案例1:路由交换无冗余线路设计1
JR-SW1: undo terminal monitor system-view sysname JR-SW1
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
vlan batch 11 to 12 100 200
interface Ethernet0/0/1 port link-type access port default vlan 11
interface Ethernet0/0/2 port link-type access port default vlan 12
interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 11 to 12 100 200
interface GigabitEthernet0/0/2 port link-type trunk port trunk pvid vlan 200 port trunk allow-pass vlan 11 to 12 200 |
JR-SW2: undo terminal monitor system-view sysname JR-SW2
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
vlan batch 13 to 14 100 200
interface Ethernet0/0/1 port link-type access port default vlan 13
interface Ethernet0/0/2 port link-type access port default vlan 14
interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 13 to 14 100 200
interface GigabitEthernet0/0/2 port link-type trunk port trunk pvid vlan 200 port trunk allow-pass vlan 11 to 12 200 |
JR-SW3: undo terminal monitor system-view sysname JR-SW3
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
vlan batch 15 to 16 100 200
interface Ethernet0/0/1 port link-type access port default vlan 15
interface Ethernet0/0/2 port link-type access port default vlan 16
interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 15 to 16 100 200
interface GigabitEthernet0/0/2 port link-type trunk port trunk pvid vlan 200 port trunk allow-pass vlan 15 to 16 200 |
JR_SW4: undo terminal monitor system-view sysname JR_SW4
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
vlan batch 17 to 18 100 200
interface Ethernet0/0/1 port link-type access port default vlan 17
interface Ethernet0/0/2 port link-type access port default vlan 18
interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 17 to 18 100 200
interface GigabitEthernet0/0/2 port link-type trunk port trunk pvid vlan 200 port trunk allow-pass vlan 11 to 12 200 |
HJ_SW1: undo terminal monitor system-view
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
sysname HJ_SW1
vlan batch 11 to 12 100 200 dhcp enable
interface Vlanif11 ip address 192.168.64.254 255.255.255.0
interface Vlanif12 ip address 192.168.65.254 255.255.255.0
interface Vlanif100 ip address 10.0.1.2 255.255.255.252
interface Vlanif200 ip address 10.0.10.14 255.255.255.240 dhcp select relay dhcp relay server-ip 10.0.10.253
interface GigabitEthernet0/0/1 port link-type access port default vlan 100
interface GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 11 to 12 100 200
ospf 1 area 0.0.0.1 network 192.168.64.0 0.0.0.255 network 192.168.65.0 0.0.0.255 network 10.0.1.0 0.0.0.3 network 10.0.10.0 0.0.0.15 |
HJ_SW2: undo terminal monitor system-view
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable
sysname HJ-SW2
vlan batch 13 to 14 100 200 dhcp enable
interface Vlanif13 ip address 192.168.66.254 255.255.255.0
interface Vlanif14 ip address 192.168.67.254 255.255.255.0
interface Vlanif100 ip address 10.0.2.2 255.255.255.252
interface Vlanif200 ip address 10.0.10.30 255.255.255.240 dhcp select relay dhcp relay server-ip 10.0.10.253
interface GigabitEthernet0/0/1 port link-type access port default vlan 100
interface GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 13 to 14 100 200
ospf 1 area 0.0.0.1 network 192.168.66.0 0.0.0.255 network 192.168.67.0 0.0.0.255 network 10.0.2.0 0.0.0.3 network 10.0.10.16 0.0.0.15 |
HJ_SW3: undo terminal monitor system-view
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable sysname HJ_SW3
undo info-center enable
vlan batch 15 to 16 100 200 dhcp enable
interface Vlanif15 ip address 192.168.68.254 255.255.255.0
interface Vlanif16 ip address 192.168.69.254 255.255.255.0 # interface Vlanif100 ip address 10.0.3.2 255.255.255.252 # interface Vlanif200 ip address 10.0.10.46 255.255.255.240 dhcp select relay dhcp relay server-ip 10.0.10.253
interface GigabitEthernet0/0/1 port link-type access port default vlan 100
interface GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 15 to 16 200
ospf 1 area 0.0.0.2 network 10.0.10.32 0.0.0.15 network 10.0.3.0 0.0.0.3 network 192.168.68.0 0.0.0.255 network 192.168.69.0 0.0.0.255 |
HJ_SW4: undo terminal monitor system-view
user-interface con 0 idle-timeout 0 0 quit
undo info-center enable sysname HJ_SW4
undo info-center enable
vlan batch 17 to 18 100 200 dhcp enable
interface Vlanif17 ip address 192.168.70.254 255.255.255.0
interface Vlanif18 ip address 192.168.71.254 255.255.255.0
interface Vlanif100 ip address 10.0.4.2 255.255.255.252
interface Vlanif200 ip address 10.0.10.62 255.255.255.240 dhcp select relay dhcp relay server-ip 10.0.10.253
interface GigabitEthernet0/0/1 port link-type access port default vlan 100
interface GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 17 to 18 200
ospf 1 area 0.0.0.2 network 10.0.10.48 0.0.0.15 network 192.168.70.0 0.0.0.255 network 192.168.71.0 0.0.0.255 network 10.0.4.0 0.0.0.3 |
RS-5: undo terminal monitor system-view user-interface con 0 idle-timeout 0 0 quit
sysname RS-5
undo info-center enable
vlan batch 100 200 interface Vlanif100 ip address 10.0.5.2 255.255.255.252
interface Vlanif200 ip address 10.0.10.254 255.255.255.252
interface GigabitEthernet0/0/1 port link-type access port default vlan 100
interface GigabitEthernet0/0/3 port link-type access port default vlan 200
ospf 1 area 0.0.0.3 network 10.0.10.252 0.0.0.3 network 10.0.5.0 0.0.0.3 |
R1:
sysname R1 interface GigabitEthernet0/0/0 ip address 10.0.0.1 255.255.255.252
interface GigabitEthernet0/0/1 ip address 10.0.0.9 255.255.255.252
interface GigabitEthernet0/0/2 ip address 10.0.1.1 255.255.255.252
interface GigabitEthernet1/0/0 ip address 10.0.2.1 255.255.255.252
ospf 1 area 0.0.0.0 network 10.0.0.0 0.0.0.3 network 10.0.0.8 0.0.0.3 area 0.0.0.1 network 10.0.1.0 0.0.0.3 network 10.0.2.0 0.0.0.3 |
R2: sysname R2 undo info-center enable
interface GigabitEthernet0/0/0 ip address 10.0.0.2 255.255.255.252
interface GigabitEthernet0/0/1 ip address 10.0.0.6 255.255.255.252
interface GigabitEthernet0/0/2 ip address 10.0.5.1 255.255.255.252
ospf 1 area 0.0.0.0 network 10.0.0.0 0.0.0.3 network 10.0.0.4 0.0.0.3 area 0.0.0.3 network 10.0.5.0 0.0.0.3 |
R3: sysname R3 undo info-center enable
interface GigabitEthernet0/0/0 ip address 10.0.0.5 255.255.255.252
interface GigabitEthernet0/0/1 ip address 10.0.0.10 255.255.255.252
interface GigabitEthernet0/0/2 ip address 10.0.3.1 255.255.255.252
interface GigabitEthernet1/0/0 ip address 10.0.4.1 255.255.255.252
ospf 1 area 0.0.0.0 network 10.0.0.4 0.0.0.3 network 10.0.0.8 0.0.0.3 area 0.0.0.2 network 10.0.3.0 0.0.0.3 network 10.0.4.0 0.0.0.3 |
AC1: sysname AC-1 undo info-center enable user-interface con 0 idle-timeout 0 0
vlan batch 100 200 dhcp enable
interface Vlanif100 ip address 10.0.0.2 255.255.255.252 dhcp select global
interface Vlanif200 ip address 10.0.10.253 255.255.255.252 dhcp select global
interface GigabitEthernet0/0/1 port link-type access port default vlan 200
ip pool pool-rs-1 gateway-list 10.0.10.14 network 10.0.10.0 mask 28 dns-list 8.8.8.8 114.114.114.114 option 43 sub-option 3 ascii 10.0.10.253 quit
ip pool pool-rs-2 gateway-list 10.0.10.30 network 10.0.10.16 mask 28 dns-list 8.8.8.8 114.114.114.114 option 43 sub-option 3 ascii 10.0.10.253 quit
ip pool pool-rs-3 gateway-list 10.0.10.46 network 10.0.10.32 mask 28 dns-list 8.8.8.8 114.114.114.114 option 43 sub-option 3 ascii 10.0.10.253 quit
ip pool pool-rs-4 gateway-list 10.0.10.62 network 10.0.10.48 mask 28 dns-list 8.8.8.8 114.114.114.114 option 43 sub-option 3 ascii 10.0.10.253 quit
ip route-static 10.0.10.0 26 10.0.10.254 capwap source interface vlanif 200
进入wlan视图,创建名称为domain-cfg-1的域管理模版,配置国家代码cn wlan regulatory-domain-profile name domain-cfg-1 country-code cn quit
绑定mac地址和模版 ap auth-mode mac-auth ap-id 1 ap-mac 00E0-FCDC-0EA0 ap-name AP-1 regulatory-domain-profile domain-cfg-1
ap-id 2 ap-mac 00E0-FC3C-6430 ap-name AP-2 regulatory-domain-profile domain-cfg-1
ap-id 3 ap-mac 00E0-FCC3-51E0 ap-name AP-3 regulatory-domain-profile domain-cfg-1
ap-id 4 ap-mac 00E0-FC50-07E0 ap-name AP-4 regulatory-domain-profile domain-cfg-1
dis ap all -------------------------------------------------------------------------------- ID MAC Name Group IP Type State STA Uptime -------------------------------------------------------------------------------- 1 00e0-fcdc-0ea0 AP-1 default 10.0.10.12 AP3030DN nor 0 6M:30S 2 00e0-fc3c-6430 AP-2 default 10.0.10.19 AP3030DN nor 0 1M:45S 3 00e0-fcc3-51e0 AP-3 default 10.0.10.45 AP3030DN nor 0 1M:5S 4 00e0-fc50-07e0 AP-4 default 10.0.10.57 AP3030DN nor 0 9S
配置业务参数: 创建安全模版sec-cfg-1,并配置安全策略 wlan regulatory-domain-profile name domain-cfg-1 country-code cn quit
security-profile name sec-cfg-1 security wpa-wpa2 psk pass-phrase abcd1111 aes quit
ssid-profile name ssid-cfg-1 ssid wifi-1 quit
ssid-profile name ssid-cfg-2 ssid wifi-2 quit 创建模版vap-cfg-1模版对应2.4g vap-profile name vap-cfg-1 forward-mode direct-forward service-vlan vlan-id 11 security-profile sec-cfg-1 ssid-profile ssid-cfg-1 quit
创建模版vap-cfg-2模版对应5g vap-profile name vap-cfg-2 forward-mode direct-forward service-vlan vlan-id 12 security-profile sec-cfg-1 ssid-profile ssid-cfg-2 quit
根据wlan规划,各AP创建vap模版
vap-profile name vap-cfg-1-1 forward-mode direct-forward service-vlan vlan-id 11 security-profile sec-cfg-1 ssid-profile ssid-cfg-1 quit
vap-profile name vap-cfg-1-2 forward-mode direct-forward service-vlan vlan-id 12 security-profile sec-cfg-1 ssid-profile ssid-cfg-2 quit
vap-profile name vap-cfg-2-1 forward-mode direct-forward service-vlan vlan-id 13 security-profile sec-cfg-1 ssid-profile ssid-cfg-1 quit
vap-profile name vap-cfg-2-2 forward-mode direct-forward service-vlan vlan-id 14 security-profile sec-cfg-1 ssid-profile ssid-cfg-2 quit
vap-profile name vap-cfg-3-1 forward-mode direct-forward service-vlan vlan-id 15 security-profile sec-cfg-1 ssid-profile ssid-cfg-1 quit
vap-profile name vap-cfg-3-2 forward-mode direct-forward service-vlan vlan-id 16 security-profile sec-cfg-1 ssid-profile ssid-cfg-2 quit
vap-profile name vap-cfg-4-1 forward-mode direct-forward service-vlan vlan-id 17 security-profile sec-cfg-1 ssid-profile ssid-cfg-1 quit
vap-profile name vap-cfg-4-2 forward-mode direct-forward service-vlan vlan-id 18 security-profile sec-cfg-1 ssid-profile ssid-cfg-2 quit
在无线控制器AC-1上,通过AP组ap-group-cfg-1配置组中的AP(AP-1~AP-4),配置射频0引用vap-cfg-1模版,射频1引用vap-cfg-2模版
ap-group name ap-group-cfg-1 vap-profile vap-cfg-1 wlan 1 radio 0 vap-profile vap-cfg-2 wlan 1 radio 1 |