关于华为二层交换机集群管理配置规范及说明Word文件下载.docx
《关于华为二层交换机集群管理配置规范及说明Word文件下载.docx》由会员分享,可在线阅读,更多相关《关于华为二层交换机集群管理配置规范及说明Word文件下载.docx(14页珍藏版)》请在冰豆网上搜索。
1、配置管理设备(由汇聚层人员来配置)
(1)启动设备上的NDP和端口日的NDP协议:
[YS_XianJu_S3552G]ndpenable
#配置NDP信息的有效保留时间为200秒
[YS_XianJu_S3552G]ndptimeraging200
#配置NDP报文发送的时间间隔为70秒
[YS_XianJu_S3552G]ndptimerhello70
(2)启动设备上的NTDP和端口上的NTDP
[YS_XianJu_S3552G]ntdpenable
#配置拓扑收集范围为7跳
[YS_XianJu_S3552G]ntdphop7
#配置被收集设备转发拓扑收集请求的延迟时间为150ms
[YS_XianJu_S3552G]ntdptimerhop-delay150
#配置被收集设备的端口转发拓扑收集请求的延迟时间为15ms
[YS_XianJu_S3552G]ntdptimerport-delay15
#配置定时拓扑收集的时间间隔为3分钟
[YS_XianJu_S3552G]ntdptimer3
(3)配置管理vlan
#创建管理vlan
[YS_XianJu_S3552G]vlan4051
#将管理vlan4051作为管理vlan
[YS_XianJu_S3552G]management-vlan4051
#进入以太网端口
descriptionto_ys_shuili_dishui2_caizhen_xiaoqu
portlink-typetrunk
undoporttrunkpermitvlan1
porttrunkpermitvlan45to5135274051
(4)启动集群功能
[YS_XianJu_S3552G]clusterenable
#进入集群视图
YS_XianJu_S3552G]cluster
[YS_XianJu_S3552G-cluster]
#配置集群内部使用的IP地址池起始地址为10.0.1.1有254个地址
[YS_XianJu_S3552G-cluster]ip-pool10.0.1.1255.255.255.0
(5)配置集群名字建立集群
[YS_XianJu_S3552G-cluster]buildYSYD
[YSYD_0.YS_XianJu_S3552G-cluster]
(6)将下挂的两个交换机加入到集群中
[YSYD_0.YS_XianJu_S3552G-cluster]add-member1mac-address00e0-fc01-0011[YSYD_0.YS_XianJu_S3552G-cluster]add-member2mac-address00e0-fc01-0013[YSYD_0.YS_XianJu_S3552G-cluster]add-member3mac-address00e0-fc01-0011#配置成员设备信息的保留时间为100秒
[YSYD_0.YS_XianJu_S3552G-cluster]holdtime100
#配置握手报文定时发送的时间间隔为10秒
[YSYD_0.YS_XianJu_S3552G-cluster]timer10
2、配置成员设备(由接入层维护人员来配置)
以xx水利小区3号楼S2016C为例:
#启动设备上的NDP和端口上的NDP
[YS_ShuiLi_3#Lou_S2016C]ndpenable
#启动设备上的NTDP和端口上的NTDP
[YS_ShuiLi_3#Lou_S2016C]ntdpenable
#创建vlan4051创建管理vlan,根汇聚层交换机管理vlan来确定。
[YS_ShuiLi_3#Lou_S2016C]vlan4051
#将vlan4051作为管理vlan
[YS_ShuiLi_3#Lou_S2016C]management-vlan4051
#进入以太网端口透传管理vlan4051将二层交换机上联口透传管理vlan#启动集群功能
[YS_ShuiLi_3#Lou_S2016C]clusterenable
四、数据配置举例如下:
1、xx局S3552G配置如下:
<
YSYD_0.YS_XianJu_S3552G>
discu#sysnameYS_XianJu_S3552G#superpasswordlevel3cipher^#:
+/G*8`P,:
)&
"
CZHH(&
1!
!
#ntdphop7
ntdptimerport-delay15
ntdptimerhop-delay150
ntdptimer3#radiusschemesystem
server-typehuawei
primaryauthentication127.0.0.11645
primaryaccounting127.0.0.11646
user-name-formatwithout-domain
domainsystem
radius-schemesystem
access-limitdisable
stateactive
vlan-assignment-modeinteger
idle-cutdisable
self-service-urldisable
messengertimedisable
domaindefaultenablesystem#local-servernas-ip127.0.0.1keyhuawei
local-usersxhuawei
passwordcipher(W_]UELR9IaNK<
;
9B9.`)Q!
ndptimeraging200#management-vlan4051#aclnumber3998
rule0denyipdestination10.0.1.00.0.0.255
rule1permitipsource10.0.1.00.0.0.255
aclnumber3999
rule0denyipsource10.0.1.00.0.0.255
rule1permitipdestination10.0.1.00.0.0.255#vlan1#vlan27#vlan28#vlan29#vlan30#vlan31#vlan32#vlan33#vlan34#vlan35#vlan36#vlan37#vlan38#vlan39#vlan40#vlan41#vlan42#vlan43#vlan44#vlan45#vlan46#vlan47#vlan48#vlan49#vlan50#vlan51#vlan52#vlan53#vlan1672
descriptionto_ys_taichanggaosu(yulin)#vlan1711#vlan2101#vlan2103#vlan2104#vlan2105
multicast-vlanenable#vlan3524#vlan3526#vlan3527#vlan3528#vlan3529#vlan3530#vlan3532#vlan3534#vlan35#vlan3536#vlan3537#vlan4051#interfaceVlan-interface4051
ipaddress221.131.31.130255.255.255.240##
shutdown#descriptionto_ys_taichanggaosu(yulin)
broadcast-suppression5
portaccessvlan1672#descriptionto_ys_donghuixiaoxue
portaccessvlan3526#descriptionto_ys_tudijushe
portaccessvlan3528#descriptionto_ys_nonghangsushe
portaccessvlan3529#descriptionto_ys_dishuiyixiaoqu
portaccessvlan3530#descriptionto_ys_lianjiazhuang
portaccessvlan1711#descriptionto_ys_dongshengyingyeting
porttrunkpermitvlan2103to21053532#descriptionto_ys_xianweidanxiaowenhuazhan
portaccessvlan3534#descriptionto_ys_youzhenxiaoqu
portaccessvlan35#descriptionto_ys_jiaokejuwenhuazhan
portaccessvlan3536#descriptionto_ys_jishengfuyouyuan
portaccessvlan3537#descriptionto_ys_xiangzhenjuxiaoqu
porttrunkpermitvlan31to33#descriptionto_ys_mingzhenjuxiaoqu
porttrunkpermitvlan34to35#descriptionto_ys_renhangxiaoqu
porttrunkpermitvlan36#descriptionto_ys_huagongxiaoqu
升级会员 