【锐捷】VSU环境下部署VAC

CyclingLife2024-06-20 15:55

配置要求

1.两台核心交换机部署VSU,Domain ID为1,S1的Switch ID为1,优先级为150,设备描述为VSU-S1;S2的Switch ID为2,优先级为120,设备描述为VSU-S2;两台设备的G0/48口用于BFD双机检测。

2.两台AC部署VAC,Domain ID为1,AC1的Device ID为1,优先级为150,设备描述为VAC-AC1;AC2的Device ID为2,优先级为120,设备描述为VAC-AC2;两台设备的G0/8口用于BFD双机检测。

3.所有业务端口均使用LACP动态聚合

4.AP及用户的DHCP网关部署在VSU上,地址自行规划

5.无线SSID为Ruijie-Test,密码为12345678,加密方式为WPA2。

网络拓扑

接口规划

设备名称 端口 端口描述或名称 IP地址或端口规划 对端设备
S1 Te0/49 VSU - S2
S1 Te0/50 VSU - S2
S1 G0/48 BFD - S2
S1 G0/1 Connect_To_AC1 VLAN10 AC1
S1 G0/2 Connect_To_AC1 AG1 AC1
S1 G0/3 Connect_To_AC2 AG1 AC2
S1 G0/4 Connect_To_S3 AG2 S3
S1 VLAN10 VAC G0/1 -
S1 VLAN20 Wireless_AP_Manage 192.168.20.254/24 -
S1 VLAN30 Wireless_User 192.168.30.254/24 -
S1 VLAN100 Manage 192.168.100.254/24 -
S1 AG1 Connect_To_VAC Trunk -
S1 AG2 Connect_To_S3 Trunk -
S2 Te0/49 VSU - S1
S2 Te0/50 VSU - S1
S2 G0/48 BFD - S1
S2 G0/1 Connect_To_AC2 VLAN10 AC2
S2 G0/2 Connect_To_AC2 AG1 AC2
S2 G0/3 Connect_To_AC1 AG1 AC1
S2 G0/4 Connect_To_S3 AG2 S3
S2 VLAN10 VAC G0/1 -
S2 VLAN20 Wireless_AP_Manage 192.168.20.254/24 -
S2 VLAN30 Wireless_User 192.168.30.254/24 -
S2 VLAN100 Manage 192.168.100.254/24 -
S2 AG1 Connect_To_VAC Trunk -
S2 AG2 Connect_To_S3 Trunk -
S3 G0/23 Connect_To_S1 AG1 S1
S3 G0/24 Connect_To_S2 AG1 S2
S3 G0/1 Connect_To_AP Trunk AP
S3 G0/2 Connect_To_AP Trunk AP
S3 G0/3 Connect_To_AP Trunk AP
S3 AG2 Connect_To_VSU Trunk VSU
AC1 G0/1 VAC_Connect_To_S1 - S1
AC1 G0/8 BFD - AC2
AC1 G0/2 Connect_To_S1 AG1 S1
AC1 G0/3 Connect_To_S2 AG1 S2
AC1 VLAN100 CAPWAP-Manage 192.168.100.253/24 -
AC1 AG1 Connect_To_VSU Trunk VSU
AC2 G0/1 VAC_Connect_To_S2 - S2
AC2 G0/8 BFD - AC1
AC2 G0/2 Connect_To_S2 AG1 S2
AC2 G0/3 Connect_To_S1 AG1 S1
AC2 VLAN100 CAPWAP-Manage 192.168.100.253/24 -
AC2 AG1 Connect_To_VSU Trunk VSU

配置过程

1.完成VSU配置

S1

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#switch virtual domain 1
Ruijie(config-vs-domain)#switch 1
Ruijie(config-vs-domain)#switch 1 priority 150
Ruijie(config-vs-domain)#switch 1 description VSU-S1
Ruijie(config-vs-domain)#exit
Ruijie(config)#vsl-port
Ruijie(config-vsl-port)#port-member interface tenGigabitEthernet 0/49
Ruijie(config-vsl-port)#port-member interface tenGigabitEthernet 0/50
Ruijie(config-vsl-port)#end
Ruijie#switch convert mode virtual
Convert mode will backup and delete config file, and reload the switch. Are you sure to continue[yes/no]:y
% It is preparing for restarting device, please wait a moment.

S2

XML 复制代码 
S2配置:
Ruijie>enable
Ruijie#configure
Ruijie(config)#switch virtual domain 1
Ruijie(config-vs-domain)#switch 2
Ruijie(config-vs-domain)#switch 2 priority 120
Ruijie(config-vs-domain)#switch 2 description VSU-S2
Ruijie(config-vs-domain)#exit
Ruijie(config)#vsl-port
Ruijie(config-vsl-port)#port-member interface tenGigabitEthernet 0/49
Ruijie(config-vsl-port)#port-member interface tenGigabitEthernet 0/50
Ruijie(config-vsl-port)#end
Ruijie#switch convert mode virtual
Convert mode will backup and delete config file, and reload the switch. Are you sure to continue[yes/no]:y
% It is preparing for restarting device, please wait a moment.

2.VSU配置成功后,配置BFD双机检测

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#hostname VSU
VSU(config)#interface range gigabitEthernet 1/0/48,2/0/48
VSU(config-if-range)#no switchport
VSU(config-if-range)#exit
VSU(config)#switch virtual domain 1
VSU(config-vs-domain)#dual-active detection bfd
VSU(config-vs-domain)#dual-active bfd interface gigabitEthernet 1/0/48
VSU(config-vs-domain)#dual-active bfd interface gigabitEthernet 2/0/48
VSU(config-vs-domain)#end
VSU#

3.在VSU上为VAC做准备配置

XML 复制代码 
VSU#configure
VSU(config)#vlan 10
VSU(config-vlan)#name VAC
VSU(config-vlan)#exit
VSU(config)#interface vlAN 10
VSU(config-if-VLAN 10)#mtu 9216
VSU(config-if-VLAN 10)#exit
VSU(config)#interface range gigabitEthernet 1/0/1,2/0/1
VSU(config-if-range)#switchport access vlan 10
VSU(config-if-range)#mtu 9216
VSU(config-if-range)#end
VSU#

4.完成VAC配置

AC1

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#virtual-ac domain 1
Ruijie(config-vac-domain)#device 1
Ruijie(config-vac-domain)#device 1 priority 150
Ruijie(config-vac-domain)#device 1 description VAC-AC1
Ruijie(config-vac-domain)#exit
Ruijie(config)#vac-port
Ruijie(config-vac-port)#port-member interface gigabitEthernet 0/1 copper
Ruijie(config-vac-port)#end
Ruijie#device convert mode virtual
Convert mode will backup and delete config file, and reload the switch. Are you sure to continue[yes/no]:y
% It is preparing for restarting device, please wait a moment.

AC2

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#virtual-ac domain 1
Ruijie(config-vac-domain)#device 2
Ruijie(config-vac-domain)#device 2 priority 120
Ruijie(config-vac-domain)#device 2 description VAC-AC2
Ruijie(config-vac-domain)#exit
Ruijie(config)#vac-port
Ruijie(config-vac-port)#port-member interface gigabitEthernet 0/1 copper
Ruijie(config-vac-port)#end
Ruijie#device convert mode virtual
Convert mode will backup and delete config file, and reload the switch. Are you sure to continue[yes/no]:y
% It is preparing for restarting device, please wait a moment.

5.VAC配置成功后,配置BFD双机检测

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#hostname VAC
VAC(config)#interface range gigabitEthernet 1/0/8,2/0/8
VAC(config-if-range)#no switchport
VAC(config-if-range)#exit
VAC(config)#virtual-ac domain 1
VAC(config-vac-domain)#dual-active detection bfd
VAC(config-vac-domain)#dual-active bfd interface gigabitEthernet 1/0/8
VAC(config-vac-domain)#dual-active bfd interface gigabitEthernet 2/0/8
VAC(config-vac-domain)#end
VAC#

6.配置设备的端口和IP地址

VSU

XML 复制代码 
VSU#configure
VSU(config)#interface range gigabitEthernet 1/0/2-3,2/0/2-3
VSU(config-if-range)#port-group 1 mode active
VSU(config-if-range)#exit
VSU(config)#interface aggregatePort 1
VSU(config-if-AggregatePort 1)#switchport mode trunk
VSU(config-if-AggregatePort 1)#switchport trunk allowed vlan only 20,30,100
VSU(config-if-AggregatePort 1)#exit
VSU(config)#interface range gigabitEthernet 1/0/4,2/0/4
VSU(config-if-range)#port-group 2 mode active
VSU(config-if-range)#exit
VSU(config)#interface aggregatePort 2
VSU(config-if-AggregatePort 2)#switchport mode trunk
VSU(config-if-AggregatePort 2)#switchport trunk allowed vlan only 20,30
VSU(config-if-AggregatePort 2)#exit
VSU(config)#vlan 20
VSU(config-vlan)#name Wireless_AP_Magage
VSU(config-vlan)#exit
VSU(config)#vlan 30
VSU(config-vlan)#name Wireless_User
VSU(config-vlan)#exit
VSU(config)#vlan 100
VSU(config-vlan)#name Manage
VSU(config-vlan)#exit
VSU(config)#interface vlAN 20
VSU(config-if-VLAN 20)#ip address 192.168.20.254 24
VSU(config-if-VLAN 20)#exit
VSU(config)#interface vlAN 30
VSU(config-if-VLAN 30)#ip address 192.168.30.254 24
VSU(config-if-VLAN 30)#exit
VSU(config)#interface vlAN 100
VSU(config-if-VLAN 100)#ip address 192.168.100.254 24
VSU(config-if-VLAN 100)#end
VSU#

VAC

XML 复制代码 
VAC#configure
VAC(config)#interface range gigabitEthernet 1/0/2-3,2/0/2-3
VAC(config-if-range)#port-group 1 mode active
VAC(config-if-range)#exit
VAC(config)#interface aggregatePort 1
VAC(config-if-AggregatePort 1)#switchport mode trunk
VAC(config-if-AggregatePort 1)#switchport trunk allowed vlan only 20,30,100
VAC(config-if-AggregatePort 1)#exit
VAC(config)#vlan 20
VAC(config-vlan)#name Wireless_AP_Manage
VAC(config-vlan)#exit
VAC(config)#vlan 100
VAC(config-vlan)#name Manage
VAC(config-vlan)#exit
VAC(config)#interface vlAN 20
VAC(config-if-VLAN 20)#ip address 192.168.20.253 24
VAC(config)#interface vlAN 100
VAC(config-if-VLAN 100)#ip address 192.168.100.253 24
VAC(config-if-VLAN 100)#end
VAC#

S3

XML 复制代码 
Ruijie>enable
Ruijie#configure
Ruijie(config)#hostname S3
S3(config)#interface range gigabitEthernet 0/23-24
S3(config-if-range)#port-group 2 mode active
S3(config-if-range)#exit
S3(config)#interface aggregatePort 2
S3(config-if-AggregatePort 2)#switchport mode trunk
S3(config-if-AggregatePort 2)#switchport trunk allowed vlan only 20,30
S3(config-if-AggregatePort 2)#exit
S3(config)#interface range gigabitEthernet 0/1-3
S3(config-if-range)#switchport mode trunk
S3(config-if-range)#switchport trunk allowed vlan only 20,30
S3(config-if-range)#switchport trunk native vlan 20
S3(config-if-range)#exit
S3(config)#vlan range 20,30
S3(config-vlan-range)#end
S3#

7.配置无线功能

VSU配置DHCP

XML 复制代码 
VSU#configure
VSU(config)#ip dhcp pool AP
VSU(dhcp-config)#network 192.168.20.0 255.255.255.0
VSU(dhcp-config)#default-router 192.168.20.254
VSU(dhcp-config)#option 138 ip 192.168.20.253
VSU(dhcp-config)#lease 1 0 0
VSU(dhcp-config)#exit
VSU(config)#ip dhcp pool User
VSU(dhcp-config)#network 192.168.30.0 255.255.255.0
VSU(dhcp-config)#default-router 192.168.30.254
VSU(dhcp-config)#lease 0 8 0
VSU(dhcp-config)#exit
VSU(config)#service dhcp
VSU(config)#end
VSU#

AC配置

XML 复制代码 
VAC#configure
VAC(config)#ac-controller
VAC(config-ac)#capwap ctrl-ip 192.168.20.253
VAC(config-ac)#exit
VAC(config)#ip route 0.0.0.0 0.0.0.0 192.168.100.254
VAC(config)#wlan-config 1 Ruijie-Test
VAC(config-wlan)#exit
VAC(config)#wlansec 1
VAC(config-wlansec)#security rsn enable
VAC(config-wlansec)#security rsn ciphers aes enable
VAC(config-wlansec)#security rsn akm psk enable
VAC(config-wlansec)#security rsn akm psk set-key ascii 12345678
VAC(config-wlansec)#exit
VAC(config)#ap-group default
VAC(config-group)#interface-mapping 1 30
VAC(config-group)#end
VAC#

结果验证

VSU

VAC

S3

相关推荐
归寻太乙8 分钟前
Linux环境变量
linux·运维·服务器
m0Java门徒8 分钟前
面向对象编程核心:封装、继承、多态与 static 关键字深度解析
java·运维·开发语言·intellij-idea·idea
Sapphire~15 分钟前
Linux-06 ubuntu 系统截图软件使用简单记录
linux·运维·ubuntu
高级IT技术专家secops99823 分钟前
在统信UOS/麒麟Kylin OS操作系统中配置APT和GIT代理
运维·服务器·git·系统安全·kylin
工头阿乐39 分钟前
Appium自动化开发环境搭建
运维·appium·自动化
自由鬼41 分钟前
开源漏洞扫描器:OpenVAS
运维·服务器·安全·网络安全·开源·漏洞管理
難釋懷42 分钟前
Shell脚本-while循环语法结构
linux·运维·服务器·bash
静听夜半雨1 小时前
CANoe入门——3、新建LIN工程及LIN DataBase(LDF文件)的创建
网络·数据库·c++·编辑器
B64A-消闲1 小时前
shell命令一
linux·运维
Jackilina_Stone1 小时前
【网工第6版】第5章 网络互联⑧
网络·软考·网工·第5章 网络互联
热门推荐
01KGG转MP3工具|非KGM文件|解密音频02从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑03我决定放弃搞 Java 了04Coze扣子平台完整体验和实践(附国内和国际版对比)05YOLOv8入门 | 重要性能衡量指标、训练结果评价及分析及影响mAP的因素【发论文关注的指标】06DeepSeek各版本说明与优缺点分析07yolov8,yolo11,yolo12 服务器训练到部署全流程 笔记08苍穹外卖面试总结09如何在WPS和Word/Excel中直接使用DeepSeek功能10【2025年最新】OpenWrt 更换国内源的指南(图形界面版)