Extreme交換機基礎配置命令

交換機根據工作位置的不同，可以分為廣域網交換機和局域網交換機。那麼你知道Extreme交換機嗎?Extreme交換機的基礎配置命令是什麼?下面跟yjbys小編一起來瞧瞧吧!

1.用户名和密碼配置

create account [admin | user] {encrypted} {}

configure account admin

配置

config ports auto off {speed [10 | 100 | 1000]} duplex [half | full] auto off

配置

無論是核心還是接入層，都要先創建三個Vlan，並且將所有歸於Default Vlan的端口刪除：

config vlan default del port all

create vlan Server

create vlan User

create vlan Manger

定義802.1q標記

config vlan Server tag 10

config vlan User tag 20

config vlan Manger tag 30

設定Vlan網關地址：

config vlan Server ipa

config vlan User ipa

config vlan Manger ipa 192.168.*.*/24

Enable ipforwarding 啟用ip路由轉發，即vlan間路由

Trunk 配置

config vlan Server add port 1-3 t

config vlan User add port 1-3 t

config vlan manger add port 1-3 t

配置

enable vrrp

configure vrrp add vlan UserVlan

configure vrrp vlan UserVlan add master vrid 10

configure vrrp vlan UserVlan authentication simple-password extreme

configure vrrp vlan UserVlan vrid 10 priority 200

configure vrrp vlan UserVlan vrid 10 advertisement-interval 15

configure vrrp vlan UserVlan vrid 10 preempt

5.端口鏡像配置

enable mirroring to port 3 #選擇3作為鏡像口

config mirroring add port 1 #把端口1的流量發送到3

config mirroring add port 1 vlan default #把1和vlan default的流量都發送到3

-channel配置

enable sharing grouping {port-based | address-based | round-robin}

配置

enable stpd

create stpd *

configure stpd add vlan {ports [dot1d | emistp | pvst-plus]}

configure stpd stpd1 priority 16384

configure vlan marketing add ports 2-3 stpd stpd1 emistp

中繼配置

enable bootprelay

config bootprelay add

中繼。bootp relay /dhcp relay 用於主機獲取它的IP地址，但是在一個高度需要安全的網絡中需要以更安全的方法配置它，比如通過udp-forwarding的方法來配置dhcp relay。disable bootprelay 以下是一個用udp-forwarding 代替enable bootrelay 的`配置例子。

create udp-profile backbonedhcp

config backbonedhcp add 67 ipaddress *

config user_vlan1 udp-profile backbonedhcp

配置

Enable nat #啟用nat

Static NAT Rule Example

config nat add out_vlan_1 map source to

Dynamic NAT Rule Example

config nat add out_vlan_1 map source to -

Portmap NAT Rule Example

config nat add out_vlan_2 map source to /28 both portmap

Portmap Min-Max Example

config nat add out_vlan_2 map source to tcp portmap 1024 - 8192

配置

enable ospf 啟用OSPF進程

create ospf area

創建OSPF區域

configure ospf routerid [automatic | ] 配置Routerid

configure ospf add vlan [ | all] area {passive} 把某個vlan加到某個Area中去，相當於Cisco中的network的作用

configure ospf area

add range [advertise | noadvertise] {type-3 | type-7}把某個網段加到某個Area中去，相當於Cisco中的network的作用

configure ospf vlan neighbor add

OSPF中路由重發布配置

enable ospf export direct [cost [ase-type-1 | ase-type-2] {tag } | ]

enable ospf export static [cost [ase-type-1 | ase-type-2] {tag } | ]

enable ospf originate-default {always} cost [ase-type-1 | ase-type-2] {tag }

enable ospf originate-router-id

配置

enable snmp access

enable snmp traps

create access-profile type [ipaddress | vlan]

config snmp access-profile readonly [ | none]配置snmp的只讀訪問列表，none是去除

config snmp access-profile readwrite [ | none] 這是控制讀寫控制

config snmp add trapreceiver {port } community {from } 配置snmp接收host和團體字符串

12.安全配置

disable ip-option loose-source-route

disable ip-option strict-source-route

disable ip-option record-route

disable ip-option record-timestamp

disable ipforwarding broadcast

disable udp-echo-server

disable irdp vlan

disable icmp redirect

disable web 關閉web方式訪問交換機

enable cpu-dos-protect

ss-Lists配置

create access-list icmp destination source

create access-list ip destination source ports

create access-list tcp destination source ports

create access-list udp destination source ports

14.默認路由配置

config iproute add default

15.恢復出廠值，但不包括用户改的時間和用户帳號信息

unconfig switch {all}

16.檢查配置

show version

show config

show session

show management 查看管理信息，以及snmp信息

show banner

show ports configuration

show ospf

show access-list { | port }

show access-list-monitor

show ospf area

show ospf area detail

show ospf ase-summary

show ospf interfaces {vlan | area }

unconfigure ospf {vlan | area }

17.備份和升級軟件

download image [ | ] {primary | secondary}

upload image [ | ] {primary | secondary}

use image [primary | secondary]

18.密碼恢復。

Extreme交換機在你丟失或忘記密碼後，需要重新啟動交換機，常按空格鍵，進入Bootrom模式，輸入“h”，選擇“d: Force Factory default configuration”清除配置文件，最後選擇“f: Boot on board flash”重新啟動後密碼會被清除掉。注意：恢復密碼後，以前的配置文件將會被清空。