实验拓扑及需求
实验配置
需求一:交换机之间trunk使用最少vlan透传原则
D-1vlan batch 21 22 23 100
D-1-GigabitEthernet0/0/3port link-type trunk
D-1-GigabitEthernet0/0/3port trunk allow-pass vlan 21
D-2-GigabitEthernet0/0/4port link-type trunk
D-2-GigabitEthernet0/0/4port trunk allow-pass vlan 22
D-2-GigabitEthernet0/0/5port link-type trunk
D-2-GigabitEthernet0/0/5port trunk allow-pass vlan 23 100
A-1-GigabitEthernet0/0/1port link-type trunk
A-1-GigabitEthernet0/0/1port trunk allow-pass vlan 21
A-1-GigabitEthernet0/0/2port link-type access
A-1-GigabitEthernet0/0/2port default vlan 21
A-2-GigabitEthernet0/0/1port link-type access
A-2-GigabitEthernet0/0/1port default vlan 22
A-2-GigabitEthernet0/0/2port link-type trunk
A-2-GigabitEthernet0/0/2port trunk allow-pass vlan 22
A-3-GigabitEthernet0/0/1port link-type trunk
A-3-GigabitEthernet0/0/1port trunk allow-pass vlan 23 100
需求二:D-1,D-2之间做链路聚合
D-1int Eth-Trunk 0
D-1-Eth-Trunk0trunkport g0/0/1
D-1-Eth-Trunk0trunkport g0/0/2
D-2interface Eth-Trunk 0
D-2-Eth-Trunk0trunkport g0/0/1
D-2-Eth-Trunk0trunkport g0/0/2
D-1-Eth-Trunk0port link-type trunk
D-1-Eth-Trunk0port trunk allow-pass vlan 21 22 23 100
D-2-Eth-Trunk0port link-type trunk
D-2-Eth-Trunk0port trunk allow-pass vlan 21 22 23 100
需求三:MSTP name 配置为SC
需求四:MSTP 实例映射为:
instance 1 vlan 21
instance 2 vlan 22 23 100
需求五:D-1为实例1,0的根,实例二的备份根
需求六:D-2为实例二的根,实例1,0的备份根
D-1stp enable
D-1stp region-configuration
D-1-mst-regionregion-name SC
D-1-mst-regioninstance 1 vlan 21
D-1-mst-regioninstance 2 vlan 22 23 100
D-1-mst-regionactive region-configuration
D-1stp instance 1 root primary
D-1stp instance 0 root primary
D-1stp instance 2 root secondary
D-2stp enable
D-2-mst-regionregion-name SC
D-2-mst-regioninstance 1 vlan 21
D-2-mst-regioninstance 2 vlan 22 23 100
D-2-mst-regionactive region-configuration
D-2stp instance 0 root secondary
D-2stp instance 1 root secondary
D-2stp instance 2 root primary
需求七:所有access接口配置为边缘接口,并配置BPDU保护,同时需要过滤用户收到stp相关报文
A-1-GigabitEthernet0/0/2stp edged-port enable
A-1-GigabitEthernet0/0/2stp bpdu-filter enable
A-1stp bpdu-protection
A-2-GigabitEthernet0/0/1stp edged-port enable
A-2-GigabitEthernet0/0/2stp bpdu-filter enable
A-2stp bpdu-protection
需求八:D-1为vlanif 21 的master,D-2为backup
需求九:D-2为vlanif 22 的master,D-1为backup
D-1int vlanif 21
D-1-Vlanif21ip address 192.168.1.1 255.255.255.0
D-1-Vlanif21vrrp vrid 1 virtual-ip 192.168.1.2
D-1-Vlanif21vrrp vrid 1 priority 101
D-2int vlanif 22
D-2-Vlanif22ip address 192.168.1.3 255.255.255.0
D-2-Vlanif22vrrp vrid 1 virtual-ip 192.168.1.2
D-2-Vlanif22vrrp vrid 1 priority 101
需求十:D-1与D-2的vrrp需监控上行链路,双上行都down时切换网关,抢占延时为20s
D-1-Vlanif21vrrp vrid 1 track interface g0/0/3 reduced 2
D-2-Vlanif22vrrp vrid 1 track interface g0/0/4 reduced 2
D-1-Vlanif21vrrp vrid 1 preempt-mode timer delay 20
D-2-Vlanif22vrrp vrid 1 preempt-mode timer delay 20
