华为交换机网络规划案例.docx
- 文档编号:28156865
- 上传时间:2023-07-08
- 格式:DOCX
- 页数:71
- 大小:108.49KB
华为交换机网络规划案例.docx
《华为交换机网络规划案例.docx》由会员分享,可在线阅读,更多相关《华为交换机网络规划案例.docx(71页珍藏版)》请在冰豆网上搜索。
华为交换机网络规划案例
某企业网络规划
一、网络VLAN地址规划3
二、网络设备IP地址规划3
三、网络拓扑如下4
四、核心交换机接口配置5
五、网管平台配置6
六、网络设备参数设置6
(1)外网核心交换机配置6
(2)防火墙配置15
(3)AC6605-无线控制器配置22
(4)接入交换机配置36
VLAN号
说明
IP地址段
网关
10
互联网有线用户段
192.168.10.0/24
192.168.10.254
20
监控网络段
192.168.20.0/23
192.168.20.254
30
无线用户段
192.168.30.0/24
192.168.30.254
40
无线AP地址段
192.168.40.0/24
192.168.40.254
50
保留
192.168.50.0/24
192.168.50.254
60
与防火墙互联网段
192.168.60.0/24
192.168.60.254
1000
设备管理段
10.10.10.0/24
10.10.10.254
网络VLAN地址规划
网络设备IP地址规划
设备名称
设备型号
设备地址
登录密码
防火墙
USG2250
192.168.60.
PASS:
admin123
核心交换机-WW
S7706
10.10.10.254
admin123
核心交换机-JK
S7706
10.10.10.253
admin123
无线控制器
AC6605
10.10.10.100
Admin123
接入交换机01
S5700-28P-PWR-LI-
AC
10.10.10.11
admin123
接入交换机02
S5700-28P-PWR-LI-
AC
10.10.10.12
admin123
接入交换机03
S5700-28P-PWR-LI-
AC
10.10.10.13
admin123
接入交换机04
S5700-28P-PWR-LI-
AC
10.10.10.14
admin123
接入交换机05
S5700-28P-LI-AC
10.10.10.15
admin123
接入交换机06
S5700-28P-LI-AC
10.10.10.16
admin123
接入交换机07
S5700-28P-LI-AC
10.10.10.17
admin123
接入交换机08
S5700-28P-LI-AC
10.10.10.18
admin123
接入交换机09
S5700-28P-LI-AC
10.10.10.19
admin123
接入交换机10
S5700-28P-LI-AC
10.10.10.20
admin123
admin123
三、
网络拓扑如下
io.l机loo4*
肿"睛皆AF*WAF
图例1:
互联网网络拓扑
图例2:
监控网络拓扑
四、核心交换机接口配置
互联网核心交换机
0
2
4
6
0
2
4
6
8
10
12
14
16
18
20
22
接防火墙
VL
AN
10
VL
AN
10
TRU
NK
X
X
X
X
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
1
3
5
7
1
3
5
7
9
11
13
15
17
19
21
23
接
AC
VL
AN
10
VL
AN
10
TRU
NK
X
X
X
X
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
说明:
VLAN10---接PC机上网。
TRUNK---接接入交换机。
X---光电复用接口
监控交换机
0
2
4
6
0
2
4
6
8
10
12
14
16
18
20
22
VL
AN
20
VL
AN
20
VL
AN
10
TRU
NK
X
X
X
X
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
1
3
5
7
1
3
5
7
9
11
13
15
17
19
21
23
VL
AN
20
VL
AN
20
VL
AN
20
TRU
NK
X
X
X
X
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
TRU
NK
说明:
VLAN20---接监控PC或终端。
TRUNK---接接入交换机。
五、网管平台配置
IP地址
型号
密码
网管平台密码
192.168.10.253
HPDL360eGen8
Administrator
admin/1234
拓扑管理:
0p盘
3"乂
TYGPOE-34
ap-34ap-鮎
□D-1S
ap-22ap'L/
7YG5
>■*■
-ju—
AC6&05
AC10.10.10.1?
0(30-Cl-7E-73-03-EC)APs
六、网络设备参数设置
(1)外网核心交换机配置
SoftwareVersionV200R003C00SPC500
#
sysnameTYG-WW-Core
#
dnsserver218.2..1
#
vlanbatch1020304050601000
#
observe-port1interfaceGigabitEthernet3/0/4
#
lldpenable
#
undonapslaveenable
#
dba-profiledefault0type3assure40000max80000
#
dhcpenable
#
dhcpsnoopingenable
#
diffservdomaindefault
#
line-profiledefault0
#
-profiledefault0
#
vlan10
descriptionNW-net
vlan20
descriptionjiankong-net
vlan30
descriptionNW-AP-client
vlan40
descriptionNW-AP
vlan50
descriptionto_tplink
vlan60
descriptionto_FW
vlan1000
descriptionmanagement
#
aaa
authentication-schemedefault
authorization-schemedefault
accounting-schemedefault
domaindefault
domaindefault_admin
local-useradminpasswordcipher%%5d~9:
M9pCfL\iB)EQd>3Uwe%%
local-useradmin-typehttp
#
interfaceVlanif1O
descriptionNW-net
ipaddress192.168.10.254255.255.255.0
dhcpselectinterface
dhcpserverexcluded-ip-address192.168.10.253
dhcpserverdns-list218.2..161.147.37.1
#
interfaceVlanif20
descriptionjiankong-net
ipaddress192.168.20.254255.255.255.0
#
interfaceVlanif30
descriptionNW-AP-client
ipaddress192.168.30.254255.255.254.0
dhcpselectinterface
dhcpserverleaseday0hour6minute0
dhcpserverdns-list218.2..161.147.37.1
#
interfaceVlanif40
descriptionNW-AP
ipaddress192.168.40.254255.255.255.0
#
interfaceVlanif50
descriptionto_tplink
#
interfaceVlanif60
descriptionto_FW
ipaddress192.168.60.254255.255.255.0
#
interfaceVlanif1000
descriptionmanagement
ipaddress10.10.10.254255.255.255.0
#
interfaceEthernet0/0/0
#
interfaceGigabitEthernet3/0/0
descriptionto_FW
portlink-typeaccess
portdefaultvlan60
#
interfaceGigabitEthernet3/0/1descriptionto_AC6605portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/2
portlink-typeaccess
portdefaultvlan10
#
interfaceGigabitEthernet3/0/3
portlink-typeaccess
portdefaultvlan10
dhcpsnoopingenable
#
interfaceGigabitEthernet3/0/4
portlink-typeaccess
portdefaultvlan10
dhcpsnoopingenable
#
interfaceGigabitEthernet3/0/5
portlink-typeaccess
portdefaultvlan10
#
interfaceGigabitEthernet3/0/6
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/7
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/8
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/9
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/10
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/11
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/12
portlink-typetrunk
porttrunkallow-passvlan2to4094#
interfaceGigabitEthernet3/0/13
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/14
portlink-typetrunk
porttrunkallow-passvlan2to4094#
interfaceGigabitEthernet3/0/15
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/16
portlink-typetrunk
porttrunkallow-passvlan2to4094#
interfaceGigabitEthernet3/0/17
portlink-typetrunk
porttrunkallow-passvlan2to4094#
interfaceGigabitEthernet3/0/18
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/19
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/20
portlink-typetrunk
porttrunkallow-passvlan2to4094#
interfaceGigabitEthernet3/0/21
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/22
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceGigabitEthernet3/0/23
portlink-typetrunk
porttrunkallow-passvlan2to4094
#
interfaceNULL0
#
iproute-static0.0.0.00.0.0.0192.168.60.1
#
snmp-agent
snmp-agentlocal-engineid800007DB03D46AA880E600
snmp-agentcommunityread
cipher%$%$T'&>Legw4'c8h]-Y.|!
8;Xrp(TP(+e#2C$/)e4,8B:
+&Xrs;5+o-feDqC$8Z4A6t$T
Nr|;X%$%$mib-viewiso-view
snmp-agentcommunitywrite
cipher%$%$fgbYXV!
\,O/)x*mGHz$;Ko-Z6l-UA_UI*['、gV(moKGKo0;!
gLuG:
sugKBtx>(\yroQo9;K%$%$mib-viewiso-viewsnmp-agentsys-infoversionall
snmp-agenttarget-hosttrapaddressudp-domain192.168.10.253paramssecuritynamecipher%%m>mV:
Q:
'v8ciq0Y〜C/U0;Kp8%%v2c
snmp-agentmib-viewincludediso-viewiso
snmp-agenttrapsourceVlanif1000
#
user-interfacecon0
authentication-modepassword
setauthenticationpassword
cipher%%W7p(2C;L;B_ISU41o+〜,#DE,v{〜U6%)EXj&XIOM%GJ#DH,%%
user-interfacevty04
authentication-modepassword
userprivilegelevel15
setauthenticationpassword
cipher%%dz'e*2MdUX+WX9.[~A,M=Xa7Iy6U/<-]-PT}J7XhTO7Xa:
=%%
user-interfacevty1620
#
port-group1
group-memberGigabitEthernet3/0/0
group-memberGigabitEthernet3/0/1
group-memberGigabitEthernet3/0/2
group-memberGigabitEthernet3/0/3
group-memberGigabitEthernet3/0/4
group-memberGigabitEthernet3/0/5group-memberGigabitEthernet3/0/6group-memberGigabitEthernet3/0/7group-memberGigabitEthernet3/0/8group-memberGigabitEthernet3/0/9group-memberGigabitEthernet3/0/10group-memberGigabitEthernet3/0/11group-memberGigabitEthernet3/0/12group-memberGigabitEthernet3/0/13group-memberGigabitEthernet3/0/14group-memberGigabitEthernet3/0/15group-memberGigabitEthernet3/0/16group-memberGigabitEthernet3/0/17group-memberGigabitEthernet3/0/18group-memberGigabitEthernet3/0/19group-memberGigabitEthernet3/0/20group-memberGigabitEthernet3/0/21group-memberGigabitEthernet3/0/22group-memberGigabitEthernet3/0/23#return
Physical
*down:
administrativelydownAdown:
standby
(I):
loopback
(s):
spoofing
(E):
E-Trunkdown
(b):
BFDdown
(e):
ETHOAMdown(dl):
DLDPdown
(d):
DampeningSuppressedInUti/OutUti:
inpututility/outpututility
Interface
PHY
ProtocolInUtiOutUtiinErrors
outErrors
GigabitEthernet3/0/0
up
up
1.42%
0.50%
0
0
GigabitEthernet3/0/1
up
up
0.04%
0.44%
0
0
GigabitEthernet3/0/2
up
up
2.31%
1.82%
0
0
GigabitEthernet3/0/3
up
up
0%
0%
0
0
GigabitEthernet3/0/4
down
down
0%
0%
0
0
GigabitEthernet3/0/5
down
down
0%
0%
0
0
GigabitEthernet3/0/6
down
down
0%
0%
0
0
GigabitEthernet3/0/7
down
down
0%
0%
0
0
GigabitEthernet3/0/8
down
down
0%
0%
0
0
GigabitEthernet3/0/9
down
down
0%
0%
0
0
GigabitEthernet3/0/10
down
down
0%
0%
0
0
GigabitEthernet3/0/11
down
down
0%
0%
0
0
GigabitEthernet3/0/12
down
down
0%
0%
0
0
GigabitEthernet3/0/13
down
down
0%
0%
0
0
GigabitEthernet3/0/14
up
up
0.01%0.12%
0
0
GigabitEthernet3/0/15
down
down
0%
0%
0
0
GigabitEthernet3/0/16
up
up
0%
0%
0
0
GigabitEthernet3/0/17
down
down
0%
0%
0
0
GigabitEthernet3/0/18
up
up
0%
0%
0
0
GigabitEthernet3/0/19
down
down
0%
0%
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 华为 交换机 网络 规划 案例