网络拓扑

注意：在配置RRPP过程中，交换机必须先断开一个方向，否则就会成环，导致网络不通。

配置思路：

1、创建eth-trunk并配置：

福州：

#

interface Eth-Trunk1 description --SW--fuzhou--to--hangzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 to 300 4092 to 4093                           ==============vlan必须在RRPP配置完成之后，才能添加，否则RRPP创建不成功。 stp disable # interface Eth-Trunk2 description --SW--fuzhou--to--wenzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1  port trunk allow-pass vlan 100 to 300 4092 to 4093     ==============vlan必须在RRPP配置完成之后，才能添加，否则RRPP创建不成功。

stp disable #

 

杭州：

#

interface Eth-Trunk1 description --SW--hangzhou--fuzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1  port trunk allow-pass vlan 100 to 300 4092 to 4093        ==============vlan必须在RRPP配置完成之后，才能添加，否则RRPP创建不成功。 stp disable # interface Eth-Trunk2 description --SW--hangzhou--ningbo--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1  port trunk allow-pass vlan 100 to 300 4092 to 4093    ==============vlan必须在RRPP配置完成之后，才能添加，否则RRPP创建不成功。

stp disable #

宁波：

#

interface Eth-Trunk1 description --sw--ningbo--to--wenzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 to 300 4092 to 4093 stp disable # interface Eth-Trunk2 description --sw--ningbo--to--hangzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 to 300 4092 to 4093 stp disable #

温州：

#

interface Eth-Trunk1 description --SW--wenzhou--to--ningbo--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 to 300 4092 to 4093 stp disable # interface Eth-Trunk2 description --SW--wenzhou--to--fuzhou--DWDM--huiju set flow-stat interval 10 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 to 300 4092 to 4093 stp disable #

2、创建类

#

stp region-configuration instance 1 vlan 100 300 to 4093 active region-configuration #

4台交换机配置相同，此处略。

3、RRPP配置：

福州：

#

rrpp domain 1 control-vlan 4092                        protected-vlan reference-instance 1 timer hello-timer 2 fail-timer 6 ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0 ring 1 enable #

杭州：

#

rrpp domain 1 control-vlan 4092                        protected-vlan reference-instance 1 timer hello-timer 2 fail-timer 6 ring 1 node-mode master primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0 ring 1 enable #

宁波：

#

rrpp domain 1 control-vlan 4092                        protected-vlan reference-instance 1 timer hello-timer 2 fail-timer 6 ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0 ring 1 enable #

温州：

#

rrpp domain 1 control-vlan 4092                        protected-vlan reference-instance 1 timer hello-timer 2 fail-timer 6 ring 1 node-mode transit primary-port Eth-Trunk1 secondary-port Eth-Trunk2 level 0 ring 1 enable #

4、激活RRPP：

在4台交换机上配置RRPP enable命令。

5、创建vlan，并配置4台交换机的地址：

福州：

#                                        

interface Vlanif100 ip address 172.40.1.11 255.255.255.224 #

杭州：

#                                        

interface Vlanif100 ip address 172.40.1.8 255.255.255.224 #

宁波：

#                                        

interface Vlanif100 ip address 172.40.1.9 255.255.255.224 #

温州：

#                                        

interface Vlanif100 ip address 172.40.1.10 255.255.255.224 #

6、把eth-trunk加入到端口，并描述端口：

福州：

#

interface GigabitEthernet0/0/1 description fuzhou--to--hangzhou--DWDM--CH33 eth-trunk 1                              # interface GigabitEthernet0/0/2 description fuzhou--to--hangzhou--DWDM--CH27 eth-trunk 1 # interface GigabitEthernet0/0/3 description fuzhou--to--wenzhou--DWDM--CH21 eth-trunk 2 # interface GigabitEthernet0/0/4 description fuzhou--to--wenzhou--DWDM--CH23 eth-trunk 2 #

杭州：

#

interface GigabitEthernet0/0/1 description hangzhou--to--fuzhou--DWDM--CH33 eth-trunk 1                              # interface GigabitEthernet0/0/2 description hangzhou--to--fuzhou--DWDM--CH27 eth-trunk 1 # interface GigabitEthernet0/0/3 description hangzhou--to--ningbo--DWDM--CH58 eth-trunk 2 # interface GigabitEthernet0/0/4 description hangzhou--to--ningbo--DWDM--CH57 eth-trunk 2 #

宁波：

#

interface GigabitEthernet0/0/1 description ningbo--to--wenzhou--DWDM--CH58 eth-trunk 1                              # interface GigabitEthernet0/0/2 description ningbo--to--wenzhou--DWDM--CH57 eth-trunk 1 # interface GigabitEthernet0/0/3 description ningbo--to--hangzhou--DWDM--CH58 eth-trunk 2 # interface GigabitEthernet0/0/4 description ningbo--to--hangzhou--DWDM--CH57 eth-trunk 2 #

温州：

#

interface GigabitEthernet0/0/1 description wenzhou--to--ningbo--DWDM--CH58 eth-trunk 1                              # interface GigabitEthernet0/0/2 description wenzhou--to--ningbo--DWDM--CH57 eth-trunk 1 # interface GigabitEthernet0/0/3 description wenzhou--to--fuzhou--DWDM--CH21 eth-trunk 2 # interface GigabitEthernet0/0/4 description wenzhou--to--fuzhou--DWDM--CH23 eth-trunk 2 #

测试网络：

福州ping宁波：

<fuzhou-zj9312>ping 172.40.1.9

  PING 172.40.1.9: 56  data bytes, press CTRL_C to break     Reply from 172.40.1.9: bytes=56 Sequence=1 ttl=255 time=390 ms     Reply from 172.40.1.9: bytes=56 Sequence=2 ttl=255 time=60 ms     Reply from 172.40.1.9: bytes=56 Sequence=3 ttl=255 time=70 ms     Reply from 172.40.1.9: bytes=56 Sequence=4 ttl=255 time=70 ms     Reply from 172.40.1.9: bytes=56 Sequence=5 ttl=255 time=60 ms

  --- 172.40.1.9 ping statistics ---

    5 packet(s) transmitted     5 packet(s) received     0.00% packet loss     round-trip min/avg/max = 60/130/390 ms

<fuzhou-zj9312>

福州ping杭州：

默认是就近原则，路由为：福州-杭州

<fuzhou-zj9312>ping 172.40.1.8

  PING 172.40.1.8: 56  data bytes, press CTRL_C to break     Reply from 172.40.1.8: bytes=56 Sequence=1 ttl=255 time=40 ms     Reply from 172.40.1.8: bytes=56 Sequence=2 ttl=255 time=10 ms     Reply from 172.40.1.8: bytes=56 Sequence=3 ttl=255 time=30 ms     Reply from 172.40.1.8: bytes=56 Sequence=4 ttl=255 time=50 ms     Reply from 172.40.1.8: bytes=56 Sequence=5 ttl=255 time=20 ms

  --- 172.40.1.8 ping statistics ---

    5 packet(s) transmitted     5 packet(s) received     0.00% packet loss     round-trip min/avg/max = 10/30/50 ms

<fuzhou-zj9312>

把福州eth-trunk 1断开，测试福州到杭州

路由为：福州-温州-宁波-杭州

[fuzhou-zj9312]ping 172.40.1.8   

  PING 172.40.1.8: 56  data bytes, press CTRL_C to break     Reply from 172.40.1.8: bytes=56 Sequence=1 ttl=255 time=110 ms     Reply from 172.40.1.8: bytes=56 Sequence=2 ttl=255 time=110 ms     Reply from 172.40.1.8: bytes=56 Sequence=3 ttl=255 time=80 ms     Reply from 172.40.1.8: bytes=56 Sequence=4 ttl=255 time=110 ms     Reply from 172.40.1.8: bytes=56 Sequence=5 ttl=255 time=100 ms

  --- 172.40.1.8 ping statistics ---

    5 packet(s) transmitted     5 packet(s) received     0.00% packet loss     round-trip min/avg/max = 80/102/110 ms

[fuzhou-zj9312]

安全配置：

aaa

local-user test password simple 123456

local-user test privilege level 0

local-user test service-type telnet

local-user gouzhongxing password simple aqkfkhnuiwu

local-user gouzhongxing privilege level 15

local-user gouzhongxing service-type telnet web

#

user-interface maximum-vty 15

user-interface con 0

authentication-mode password

user privilege level 15

set authentication password simple zydx2013

user-interface vty 0 14

authentication-mode aaa

#

telnet使用aaa本地登录。

 

实验成功。