网络拓扑
注意:在配置RRPP过程中,交换机必须先断开一个方向,否则就会成环,导致网络不通。
配置思路:
1、创建eth-trunk并配置:
福州:
#
interface Eth-Trunk1
description --SW--fuzhou--to--hangzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093 ==============vlan必须在RRPP配置完成之后,才能添加,否则RRPP创建不成功。
stp disable
#
interface Eth-Trunk2
description --SW--fuzhou--to--wenzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093 ==============vlan必须在RRPP配置完成之后,才能添加,否则RRPP创建不成功。
stp disable
#
杭州:
#
interface Eth-Trunk1
description --SW--hangzhou--fuzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093 ==============vlan必须在RRPP配置完成之后,才能添加,否则RRPP创建不成功。
stp disable
#
interface Eth-Trunk2
description --SW--hangzhou--ningbo--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093 ==============vlan必须在RRPP配置完成之后,才能添加,否则RRPP创建不成功。
stp disable
#
宁波:
#
interface Eth-Trunk1
description --sw--ningbo--to--wenzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093
stp disable
#
interface Eth-Trunk2
description --sw--ningbo--to--hangzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093
stp disable
#
温州:
#
interface Eth-Trunk1
description --SW--wenzhou--to--ningbo--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093
stp disable
#
interface Eth-Trunk2
description --SW--wenzhou--to--fuzhou--DWDM--huiju
set flow-stat interval 10
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 100 to 300 4092 to 4093
stp disable
#
2、创建类
#
stp region-configuration
instance 1 vlan 100 300 to 4093
active region-configuration
#
4台交换机配置相同,此处略。
3、RRPP配置:
福州:
#
rrpp domain 1
control-vlan 4092
protected-vlan reference-instance 1
timer hello-timer 2 fail-timer 6
ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0
ring 1 enable
#
杭州:
#
rrpp domain 1
control-vlan 4092
protected-vlan reference-instance 1
timer hello-timer 2 fail-timer 6
ring 1 node-mode master primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0
ring 1 enable
#
宁波:
#
rrpp domain 1
control-vlan 4092
protected-vlan reference-instance 1
timer hello-timer 2 fail-timer 6
ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0
ring 1 enable
#
温州:
#
rrpp domain 1
control-vlan 4092
protected-vlan reference-instance 1
timer hello-timer 2 fail-timer 6
ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0
ring 1 enable
#
4、激活RRPP:
在4台交换机上配置RRPP enable命令。
5、创建vlan,并配置4台交换机的地址:
福州:
#
interface Vlanif100
ip address 172.40.1.11 255.255.255.224
#
杭州:
#
interface Vlanif100
ip address 172.40.1.8 255.255.255.224
#
宁波:
#
interface Vlanif100
ip address 172.40.1.9 255.255.255.224
#
温州:
#
interface Vlanif100
ip address 172.40.1.10 255.255.255.224
#
6、把eth-trunk加入到端口,并描述端口:
福州:
#
interface GigabitEthernet0/0/1
description fuzhou--to--hangzhou--DWDM--CH33
eth-trunk 1
#
interface GigabitEthernet0/0/2
description fuzhou--to--hangzhou--DWDM--CH27
eth-trunk 1
#
interface GigabitEthernet0/0/3
description fuzhou--to--wenzhou--DWDM--CH21
eth-trunk 2
#
interface GigabitEthernet0/0/4
description fuzhou--to--wenzhou--DWDM--CH23
eth-trunk 2
#
杭州:
#
interface GigabitEthernet0/0/1
description hangzhou--to--fuzhou--DWDM--CH33
eth-trunk 1
#
interface GigabitEthernet0/0/2
description hangzhou--to--fuzhou--DWDM--CH27
eth-trunk 1
#
interface GigabitEthernet0/0/3
description hangzhou--to--ningbo--DWDM--CH58
eth-trunk 2
#
interface GigabitEthernet0/0/4
description hangzhou--to--ningbo--DWDM--CH57
eth-trunk 2
#
宁波:
#
interface GigabitEthernet0/0/1
description ningbo--to--wenzhou--DWDM--CH58
eth-trunk 1
#
interface GigabitEthernet0/0/2
description ningbo--to--wenzhou--DWDM--CH57
eth-trunk 1
#
interface GigabitEthernet0/0/3
description ningbo--to--hangzhou--DWDM--CH58
eth-trunk 2
#
interface GigabitEthernet0/0/4
description ningbo--to--hangzhou--DWDM--CH57
eth-trunk 2
#
温州:
#
interface GigabitEthernet0/0/1
description wenzhou--to--ningbo--DWDM--CH58
eth-trunk 1
#
interface GigabitEthernet0/0/2
description wenzhou--to--ningbo--DWDM--CH57
eth-trunk 1
#
interface GigabitEthernet0/0/3
description wenzhou--to--fuzhou--DWDM--CH21
eth-trunk 2
#
interface GigabitEthernet0/0/4
description wenzhou--to--fuzhou--DWDM--CH23
eth-trunk 2
#
测试网络:
福州ping宁波:
<fuzhou-zj9312>ping 172.40.1.9
PING 172.40.1.9: 56 data bytes,press CTRL_C to break
Reply from 172.40.1.9: bytes=56 Sequence=1 ttl=255 time=390 ms
Reply from 172.40.1.9: bytes=56 Sequence=2 ttl=255 time=60 ms
Reply from 172.40.1.9: bytes=56 Sequence=3 ttl=255 time=70 ms
Reply from 172.40.1.9: bytes=56 Sequence=4 ttl=255 time=70 ms
Reply from 172.40.1.9: bytes=56 Sequence=5 ttl=255 time=60 ms
--- 172.40.1.9 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 60/130/390 ms
<fuzhou-zj9312>
福州ping杭州:
默认是就近原则,路由为:福州-杭州
<fuzhou-zj9312>ping 172.40.1.8
PING 172.40.1.8: 56 data bytes,press CTRL_C to break
Reply from 172.40.1.8: bytes=56 Sequence=1 ttl=255 time=40 ms
Reply from 172.40.1.8: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 172.40.1.8: bytes=56 Sequence=3 ttl=255 time=30 ms
Reply from 172.40.1.8: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 172.40.1.8: bytes=56 Sequence=5 ttl=255 time=20 ms
--- 172.40.1.8 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/30/50 ms
<fuzhou-zj9312>
把福州eth-trunk 1断开,测试福州到杭州
路由为:福州-温州-宁波-杭州
[fuzhou-zj9312]ping 172.40.1.8
PING 172.40.1.8: 56 data bytes,press CTRL_C to break
Reply from 172.40.1.8: bytes=56 Sequence=1 ttl=255 time=110 ms
Reply from 172.40.1.8: bytes=56 Sequence=2 ttl=255 time=110 ms
Reply from 172.40.1.8: bytes=56 Sequence=3 ttl=255 time=80 ms
Reply from 172.40.1.8: bytes=56 Sequence=4 ttl=255 time=110 ms
Reply from 172.40.1.8: bytes=56 Sequence=5 ttl=255 time=100 ms
--- 172.40.1.8 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 80/102/110 ms
[fuzhou-zj9312]
安全配置:
aaa
local-user test password simple 123456
local-user test privilege level 0
local-user test service-type telnet
local-user gouzhongxing password simple aqkfkhnuiwu
local-user gouzhongxing privilege level 15
local-user gouzhongxing service-type telnet web
#
user-interface maximum-vty 15
user-interface con 0
authentication-mode password
user privilege level 15
set authentication password simple zydx2013
user-interface vty 0 14
authentication-mode aaa
#
telnet使用aaa本地登录。
实验成功。