Juniper - EX4200 - 中文配置手册全集详解

更新时间：2023-09-10 11:12:01 阅读量：教育文库文档下载

说明：文章内容仅供预览，部分内容可能不全。下载后的文档，内容与下面显示的完全一致。下载之前请确认下面内容是否您想要的，是否完整无缺。

juniper推荐度：
相关推荐

EX4200/3200交换机

命令配置手册

交换机基础知识 ........................................................................................................................................... 6 1.1 认识JUNIPER交换机 .......................................................................................................... 错误！未定义书签。 1.2 JUNOS操作系统基础 ........................................................................................................................................... 6 1.2.1 交换机配置模式 ......................................................................................................................................... 6 1.2.2 交换机配置结构 ......................................................................................................................................... 7 1.2.3 TAB和空格键的使用 ................................................................................................................................ 10 1.2.4 用户模式和配置模式show的区别 ......................................................................................................... 11 1.2.5 如何将配置转换成set命令 .................................................................................................................... 14 1.2.6 commit和rollback .................................................................................................................................... 14 1.3 EX交换机命令菜单结构 .................................................................................................................................. 16 2

操作指导 .................................................................................................................................................... 28 2.1 通过CONSOLE线连接交换机 ............................................................................................................................. 28 2.2 SYSTEM系统参数配置 ........................................................................................................................................ 30 2.2.1 设置root密码 .......................................................................................................................................... 30 2.2.2 设置主机名 ............................................................................................................................................... 30 2.2.3 设置DNS服务器 ...................................................................................................................................... 30 2.2.4 设置日期时间 ........................................................................................................................................... 31 2.2.5 设置NTP服务器....................................................................................................................................... 31 2.2.6 开启远程Telnet登陆服务 ....................................................................................................................... 31 2.2.7 开启远程Ftp服务 .................................................................................................................................... 31 2.2.8 开启远程ssh登陆 .................................................................................................................................... 32 2.2.9 开启远程http登陆服务 .......................................................................................................................... 32 2.2.10 添加/删除用户 ........................................................................................................................................ 32

2.2.10.1 添加用户 ............................................................................................................................................................ 32 2.2.10.2 修改用户类别 .................................................................................................................................................... 33 2.2.10.3 修改用户密码 .................................................................................................................................................... 33 2.2.10.4 删除用户 ............................................................................................................................................................ 33

2.2.11 用户权限设置 ......................................................................................................................................... 33 2.3 VLAN配置 ......................................................................................................................................................... 34 2.3.1 VLAN配置步骤 ......................................................................................................................................... 35 2.3.2 VLAN配置规范要求 ................................................................................................................................. 35 2.3.3 添加VLAN ................................................................................................................................................. 35 2.3.4 修改端口VLAN ......................................................................................................................................... 37 2.3.5 删除VLAN ................................................................................................................................................. 37 2.3.6 配置VLAN网关IP .................................................................................................................................... 38

第2页共78页

2.4 TRUNK配置 ......................................................................................................................................................... 38 2.4.1 Trunk配置步骤 ......................................................................................................................................... 38 2.4.2 如何设置Trunk ......................................................................................................................................... 38 2.4.3 允许/禁止VLAN通过Trunk ..................................................................................................................... 39 2.5 端口配置 ........................................................................................................................................................... 39 2.5.1 端口配置规范要求 ................................................................................................................................... 39 2.5.2 修改端口速率 ........................................................................................................................................... 39 2.5.3 修改端口工作模式 ................................................................................................................................... 39 2.5.4 修改端口为L3模式 ................................................................................................................................. 40 2.5.5 修改端口为L2模式 ................................................................................................................................. 40 2.6 生成树配置 ....................................................................................................................................................... 40 2.6.1 STP配置实例 ............................................................................................................................................ 41 2.6.2 RSTP配置实例 .......................................................................................................................................... 42 2.6.3 MSTP配置实例 ........................................................................................................................................ 45 2.7 端口捆绑 ........................................................................................................................................................... 48 2.7.1 端口捆绑步骤 ........................................................................................................................................... 48 2.7.2 L2端口捆绑 .............................................................................................................................................. 49 2.7.3 L3端口捆绑 .............................................................................................................................................. 50 2.8 ECMP负载均衡配置......................................................................................................................................... 50 2.9 路由协议配置 ................................................................................................................................................... 51 2.9.1 静态路由配置 ........................................................................................................................................... 51

2.9.1.1 添加静态路由 ...................................................................................................................................................... 51 2.9.1.2 删除静态路由 ...................................................................................................................................................... 52 2.9.1.3 调整静态路由优先值 .......................................................................................................................................... 52 2.9.1.4 设置备份静态路由 .............................................................................................................................................. 52 2.9.1.5 指定静态路由下一跳端口 .................................................................................................................................. 52

2.9.2 OSPF配置 .................................................................................................................................................. 52

2.9.2.1 OSPF配置步骤 ..................................................................................................................................................... 52 2.9.2.2 OSPF配置实例 ..................................................................................................................................................... 55 2.9.2.3 OSPF路由过滤 ..................................................................................................................................................... 57

2.10 端口镜像 ......................................................................................................................................................... 58 2.10.1 端口输入输出流量镜像 ......................................................................................................................... 58 2.10.2 带过滤条件的端口镜像 ......................................................................................................................... 59 2.11 端口MAC地址限制 ....................................................................................................................................... 60 2.12 端口广播风暴控制 ......................................................................................................................................... 60 2.13 VRRP配置 ....................................................................................................................................................... 60

第3页共78页

2.13.1 如何配置VRRP ....................................................................................................................................... 60 2.13.2 如何检查VRRP状态 .............................................................................................................................. 61 2.13.3 如何切换VRRP ....................................................................................................................................... 61 2.14 BFD配置 ......................................................................................................................................................... 61 2.14.1 OSPF中配置BFD .................................................................................................................................... 62 2.14.2 静态路由中配置BFD .............................................................................................................................. 62 2.15 交换机FIREWALL限制功能 .............................................................................................................................. 62 2.15.1 限制IP地 ................................................................................................................................................ 62 2.15.2 限制MAC地址 ....................................................................................................................................... 63 2.16 VIRTUAL-CHASSIS设置 ........................................................................................................................................ 63 2.17 VC知识............................................................................................................................................................ 64 2.17.1 如何建立VC组 ....................................................................................................................................... 65 2.17.2 如何扩充VC组交换机 ........................................................................................................................... 66 2.17.3 如何利用uplink链路组成VC ............................................................................................................... 67 2.17.4 如何对VC组进行切换 ........................................................................................................................... 69 2.18 SNMP配置 ...................................................................................................................................................... 69 2.19 SYSLOG配置 ...................................................................................................................................................... 70 2.20 MULTI-VRF配置 ................................................................................................................................................. 71 2.21 MULTI-VRF OSPF配置 ........................................................................................................................................ 72 3

交换机维护操作 ......................................................................................................................................... 72 3.1 交换机启动和关闭 ........................................................................................................................................... 73 3.1.1 重新启动 ................................................................................................................................................... 73 3.1.2 关闭 ........................................................................................................................................................... 73 3.2 配置备份和恢复 ............................................................................................................................................... 73 3.2.1 配置备份 ................................................................................................................................................... 73 3.2.2 配置恢复 ................................................................................................................................................... 74 3.3 如何升级交换机OS .......................................................................................................................................... 75 3.4 如何恢复出厂设置 ........................................................................................................................................... 75 3.5 密码恢复 ........................................................................................................................................................... 75 3.6 日常维护命令 ................................................................................................................................................... 77 3.6.1 查看序列号show chassis hardware ..................................................................................................... 77 3.6.2 查看硬件show chassis hardware ......................................................................................................... 77 3.6.3 查看软件版本show version ................................................................................................................... 77 3.6.4 查看CPU show chassis routing-engine ............................................................................................... 77 3.6.5 ping命令 ................................................................................................................................................... 77

第4页共78页

3.6.6 查看设备告警信息 show chassis alarms .............................................................................................. 77 3.6.7 查看详细的硬件温度及状态信息 show chassis environment ............................................................ 77 3.6.8 查看接口VRRP状态信息show vrrp ...................................................................................................... 77 3.6.9 收集CASE需要的信息request support information ............................................................................... 78 4

如何获取技术支持 ....................................................................................................... 错误！未定义书签。 4.1 技术资料获取 ................................................................................................................... 错误！未定义书签。 4.2 EX交换机故障技术支持流程 .......................................................................................... 错误！未定义书签。 4.2.1 故障申报流程 ........................................................................................................... 错误！未定义书签。

4.2.1.1 传真/电话申报..................................................................................................................... 错误！未定义书签。 4.2.1.2 邮件申报 .............................................................................................................................. 错误！未定义书签。 4.2.1.3 网上申报 .............................................................................................................................. 错误！未定义书签。

4.2.2 CASE客户网上处理指南 .......................................................................................... 错误！未定义书签。

4.2.2.1 网上登录 .............................................................................................................................. 错误！未定义书签。 4.2.2.2 更改密码 .............................................................................................................................. 错误！未定义书签。 4.2.2.3 新建CASE ............................................................................................................................. 错误！未定义书签。 4.2.2.4 更新CASE信息/上传附件................................................................................................... 错误！未定义书签。 4.2.2.5 更改CASE故障信息 ............................................................................................................ 错误！未定义书签。 4.2.2.6 重开CASE ............................................................................................................................. 错误！未定义书签。 4.2.2.7 CASE统计 ............................................................................................................................. 错误！未定义书签。

第5页共78页

1 交换机基础知识

1.1 Junos操作系统基础

Juniper交换机支持两种配置方式：采用命令行的CLI(command-line interface)配置方式，以及采用web浏览器界面JWeb配置方式。本指导书主要是采用命令行的配置方式。

交换机配置可以采用console终端配置方式，也可以采用远程telnet方式进行配置，第一次配置的时候必须采用console方式，然后在交换机上打开telnet服务并且配置网络IP地址以及设置用户名和密码，然后才可以进行远程telnet配置。系统初始化用户名是root，密码是空。

1.1.1 交换机配置模式

CLI有两种模式：用户模式和配置模式，用户模式的提示符是>,配置模式的提示符是#，在数用户模式下输入configure或者edit可以进入配置模式：用户模式:

lab@EX4200>

#用户模式

在用户模式下可以显示交换机的配置、端口状态、路由信息等。登录到交换机上即进入交换机的用户模式：

Example: login: EX42 Password: lab@EX4200>

配置模式:

lab@EX4200#

#配置模式

通过在用户模式使用edit命令或者configure命令进入配置模式： Example: lab@EX4200> edit

第6页共78页

Entering configuration mode

{master}[edit] lab@EX4200# Example: lab@EX4200> configure Entering configuration mode

{master}[edit] lab@EX4200#

1.1.2 交换机配置结构

Juniper交换机的配置是一种层次化的配置模式，如下图所示：第一层次protocols协议层里面，可以包含bgp、isis和ospf等第二层次参数配置，而ospf层次里面，又可以定义第三层参数，比如area和traceoptions等，area下面又可以定义interface、area-range等第四层参数，而dead-interval、hello-interval等第五层参数则属于第四层interface下面的参数。

由于是层次化结构，因此配置一个参数有两种方式，一是在最外层使用一条set命令将所有层

的参数一次写完，另外一种方式是利用edit逐层进入需要配置参数的层次，然后用set命令直接设置参数。例如要在ospf协议area 0中将interface ge-0/0/1.0的hello-interval时间设置为10秒，那么可以有两种设置方式: 方法一：

lab@EX4200# set protocols ospf area 0 interface ge-0/0/1.0 hello-interval 10 方法二：

第7页共78页

lab@EX4200# edit protocols

[edit protocols] lab@EX4200# edit ospf

[edit protocols ospf] lab@EX4200# edit area 0

[edit protocols ospf area 0.0.0.0] lab@EX4200# edit interface ge-0/0/1.0

[edit protocols ospf area 0.0.0.0 interface ge-0/0/1.0] lab@EX4200# set hello-interval 10

[edit protocols ospf area 0.0.0.0 interface ge-0/0/1.0] lab@EX4200#

在edit这种方式中，exit可以退回上一次用edit进入以前的层，直接输入top则退回最上层： lab@EX4200# edit protocols

[edit protocols] lab@EX4200# edit ospf

[edit protocols ospf] lab@EX4200# exit

[edit protocols] lab@EX4200#

分两次输入edit进入ospf，最后输入exit退回protols那层。

lab@EX4200# edit protocols ospf

[edit protocols ospf] lab@EX4200# exit

第8页共78页

[edit] lab@EX4200#

分一次edit进入ospf，最后输入exit退回最外层.

lab@EX4200# edit protocols

[edit protocols] lab@EX4200# edit ospf

[edit protocols ospf] lab@EX4200# top [edit] lab@EX4200#

输入top直接退出到最外层。

另外，juniper的配置参数有些可以一次写几个，比如要一次配置ospf的hello-time和dead-time可以按照下面写法：

lab@EX4200# set protocols ospf area 0 interface ge-0/0/1.0 hello-interval 10 dead-interval 10

输入以上命令之后，交换机的配置如下：

protocols { ospf {

area 0.0.0.0 {

interface ge-0/0/1.0 { hello-interval 10; } }

}

第9页共78页

}

注意:如果不知道一条命令里面后面是否还可以跟其它配置参数，那么最好使用 ? 帮助一下：

lab@EX4200# set protocols ospf area 0 interface ge-0/0/1.0 hello-interval 10 ? Possible completions:

<[Enter]> Execute this command

+ apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups > authentication

> bfd-liveness-detection Bidirectional Forwarding Detection options dead-interval Dead interval (seconds) (1..65535) demand-circuit Interface functions as a demand circuit disable Disable OSPF on this interface interface-type Type of interface

ipsec-sa IPSec security association name

> ldp-synchronization Advertise maximum metric until LDP is operational metric Interface metric (1..65535) > neighbor NBMA neighbor

no-neighbor-down-notification Don't inform other protocols about neighbor down events

> passive Do not run OSPF, but advertise it

poll-interval Poll interval for NBMA interfaces (1..65535) priority Designated router priority (0..255)

retransmit-interval Retransmission interval (seconds) (1..65535) te-metric Traffic engineering metric (1..65535) transit-delay Transit delay (seconds) (1..65535) | Pipe through a command [edit]

1.1.3 TAB和空格键的使用

交换机JUNOS命令配置中，可以使用TAB键和空格键来进行参数的补全，在补全系统参数中两个键的作用是一样的，例如：

第10页共78页

lab@EX4200# set pro <-输入TAB键或者空格键，则会补全protocols lab@EX4200# set protocols

而对于用户自己定义的参数，则只能用TAB来补全，比如我们定义了一个Test_Policy_1的策略，要在ospf中配置时可以使用？来显示：

lab@EX4200# set protocols ospf export ? Possible completions:

Export policy ( Open an expression Test_Policy_1

[ Open a set of values [edit]

也可以直接输入T之后按TAB键来补全，而此时按空格键则无法补全：

lab@EX4200# set protocols ospf export T <-输入TAB键，则会补全Test_Policy_1 lab@EX4200# set protocols ospf export Test_Policy_1

1.1.4 用户模式和配置模式show的区别

在用户模式下，是无法进行配置操作的，而只能查看系统的一些参数。所以用户模式下的show命令是查看系统参数。要看系统配置则使用show configure命令。例如用户模式下show interface是查看端口信息： lab@EX4200> show interfaces

Physical interface: ge-0/0/1, Enabled, Physical link is Up Interface index: 142, SNMP ifIndex: 31

Link-level type: Ethernet, MTU: 1518, Speed: 100mbps, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled

Device flags : Present Running

Interface flags: SNMP-Traps Internal: 0x4000

CoS queues : 4 supported, 4 maximum usable queues

Current address: 00:05:85:dc:cc:db, Hardware address: 00:05:85:dc:cc:db Last flapped : 2007-06-29 20:37:17 HKT (1w2d 00:31 ago) Input rate : 280 bps (0 pps)

第11页共78页

Output rate : 1280 bps (1 pps) Active alarms : None Active defects : None

Logical interface ge-0/0/1.0 (Index 83) (SNMP ifIndex 71)

Flags: SNMP-Traps 0x4000 VLAN-Tag [ 0x8100.33 ] Encapsulation: ENET2 Input packets : 0 Output packets: 0 Protocol inet, MTU: 1500 Flags: None lab@EX4200>

而在配置下show命令是显示相关的配置，比如show interface则是显示interface部分的配置：

lab@EX4200# show interfaces ge-0/0/1 { unit 0 {

family ethernet-switching vlan members 10 ; family inet; } }

[edit] lab@EX4200#

因此说用户模式和配置模式下的show命令是不同的，如果要在配置模式下运行用户模式命令，则需要在命令前面加一个run

lab@EX4200# run show interfaces

Physical interface: ge-0/0/1, Enabled, Physical link is Up Interface index: 142, SNMP ifIndex: 31

第12页共78页

Link-level type: Ethernet, MTU: 1518, Speed: 100mbps, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled

Device flags : Present Running

Interface flags: SNMP-Traps Internal: 0x4000

CoS queues : 4 supported, 4 maximum usable queues

Current address: 00:05:85:dc:cc:db, Hardware address: 00:05:85:dc:cc:db Last flapped : 2007-06-29 20:37:17 HKT (1w2d 00:36 ago) Input rate : 792 bps (0 pps) Output rate : 672 bps (0 pps) Active alarms : None Active defects : None

Logical interface ge-0/0/1.0 (Index 83) (SNMP ifIndex 71)

Flags: SNMP-Traps 0x4000 VLAN-Tag [ 0x8100.33 ] Encapsulation: ENET2 Input packets : 0 Output packets: 0 Protocol inet, MTU: 1500 Flags: None

[edit] lab@EX4200#

lab@EX4200# run ping 172.27.69.8

PING 172.27.69.8 (172.27.69.8): 56 data bytes

64 bytes from 172.27.69.8: icmp_seq=0 ttl=64 time=5.118 ms 64 bytes from 172.27.69.8: icmp_seq=1 ttl=64 time=7.949 ms 64 bytes from 172.27.69.8: icmp_seq=2 ttl=64 time=7.018 ms ^C

--- 172.27.69.8 ping statistics ---

3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 5.118/6.695/7.949/1.178 ms

第13页共78页

[edit] lab@EX4200#

lab@EX4200# run ping 172.27.69.8命令等同于lab@EX4200> ping 172.27.69.8

1.1.5 如何将配置转换成set命令

在配置模式下使用show或者在用户模式下使用show configure命令，输出结果是“程序化”的配置，这样的配置并不能直接粘贴到另外一台交换机上，不过可以在show后面使用管道符号加上display set将其转换成set格式命令，然后可以直接粘贴到其它交换机上：

lab@EX4200# show protocols ospf export Test_Policy_1; area 0.0.0.0 {

interface ge-0/0/1.0 { hello-interval 10; } } [edit]

lab@EX4200# show protocols ospf | display set set protocols ospf export Test_Policy_1

set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 hello-interval 10 [edit] lab@EX4200#

1.1.6 commit和rollback

在cisco中只要输入命令，回车之后命令马上生效，因为我们修改的就是系统正在使用的running-config配置文件。而在JUNOS中完全不同，我们操作(增加、删除、修改)的那份配置文件

第14页共78页

只是一个候选文件(candidate configure)，并不是正在运行的配置文件，只有将候选文件通过commit提交之后，配置才会真正的应用到当前系统使用的active配置文件中，从而使得修改的配置生效。

为了检查配置是否有错，可以在commit之前使用commit check来对配置进行语法检查。为了避免提交时出错，建议不要同时两个人修改配置。

如果提交之后，可以使用rollback进行回滚，rollback 1回滚上一次提前之前的配置，rollback 2则是回滚上2次提交之前的配置：

lab@EX4200# show system host-name host-name EX4200; [edit]

lab@EX4200# set system host-name R1 [edit]

lab@EX4200# commit commit complete [edit]

lab@EX4200# show system host-name

第15页共78页

host-name EX4200; [edit]

lab@EX4200# rollback 1 load complete [edit]

lab@EX4200# show system host-name host-name EX4200; [edit]

lab@EX4200# commit commit complete [edit] lab@EX4200#

1.2 EX交换机命令菜单结构

vlans {

vlan-name { //vlan名字，自定义，下面所有参数都是针对该vlan

mac-limit action; //设置vlan允许的最大mac description text-description; //vlan描述

filter input filter-name; //设置VLAN输入流量过滤条件 filter output filter-name; //设置VLAN输出流量过滤条件

l3-interface vlan.logical-interface-number; //将vlan绑定到L3的vlan子端口 mac-table-aging-time seconds; //设置vlan 的mac表生存时间 vlan-id number;

//设置vlan id

vlan-range vlan-id-low-vlan-id-high; //同时创建多个vlan }

}

第16页共78页

chassis {

aggregated-devices { ethernet {

device-count number; //设置聚合端口数量，范围是0-64

} }

}

interfaces {

ae-x {

aggregated-ether-options { //设置聚合端口参数 lacp mode { //设置lacp模式

periodic fast/slow; //设置lacp包发送间隔时间，选择fast则隔1秒发送，选择 //slow每隔30秒发送

} } }

ge-chassis/pic/port { //设置ge端口参数 description text; //设置描述 ether-options { //ether-options参数 802.3ad aex; //指定加入的聚合端口 auto-negotiation; //自动协商 flow-control; //流控制

link-mode mode; //设置端口工作模式

speed (speed | auto-negotiation | no-autonegotiation); //设置端口速率 }

mtu bytes; //设置端口MTU值，默认是1514 unit logical-unit-number { //设置逻辑单元参数

第17页共78页

family ethernet-switching { //设置L2参数

filter input filter-name; //设置二层输入包过滤条件 filter output filter-name; //设置二层输出包过滤条件

l3-interface interface-name-logical-unit-number; //在Trunk端口模式下设置允许通过的

//L3端口流量

native-vlan-id vlan-id //指定navite vlan id

port-mode mode; //设置端口L2工作模式，为Trunk或者access模式 vlan {

members [ (names | vlan-ids) ]; //设置端口属于哪个VLAN或者允许哪些VLAN通过 } }

vlan-id vlan-id-number; //仅对GE或者ae端口有效，范围是1 t到 4094 }

vlan-tagging; //设置端口为vlan-tagging }

}

protocols {

dot1x { authenticator {

authentication-profile-name access-profile-name; static {

mac-address {

vlan-assignment (vlan-id |vlan-name); interface interface-names; } }

interface (all | interface-name) { disable;

guest-vlan (vlan-name | vlan-id);

第18页共78页

maximum-requests seconds; no-reauthentication; quiet-period seconds; reauthentication {

interval seconds; }

retries number; server-timeout seconds;

supplicant (single | single-secure | multiple); supplicant-timeout seconds; transmit-period seconds; } } gvrp {

;

interface (all | [interface-name]) {

disable; }

join-timer millseconds; leave-timer milliseconds; leaveall-timer milliseconds; }

igmp-snooping { traceoptions {

file filename

regex>;

flag flag (detail | disable | receive | send);

第19页共78页

}

vlan (vlan-id | vlan-number { disable {

Interface interface-name }

immediate-leave; interface interface-name { multicast-router-interface; static {

group ip-address; } }

query-interval seconds;

query-last-member-interval seconds; query-response-interval seconds; robust-count number; } }

lldp { //设置链路层自动检测协议(Link Layer Detection Protocol) disable;

advertisement-interval seconds; hold-multiplier number; interface (all | interface-name) {

disable; }

traceoptions {

file filename

regex>;

flag flag (detail | disable | receive | send);

第20页共78页

set interfaces ge–0/0/2 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/3 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/3 unit 0 family ethernet-switching port-mode trunk

set protocols mstp configuration-name region1 //设置MSTP MSI set protocols mstp bridge-priority 16k //设置Mstp的优优先值 set protocols mstp interface ge-0/0/1.0 cost 1000 //设置Mstp端口权值 set protocols mstp interface ge-0/0/1.0 mode point-to-point set protocols mstp interface ge-0/0/2.0 cost 1000

set protocols mstp interface ge-0/0/2.0 mode point-to-point set protocols mstp interface ge-0/0/3.0 cost 1000

set protocols mstp interface ge-0/0/3.0 mode point-to-point set protocols mstp msti 1 bridge-priority 16k set protocols mstp msti 1 vlan [10 20]

set protocols mstp msti 1 interface ge-0/0/3.0 cost 4000 set protocols mstp msti 2 bridge-priority 8k set protocols mstp msti 2 vlan [30 40]

2．在S2交换机上创建VLAN并且配置交换机端口VLAN和Trunk和MSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan—id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

set interfaces ge–0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk

set protocols mstp configuration-name region1 set protocols mstp bridge-priority 32k

第46页共78页

set protocols mstp interface ge-0/0/1.0 cost 1000

set protocols mstp interface ge-0/0/1.0 mode point-to-point set protocols mstp interface ge-0/0/2.0 cost 1000

set protocols mstp interface ge-0/0/2.0 mode point-to-point set protocols mstp msti 1 bridge-priority 32k set protocols mstp msti 1 vlan [10 20] set protocols mstp msti 2 bridge-priority 4k set protocols mstp msti 2 vlan [30 40]

3．在S3交换机上创建VLAN并且配置交换机端口VLAN和Trunk和MSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan-id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan—id 40

set interfaces ge–0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/2 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces 0/0/3 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/24 unit 0 family ethernet-switching port-mode trunk

set protocols mstp configuration-name region1 set protocols mstp bridge-priority 8k

set protocols mstp interface ge-0/0/1.0 cost 1000

set protocols mstp interface ge-0/0/1.0 mode point-to-point set protocols mstp interface ge-0/0/2.0 cost 1000

set protocols mstp interface ge-0/0/2.0 mode point-to-point set protocols mstp interface ge-0/0/24.0 cost 1000

set protocols mstp interface ge-0/0/24.0 mode point-to-point set protocols mstp msti 1 bridge-priority 4k set protocols mstp msti 1 vlan [10 20] set protocols mstp msti 2 bridge-priority 16k set protocols mstp msti 2 vlan [30 40]

4．在S4交换机上创建VLAN并且配置交换机端口VLAN和Trunk和MSTP协议

第47页共78页

set vlans voice–vlan description “Voice VLAN\ set vlans voice-vlan vlan–id 10

set vlans employee—vlan description “Employee VLAN\ set vlans employee—vlan vlan—id 20

set vlans guest—vlan description “Guest VLAN\ set vlans guest—vlan vlan—id 30

set vlans camera—vlan description “Camera VLAN\ set vlans camera—vlan vlan—id 40

set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge-00/0/2 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge—0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge—00/0/2 unit 0 family ethernet-switching port-mode trunk

set protocols mstp configuration-name region1 set protocols mstp bridge-priority 16k

set protocols mstp interface ge—0/0/1.0 cost 1000

set protocols mstp interface ge—0/0/1.0 mode point-to-point set protocols mstp interface ge—00/0/2.0 cost 1000

set protocols mstp interface ge—00/0/2.0 mode point-to-point set protocols mstp msti 1 bridge-priority 16k set protocols mstp msti 1 vlan [10 20] set protocols mstp msti 2 bridge-priority 32k set protocols mstp msti 2 vlan [30 40]

2.7 端口捆绑

EX交换机最多可以进行8条链路的捆绑，捆绑之后端口可以成为二层的，也可以成为三层端口。捆绑之后多条链路进行流量负载分担，EX支持三层和四层的负载分担算法，源IP地址、目的IP地址、源端口和目的端口都会作为计算元素参与分担的Hash算法。

注意：在需要捆绑的端口不能设置link-mode工作模式，如果已经设置了，需要使用delete命令删除，否则commit提交会失败。

2.7.1 端口捆绑步骤

(1) 设置聚合端口数量，让系统产生聚合端口。当使用下面命令之后，系统会产生2个名字为

ae0和ae1的聚合端口。device-count最多可以支持64个，如果先长生一个ae0，以后再修改device-count多产生几个ae端口，这对已经存在的ae0没有影响。

第48页共78页

set chassis aggregated-devices ethernet device-count 2 （2表示支持2个聚合口） (2) 删除需要捆绑的端口参数，然后设置需要捆绑的速率。

delete interfaces ge-0/0/1 unit 0这个命令就可以把ge-0/0/1的unit 0后面的参数删除了，例如后面的family ethernet-switching和family inet都删除了。

备注：在做捆绑的时候先执行上面的命令把端口下的配置都删掉，否则会报错，举例； root@Backup-3-6-5-1-J3300-10.195.3.200.SHHP# commit [edit interfaces xe-0/1/1] 'unit 0'

logical unit is not allowed on aggregated links error: configuration check-out failed

{master:0}[edit]

(3) 将需要捆绑的端口加入到指定的ae聚合端,例如下面将ge-0/0/1和ge-0/0/2捆绑到一

起，绑定到ae0聚合端口

set interfaces ge-0/0/1 ether-options 802.3ad ae0 set interfaces ge-0/0/2 ether-options 802.3ad ae0

(4) 将端口绑定之后，ae聚合端口就相当于是普通端口一样，可以设置为VLAN端口或者3层

端口了

2.7.2 L2端口捆绑

set chassis aggregated-devices ethernet device-count 2 //设置系统生成聚合端口数量，最大为128 delete interfaces ge-0/0/1 unit 0 //删除端口L2和L3参数 delete interfaces ge-0/0/2 unit 0 set interfaces ge-0/0/1 speed 1g //设置端口速率 set interfaces ge-0/0/2 speed 1g set interfaces ge-0/0/1 ether-options 802.3ad ae0 set interfaces ge-0/0/2 ether-options 802.3ad ae0 set interfaces ae0 unit 0 family ethernet-switching //设置聚合端口L2模式 set interfaces ae0 unit 0 family ethernet-switching port-mode access //设置为vlan模式 set interfaces ae0 unit 0 family ethernet-switching vlan members 10 //设置为vlan 10

第49页共78页

2.7.3 L3端口捆绑

set chassis aggregated-devices ethernet device-count 2 //设置系统生成聚合端口数量，最大为128 delete interfaces ge-0/0/1 unit 0 //删除端口L2和L3参数 delete interfaces ge-0/0/2 unit 0 set interfaces ge-0/0/1 speed 1g //设置端口速率 set interfaces ge-0/0/2 speed 1g set interfaces ge-0/0/1 ether-options 802.3ad ae0 set interfaces ge-0/0/2 ether-options 802.3ad ae0 set interfaces ae0 unit 0 family inet address 1.1.1.1/24 //设置聚合端口L3地址 2.8 ECMP负载均衡配置

EX交换机支持ECMP(Equal-Cost MultiPath)，最多支持8条等价路由负载均衡。通常在EX上配置ECMP，是将多个端口修改成三层模式，然后配置端口IP地址，设置静态路由指向多个等价下一跳。ECMP是根据源IP地址、目的IP地址，源端口，目的端口，以及协议来计算Hash值，根据hash值来选择路由的下一条实现负载均衡。设置步骤如下： (1) 设置多条等价路由

(2) 创建load-banlance policy

(3) 将load-banlance policy应用到转表中例子：

SW1和SW2设置了4条链路，现在要在SW1上设置4条到192.168.1.0/24网段的等价路由，然后实现ECMP负载均衡。

第50页共78页

}

transmit-delay seconds; }

lldp-med { disable;

fast-start number;

interface (all | interface-name) { disable; location { elin number; civic-based { what number; country-code code; ca-type {

number {

ca-value value; } } } } } } mstp { disable;

bpdu-block-on-edge; bridge-priority priority; configuration-name name; forward-delay seconds; hello-time seconds;

第21页共78页

interface (all | interface-name) {

disable;

bpdu-timeout-action { block; alarm; } cost cost; edge; mode mode; no-root-port; priority priority; }

max-age seconds; max-hops hops; msti msti-id {

vlan (vlan-id | vlan-name); interface interface-name {

disable; cost cost; edge; mode mode; priority priority;

} }

revision-level revision-level; traceoptions {

第22页共78页

file filename ; flag flag; } } rstp { disable;

bpdu-block-on-edge; bridge-priority priority; forward-delay seconds; hello-time seconds;

interface (all | interface-name) {

disable;

bpdu-timeout-action { block; alarm; } cost cost; edge; mode mode; no-root-port; priority priority; }

max-age seconds; }

traceoptions {

file filename ;

第23页共78页

flag flag; } stp { disable;

bridge-priority priority; forward-delay seconds; hello-time seconds;

interface (all | interface-name) {

disable;

bpdu-timeout-action {

block; alarm; } cost cost; edge; mode mode; no-root-port; priority priority; }

max-age seconds; }

traceoptions {

file filename ; flag flag; }

}

第24页共78页

ethernet-switching-options {

analyzer {

name {

loss-priority priority; ratio number; input {

ingress {

interface (all | interface-name); vlan (vlan-id | vlan-name); } egress {

interface (all | interface-name); } output {

interface interface-name; vlan (vlan-id | vlan-name); } } }

bpdu-block {

interface (all | [interface-name]); disable-timeout timeout; }

redundant-trunk-group { group-name name {

interface interface-name ; } }

secure-access-port {

interface (all | interface-name) {

allowed-mac {

mac-address-list;

第25页共78页

}

(dhcp-trusted | no-dhcp-trusted ); mac-limit limit action action; static-ip ip-address { vlan vlan-name; mac mac-address; } }

vlan (all | vlan-name) {

(arp-inspection | no-arp-inspection ); (examine-dhcp | no-examine-dhcp ); (ip-source-guard | no-ip-source-guard); mac-move-limit limit action action; } }

storm-control {

interface (all | interface-name) { level level; no-broadcast; no-unknown-unicast; } }

traceoptions {

file filename ; flag flag ; } voip {

interface (all | [interface-name | access-ports]) { vlan vlan-name ;

第26页共78页

forwarding-class ; } }

} firewall {

family family-name { filter filter-name { term term-name { from {

match-conditions;

} then {

action;

action-modifiers;

} } } }

policer policer-name { if-exceeding { bandwidth-limit bps; burst-size-limit bytes; } then {

policer-action;

} }

} snmp {

rmon {

history index {

第27页共78页

bucket-size number; interface interface-name; interval seconds; owner owner-name; } }

}

virtual-chassis {

mac-persistence-timer seconds; preprovisioned; member member-id { mastership-priority number; no-management-vlan; serial-number; role; }

traceoptions {

file filename

regex>;

flag flag ; }

}

2 操作指导

2.1 通过console线连接交换机

第28页共78页

使用下面的步骤连接路由器的Console接口：

1. 准备好EX交换机设备自带的Console线缆(如果没有的话，采用Cisco或者安耐

特等厂家的Console线也可可以)

2. 将Console线缆的DB9插头一头插到PC或者笔记本电脑的COM口上，另外一

端插到路由器的CONSOLE口上。

3. 打开计算机中的终端软件工具。例如：CRT或者Windows自带的超级终端。设置

如下：

? 端口：选择第二步中Console线缆插入到PC上的端口，通常为COM 1或者

COM 2 ? 波特率：9600 ? 数据位：8位 ? 奇偶校验：无 ? 停止位：1位 ? 数据流控制：无

4. 打开配置到的CRT或者超级终端，按“Enter”键，屏幕出现登陆的提示符，即

连接成功。如果没有显示，请检查线缆或者终端的配置是否正确。

第29页共78页

2.2 system系统参数配置

system是属于EX交换机基本配置部分，在进行其它配置之前需要先完成该部分内容配置，主要配置工作如下： (1) 设置root密码 (2) 设置主机名 (3) 设置日期时间 (4) 添加用户

(5) 开启ssh/telnet/http服务 (6) 设置DNS（可选配置） (7) 分配新的用户权限(可选配置) (8) 设置NTP服务器(可选配置)

2.2.1 设置root密码

交换机初始化用户名是root是没有密码的，在进行commit之前必须修改root密码。修改root密码命令：

set system root-authentication plain-text-password New password: Retype new password: 2.2.2 设置主机名

设置命令：

set system host-name EX4200-1 //EX4200-1为主机名 2.2.3 设置DNS服务器

设置命令：

set system name-server 192.168.1.1 删除命令：

delete system name-server 192.168.1.1 第30页共78页

2.2.4 设置日期时间

设置命令：

set system time-zone Asia/Shanghai //设置时区 set date 200810301407.00 //设置时间，在用户模式下配置，YYYYMMDDhhmm.ss格式

2.2.5 设置NTP服务器

设置命令：

set system ntp server 192.168.1.1 //设置NTP服务器地址 set system ntp authentication-key 1 type md5 value \设置NTP认证key set system ntp source-address 192.168.1.254 //设置NTP数据发送源IP地址

删除命令： delete system ntp

2.2.6 开启远程Telnet登陆服务

? 说明：在默认缺省配置下，EX交换机只是开放了http远程登陆方式，因此如果想通过

telnet登陆到交换机上，必须在系统中打开telnet服务。设置命令：

set system services telnet

删除命令：

delete system services telnet 2.2.7 开启远程Ftp服务

? 说明：在默认缺省配置下，EX交换机只是开放了http远程登陆方式，因此如果想通过

ftp上传文件，例如OS或者配置到交换机上，必须在系统中打开ftp服务。

设置命令：

第31页共78页

set system services ftp

删除命令：

delete system services ftp

2.2.8 开启远程ssh登陆

? 说明：如果想通过更加安全的ssh登陆到交换机，需要在交换机上打开ssh服务。

设置命令：

set system services ftp

删除命令：

delete system services ftp

2.2.9 开启远程http登陆服务

? 说明：在默认缺省配置下，EX交换机已经开放了http远程登陆方式。设置命令：

set system services web-management http

删除命令：

delete system services web-management http

2.2.10 添加/删除用户

2.2.10.1 添加用户

set system login user EX42 class super-user //添加EX42用户为超级用户类别 set system login user EX42 authentication plain-text-password //设置EX42密码

第32页共78页

New password: Retype new password:

2.2.10.2 修改用户类别

set system login user EX42 class read-only //修改EX42用户为只读用户用户类别分为：

operator permissions [ clear network reset trace view ] read-only permissions [ view ] super-user permissions [ all ] unauthorized permissions [ none ]

2.2.10.3 修改用户密码

set system login user EX42 class read-only //修改EX42用户为只读用户 2.2.10.4 删除用户

delete system login user EX42 //删除EX42用户

2.2.11 用户权限设置

? 先创建一个新的用户类别，指定该用户类别具有的权限

set system login class EX42_class permissions view //添加EX42_class具有view权限 //下面命令添加EX42_class具有configure权限 set system login class EX42_class permissions configure set system login class EX42_class idle-timeout 10 //设置登陆idle-time为10分钟权限列表可以选择：

access Can view access configuration access-control Can modify access configuration admin Can view user accounts admin-control Can modify user accounts

第33页共78页

all All permission bits turned on clear Can clear learned network info configure Can enter configuration mode control Can modify any config field Can use field debug commands firewall Can view firewall configuration firewall-control Can modify firewall configuration floppy Can read and write the floppy flow-tap Can view flow-tap configuration flow-tap-control Can modify flow-tap configuration flow-tap-operation Can tap flows

interface Can view interface configuration interface-control Can modify interface configuration maintenance Can become the super-user network Can access the network

reset Can reset/restart interfaces and daemons rollback Can rollback to previous configurations routing Can view routing configuration routing-control Can modify routing configuration secret Can view secret statements secret-control Can modify secret statements security Can view security configuration security-control Can modify security configuration shell Can start a local shell

snmp Can view SNMP configuration snmp-control Can modify SNMP configuration system Can view system configuration system-control Can modify system configuration trace Can view trace file settings trace-control Can modify trace file settings view Can view current values and statistics

view-configuration Can view all configuration (not including secrets) ? 新建/修改用户并指定该用户类别为刚才创建的类别：

set system login user EX42 class EX42_class //设置用户为新建用户类别 2.3 VLAN配置

第34页共78页

VLAN是交换机最重要的一个功能。EX交换机关于VLAN配置的菜单有三层，首先是vlans菜单层次，在vlans（通过edit vlans可以进入vlans菜单里面）里面可以创建vlan，而创建vlan的时候可以指定名字和vlan id。

在EX端口下面，可以指定该端口属于哪个VLAN。

EX交换机支持三层功能，如果要在交换机上配置三层VLAN 网关，需要先创建一个vlan interface子端口，然后将这个只端口和VLAN号关联起来. interfaces vlan是EX的三层端口，而不同VLAN通过不同的unit xx子端口来产生(xx为子端口号)，子端口号最好能跟VLAN号统一起来。(例如 interface vlan.100表示interface vlan unit 100,类似于cisco的interface vlan100)

2.3.1 VLAN配置步骤

如果创建一个名字为EX42_vlan的VLAN 10，并且网关设置为192.168.1.1/24,ge-0/0/1属于该VLAN。步骤：

(1) 创建一个VLAN，指定VLAN名称和ID号

set vlans “EX42_vlan” vlan id 10

(2) 将交换机端口修改为access模式加入到新创建的VLAN中

set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode access set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10 (3) 创建3层VLAN子端口，并且将子端口和VLAN关联： set interfaces vlan unit 10 family inet address 192.168.1.1/24 set vlans vlan l3-interface vlan.10 //vlan子端口和VLAN对应起来

2.3.2 VLAN配置规范要求

(1) 指定VLAN名称

(2) 设置端口VLAN的时候指定端口为access模式

(3) 设置interface vlan子端口的时候，unit子端口号要跟vlan id一致。

2.3.3 添加VLAN

? 创建vlan

set vlans “EX42_vlan” vlan id 10 //创建vlan id 为10，名字为 EX42_vlan

第35页共78页

set vlans juniper_vlan vlan-id 20 ? 将端口加入到指定vlan

//下面命令修改ge-0/0/1端口模式为access模式 set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode access //下面命令将vlan加入到端口 set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10 set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members 20 或者 set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members “EX42_vlan” ? Vlan检查命令 show vlans show ethernet-switching interfaces 输出例子： lab@EX4200-1# run show vlans Name Tag Interfaces default

ge-0/0/7.0*, ge-0/0/14.0*, ge-0/0/17.0, ge-0/0/18.0, ge-0/0/19.0, ge-0/0/20.0,

ge-0/0/21.0, ge-0/0/22.0, ge-0/0/23.0

juniper_vlan 20 ge-0/0/2.0 EX42_vlan 10 ge-0/0/1.0 mgmt

bme0.32769 [edit]

第36页共78页

lab@EX4200-1#

lab@EX4200-1> show ethernet-switching interfaces Interface State VLAN members Blocking bme0.32769 down mgmt unblocked ge-0/0/7.0 up default unblocked ge-0/0/14.0 up default unblocked ge-0/0/17.0 down default unblocked ge-0/0/18.0 down default unblocked ge-0/0/19.0 down default unblocked ge-0/0/20.0 down default unblocked ge-0/0/21.0 down default unblocked ge-0/0/22.0 down default unblocked ge-0/0/23.0 down default unblocked ge-1/0/1.0 down EX42_vlan unblocked ge-1/0/2.0 down juniper_vlan unblocked [edit]

lab@EX4200-1#

2.3.4 修改端口VLAN

? 将端口加入到指定vlan

//下面命令修改ge-0/0/1端口模式为access模式 set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode access //下面命令将ge-0/0/1修改为vlan 10 或者EX42_vlan set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10 或者 set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members “new_vlan” 2.3.5 删除VLAN

? 1.删除端口vlan

delete interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode access //下面命令将ge-0/0/1加入到vlan 10 或者EX42_vlan delete interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10

第37页共78页

或者 delete interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members “EX42_vlan” ? 2.删除vlan对应的L3子端口 delete vlans vlan l3-interface vlan.10 ? 3.接着删除vlan配置 delete vlans “EX42_vlan” 2.3.6 配置VLAN网关IP

set vlans EX42 vlan-id 100 //创建vlan 100 //下面命令设置vlan子端口IP地址 set interfaces vlan unit 100 family inet address 192.0.2.129/25 set vlans vlan l3-interface vlan.100 //vlan子端口和VLAN对应起来

2.4 Trunk配置

2.4.1 Trunk配置步骤

(1) 指定需要成为Trunk的端口模式为Trunk (2) 设置Trunk端口允许通过的VLAN id。

2.4.2 如何设置Trunk

? 端口修改成trunk

set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode trunk ? 删除端口trunk模式

delete interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode trunk

第38页共78页

2.4.3 允许/禁止VLAN通过Trunk

? 允许通过:允许vlan 10和vlan 20通过

//下面命令允许vlan id为10和20的VLAN通过Trunk set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [10 20] ? 禁止VLAN通过:不允许vlan 10通过

delete interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10

2.5 端口配置

2.5.1 端口配置规范要求

(1) 在连接路由器或者交换机的时候要求指定速率和工作模式。 (2) 对于普通网线要求不能将端口设置为1000M速率。

(3) 和其它厂家互联，一定要在两边设置指定工作模式和端口速率，不能采用自动协商(避免协

商出现问题)

2.5.2 修改端口速率

set interfaces ge-0/0/1 ether-options speed 1g //设置端口为1g速率 set interfaces ge-0/0/1 ether-options speed auto-negotiation //设置速率为自动协商 set interfaces ge-0/0/1 ether-options speed后面可以跟的参数是： auto-negotiation Enable auto-negotiation 10m 10Mbps 100m 100Mbps 1g 1Gbps 2.5.3 修改端口工作模式

set interfaces ge-0/0/1 ether-options link-mode full-duplex //设置端口全双工模式 set interfaces ge-0/0/1 ether-options link-mode automatic //设置工作模式为自动协商 set interfaces ge-0/0/1 ether-options link-mode后面可以跟的参数是： automatic Automatic negotiate duplex full-duplex Full-duplex operation

第39页共78页

half-duplex Half-duplex operation 2.5.4 修改端口为L3模式

delete interfaces ge-0/0/1 unit 0 family ethernet-switching //删除端口L2参数 set interfaces ge-0/0/1 unit 0 family inet //设置端口为L3模式 set interfaces ge-0/0/1 unit 0 family inet address 192.168.1.1/30 //设置端口IP地址 2.5.5 修改端口为L2模式

delete interfaces ge-0/0/1 unit 0 family inet //删除端口为L3模式参数 set interfaces ge-0/0/15 unit 0 family ethernet-switching //将端口设置为L2模式

2.6 生成树配置

生成树协议（Spanning Tree）是一种链路管理协议，它为网络提供二层路径冗余同时防止产生环路。IEEE制定的生成树协议包括：STP、RSTP、MSTP，EX系列交换机全面支持这些协议，同时还能兼容PVST+。

第40页共78页

2.6.1 STP配置实例

S1交换机：

set protocols stp enable

//打开stp功能

set protocols stp bridge-priority 8k //设置stp的优优先值，值从0-65535，值大优先

set protocols stp interface ge-0/0/1.0 priority 8 //设置stp端口优先值，值从0-255，较小优先

set protocols stp interface ge-0/0/2.0 priority 8 S2交换机：

set protocols stp enable

set protocols stp bridge-priority 16k

set protocols stp interface ge-0/0/1.0 priority 16 set protocols stp interface ge-0/0/2.0 priority 16

S3交换机：

set protocols stp enable

set protocols stp bridge-priority 32k

第41页共78页

set protocols stp interface ge-0/0/1.0 priority 32 set protocols stp interface ge-0/0/2.0 priority 32

检查命令：

Show span-tree bridge

2.6.2 RSTP配置实例

1． S1交换机上创建VLAN并且配置交换机端口VLAN和Trunk和RSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan-id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

第42页共78页

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/2 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/3 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/3 unit 0 family ethernet-switching port-mode trunk

set protocols rstp bridge-priority 16k //设置rstp的优优先值 set protocols rstp interface ge-0/0/1.0 cost 1000 //设置rstp端口权值

set protocols rstp interface ge-0/0/1.0 mode point-to-point //设置rstp端口模式 set protocols rstp interface ge-0/0/2.0 cost 1000

set protocols rstp interface ge-0/0/2.0 mode point-to-point set protocols rstp interface ge-0/0/3.0 cost 1000 set protocols rstp interface ge-0/0/3.0 mode point-to-point

2． S2交换机上创建VLAN并且配置交换机端口VLAN和Trunk和RSTP协议：

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan-id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

set protocols rstp bridge-priority 32k

set protocols rstp interface ge-0/0/1.0 cost 1000

set protocols rstp interface ge-0/0/1.0 mode point-to-point set protocols rstp interface ge-0/0/2.0 cost 1000

set protocols rstp interface ge-0/0/2.0 mode point-to-point

第43页共78页

3． S3交换机上创建VLAN并且配置交换机端口VLAN和Trunk和RSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan-id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/2unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/3 unit 0 family ethernet-switching vlan members [10 20 30 40] set interfaces ge–0/0/1 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/3 unit 0 family ethernet-switching port-mode trunk set protocols rstp bridge-priority 8k

set protocols rstp interface ge-0/0/1.0 cost 1000

set protocols rstp interface ge-0/0/1.0 mode point-to-point set protocols rstp interface ge-0/0/2.0 cost 1000

set protocols rstp interface ge-0/0/2.0 mode point-to-point set protocols rstp interface ge-0/0/3.0 cost 1000 set protocols rstp interface ge-0/0/3.0 mode point-to-point

4． S4交换机上创建VLAN并且配置交换机端口VLAN和Trunk和RSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan-id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

第44页共78页

set protocols rstp interface ge-0/0/1.0 cost 1000

set protocols rstp interface ge-0/0/1.0 mode point-to-point set protocols rstp interface ge-0/0/2.0 cost 1000

set protocols rstp interface ge-0/0/2.0 mode point-to-point 5．利用show spanning-tree interface命令查看4台交换机STP状态。

2.6.3 MSTP配置实例

1． S1交换机上创建VLAN并且配置交换机端口VLAN和Trunk和MSTP协议

set vlans voice-vlan description “Voice VLAN\ set vlans voice-vlan vlan—id 10

set vlans employee-vlan description “Employee VLAN\ set vlans employee-vlan vlan-id 20

set vlans guest-vlan description “Guest VLAN\ set vlans guest-vlan vlan-id 30

set vlans camera-vlan description “Camera VLAN\ set vlans camera-vlan vlan-id 40

set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [10 20 30 40]

第45页共78页

本文来源：https://www.bwwdw.com/article/phqh.html

相关文章：

正在阅读：

Juniper - EX4200 - 中文配置手册全集详解09-10

在教学中激发学生热爱祖国的语言文字07-25

车位租赁协议|个人车位租赁合同范本08-01

2022年社区文明创建年终工作总结08-01

保证书怎么写格式02-12

安全保证书教你怎么写02-09

建筑材料送检样品要求及收费标准一览表03-09

EA和高频交易的对比05-12

教师工作心得体会03-31

国军标生产环节审核重点09-25

上一篇：绍兴一中沈初见教学设计下一篇：广东省高考（文科）数学小题训练（七套） - 选择填空（精编含解析）