《层交换机的配置》PPT课件.ppt
二层交换机的配置,1、配置IP和名称Interface vlan1Ip address 2、配置端口Speed 10|100|1000|auto|nonegotiateDuplexauto|full|halfDescription stringFlowcontrolreceive|sendon|off|desiredShow interface Interface-idShow interface Interface-id description,3、配置端口组Interface range port-range注意:在连字符前后添加空格,组内所有端口必须是相同类型 定义端口组宏Define interface-range macro_name interface-range,4、EtherChannel及其配置EtherChannel 技术:应用于交换机之间、交换机和路由器之间和服务器之间的多链路技术。使用FastEtherChannel 和Gigabit EtherChannel技术,可以通过2条或4条链路,将2个或4个10/100Mbps或1000Mbps端口连接在一起,叠加传输带宽,实现高达400M、4G的带宽。具有负载分担和线路备份的作用。,PAgP是EtherChannel的增强版,支持在EtherChannel上的Spanning Tree和 Uplink Fast功能,支持自动配置EtherChannel的捆绑。Uplink技术能够保证交换机在几秒钟快速从失败中恢复。LACP:链路汇聚控制协议,创建 以太网通道。建立端口组时,遵循下列限制性规定:快速以太网端口和千兆以太网端口不能被添加至同一端口组端口组成员不能被启用端口安全在一个交换机上最多可建立12个端口组端口组成员必须具有相同的VLAN设置,并且必须全部为静态端口、多VLAN端口和中继端口。,配置EtherChannel(每个EtherChannel最多可以容纳8个适合的以太网接口):Switch(config-if)#channel-group port_channel_number modeautonon-silent|desirablenon-slient|on|active|passive采用PAGP协议模式时,以下几种模式可以构建EtherChannel:desirable-desirable或auto;auto-desirable;On-on“desirable”无条件启用PAGP,将接口置于主动协商状态;“auto”表示侦测到PAGP设备时,启用PAGP,置于被动协商状态,可对接收到的PAGP作出响应。,采用LACP协议时,以下几种模式可以构建EtherChannel:active-active或passive“active”表示当侦测到LACP设备时,将只启用LACP,激活接口的主动协商状态。5、配置 EtherChannel负载均衡Port-channel load-balancedst-mac|-macShow etherchannel load-balance基于目的主机的MAC或源主机MAC进行负载均衡,发送或来自同一主机的包被转发至相同端口。,从EtherChannel中移除接口 interface interface-id No channel-group移除EtherChannel No interface port-channel port_channel_number6、STP及其配置STP状态:blocking-listening-learning-forwarding-disable,1)在VLAN内禁用Spanning-treeNo spanning-tree vlan vlan_idShow spanning-tree vlan vlan-id2)将交换机配置为根交换机Spanning-tree vlan vlan-id root primarydiameter net-diamete3)配置端口优先值Spanning-tree port-priority priority(0255)Show spanning-tree interface interface-idShow spanning-tree vlan vlan-id,4)配置路径费用Spanning-tree cost cost5)配置spanning-tree Port FastSpanning-tree portfasttrunkShow spanning-tree interface-id portfast,7、VLAN及其配置1)创建VLAN 全局:VLAN VLAN-ID NAME VLAN VLAN-NAME在VLAN DATABASE下创建:VLAN DATABASE VLAN VLAN-ID NAME VLAN-NAME,2)将端口指定至VLAN清除接口配置 default interface interface-id删除VLAN:NO VLAN VLAN-IDShow vlan brief3)配置Trunk端口Switchport modedynamicauto|desirable|trunk可选指定默认VLANSwitchport access vlan vlan-id,为802.1Q 指定本地VLAN,不指定默认将使用VLAN1Switchport trunk native vlan vlan-id查看并校验配置Show interface interface-id switchportShow interface interface-id trunk定义trunk 允许的 vlan switchport mode trunkSwitchport trunk allowed vlan add|all|except|remove vlan-list,4)配置本地VLAN的非标签传输 802.1Q TRUNK端口能够接收标签和非标签传输,默认状态下,在本地VLAN中,交换机端口转发非标签传输.本地VLAN默认为VLAN 1如果要配置本地VLAN的非标签传输,步骤如下:在TRUNK 端口上,配置指定的VLAN接收和发送非标签传输Switchport trunk native vlan vlan-id,8、基于端口的传输控制 1)广播风暴控制Storm-control broadcast|multicast|unicastStorm-control actionshutdown|trapShow storm-control interfacebroadcast|history|multicast|unicast,2)配置保护端口Switchport protected 3)配置端口安全Switchport mode accessSwitchport port-securitySwitchport port-security maximum valueSwitchport port-security violationshutdown|restrict|protectSwitchport port-security mac-address mac-addressSwitchport port-security mac-address stickyShow port-security,Show port-security adressShow port-security inteface interface-id,