设为首页收藏本站订阅本站
开启辅助访问 切换到宽版

雏鹰部落

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
雏鹰部落»雏鹰部落论坛 一起走过的日子 Bootcamp项目与分享 【锐捷全真实战】6810e
返回列表 发新帖
查看: 4860|回复: 5

【锐捷全真实战】6810e

  [复制链接]
lyregale
发表于 2008-5-27 09:55:07 | 显示全部楼层 |阅读模式
System software version : 2.42(5) Build Feb  2 2007Rel
Building configuration...
Current configuration : 16218 bytes
!
version 1.0
install 2   12sfp/gt
install 4   12sfp/gt
install 7   msc
ip routing algorithm CRC32_UPPER
!

hostname ##################
enable secret level 1 5 (#####################
enable secret level 15 5 )################3
!
service dhcp  
ip helper-address ####################
ip access-list extended 100
  deny tcp any  any eq 135
  deny tcp any  any eq 136
  deny tcp any  any eq 137
  deny tcp any  any eq 138
  deny tcp any  any eq 445
  deny tcp any  any eq 4444
  deny tcp any  any eq 593
  deny tcp any  any eq 1081
  deny tcp any  any eq 256
  deny tcp any  any eq 768
  deny tcp any  any eq 1068
  deny tcp any  any eq 5554
  deny tcp any  any eq 9995
  deny tcp any  any eq 9996
  deny tcp any  any eq 34385
  deny udp any  any eq 135
  deny udp any  any eq 136
  deny udp any  any eq netbios-ns
  deny udp any  any eq netbios-dgm
  deny udp any  any eq netbios-ss
  deny udp any  any eq 445
  deny udp any  any eq 1434
  deny udp any  any eq 256
  deny udp any  any eq 768
  deny udp any  any eq 2425
  deny udp any  any eq 27005
  deny udp any eq 15000 any
  permit ip any  any
!
ip access-list extended 101
  deny tcp any  any eq 135
  deny tcp any  any eq 136
  deny tcp any  any eq 137
  deny tcp any  any eq 138
  deny tcp any  any eq 445
  deny tcp any  any eq 4444
  deny tcp any  any eq 593
  deny tcp any  any eq 1081
  deny tcp any  any eq 256
  deny tcp any  any eq 768
  deny tcp any  any eq 1068
  deny tcp any  any eq 5554
  deny tcp any  any eq 9995
  deny tcp any  any eq 9996
  deny tcp any  any eq 34385
  deny udp any  any eq 135
  deny udp any  any eq 136
  deny udp any  any eq netbios-ns
  deny udp any  any eq netbios-dgm
  deny udp any  any eq netbios-ss
  deny udp any  any eq 445
  deny udp any  any eq 1434
  deny udp any  any eq 256
  deny udp any  any eq 768
  permit ip any  any
!
ip access-list extended control
  permit tcp any  any eq www
  permit tcp any  any eq ftp
  permit tcp any  any eq ftp-data
  permit tcp any  any eq smtp
  permit tcp any  any eq pop3
  permit tcp any  any eq pop2
  permit tcp any  any eq telnet
  permit tcp any  any eq 5000
  permit tcp any  any eq 5010
  permit tcp any  any eq 1863
  permit tcp any  any eq 443
  permit udp any  any eq 3001
  permit udp any  any eq 3002
  permit udp any  any eq 6000
  permit udp any  any eq 6001
  permit udp any  any eq 6002
  permit udp any  any eq 6003
  permit udp any  any eq 6004
  permit udp any  any eq domain
  permit udp any  any eq bootpc
  permit udp any  any eq bootps
  permit udp any  any eq 8000
  permit udp any  any eq 4000
  permit udp any  any eq 1863
  permit udp any  any eq tftp
  permit icmp any  any
  permit udp any  any eq 1812
  permit udp any  any eq 1813
  permit tcp any  any eq domain
  permit tcp any eq telnet any
  permit tcp any  any eq 8008
  permit tcp any  any eq 8080
  permit tcp any  any eq 554
  permit tcp any  any eq 1755
  permit udp any  any eq 1755
  permit udp any  any eq 4004
  deny ip any  any
!
interface GigabitEthernet 2/1
medium-type fiber
storm-control broadcast level 1
switchport access vlan 1013
spanning-tree bpdufilter enabled
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/2
medium-type fiber
storm-control broadcast level 1
switchport access vlan 1017
spanning-tree bpdufilter enabled
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/3
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-51,53-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/4
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-51,53-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/5
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-52,54-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/6
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-53,55-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/7
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-47,50-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/8
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-50,52-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/9
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-54,56-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/10
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-55,57-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/11
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-87,89-90,92-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 2/12
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-78,80-88,90-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/1
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-63,66-4093
spanning-tree bpdufilter enabled
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/2
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-79,82-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/3
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-65,68-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!


回复

使用道具 举报

lyregale
 楼主| 发表于 2008-5-27 09:55:39 | 显示全部楼层

接上面的

interface GigabitEthernet 4/4
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-67,70-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/5
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-69,72-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/6
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-71,74-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/7
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-73,77-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/8
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-76,79-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/9
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-89,91-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/10
medium-type fiber
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-54,56-4093
spanning-tree bpdufilter enabled
ip access-group 100 in
system-guard enable
system-guard isolate-time 1200
system-guard same-ip-attack-packets 15
system-guard scan-ip-attack-packets 15
!
interface GigabitEthernet 4/11
storm-control broadcast level 1
spanning-tree bpdufilter enabled
!
interface GigabitEthernet 4/12
storm-control broadcast level 1
switchport mode trunk
switchport trunk allowed vlan remove 2-49,51-4093
spanning-tree bpdufilter enabled
!
interface Vlan 1
ip address ###############255.255.255.0
!
interface Vlan 48
ip address ############255.255.255.128
!
interface Vlan 49
ip address ############# 255.255.255.128
!
interface Vlan 50
ip address ######### 255.255.255.128
!
interface Vlan 51
ip address ########## 255.255.255.128
!
interface Vlan 52
ip address ############## 255.255.255.128
ipv6 address 2001:da8:d805:52::1/64
!
interface Vlan 53
ip address ############ 255.255.255.128
!        
interface Vlan 54
ip address ########### 255.255.255.128
!
interface Vlan 55
ip address ########### 255.255.255.0
!
interface Vlan 56
ip address#########1 255.255.255.0
!
interface Vlan 64
ip address 10.17.0.1 255.255.255.0
!
interface Vlan 65
ip address 10.17.1.1 255.255.255.0
!
interface Vlan 66
ip address 10.17.2.1 255.255.255.0
ipv6 address 2001:da8:d805:66::1/64
!
interface Vlan 67
ip address 10.17.3.1 255.255.255.0
!
interface Vlan 68
ip address 10.17.4.1 255.255.255.0
!
interface Vlan 69
ip address 10.17.5.1 255.255.255.0
!
interface Vlan 70
ip address 10.17.6.1 255.255.255.0
!
interface Vlan 71
ip address 10.17.7.1 255.255.255.0
!
interface Vlan 72
ip address 10.17.8.1 255.255.255.0
!
interface Vlan 73
ip address 10.17.9.1 255.255.255.0
!
interface Vlan 74
ip address 10.17.10.1 255.255.255.0
!
interface Vlan 75
ip address 10.17.11.1 255.255.255.0
!
interface Vlan 76
ip address 10.17.12.1 255.255.255.0
!
interface Vlan 77
ip address 10.17.13.1 255.255.255.0
!
interface Vlan 78
ip address 10.17.14.1 255.255.255.0
!
interface Vlan 79
ip address 10.17.15.1 255.255.255.0
!
interface Vlan 80
ip address 10.17.16.1 255.255.255.0
!
interface Vlan 81
ip address 10.17.17.1 255.255.255.0
!
interface Vlan 88
ip address 10.18.0.1 255.255.255.0
!
interface Vlan 89
ip address 10.18.1.1 255.255.255.0
!
interface Vlan 90
ip address 10.18.2.1 255.255.255.0
!
interface Vlan 91
ip address 10.18.3.1 255.255.255.0
!
interface Vlan 1013
ip address 192.168.1.14 255.255.255.252
!
interface Vlan 1017
ip address 192.168.2.14 255.255.255.252
!
router ospf
router-id 192.168.10.7
passive-interface VL1
passive-interface VL48
passive-interface VL49
passive-interface VL50
passive-interface VL51
passive-interface VL52
passive-interface VL53
passive-interface VL54
passive-interface VL55
passive-interface VL56
passive-interface VL64
passive-interface VL65
passive-interface VL66
passive-interface VL67
passive-interface VL68
passive-interface VL69
passive-interface VL70
passive-interface VL71
passive-interface VL72
passive-interface VL73
passive-interface VL74
passive-interface VL75
passive-interface VL76
passive-interface VL77
passive-interface VL78
passive-interface VL79
passive-interface VL80
passive-interface VL81
passive-interface VL88
passive-interface VL89
passive-interface VL90
passive-interface VL91
area 3.3.3.3
network 10.17.0.0 255.255.255.0 area 3.3.3.3
network 10.17.1.0 255.255.255.0 area 3.3.3.3
network 10.17.2.0 255.255.255.0 area 3.3.3.3
network 10.17.3.0 255.255.255.0 area 3.3.3.3
network 10.17.4.0 255.255.255.0 area 3.3.3.3
network 10.17.5.0 255.255.255.0 area 3.3.3.3
network 10.17.6.0 255.255.255.0 area 3.3.3.3
network 10.17.7.0 255.255.255.0 area 3.3.3.3
network 10.17.8.0 255.255.255.0 area 3.3.3.3
network 10.17.9.0 255.255.255.0 area 3.3.3.3
network 10.17.10.0 255.255.255.0 area 3.3.3.3
network 10.17.11.0 255.255.255.0 area 3.3.3.3
network 10.17.12.0 255.255.255.0 area 3.3.3.3
network 10.17.13.0 255.255.255.0 area 3.3.3.3
network 10.17.14.0 255.255.255.0 area 3.3.3.3
network 10.17.15.0 255.255.255.0 area 3.3.3.3
network 10.17.16.0 255.255.255.0 area 3.3.3.3
network 10.17.17.0 255.255.255.0 area 3.3.3.3
network 10.18.0.0 255.255.255.0 area 3.3.3.3
network 10.18.1.0 255.255.255.0 area 3.3.3.3
network 10.18.2.0 255.255.255.0 area 3.3.3.3
network 10.18.3.0 255.255.255.0 area 3.3.3.3
network 192.168.1.12 255.255.255.252 area 3.3.3.3
network 192.168.2.12 255.255.255.252 area 3.3.3.3
network 192.168.101.0 255.255.255.0 area 3.3.3.3
network #########255.255.255.128 area 3.3.3.3
network ############## 255.255.255.0 area 3.3.3.3
network ############## 255.255.255.0 area 3.3.3.3
network ############### 255.255.255.128 area 3.3.3.3
network ########### 255.255.255.128 area 3.3.3.3
network ###############255.255.255.128 area 3.3.3.3
network ################# 255.255.255.128 area 3.3.3.3
network #################255.255.255.128 area 3.3.3.3
network ###############255.255.255.128 area 3.3.3.3
!
ip route 0.0.0.0 0.0.0.0 Vlan 1013############ enabled
arp ##############0018.f83b.1631 arpa gigabitEthernet 2/4
arp ##########30050.8d77.820f arpa gigabitEthernet 2/9
snmp-server community ##############ro
banner login ^C
Hello NIC Manager ! ^C
!
monitor session 1 source interface gigabitEthernet 4/1 both
monitor session 1 destination interface gigabitEthernet 4/11
ipv6 enable
system-guard exception-ip ############# 255.255.255.0
system-guard exception-ip ############## 255.255.255.255
end

[ 本帖最后由 lyregale 于 2008-5-29 15:36 编辑 ]
回复 支持 反对

使用道具 举报

zolo1987
发表于 2008-5-30 13:37:41 | 显示全部楼层
盖聪的贴要顶啊,~~~~~~~~~~!!
回复 支持 反对

使用道具 举报

飘魂
发表于 2008-9-26 13:42:59 | 显示全部楼层
看死咯~~~
回复 支持 反对

使用道具 举报

qnnsafe9
发表于 2009-3-5 20:50:29 | 显示全部楼层

好,支持一下.......






黄金酒价格
五粮液黄金酒
日本动画片
猫和老鼠
回复 支持 反对

使用道具 举报

铖旎奕
发表于 2009-9-7 16:25:16 | 显示全部楼层
冷却塔激光灯金蝶软件工业洗衣机大型洗衣机洗涤机械外教上海外教
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|熊猫同学技术论坛|小黑屋| 网络工程师论坛 ( 沪ICP备09076391 )

GMT+8, 2024-11-22 19:16 , Processed in 0.075035 second(s), 18 queries , Gzip On.

快速回复 返回顶部 返回列表