R1的配置

-----------------------------------------------------------------------------

sysname RT1
#
 super password level 3 simple h3c
#
 domain default enable system
#
 telnet server enable
#
acl number 2000
 rule 0 permit source 192.168.200.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
 group-attribute allow-guest
#               
local-user rt1  
 password simple rt1
 authorization-attribute level 2
 service-type telnet
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
bgp 65000       
 undo synchronization
 peer 172.16.1.2 as-number 65001
 peer 2.2.2.2 as-number 65000
 peer 6.6.6.6 as-number 65000
 peer 7.7.7.7 as-number 65000
 peer 172.16.1.2 route-policy fk export
 peer 172.16.1.2 route-policy fa import
 peer 2.2.2.2 next-hop-local
 peer 2.2.2.2 connect-interface LoopBack0
 peer 6.6.6.6 next-hop-local
 peer 6.6.6.6 connect-interface LoopBack0
 peer 7.7.7.7 next-hop-local
 peer 7.7.7.7 connect-interface LoopBack0
#               
ospf 1 router-id 1.1.1.1
 area 0.0.0.0   
  network 172.16.0.2 0.0.0.0
  network 172.16.0.9 0.0.0.0
  network 1.1.1.1 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
 if-match as-path 1
#               
 ip as-path 1 permit ^$
#               
 snmp-agent     
 snmp-agent local-engineid 800063A203000FE2D06060
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 undo snmp-agent trap enable voice dial
 snmp-agent trap source LoopBack0
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 idle-timeout 0 0
 protocol inbound telnet
#               
return

R2的配置

--------------------------------------------------------------------------

sysname RT2
#
 super password level 3 simple h3c
#
 domain default enable system
#
 telnet server enable
#
acl number 2000
 rule 0 permit source 192.168.100.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
ike proposal 1
#               
ike peer rt4    
 pre-shared-key simple h3c
 remote-address 172.16.1.6
#               
ipsec proposal 1
#               
ipsec policy-template huawei 1
 ike-peer rt4   
 proposal 1     
#               
ipsec policy h3c 1 isakmp template huawei
#               
user-group system
 group-attribute allow-guest
#               
local-user rt2  
 password simple rt2
 authorization-attribute level 2
 service-type telnet
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
bgp 65000       
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 172.16.1.6 as-number 65001
 peer 6.6.6.6 as-number 65000
 peer 7.7.7.7 as-number 65000
 peer 1.1.1.1 next-hop-local
 peer 1.1.1.1 connect-interface LoopBack0
 peer 172.16.1.6 route-policy fk export
 peer 172.16.1.6 route-policy fa import
 peer 6.6.6.6 next-hop-local
 peer 6.6.6.6 connect-interface LoopBack0
 peer 7.7.7.7 next-hop-local
 peer 7.7.7.7 connect-interface LoopBack0
#               
ospf 1 router-id 2.2.2.2
 area 0.0.0.0   
  network 2.2.2.2 0.0.0.0
  network 172.16.0.6 0.0.0.0
  network 172.16.0.10 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
 if-match as-path 1
#               
 ip as-path 1 permit ^$
#               
 ip route-static 0.0.0.0 0.0.0.0 100.0.0.2
#               
 snmp-agent     
 snmp-agent local-engineid 800063A203000FE2E62FC0
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 undo snmp-agent trap enable voice dial
 snmp-agent trap source LoopBack0
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 idle-timeout 0 0
 protocol inbound telnet
#               
return

R3的配置

--------------------------------------------------------------------

sysname RT3
#
 super password level 3 simple 123
#
 domain default enable system
#
 ip ttl-expires enable
 ip unreachables enable
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 port-security enable
#
acl number 2000
 rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2008
 rule 0 deny source 0.0.0.0 0
 rule 5 permit
#
vlan 1
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
 group-attribute allow-guest
#               
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 authorization-attribute level 3
 service-type telnet
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
cwmp            
 undo cwmp enable
#               
bgp 65001       
 undo synchronization
 peer 4.4.4.4 as-number 65001
 peer 172.16.1.1 as-number 65000
 peer 5.5.5.5 as-number 65001
 peer 4.4.4.4 next-hop-local
 peer 4.4.4.4 connect-interface LoopBack0
 peer 172.16.1.1 filter-policy 2008 export
 peer 172.16.1.1 route-policy fa import
 peer 5.5.5.5 next-hop-local
 peer 5.5.5.5 connect-interface LoopBack0
#               
ospf 1 router-id 3.3.3.3
 area 0.0.0.0   
  network 3.3.3.3 0.0.0.0
  network 172.16.2.1 0.0.0.0
  network 172.16.2.5 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fa permit node 20
#               
#               
voice-setup     
 #              
 sip            
 #              
 sip-server     
  #             
  call-rule-set
  #             
  call-route    
 #              
 dial-program   
  default entity fax protocol standard-t38
  default entity fax protocol standard-t38 hb-redundancy 0
  default entity fax protocol standard-t38 lb-redundancy 0
 #              
 aaa-client     
 #              
 gk-client      
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#               
return

R4的配置

------------------------------------------------------------------------

sysname RT4
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
acl number 2000
 rule 0 permit source 192.168.10.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.0 0.0.0.255
#
acl number 3000
 rule 0 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
acl number 3030
 rule 0 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.200.0 0.0.0.255
#
vlan 1
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
ike proposal 1  
#               
ike peer rt2    
 pre-shared-key simple h3c
 remote-address 172.16.1.5
#               
ipsec proposal 1
#               
ipsec policy h3c 1 isakmp
 security acl 3000
 ike-peer rt2   
 proposal 1     
#               
traffic classifier oa operator and
 if-match acl 3030
#               
traffic behavior oa
 queue af bandwidth pct 50
#               
qos policy h3c  
 classifier oa behavior oa
#               
local-user rt4  
 password simple h3c
 service-type ppp
#               
bgp 65001       
 undo synchronization
 peer 5.5.5.5 as-number 65001
 peer 172.16.1.5 as-number 65000
 peer 3.3.3.3 as-number 65001
 peer 5.5.5.5 next-hop-local
 peer 5.5.5.5 default-route-advertise
 peer 5.5.5.5 connect-interface LoopBack0
 peer 172.16.1.5 route-policy fa import
 peer 3.3.3.3 next-hop-local
 peer 3.3.3.3 default-route-advertise
 peer 3.3.3.3 connect-interface LoopBack0
#               
ospf 1 router-id 4.4.4.4
 area 0.0.0.0   
  network 4.4.4.4 0.0.0.0
  network 172.16.2.2 0.0.0.0
  network 172.16.2.9 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fa permit node 20
#               
 ip route-static 0.0.0.0 0.0.0.0 200.0.0.2
#               
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#               
return

R5的配置

-------------------------------------------------------------------

sysname RT5
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
acl number 2000
 rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2001
 rule 0 permit source 192.168.10.0 0.0.0.255
#
acl number 3030
 rule 5 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
traffic classifier oa operator and
 if-match acl 3030
#               
traffic behavior oa
 queue af bandwidth pct 50
#               
qos policy h3c  
 classifier oa behavior oa
#               
local-user rt5  
 password simple h3c
 service-type ppp
#               
bgp 65001       
 network 192.168.100.1 255.255.255.255
 network 192.168.200.1 255.255.255.255
 undo synchronization
 peer 4.4.4.4 as-number 65001
 peer 3.3.3.3 as-number 65001
 peer 4.4.4.4 route-policy fk import
 peer 4.4.4.4 connect-interface LoopBack0
 peer 3.3.3.3 route-policy fk import
 peer 3.3.3.3 connect-interface LoopBack0
#               
ospf 1 router-id 5.5.5.5
 area 0.0.0.0   
  network 5.5.5.5 0.0.0.0
  network 172.16.2.6 0.0.0.0
  network 172.16.2.10 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
route-policy fa permit node 20
route-policy fk permit node 10
 if-match acl 2001
 apply local-preference 400
route-policy fk permit node 20
#               
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#               
return

SW1的配置

----------------------------------------------------------------------

sysname SW1
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
acl number 2000
 rule 0 permit source 192.168.10.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
#               
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root primary
 stp instance 1 root primary
 stp instance 2 root secondary
 stp enable     
#               
bgp 65000       
 network 192.168.10.0 route-policy fa
 network 192.168.20.0
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 2.2.2.2 as-number 65000
 peer 1.1.1.1 connect-interface LoopBack0
 peer 2.2.2.2 connect-interface LoopBack0
#               
ospf 1 router-id 6.6.6.6
 area 0.0.0.0   
  network 6.6.6.6 0.0.0.0
  network 172.16.0.1 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
#               
user-interface aux 0
user-interface vty 0 4
#               
return

SW2 的配置

--------------------------------------------------------------------------

version 5.20, Release 5319P04
#
 sysname SW2
#
 super password level 3 cipher $c$3$nbNypWi5fBQG/0cezZ0kQlLgfhZBVkx+anDhOHBaSwsLC8U=
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
acl number 2000
 rule 0 permit source 192.168.20.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#               
vlan 30         
#               
domain system   
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
#               
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root secondary
 stp instance 1 root secondary
 stp instance 2 root primary
 stp enable     
#               
interface Bridge-Aggregation1
 port link-type trunk
 port trunk permit vlan 1 10 20
 stp instance 1 cost 1000
#               
interface NULL0
#               
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255
#               
interface Vlan-interface10
 ip address 192.168.10.252 255.255.255.0
 vrrp vrid 1 virtual-ip 192.168.10.254
 vrrp vrid 1 authentication-mode simple cipher $c$3$Bad9sQ7oGU1f3WXX6oCbS+4r///6ZA==
#               
interface Vlan-interface20
 ip address 192.168.20.252 255.255.255.0
 vrrp vrid 2 virtual-ip 192.168.20.254
 vrrp vrid 2 priority 110
 vrrp vrid 2 track interface Vlan-interface30 reduced 30
 vrrp vrid 2 authentication-mode simple cipher $c$3$7y7634QLWJTLfcyELBMFVKnhZ5l8PQ==
#               
interface Vlan-interface30
 ip address 172.16.0.5 255.255.255.252
#               
interface Ethernet1/0/1
 port link-mode bridge
 port link-type trunk
 port trunk permit vlan 1 10 20
 port link-aggregation group 1
#               
interface Ethernet1/0/2
 port link-mode bridge
 port link-type trunk
 port trunk permit vlan 1 10 20
 port link-aggregation group 1
#               
interface Ethernet1/0/3
 port link-mode bridge
 port link-type trunk
 port trunk permit vlan 1 10 20
#               
interface Ethernet1/0/4
 port link-mode bridge
 port access vlan 30
#               
interface Ethernet1/0/5
 port link-mode bridge
#               
interface Ethernet1/0/6
 port link-mode bridge
#               
interface Ethernet1/0/7
 port link-mode bridge
#               
interface Ethernet1/0/8
 port link-mode bridge
#               
interface Ethernet1/0/9
 port link-mode bridge
#               
interface Ethernet1/0/10
 port link-mode bridge
#               
interface Ethernet1/0/11
 port link-mode bridge
#               
interface Ethernet1/0/12
 port link-mode bridge
#               
interface Ethernet1/0/13
 port link-mode bridge
#               
interface Ethernet1/0/14
 port link-mode bridge
#               
interface Ethernet1/0/15
 port link-mode bridge
#               
interface Ethernet1/0/16
 port link-mode bridge
#               
interface Ethernet1/0/17
 port link-mode bridge
#               
interface Ethernet1/0/18
 port link-mode bridge
#               
interface Ethernet1/0/19
 port link-mode bridge
#               
interface Ethernet1/0/20
 port link-mode bridge
#               
interface Ethernet1/0/21
 port link-mode bridge
#               
interface Ethernet1/0/22
 port link-mode bridge
#               
interface Ethernet1/0/23
 port link-mode bridge
#               
interface Ethernet1/0/24
 port link-mode bridge
#               
interface GigabitEthernet1/1/1
 port link-mode bridge
#               
interface GigabitEthernet1/1/2
 port link-mode bridge
#               
interface GigabitEthernet1/1/3
 port link-mode bridge
#               
interface GigabitEthernet1/1/4
 port link-mode bridge
#               
bgp 65000       
 network 192.168.10.0
 network 192.168.20.0 route-policy fa
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 2.2.2.2 as-number 65000
 peer 1.1.1.1 connect-interface LoopBack0
 peer 2.2.2.2 connect-interface LoopBack0
#               
ospf 1 router-id 7.7.7.7
 area 0.0.0.0   
  network 7.7.7.7 0.0.0.0
  network 172.16.0.5 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
#               
user-interface aux 0
 user privilege level 2
user-interface vty 0 4
#               
return

SW3的配置

-----------------------------------------------------------------------

sysname SW3
#
 super password level 3 cipher *\Y0``CC]'I.BI/aC,8H/Q!!
#
radius scheme system
#
domain system
#
 stp bpdu-protection
 stp enable
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#
vlan 1
#
vlan 10
#
vlan 20
#
user-interface aux 0
 user privilege level 2                   
 idle-timeout 0 0                         
user-interface vty 0 4                    
#                                         
return

BGP拓扑正确配置的更多相关文章

  1. MySQL数据库集群进行正确配置步骤

    MySQL数据库集群进行正确配置步骤 2010-06-09 10:47 arrowcat 博客园 字号:T | T 我们今天是要和大家一起分享的是对MySQL数据库集群进行正确配置,我前两天在相关网站 ...

  2. phpMyAdmin:无法在发生错误时创建会话,请检查 PHP 或网站服务器日志,并正确配置 PHP 安装。

    一:错误提示 英文:Cannot start session without errors, please check errors given in your PHP and/or webserve ...

  3. Power Point已经检测到你的显卡可能无法正确配置

    Microsoft PowerPoint打开ppt时提示信息 PowerPoint已检测到你的显卡可能无法正确配置最佳的幻灯片播放体验(“Power Point has detected that y ...

  4. VM中ubuntu已经正确配置了静态IP仍无法上网

    情况描述:正确配置了ubuntu的IP,getway,DNS..无法ping通getway. 环境:宿主机:win7 32Bit  虚拟机:ununtu 10.04  VM:9.0.1 build-8 ...

  5. IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置

    转自IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置 IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置:        1.正确配置输出文件格式:菜单选择P ...

  6. Cacti监控Windows主机,Windows主机的正确配置

    使用cacti监控Windows主机的时候经常遇到无法获取Windows主机的snmp信息和Windows主机的硬件信息,主要原因是Windows主机没有正确配置snmp,以下是正确的配置步骤:1.安 ...

  7. sql2008升级到r2提示:检查当前是否正确配置了报表服务器、数据库服务器是否正在运行以及您是否有权访问

    sql2008升级到r2提示:检查当前是否正确配置了报表服务器.数据库服务器是否正在运行以及您是否有权访问 解决方法:把服务开启ok

  8. Oracle APEX 5.1 with Ords 17 in Tomcat 9–Error tips: 请求无法映射到任何数据库。请确保请求 URL 正确, 并且已正确配置 URL 到数据库的映射

    一次意外关机引发的血案 1.重新开机打开 tomcat 9, 一切正常 2.打开 ords,异常报错: 404 Not Found 请求无法映射到任何数据库.请确保请求 URL 正确, 并且已正确配置 ...

  9. struts2 正确配置通配符方式访问,报错解决

    今天遇到正确配置通配符访问action的方法,但是还是报错,原因struts 2.3 以后会内部会验证是否允许该方法,而我用的刚好是2.5的版本 要action配置中加上<allowed-met ...

随机推荐

  1. 通过崩溃地址找错误行数之Delphi版

    通过崩溃地址找错误行数之Delphi版2009-5-11 17:42:35 来源: 转载 作者:网络 访问:360 次 被顶:2 次 字号:[大 中 小]核心提示:什么是 MAP 文件?简单地讲, M ...

  2. delpi中的RTTI初试

    java中的反射机制使我们能够在运行期间获取运行期类的信息,那么在delphi中有没有这样的功能呢?答案是有,实现这种功能的机制在delphi中叫做RTTI,废话少说,先来一段demo: 1.先定义一 ...

  3. jquery控制动态生成的gridview中多列checkbox的全选反选及自动判断是否全选状态

    动态生成的Gridview的前台html代码如下:     <table class="usertableborder" cellspacing="0" ...

  4. faith的23堂课:培养良好的工作方法与做事风格

    目标:通过每天一点的学习和实践,逐步形成好的做事风格和工作生活习惯. 方式:每天教一点,实践一点. 第一课 计划与总结,工作日志,戴明环 第二课 目的性:搞清楚,你每个行为的目的 第三课 目标管理,调 ...

  5. UVA 529 Addition Chains(迭代搜索)

      Addition Chains  An addition chain for n is an integer sequence  with the following four propertie ...

  6. 自己写一个jqery的拖拽插件

    说实话,jQuery比原生的js好用多了,本来想用原生写的,也写出来的,仅仅是,感觉不像插件,所以用jQuery实现了一版. 实现的功能:能够指定拖拽的边界,在拖拽过程中,能够触发几个自己定义事件 先 ...

  7. Python string replace 方法

    Python string replace   方法 方法1: >>> a='...fuck...the....world............' >>> b=a ...

  8. 关于Delphi XE2的FMX的一点点研究之消息篇

    Delphi XE2出来了一阵子了,里面比较抢眼的东西,除了VCLStyle这个换肤的东西之外,另外最让人眼亮的应该是FMX这个东西了.万一的博客上都连载了一票的关于FMX的使用心得了.我还是没咋去关 ...

  9. RAID的解释(附购买链接)

     现在使用RAID6  早期 raid5+1hotspare   小型机有存储备份 就是这么多年没有恢复过~ 金融行业 数据万金  是的 磁盘阵列柜换控制器  型号太老 缓存数据问题 把存储都下线了 ...

  10. Java线程并发中常见的锁--自旋锁 偏向锁

    随着互联网的蓬勃发展,越来越多的互联网企业面临着用户量膨胀而带来的并发安全问题.本文着重介绍了在java并发中常见的几种锁机制. 1.偏向锁 偏向锁是JDK1.6提出来的一种锁优化的机制.其核心的思想 ...