最新S7506E三层交换机配置.docx

Four short words sum up what has lifted most successful individuals above the crowd: a little bit more.-author-dateS7506E三层交换机配置S7506E三层交换机配置* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved. * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. *Login authenticationUsername:adminPassword:<7506E>di cur# version 5.20, Release 6305# sysname 7506E# domain default enable system# telnet server enable# ip ttl-expires enable ip unreachables enable# port-security enable# loopback-detection enable# mirroring-group 1 local mirroring-group 2 local#switch-mode standard#acl number 3010 description to UTM200 rule 0 permit ip source 192.168.128.0 0.0.15.255 rule 1 permit ip source 192.168.160.0 0.0.31.255acl number 3011 rule 0 permit ip source 192.168.34.0 0.0.0.255 rule 1 permit ip source 192.168.37.0 0.0.0.255 rule 2 permit ip source 192.168.31.0 0.0.0.255 rule 3 permit ip source 192.168.39.0 0.0.0.255 rule 4 permit ip source 192.168.254.0 0.0.0.255acl number 3500 # vlan 1 # vlan 2 to 2221 # vlan 2222 description wireless_guest# vlan 2223 to 2500# vlan 3000 description test# vlan 3901 description dianxin ap# vlan 3902 description test# vlan 3985 description dhcp for temp guest meeting supervlan subvlan 36 # vlan 3986 description dianxin wireless supervlan subvlan 3901 # vlan 3987 description huisuo vlan 33 supervlan subvlan 33 # vlan 3988 description wireless supervlan subvlan 2222 # vlan 3989 supervlan subvlan 3 to 29# vlan 3990 supervlan subvlan 1226 to 1250# vlan 3991 supervlan subvlan 1200 to 1225# vlan 3992 supervlan subvlan 100 to 111# vlan 3993 supervlan subvlan 1032 to 1150# vlan 3994 supervlan subvlan 911 to 1031# vlan 3995 supervlan subvlan 791 to 910# vlan 3996 supervlan subvlan 351 to 421 747 to 790# vlan 3997 supervlan subvlan 231 to 350# vlan 3998 supervlan subvlan 112 to 230# vlan 3999 description to UTM200# vlan 4000 to 4001# ftth # domain system access-limit disable state active idle-cut disable self-service-url disable# traffic classifier kefang operator and if-match acl 3010traffic classifier denyvlanclass operator and if-match acl 3500# traffic behavior kefang redirect next-hop 192.168.145.2traffic behavior dengvlan filter deny # qos policy kefang classifier kefang behavior kefangqos policy denyvlan classifier denyvlanclass behavior dengvlan# dhcp server ip-pool 3985 network 192.168.36.0 mask 255.255.255.0 gateway-list 192.168.36.254 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 8# dhcp server ip-pool 3986 network 192.168.160.0 mask 255.255.224.0 gateway-list 192.168.160.1 dns-list 202.96.128.86 8.8.8.8 202.96.128.166 expired day 0 hour 2# dhcp server ip-pool 3987 network 192.168.33.0 mask 255.255.255.0 gateway-list 192.168.33.254 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 8# dhcp server ip-pool 3988 network 192.168.142.0 mask 255.255.254.0 gateway-list 192.168.142.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3989 network 192.168.140.0 mask 255.255.254.0 gateway-list 192.168.140.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3990 network 192.168.138.0 mask 255.255.254.0 gateway-list 192.168.138.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3991 network 192.168.136.0 mask 255.255.254.0 gateway-list 192.168.136.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3992 network 192.168.134.0 mask 255.255.254.0 gateway-list 192.168.134.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3993 network 192.168.132.128 mask 255.255.255.128 gateway-list 192.168.132.129 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3994 network 192.168.132.0 mask 255.255.255.128 gateway-list 192.168.132.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3995 network 192.168.131.128 mask 255.255.255.128 gateway-list 192.168.131.129 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3996 network 192.168.131.0 mask 255.255.255.128 gateway-list 192.168.131.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3997 network 192.168.130.128 mask 255.255.255.128 gateway-list 192.168.130.129 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3998 network 192.168.130.0 mask 255.255.255.128 gateway-list 192.168.130.1 dns-list 202.96.128.86 202.96.128.166 8.8.8.8 expired day 0 hour 4# dhcp server ip-pool 3999# local-user admin password cipher _PWRO>8'4.DN#U3;6Q! service-type telnet level 3 # stp instance 0 root primary stp enable # monitor-link group 1# interface NULL0 # interface Vlan-interface1 ip address 192.168.39.2 255.255.255.0# interface Vlan-interface2 ip address 192.168.31.227 255.255.255.0# interface Vlan-interface30 ip address 192.168.30.254 255.255.255.0# interface Vlan-interface32 ip address 192.168.32.254 255.255.255.0# interface Vlan-interface34 ip address 192.168.34.254 255.255.255.0# interface Vlan-interface35 ip address 192.168.35.254 255.255.255.0# interface Vlan-interface37 ip address 192.168.37.254 255.255.255.0# interface Vlan-interface38 ip address 192.168.38.254 255.255.255.0# interface Vlan-interface3985 ip address 192.168.36.254 255.255.255.0# interface Vlan-interface3986 (分配网关) ip address 192.168.160.1 255.255.224.0 local-proxy-arp enable# interface Vlan-interface3987 ip address 192.168.33.254 255.255.255.0# interface Vlan-interface3988 ip address 192.168.142.1 255.255.254.0# interface Vlan-interface3989 ip address 192.168.140.1 255.255.254.0 local-proxy-arp enable# interface Vlan-interface3990 ip address 192.168.138.1 255.255.254.0 local-proxy-arp enable# interface Vlan-interface3991 ip address 192.168.136.1 255.255.254.0 local-proxy-arp enable# interface Vlan-interface3992 ip address 192.168.134.1 255.255.254.0 local-proxy-arp enable# interface Vlan-interface3993 ip address 192.168.132.129 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3994 ip address 192.168.132.1 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3995 ip address 192.168.131.129 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3996 ip address 192.168.131.1 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3997 ip address 192.168.130.129 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3998 ip address 192.168.130.1 255.255.255.128 local-proxy-arp enable# interface Vlan-interface3999 description to UTM200 ip address 192.168.145.1 255.255.255.0# interface Vlan-interface4000 description to f1000-s ip address 192.168.254.1 255.255.255.0# interface Vlan-interface4001 ip address 192.168.254.101 255.255.255.252# interface GigabitEthernet2/0/1 port link-type trunk port trunk permit vlan 1 to 3984 3999 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/2 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/3 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/4 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/5 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/6 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/7 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/8 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/9 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/10 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/11 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet2/0/12 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet3/0/1 port access vlan 4000 qos apply policy kefang inbound# interface GigabitEthernet3/0/2 port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 3 to 29 39 50 to 99 101 to 3984 4001 to 4094 port trunk pvid vlan 39 qos apply policy kefang inbound mirroring-group 1 mirroring-port both# interface GigabitEthernet3/0/3 port access vlan 2 qos apply policy kefang inbound# interface GigabitEthernet3/0/4 port access vlan 1227 qos apply policy kefang inbound mirroring-group 2 monitor-port# interface GigabitEthernet3/0/5 port access vlan 3901 qos apply policy kefang inbound# interface GigabitEthernet3/0/6 port access vlan 8# interface GigabitEthernet3/0/7 port access vlan 3999 description to UTM-200_G 0/0 qos apply policy kefang inbound# interface GigabitEthernet3/0/8 port access vlan 8 qos apply policy kefang inbound# interface GigabitEthernet3/0/9 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/10 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/11 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/12 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/13 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/14 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/15 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/16 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/17 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/18 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/19 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/20 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/21 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/22 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/23 port access vlan 35 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/24 port access vlan 34 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/25 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/26 port access vlan 2 stp edged-port enable qos apply policy kefang inbound# interface GigabitEthernet3/0/27 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound mirroring-group 1 monitor-port# interface GigabitEthernet3/0/28 port access vlan 2 qos apply policy kefang inbound# interface GigabitEthernet3/0/29 port access vlan 29 qos apply policy kefang inbound# interface GigabitEthernet3/0/30 port link-type trunk port trunk permit vlan 1 to 3984 4000 to 4094 qos apply policy kefang inbound# interface GigabitEthernet3/0/31