华为交换机配置过程

#

Sysname ****** #交换机重命名

#

Vlan 10 #配置vlan信息

description to-2609-server #描述TO—位置—目标

interface Vlanif10

ip address 10.10.15.4 255.255.0.0 #根据IP规划配置IP

#

aaa

local-user formanager password cipher *******

local-user formanager privilege level 15

local-user formanager service-type telnet http

undo local-user admin #配置aaa认证,系统用户名最好不用系统账号admin

#

interface Eth-Trunk1

description ******

port link-type trunk

undo port trunk allow-pass vlan 1 # 为了安全,不建议用VLAN 1在实际实施中,我们都UNDO它,

port trunk allow-pass vlan 10 #Eth-Trunk号不必和对端口一样,但必须是Eth-Trunk端口

#

interface XGigabitEthernet0/0/1

description *********

eth-trunk 1 #端口加入捆绑组

#

interface XGigabitEthernet0/0/2

description *********

port link-type access

port default vlan 10 #不加制定vlan,端口配置access默认通过vlan1

#

interface XGigabitEthernet0/0/3

description *********

ort link-type trunk

undo port trunk allow-pass vlan 1

port trunk allow-pass vlan 10 20

qos lr outbound cir 4000000 cbs 500000 #限制out口方向流量

qos lr inbound cir 2000000 cbs 250000 #限制in口方向流量 一般设置cir=8*cbs

#Access类型:端口只能属于1个VLAN,一般用于连接计算机;

#Trunk类型:端口可以属于多个VLAN,可以接收和发送多个VLAN的报文,一般用于交换机之间连接;

#Hybrid类型:端口可以属于多个VLAN,可以接收和发送多个VLAN的报文,可以用于交换机之间连接,也可以用于连接用户的计算机。

#

ip route-static 0.0.0.0 0.0.0.0 10.10.15.4 preference 70

ip route-static 0.0.0.0 0.0.0.0 10.80.80.1 #preference小的路由优先级高,华为默认静态路由为60,当10.80.80.1不通时会切换到10.10.15.4路由

#

snmp-agent community read cipher Xitai2018

snmp-agent sys-info version v2c v3

snmp-agent udp-port 161 #snmp公共团体号统一Xitai2018

#

user-interface con 0

authentication-mode aaa

user privilege level 15

idle-timeout 0 0 #配置console口登陆,无操作不超时

user-interface vty 0 4

authentication-mode aaa

user privilege level 15

idle-timeout 0 0 #配置telnet登陆,无操作不超时

protocol inbound all #不加这条无法远程登陆

#

telnet server enable

telnet server port 2323 #开启telnet服务,并更改默认端口

#

traffic classifier xiansu operator and

if-match any

traffic behavior xiansu

permit

car cir 1000000 pir 1000000 cbs 125000 pbs 40000 mode color-blind green pass yellow pass red discard

traffic policy xiansu

classifier xiansu behavior xiansu #开启流策略针对端口有多个用户,对vlan进行限速

#

#

interface GigabitEthernet1/0/21

ip source binding ip-address 10.12.1.187 mac-address 54e1-adee-8249

ip verify source ip-address mac-address #H3C交换机绑定IP和MAC

原文链接:https://blog.csdn.net/icanflyingg/article/details/121556030?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522165277696416782350919185%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fblog.%2522%257D&request_id=165277696416782350919185&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~blog~first_rank_ecpm_v1~times_rank-7-121556030-null-null.article_score_rank_blog&utm_term=%E5%8D%8E%E4%B8%BA

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发
头像
文明发言,共建和谐米科社区
提交
头像

昵称

取消
昵称表情图片

    暂无评论内容