1、网络安全笔记第一节 察看当前正确的配置信息 show running-config 查看交换机线路 Show ip interface brief 查看路由表 Show ip route 显示vlan信息 show vlan no switchport 不是交换端口switchport 二层交换端口 no switchport 三层交换端口 删除vlan : no interface vlan _ 删除vlan ip:no vlan_?帮助 1. 用户模式 下 输入enable 14 进入特权模式 密码stu 不显示2. # 特权模式 3. configure terminal 全局配置exi
2、t 回到上一级命令特权模式下输入 show ? (显示借口名称)4. 接口模式 #$ show interfacs 进入接口模式 show interface 接口名称 0/0 .(FastEthernet)0/1)第二节 使用二层交换机完成相同vlan的通信 在二层交换机RG-S2026G-1 telnet下输入以下命令1.端口类型 access trunk (802.1q) access只能属于一个vlan trunk可以使用多个vlan2.全局配置 configure terminal 输入vlan 10 数字(1-4094) name stu exit 输入vlan 20 数字(1-4
3、094) name stud exit3.将物理端口进入vlan 全局配置下输入 interface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/3 switchport mode access switchport access vlan
4、20 exit interface fastethernet 模块号/端口号 0/4 switchport mode access switchport access vlan 20 exit 针对两个端口进行操作 interface range fastethernet 0/1-2,0/3-4 (连续用-不连续用, 但是不连续必须加上模块号) 然后机柜连线:六根网线最后测试 ping第三节实验1:Ip:设置为:192.168.1.1-6 跨交换机加相同vlan的通信第一个交换机下输入(RG-S2026G-1)全局配置下: configure terminal 输入vlan 10 数字(1-4
5、094) name stu exit 输入vlan 20 数字(1-4094) name stud exit将物理端口进入vlan 全局配置下输入 interface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/3 switchport mo
6、de access switchport access vlan 20 exit interface fastethernet 0/4 switchport mode trunk(no switchport mode 删除) exit第二个交换机下输入(RG-S2026G-2) 全局配置: configure terminal 输入vlan 10 数字(1-4094) name stu exit 输入vlan 20 数字(1-4094) name stud exit将物理端口进入vlan 全局配置下输入 interface fastethernet 模块号/端口号 0/1 switchport
7、 mode access switchport access vlan 20 ( no switchport access vlan 删除原有的vlan) exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 20 exit interface fastethernet 模块号/端口号 0/3 switchport mode access switchport access vlan 10 exit interface fastethernet 0/4 switchport m
8、ode trunk exit然后机柜连线:七根网线最后测试 ping 实验2: 借助一个三层交换机连通两个二层交换机第一个交换机下 (RG-S2026G-1)输入全局配置下: configure terminal 输入vlan 10 数字(1-4094) name stu exit 输入vlan 20 数字(1-4094) name stud exit将物理端口进入vlan 全局配置下输入 interface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fast
9、ethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/3 switchport mode access switchport access vlan 20 exit interface fastethernet 0/4 switchport mode trunk(no switchport mode 删除) exit第二个交换机下 (RG-S2026G-2)输入 全局配置: configure terminal 输入vlan 10 数
10、字(1-4094) name stu exit 输入vlan 20 数字(1-4094) name stud exit将物理端口进入vlan 全局配置下输入 interface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 20 ( no switchport access vlan 删除原有的vlan) exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 20 exit inte
11、rface fastethernet 模块号/端口号 0/3 switchport mode access switchport access vlan 10 exit interface fastethernet 0/4 switchport mode trunk exit第三个交换机(RG-S3750G-1)下输入全局配置:Enable 14Password:stu Configure terminal 全局配置下输入: vlan 10 数字(1-4094) name stu exit vlan 20 数字(1-4094) name stud exit interface range fa
12、stethernet 0/1-2 swicthport mode trunk 后期用到: switchport trunk allowed vlan 例: switchport trunk allowed vlan remove 1-9,15-4094 规划管理vlan需求是什么端口ID:switchport trunk native vlan (id)第四节 管理交换网络中的冗余链路Spanning-treeSpanning-tree mode stp/rstp修改交换机优先级: Spanning-tree priority 优先级 修改端口优先级 Spanning-tree port-pr
13、iority 优先级 BPDU(root id ; port id ; cost of path )二层交换机下RG-S2026G-1输入 全局配置: Enable 14Password: stuConfigure terminal 全局配置下输入Vlan 10Name stExitVlan 20Name sttExitinterface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode
14、 access switchport access vlan 20 exit interface fastethernet 0/3 switchport mode trunk exitinterface fastethernet 0/4 switchport mode trunk exit启用树: Spanning-treeSpanning-tree mode stp/rstpExit二层交换机下RG-S2026G-2输入 全局配置:Enable 14Password: stuConfigure terminal全局配置下输入Vlan 10Name stExitVlan 20Name sttE
15、xitinterface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 20 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 10 exit interface fastethernet 0/3 switchport mode trunk exitinterface fastethernet 0/4 switchport mode trunk exit启用树: Spanning
16、-treeSpanning-tree mode stp/rstpExit第五节 交换机聚合端口的建立1. 创建 Interface aggregateport 1 Switchport mode trunk Exit2. 将物理端口加入到聚合端口 Interface range fastethernet 0/3-4 Port-group 1 Exit二层交换机下RG-S2026G-1输入 全局配置: Enable 14Password: stuConfigure terminal 全局配置下输入Vlan 10Name stExitVlan 20Name sttExitinterface fas
17、tethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 20 exit interface fastethernet 0/3 switchport mode trunk exitinterface fastethernet 0/4 switchport mode trunk exit Interface aggregate port 1 (
18、1-8) Switchport mode trunk Exit Interface range fastethernet 0/3-4 Port-group 1 (1-8) Exit二层交换机下RG-S2026G-2输入 全局配置:Enable 14Password: stuConfigure terminal全局配置下输入Vlan 10Name stExitVlan 20Name sttExitinterface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 20 exit interface fa
19、stethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 10 exit interface fastethernet 0/3 switchport mode trunk exitinterface fastethernet 0/4 switchport mode trunk exit Interface aggregateport 1 (1-8) Switchport mode trunk Exit Interface range fastethernet 0/3-4 Port-group 1 (1-8) Exi
20、t第六节192.168.2.1/30 路由器192.168.2.2/300/0PC1R10/00/1R2PC20/1192.168.1.254192.168.3.254192.168.3.1192.168.1.1查看路由表: Show ip routeIp route 目标网络 子网掩码 (端口/下一个IP地址;permanent /distance)路由器下RG-RSR20G-1输入全局配置: Enable 14Password: stuConfigure terminal Interface fastethernet 0/0 Ip address 192.168.1.254 255.255
21、.255.0 No shutdown exit interface fastethernet 0/1 ip address 192.168.2.1 255.255.255.252 No shutdown Exit Ip route 192.168.3.0 255.255.255.0 0/0路由器下RG-RSR20G-2输入全局配置: Enable 14Password: stuConfigure terminal Interface fastethernet 0/1 ip address 192.168.3.254 255.255.255.0 No shutdown exit interfac
22、e fastethernet 0/0 ip address 192.168.2.2 255.255.255.252 No shutdown ExitIp route 192.168.1.0 255.255.255.0 0/1动态路由 RIP0/1192.168.3.1PC20/00/1R20/0PC1R1192.168.1.254192.168.3.254192.168.2.1/30192.168.2.2/300/1删除IP地址: no ip route (ip地址 子网掩码)路由器下RG-RSR20G-1输入全局配置: Enable 14Password: stuConfigure term
23、inalInterface fastethernet 0/0 Ip address 192.168.1.254 255.255.255.0 No shutdown exit interface fastethernet 0/1 ip address 192.168.2.1 255.255.255.252 No shutdown Exit Router ospf 1234Network 本机直连IP地址段(192.68.1.254 自动分配) area 0 、 、 Version 1或2 (版本)路由器下RG-RSR20G-2输入全局配置: Enable 14Password: stuConfi
24、gure terminal Interface fastethernet 0/1 ip address 192.168.3.254 255.255.255.0 No shutdown exit interface fastethernet 0/0 ip address 192.168.2.2 255.255.255.252 No shutdown Exit Route RIPNetwork 本机直连IP地址段(192.68.1.254 自动分配) area 0 、 、 Version 1或2 (版本)第八节 Vlan间通信(三层交换机)Show ip route Vlan10:192.168.
25、1.254Vlan20:192.168.2.254Vlan30:192.168.3.254三层交换机: Interface vlan10 Ip address 192.168.1.254 255.255.255.0 No shutdown exit ; ; Interface vlan 30二层交换机:RG-S2026G-1Enable 14Password: stuConfigure terminalVlan 10Name stExitVlan 20Name sttExitVlan 30Name stExitinterface fastethernet 模块号/端口号 0/1 switchp
26、ort mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 20 exitinterface fastethernet 模块号/端口号 0/3 switchport mode access switchport access vlan 30 exitinterface fastethernet 0/4 switchport mode trunk exitSpanning-treeSpanning-tr
27、ee mode stp/rstpExit三层交换机:RG-S3750G-1Enable 14Password: stuConfigure terminalVlan 10Name stExitVlan 20Name sttExitVlan 30Name stExit Interface vlan 10 Ip address 192.168.1.254 255.255.255.0 No shutdown exit Interface vlan 20 Ip address 192.168.2.254 255.255.255.0 No shutdown exitInterface vlan 30 Ip
28、 address 192.168.3.254 255.255.255.0 No shutdown Exitinterface fastethernet 0/4 switchport mode trunk exitSpanning-treeSpanning-tree mode stp/rstpExit实验二:0/1 Vlan10:192.168.1.254/24Vlan20:192.168.2.254/24 Vlan100: 192.168.4.1二层交换机:RG-S2026G-1Enable 14Password: stuConfigure terminalVlan 10Name stExit
29、Vlan 20Name sttExitinterface fastethernet 模块号/端口号 0/1 switchport mode access switchport access vlan 10 exit interface fastethernet 模块号/端口号 0/2 switchport mode access switchport access vlan 20 exitinterface fastethernet 0/4 switchport mode trunk exitSpanning-treeSpanning-tree mode stp/rstpIp default-gateway 192.168.4.2三层交换机:R
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1
升级会员 