Chinaunix

标题: 请大家多指教！！！ [打印本页]

---

作者: yangjiushan    时间: 2005-08-08 19:20
标题: 请大家多指教！！！
各位大侠：我们公司要我用一个CISCO-3550-EMI的交换机配置一套方案 (就一台交换机)，让两个不同网段的主机（注意：500多台主机，其中一VLAN里的主机是少于254台；另一VLAN里的主机是多于254台，甚至多达400多台，以后能达700多台）能够在“网上邻居”里看到对方且互相能够访问.
大家且不要再说划分VLAN的事，我们这样做的目的只有一个，就是把这两个相距较远（2公里）的主机连在一块，就是分别接入这两个VLAN。

且又要做到交换机能隔离广播的作用，又要能通过“网上邻居”来访问整个网络的主机。我现在都能实现上面的两个功能！！！请大家看看下面的配置，还有没有什么问题。


configure terminal
vtp mode transparent
vlan 10
name vlan10
exit
vlan 11
name vlan11
end

configure terminal
interface fastethernet0/10
switchport mode access
switchport access vlan 10
exit
interface fastethernet0/11
switchport mode access
switchport access vlan 11
exit

interface vlan10
ip address 192.168.3.254 255.255.252.0
no shutdown
exit
interface vlan11
ip address 192.168.4.254 255.255.255.0
no shutdown
exit

ip routing
ip forward-protocol udp 137
ip forward-protocol udp 138
ip forward-protocol udp 139
inter vlan 10
ip helper 192.168.4.0
exit
inter vlan 11
ip helper 192.168.0.0
ip helper 192.168.1.0
ip helper 192.168.2.0
ip helper 192.168.3.0
exit

ip route 0.0.0.0 0.0.0.0 Vlan10
ip route 0.0.0.0 0.0.0.0 Vlan11

access-list 103 permit ip 192.168.4.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 103 permit ip 192.168.4.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 103 permit ip 192.168.4.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 103 permit ip 192.168.4.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 103 permit udp any any eq netbios-dgm
access-list 103 permit udp any any eq netbios-ns
access-list 103 permit udp any any eq netbios-ss
access-list 103 permit udp any eq netbios-dgm any
access-list 103 permit udp any eq netbios-ns any
access-list 103 permit udp any eq netbios-ss any
inter vlan 10
ip directed-broadcast 103
exit
access-list 104 permit ip 192.168.0.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 104 permit ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 104 permit ip 192.168.2.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 104 permit ip 192.168.3.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 104 permit udp any any eq netbios-dgm
access-list 104 permit udp any any eq netbios-ns
access-list 104 permit udp any any eq netbios-ss
access-list 104 permit udp any eq netbios-dgm any
access-list 104 permit udp any eq netbios-ns any
access-list 104 permit udp any eq netbios-ss any
inter vlan 11
ip directed-broadcast 104
exit

inter vlan 10
ip access-group 103 out
exit
inter vlan 11
ip access-group 104 out

end
copy run star

下面还有本方案的拓朴图：

未命名.GIF (7.97 KB, 下载次数: 8)

下载附件

2005-08-08 19:20 上传

---

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)

Powered by Discuz! X3.2