一个具体的网络规划
2007-10-22 17:21:47
 标签:网络 Cisco3750 配置   [推送到博客圈]

版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。[url]http://waringid.blog.51cto.com/65148/47208[/url]
  公司新搬了地方,新地方的网络进行了重新规划,在搬家期间,参与了相关的规划和实施过程,让我受益非浅,现摘录如下:公司现有PC数量近500台,服务器的数量有近20台,新厂为增加网络的稳定性和易管理性,在原有的基础上采购了两台CISCO 3750(核心层),10台CISCO CE500(楼间层),28台3COM(桌面层)的桌面型交换机,2台CISCO 2600,需要实现的要求如下:

  1:两台3750作为核心交换,堆叠.
  2:网络划分为7个VLAN,其中分为默认区(192.168.88.x),服务器网段(192.168.42.x),办公区(192.168.40.x 192.168.43.x),制造区(192.168.41.x),无线区(192.168.44.x)和其它区(192.168.46.x).
  3:各个网段中客户端的IP通过服务器DHCP分配.
  4:服务器段里的服务器接入3750以实1G的接入速度.
  5:办公区中电脑以前安装有多台打印服务器,网段为42.x,为了简化客户端操作,需在楼间层CE500上设置其它的桌面交换机分属不同的网段.
  6:各个办公区的电脑通过域服务器的用户名验证经Watch Guard防火墙控制其上网权限,因为有外厂客户访问,所以设置无线区实现无限制的外网连接.但是由交换机控制其不能进行内网访问.
网络结构图
Ce500 设置图

DHCP
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

!
hostname 3750stack
!
enable password cisc0
!
no aaa new-model
switch 1 provision ws-c3750g-24ts
switch 2 provision ws-c3750g-24ts
vtp mode transparent
ip subnet-zero
ip routing
ip dhcp relay information trust-all
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
name server
!
vlan 3
name mfga
!
vlan 4
name mfgb
!
vlan 5
name office
!
vlan 6
name internet
!
vlan 7
name wireless
!
interface GigabitEthernet1/0/1
description B Zone connect to 3com number 1
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/2
description B Zone connect to 3com number 2
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/3
description B Zone connect to 3com number 3
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/4
description B Zone connect to 3com number 4
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/5
description B Zone connect to 3com number 5
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/6
description B Zone connect to 3com number 6
switchport access vlan 4
spanning-tree portfast
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
description connect to CE500 Vlan for test
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/14
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/15
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/16
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/17
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/18
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/19
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/20
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/21
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/22
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/23
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/24
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet1/0/25
description D Zone connect to CE500
switchport access vlan 3
spanning-tree portfast
!
interface GigabitEthernet1/0/26
description D Zone connect to CE500
switchport access vlan 3
spanning-tree portfast
!
interface GigabitEthernet1/0/27
description D Zone connect to CE500
switchport access vlan 3
spanning-tree portfast
!
interface GigabitEthernet1/0/28
description D Zone connect to CE500
switchport access vlan 3
spanning-tree portfast
!
interface GigabitEthernet2/0/1
description connect to internet
switchport access vlan 6
spanning-tree portfast
!
interface GigabitEthernet2/0/2
!
interface GigabitEthernet2/0/3
!
interface GigabitEthernet2/0/4
!
interface GigabitEthernet2/0/5
!
interface GigabitEthernet2/0/6
switchport access vlan 3
!
interface GigabitEthernet2/0/7
switchport access vlan 7
!
interface GigabitEthernet2/0/8
switchport access vlan 7
!
interface GigabitEthernet2/0/9
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/10
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/11
description connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/12
description connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/13
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/14
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/15
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/16
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/17
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/18
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/19
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/20
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/21
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/22
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/23
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/24
description C Zone connect to server
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet2/0/25
description connect to A Zone CE500
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet2/0/26
switchport access vlan 4
!
interface GigabitEthernet2/0/27
switchport access vlan 4
!
interface GigabitEthernet2/0/28
switchport access vlan 4
!
interface Vlan1
ip address 192.168.88.2 255.255.255.0
!
interface Vlan2
description Server network
ip address 192.168.42.2 255.255.255.0
ip helper-address 192.168.42.21
!
interface Vlan3
description D Zone F/2/3/4
ip address 192.168.41.2 255.255.255.0
ip helper-address 192.168.42.21
!
interface Vlan4
description B Zone office
ip address 192.168.43.2 255.255.255.0
ip helper-address 192.168.42.21
!
interface Vlan5
description A Zone office
ip address 192.168.40.2 255.255.255.0
ip helper-address 192.168.42.21
!
interface Vlan6
ip address 192.168.46.2 255.255.255.0
ip access-group qq out
!
interface Vlan7
description wireless
ip address 192.168.44.2 255.255.255.0
ip helper-address 192.168.42.21
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.46.11
ip route 10.2.8.0 255.255.255.0 192.168.42.11
ip route 192.168.0.0 255.255.255.0 192.168.42.1
no ip http server
本文出自 “虚拟的现实” 博客,请