h3cte D图 搭建

sysname sw1

vlan 10

vlan 20

interface Vlan-interface10

ip address 192.168.10.1 255.255.255.0

interface Vlan-interface20

ip address 192.168.20.1 255.255.255.0

interface Ethernet0/4/0

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20

interface Ethernet0/4/1

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20

sysname SW2

vlan 10

vlan 20

vlan 30

vlan 40

interface LoopBack0

ip address 6.6.6.6 255.255.255.255

interface Vlan-interface10

ip address 192.168.10.251 255.255.255.0

interface Vlan-interface20

ip address 192.168.20.251 255.255.255.0

interface Vlan-interface30

ip address 10.0.0.13 255.255.255.252

interface Vlan-interface40

ip address 10.0.0.1 255.255.255.252

interface Ethernet0/4/0

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20

interface Ethernet0/4/2

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20 30

interface Ethernet0/4/3

port link-mode bridge

port access vlan 40

sysname sw3

vlan 10

vlan 20

vlan 30

vlan 40

interface LoopBack0

ip address 7.7.7.7 255.255.255.255

interface Vlan-interface10

ip address 192.168.10.252 255.255.255.0

interface Vlan-interface20

ip address 192.168.20.252 255.255.255.0

interface Vlan-interface30

ip address 10.0.0.14 255.255.255.252

interface Vlan-interface40

ip address 10.0.0.5 255.255.255.252

interface Ethernet0/4/1

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20

interface Ethernet0/4/2

port link-mode bridge

port link-type trunk

port trunk permit vlan 1 10 20 30

interface Ethernet0/4/3

port link-mode bridge

port access vlan 40

sysname SW4

vlan 20

vlan 40

interface Vlan-interface20

ip address 100.0.0.2 255.255.255.252

interface Vlan-interface40

ip address 200.0.0.1 255.255.255.252

interface Ethernet0/4/4

port link-mode bridge

port access vlan 40

interface Ethernet0/4/2

port link-mode bridge

port access vlan 20

sysname R1

interface Serial0/1/0

link-protocol ppp

ip address 10.1.0.1 255.255.255.252

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

interface GigabitEthernet0/0/0

ip address 10.0.0.2 255.255.255.252

interface GigabitEthernet0/0/1

ip address 10.2.0.1 255.255.255.252

sysname R2

interface Serial0/1/0

ip address 10.1.0.2 255.255.255.252

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

interface GigabitEthernet0/0/0

ip address 10.0.0.6 255.255.255.252

interface GigabitEthernet0/0/1

ip address 100.0.0.1 255.255.255.252

sysname R3

interface LoopBack0

ip address 3.3.3.3 255.255.255.255

interface GigabitEthernet0/0/1

ip address 10.2.0.2 255.255.255.252

interface GigabitEthernet0/0/2

ip address 10.3.0.1 255.255.255.252

interface GigabitEthernet0/0/3

ip address 10.4.0.1 255.255.255.252

sysname R4

interface LoopBack0

ip address 4.4.4.4 255.255.255.255

interface GigabitEthernet0/0/1

ip address 200.0.0.2 255.255.255.252

interface GigabitEthernet0/0/2

ip address 10.3.0.2 255.255.255.252

sysname R5

interface LoopBack0

ip address 5.5.5.5 255.255.255.255

interface LoopBack10

ip address 192.168.100.1 255.255.255.255

interface LoopBack20

ip address 192.168.200.1 255.255.255.255

interface GigabitEthernet0/0/3

ip address 10.4.0.2 255.255.255.252

STP 配置

sw2作为业务A的master,sw3作为业务B的master并监控上行链路

sw1

stp enable

stp region-configuration

region-name h3c

instance 1 vlan 10

instance 2 vlan 20

active region-configuration

sw2

stp region-configuration

region-name h3c

instance 1 vlan 10

instance 2 vlan 20

active region-configuration

stp instance 1 root primary

stp instance 2 root secondary

stp enable

interface Ethernet0/4/2

stp instance 2 cost 1000

sw3

stp region-configuration

region-name h3c

instance 1 vlan 10

instance 2 vlan 20

active region-configuration

stp instance 0 root primary

stp instance 1 root secondary

stp instance 2 root primary

stp enable

interface Ethernet0/4/2

stp instance 1 cost 1000

VRRP

sw2作为业务A的master,sw3作为业务B的master并监控上行链路

sw2

int vl 10

vrrp vrid 10 virtual-ip 192.168.10.254

vrrp vrid 10 priority 120

vrrp vrid 10 track interface Vlan-interface30 reduced 30

interface Vlan-interface20

vrrp vrid 20 virtual-ip 192.168.20.254

sw3

interface Vlan-interface10

vrrp vrid 10 virtual-ip 192.168.10.254

interface Vlan-interface20

vrrp vrid 20 virtual-ip 192.168.20.254

vrrp vrid 20 priority 120

vrrp vrid 20 track interface Vlan-interface40 reduced 30

链路聚合

OSPF

SW2

ospf 100 router-id 6.6.6.6

area 0.0.0.0

network 10.0.0.13 0.0.0.0

network 6.6.6.6 0.0.0.0

network 10.0.0.1 0.0.0.0

SW3

ospf 100 router-id 7.7.7.7

area 0.0.0.0

network 7.7.7.7 0.0.0.0

network 10.0.0.5 0.0.0.0

network 10.0.0.14 0.0.0.0

R1

ospf 100 router-id 1.1.1.1

area 0.0.0.0

network 1.1.1.1 0.0.0.0

network 10.0.0.2 0.0.0.0

network 10.1.0.1 0.0.0.0

R2

ospf 100 router-id 2.2.2.2

area 0.0.0.0

network 2.2.2.2 0.0.0.0

network 10.0.0.6 0.0.0.0

network 10.1.0.2 0.0.0.0

R3

ospf 100 router-id 3.3.3.3

area 0.0.0.0

network 3.3.3.3 0.0.0.0

network 10.3.0.1 0.0.0.0

network 10.4.0.1 0.0.0.0

R4

ospf 100 router-id 4.4.4.4

area 0.0.0.0

network 4.4.4.4 0.0.0.0

network 10.3.0.2 0.0.0.0

network 10.5.0.1 0.0.0.0

R5

ospf 100 router-id 5.5.5.5

area 0.0.0.0

network 5.5.5.5 0.0.0.0

network 10.4.0.2 0.0.0.0

network 10.5.0.2 0.0.0.0

BGP

SW2

bgp 65000

group in internal

peer in connect-interface LoopBack0

peer 1.1.1.1 group in

peer 2.2.2.2 group in

undo synchronization

SW3

bgp 65000

group in internal

peer in connect-interface LoopBack0

peer 1.1.1.1 group in

peer 2.2.2.2 group in

undo synchronization

R1

bgp 65000

group in internal

peer in next-hop-local

peer in connect-interface LoopBack0

peer 2.2.2.2 group in

peer 6.6.6.6 group in

peer 7.7.7.7 group in

undo synchronization

peer 10.2.0.2 as-number 65001

R2

bgp 65000

group in internal

peer in next-hop-local

peer in connect-interface LoopBack0

peer 1.1.1.1 group in

peer 6.6.6.6 group in

peer 7.7.7.7 group in

undo synchronization

peer 10.0.0.10 as-number 65001

R3

bgp 65001

group in internal

peer in next-hop-local

peer in connect-interface LoopBack0

peer 4.4.4.4 group in

peer 5.5.5.5 group in

undo synchronization

peer 10.2.0.1 as-number 65000

R4

bgp 65001

network 0.0.0.0

undo synchronization

peer 10.0.0.9 as-number 65000

group in internal

peer in next-hop-local

peer in connect-interface LoopBack0

peer 3.3.3.3 group in

peer 5.5.5.5 group in

BGP 反射器

R1

bgp 65000

peer in reflect-client

R2

bgp 65000

peer in reflect-client

PPP-CHAP-MP

r4与r5之间使用chap双向验证,无需配置chap密码

R4

local-user r4

password simple h3c

service-type ppp

interface Serial0/1/0

link-protocol ppp

ppp authentication-mode chap

ppp chap user r5

ppp mp Mp-group 1

interface Serial0/1/1

link-protocol ppp

ppp authentication-mode chap

ppp chap user r5

ppp mp Mp-group 1

interface Mp-group1

ip address 10.5.0.1 255.255.255.252

R5

local-user r5

password simple h3c

service-type ppp

interface Serial0/1/0

link-protocol ppp

ppp authentication-mode chap

ppp chap user r4

ppp mp Mp-group 1

interface Serial0/1/1

link-protocol ppp

ppp authentication-mode chap

ppp chap user r4

ppp mp Mp-group 1

interface Mp-group1

ip address 10.5.0.2 255.255.255.252

ipsec over gre

r2与r4通过公网建立ipsec over gre来保护业务B,并要求业务A不能上网。GRE隧道需要实时感知链路变化。

R2

ike local-name r2

ike peer r2

pre-shared-key simple h3c

remote-name r4

remote-address 10.0.0.10

acl number 3000

rule 0 permit ip source 192.168.0.0 0.0.31.255 destination 192.168.0.0 0.0.255.255

ipsec proposal 1

ipsec policy peer 10 isakmp

security acl 3000

ike-peer r2

proposal 1

interface Tunnel0

ip address 10.0.0.9 255.255.255.252

source 100.0.0.1

destination 200.0.0.2

ipsec policy peer

R4

ike local-name r4

ike peer r4

pre-shared-key simple h3c

remote-name r2

remote-address 10.0.0.9

ipsec proposal 1

acl number 3000

rule 0 permit ip source 192.168.0.0 0.0.255.255 destination 192.168.0.0 0.0.31.255

ipsec policy peer 10 isakmp

security acl 3000

ike-peer r4

proposal 1

interface Tunnel0

ip address 10.0.0.10 255.255.255.252

source 200.0.0.2

destination 100.0.0.1

ipsec policy peer

NETWORK-BGP

两端业务通过bgp network方式来发布,不能将ospf引入bgp

SW2

bgp 65000

network 192.168.10.0

network 192.168.20.0

SW3

bgp 65000

network 192.168.10.0

network 192.168.20.0

AS-PATH+

总部与分部A业务互访通过r1- r3、B业务互访通过r2-r4,当主链路断开时,通过相应广域网链路互访,要求通过修改AS-PATH属性来实现

只做始发路由,总部不能发布分部间路由

R1-R2

ip as-path 1 permit ^$

bgp []

peer []as-path-acl 1 export

local-preferenace 保证路径一致

S2-S3

S2

ip ip-prefix ayw index 10 permit 192.168.10.0 24

route-policy ayw permit node 10

if-match ip-prefix ayw

apply local-preference 200

bgp 65000

network 192.168.10.0 route-policy ayw

S3

ip ip-prefix byw index 10 permit 192.168.20.0 24

route-policy byw permit node 10

if-match ip-prefix byw

apply local-preference 200

bgp 65000

network 192.168.20.0 route-policy byw

R3过滤默认路由

acl number 2000

rule 0 deny source 0.0.0.0 0

rule 5 permit

bgp 65001

peer 10.2.0.1 filter-policy 2000 export

QOS

R4和R5之间用2M链路捆绑 要求让A业务在网络拥塞时不低于50%的带宽应用

R4

acl number 3001

rule 0 permit ip source 192.168.0.0 0.0.31.255 destination 192.168.200.0 0.0.0.255

traffic classifier BYW operator and

if-match acl 3001

traffic behavior BYW

queue af bandwidth pct 50

qos policy BYW

classifier BYW behavior BYW

interface Mp-group1

qos apply policy BYW outbound

NAT

R4

acl number 2001

rule 0 permit source 192.168.200.0 0.0.0.255

interface GigabitEthernet0/0/1

nat outbound 2001

引入默认路由

acl number 2000

rule 0 deny source 0.0.0.0 0

rule 5 permit

bgp 65001

peer 10.0.0.9 filter-policy 2000 export

RT4发布缺省路由

peer rt3 default-route-advertise

peer rt5 default-route-advertise

group in default-route-advertise

时间: 2024-10-03 05:06:51

h3cte D图 搭建的相关文章

iOS 简单音乐播放器 界面搭建

如图搭建一个音乐播放器界面,具备以下几个简单功能: 1,界面协调,整洁. 2,点击播放,控制进度条. 3.三收藏歌曲,点击收藏,心形收藏标志颜色加深. 4,左右按钮,切换歌曲图片和标题. 5,点击中间图片,隐藏所有按钮,仅显示蓝色背景. 设计的整体思路: 1.在搭建界面的时候,为了整洁和方便后续的功能的添加,需要将整个的界面划分为几个部分: ①:最上面的一行包括:一个返回按钮.一个歌曲名称.一个收藏按钮: ②:第二行:一个slider控件.两侧是当前的歌曲播放进度和歌曲的总时长--两个lable

HTML5 网页搭建

1.观察UI设计稿,整理大体布局思路 2.画出树状图,具体布局,以及定下标签的数量 分类 3.写入代码,先按照图搭建整体结构,输入所有标签 4.写入HTML内容 5.根据UI设计稿,给予所有标签样式 6.完成所有标签注释 7.测试网页. 原文地址:https://www.cnblogs.com/web--yang/p/8900520.html

UML类图中的六种关系

UML类图中经常会用到各种箭头和线条来表示不同类或者接口之间的关系,因此非常好的理解各个图标的含义是很有必要的. 在逻辑设计阶段可以通过EA工具将类图搭建好,然后直接生成物理类,这样也可以减少物理设计的工作量. 下面介绍UML中六种关系: 1. 泛化(Generalization) 概念:泛化是一种一般与特殊.一般与具体之间关系的描述,具体描述建立在一般描述的基础之上,并对其进行了扩展.在java中用来表示继承的关系. 表示:用实线空心三角箭头表示. 2. 实现(Realization) 概念:

ArangoDB图数据库--总参

参考文章: ArangoDB原生多模型数据库(百科) ArangoDB官网 ArangoDB数据库入门 arangodb-vs-cassandra arangodb-vs-mongodb2 ArangoDB.Neo4j.OrientDB单机性能比较 ArangoDB简单实例介绍 ArangoDB之SQL/AQL-比较 SQL/AQL-比较(官网) ArangoDB 的使用 -- 安装和配置 ArangoDB 学习笔记(1)入门篇 ArangoDB---存储引擎(RocksDB) 简介: Aran

第二次PLECS仿真作业

一. 模型搭建 如图搭建模拟电路,并设置: Probe:选择电机-Electrical torque 直流电机:Ra=0.5Ω,La=0.004H,Rf=200Ω,Lf=0.2H,Laf=2H,J=0.088N·m·s2 R1=4Ω,Tm=12N·m 二. 计算与作图 已知:If=0.6A,UN=240V,TN=12N·m 1. 额定励磁电压 Uf=If×Rf=120V 2. 额定转速 TN=Laf·If·Ia  Ea=Laf·If·ωm UN-Ea=Ia·Ra 联立解得:Ia=10A,ωm=1

深度解读海量数据存储和访问下的水平分库&去IOE

随着大型互联网应用的发展,海量数据的存储和访问成为系统设计的瓶颈,分布式处理成为不二选择.数据库拆分,特别是水平分库是个高难度的活,涉及一系列技术决策. 本人有幸负责1号店订单水平分库的方案设计及实施落地,这里结合项目实践,对水平分库做一个系统地剖析,希望为大家水平分库(包括去IOE)改造提供思路,主要内容包括: 水平分库说明 分库维度– 根据哪个字段分库 分库策略– 记录如何分配到不同库 分库数量– 初始库数量及库数量如何增长 路由透明– 如何实现库路由,支持应用透明 分页处理– 跨多个库的分

ssm+maven 框架整合

开篇简言:maven的存在让ssm框架简单了一个量级,BaseDao的存在又让项目简化了一个量级,希望看到这篇文章的都能深入的了解上面两项,好了,进入主题,构造一个ssm框架 1.准备工具  maven可自行下载 2. 配置自己的maven  settings.xml  window  --preferences--maven 3.配置自己的jre    window--preferences--java 4.搭建一个maven项目 右击--新建--搜索maven next 点击Finish 现

HTTPds6000comVRRP18669144449LVS

1 概述初期的互联网企业由于业务量较小,所以一般单机部署,实现单点访问即可满足业务的需求,这也是最简单的部署方式,但是随着业务的不断扩大,系统的访问量逐渐的上升,单机部署的模式已无法承载现有的业务量,需要进行服务集群化部署,本文主要介绍服务端Tomcat多实例部署,以及如何保证web服务的高可用方案. Nginx 是一个高性能的 HTTP反向代理服务器Keepalived 是一个基于VRRP协议来实现的LVS服务高可用方案,可以利用其来避免服务的单点故障Tomcat 是一个免费的开放源代码的We

实际开发中 dao、entity的代码怎样自动生成?一款工具送给你

01 关注"一猿小讲"朋友,都知道以往的文章一直倡导拒绝 CRUD,那到底什么是 CRUD?今天咱们就聊聊 Java 妹子小猿与数据库老头交互的事儿. 产品小汪铿锵有力的说:小猿同学,咱们近期要推一爆款产品,你先实现用户基本的登录的功能. 啥玩意?小猿内心嘀咕嘀咕:爆款产品,还基本的登录,那不就是实现用户的 CRUD(增删改查)么? 小汪一句话,累死三军.扯皮一上午的会议终于结束了,于是小猿便叫了个外卖,填补了肚子的空虚后,小猿习惯性的在脑海里,开始了爆款产品的从 0 到 1 的脑图搭