eNSP企业级复杂拓扑

很懒的程序员雄2026-05-09 10:55

一、接入层交换机SW3配置

|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW3 vlan 10 interface Ethernet0/0/1 port link-type access port default vlan 10 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 quit |

二、接入层交换机SW4配置

|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW4 vlan 20 interface Ethernet0/0/1 port link-type access port default vlan 20 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 20 quit |

三、接入层交换机SW5配置

|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW5 vlan 30 interface Ethernet0/0/1 port link-type access port default vlan 30 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 30 quit |

四、接入层交换机SW6配置

|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW6 vlan 40 interface Ethernet0/0/1 port link-type access port default vlan 40 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 40 quit |

五、服务器接入交换机SW12配置

|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW12 vlan batch 100 interface Ethernet0/0/0 port link-type access port default vlan 100 interface Ethernet0/0/1 port link-type access port default vlan 100 interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 100 quit |

六、主核心交换机SW1配置

|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW1 vlan batch 10 20 30 40 100 interface Vlanif10 ip address 192.168.3.252 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.3.254 vrrp vrid 10 priority 120 interface Vlanif20 ip address 192.168.53.252 255.255.255.0 vrrp vrid 20 virtual-ip 192.168.53.254 vrrp vrid 20 priority 120 interface Vlanif30 ip address 192.168.63.252 255.255.255.0 vrrp vrid 30 virtual-ip 192.168.63.254 interface Vlanif40 ip address 192.168.73.252 255.255.255.0 vrrp vrid 40 virtual-ip 192.168.73.254 interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 30 40 interface Eth-Trunk1 mode lacp-static trunkport GigabitEthernet0/0/23 trunkport GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 10 20 30 40 100 interface GigabitEthernet0/0/23 eth-trunk 1 interface GigabitEthernet0/0/24 eth-trunk 1 stp mode mstp stp region-configuration region-name MSTP-REGION instance 1 vlan 10 20 instance 2 vlan 30 40 active quit stp instance 1 root primary stp instance 2 root secondary ospf 1 router-id 1.1.1.1 area 0 network 192.168.3.0 0.0.0.255 network 192.168.53.0 0.0.0.255 network 192.168.63.0 0.0.0.255 network 192.168.73.0 0.0.0.255 network 10.10.4.0 0.0.0.255 network 10.20.3.0 0.0.0.31 quit |

七、备核心交换机SW2配置

|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW2 vlan batch 10 20 30 40 100 interface Vlanif10 ip address 192.168.3.253 255.255.255.0 vrrp vrid 10 virtual-ip 192.168.3.254 interface Vlanif20 ip address 192.168.53.253 255.255.255.0 vrrp vrid 20 virtual-ip 192.168.53.254 interface Vlanif30 ip address 192.168.63.253 255.255.255.0 vrrp vrid 30 virtual-ip 192.168.63.254 vrrp vrid 30 priority 120 interface Vlanif40 ip address 192.168.73.253 255.255.255.0 vrrp vrid 40 virtual-ip 192.168.73.254 vrrp vrid 40 priority 120 interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 30 40 interface Eth-Trunk1 mode lacp-static trunkport GigabitEthernet0/0/23 trunkport GigabitEthernet0/0/24 port link-type trunk port trunk allow-pass vlan 10 20 30 40 100 interface GigabitEthernet0/0/23 eth-trunk 1 interface GigabitEthernet0/0/24 eth-trunk 1 stp mode mstp stp region-configuration region-name MSTP-REGION instance 1 vlan 10 20 instance 2 vlan 30 40 active quit stp instance 1 root secondary stp instance 2 root primary ospf 1 router-id 2.2.2.2 area 0 network 192.168.3.0 0.0.0.255 network 192.168.53.0 0.0.0.255 network 192.168.63.0 0.0.0.255 network 192.168.73.0 0.0.0.255 network 10.10.4.0 0.0.0.255 network 10.20.3.0 0.0.0.31 quit |

八、防火墙FW1配置

|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname FW1 undo info-center enable interface GigabitEthernet1/0/0 ip address 10.10.4.254 255.255.255.0 service-manage ping permit interface GigabitEthernet1/0/1 ip address 10.20.3.1 255.255.255.224 service-manage ping permit interface GigabitEthernet1/0/2 ip address 202.108.100.1 255.255.255.0 service-manage ping permit firewall zone trust add interface GigabitEthernet1/0/0 add interface GigabitEthernet1/0/1 firewall zone untrust add interface GigabitEthernet1/0/2 security-policy rule name trust_to_untrust source-zone trust destination-zone untrust source-address 192.168.0.0 mask 255.255.0.0 action permit quit nat-policy rule name nat_all source-zone trust destination-zone untrust action source-nat easy-ip quit ospf 1 router-id 3.3.3.3 area 0 network 10.10.4.0 0.0.0.255 network 10.20.3.0 0.0.0.31 network 202.108.100.0 0.0.0.255 quit |

九、外网路由器AR3配置

|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname AR3 interface GigabitEthernet0/0/0 ip address 202.3.101.2 255.255.255.224 interface GigabitEthernet0/0/1 ip address 202.3.103.1 255.255.255.224 interface GigabitEthernet0/0/2 ip address 203.108.100.1 255.255.255.0 ospf 1 router-id 4.4.4.4 area 0 network 202.3.101.0 0.0.0.31 network 202.3.103.0 0.0.0.31 network 203.108.100.0 0.0.0.255 quit ip route-static 0.0.0.0 0.0.0.0 202.3.101.1 |

十、外网路由器AR4配置

|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname AR4 interface GigabitEthernet0/0/0 ip address 202.3.102.2 255.255.255.224 interface GigabitEthernet0/0/1 ip address 202.3.103.2 255.255.255.224 interface GigabitEthernet0/0/2 ip address 204.108.100.1 255.255.255.0 ospf 2 router-id 5.5.5.5 area 0 network 202.3.102.0 0.0.0.31 network 202.3.103.0 0.0.0.31 network 204.108.100.0 0.0.0.255 quit rip 1 version 2 network 172.16.0.0 import-route ospf 2 quit ospf 2 import-route rip 1 quit |

十一、分支核心交换机SW8配置

|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW8 vlan batch 50 60 interface Vlanif50 ip address 172.16.3.254 255.255.255.0 interface Vlanif60 ip address 172.16.53.254 255.255.255.0 interface GigabitEthernet0/0/1 ip address 204.108.100.2 255.255.255.0 rip 1 version 2 network 172.16.0.0 network 204.108.100.0 quit interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 50 interface GigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 60 quit |

十二、分支接入交换机SW10配置

|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW10 vlan 50 interface Ethernet0/0/1 port link-type access port default vlan 50 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 50 quit |

十三、分支接入交换机SW11配置

|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Plain Text system-view sysname SW11 vlan 60 interface Ethernet0/0/1 port link-type access port default vlan 60 stp edged-port enable interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 60 quit |

PC静态IP配置参考

  1. PC1:[192.168.3.10/24](192.168.3.10/24) 网关[192.168.3.254](192.168.3.254)
  1. PC2:[192.168.53.10/24](192.168.53.10/24) 网关[192.168.53.254](192.168.53.254)
  1. PC3:[192.168.63.10/24](192.168.63.10/24) 网关[192.168.63.254](192.168.63.254)
  1. PC4:[192.168.73.10/24](192.168.73.10/24) 网关[192.168.73.254](192.168.73.254)
  1. PC6:[172.16.3.10/24](172.16.3.10/24) 网关[172.16.3.254](172.16.3.254)
  1. PC7:[172.16.53.10/24](172.16.53.10/24) 网关[172.16.53.254](172.16.53.254)
  1. DNS服务器:[10.10.4.2/24](10.10.4.2/24) 网关[10.10.4.254](10.10.4.254)
  1. WWW服务器:[10.10.4.3/24](10.10.4.3/24) 网关[10.10.4.254](10.10.4.254)
相关推荐
zhuxiaohai681 小时前
ubuntu24.04安装docker(国内加速方法)
运维·docker·容器
xhbh6661 小时前
Java端口转发完全教程:从Socket基础到Netty高并发实战
运维·服务器·网络·流量端口转发·netsh 端口转发
古城小栈1 小时前
Rust 三方库 anyhow:极简错误处理实战指南
java·网络·rust
普通young man1 小时前
谈Linux下编译和动静态链接
linux·运维·服务器
leoZ2311 小时前
项目改造为 Docker 容器使用指南
运维·docker·容器
Westward-sun.1 小时前
Claude Code 接入 DeepSeek V4 Pro:从 npm 安装到 CC Switch 配置完整记录
网络·人工智能
kels88991 小时前
WebSocket 汇率数据:如何剔除过期行情
网络·websocket·网络协议
fie88891 小时前
基于BBO算法的网络负载均衡优化(MATLAB实现)
网络·算法·负载均衡
http阿拉丁神猫2 小时前
Docker知识点汇总(6~10)
运维·docker·容器
热门推荐
01GitHub 镜像站点02Codex 接入 DeepSeek API 完整配置文档03零基础教你claude code 接入 deepseek V404要裂开了!ChatGPT要手机号验证了?注册Codex要求验证电话号码怎么办?2026年登陆Codex要手机号验证的解决办法05Dirtyfrag漏洞:我花了一下午搞清楚这个Linux内核提权漏洞到底在搞什么06CC-Switch & Claude 基于 Linux 服务器安装使用指南07【AI】2026 年具身智能模型和世界模型总结08裂开!ChatGPT 居然开始要手机号验证,附详细解决方法09Linux 核弹级高危漏洞 CVE-2026-31431 完整修复指南10CVE-2026-31431 (Copy Fail) 漏洞复现与验证记录