Comprehensive examples of configuring layer three exchanges
There is no problem with this configuration.
As long as you can see clearly and remember the key commands, I believe you have a deeper understanding of the three levels.
****************************************************************
Basic network situation
The network topology is: the central switch adopts Cisco Catalyst 4006-S3.
Supervisor Engine III G engine is located in slot 1, used to realize three-layer switching; 1 block and 24 ports
The 1000Base-T module is located in the second slot and is used to connect to the network server; 1 block, 6 port 1000Base-X module bit
In the third slot, it is used to connect 6 backbone switches. One switch uses Cisco Catalyst 3550-
24-EMI and install 1 1000Base-X GBIC Gigabit module. A switch uses Cisco
Catalyst 3550-24-SMI, also installed 1000Base-X GBIC Gigabit module. Four other switches
Using Cisco Catalyst 2950G-24-SMI, install 1000Base-T GBIC Gigabit module.
All servers are divided into one VLAN, namely VLAN 50. The four Catalyst 2950G-24-SMI switches are also divided into only one VLAN, namely VLAN 60, VLAN 70, VLAN 80 and VLAN 90.
Catalyst 3550-24-EMI is divided into 4 VLANs, namely VLAN 10, VLAN 20, VLAN 30 and
VLAN 40. Catalyst 3550-24-SMI divides 2 VLANs, namely VLAN 60 and VLAN 80, and another
The two Catalyst 2950G-24-SMI switches are located in the same VLAN respectively.
*********************************Example Analysis******************************
Since all Catalyst 2950G switches are a standalone VLAN, you must first
VLANs (VLAN 60~VLAN 90) are created on these switches and all ports are assigned to the VLAN. Of course
After that, create VLANs on the corresponding ports of the Catalyst 4006 switch. Catalyst 4006's
The 1000Base-X ports are connected to the 1000Base-X ports of each Catalyst 2950G respectively. in,
The GigabitEthernet3/2 port is connected to Catalyst 2950 switch No. 1 (VLAN 60), the GigabitEthernet3/3 port is connected to Catalyst 2950 switch No. 2 (VLAN 70), the GigabitEthernet3/4 port is connected to Catalyst 2950 switch No. 3 (VLAN 80), the GigabitEthernet3/5 port is connected to Catalyst 2950 switch No. 4 (VLAN 90), and the GigabitEthernet3/6 port is connected to Switch No. 6 (VLAN 80).
Since there are 4 VLANs (VLAN 10~VLAN 40) on the Catalyst 3550-24-EMI, and all 4 VLANs need to be connected to the GigabitEthernet3/1 port of Catalyst 4006 by means of a 1000Base-X link, a Trunk must be created between Catalyst 4006 and Catalyst 3550-24-EMI.
Similarly, there are 2 VLANs (VLAN 60 and VLAN 80) on the Catalyst 3550-24-SMI, and all 4 VLANs need to be connected to the GigabitEthernet3/6 port of Catalyst 4006 by means of a 1000Base-X link. Therefore, a Trunk must be created between Catalyst 4006 and Catalyst 3550-24-EMI.
Additionally, all servers are connected to the 1000Base-T module of Catalyst 4006 and become a VLAN (VLAN 90), so a VLAN must be created for these switches and all ports are assigned to the VLAN. It should be noted that considering the needs of network management, several RJ-45 ports (such as ports 21 to 24) can also be left without specifying to any VLAN, so as to facilitate connection to network management devices. By default, all ports belong to VLAN1, and management of all devices in the network can be achieved only in VLAN1.
******************************Configuration list******************************
●Cisco Catalyst 4006 switch configuration list
Current configuration : 5594 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname hsnc
!
boot system bootflash:cat4000-is-mz.121-8a.
no logging console
enable secret level 1 5 $1$rkQW$1HKyKdN5f.Ri5zxeoF8Yv/
!
ip subnet-zero
!
!
!
interface GigabitEthernet1/1
no snmp trap link-status
!--Do not specify VLAN for 1000Base-X slot in Supervisor Engine III G engine
interface GigabitEthernet1/2
no snmp trap link-status
!
!
interface GigabitEthernet2/1
switchport access vlan 50
no snmp trap link-status
!--Specify port GigabitEthernet2/1 to VLAN 50
!
interface GigabitEthernet2/2
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/3
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/4
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/5
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/6
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/7
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/8
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/9
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/10
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/11
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/12
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/13
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/14
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/15
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/16
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/17
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/18
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/19
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/20
switchport access vlan 50
no snmp trap link-status
!--Do not specify GigabitEthernet2/20~24 to any VLAN
!
interface GigabitEthernet3/1
switchport trunk encapsulation dot1q
! --Enable the 802.1Q Trunk encapsulation protocol, that is, create Trunk on this port
switchport trunk allowed vlan 1-80
! --Allow vlan 1-90 to communicate on this trunk
! --A VLAN can be denied or allowed to access the Trunk
! -- Ensure that unauthorized VLANs can achieve VLAN access security through this Trunk
switchport mode trunk
! --Set this port to Trunk
description netcenter
no snmp trap link-status
!
interface GigabitEthernet3/2
switchport access vlan 60
no snmp trap link-status
!--Specify port GigabitEthernet3/2 to VLAN 60
!
interface GigabitEthernet3/3
switchport access vlan 70
no snmp trap link-status
!--Specify port GigabitEthernet3/3 to VLAN 70
!
interface GigabitEthernet3/4
switchport access vlan 80
no snmp trap link-status
!--Specify port GigabitEthernet3/4 to VLAN 80
!
interface GigabitEthernet3/5
switchport access vlan 90
no snmp trap link-status
!--Specify port GigabitEthernet3/5 to VLAN 90
!
interface GigabitEthernet3/6
switchport trunk encapsulation dot1q
! --Enable the 802.1Q Trunk encapsulation protocol, that is, create Trunk on this port
switchport trunk allowed vlan 1-80
! --Allow vlan 1-90 to communicate on this trunk
! --A VLAN can be denied or allowed to access the Trunk
! -- This ensures that unauthorized VLANs can achieve VLAN access security through this Trunk
switchport mode trunk
! --Set this port to Trunk
description netcenter
no snmp trap link-status
!
interface Vlan1
description netmanger
no ip address
!
!--Describe VLAN1
interface Vlan10
description network center
no ip address
!--Describe VLAN2
!
interface Vlan20
description computer center
no ip address
!
interface Vlan30
description network lab
no ip address
!
interface Vlan40
description huaxuelou
no ip address
!
interface Vlan50
description wulilou
no ip address
!
interface Vlan60
description shengwulou
no ip address
!
interface Vlan70
description zhongwenxi
no ip address
!
interface Vlan80
description tushuguan
no ip address
!
!
line con 0
stopbits 1
line vty 0 4
password aaa
login
!
endArticle entry: aaadxmm Editor in charge: aaadxmm
There is no problem with this configuration.
As long as you can see clearly and remember the key commands, I believe you have a deeper understanding of the three levels.
****************************************************************
Basic network situation
The network topology is: the central switch adopts Cisco Catalyst 4006-S3.
Supervisor Engine III G engine is located in slot 1, used to realize three-layer switching; 1 block and 24 ports
The 1000Base-T module is located in the second slot and is used to connect to the network server; 1 block, 6 port 1000Base-X module bit
In the third slot, it is used to connect 6 backbone switches. One switch uses Cisco Catalyst 3550-
24-EMI and install 1 1000Base-X GBIC Gigabit module. A switch uses Cisco
Catalyst 3550-24-SMI, also installed 1000Base-X GBIC Gigabit module. Four other switches
Using Cisco Catalyst 2950G-24-SMI, install 1000Base-T GBIC Gigabit module.
All servers are divided into one VLAN, namely VLAN 50. The four Catalyst 2950G-24-SMI switches are also divided into only one VLAN, namely VLAN 60, VLAN 70, VLAN 80 and VLAN 90.
Catalyst 3550-24-EMI is divided into 4 VLANs, namely VLAN 10, VLAN 20, VLAN 30 and
VLAN 40. Catalyst 3550-24-SMI divides 2 VLANs, namely VLAN 60 and VLAN 80, and another
The two Catalyst 2950G-24-SMI switches are located in the same VLAN respectively.
*********************************Example Analysis******************************
Since all Catalyst 2950G switches are a standalone VLAN, you must first
VLANs (VLAN 60~VLAN 90) are created on these switches and all ports are assigned to the VLAN. Of course
After that, create VLANs on the corresponding ports of the Catalyst 4006 switch. Catalyst 4006's
The 1000Base-X ports are connected to the 1000Base-X ports of each Catalyst 2950G respectively. in,
The GigabitEthernet3/2 port is connected to Catalyst 2950 switch No. 1 (VLAN 60), the GigabitEthernet3/3 port is connected to Catalyst 2950 switch No. 2 (VLAN 70), the GigabitEthernet3/4 port is connected to Catalyst 2950 switch No. 3 (VLAN 80), the GigabitEthernet3/5 port is connected to Catalyst 2950 switch No. 4 (VLAN 90), and the GigabitEthernet3/6 port is connected to Switch No. 6 (VLAN 80).
Since there are 4 VLANs (VLAN 10~VLAN 40) on the Catalyst 3550-24-EMI, and all 4 VLANs need to be connected to the GigabitEthernet3/1 port of Catalyst 4006 by means of a 1000Base-X link, a Trunk must be created between Catalyst 4006 and Catalyst 3550-24-EMI.
Similarly, there are 2 VLANs (VLAN 60 and VLAN 80) on the Catalyst 3550-24-SMI, and all 4 VLANs need to be connected to the GigabitEthernet3/6 port of Catalyst 4006 by means of a 1000Base-X link. Therefore, a Trunk must be created between Catalyst 4006 and Catalyst 3550-24-EMI.
Additionally, all servers are connected to the 1000Base-T module of Catalyst 4006 and become a VLAN (VLAN 90), so a VLAN must be created for these switches and all ports are assigned to the VLAN. It should be noted that considering the needs of network management, several RJ-45 ports (such as ports 21 to 24) can also be left without specifying to any VLAN, so as to facilitate connection to network management devices. By default, all ports belong to VLAN1, and management of all devices in the network can be achieved only in VLAN1.
******************************Configuration list******************************
●Cisco Catalyst 4006 switch configuration list
Current configuration : 5594 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname hsnc
!
boot system bootflash:cat4000-is-mz.121-8a.
no logging console
enable secret level 1 5 $1$rkQW$1HKyKdN5f.Ri5zxeoF8Yv/
!
ip subnet-zero
!
!
!
interface GigabitEthernet1/1
no snmp trap link-status
!--Do not specify VLAN for 1000Base-X slot in Supervisor Engine III G engine
interface GigabitEthernet1/2
no snmp trap link-status
!
!
interface GigabitEthernet2/1
switchport access vlan 50
no snmp trap link-status
!--Specify port GigabitEthernet2/1 to VLAN 50
!
interface GigabitEthernet2/2
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/3
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/4
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/5
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/6
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/7
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/8
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/9
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/10
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/11
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/12
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/13
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/14
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/15
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/16
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/17
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/18
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/19
switchport access vlan 50
no snmp trap link-status
!
interface GigabitEthernet2/20
switchport access vlan 50
no snmp trap link-status
!--Do not specify GigabitEthernet2/20~24 to any VLAN
!
interface GigabitEthernet3/1
switchport trunk encapsulation dot1q
! --Enable the 802.1Q Trunk encapsulation protocol, that is, create Trunk on this port
switchport trunk allowed vlan 1-80
! --Allow vlan 1-90 to communicate on this trunk
! --A VLAN can be denied or allowed to access the Trunk
! -- Ensure that unauthorized VLANs can achieve VLAN access security through this Trunk
switchport mode trunk
! --Set this port to Trunk
description netcenter
no snmp trap link-status
!
interface GigabitEthernet3/2
switchport access vlan 60
no snmp trap link-status
!--Specify port GigabitEthernet3/2 to VLAN 60
!
interface GigabitEthernet3/3
switchport access vlan 70
no snmp trap link-status
!--Specify port GigabitEthernet3/3 to VLAN 70
!
interface GigabitEthernet3/4
switchport access vlan 80
no snmp trap link-status
!--Specify port GigabitEthernet3/4 to VLAN 80
!
interface GigabitEthernet3/5
switchport access vlan 90
no snmp trap link-status
!--Specify port GigabitEthernet3/5 to VLAN 90
!
interface GigabitEthernet3/6
switchport trunk encapsulation dot1q
! --Enable the 802.1Q Trunk encapsulation protocol, that is, create Trunk on this port
switchport trunk allowed vlan 1-80
! --Allow vlan 1-90 to communicate on this trunk
! --A VLAN can be denied or allowed to access the Trunk
! -- This ensures that unauthorized VLANs can achieve VLAN access security through this Trunk
switchport mode trunk
! --Set this port to Trunk
description netcenter
no snmp trap link-status
!
interface Vlan1
description netmanger
no ip address
!
!--Describe VLAN1
interface Vlan10
description network center
no ip address
!--Describe VLAN2
!
interface Vlan20
description computer center
no ip address
!
interface Vlan30
description network lab
no ip address
!
interface Vlan40
description huaxuelou
no ip address
!
interface Vlan50
description wulilou
no ip address
!
interface Vlan60
description shengwulou
no ip address
!
interface Vlan70
description zhongwenxi
no ip address
!
interface Vlan80
description tushuguan
no ip address
!
!
line con 0
stopbits 1
line vty 0 4
password aaa
login
!
endArticle entry: aaadxmm Editor in charge: aaadxmm