dhcp select interface
dhcp server dns-list 202.96.104.28
dhcp server dns-list 61.153.81.74
dhcp server excluded-ip-address 192.168.3.1
dhcp server excluded-ip-address 192.168.3.2
dhcp server lease day 3
quit
interface vlanif 4
ip address 192.168.4.254 24
dhcp select interface
dhcp server dns-list 202.96.104.28
dhcp server dns-list 61.153.81.74
dhcp server excluded-ip-address 192.168.4.1
dhcp server excluded-ip-address 192.168.4.2
dhcp server lease day 3
quit
interface vlanif 5
ip address 192.168.5.254 24
dhcp select interface
dhcp server dns-list 202.96.104.28
dhcp server dns-list 61.153.81.74
dhcp server excluded-ip-address 192.168.5.1
dhcp server excluded-ip-address 192.168.5.2
dhcp server lease day 3
quit
port-group trunk
group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/4 g0/0/6 g0/0/23 g0/0/21
port link-type trunk
port trunk allow-pass vlan all
quit
#5700的所有接口都不连客户端。
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
# 配置默认路由,192.168.1.1是路由器的地址
路由器路由器配置很简单,就加了4条静态路由:
ip route-static 192.168.2.0 255.255.255.0 192.168.1.2
ip route-static 192.168.3.0 255.255.255.0 192.168.1.2
ip route-static 192.168.4.0 255.255.255.0 192.168.1.2
ip route-static 192.168.5.0 255.255.255.0 192.168.1.2
192.168.1.2是S5700的管理IP,
以下是接入层交换机的配置,因为配置几乎差不多,所以就列一个做参考
interface vlanif 1
ip address 192.168.1.3 24
quit
#这个是给交换机配置的管理IP,前面楼的接入交换机IP是192.168.1.2---192.168.1.7后面一幢是192.168.1.11---192.168.1.15这样的话内网任何一台都可以登录到交换机,都是AAA认证,跟5700一样。
vlan 2
quit
vlan 3
quit
interface GigabitEthernet 0/0/1
port link-type trunk
port trunk allow-pass vlan all
quit
所有的接入层的千兆口都是起TRUNK,连接到核心层。
port-group vlan2 添加端口组,
group-member ethernet 0/0/1 to ethernet 0/0/24
port link-type access 设置端口为ACCESS模式
port default vlan 2 加入VLAN2
