华为Quidway 8508交换机上做策略路由笔记
#sysname center
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
idle-cut disable
self-service-url disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
#
Xbar load-single
#
temperature-limit 3 10 65
temperature-limit 4 10 50
temperature-limit 5 10 50
temperature-limit 6 10 65
#
dot1x
#
acl number 3001
rule 0 permit ip source 10.10.6.0 0.0.0.255 destination 192.168.0.0 0.0.0.255
rule 0 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.0.0 0.0.0.255
acl number 3002
rule 0 permit ip source 192.168.3.0 0.0.0.255
acl number 3003
rule 0 permit ip source 10.8.0.0 0.0.0.255
#
vlan 1
description bangong_and_server
#
vlan 2
description user_a
#
vlan 3
description user_b
#
vlan 4
description user_c
#
vlan 5
description user_d
#
interface Vlan-interface1
description bangong_and_server
ip address 192.168.0.254 255.255.255.0
#
interface Vlan-interface2
description user_a
ip address 192.168.1.254 255.255.255.0
#
interface Vlan-interface3
description user_b
ip address 192.168.2.254 255.255.255.0
#
interface Vlan-interface4
description user_c
ip address 192.168.3.254 255.255.255.0
#
interface Vlan-interface5
description user_d
ip address 10.8.0.254 255.255.255.0
#
interface Aux4/0/1
#
interface M-Ethernet4/0/0
#
interface GigabitEthernet3/1/1
description to_server-group
#
interface GigabitEthernet3/1/2
#
interface GigabitEthernet3/1/3
#
interface GigabitEthernet3/1/4
#
interface GigabitEthernet3/2/1
#
interface GigabitEthernet3/2/2
#
interface GigabitEthernet3/2/3
#
interface GigabitEthernet3/2/4
#
interface GigabitEthernet3/3/1
description to_waiwang1
#
interface GigabitEthernet3/3/2
description to_waiwang3
#
interface GigabitEthernet3/3/3
description to_waiwang3
#
interface GigabitEthernet3/3/4
#
interface GigabitEthernet6/1/1
port link-type trunk
port trunk permit vlan all
packet-filter inbound ip-group 3001 rule 0 system-index 1
packet-filter inbound ip-group 3001 rule 1 system-index 2
traffic-redirect inbound ip-group 3002 rule 0 system-index 3 next-hop 192.168.0.12
traffic-redirect inbound ip-group 3003 rule 0 system-index 4 next-hop 192.168.0.13
#
interface GigabitEthernet6/1/2
port link-type trunk
port trunk permit vlan all
packet-filter inbound ip-group 3001 rule 0 system-index 5
packet-filter inbound ip-group 3001 rule 1 system-index 6
traffic-redirect inbound ip-group 3002 rule 0 system-index 7 next-hop 192.168.0.12
traffic-redirect inbound ip-group 3003 rule 0 system-index 8 next-hop 192.168.0.13
#
interface GigabitEthernet6/1/3
port link-type trunk
port trunk permit vlan all
packet-filter inbound ip-group 3001 rule 0 system-index 9
packet-filter inbound ip-group 3001 rule 1 system-index 10
traffic-redirect inbound ip-group 3002 rule 0 system-index 11 next-hop 192.168.0.12
traffic-redirect inbound ip-group 3003 rule 0 system-index 12 next-hop 192.168.0.13
#
interface GigabitEthernet6/1/4
port link-type trunk
port trunk permit vlan all
packet-filter inbound ip-group 3001 rule 0 system-index 14
packet-filter inbound ip-group 3001 rule 1 system-index 15
traffic-redirect inbound ip-group 3002 rule 0 system-index 16 next-hop 192.168.0.12
traffic-redirect inbound ip-group 3003 rule 0 system-index 17 next-hop 192.168.0.13
#
interface GigabitEthernet6/2/1
#
interface GigabitEthernet6/2/2
#
interface GigabitEthernet6/2/3
#
interface GigabitEthernet6/2/4
#
interface GigabitEthernet6/3/1
#
interface GigabitEthernet6/3/2
#
interface GigabitEthernet6/3/3
#
interface GigabitEthernet6/3/4
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.0.11 preference 60
#
snmp-agent
snmp-agent local-engineid 80507DBD05757576F5DD55A46877
snmp-agent community write jsisaa
snmp-agent sys-info version all
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
user privilege level 3
set authentication password simple winsaaa
#
return
页:
[1]