Answer your question about route and switch configuration (1)

The configurations of vrouters and vswitches of different models are also different. Therefore, in this learning, we need to learn a common method. Vswitch configuration has always been mysterious, not only for general users, but also for the vast majority of network administrators. It is also an important and basic indicator for measuring the level of network management. This is mainly due to two reasons: First, most of the vswitches configured by enterprises are non-Network-connected vswitches on the desktop, and no configuration is required at all. The vswitch is purely a "dumb" type and is connected to the power supply like a hub, plug in the network cable to work normally. On the other hand, most CEOs of medium and small enterprises are not very comfortable with their network administrators. Therefore, even if the purchased switch is of the Network Manager type, they are not allowed to configure it by their network administrators, instead, ask the manufacturer's engineers or other professional personnel for configuration. Therefore, it is difficult for these network administrators of small and medium-sized enterprises to have the opportunity to manually configure a switch. The detailed configuration process of a vswitch is complex, and the specific configuration method varies depending on different brands and vswitches of different generations. therefore, we cannot be familiar with all the vswitch configuration and management methods. We only need to understand the general configuration methods. With these general configuration methods, we can draw a line from each other. This article provides a selection of questions and expert answers for your reference.

Q:I recently used an S1550 device, which is from H3C and connected to cisco3750 and 3750 on the upper layer, and set the TRUNK working mode. The S1550 of H3C also sets this working mode. As a result, everything works normally, the VLAN information is transmitted. During the operation, I encountered a problem, but I want to know how it works. The switch S1550 is connected to any two interfaces through a direct connection, so the device will be "crashed "? Crashes: All Wireless AP wireless access points connected to the lower layer of the vswitch are suspended. What is the principle?

A:If you do not have a new VLAN, all ports on a switch are in the same VLAN and share a VLAN Virtual Interface. If you directly connect two ports in the same vlan of the same vswitch, it is equivalent to directly connecting the same Nic to two network interfaces using one network cable. Assume that the NIC has two interfaces ), the result is obviously an internal endless loop. IP address conflicts because the source IP address and the target IP address are the same at this time.) data cannot be sent. The understanding of the device may be that the hardware has a physical short-circuit fault, and the current increases, causing the network devices to stop working.

Q:Hello! If you want to purchase a second-hand switch and router at home, can you introduce some suitable models?

A:If you want to use a second-hand device for your own experiments, we suggest using 3560 or 3750 series switches, and 3600, 3700, and 3800 series vrouters. Because these models are relatively complete and representative, you can learn the most popular skills from these models. And these models all have newer IOS systems downloaded from the Cisco official website ).

Q:The company is facing a network re-planning and relocation). I 'd like to hear from experts on the selection of Routing Switching equipment. Thank you!

A:The specific device selection involves many considerations, such as network communication performance, network scale, network topology, network application requirements, equipment costs, and the company's development status. You have not provided this information here, so I can only provide you with the following suggestions in general situations:

First of all, before adding new devices, you must plan your new network requirements and topology, and make targeted purchases.

In addition, we recommend that you use layer-3 switches on the core layer and even the aggregation layer, so that even if your company does not use the layer-3 function temporarily, it can meet the company's development needs in the near future, it is common to implement layer-3 switching at the core layer.

Second, we recommend that you use devices of the same brand as much as possible. We recommend that you use the same or mutually supported models/series at the same level. The advantage is to ensure the compatibility of the vswitch configuration function and give full play to the functions and features of the corresponding brand. Because different brands, even different series or models, support for functions, or the types of communication protocols implemented are not exactly the same.

Finally, make full use of existing equipment to protect previous investments.

Q:Hello! I have a question for you. We have just purchased a Cisco 4503 core switch with 48 ports) and a layer 2 switch with 24 ports, the company has more than 320 network points and requires about 15 L2 switches. I want to use each L2 Switch as a VLAN with a total of 15 VLANs. Is it reasonable to divide the network? What suggestions does the teacher have? How can we achieve mutual access between 15 VLANs? To enable all clients to automatically obtain IP addresses, how can internal DNS servers and DHCP servers access and deploy them? Note: the company manages it in a domain environment. There are two DNS servers and one DHCP server )? Can the core switch implement traffic control for each client IP address? How to configure the core switch? Thank you!

A:How to divide VLANs depends on your management and application needs, not necessarily one VLAN for each vswitch. For example, VLAN is usually divided by a department, project, or network application. Because the vswitches under you are both L2, you 'd better use the port-based VLAN division method. If your domain network has a dedicated DNS server and DHCP server, you must disable these two services on the core switch. By default, it is not automatically enabled If you do not configure them. Disable the no ip dhcp snooping information option command.

Q:In the IP video network, the front-end device collects the video and then uses the optical fiber to connect to the switch, aggregation switch, and core switch, and finally store the video on the server, the video in each access layer is a VLAN, and other applications use a VLAN with little traffic). Videos in different access layers use different VLANs, and multiple access layers use the trunk method to access the aggregation layer, the aggregation layer is responsible for VLAN configuration and management, and uses routing methods to connect to core switches. I would like to ask: is this method appropriate in terms of performance optimization?

1. Is the routing mode and TRUNK mode used between the aggregation layer and the core layer different? Routing is used to restrict VLAN broadcasting to the aggregation layer. However, a lot of routing is required, and VLAN management must also be managed at the aggregation layer. It is much more convenient to use trunk, but what is the impact of dozens of VLAN broadcasts on the aggregation layer to the core?

2. Are there any optimization rules for such one-way high-traffic transmission and other interactive applications with extremely low traffic?

A:1st problems, of course, Trunk is better than routing in the same network segment. On the one hand, if there are too many route table items, it will seriously affect the network communication performance. In addition, Trunk can restrict the traffic to be transmitted only on the corresponding relay link by means of pruning. The impact of dozens of trunks on the core switch is far smaller than that configured with dozens of Route tables. Generally, the core switch can withstand dozens of trunks.

You can limit the one-way speed of the port to make full use of the bandwidth in the other direction. This is especially useful for non-full-duplex ports.

Q:Hello! After Configuring telnet on a cisco router, the default port number for telnet is 21. Now I want to change it to a new port, for example, 2121, is there any way to implement this on a cisco router? On Juniper, you can change your port 21 to port 2121, so you don't know if it works on the router?

A:Yes. Use the rotary command in line configuration mode, for example, Router1 (config-line) # rotary 25. Change the TELNET port to 25. However, the new port number is changed. In Global configuration mode, use ACL to disable the default port 23, such as Router (config) # access-list 101 deny tcp any eq 23.

Q:I cannot configure an IP address on an H3C layer-3 Switch on the interface and connect to a CISCO 3750 switch. Does this mean that I can only run static routes?

A:3750 supports dynamic routing. As long as the two switches you mentioned are in the same subnet, you can use the 3750 switch to implement the dynamic routing function. You only need to configure a dynamic route for the corresponding port connecting to the H3C switch on the 3750 switch.