cisco以太网经典配置

1/6/2008来源:Cisco网络人气:3277


  很经典啊,我用的。
  Configurations
  The configurations in this document were implemented in an isolated lab environment. The configurations were cleared by issuing the write erase command on the routers, and the clear config all command on the switches to ensure that all devices have a default configuration. Make sure you understand the potential impact of any configuration or command on your network before using it.
  
  Catalyst 6500 Switch
  
  Note: The following screen captures show the commands that were entered on the Catalyst 6500 switch. Comments between the commands are added in blue italics to eXPlain certain commands and steps.
  
  !-- Set the ip address and default gateway for VLAN 1 for management purposes.
  
  Catalyst6500> (enable) set int sc0 10.10.10.2 255.255.255.0
  Interface sc0 IP address and netmask set.
  Catalyst6500> (enable) set ip route default 10.10.10.1
  Route added.
  !-- Set the VTP mode.
  !-- In our example, we have set the mode to be transparent. !-- Depending on your network, set the VTP mode accordingly. !-- For details on VTP, refer to Understanding and Configuring VLAN Trunk PRotocol (VTP).
  
  Catalyst6500> (enable) set vtp mode transparent
  VTP domain modified
  
  !-- Adding VLAN 2. VLAN 1 already exists by default.
  Catalyst6500> (enable) set vlan 2
  VLAN 2 configuration sUCcessful
  
  !-- Adding port 3/4 to VLAN 2. Port 3/3 is already in VLAN 1 by default.
  Catalyst6500> (enable) set vlan 2 3/4
  
  VLAN 2 modified.
  VLAN 1 modified.
  VLAN Mod/Ports
  ---- -----------------------
  2 3/4
  
  ! -- Set the port speed and duplex at 100 and full. One of
  !-- the requirements for EtherChannel to work is for speed and duplex to be the same on
  !-- both sides. To guarantee this, we will hard code both speed and duplex on ports 3/1 and 3/2.
  
  Catalyst6500> (enable) set port speed 3/1-2 100
  Ports 3/1-2 transmission speed set to 100Mbps.
  Catalyst6500> (enable) set port duplex 3/1-2 full
  Ports 3/1-2 set to full-duplex.
  
  ! -- Enable FEC on ports 3/1 and 3/2.
  ! -- Becuase routers do not understand Port Aggregation Protocol(PAgP),
  ! -- we set the channel mode to on which causes ports to channel,
  ! -- but not generate PAgP frames.
  
  
  Catalyst6500> (enable) set port channel 3/1-2 on
  Port(s) 3/1-2 are assigned to admin group 105.
  Port(s) 3/1-2 channel mode set to on.
  
  ! -- Enable trunking on ports 3/1 and 3/2.
  ! -- Becuase routers do not understand Dynamic Trunking Protocol(DTP),
  ! -- we set the trunking mode to nonegotiate which causes ports to trunk,
  ! -- but not generate DTP frames.
  
  
  ! -- Notice that becuase we configured EtherChannel first,
  ! -- any trunk settings applied now to one port automatically apply to all other ports in the channel.
  
  ! -- Enter the trunking encapsulation as either isl ...
  
  Catalyst6500> (enable) set trunk 3/1 nonegotiate isl Port(s) 3/1-2 trunk mode set to nonegotiate.
  Port(s) 3/1-2 trunk type set to isl.
  
  ! -- ... or as dot1q.
  ! -- Make sure the native VLAN(default is VLAN 1) matches across the link.
  ! -- For more information on the native VLAN and 802.1q trunking, refer to
  ! -- Trunking Between Catalyst 4000, 5000, and6000 Family Switches Using 802.1q Encapsulation.
  
  Catalyst6500> (enable) set trunk 3/1 nonegotiate dot1q
  Port(s) 3/1-2 trunk mode set to nonegotiate.
  Port(s) 3/1-2 trunk type set to dot1q.
  
  Catalyst6500> (enable) show config
  This command shows non-default configurations only.
  Use 'show config all' to show both default and non-default configurations.
  .........
  ..................
  ..
  
  begin
  !
  # ***** NON-DEFAULT CONFIGURATION *****
  !
  !
  #time: Thu May 2 2002, 01:26:26
  !
  #version 5.5(14)
  !
  !
  #system
  set system name Catalyst6500
  !
  #!
  #vtp
  set vtp mode transparent
  set vlan 1 name default type ethernet mtu 1500 said 100001 state active
  set vlan 2 name VLAN0002 type ethernet mtu 1500 said 100002 state active
  set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
  set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee
  set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm
  set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active
  mode srb aremaxhop 7 stemaxhop 7
  backupcrf off
  !
  #ip
  set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255
  
  set ip route 0.0.0.0/0.0.0.0 10.10.10.1 !
  #set boot command
  set boot config-register 0x2102
  set boot system Flash bootflash:cat6000-sup.5-5-14.bin
  !
  #port channel
  set port channel 3/1-2 105
  !
  # default port status is enable
  !
  !
  #module 1 empty
  !
  #module 2 : 2-port 1000BaseX Supervisor
  !
  #module 3 : 48-port 10/100BaseTX Ethernet
  set vlan 2 3/4
  set port disable 3/5
  
  set port speed 3/1-2 100
  set port duplex 3/1-2 full
  set trunk 3/1 nonegotiate isl 1-1005
  set trunk 3/2 nonegotiate isl 1-1005
  
  !-- If IEEE 802.1q is configured,
  !-- you will see the following output instead:
  
  set trunk 3/1 nonegotiate dot1q 1-1005
  set trunk 3/2 nonegotiate dot1q 1-1005
  
  
  set port channel 3/1-2 mode on
  !
  #module 4 : 24-port 100BaseFX MM Ethernet
  !
  #module 5 empty
  !
  #module 6 empty
  !
  #module 15 empty
  !
  #module 16 empty
  end
  
  
  Cisco 7500 Router
  
  Note: The following screen captures show the commands that were entered on the Cisco 7500 router. Comments between the commands are added in blue italics to explain certain commands and steps.
  
  ! -- Configure a port-channel interface to enable FEC.
  
  7500#configure terminal
  Enter configuration commands, one per line. End with CNTL/Z.
  
  7500(config)#int port-channel 1
  01:34:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed
  state to down
  
  ! -- Configure full-duplex to match the duplex setting on the Catalyst switch side.
  
  7500(config-if)#full-duplex
  7500(config-if)#exit
  
  ! -- If using ISL trunking, configure two port-channel sub-interfaces and enable ISL trunking
  ! -- by issuing the encapsulation isl command.
  ! -- Configure IP addresses for InterVLAN routing.
  
  7500(config)#int port-channel 1.1
  7500(config-subif)#encapsulation isl 1
  7500(config-subif)#ip address 10.10.10.1 255.255.255.0
  7500(config-subif)#exit
  
  7500(config)#int port-channel 1.2
  7500(config-subif)#encapsulation isl 2
  7500(config-subif)#ip address 10.10.11.1 255.255.255.0
  7500(config-subif)#exit
  
  
  ! -- If using 802.1q trunking, configure two port-channel sub-interfaces, enable 802.1q trunking
  ! -- by issuing the encapsulation dot1Q native command and configure the IP addresses for
  ! -- InterVLAN routing.
  
  Note: The encapsulation dot1Q 1 native command was added in Cisco IOS version 12.1(3)T. If you are using an earlier version of Cisco IOS, refer to the 802.1Q Configuration for Cisco IOS Versions Earlier than 12.1(3)T section of this document to configure 802.1Q trunking on the router.
  
  ! -- Make sure the native VLAN(default is VLAN 1) matches across the link.
  ! -- For more information on the native VLAN and 802.1q trunking, refer to
  ! -- Trunking Between Catalyst 4000, 5000, and 6000 Family Switches Using 802.1q Encapsulation. 7500(config)#int port-channel 1.1
  7500(config-subif)#encapsulation dot1Q 1 native
  7500(config-subif)#ip address 10.10.10.1 255.255.255.0
  7500(config-subif)#exit
  
  7500(config)#int port-channel 1.2
  7500(config-subif)#encapsulation dot1Q 2
  7500(config-subif)#ip address 10.10.11.1 255.255.255.0
  7500(config-subif)#exit
  
  ! -- Configure the FastEthernet interfaces for speed 100 depending on the port adapter.
  ! -- Some FastEthernet port adapters can autonegotiate speed(10 or 100) and duplex(half or full).
  ! -- Others are only capable of 100 (half or full).
  
  7500(config)#int fa5/1/0
  7500(config-if)#speed 100
  
  ! -- Configure the FastEthernet interfaces to be members of port-channel 1 by issuing the channel-group command.
  
  7500(config-if)#channel-group 1
  
  %Interface MTU set to channel-group MTU 1500.
  7500(config-if)#no shut
  7500(config-if)#
  %Interface MTU set to channel-group MTU 1500.
  
  FastEthernet5/1/0 added as member-1 to port-channel1
  
  01:46:09: %LINK-3-UPDOWN: Interface FastEthernet5/1/0, changed state to up
  01:46:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/1/0,
  changed state to up
  01:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
  changed state to up
  Router(config-if)#exit
  
  Router(config)#int fa 5/1/1
  Router(config-if)#speed 100
  Router(config-if)#channel-group 1
  
  %Interface MTU set to channel-group MTU 1500.
  Router(config-if)#no shut
  Router(config-if)#
  %Interface MTU set to channel-group MTU 1500.
  
  FastEthernet5/1/1 added as member-2 to port-channel1
  
  01:54:52: %LINK-3-UPDOWN: Interface FastEthernet5/1/1, changed state to up
  01:54:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/1/1,
  changed state to up
  Router(config-if)#exit
  
  ! -- Remember to save the configuration.
  
  
  7500#write memory
  Building configuration...
  [OK]
  7500#
  
  Note: In order to make this setup work, and to successfully ping between Workstation 1 and Workstation 2, you need to make sure that the default gateways on the workstations are setup properly. For Workstation 1, the default gateway should be 10.10.10.1 and for Workstation 2, the default gateway should be 10.10.11.1.
  
  7500#show running-config
  Building configuration...
  
  Current configuration : 1593 bytes
  !
  version 12.2
  no service pad
  service timestamps debug uptime
  service timestamps log uptime
  no service passWord-encryption
  no service single-slot-reload-enable
  !
  hostname 7500
  !
  boot system disk1:rsp-jsv-mz.122-7b.bin
  !
  ip subnet-zero
  !
  ip cef
  call rsvp-sync
  !
  !
  !
  interface Port-channel1
  no ip address
  full-duplex
  hold-queue 300 in
  !
  interface Port-channel1.1
  encapsulation isl 1
  ip address 10.10.10.1 255.255.255.0
  !
  interface Port-channel1.2
  encapsulation isl 2
  ip address 10.10.11.1 255.255.255.0
  
  ! -- If 802.1q trunking is configured,
  ! -- you will see the following output instead:
  
  interface Port-channel1.1
  encapsulation dot1Q 1 native
  ip address 10.10.10.1 255.255.255.0
  !
  interface Port-channel1.2
  encapsulation dot1Q 2
  ip address 10.10.11.1 255.255.255.0
  !
  interface FastEthernet5/1/0
  no ip address
  no ip mroute-cache
  speed 100
  full-duplex
  channel-group 1
  !
  interface FastEthernet5/1/1
  no ip address
  no ip mroute-cache
  speed 100
  full-duplex
  channel-group 1
  !
  !
  ip classless
  no ip http server
  ip pim bidir-enable
  !
  !
  !
  !
  line con 0
  line aux 0
  line vty 0 4
  login
  !
  end
  
  7500#
  
  
  802.1Q Configuration on the Cisco 7500 for Cisco IOS Versions Earlier than 12.1(3)T
  
  In Cisco IOS versions earlier than 12.1(3)T, the encapsulation dot1Q 1 native command under the subinterface was not available. However, it is still necessary to match the native VLAN across the link as described previously.
  
  To configure 802.1q trunking in software versions earlier than 12.1(3)T, the IP address for VLAN 1 is configured on the main port-channel 1 interface as oppossed to a port-channel subinterface.
  
  ! -- Configure a port-channel interface to enable FEC.
  
  7500#configure terminal
  Enter configuration commands, one per line. End with CNTL/Z.
  
  7500(config)#int port-channel 1
  01:34:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed
  state to down
  
  ! -- Configure full-duplex to match the duplex setting on the Catalyst switch side.
  7500(config-if)#full-duplex 7500(config-if)#exit
  
  
  ! -- Do not configure an interface port-channel 1.1
  !-- Instead, create a port-channel 1 main interface and configure the IP address for VLAN 1 here.
  
  7500(config)#int port-channel 1
  7500(config-if)#full-duplex
  7500(config-if)#ip address 10.10.10.1 255.255.255.0
  7500(config-if)#exit
  7500(config)#
  
  ! -- It is still necessary to create a subinterface for VLAN 2.
  
  7500(config)#int port-channel 1.2
  7500(config-subif)#encapsulation dot1Q 2
  7500(config-subif)#ip address 10.10.11.1 255.255.255.0
  7500(config-subif)#exit
  
  
  ! -- Configure the FastEthernet interfaces for speed 100 depending on the port adapter.
  ! -- Some FastEthernet port adapters can autonegotiate speed(10 or 100) and duplex(half or full).
  ! -- Others are only capable of 100 (half or full).
  7500(config)#int fa5/1/0
  7500(config-if)#speed 100
  
  
  ! -- Configure the FastEthernet interfaces to be members of port-channel 1 by issuing the channel-group command.
  
  7500(config-if)#channel-group 1
  
  %Interface MTU set to channel-group MTU 1500.
  7500(config-if)#no shut
  7500(config-if)#
  %Interface MTU set to channel-group MTU 1500.
  
  FastEthernet5/1/0 added as member-1 to port-channel1
  
  01:46:09: %LINK-3-UPDOWN: Interface FastEthernet5/1/0, changed state to up
  01:46:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/1/0,
  changed state to up
  01:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
  changed state to up
  Router(config-if)#exit
  
  Router(config)#int fa 5/1/1
  Router(config-if)#speed 100
  Router(config-if)#channel-group 1
  
  %Interface MTU set to channel-group MTU 1500.
  Router(config-if)#no shut
  Router(config-if)#
  %Interface MTU set to channel-group MTU 1500.
  
  FastEthernet5/1/1 added as member-2 to port-channel1
  
  01:54:52: %LINK-3-UPDOWN: Interface FastEthernet5/1/1, changed state to up
  01:54:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/1/1,
  changed state to up
  Router(config-if)#exit
  
  ! -- Remember to save the configuration.
  
  7500#write memory
  Building configuration...
  [OK]
  7500#
  
  Note: Remember also that in any version of software previous to 12.2 or 12.2T for the 7000/7500 series, you will have to issue the no ip cef command globally before configuring 802.1q trunking on a subinterface. Otherwise, you will see the following error message: 802.1q encapsulation not supported with CEF configured on the interface. Refer to the Hardware and Software Requirements section of this document for more information.
  
  7500#show running-config
  Building configuration...
  
  Current configuration : 1593 bytes
  !
  version 12.1
  no service pad
  service timestamps debug uptime
  service timestamps log uptime
  no service password-encryption
  !
  hostname 7500
  !
  !
  ip subnet-zero
  !
  no ip cef
  !
  !
  !
  interface Port-channel1
  ip address 10.10.10.1 255.255.255.0
  full-duplex
  hold-queue 300 in
  !
  interface Port-channel1.2
  encapsulation dot1Q 2
  ip address 10.10.11.1 255.255.255.0
  !
  interface FastEthernet5/1/0
  no ip address
  no ip mroute-cache
  speed 100
  full-duplex
  channel-group 1
  !
  interface FastEthernet5/1/1
  no ip address
  no ip mroute-cache
  speed 100
  full-duplex
  channel-group 1
  !
  !
  ip classless
  no ip http server
  !
  !
  !
  line con 0
  line aux 0
  line vty 0 4
  login
  !
  end
  
  7500#