cisco switch 1900 2900 3500
草草寫完,如果誤謬,望期指正..
交換機cisco1900
設定ip
en
conf t
ip address 210.60.166.253 255.255.255.0
no shutdown
設定預設閘道
ip default-gateway 210.60.166.254
show ip
show interface
show interface ethernet 0/2
列出mac table
show mac-address-table
限制mac table量
en
conf t
interface ethernet 0/1
port secure max-mac-count 20
取消限制mac table量
en
conf t
interface ethernet 0/1
no port secure
查看所設定mac table量
show mac-address-table security
更改交換機主機名稱
en
conf t
hostname test
查看spanning tree protocol的資訊
show spantree
查看cdp相關資訊
show cdp
查看其他相連的交換機設備
show cdp neighbors
查看歷史紀錄
show history
查看vlan
show vlan
設定port的全雙模式
en
duplex ?
duplex [auto|full|full-flow-control|haft]
使vtp還原為預設值
delete vtp
新增vlan
en
conf t
vlan 100 name vlan100
vlan [編號] name [名稱]
將某個port加入vlan100
en
conf t
interface e0/1
vlan-membership static 100
查看編號100的vlan
show vlan 20
查看vtp的設定
show vtp
設定vtp 的 domain
vtp domain [domain]
vtp domain denny
設定vtp的密碼
en
vtp password [password]
設定vtp的模式
vtp server
vtp client
vtp transparent
開啟trunk
en
conf t
interface ethernet 0/24
trunk on
trunk off
--------------------------------------------------------
switch 2900 3500
設定vlan的domain與password
en
vlan database
vtp domain denny password denny
vtp server
查看vtp參數
show vtp ?
配置靜態vlan
en
vlan database
vlan name
exit
conf t
int fa 0/1
switchport mode access
switchport access vlan 將port設定在某個vlan上
為交換機上配置的vlan設置trunk
en
conf t
int fa 0/24
switchport mode trunk
switchport trunk encapsulation [isl|dot1q]
switchport trunk allowed vlan remove
switchport trunk allowed vlan add
設定介面為trunk模式
要讓多個vlan資訊通過此介面
en
conf t
int fa0/23
switchport mode trunk
為每個vlan設定ip位置
en
conf t
int vlan 30
ip address 210.60.166.220 255.255.255.0
2010年4月5日 星期一
Extreme設備實作ACL
Access-mask Configuration
Access-list Configuration
for example deny 192.168.100.22
# Access-mask Configuration
create access-mask ip_src_mask source-ip / 32
create access-mask destl4_port_mask ip-protocol dest-L4port
#
#before configure "access-list" command ,you have to configure "access-mask" command
# Access-list Configuration
create access-list denyudp135 access-mask destl4_port_mask ip-protocol 17 dest-L4port 135 deny
create access-list denytcp135 access-mask destl4_port_mask ip-protocol 6 dest-L4port 135 deny
create access-list denyudp445 access-mask destl4_port_mask ip-protocol 17 dest-L4port 445 deny
create access-list denytcp445 access-mask destl4_port_mask ip-protocol 6 dest-L4port 445 deny
#for example deny 192.168.100.22
create access-list deny100_22 access-mask ip_src_mask source-ip 192.168.100.22 / 32 deny
Extreme設備實作load sharing
可利用load sharing作備援線路
load sharing
可利用load sharing作備援線路
enable sharing <port> grouping <portlist> {algorithm {port-based | address-based |round-robin}}
disable sharing [<port>]
enable sharing 25 grouping 25,26 algorithm address-based
BD的ios支援較多的演算法
enable sharing 1:28 grouping 1:28 , 1:29 algorithm address-based
EXTREME 802.1q的vlan
第一台 extreme summit 200-24
create vlan v1
create vlan v2
create vlan bone
configure vlan v1 ipaddress 192.168.1.1/24
configure vlan v2 ipaddress 192.168.2.1/24
configure vlan bone ipaddress 192.168.200.1/24
configure vlan v1 tag 11
configure vlan v2 tag 12
configure vlan bone tag 1111
configure vlan v1 add ports 1-12
configure vlan v2 add ports 13-24
configure vlan bone add ports 26 tagged 須先將bone指定tag
configure vlan v1 add ports 26 tagged 須先將v1指定tag
configure vlan v2 add ports 26 tagged 須先將v2指定tag
enable ipforwarding vlan v1
enable ipforwarding vlan v2
enable ipforwarding vlan bone
enable rip
configure rip add vlan v1
configure rip add vlan v2
configure rip add vlan bone
第二台 extreme summit 200-24
create vlan v1
create vlan v2
create vlan bone
configure vlan bone ipaddress 192.168.200.2/24
configure vlan v1 tag 11
configure vlan v2 tag 12
configure vlan bone tag 1111
configure vlan v1 add ports 1-12
configure vlan v2 add ports 13-24
configure vlan bone add ports 26 tagged 須先將bone指定tag
configure vlan v1 add ports 26 tagged 須先將v1指定tag
configure vlan v2 add ports 26 tagged 須先將v2指定tag
enable ipforwarding vlan bone
configure rip add vlan bone
Extreme設備實作ESRP
MASTER:
-------------
create vlan up
create vlan down
create vlan directlink
config vlan up add ports 25-26
config vlan directlink add ports 1
config vlan down add ports 2-24
config vlan up ipaddress 210.60.166.222 255.255.255.0
config vlan directlink ipaddress 10.0.0.1 255.25.255.0
config vlan down ipaddress 192.168.0.254 255.255.255.0
enable ipforwarding(既可將全部的vlan加上ipforwarding)
enable ipforwarding vlan up
enable ipforwarding vlan directlink
ebable ipfrowarding vlan down
---esrp config -----directlink 不需要設esrp----
enable esrp up
enable esrp down
#此四個參數順序可以變更,依事件的順序啟動esrp的功能
config vlan up esrp esrp-election ports-track-priority-mac
config vlan down esrp esrp-election ports-track-priority-mac
#range 1-255 1最小 254最大 255永遠,設定master與slave 大的是master
config vlan up esrp priority 20
config vlan down esrp priority 20
#以下或以上非EXTREME SWITCH的設備
config vlan up add ports 25-26 restart
config vlan down add ports 2-24 restart
---routing----
config iproute add default 210.60.166.254 1
config iproute add default 10.0.0.2 10
config iproute add 192.168.0.0 255.255.255.0 192.168.0.254 (交換器已經ipforwarding所以毋須打上)因為vlan在本身的switch上,與學校的設定不同
config iproute add 192.168.0.0 255.255.255.0 10.0.0.2 10
SLAVE:
-------
create vlan up
create vlan down
create vlan directlink
config vlan up add ports 25-26
config vlan directlink add ports 1
config vlan down add ports 2-24
config vlan up ipaddress 210.60.166.222 255.255.255.0
config vlan directlink ipaddress 10.0.0.2 255.25.255.0
config vlan down ipaddress 192.168.0.254 255.255.255.0
enable ipforwarding(既可將全部的vlan加上ipforwarding)
enable ipforwarding vlan up
enable ipforwarding vlan directlink
ebable ipfrowarding vlan down
---esrp config -----directlink not config----
enable esrp up
enable esrp down
config vlan up esrp esrp-election port-track-priority-mac
config vlan down esrp esrp-election port-track-priority-mac
config vlan up esrp priority 10
config vlan down esrp priority 10
config vlan up add ports 25-26 restart
config vlan down add ports 2-24 restart
----routing-----
config iproute add default 210.60.166.254 1
config iproute add default 10.0.0.1 10
config iproute add 192.168.0.0 255.255.255.0 192.168.0.254 (交換器已經ipforwarding所以毋須打上)因為vlan在本身的switch上,與學校的設定不同
config iproute add 192.168.0.0 255.255.255.0 10.0.0.1 10
2010年4月4日 星期日
Fedora 11 加速 YUM下載速度(axel,yum-fastmirror)
AXEL是使用多線(Multi-thread)方式下載檔案, 又有人寫成YUM的plugin, 所以就來用看看!
Install AXEL
#wget http://wilmer.gaast.net/downloads/axel-1.0b.tar.gz
#tar zxvf axel-1.0b.tar.gz
#cd axel-1.0b
# ./configure –i18n=1
#make
#make install
設定YUM 使用 AXEL:
將 axelget.conf 放置 /etc/yum/pluginconf.d/
#wget http://cnfreesoft.googlecode.com/svn/trunk/axelget/axelget.conf -P /etc/yum/pluginconf.d/
將 axelget.py 放置 /usr/lib/yum-plugins/
#wget http://cnfreesoft.googlecode.com/svn/trunk/axelget/axelget.py -P /usr/lib/yum-plugins/
調整 YUM-Axel plugin, 只有超過200Kbyte檔案才使用 axel:
# cat /etc/yum/pluginconf.d/axelget.conf
[main]
enabled=1
onlyhttp=1
enablesize=200000
cleanOnException=1
讓YUM自動找最快mirror site:
yum install yum-fastmirror
試試看吧:
# yum update
Loaded plugins: axelget, presto, refresh-packagekit
Setting up Update Process
…
we will try to use axel to download this big file:41031190
Before we start,clean all the key files
Execute axel cmd:
axel -a -n 10 http://free.nchc.org.tw/fedora/linux/updates/11/i386//evolution-help-2.26.2-1.fc11.noarch.rpm -o /var/cache/yum/updates/packages/evolution-help-2.26.2-1.fc11.noarch.rpm
Initializing download: http://free.nchc.org.tw/fedora/linux/updates/11/i386//evolution-help-2.26.2-1.fc11.noarch.rpm
File size: 41031190 bytes
Opening output file /var/cache/yum/updates/packages/evolution-help-2.26.2-1.fc11.noarch.rpm
Starting downloadConnection 6 finished ]
Connection 9 finished ]
Connection 0 finished ]
Connection 7 finished ]
Connection 1 finished ]
Connection 8 finished ]
Connection 4 finished ]
Connection 2 finished ]
Connection 3 finished ]
[100%] [..................................................] [ 391.4KB/s] [00:00]Downloaded 39.1 megabytes in 1:42 seconds. (391.42 KB/s)
[110/221]Ok,
2010年3月26日 星期五
訂閱:
意見 (Atom)