2. 科技
  3. 公司基础网络架构及实现

公司基础网络架构及实现

it2022-05-27  71
环境介绍 三层楼 12楼   4台二层交换机,4个摄像头,2个无线AP,一个门禁 11楼   一台路由器,一台三层交换机,四台二层交换机,4个摄像头,2个无线AP,一个门禁,4台服务器,两台光纤交换机,一台SAN存储,一台上网行为管理, 10楼    4台二层交换机,4个摄像头,2个无线AP,一个门禁 注:服务器 LENOVO ThinkServer RD440        路由器 HUAWEI  S5700 V200R003C00SPC300        交换机 HUAWEI  S5700 V200R003C00SPC300   24个千兆以太接口 目的 保证各自自动获取ip地址,并且实现广播隔离,内外网可以通讯 网络规划 1.网络拓扑 2.网段划分 楼层网段(12)           VLAN12     IP:     192.168.12.0/24 楼层网段(12)           VLAN11     IP:     192.168.11.0/24 楼层网段(12)            VLAN10     IP:     192.168.10.0/24 服务器网段                    VLAN18     IP :    192.168.18.0/24 虚拟桌面网段                VLAN16     IP:     192.168.16.0/24 网络设备网段                VLAN8       IP:     192.168.8.0/24 路由器段                       VLAN6       IP:     192.168.6.0/24 无线                              VLAN11     IP:     192.168.9.0/24 各网段网关均为192.168.*.254 每层第一个交换机的23,24配置为无线access模式、                                19,20,21,22为摄像头为access模式 每个交换机的第一个接口配置为级联口                                 vlan1作为每个交换机的管理接口 3.网络配置 路由器配置 ================================================================================== 三层交换机配置 基本用户配置 <>sys []sysname HX-Switch [HX-Switch]user-interface vty 0 4 [ HX-Switch -vty0-4]authencation-mode aaa [ HX-Switch -vty0-4]aaa [ HX-Switch -aaa] [ HX-Switch -aaa] local-user pxtadmin password cipher xxx [ HX-Switch -aaa] local-user pxtadmin privilege level 5 [ HX-Switch -aaa] local-user pxtadmin service-type  telnet terminal ssh http [ HX-Switch -aaa]quit  [ HX-Switch ]telnet server enable    开启telnet服务 ip管理 [ HX-Switch ]interface vlanf 1 [ HX-Switch ] ip address 192.168.16.253  255.255.255.0 划分及配置vlan网关及开启dhcp [ HX-Switch ]interface vlanif6                     ip address 192.168.6.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.6.180 192.168.6.253                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif8                     ip address 192.168.8.254 255.255.255.0                     dhcp select interface                      dhcp server excluded-ip-address 192.168.8.1 192.168.8.100                     dhcp server excluded-ip-address 192.168.8.180 192.168.8.254                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif9                     ip address 192.168.9.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.9.1240 192.168.9.254                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif10                     ip address 192.168.6.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.10.240 192.168.10.253                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif11                     ip address 192.168.11.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.11.240 192.168.11.248                       dhcp server excluded-ip-address 192.168.11.250 192.168.11.253                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif12                     ip address 192.168.12.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.12.240 192.168.12.248                     dhcp server excluded-ip-address 192.168.12.250 192.168.12.253                     dhcp server dns-list 192.168.8.1 192.168.18.2 [ HX-Switch ]interface vlanif18                     ip address 192.168.18.254 255.255.255.0     [ HX-Switch ]interface vlanif110                     ip address 192.168.110.254 255.255.255.0                     dhcp select interface                     dhcp server excluded-ip-address 192.168.110.240 192.168.110.248                       dhcp server excluded-ip-address 192.168.110.250 192.168.6.253                     dhcp server dns-list 202.96.134.133 8.8.8.8 interface MEth0/0/1 接口配置 interface GigabitEhternet0/0/1 port link-type access port default vlan 6 interface GigabitEhternet0/0/2 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/3 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/4 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/5 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/6 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/7 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/8 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/9 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/10 port link-type trunk port trunk allow-pass vlan 2 to 4094 interface GigabitEhternet0/0/11 port link-type access port default vlan 18 interface GigabitEhternet0/0/12 port link-type access port default vlan 8 interface GigabitEhternet0/0/13 port link-type access port default vlan 8 interface GigabitEhternet0/0/14 port link-type access port default vlan 8 interface GigabitEhternet0/0/15 port link-type access port default vlan 8 interface GigabitEhternet0/0/16 port link-type access port default vlan 8 interface GigabitEhternet0/0/17 port link-type access port default vlan 8 interface GigabitEhternet0/0/18 port link-type access port default vlan 8 interface GigabitEhternet0/0/19 port link-type access port default vlan 8 interface GigabitEhternet0/0/20 port link-type access port default vlan 8 interface GigabitEhternet0/0/21 port link-type access port default vlan 18 interface GigabitEhternet0/0/22 port link-type access port default vlan 18 interface GigabitEhternet0/0/23 port link-type access port default vlan 6 interface GigabitEhternet0/0/24 port link-type access port default vlan 6 dhcp server group 12 gateway 192.168.12.254    interface vlanif1 ip address 192.168.6.254 255.255.255.0 dhcp select interface dhcp server exclude-ip-address 192.168.6.180 192.168.6.253 dhcp server dns-list 192.168.18.2 192.168.8.1 ================================================================================================= 二层交换机 12楼配置 S1201: 配置用户远程登陆密码及3A认证 <>sys     进入全局配置模式 [S1201]sysname xxx     给交换机命名 [S1201]user-interface vty 0 4   配置vty虚拟远程登陆端口 [S1201-ui-vty0-4] authentication-mode aaa  配置认证模式为3A认证 [S1201-ui-vty0-4] aaa      进入3A认证模式 [S1201-aaa] local-user pxtadmin password cipher  xxxxx     添加用户 [S1201-aaa]local-user pxtadmin privilege level 15  为用户设置权限等级 [S1201-aaa]local-user pxtadmin service-type telnet terminal ssh http 允许远程登陆的服务类型 [S1201-aaa]quit   推出aaa模式 [S1201]telnet server enable    开启telnet服务 配置管理ip [S1201] interface vlanf 1    进入vlan 1 接口 [S1201]ip address 192.168.16.121  255.255.255.0 配置vlan trunk模式(接交换机) [S1201] interface g0/0/1     [S1201-GigabitEthernet0/0/1]port link-type trunk    配置接口类型为trunk [S1201-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 to 4094   允许vlan2到vlan4094通过 access模式(主机接入) [S1201] vlan 12     添加vlan 12 [S1201-vlan10]quit [S1201]interface g0/0/2 [S1201-GigabitEthernet0/0/2]port link-type access     接口模式为access [S1201-GigabitEthernet0/0/2]port default vlan 12      接口加入到vlan10 wireless-user [S1201]vlan 9  添加vlan 9 [S1201-vlan9] quit [S1201]interface g0/0/23 [S1201-GigabitEthernet0/0/23]port link-type trunk  [S1201-GigabitEthernet0/0/23] port trunk allow-pass vlan 2 to 4094 wireless-admin [S1201]vlan 110  添加vlan110 [S1201-vlan110] quit [S1201]interface g0/0/24 [S1201-GigabitEthernet0/0/24] port link-type trunk  [S1201-GigabitEthernet0/0/24] port trunk allow-pass vlan 2 to 4094 monitor 配置静态路由 [S1201]ip route-static 0.0.0.0 0.0.0.0 192.168.16.253  配置默认路由        来自为知笔记(Wiz)

转载于:https://www.cnblogs.com/endmoon/p/4621285.html

相关资源:智能家庭网络架构及实现

专利

最新回复(0)