ip生产区

实验拓扑及需求

实验配置

需求一：交换机之间trunk使用最少vlan透传原则

D-1\]vlan batch 21 22 23 100 \[D-1-GigabitEthernet0/0/3\]port link-type trunk \[D-1-GigabitEthernet0/0/3\]port trunk allow-pass vlan 21 \[D-2-GigabitEthernet0/0/4\]port link-type trunk \[D-2-GigabitEthernet0/0/4\]port trunk allow-pass vlan 22 \[D-2-GigabitEthernet0/0/5\]port link-type trunk \[D-2-GigabitEthernet0/0/5\]port trunk allow-pass vlan 23 100 \[A-1-GigabitEthernet0/0/1\]port link-type trunk \[A-1-GigabitEthernet0/0/1\]port trunk allow-pass vlan 21 \[A-1-GigabitEthernet0/0/2\]port link-type access \[A-1-GigabitEthernet0/0/2\]port default vlan 21 \[A-2-GigabitEthernet0/0/1\]port link-type access \[A-2-GigabitEthernet0/0/1\]port default vlan 22 \[A-2-GigabitEthernet0/0/2\]port link-type trunk \[A-2-GigabitEthernet0/0/2\]port trunk allow-pass vlan 22 \[A-3-GigabitEthernet0/0/1\]port link-type trunk \[A-3-GigabitEthernet0/0/1\]port trunk allow-pass vlan 23 100 需求二：D-1，D-2之间做链路聚合 \[D-1\]int Eth-Trunk 0 \[D-1-Eth-Trunk0\]trunkport g0/0/1 \[D-1-Eth-Trunk0\]trunkport g0/0/2 \[D-2\]interface Eth-Trunk 0 \[D-2-Eth-Trunk0\]trunkport g0/0/1 \[D-2-Eth-Trunk0\]trunkport g0/0/2 \[D-1-Eth-Trunk0\]port link-type trunk \[D-1-Eth-Trunk0\]port trunk allow-pass vlan 21 22 23 100 \[D-2-Eth-Trunk0\]port link-type trunk \[D-2-Eth-Trunk0\]port trunk allow-pass vlan 21 22 23 100 需求三：MSTP name 配置为SC 需求四：MSTP 实例映射为： instance 1 vlan 21 instance 2 vlan 22 23 100 需求五：D-1为实例1,0的根，实例二的备份根 需求六：D-2为实例二的根，实例1,0的备份根 \[D-1\]stp enable \[D-1\]stp region-configuration \[D-1-mst-region\]region-name SC \[D-1-mst-region\]instance 1 vlan 21 \[D-1-mst-region\]instance 2 vlan 22 23 100 \[D-1-mst-region\]active region-configuration \[D-1\]stp instance 1 root primary \[D-1\]stp instance 0 root primary \[D-1\]stp instance 2 root secondary \[D-2\]stp enable \[D-2-mst-region\]region-name SC \[D-2-mst-region\]instance 1 vlan 21 \[D-2-mst-region\]instance 2 vlan 22 23 100 \[D-2-mst-region\]active region-configuration \[D-2\]stp instance 0 root secondary \[D-2\]stp instance 1 root secondary \[D-2\]stp instance 2 root primary 需求七：所有access接口配置为边缘接口，并配置BPDU保护，同时需要过滤用户收到stp相关报文 \[A-1-GigabitEthernet0/0/2\]stp edged-port enable \[A-1-GigabitEthernet0/0/2\]stp bpdu-filter enable \[A-1\]stp bpdu-protection \[A-2-GigabitEthernet0/0/1\]stp edged-port enable \[A-2-GigabitEthernet0/0/2\]stp bpdu-filter enable \[A-2\]stp bpdu-protection 需求八：D-1为vlanif 21 的master，D-2为backup 需求九：D-2为vlanif 22 的master，D-1为backup \[D-1\]int vlanif 21 \[D-1-Vlanif21\]ip address 192.168.1.1 255.255.255.0 \[D-1-Vlanif21\]vrrp vrid 1 virtual-ip 192.168.1.2 \[D-1-Vlanif21\]vrrp vrid 1 priority 101 \[D-2\]int vlanif 22 \[D-2-Vlanif22\]ip address 192.168.1.3 255.255.255.0 \[D-2-Vlanif22\]vrrp vrid 1 virtual-ip 192.168.1.2 \[D-2-Vlanif22\]vrrp vrid 1 priority 101 需求十：D-1与D-2的vrrp需监控上行链路，双上行都down时切换网关，抢占延时为20s \[D-1-Vlanif21\]vrrp vrid 1 track interface g0/0/3 reduced 2 \[D-2-Vlanif22\]vrrp vrid 1 track interface g0/0/4 reduced 2 \[D-1-Vlanif21\]vrrp vrid 1 preempt-mode timer delay 20 \[D-2-Vlanif22\]vrrp vrid 1 preempt-mode timer delay 20