雏鹰部落

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
查看: 3550|回复: 4

多厂商配置分享——中兴交换机配置一览

[复制链接]
发表于 2011-9-29 19:33:53 | 显示全部楼层 |阅读模式
本帖最后由 lgw5821228 于 2011-9-30 15:49 编辑

现今越来越多的网络厂商充斥在市场中,多厂商设备的配置需求越来越大,今天,平凡的IE哥和大家分享一下中兴交换机的配置。

个人心得:命令的使用要注意各种用户模式。
配成普通交换机:把2-24端口归到VLAN1下,2-24端口如果互相隔离,可以用PVLAN删除隔离端口即可。

2852s和2826s配置:
创建VLAN命令如下:
set vlan 10 enable   //创建vlan
set vlan 10 add port 1-24 untag ///在创建的vlan内添加用户端口
set vlan 10 add port 25 tag ///把级联端口添加到vlan10中,需打tag标签,即为trunk端口。
set port 1-24 pvid 10 ///把添加到vlan10的用户端口,pvid至vlan10中。交换机用户端口必须在所添加的vlan中做
此项命令。(默认的pvid为vlan10)

删除vlan命令如下:
set vlan 10 delete port 1-24 ///删除用户端口
set vlan 10 delete port 25 ///删除级联端口
set vlan 10 disable ///删除vlan
set port 1-24 pvid 1 ///恢复默认设置,该项命令必须添加,不然还会在show running-config信息中显示
set port 1-24 pvid 10的信息,会导致vlan用户使用不正常。

ENABLE密码配置:
zte>enable //进入全局配置模式
password:***** //输入进入全局配置模式的密码,缺省没有密码
zte(cfg)#adminpass zxr10 //配置进入全局配置模式的密码为zxr10
TELNET 用户名密码配置(为了便于对设备的维护,有时需要修改登录用户名或密码,配置如下:)
zte(cfg)#create user zxr10 //创建名为zxr10的用户
zte(cfg)#loginpass zxr10 //设置登录密码为zxr10
zte(cfg)#show user //显示telnet登录用户信息和当前用户名

配置三层管理或业务地址:
config router ///进入config router模式
set ipport 0 ipaddress 10.20.20.1 255.255.255.0 ///设置三层接口ip地址及掩码
set ipport 0 vlan 10 ///三层端口绑定vlan
set ipport 0 enable ///启用三层端口
iproute 0.0.0.0 0.0.0.0 10.20.20.1 ///设置默认路由指向网关

T40G和5228交换机配置:
批量创建vlan方式:
zxr10#vlan database
zxr10(vlan)#vlan 10-20
这样子10-20号连续的vlan就创建起来了,适合批量创建vlan。

在vlan中添加用户端口:
zxr10(config)vlan 10 ///进入vlan10
zxr10(config-vlan)switchport pvid fei_1/1-24 ///在vlan10中添加1-24号端口为用户端口,此时默认模式已经为access模式。

配置trunk级联端口(全局模式下):
interface fei_1/1 ///进入级联端口的接口模式
switchport mode trunk ///设置端口模式为trunk
switchport trunk vlan 10 ///级联端口与vlan绑定

三层接口地址配置:
interface vlan 10 ///进入三层vlan接口模式
ip address 10.20.20.1 255.255.255.0 ///配置三层ip地址
28系列交换机pvlan配置:
set pvlan session 1 add isolated-port 1-24 ////添加隔离端口
set pvlan session 1 add promiscuous port 25 ////添加共享端口

32系列交换机pvlan配置:
vlan private-map session-id 1 isolate fei_1/1-24 promis gei_3/1 ////添加隔离端口和共享端口

SNMP:
2826s:
create community zte private
create view zteview include 1.3.6.1
set community zte view zteview
set host 192.168.200.100 trap v2c zte
set trap coldstart enable
set trap warmstart enable
set trap linkup enable
set trap linkdown enable
set trap authenticationfail enable
set trap topologyChange enable
set trap memberUpDown enable

t40g:
snmp-server community zte view AllView rw
snmp-server host 192.168.200.100 trap version 2c zte udp-port 162
snmp-server enable trap

不管你看懂了没~~反正我第一次没看太懂,不过保存一下,以后有机会用到哦!!!!看的开心记得回帖啊!
发表于 2011-9-29 23:27:00 | 显示全部楼层
格式还需要再优化些,以便于快速阅读~
不错的多厂商分享~
发表于 2011-9-30 14:28:11 | 显示全部楼层
好长呀~~谢谢分享
发表于 2011-9-30 14:36:52 | 显示全部楼层
ip dhcp enable
ip dhcp server dns 219.141.136.10
ip dhcp-client disable
urpf log off
ip local pool pool1 192.168.1.2 192.168.1.254 255.255.255.0
interface null1
interface fei_0/1
  ip address 113.18.1.70 255.255.255.252
  negotiation auto
  ip access-group 155 in
  ip nat outside
interface fei_0/2
  ip address 192.168.1.1 255.255.255.0
  peer default ip pool pool1
  negotiation auto
  ip dhcp mode server
  ip dhcp server gateway 192.168.1.1
  ip nat inside
interface fei_0/3
reference clock local
ip nat max-entry-number 64
ip nat start
ip nat pool netpool 113.18.1.70 113.18.1.70 prefix-length 24
ip nat inside source list 1 pool netpool overload
ip nat translation timeout class a 20
ip nat translation timeout class b 60
ip nat translation timeout class c 150
ip nat translation timeout class d 300
ip nat translation timeout class e 1200
ip nat translation timeout protocol icmp a
ip nat translation timeout protocol ip d
ip nat translation timeout protocol tcp port 80 a
ip nat translation timeout protocol tcp d
ip nat translation timeout protocol udp port 4000 d
ip nat translation timeout protocol udp port 4001 d
ip nat translation timeout protocol udp port 4002 d
ip nat translation timeout protocol udp port 4003 d
ip nat translation timeout protocol udp port 8000 d
ip nat translation timeout protocol udp port 8001 d
ip nat translation timeout protocol udp c
ip nat translation maximal default 1000
ip route 0.0.0.0 0.0.0.0 113.18.1.69
voice class service
!
no ipv6 nat enable
acl standard number 1
  rule 1 permit 192.168.1.0 0.0.0.255
acl standard number 11
  rule 1 permit 218.207.153.26 0.0.0.0
acl standard number 55
  rule 1 permit 218.207.153.24 0.0.0.7
  rule 2 permit 211.138.144.190 0.0.0.0
  rule 3 permit 113.18.101.29 0.0.0.0
acl extended number 155
  rule 1 permit icmp 218.207.153.26 0.0.0.0 any
  rule 2 deny icmp any any echo
  rule 3 permit ip any any
ip tcp intercept mode intercept
ip tcp intercept drop-mode oldest
ip tcp intercept watch-timeout 30
ip tcp intercept finrst-timeout 5
ip tcp intercept connection-timeout 86400
ip tcp intercept max-incomplete high 1100
ip tcp intercept max-incomplete low 900
ip tcp intercept one-minute high 1100
ip tcp intercept one-minute low 900
nas
version V4.8.01.B.01
nvram mng-ip-address 10.40.89.170 255.255.0.0
nvram boot-username mmba
nvram boot-password mmba
nvram boot-server 10.40.89.78
nvram default-gateway 1.1.1.1
nvram imgfile-location local
enable secret level 15 5 b9lNtLN4jdmcB3/1yjwfNg==
username fzyd password ****
user-authentication-type local
user-authorization-type local
line console 0
  login authentication
lfap disable
lfap max-send-fun-size 100
lfap **-interval 60
lfap server-retry-interval 60
lfap message-response-interval 60
lfap ka-interval 60
lfap flow-expired-time 600
snmp-server location No.68 Zijinghua Rd. Yuhuatai District, Nanjing, China
snmp-server contact +86-25-52870000
snmp-server packetsize 1400
snmp-server engine-id 830900020300010289d64401
snmp-server access-list 11
snmp-server community fzmcc view DefaultView ro
snmp-server view AllView internet included
snmp-server view DefaultView system included
logging on
logging buffer 200
logging mode fullcycle
logging console notifications
logging level notifications
logging cmdlog-interval 2880
logging timestamps datetime localtime
alarm cpuload-on
alarm cpuload-interval 30
alarm cpuload-threshold high-grade 95 **dle-grade 85 low-grade 75
syslog-server host 218.207.153.26 fport 514 lport 514 alarmlog level notifications cmdlog debugmsg
syslog-server facility local0
line console idle-timeout 20
line console absolute-timeout 1440
line telnet idle-timeout 20
line telnet absolute-timeout 1440
line telnet access-class 55
ssh server authentication ispgroup 1
ssh server authentication mode local
ssh server authentication type chap
no ssh server only
ssh server version 2
radius auto-change off
tacacs disable
tacacs-server timeout 5
tacacs-server packet 1024

这是一台中兴1800刚刚show run 出来的,可以看看
 楼主| 发表于 2011-9-30 15:47:27 | 显示全部楼层
感谢楼上~~~~嘿嘿,好多啊~看的有点晕
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|熊猫同学技术论坛|小黑屋| 网络工程师论坛 ( 沪ICP备09076391 )

GMT+8, 2024-11-22 14:11 , Processed in 0.079879 second(s), 18 queries , Gzip On.

快速回复 返回顶部 返回列表