Comprehensive example of configuring layer-3 Switching

Comprehensive example of configuring layer-3 Switching
This configuration has no problems.

As long as you can understand and remember the key commands, I believe you have a deeper understanding of Layer 3.

**************************************** ************************

Basic Network Conditions

The network topology is as follows: the center switch uses Cisco Catalyst 4006-S3,

Supervisor Engine iii g Engine is located in 1st slots for layer-3 switching; one 24-Port

The 1000Base-T module is located in 2nd slots and is used to connect to the network server. One block has 6-port 1000Base-X module bits.

3rd slot, used to connect six backbone switches. A switch uses Cisco Catalyst 3550-

24-Emi, and 1 1000Base-X GBIC Gigabit module is installed. A vswitch uses Cisco

The Catalyst 3550-24-SMI is also installed with 1 1000Base-X GBIC Gigabit module. Four other switches

A 1000Base-T GBIC Gigabit module is installed with Cisco Catalyst 2950G-24-SMI.

All servers are divided into one VLAN, namely VLAN 50. The four Catalyst 2950G-24-SMI switches are also divided into only one VLAN, namely VLAN 60, VLAN 70, VLAN 80, and VLAN 90.

Catalyst 3550-24-EMI is divided into four VLANs: VLAN 10, VLAN 20, VLAN 30, and

VLAN 40. The Catalyst 3550-24-SMI is divided into two VLANs: VLAN 60 and VLAN 80.

The two Catalyst 2950G-24-SMI switches are located in the same VLAN.

* ************************** Instance analysis *********** *****************

Because all Catalyst 2950G switches are independent VLANs

Create VLANs (VLAN 60 ~ VLAN 90), and all ports are specified to this VLAN. However

Then create VLANs on the corresponding ports of the Catalyst 4006 switch. Catalyst 4006

The 1000Base-X port is connected to the 1000Base-X ports of each Catalyst 2950G respectively. Where,

Port GigabitEthernet3/2 is connected to Catalyst 2950 vswitch 1 (VLAN 60), and port GigabitEthernet3/3 is connected to Catalyst 2950 vswitch 2 (VLAN 70 ), port GigabitEthernet3/4 is connected to Catalyst 2950 vswitch 3 (VLAN 80), and port GigabitEthernet3/5 is connected to Catalyst 2950 vswitch 4 (VLAN 90 ), port GigabitEthernet3/6 is connected to the vswitch (VLAN 80) in building 6 ).

The Catalyst 3550-24-EMI is divided into four VLANs (VLAN 10 ~ VLAN 40), and the four VLANs must be connected to the GigabitEthernet3/1 port of the Catalyst 4006 by means of a 1000Base-X link. Therefore, A Trunk must be created between Catalyst 4006 and Catalyst 3550-24-EMI.

Likewise, there are two VLANs (VLAN 60 and VLAN 80) on the Catalyst 3550-24-SMI, and all four VLANs need to be connected to port GigabitEthernet3/6 of the Catalyst 4006 through a 1000Base-X link, therefore, a Trunk must be created between the Catalyst 4006 and the Catalyst 3550-24-EMI.

In addition, all servers are connected to the 1000Base-T module of the Catalyst 4006 and become a VLAN (VLAN 90) separately. Therefore, you must create a VLAN for these switches, specify all ports to the VLAN. Note that, considering the need for network management, you can also leave several RJ-45 ports (such as ports 21 to 24) Not specified to any VLAN, so as to facilitate connection to network management devices. By default, all ports belong to VLAN1, and only VLAN1 can manage all devices in the network.

*********** *******************

● Cisco Catalyst 4006 Switch configuration list
Current configuration: 5594 bytes
!
Version 12.1:
No service pad
Service timestamps debug uptime
Service timestamps log uptime
No service password-encryption
Service compress-config
!
Hostname hsnc
!
Boot system bootflash: cat4000-is-mz.121-8a.EW1.bin
No logging console
Enable secret level 1 5 $1 $ rkQW $ 1HKyKdN5f. Ri5zxeoF8Yv/
!
Ip subnet-zero
!
!
!
Interface GigabitEthernet1/1
No snmp trap link-status
! -- Do not specify a VLAN for the 1000Base-X slot in the Supervisor Engine iii g Engine
Interface GigabitEthernet1/2
No snmp trap link-status
!
!
Interface GigabitEthernet2/1
Switchport access vlan 50
No snmp trap link-status
! -- Specify the port GigabitEthernet2/1 to VLAN 50.
!
Interface GigabitEthernet2/2
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/3
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/4
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/5
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/6
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/7
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/8
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/9
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/10
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/11
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/12
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/13
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/14
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/15
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/16
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/17
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/18
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/19
Switchport access vlan 50
No snmp trap link-status
!
Interface GigabitEthernet2/20
Switchport access vlan 50
No snmp trap link-status
! -- Do not set GigabitEthernet2/20 ~ 24 specify to any VLAN
!
Interface GigabitEthernet3/1
Switchport trunk encapsulation dot1q
! -- Enable the 802.1Q Trunk encapsulation protocol.
Switchport trunk allowed vlan 1-80
! -- Allow communication between vlan 1 and 90 on the trunk line
! -- You can deny or allow a VLAN to access the Trunk.
! -- Ensure that unauthorized VLAN uses the Trunk to ensure VLAN access security
Switchport mode trunk
! -- Set this port to Trunk
Description netcenter
No snmp trap link-status
!
Interface GigabitEthernet3/2
Switchport access vlan 60
No snmp trap link-status
! -- Specify the port GigabitEthernet3/2 to VLAN 60.
!
Interface GigabitEthernet3/3
Switchport access vlan 70
No snmp trap link-status
! -- Port GigabitEthernet3/3 to VLAN 70
!
Interface GigabitEthernet3/4
Switchport access vlan 80
No snmp trap link-status
! -- Port GigabitEthernet3/4 to VLAN 80
!
Interface GigabitEthernet3/5
Switchport access vlan 90
No snmp trap link-status
! -- Port GigabitEthernet3/5 to VLAN 90
!
Interface GigabitEthernet3/6
Switchport trunk encapsulation dot1q
! -- Enable the 802.1Q Trunk encapsulation protocol.
Switchport trunk allowed vlan 1-80
! -- Allow communication between vlan 1 and 90 on the trunk line
! -- You can deny or allow a VLAN to access the Trunk.
! -- This ensures that unauthorized VLAN uses the Trunk to achieve VLAN access security.
Switchport mode trunk
! -- Set this port to Trunk
Description netcenter
No snmp trap link-status
!
Interface Vlan1
Description netmanger
No ip address
!
! -- Describe VLAN1
Interface Vlan10
Description network center
No ip address
! -- Describe VLAN2
!
Interface Vlan20
Description computer center
No ip address
!
Interface Vlan30
Description network lab
No ip address
!
Interface Vlan40
Description huaxuelou
No ip address
!
Interface Vlan50
Description wulilou
No ip address
!
Interface Vlan60
Description shengwulou
No ip address
!
Interface Vlan70
Description zhongwenxi
No ip address
!
Interface Vlan80
Description tushuguan
No ip address
!
!
Line con 0
Stopbits 1
Line vty 0 4
Password aaa
Login
!
End Article entry: aaadxmmm responsible editor: aaadxmmm