企业网OSPF分流

tcwl123 2012-02-16

展开全文

业网OSPF分流

组网需求：

实现拓扑图中的生产业务与办公业务分流。

IP地址规划如下：

－、基本信息及链路配置，连通性测试（略）

二、总部二层网络业务分流策略部署

配置如下：

SW1,SW2上分别创建vlan20,21,22,300,901 SW3创建vlan20,21,22,300 SW9、SW10创建vlan 36、37、300

生成树的配置，总部生产和网管以SW1为根，办公以SW2为根，互作备份。

SW1：

spanning-tree vlan 1 priority 0

spanning-tree vlan 20 priority 0

spanning-tree vlan 21 priority 4096

spanning-tree vlan 22 priority 0

spanning-tree vlan 23 priority 4096

spanning-tree vlan 300 priority 0

no spanning-tree vlan 901 //901作为互联VLAN，需关闭生成树

SW2：

spanning-tree vlan 1 priority 4096

spanning-tree vlan 20 priority 4096

spanning-tree vlan 21 priority 0

spanning-tree vlan 22 priority 4096

spanning-tree vlan 23 priority 0

spanning-tree vlan 300 priority 4096

no spanning-tree vlan 901 //901作为互联VLAN，需关闭生成树

SW3上的STP使用默认值就行了，现在VLAN1,20,22,300是走SW1,VLAN21,23走SW2.

总部HSRP/VRRP的配置：生产网管以SW1为主网关，办公以SW2为主网关，互作备份

SW1：interface Vlan20

standby 20 ip 172.16.20.1

standby 20 priority 200

standby 20 preempt

interface Vlan21

standby 21 ip 172.16.21.1

standby 21 preempt

interface Vlan22

standby 22 ip 172.16.22.1

standby 22 priority 200

standby 23 preempt

interface Vlan23

standby 23 ip 172.16.23.1

standby 23 preempt

interface Vlan300

standby 19 ip 172.16.19.1

standby 19 priority 200

standby 19 preempt

SW2：

interface Vlan20

standby 20 ip 172.16.20.1

standby 20 preempt

interface Vlan21

standby 21 ip 172.16.21.1

standby 21 priority 200

standby 21 preempt

interface Vlan22

standby preempt

standby 22 ip 172.16.22.1

interface Vlan23

standby 23 ip 172.16.23.1

standby 23 priority 200

standby 23 preempt

interface Vlan300

standby 19 ip 172.16.19.1

standby 19 preempt

分部HSRP/VRRP的配置：生产网管以RT7为主网关，办公以RT8为主网关，互作备份

RT7：

interface FastEthernet2/0

ip address 172.16.35.2 255.255.255.0

vrrp 19 ip 172.16.35.1

vrrp 19 priority 150

interface FastEthernet2/0.36

encapsulation dot1Q 36

ip address 172.16.36.2 255.255.255.0

vrrp 36 ip 172.16.36.1

vrrp 36 priority 200

interface FastEthernet2/0.37

encapsulation dot1Q 37

ip address 172.16.37.2 255.255.255.0

vrrp 37 ip 172.16.37.1

RT8：

interface FastEthernet2/0

ip address 172.16.35.3 255.255.255.0

vrrp 19 ip 172.16.35.1

interface FastEthernet2/0.36

encapsulation dot1Q 36

ip address 172.16.36.3 255.255.255.0

vrrp 36 ip 172.16.36.1

interface FastEthernet2/0.37

encapsulation dot1Q 37

ip address 172.16.37.3 255.255.255.0

vrrp 37 ip 172.16.37.1

vrrp 37 priority 200

SW1的HSRP：

现在我们完成了总部和分部二层网络的业务分流

二、单区域OSPF的配置：

SW1:

router ospf 1

router-id 172.16.0.1

passive-interface default　　　　//工程化配置，不需要的接口要配置成被动接口

no passive-interface vlan 901

no passive-interface f1/1

network 172.16.0.1 0.0.0.0 area 0

network 172.16.1.0 0.0.0.3 area 0

network 172.16.1.8 0.0.0.3 area 0

network 172.16.20.0 0.0.0.255 area 0

network 172.16.21.0 0.0.0.255 area 0

int vlan 901

ip ospf network point-to-point //配置成点对点

int f1/1

ip ospf network point-to-point //配置成点对点

SW2:

router ospf 1

router-id 172.16.0.2

passive-interface default　　　　　　//工程化配置，不需要的接口要配置成被动接口　　　

no passive-interface vlan 901

no passive-interface f1/1

network 172.16.0.2 0.0.0.0 area 0

network 172.16.1.4 0.0.0.3 area 0

network 172.16.1.8 0.0.0.3 area 0

network 172.16.20.0 0.0.0.255 area 0

network 172.16.21.0 0.0.0.255 area 0

int vlan 901

ip ospf network point-to-point //配置成点对点

int f1/1

ip ospf network point-to-point //配置成点对点

RT5:

router ospf 1

router-id 172.16.0.5

passive-interface default

no passive-interface f2/0

no passive-interface f1/0

no passive-interface s0/0

network 172.16.0.5 0.0.0.0 area 0

network 172.16.1.0 0.0.0.3 area 0

network 172.16.1.12 0.0.0.3 area 0

network 172.16.33.0 0.0.0.3 area 0

int f1/0

ip ospf network point-to-point //配置成点对点

int f2/0

ip ospf network point-to-point //配置成点对点

RT6:

router ospf 1

router-id 172.16.0.6

passive-interface default

no passive-interface f2/0

no passive-interface f1/0

no passive-interface s0/0

network 172.16.0.6 0.0.0.0 area 0

network 172.16.1.4 0.0.0.3 area 0

network 172.16.1.12 0.0.0.3 area 0

network 172.16.33.4 0.0.0.3 area 0

int f1/0

ip ospf network point-to-point //配置成点对点

int f2/0

ip ospf network point-to-point //配置成点对点

RT7:

router ospf 1

router-id 172.16.32.1

passive-interface default

no passive-interface s0/0

no passive-interface f1/0

network 172.16.32.1 0.0.0.0 area 0

network 172.16.33.0 0.0.0.3 area 0

network 172.16.33.12 0.0.0.3 area 0

network 172.16.35.0 0.0.0.255 area 0

network 172.16.36.0 0.0.0.255 area 0

network 172.16.37.0 0.0.0.255 area 0

int f1/0

ip ospf network point-to-point //配置成点对点

RT8:

router ospf 1

router-id 172.16.32.2

passive-interface default

no passive-interface s0/0

no passive-interface f1/0

network 172.16.32.2 0.0.0.0 area 0

network 172.16.33.4 0.0.0.3 area 0

network 172.16.33.12 0.0.0.3 area 0

network 172.16.35.0 0.0.0.255 area 0

network 172.16.36.0 0.0.0.255 area 0

network 172.16.37.0 0.0.0.255 area 0

int f1/0

ip ospf network point-to-point //配置成点对点

三、单区域OSPF业务分流策略部署：

RT7:

int f2/0.36

ip ospf cost 1000

int f2/0.37

ip ospf cost 2000

int f2/0

ip ospf cost 1000

RT8:

int f2/0.36

ip ospf cost 2000

int f2/0.37

ip ospf cost 1000

int f2/0

ip ospf cost 2000

SW1:

int vlan 20

ip ospf cost 1000

int vlan 21

ip ospf cost 2000

int vlan 22

ip ospf cost 1000

int vlan 23

ip ospf cost 2000

int vlan 300

ip ospf cost 1000

SW2:

int vlan 20

ip ospf cost 2000

int vlan 21

ip ospf cost 1000

int vlan 22

ip ospf cost 2000

int vlan 23

ip ospf cost 1000

int vlan 300

ip ospf cost 2000

调整平面间的流量：

SW、SW2：

int vlan 901

ip ospf cost 100

RT5、RT6：

int f1/0

ip ospf cost 101

RT7、RT8：

ip ospf cost 170

现在测试一下：

总部生产访问办公生产：VPC3-SW3-SW1-RT5-RT7-SW9-VPC5

总部生产访问分部办公：VPC3-SW3-SW1-SW2-RT6-RT8-SW10

其它的大家慢慢去测试下吧！

本站是提供个人知识管理的网络存储空间，所有内容均由用户发布，不代表本站观点。请注意甄别内容中的联系方式、诱导购买等信息，谨防诈骗。如发现有害或侵权内容，请点击一键举报。

转藏分享

QQ空间 QQ好友新浪微博微信

献花（0） +1

来自： tcwl123 > 《ccnp》

举报/认领

0条评论

发表

请遵守用户评论公约

类似文章 更多

tcwl123

关注对话

TA的最新馆藏

[转] 二层网络规划，说说你们现在常用的二层技术
[转] 投射效应：为什么总有人让你无缘无故讨厌？
[转] 基本音频接插件制作教程第二篇
[转] 【认知工作坊】什么是自动化思维？
[转] DHCP的工作原理
[转] TP-LINK路由器桥接功能的设置方法

喜欢该文的人也喜欢更多

热门阅读换一换