Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Switch Configuration

    Hochgeladen von

    Ega Sykes
    142 Ansichten50 Seiten
    Raisecom#raisecom# write erase reboot show running-config show version user management Add a new user: user name USERNAME password password show user information: show user Set password for enable mode Upload and download download system-boot startup-config tftp ftp Upgrade software ISCOM2826 port24 FTP SERVER Raisecom(config-ip)#end Please input server IP Address:10.0.0 Please input user name:test Please input ftp password

    Originalbeschreibung:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PPT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Raisecom#raisecom# write erase reboot show running-config show version user management Add a new user: user name USERNAME password password show user information: show user Set password for enable mode Upload and download download system-boot startup-config tftp ftp Upgrade software ISCOM2826 port24 FTP SERVER Raisecom(config-ip)#end Please input server IP Address:10.0.0 Please input user name:test Please input ftp password

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    142 Ansichten50 Seiten

    Switch Configuration

    Hochgeladen von

    Ega Sykes
    Raisecom#raisecom# write erase reboot show running-config show version user management Add a new user: user name USERNAME password password show user information: show user Set password for enable mode Upload and download download system-boot startup-config tftp ftp Upgrade software ISCOM2826 port24 FTP SERVER Raisecom(config-ip)#end Please input server IP Address:10.0.0 Please input user name:test Please input ftp password

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 50

    Swtich Configuration

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    Command mode
    Raisecom> Raisecom# Raisecom(config)# Raisecom(config-port)# Raisecom(config-range)# Raisecom(config-ip)# Raisecom(config-vlan)#

    Basic operation command


    Raisecom# Raisecom# Raisecom# Raisecom# Raisecom# write erase reboot show running-config show version

    Raisecom#

    User management
    Default userraisecompasswordraisecom Add a new user user name USERNAME password PASSWORD

    Show user information: show user Set password for enable mode Raisecom#enable password Please input password:PASSWORD Please input again:PASSWORD

    Upload and download


    download {system-boot|startup-config} {tftp | ftp}

    system-boot startup-config tftp ftp

    Upgrade software
    ISCOM2826 port24 FTP SERVER

    IP: 10.0.0.2

    IP: 10.0.0.1

    Raisecom#config Raisecom(config)#interface ip 0 Raisecom(config-ip)#ip address 10.0.0.2 1

    Raisecom(config-ip)#end
    Raisecom#download system-boot ftp Please input server IP Address:10.0.0.1 Please input FTP User name:test

    Please input FTP Password:test


    Please input FTP Server File Name:system_boot.Z

    system operation
    Ethernet Port technology VLAN Q-in-Q DHCP STP Secure Multi-cast

    Port Technologies
    Auto Negotiation MDI/MDIX

    Flow Control
    Backpressure 802.3x

    Trunk
    Port Mirror Storm Control

    Flow Control
    IEEE802.3X
    PAUSE Frame
    flowcontrol {receive|send}{ on | off } send receive on off The flow control function is disabled in default
    Example: Raisecom#config Raisecom(config)# interface port 10 Raisecom(config-port)#flowcontrol receive on Raisecom(config-port)#exit

    Trunk
    ISCOM2826-1

    Example
    port 3 PC-1

    port24 port23

    port24 port23

    ISCOM2826-2

    port 5 PC-2

    192.168.1.5

    192.168.1.6

    ISCOM2826-1#config ISCOM2826-1(config)#trunk enable ISCOM2826-1(config)#trunk-group 3 2324

    ISCOM2826-1(config)#trunk loading-sharing mode sxordmac

    Port Mirror
    ISCOM2826
    3 4 8

    port24

    Monitor

    PC-1

    PC-2

    PC-3

    iscom2826#config

    iscom2826(config)#mirror enable
    iscom2826(config)#mirror monitor-port 24 iscom2826(config)#mirror source-port-list ingress 3,8 egress 4,8

    Storm-control

    iscom2826#config iscom2826(config)#storm-control all enable


    iscom2826(config)#storm-control pps 1024

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    VLAN
    DA SA Type Data CRC

    Standard Ethernet Frame

    DA

    SA

    tag

    Type

    Data TCI

    CRC

    TPID

    Priority CFI VLAN ID

    IEEE802.1Q tagged Ethernet frame

    Receiving Packet

    Access
    tag tag

    Trunk
    tag tag

    Hybrid
    tag

    yes
    tag untag tag

    no
    untag

    yes
    tag

    no
    untag

    Packet sending

    Access
    tag

    Trunk
    tag tag

    Hybrid
    tag

    VLAN=PVID
    untag untag

    VLANPVID
    tag untag

    VLAN=PVID
    untag

    VLANPV ID
    tag

    Shared Vlan

    192.168.1.7
    VLAN10

    PC-3

    Port24

    ISCOM2826
    Port1 Port 2

    PC-1 192.168.1. 5VLAN20

    PC-2 192.168.1.6 VLAN30

    Shared VLAN
    ISCOM2826#config

    ISCOM2826(config)#create vlan 10,20,30 active


    ISCOM2826(config)#svl enable ISCOM2826(config)#interface port 2 ISCOM2826(config-port)#switchport access vlan 30

    ISCOM2826(config-port)# switchport svl vlanlist 10


    ISCOM2826(config-port)#exit ISCOM2826(config)#interface port 1 ISCOM2826(config-port)#switchport access vlan 20

    ISCOM2826(config-port)# switchport svl vlanlist 10


    ISCOM2826(config-port)#exit ISCOM2826(config)#interface port 24 ISCOM2826(config-port)# switchport access vlan 10

    ISCOM2826(config-port)#switchport svl vlanlist 20,30

    Port Protection (isolated)

    192.168.1. 7 PC-3

    Port2 4 Port1 Port 2

    PC-1 Port isolated 192.168.1 .5

    PC-2 192.168.1. 6

    VLAN 100

    Port isolated
    ISCOM2826-1#config

    ISCOM2826-1(config)#create vlan 100 active


    ISCOM2826-1(config)#interface range 1-2 ISCOM2826-1(config-port)#switchport access vlan 100 ISCOM2826-1(config-port)#switchport protect

    ISCOM2826-1(config-port)#exit
    ISCOM2826-1(config)#int port 24 ISCOM2826-1(config-port)#switchport mode trunk ISCOM2826-1(config-port)#switchport trunk allowed vlan 100

    ISCOM2826-1(config-port)#exit

    Trunk mode

    ISCOM2826-1

    Port24 Trunk

    Port24 Trunk

    ISCOM2826-2

    Port1

    Port 2

    Port 1
    PC-3 192.168.1.7 VLAN20

    Port 2

    PC-1 192.168.1. 5VLAN20

    PC-2
    192.168.1.6 VLAN30

    PC-4
    192.168.1.8 VLAN30

    Trunk port configuration


    ISCOM2826-1#config ISCOM2826-1(config)#create vlan 20,30 active ISCOM2826-1(config)#interface port 1 ISCOM2826-1(config-port)#switchport access vlan 20 ISCOM2826-1(config-port)#exit ISCOM2826-1(config)#interface port 2 ISCOM2826-1(config-port)#switchport access vlan 30 ISCOM2826-1(config-port)#exit ISCOM2826-1(config)#int port 24 ISCOM2826-1(config-port)#switchport mode trunk ISCOM2826-1(config-port)#switchport trunk allowed vlan all ISCOM2826-1(config-port)#exit

    ISCOM2826-2 configuration same to above

    Hybrid port

    ISCOM2826-1

    Port24

    Port24

    ISCOM2826-2

    Port1 PC-1 192.168.1. 5VLAN20

    Port 2 PC-2 192.168.1.6 VLAN30

    Port1 PC-3 192.168.1.7 VLAN20

    Port 2 PC-4 192.168.1.8 VLAN30

    Hybrid mode configuration


    ISCOM2826-1 # config

    ISCOM2826-1(config)#create vlan 20,30 active


    ISCOM2826-1(config)#interface port 24 ISCOM2826-1(config-port)# switchport mode hybrid ISCOM2826-1(config-port)# switchport hybrid allowed vlan 20

    ISCOM2826-1(config-port)# switchport hybrid untagged vlan 30


    ISCOM2826-1(config-port)# switchport native vlan 30 ISCOM2826-1(config-port)#exit ISCOM2826-1(config)#interface port 1

    ISCOM2826-1(config-port)# switchport access vlan 20


    ISCOM2826-1(config)#interface port 2 ISCOM2826-1(config-port)# switchport access vlan 30

    ISCOM2826-2 is same

    system operation

    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    Q-in-Q

    MAC DA MAC SA
    P-ETHER TYPE
    P-Vlan Cos

    P-VLAN TAG C-VLAN TAG


    ETHER TYPE DATA CRC

    P-CFI=0
    P-Vlan ID

    Q-in-Q
    C-Mac DA C-Mac SA C-Vlan Tag (C-Vlan ID 60 61 62) C-Ether Type C-Data C-CRC C-Mac DA C-Mac SA P-Vlan Tag (P-Vlan ID 100) C-Vlan Tag C-Ether Type C-Data C-CRC
    C-Vlan ID 60 C-Vlan ID 61 C-Vlan ID 62

    UNI

    P-Vlan ID 100

    Standard Q-in-Q

    ISP
    switchA
    Port1 Port27

    ISP 1

    Port28 Port28

    ISP 2

    Port27 Port1

    switchB

    Port2

    Port3

    P-VLAN Tag 100

    Port2

    Port3

    C-VLAN Tag 10 C-VLAN Tag 20

    C-VLAN Tag 10 C-VLAN Tag 20

    Standard Q-in-Q
    SwitchA(config)#create vlan 10,20 active SwitchA(config)# interface port 1 SwitchA(config-port)#switchport mode trunk SwitchA(config-port)#switchport trunk allowed vlan all SwitchA(config)# interface port 2 SwitchA(config-port)# switchport access vlan 10 SwitchA(config)# interface port 3 SwitchA(config-port)# switchport access vlan 20

    Switch B configuration similar to A

    Standard Q-in-Q
    ISP1(config)# create vlan 100 active ISP1(config)# interface port 27 ISP1(config-port)# switchport mode dot1q-tunnel ISP1(config-port)# switchport access vlan 100 ISP1(config)# interface port 28 ISP1(config-port)# switchport mode trunk doubletagging ISP1(config-port)#switchport trunk allowed vlan all

    ISP2 config similar to ISP1

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    DHCP Server config

    DHCP Server config


    ISCOM3026(config)#create vlan 10,20,30 active ISCOM3026(config)#interface port 1 ISCOM3026(config-port)#switchport access vlan 10 ISCOM3026(config)#interface port 2 ISCOM3026(config-port)#switchport access vlan 20 ISCOM3026(config)#interface port 3 ISCOM3026(config-port)#switchport access vlan 30 ISCOM3026(config)#interface ip 1 ISCOM3026(config-ip)#ip address 192.168.1.1 255.255.255.0 10 ISCOM3026(config)#interface ip 2 ISCOM3026(config-ip)#ip address 192.168.2.1 255.255.255.0 20 ISCOM3026(config)#interface ip 3 ISCOM3026(config-ip)#ip address 192.168.3.1 255.255.255.0 30 ISCOM3026(config)#ip routing ISCOM3026(config)#dhcp-server ip-pool raise001 192.168.1.2 192.168.1.254 255.255.255.0 vlan-list 10 gateway 192.168.1.1 dns 202.102.192.68 ISCOM3026(config)#dhcp-server ip-pool riase002 192.168.2.2 192.168.2.254 255.255.255.0 vlan-list 20 gateway 192.168.2.1 dns 202.102.192.68 ISCOM3026(config)#dhcp-server enable

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    Why STP
    Server X

    router Y

    STP configuration Raisecom(config)#spanning-tree enable Raisecom(config)#spanning-tree mode stp

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    Loopback detection
    Port 1

    Loopback detection Hub


    iscom2826#config loopback

    iscom2826(config)#loopback-detection enable port-list all

    iscom2826(config)#loopback-detection hello-time 3

    iscom2826(config)#int range all iscom2826(config-range)#loopback-detection down-time 600

    ACL

    Combination of six elements

    ACL based on MAC


    ISCOM2826-1
    raisecom# config
    Port3 port1 port2

    raisecom(config)# mac-access-list 0 permit ip any any


    raisecom(config)# mac-access-list 1 deny 1234.1234.1234 5678.5678.5678 ip

    raisecom(config)# filter mac-access-list all


    PC-1 PC-2 PC-3

    raisecom(config)# filter enable raisecom(config)# exit

    Mac:1234.1234.1234

    Mac5678.5678.5678

    ACL based on IP address


    ISCOM2826-1
    raisecom#config
    port3 port1 port2

    raisecom(config)# IP-access-list 0 permit ip any any raisecom(config)# IP-access-list 1 deny ip 192.168.1.4 255.255.255.255 192.168.1.5 255.255.255.255

    PC-1 192.168.1. 3

    PC-2 192.168.1.4

    PC-3 192.168.1. 5

    raisecom(config)# filter ip-access-list all raisecom(config)# filter enable raisecom(config)# exit

    ACL based on VLAN


    ISCOM2826-1
    raisecom# config raisecom(config)# ip-access-list 0 deny ip any 192.168.1.4 255.255.255.255

    port1

    port2

    port3

    raisecom(config)# ip-access-list 1 permit ip 192.168.1.3 255.255.255.255 192.168.1.4 255.255.255.255


    PC-3

    PC-1

    PC-2

    raisecom(config)# filter ip-access-list all vlan 10

    192.168.1.3

    VLAN 10

    192.168.1.4 192.168.1. 5

    raisecom(config)# filter enable


    raisecom(config)# exit

    ACL based on protocol


    ISCOM2826-1
    raisecom# config
    port3 port1 port2

    raisecom(config)# ip-access-list 0 deny TCP any 192.168.1.3 255.255.255.255 21

    raisecom(config)# ip-access-list 1 permit TCP 192.168.1.4 255.255.255.255 192.168.1.3 255.255.255.255 21


    PC-3 192.168.1.5

    raisecom(config)# filter ip-access-list all raisecom(config)# filter enable raisecom(config)# exit

    PC-1 192.168.1. 3 FTP

    PC-2 192.168.1.4

    system operation
    Port technologies VLAN Q-in-Q DHCP STP Secure Multi-cast

    Unicast and Multicast

    IGMP Snooping

    MVR

    IGMP Snooping
    default
    IGMP Snooping is disabled

    IGMP Snooping enable


    Raisecom(config) #ip igmp snooping Raisecom(config) #ip igmp snooping vlan vlan-id

    Router port configuration


    Raisecom(config)#ip igmp snooping mrouter vlan

    vlan-id port port-id

    Das könnte Ihnen auch gefallen