The exam is coming soon, and it's time to prepare to start writing the questions. After reading this test, you have to prepare the test papers of recent years. Get ready to brush the questions. Although the certificate is not high in gold, it adds a lot of color to the resume of college students.
Switch classification:
Layer 2 switch: switch based on mac address,
Layer 3 switch: switch based on IP address (one route, multiple forwarding) Layer
4 switch: switch based on port number
Frame Relay: virtual circuit identifier
Ethernet topology Structure division:
access layer switches (mac address filtering and IP address binding are completed at the access layer)
aggregation layer switches (data packet filtering, protocol conversion and traffic load are completed at the aggregation layer)
core layer switches (as the backbone of the network) Familiar forwarding)
According to the exchange method:
straight-through exchange: as long as there is a destination address, it can be forwarded, and the forwarding speed is fast, but there is no ability to eliminate the middle.
Store-and-forward: The information is cached first, which is highly detectable and takes a long time.
Fragment-free forwarding: The forwarding starts after 64 bytes are acquired.
Conflict domain and broadcast domain
Conflict domain refers to the domain of physical collision at the physical layer (access signals are sent at the same time, and the server encounters the server). Methods: bridge, switch, router (a switch port is a conflict domain, and a switch is a broadcast Domain)
Broadcast domain: The data link layer is capable of receiving the same broadcast message. The method: routers, layer three switches. (A router port is a broadcast domain, and a port is also a collision domain.)
Throughput: the number of data packets passing through the network per unit time, (throughput = number of 10 Gigabit ports 14.88Mp/s+ number of Gigabit ports 1.488Mp/s+ The number of 100M ports is 0.1488Mp/s)
backplane broadband: the maximum amount of data that the switch interface processor or interface card can handle. (Backplane broadband = number of 10 Gigabit ports 14.88Mp/s 2 + number of Gigabit ports1.488Mp/s 2+Number of 100M ports 0.1488Mp/s 2+ Port rate of other ports *2)
Configuration: connection based on console (first use)
Hyperterminal parameters: (bits per second: 9600bot, data bits: 8 Bit, parity check bit: none, stop bit: 1 bit. Data flow control: none)
configuration under the switch, (user, privilege, global)
mode features
User mode Red-Giant>
Privilege mode Red-Giant#
Global configuration mode Red- Giant (config)#interface
configuration mode Red-Giant (config-if)#
vlan configuration mode Red-Giant (config-vlan)#
system-view (user attempt -> system view)
Enter system view, return user view with Ctrl +Z.
[Huawei]interface Vlanif 1
[Huawei-Vlanif1]ip address 192.168.1.1 24 (IP address
configured globally) Configure vlan:
vlan 20//Create a VLAN
interface gigabitethernet 0/0/1 //Enter the first one Service network port
port link-type access //Set the access mode of the first network port
port default vlan20 //Set the VLAN number of this network port to 20
(trunk is a common VLAN type)
interface gigabitethnet 0/0/2 //Enter the second business network port
port link-type trunk //Set the second network Port trunk mode
port trunk allow-pass vlan 10 20 30 //Set the VLAN number that this port can pass
port trunk allow-pass vlan all means that all frames with VLAN can pass.
Router configuration:
system-view #Enter from user mode Privileged mode
Enter system view, return user view with Ctrl+Z.
[Huawei]interface g0/0/0 #Enter interface
[Huawei-GigabitEthernet0/0/0]ip address 192.168.1.10 24 #Configure IP address
Static configuration
[Huawei] ip route-static source IP reverse mask destination
[Huawei]ip route-static source IP reverse mask port
configuration acl
system-view
[Huawei]acl?
INTEGER<2000-2999> Basic access-list(add to current using rules)
INTEGER<3000-3999> Advanced access-list(add to current using rules)
INTEGER<4000-4999> Specify a L2 acl group
ipv6 ACL IPv6
name Specify a named ACL
number Specify a numbered ACL
prohibits packets from source 192.168.1.1 from passing
[Huawei]acl 2000
[Huawei-acl-basic-2000]rule deny source 192.168.1.1 0
([Huawei-acl-basic-2000]rule permit source 192.168.2.0 0) allows packets from source 192.168.1.1 to pass through
[Huawei ] packet-filter vlan 6 inbound ip -group 2000 // acl configuration of the VLAN
[the Huawei] packet-filter inbound IP-2000 // Group globally in an ACL, filtering port to accept packets for all applied substantially ACL2000
[ Huawei]interface e 0/0/1
[Huawei-Ethernet0/0/1] packet-filter inbound ip-group 2000 //Configure acl under the interface
configuration nat
[Huawei]system-view
[Huawei]acl 2001
[Huawei-acl-basic-2001] rule permit source 10.10.10.0 0.0.0.255!—It is a basic ACL that allows packets with a source IP address in the 10.10.10.0/24 network to perform NAT address translation
[Huawei-acl-basic -2001]rule deny!
—Create a rule to prohibit other IP packets from
configuring dhcp through [Huawei]-acl-basic-2001]quit (automatically assign IP addresses to internal networks or network service providers)
[Huawei]interface g0/0 /0 (Enter the interface)
[Huawei-GigabitEthernet0/0/0] ip address 192.168.1.2 255.255.255.0 (Configure the interface IP address, configure dhcp requires a legal IP)
[Huawei-GigabitEthernet0/0/0] quit
[Huawei] ip pool net1 The address pool configured to assign IP addresses to vlan2, named net1
[Huawei-ip-pool-net1] network 192.168.1.0 mask 255.255.255.0 The assigned ip is 192.168.1.0/24
[Huawei-ip-pool-net1 ] gateway-list 192.168.1.2 Configure gateway
[Huawei-ip-pool-net1] dns-list 100.100.100.100 Specify DNSF server
[Huawei-ip-pool-net1] static-bind ip-address 192.168.1.10 mac-address 0000-1111-2222 Assign a fixed ip to a fixed mac
[Huawei-ip-pool-net1] excluded-ip-address 192.168.1.100 no Assigned ip address
[Huawei-ip-pool-net1] quit
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]dhcp select global //Call on the interface
Configure vlan
Huawei]vlan 2 Create vlan2, 3
[Huawei-vlan2]quit
[Huawei]vlan 3
[Huawei-vlan3]quit
[Huawei]
[Huawei] interface vlan 2
[Huawei-Vlanif2] ip address 192.168.1.3 255.255.255.0
[Huawei-Vlanif2] dhcp relay server-ip 12.1 .1.2 Enable dhcp relay function in vlan2
[Huawei-Vlanif2] quit
[Huawei]interface g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access Configure interface g0/0/1 and g/0 /2 is the access interface
[Huawei-GigabitEthernet0/0/1]quit
[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.2 Configure the route that can reach the dhcp server
[Huawei]
[Huawei]dhcp snooping enable enable the global dhcp-snooping detection function
[ Huawei]interface g0/0/3
[Huawei-GigabitEthernet0/0/3]dhcp snooping trusted Trust the dhcp-offer message on the interface connected to the dhcp server
[Huawei-GigabitEthernet0/0/3]quit
[Huawei]
[Huawei]interface g0 /0/1
[Huawei-GigabitEthernet0/0/1] dhcp snooping enable does not trust dhcp-offer messages on the interface connected to the client to prevent illegal dhcp servers from providing ip addresses
[Huawei-GigabitEthernet0/0/1]quit
[Huawei]
[ Huawei]interface g0/0/2
[Huawei-GigabitEthernet0/0/2]dhcp snooping enable Distrust dhcp-offer messages on the interface connecting to the client to prevent illegal dhcp servers from providing ip addresses
[Huawei-GigabitEthernet0/0/2]quit
Configure ospf
ospf 1 router-id 1.1.1.1 Configure ospf and ospf r-id
area 0 Create area 0 backbone area
network 12.1.1.1 0.0.0.0 Declare the interfaces belonging to area 0 in area 0 (allow the interface to send and receive ospf packets in area 0 )
area 1 Create
area1 network 13.1.1.1 0.0.0.0 Declare the interface belonging to area1 in area1