Comprehensive multi-layer exchange experiment (I)

Last Update:2013-12-03 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Requirements:

Beijing headquarters:

1. The core layer (Core1 and Core2) and the aggregation layer (Cds-1, Cds-2, Cds-3 and Cds-4) use the ospf routing protocol.

2. link binding between core layer Core1 and Core2, link binding between the aggregation layer Cds-1 and Cds-2, and link binding between Cds-3 and Cds-4

3. Perform HSRP on Core1 and Core2 in the core layer to achieve high network availability.

4. Use the aggregation layer switch as the root bridge and configure Server Load balancer.

5. The pcs of Beijing headquarters and Shanghai Branch dynamically obtain IP addresses through DHCP server

6. Access to each department of the Beijing headquarters and Shanghai Branch (C1vlan20, C1 vlan 30, C1vlan40, vlan1, vlan2, and vlan3) is allowed, but access to C1 vlan10 (Finance Department) is prohibited)

Supplement: Re-publish routes in Core 2 and summarize routes at appropriate points. Use the default route when connecting to the Internet

Shanghai Branch

7. Use RIP v2 routing protocol between router and ds-1 and ds-2

8. ds-1 and ds-2 as the root bridge and enable HSRP as well as do link bundling

9. vlan1 cannot access the company's web server

IP address planning

Beijing headquarters:

. 1 11.11.11.0/24. 2. 1 12.12.12.0/24. 2

Core 1 certificate ------------------------------- à Cds-1 Core 1 certificate --------------------------------- à Cds-2

. 1 13.13.20./ 24. 2. 1 14.14.14.0/24. 2

Core 1 certificate ------------------------------- à Cds-3 Core 1 certificate --------------------------------- à Cds-4

. 1 21.21.21.0/24. 2. 1 22.22.22.0/24. 2

Core 2 certificate ------------------------------- à Cds-1 Core 2 certificate --------------------------------- à Cds-2

. 1 23.23.23.0/24. 2. 1 24.24.24.0/24. 2

Core 2 certificate ------------------------------- à Cds-3 Core 2 certificate --------------------------------- à Cds-1

. 1 100.100.100.0/24. 2

Core 1 certificate --------------------------------- à server-PT

C1vlan10: 10.10.10.0/24 (Gateway: 10.10.10.1) C1vlan20: 255.255.20.0/24 (Gateway: 255.255.20.1)

C1vlan30: 30.30.30.0/24 (Gateway: 30.30.30.1) C1vlan40: 40.40.40.0/24 (Gateway: 40.40.40.1)

. 1 200.200.200.0/24. 2

Core 2 (f0/1) Certificate --------------------------------- à Router (f0/1)

Shanghai Branch:

. 1 172.16.0.0/24. 2. 1 172.16.1.0/24. 2

Router route --------------------------------- à ds-1 Router route ------------------------------- à ds-2

Vlan1: 192.168.1.0 (Gateway: 192.168.1.1) vlan2: 192.168.2.0/24 (Gateway: 192.168.2.1)

Vlan3: 192.168.3.0/24 (Gateway: 192.168.3.1)

Operation logic:

To regionalize the topology, first fix the branch and then eat the headquarters

The branch topology is as follows:

I. Deal with branch offices

Switch layer Configuration

ConfigurationVTP

Ds-1 (config) # vtp mode server

Ds-1 (config) # vtp domain cisco

Ds-1 (config) # vtp password 123

Ds-2 (config) # vtp mode server

Ds-2 (config) # vtp domain cisco

Ds-2 (config) # vtp password 123

Switch 1 (config) # vtp mode client

Switch 1 (config) # vtp domain cisco

Switch 1 (config) # vtp password 123

Switch 2 (config) # vtp mode client

Switch 2 (config) # vtp domain cisco

Switch 2 (config) # vtp password 123

Switch 3 (config) # vtp mode client

Switch 3 (config) # vtp domain cisco

Switch 3 (config) # vtp password 123

ConfigurationTrunk(Take one of the two devices as an example)

Ds-1 (config) # inter f0/10

Ds-1 (config-if) # switchport trunk encapsulation dot1q

Ds-1 (config-if) # switchport mode trunk

Ds-1 (config-if) # switchport trunk allow vlan all

Ds-2 (config) # inter f0/10

Ds-2 (config-if) # switchport trunk encapsulation dot1q

Ds-2 (config-if) # switchport mode trunk

Ds-2 (config-if) # switchport trunk allow vlan all

Link bundling

Ds-1 (config) # inter range f0/20-30

Ds-1 (config-range) # switchport trunk encapsulation dot1q

Ds-1 (config-range) # swichport mode trunk

Ds-1 (config-range) # channel-group 1 mode on

Ds-2 (config) # interface port-channel

Ds-2 (config) # inter range f0/20-30

Ds-2 (config-range) # swichport mode trunk

Ds-2 (config-range) # channel-group 1 mode on

CreateVlan

Ds-1 (config) # vlan 2

Ds-1 (config) # vlan 3

ConfigurationSTP

Ds-1 (config) # spanning-tress vlan 1 root primary

Ds-1 (config) # spanning-tress vlan 2 root primary

Ds-1 (config) # spanning-tress vlan 3 root secondary

Ds-2 (config) # spanning-tress vlan 1 root secondary

Ds-2 (config) # spanning-tress vlan 2 root secondary

Ds-2 (config) # spanning-tress vlan 3 root primary

ConfigurationHSRP

Ds-1 (config) # interface vlan1

Ds-1 (config-if) # ip add 192.168.1.1 255.255.255.0

Ds-1 (config-if) # standby 1 ip 192.168.1.100

Ds-1 (config-if) # standby 1 priority 200

Ds-1 (config-if) # standby 1 preemt

Ds-1 (config-if) # standby 1 track f0/2 50

Ds-1 (config) # interface vlan2

Ds-1 (config-if) # ip add 192.168.2.1 255.255.255.0

Ds-1 (config-if) # standby 1 ip 192.168.2.100

Ds-1 (config-if) # standby 1 priority 200

Ds-1 (config-if) # standby 1 preemt

Ds-1 (config-if) # standby 1 track f0/2 50

Ds-1 (config) # interface vlan3

Ds-1 (config-if) # ip add 192.168.3.1 255.255.255.0

Ds-1 (config-if) # standby 1 ip 192.168.3.100

Ds-1 (config-if) # standby 1 priority 170

Ds-1 (config-if) # standby 1 preemt

Ds-2 (config) # interface vlan1

Ds-2 (config-if) # ip add 192.168.1.1 255.255.255.0

Ds-2 (config-if) # standby 1 ip 192.168.1.100

Ds-2 (config-if) # standby 1 priority 170

Ds-2 (config-if) # standby 1 preemt

Ds-2 (config) # interface vlan2

Ds-2 (config-if) # ip add 192.168.2.1 255.255.255.0

Ds-2 (config-if) # standby 1 ip 192.168.2.100

Ds-2 (config-if) # standby 1 priority 170

Ds-2 (config-if) # standby 1 preemt

Ds-2 (config) # interface vlan3

Ds-2 (config-if) # ip add 192.168.3.1 255.255.255.0

Ds-2 (config-if) # standby 1 ip 192.168.3.100

Ds-2 (config-if) # standby 1 priority 200

Ds-2 (config-if) # standby 1 preemt

Ds-2 (config-if) # standby 1 track f0/2 50

Connect client hostsVlan(Add as a portVlanFor example)

Switch1 (config) # interface f0/1

Switport (config-if) # switchport mode access

Switport (config-if) # switchport access vlan 1

Switch1 (config-if) # spanning-tress portfast

Author: "Zhao Haihua _ road to O & M"

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Comprehensive multi-layer exchange experiment (I)

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support

Comprehensive multi-layer exchange experiment (I)

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

Trending Topic

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support