1、复旦大学校园网主干网络及配置复旦大学校园网主干网络复旦大学校园网是一个综合高效的教学和科研的校园计算环境。它不仅是一个大型的网络通讯平台,而且是一个基于宽带网络,集成多种应用,并具有强大的资源管理和安全防范机制的综合服务体系。其主干网络采用光纤通讯介质,以622M ATM技术为基础,融合155M ATM和光纤快速以太网等多种通讯技术基本覆盖了整个校园。在高层网络协议方面以Intranet模型为基本架构,多数上层应用完全基于TCP/IP协议族实现。一 网络结构1物理层:校园网物理拓扑采用分级网络构,即将校园骨干网分为核心网和分支网两部分。核心网络层是整个系统的中心,它提供一个高速ATM的网络通信
2、平台以及网络核心管理服务,由三个核心节点及一组12芯多模光纤、一组4芯单模光纤组成环型网络。分支网络由核心节点向外辐射到各院系大楼的4芯光缆和上行的节点设备组成。院系大楼的局域网则通过上行节点设备连入校园骨干网。现有分支网节点45个。分级网络的拓扑结构如下图所示。校园网分级网络拓扑结构示意图2与ATM相关层次校园网络以622M和155M ATM为基础通讯平台,采用LANE和MPOA技术实现与传统以太网和TCP/IP协议的融合,支持UNI IISP 等接口协议,支持SVC 、PVC和线路冗余,支持LANE 和MPOA ,可实现QoS(服务质量)控制。ATM网络拓扑结构示意图如下。 校园网ATM网
3、络物理拓扑结构示意图3Ethernet 和TCP/IP层提供符合IEEE 标准的10M、100M双绞线和光纤以太网接口,并且具备千兆以太网的升级能力,系统支持基于MAC、Port、应用等多种VLAN的划分功能,虚网间通讯通过三层交换实现,虚网间有基于地址和应用的安全控制策略。作为支持路径选择和广播等功能的重要设备如MPOA(LANE) Server支持冗余,发生故障时可实现透明替换。二 网络设备1 核心交换机:校园网的核心交换机为Cisco Catalyst 5500,模块配置如下: WS-X5530-E1 Catalyst 5000系列的主控模块(2/3宽) WS-U5533-FEFX-MM
4、F 双口千兆以太网模块(1/3宽) WS-X5304-15 路由交换模块(占两个插槽) WS-X5161 双多模SC口,622M的 LANE模块(全宽) WS-X5225R 24个RJ45口10/100M自适应的以太网模块(全宽) WAI-OC12-1SS 622M的ATM模块,单口,单模SC接口(半宽) WAI-OC12-1MM 622M的ATM模块,单口,多模SC接口(半宽) WAI-OC3-4MM 155M的ATM模块,4口,多模SC接口(半宽) WAI-ATM25-12P 25M的ATM模块,12口(半宽) WATM-CAM-2P LightStream 1100,ATM控制模块(全宽
5、)其中,各交换机配置略有不同,基本都具有以上模块,但只有综合楼的Catalyst 5500配置有路由交换模块。各交换机内部,都有一对多模光纤将一块WAI-OC12-1MM与WS-X5161相连,解决ATM网络与LANE SERVER之间的连接问题;有一根双绞线将WS-X5225R的1号端口与WATM-CAM-2P相连,便于通过Telnet方式访问LightStream 1100。各核心交换机的软件主要配置如下::beginset password $1$zAMC$2LOVfCNiXBGB8SirgVHeD0set enablepass $1$6IJa$u1GuPffajYwdanxTypoeQ
6、0set prompt set length 24 defaultset logout 0set banner motd CC!#systemset system baud 9600set system modem disableset system name 5500-2set system location Synthetics Buildingset system contact Ye Jiawei!#snmpset snmp community read-only publicset snmp community read-write fudanset snmp community r
7、ead-write-all rootset snmp rmon enableset snmp trap enable moduleset snmp trap enable chassisset snmp trap enable bridgeset snmp trap enable repeaterset snmp trap enable vtpset snmp trap enable authset snmp trap enable ippermitset snmp trap enable vmpsset snmp trap disable entityset snmp trap enable
8、 configset snmp trap enable stpxset snmp trap fudan!#ipset interface sc0 1 set interface sc0 upset interface sl0 set interface sl0 upset arp agingtime 1200set ip redirect enableset ip unreachable enableset ip fragmentation enableset ip route 1set ip alias default !#Command alias!#vmpsset vmps server
9、 primaryset vmps server retry 3set vmps server reconfirminterval 60set vmps tftpserver set vmps state disable!#dnsset ip dns disable!#tacacs+set tacacs attempts 3set tacacs directedrequest disableset tacacs timeout 5set authentication login tacacs disableset authentication login local enableset auth
10、entication enable tacacs disableset authentication enable local enable!#bridgeset bridge ipx snaptoether 8023rawset bridge ipx 8022toether 8023set bridge ipx 8023rawtofddi snap!#vtpset vtp domain fdunetset vtp mode serverset vtp v2 enableset vtp pruning disableset vtp pruneeligible 2-1000clear vtp p
11、runeeligible 1001-1005set vlan 1 name default type ethernet mtu 1500 said 100001 state activeset vlan 2 name vlan2 type ethernet mtu 1500 said 100002 state activeset vlan 79 name vlan79 type ethernet mtu 1500 said 100079 state activeset vlan 80 name vlan80 type ethernet mtu 1500 said 100080 state ac
12、tiveset vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state activeset vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state actiset vlan 1005 name trbrf-default type trbrf mtu 4472 said 101005 state active bset vlan 1003 name trcrf-default type trcrf mtu 4472 said 10100
13、3 state active p!#spantree#uplinkfast groupsset spantree uplinkfast disable#backbonefastset spantree backbonefast disableset spantree enable all#vlan 1set spantree fwddelay 15 1set spantree hello 2 1set spantree maxage 20 1set spantree priority 32768 1#vlan 2set spantree fwddelay 15 2set spantree he
14、llo 2 2set spantree maxage 20 2set spantree priority 32768 2#vlan 79set spantree fwddelay 15 79set spantree hello 2 79set spantree maxage 20 79set spantree priority 32768 79#vlan 80set spantree fwddelay 15 80set spantree hello 2 80set spantree maxage 20 80set spantree priority 32768 80#vlan 1003set
15、spantree fwddelay 4 1003set spantree hello 2 1003set spantree maxage 10 1003set spantree priority 32768 1003set spantree portstate 1003 auto 1005set spantree portcost 1003 62set spantree portpri 1003 4set spantree portfast 1003 disable#vlan 1005set spantree fwddelay 4 1005set spantree hello 2 1005se
16、t spantree maxage 10 1005set spantree priority 32768 1005set spantree multicast-address 1005 ieee!#cgmpset cgmp disableset cgmp leave disable!#syslogset logging console enableset logging server disableset logging level cdp 2 defaultset logging level mcast 2 defaultset logging level dtp 5 defaultset
17、logging level dvlan 2 defaultset logging level earl 2 defaultset logging level fddi 2 defaultset logging level ip 2 defaultset logging level pruning 2 defaultset logging level snmp 2 defaultset logging level spantree 2 defaultset logging level sys 5 defaultset logging level tac 2 defaultset logging
18、level tcp 2 defaultset logging level telnet 2 defaultset logging level tftp 2 defaultset logging level vtp 2 defaultset logging level vmps 2 defaultset logging level kernel 2 defaultset logging level filesys 2 defaultset logging level drip 2 defaultset logging level pagp 5 defaultset logging level m
19、gmt 5 defaultset logging level mls 5 defaultset logging level protfilt 2 defaultset logging level security 2 default!#ntpset ntp broadcastclient disableset ntp broadcastdelay 3000set ntp client disableclear timezoneset summertime disable!#set boot commandset boot config-register 0x102set boot system
20、 flash bootflash: listset ip permit disable!#dripset tokenring reduction enableset tokenring distrib-crf disable!#igmpset igmp disable!#protocolfilterset protocolfilter disable!#mlsset mls enableset mls flow destinationset mls agingtime 256set mls agingtime fast 0 0set mls nde disable!#module 1 : 2-
21、port 1000BaseSX Supervisorset module name 1set vlan 1 1/1-2set port enable 1/1-2set port level 1/1-2 normalset port duplex 1/1-2 fullset port trap 1/1-2 enableset port name 1/1-2set port security 1/1-2 disableset port broadcast 1/1-2 100%set port membership 1/1-2 staticset port protocol 1/1-2 ip ons
22、et port protocol 1/1-2 ipx autoset port negotiation 1/1-2 enableset port flowcontrol send 1/1-2 desiredset port flowcontrol receive 1/1-2 offset cdp enable 1/1-2set cdp interval 1/1-2 60set trunk 1/1 auto negotiate 1-1005set trunk 1/2 auto negotiate 1-1005set spantree portfast 1/1-2 disableset spant
23、ree portcost 1/1-2 4set spantree portpri 1/1-2 32set spantree portvlanpri 1/1 0set spantree portvlanpri 1/2 0set spantree portvlancost 1/1 cost 3set spantree portvlancost 1/2 cost 3!#module 2 : 12-port 100BaseFX MM Ethernetset module name 2set module enable 2set vlan 16 2/1set vlan 29 2/2set vlan 53
24、 2/3set vlan 55 2/4set vlan 57 2/5set vlan 59 2/6set vlan 60 2/7set vlan 62 2/8set vlan 64 2/9set vlan 68 2/10set vlan 70 2/11set vlan 73 2/12set port channel 2/1-4 offset port channel 2/5-8 offset port channel 2/9-12 offset port channel 2/1-4 autoset port channel 2/5-8 autoset port channel 2/9-12 a
25、utoset port enable 2/1-12set port level 2/1-12 normalset port duplex 2/1-12 halfset port trap 2/1-12 enableset port name 2/1-12set port security 2/1-12 disableset port broadcast 2/1-12 100%set port membership 2/1-12 staticset port protocol 2/1-12 ip onset port protocol 2/1-12 ipx autoset port negoti
26、ation 2/1-12 enableset port flowcontrol send 2/1-12 offset port flowcontrol receive 2/1-12 onset cdp enable 2/1-12set cdp interval 2/1-12 60set trunk 2/1 off isl 1-1005set trunk 2/2 off negotiate 1-1005set trunk 2/12 off negotiate 1-1005set spantree portfast 2/1-12 disableset spantree portcost 2/1-1
27、2 19set spantree portpri 2/1-12 32set spantree portvlanpri 2/1 0set spantree portvlanpri 2/2 0set spantree portvlanpri 2/12 0set spantree portvlancost 2/1 cost 18set spantree portvlancost 2/2 cost 18set spantree portvlancost 2/12 cost 18!#module 3 : 24-port 10/100BaseTX Ethernetset module name 3set
28、module enable 3set vlan 1 3/1,3/22set vlan 2 3/2-4,3/6-13,3/18-19set vlan 3 3/20set vlan 4 3/16-17set vlan 7 3/21set vlan 8 3/15set vlan 9 3/23-24set vlan 10 3/14set port channel 3/1-4 offset port channel 3/5-8 offset port channel 3/9-12 offset port channel 3/13-16 offset port channel 3/17-20 offset
29、 port channel 3/21-24 offset port channel 3/1-4 autoset port channel 3/5-8 autoset port channel 3/9-12 autoset port channel 3/13-16 autoset port channel 3/17-20 autoset port channel 3/21-24 autoset port enable 3/1-24set port level 3/1-24 normalset port speed 3/1-24 autoset port trap 3/1-24 enableset
30、 port name 3/1-24set port security 3/1-24 disableset port broadcast 3/1-24 100%set port membership 3/1-24 staticset port protocol 3/1-24 ip onset port protocol 3/1-24 ipx autoset port negotiation 3/1-24 enableset port flowcontrol send 3/1-24 offset port flowcontrol receive 3/1-24 onset cdp enable 3/1-24set cdp interval 3/1-24 60set trunk 3/1 auto negotiate 1-1005set trunk 3/2 auto negotiate 1-1005set trunk 3/15 auto negotiate 1-1005set trunk 3/16 off negotiate 1-1005set trunk 3/17 auto negotiate 1-1005set trunk 3
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1