在发个原帖，跟大家讨论讨论，看看我的配置还哟什么需要改进的！是华为6504交换机！

wangbo6200

华为交换机6504配置贴出来跟大家讨论讨论，请大侠指教！！
我个人认为，就划分了几个vlan，没有其他特别的。



Core-Switch>display cu
#
sysname Core-Switch
#
local-server nas-ip 127.0.0.1 key huawei
#
domain default enable system
#
dhcp-server 1 ip 192.168.99.10
#
temperature-limit 0 10 70
temperature-limit 1 10 70
temperature-limit 2 10 70
#
poe power max-value 2400
#
gvrp
#
vrrp ping-enable
#
radius scheme system
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#                                         
isis scu
#
domain system
vlan-assignment-mode integer
access-limit disable
state active
idle-cut disable
self-service-url disable
messenger time disable
domain xinzheng.com
vlan-assignment-mode integer
access-limit disable
state active
idle-cut disable
self-service-url disable
messenger time disable
#
stp TC-protection enable
stp enable
#
acl name fw advanced
rule 0 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.10.0 0.0.0.255
rule 2 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.30.0 0.0.0.255
rule 3 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.40.0 0.0.0.255
rule 4 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.50.0 0.0.0.255
rule 5 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.99.0 0.0.0.255
rule 6 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.110.0 0.0.0.255
rule 7 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.120.0 0.0.0.255
rule 8 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.230.0 0.0.0.255
rule 9 deny ip source 10.0.0.0 0.0.0.255 destination 192.168.200.0 0.0.0.255
rule 10 deny ip source 10.0.0.0 0.0.0.255 destination 192.9.100.0 0.0.0.255
rule 11 deny ip source 10.0.0.0 0.0.0.255 destination 10.10.10.0 0.0.0.255
#
vlan 1
#
vlan 10
name 3-1-A
#
vlan 30
name 3-1-C
#
vlan 40
name 3-1-D
#
vlan 50                                   
name 3-1-E
#
vlan 60
#
vlan 99
name Server
#
vlan 100
name Internet
#
vlan 110
name 3-2-A
#
vlan 120
name 3-2-B
#
vlan 200
name boardroom
#
vlan 300
name wireless
#
interface Vlan-interface1                 
ip address 192.9.100.100 255.255.255.0
#
interface Vlan-interface10
ip address 192.168.10.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface30
ip address 192.168.30.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface40
ip address 192.168.40.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface50
ip address 192.168.50.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface60
ip address 10.10.10.1 255.255.255.0
dhcp-server 1
#                                         
interface Vlan-interface99
ip address 192.168.99.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface100
ip address 192.168.0.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface110
ip address 192.168.110.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface120
ip address 192.168.120.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface200
ip address 192.168.200.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface300
ip address 192.168.230.1 255.255.255.0   
dhcp-server 1
#
interface Aux0/0/0
#
interface M-Ethernet0/0/0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 1
packet-filter inbound ip-group fw rule 2 system-index 2
packet-filter inbound ip-group fw rule 3 system-index 3
packet-filter inbound ip-group fw rule 4 system-index 4
packet-filter inbound ip-group fw rule 5 system-index 5
packet-filter inbound ip-group fw rule 6 system-index 6
packet-filter inbound ip-group fw rule 7 system-index 7
packet-filter inbound ip-group fw rule 8 system-index 8
packet-filter inbound ip-group fw rule 9 system-index 9
packet-filter inbound ip-group fw rule 11 system-index 100
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 10
packet-filter inbound ip-group fw rule 2 system-index 11
packet-filter inbound ip-group fw rule 3 system-index 12
packet-filter inbound ip-group fw rule 4 system-index 13
packet-filter inbound ip-group fw rule 5 system-index 14
packet-filter inbound ip-group fw rule 6 system-index 15
packet-filter inbound ip-group fw rule 7 system-index 16
packet-filter inbound ip-group fw rule 8 system-index 17
packet-filter inbound ip-group fw rule 9 system-index 18
packet-filter inbound ip-group fw rule 10 system-index 91
packet-filter inbound ip-group fw rule 11 system-index 101
#                                         
interface GigabitEthernet1/0/3
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 19
packet-filter inbound ip-group fw rule 2 system-index 20
packet-filter inbound ip-group fw rule 3 system-index 21
packet-filter inbound ip-group fw rule 4 system-index 22
packet-filter inbound ip-group fw rule 5 system-index 23
packet-filter inbound ip-group fw rule 6 system-index 24
packet-filter inbound ip-group fw rule 7 system-index 25
packet-filter inbound ip-group fw rule 8 system-index 26
packet-filter inbound ip-group fw rule 9 system-index 27
packet-filter inbound ip-group fw rule 10 system-index 92
packet-filter inbound ip-group fw rule 11 system-index 102
#
interface GigabitEthernet1/0/4
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 28
packet-filter inbound ip-group fw rule 2 system-index 29
packet-filter inbound ip-group fw rule 3 system-index 30
packet-filter inbound ip-group fw rule 4 system-index 31
packet-filter inbound ip-group fw rule 5 system-index 32
packet-filter inbound ip-group fw rule 6 system-index 33
packet-filter inbound ip-group fw rule 7 system-index 34
packet-filter inbound ip-group fw rule 8 system-index 35
packet-filter inbound ip-group fw rule 9 system-index 36
packet-filter inbound ip-group fw rule 10 system-index 93
packet-filter inbound ip-group fw rule 11 system-index 103
#
interface GigabitEthernet1/0/5
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 37
packet-filter inbound ip-group fw rule 2 system-index 38
packet-filter inbound ip-group fw rule 3 system-index 39
packet-filter inbound ip-group fw rule 4 system-index 40
packet-filter inbound ip-group fw rule 5 system-index 41
packet-filter inbound ip-group fw rule 6 system-index 42
packet-filter inbound ip-group fw rule 7 system-index 43
packet-filter inbound ip-group fw rule 8 system-index 44
packet-filter inbound ip-group fw rule 9 system-index 45
packet-filter inbound ip-group fw rule 10 system-index 94
packet-filter inbound ip-group fw rule 11 system-index 104
#
interface GigabitEthernet1/0/6
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 46
packet-filter inbound ip-group fw rule 2 system-index 47
packet-filter inbound ip-group fw rule 3 system-index 48
packet-filter inbound ip-group fw rule 4 system-index 49
packet-filter inbound ip-group fw rule 5 system-index 50
packet-filter inbound ip-group fw rule 6 system-index 51
packet-filter inbound ip-group fw rule 7 system-index 52
packet-filter inbound ip-group fw rule 8 system-index 53
packet-filter inbound ip-group fw rule 9 system-index 54
packet-filter inbound ip-group fw rule 10 system-index 95
packet-filter inbound ip-group fw rule 11 system-index 105
#
interface GigabitEthernet1/0/7
port link-type trunk
port trunk permit vlan all
qos                                      
packet-filter inbound ip-group fw rule 0 system-index 55
packet-filter inbound ip-group fw rule 2 system-index 56
packet-filter inbound ip-group fw rule 3 system-index 57
packet-filter inbound ip-group fw rule 4 system-index 58
packet-filter inbound ip-group fw rule 5 system-index 59
packet-filter inbound ip-group fw rule 6 system-index 60
packet-filter inbound ip-group fw rule 7 system-index 61
packet-filter inbound ip-group fw rule 8 system-index 62
packet-filter inbound ip-group fw rule 9 system-index 63
packet-filter inbound ip-group fw rule 10 system-index 96
packet-filter inbound ip-group fw rule 11 system-index 106
#
interface GigabitEthernet1/0/8
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 64
packet-filter inbound ip-group fw rule 2 system-index 65
packet-filter inbound ip-group fw rule 3 system-index 66
packet-filter inbound ip-group fw rule 4 system-index 67
packet-filter inbound ip-group fw rule 5 system-index 68
packet-filter inbound ip-group fw rule 6 system-index 69
packet-filter inbound ip-group fw rule 7 system-index 70
packet-filter inbound ip-group fw rule 8 system-index 71
packet-filter inbound ip-group fw rule 9 system-index 72
packet-filter inbound ip-group fw rule 10 system-index 97
packet-filter inbound ip-group fw rule 11 system-index 107
#
interface GigabitEthernet1/0/9
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 73
packet-filter inbound ip-group fw rule 2 system-index 74
packet-filter inbound ip-group fw rule 3 system-index 75
packet-filter inbound ip-group fw rule 4 system-index 76
packet-filter inbound ip-group fw rule 5 system-index 77
packet-filter inbound ip-group fw rule 6 system-index 78
packet-filter inbound ip-group fw rule 7 system-index 79
packet-filter inbound ip-group fw rule 8 system-index 80
packet-filter inbound ip-group fw rule 9 system-index 81
packet-filter inbound ip-group fw rule 10 system-index 98
packet-filter inbound ip-group fw rule 11 system-index 108
#
interface GigabitEthernet1/0/10           
port link-type trunk
port trunk permit vlan all
qos
packet-filter inbound ip-group fw rule 0 system-index 82
packet-filter inbound ip-group fw rule 2 system-index 83
packet-filter inbound ip-group fw rule 3 system-index 84
packet-filter inbound ip-group fw rule 4 system-index 85
packet-filter inbound ip-group fw rule 5 system-index 86
packet-filter inbound ip-group fw rule 6 system-index 87
packet-filter inbound ip-group fw rule 7 system-index 88
packet-filter inbound ip-group fw rule 8 system-index 89
packet-filter inbound ip-group fw rule 9 system-index 90
packet-filter inbound ip-group fw rule 10 system-index 99
packet-filter inbound ip-group fw rule 11 system-index 109
#
interface GigabitEthernet1/0/11
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14           
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
interface GigabitEthernet2/0/1
port access vlan 100
#
interface GigabitEthernet2/0/2
port access vlan 99
#
interface GigabitEthernet2/0/3
port access vlan 100
#                                         
interface GigabitEthernet2/0/4
#
interface GigabitEthernet2/0/5
#
interface GigabitEthernet2/0/6
#
interface GigabitEthernet2/0/7
#
interface GigabitEthernet2/0/8
#
interface GigabitEthernet2/0/9
#
interface GigabitEthernet2/0/10
#
interface GigabitEthernet2/0/11
port access vlan 99
#
interface GigabitEthernet2/0/12
port access vlan 99
#
interface GigabitEthernet2/0/13
port access vlan 99                     
#
interface GigabitEthernet2/0/14
port access vlan 99
#
interface GigabitEthernet2/0/15
port access vlan 99
#
interface GigabitEthernet2/0/16
port access vlan 99
#
interface GigabitEthernet2/0/17
port access vlan 99
#
interface GigabitEthernet2/0/18
port access vlan 99
#
interface GigabitEthernet2/0/19
#
interface GigabitEthernet2/0/20
port access vlan 99
#
interface NULL0                           
#
ip route-static 0.0.0.0 0.0.0.0 192.168.0.254 preference 60
#
user-interface aux 0
user-interface vty 0 4
user privilege level 3
set authentication password cipher E4#Z(F23LV3Q=^Q`MAF4<1!!
idle-timeout 6 0
protocol inbound telnet
#
return
<Core-Switch> ip address

[ 本帖最后由 wangbo6200 于 2008-12-31 11:09 编辑 ]

ssffzz1

是否需要是根据实际环境来说的。这样是啥也看不出来的。

bzzh

把你的拓扑结构发出来，单从配置上讲，你的per vlan all的端口是不是多了，下面有什么vlan就t什么vlan，不要全部t，否则以后出障碍可能不好查。