2