华三S5500三层交换机配置实例

******************************************************************************
* Copyright (c) 2004-2010 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent,                                 *
* no decompiling or reverse-engineering shall be allowed.                    *
******************************************************************************

Login authentication

Password:
<cluster1_0.S5500_BGL>dis cur
#
version 5.20, Release 2202
#
sysname S5500_BGL
#
super password level 3 cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
#
domain default enable system
#
telnet server enable
#
undo ip ttl-expires
#
acl number 3100 name wb
rule 0 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.6.0 0.0.0.255
rule 5 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.7.0 0.0.0.255
rule 10 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.8.0 0.0.0.255
rule 15 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
acl number 3110 name sxf
rule 0 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.6.0 0.0.0.255
rule 5 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.8.0 0.0.0.255
rule 18 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.18.0 0.0.0.255
rule 28 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.28.0 0.0.0.255
rule 38 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.38.0 0.0.0.255
rule 48 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.48.0 0.0.0.255
rule 58 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.58.0 0.0.0.255
rule 68 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.68.0 0.0.0.255
rule 78 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.78.0 0.0.0.255
rule 88 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.88.0 0.0.0.255
rule 98 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.98.0 0.0.0.255
acl number 3120 name server
rule 0 permit ip source 192.168.6.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 5 permit ip source 192.168.6.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
acl number 3140 name lan
rule 0 permit ip source 192.168.8.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 5 permit ip source 192.168.8.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 10 permit ip source 192.168.18.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 15 permit ip source 192.168.18.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 20 permit ip source 192.168.28.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 25 permit ip source 192.168.28.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 30 permit ip source 192.168.38.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 35 permit ip source 192.168.38.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 40 permit ip source 192.168.48.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 45 permit ip source 192.168.48.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 50 permit ip source 192.168.58.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 55 permit ip source 192.168.58.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
acl number 3150 name sales
rule 60 permit ip source 192.168.68.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 65 permit ip source 192.168.68.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
#
vlan 1
#
vlan 2
description wb
#
vlan 4
description sxf
#
vlan 5
description ex_in_server
#
vlan 6
description server
#
vlan 7
description JK
#
vlan 8
description lan
#
vlan 9
description outer
#
vlan 10
description print_server
#
vlan 18
description lan_1fac_18
#
vlan 19
description outer_1fac_19
#
vlan 28
description lan_2fac_28
#
vlan 29
description outer_2fac_29
#
vlan 38
description lan_3fac_38
#
vlan 39
description outer_3fac_39
#
vlan 48
description yikatong
#
vlan 58
description lan_LED_58
#
vlan 59
description outer_LED_59
#
vlan 68
description lan68
#
vlan 69
description outer_lan69
#
vlan 78
description lan78
#
vlan 88
description lan88
#
vlan 98
description lan98
#
vlan 100
description wan
#
vlan 254
description Net-Device
#
radius scheme system
server-type extended
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier classifier_wb operator and
if-match acl 3100
traffic classifier classifier_lan operator and
if-match acl 3140
traffic classifier classifier_server operator and
if-match acl 3120
traffic classifier classifier_sxf operator and
if-match acl 3110
#
traffic behavior behavior_wb
filter deny
traffic behavior behavior_server
filter deny
traffic behavior behavior_lan
filter deny

traffic behavior behavior_sxf

filter deny
#
qos policy policy_lan
classifier classifier_lan behavior behavior_lan
qos policy policy_server
classifier classifier_server behavior behavior_server
qos policy policy_sxf
classifier classifier_sxf behavior behavior_sxf
qos policy policy_wb
classifier classifier_wb behavior behavior_wb
#
user-group system
#
local-user admin
password simple guxin@22881
service-type telnet
local-user lyc
#
stp pathcost-standard dot1t
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.99.241 255.255.255.0
#
interface Vlan-interface2
ip address 192.168.2.241 255.255.255.0
#
interface Vlan-interface4
ip address 192.168.4.241 255.255.255.0
#
interface Vlan-interface5
ip address 192.168.5.241 255.255.255.0
#
interface Vlan-interface6
ip address 192.168.6.241 255.255.255.0
#
interface Vlan-interface7
ip address 192.168.7.241 255.255.255.0
#
interface Vlan-interface8
ip address 192.168.8.241 255.255.255.0
#
interface Vlan-interface9
ip address 192.168.9.241 255.255.255.0
#
interface Vlan-interface10
ip address 192.168.10.241 255.255.255.0
#
interface Vlan-interface18
ip address 192.168.18.241 255.255.255.0
#
interface Vlan-interface19
ip address 192.168.19.241 255.255.255.0
#
interface Vlan-interface28
ip address 192.168.28.241 255.255.255.0
#
interface Vlan-interface29
ip address 192.168.29.241 255.255.255.0
#
interface Vlan-interface38
ip address 192.168.38.241 255.255.255.0
#
interface Vlan-interface39
ip address 192.168.39.241 255.255.255.0
#
interface Vlan-interface48
ip address 192.168.48.241 255.255.255.0
#
interface Vlan-interface58
ip address 192.168.58.241 255.255.255.0
#
interface Vlan-interface59
ip address 192.168.59.241 255.255.255.0
#
interface Vlan-interface68
ip address 192.168.68.241 255.255.255.0
#
interface Vlan-interface69
ip address 192.168.69.241 255.255.255.0
#
interface Vlan-interface78
ip address 192.168.78.241 255.255.255.0
#
interface Vlan-interface88
ip address 192.168.88.241 255.255.255.0
#
interface Vlan-interface98
ip address 192.168.98.241 255.255.255.0
#
interface Vlan-interface100
ip address 192.168.1.241 255.255.255.0
#
interface Vlan-interface254
ip address 192.168.254.241 255.255.255.0
#
interface GigabitEthernet1/0/1
port access vlan 8
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/3
port access vlan 8
#
interface GigabitEthernet1/0/4
port access vlan 8
#
interface GigabitEthernet1/0/5
port access vlan 8
#
interface GigabitEthernet1/0/6
port access vlan 8
#
interface GigabitEthernet1/0/7
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/8
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/9
port access vlan 8
#
interface GigabitEthernet1/0/10
port access vlan 8
#
interface GigabitEthernet1/0/11
port access vlan 8
#
interface GigabitEthernet1/0/12
port access vlan 8
#
interface GigabitEthernet1/0/13
port access vlan 5
#
interface GigabitEthernet1/0/14
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/17
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/18
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/19
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/20
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/21
port link-type trunk
port trunk permit vlan all
shutdown
#
interface GigabitEthernet1/0/22
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/23
port link-type trunk
port trunk permit vlan all
shutdown
#
interface GigabitEthernet1/0/24
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/28
port link-type trunk
port trunk permit vlan all
#
cluster
ip-pool 172.16.0.1 255.255.255.248
build cluster1
ftp-server 192.168.9.44
tftp-server 192.168.9.44
#
ip route-static 0.0.0.0 0.0.0.0 192.168.5.254
#
#
snmp-agent
snmp-agent local-engineid 800063A2033CE5A6A8CAD2
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info version all
#
qos vlan-policy policy_wb vlan 2 inbound
qos vlan-policy policy_server vlan 6 inbound
qos vlan-policy policy_lan vlan 8 inbound
qos vlan-policy policy_lan vlan 18 inbound
qos vlan-policy policy_lan vlan 28 inbound
qos vlan-policy policy_lan vlan 38 inbound
qos vlan-policy policy_lan vlan 48 inbound
qos vlan-policy policy_lan vlan 58 inbound
qos vlan-policy policy_sxf vlan 4 inbound
qos vlan-policy policy_lan vlan 68 inbound
#
user-interface aux 0
authentication-mode password
set authentication password cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
history-command max-size 20
idle-timeout 6 0
screen-length 30
user-interface aux 1 8
user-interface vty 0
user privilege level 3
set authentication password cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
history-command max-size 20
idle-timeout 6 0
screen-length 30
protocol inbound telnet
user-interface vty 1 4
#
return

华三S5500三层交换机配置实例

猜你喜欢