R1配置

---------------------------------------------

version 5.20, ESS 2207P45
#
 sysname RT1
#
 super password level 3 simple h3c
#
 domain default enable system
#
 telnet server enable
#
acl number 2000
 rule 0 permit source 192.168.200.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
user-group system
 group-attribute allow-guest
#               
local-user rt1  
 password simple rt1
 authorization-attribute level 2
 service-type telnet
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
interface Aux0  
 async mode flow
 link-protocol ppp
#               
interface Cellular0/0
 async mode protocol
 link-protocol ppp
 attack-defense apply policy 1
#               
interface Ethernet0/0
 port link-mode route
 ip address 172.16.0.9 255.255.255.252
 attack-defense apply policy 1
#               
interface Ethernet0/1
 port link-mode route
 ip address 172.16.0.2 255.255.255.252
 attack-defense apply policy 1
#               
interface Ethernet0/2
 port link-mode route
 ip address 172.16.1.1 255.255.255.252
 attack-defense apply policy 1
#               
interface NULL0
#               
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
#               
interface Ethernet0/3
 port link-mode bridge
#               
interface Ethernet0/4
 port link-mode bridge
#               
interface WLAN-Radio2/0
#               
bgp 65000       
 undo synchronization
 peer 172.16.1.2 as-number 65001
 peer 2.2.2.2 as-number 65000
 peer 6.6.6.6 as-number 65000
 peer 7.7.7.7 as-number 65000
 peer 172.16.1.2 route-policy fk export
 peer 172.16.1.2 route-policy fa import
 peer 2.2.2.2 connect-interface LoopBack0
 peer 6.6.6.6 connect-interface LoopBack0
 peer 7.7.7.7 connect-interface LoopBack0
#               
ospf 1 router-id 1.1.1.1
 area 0.0.0.0   
  network 172.16.0.2 0.0.0.0
  network 172.16.0.9 0.0.0.0
  network 1.1.1.1 0.0.0.0
  network 172.16.1.1 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fk permit node 10
 if-match as-path 1
route-policy fk permit node 20
#               
 snmp-agent     
 snmp-agent local-engineid 800063A203000FE2D06060
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 undo snmp-agent trap enable voice dial
 snmp-agent trap source LoopBack0
#               
 load xml-configuration
#              
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 idle-timeout 0 0
 protocol inbound telnet
#               
return

R2配置

-----------------------------------------------------------

#
 version 5.20, ESS 2207P45
#
 sysname RT2
#
 super password level 3 simple h3c
#
 domain default enable system
#
 telnet server enable
#
acl number 2000
 rule 0 permit source 192.168.100.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
ike proposal 1  
#               
ike peer rt4    
 pre-shared-key simple h3c
 remote-address 172.16.1.6
#               
ipsec proposal 1
#               
ipsec policy-template huawei 1
 ike-peer rt4   
 proposal 1     
#               
ipsec policy h3c 1 isakmp template huawei
#               
user-group system
 group-attribute allow-guest
#               
local-user rt2  
 password simple rt2
 authorization-attribute level 2
 service-type telnet
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
interface Aux0  
 async mode flow
 link-protocol ppp
#               
interface Cellular0/0
 async mode protocol
 link-protocol ppp
 attack-defense apply policy 1
#               
interface Ethernet0/0
 port link-mode route
 ip address 172.16.0.6 255.255.255.252
 attack-defense apply policy 1
#               
interface Ethernet0/1
 port link-mode route
 ip address 172.16.0.10 255.255.255.252
#               
interface Ethernet0/2
 port link-mode route
 ip address 100.0.0.1 255.255.255.0
 ipsec policy h3c
#               
interface NULL0
#               
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255
#               
interface Ethernet0/3
 port link-mode bridge
#               
interface Ethernet0/4
 port link-mode bridge
#               
interface Tunnel1
 ip address 172.16.1.5 255.255.255.252
 source 100.0.0.1
 destination 200.0.0.1
#               
interface WLAN-Radio2/0
#               
bgp 65000       
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 172.16.1.6 as-number 65001
 peer 6.6.6.6 as-number 65000
 peer 7.7.7.7 as-number 65000
 peer 1.1.1.1 connect-interface LoopBack0
 peer 172.16.1.6 route-policy fk export
 peer 172.16.1.6 route-policy fa import
 peer 6.6.6.6 connect-interface LoopBack0
 peer 7.7.7.7 connect-interface LoopBack0
#               
ospf 1 router-id 2.2.2.2
 area 0.0.0.0   
  network 2.2.2.2 0.0.0.0
  network 172.16.0.6 0.0.0.0
  network 172.16.0.10 0.0.0.0
  network 172.16.1.5 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
route-policy fk permit node 10
 if-match as-path 1
route-policy fk permit node 20
#               
 ip route-static 0.0.0.0 0.0.0.0 100.0.0.2
#               
 snmp-agent     
 snmp-agent local-engineid 800063A203000FE2E62FC0
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 undo snmp-agent trap enable voice dial
 snmp-agent trap source LoopBack0
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 idle-timeout 0 0
 protocol inbound telnet
#

R3配置

----------------------------------------------------------

#
 sysname RT3
#
 super password level 3 simple 123
#
 domain default enable system
#
 ip ttl-expires enable
 ip unreachables enable
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 port-security enable
#
acl number 2000
 rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2008
 rule 0 deny source 0.0.0.0 0
 rule 5 permit
#
vlan 1
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
 group-attribute allow-guest
#               
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 authorization-attribute level 3
 service-type telnet
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
cwmp            
 undo cwmp enable
#               
bgp 65001       
 undo synchronization
 peer 4.4.4.4 as-number 65001
 peer 172.16.1.1 as-number 65000
 peer 5.5.5.5 as-number 65001
 peer 4.4.4.4 connect-interface LoopBack0
 peer 172.16.1.1 filter-policy 2008 export
 peer 172.16.1.1 route-policy fa import
 peer 5.5.5.5 connect-interface LoopBack0
#               
ospf 1 router-id 3.3.3.3
 area 0.0.0.0   
  network 3.3.3.3 0.0.0.0
  network 172.16.2.1 0.0.0.0
  network 172.16.2.5 0.0.0.0
  network 172.16.1.2 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
#               
#               
voice-setup     
 #              
 sip            
 #              
 sip-server     
  #             
  call-rule-set
  #             
  call-route    
 #              
 dial-program   
  default entity fax protocol standard-t38
  default entity fax protocol standard-t38 hb-redundancy 0
  default entity fax protocol standard-t38 lb-redundancy 0
 #              
 aaa-client     
 #              
 gk-client      
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#               
return

R4配置

--------------------------------------------------------

#
 sysname RT4
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
acl number 2000
 rule 0 permit source 192.168.10.0 0.0.0.255
#
acl number 3000
 rule 0 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
acl number 3030
 rule 0 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.200.0 0.0.0.255
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
ike proposal 1  
#               
ike peer rt2    
 pre-shared-key simple h3c
 remote-address 172.16.1.5
#               
ipsec proposal 1
#               
ipsec policy h3c 1 isakmp
 security acl 3000
 ike-peer rt2   
 proposal 1     
#               
traffic classifier oa operator and
 if-match acl 3030
#               
traffic behavior oa
 queue af bandwidth pct 50
#               
qos policy h3c  
 classifier oa behavior oa
#               
local-user rt4  
 password simple h3c
#               
bgp 65001       
 undo synchronization
 peer 5.5.5.5 as-number 65001
 peer 172.16.1.5 as-number 65000
 peer 3.3.3.3 as-number 65001
 peer 5.5.5.5 default-route-advertise
 peer 5.5.5.5 connect-interface LoopBack0
 peer 172.16.1.5 route-policy fa import
 peer 3.3.3.3 default-route-advertise
 peer 3.3.3.3 connect-interface LoopBack0
#               
ospf 1 router-id 4.4.4.4
 area 0.0.0.0   
  network 4.4.4.4 0.0.0.0
  network 172.16.2.2 0.0.0.0
  network 172.16.2.9 0.0.0.0
  network 172.16.1.6 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply as-path 400 600
#               
 ip route-static 0.0.0.0 0.0.0.0 200.0.0.2
#               
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#               
return          
R5配置

-------------------------------------------------------------------

#
 sysname RT5
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
acl number 2000
 rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2001
 rule 0 permit source 192.168.10.0 0.0.0.255
#
acl number 3030
 rule 5 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
traffic classifier oa operator and
 if-match acl 3030
#               
traffic behavior oa
 queue af bandwidth pct 50
#               
qos policy h3c  
 classifier oa behavior oa
#               
local-user rt5  
 password simple rt5
 service-type ppp
#               
bgp 65001       
 network 192.168.100.1 255.255.255.255
 network 192.168.200.1 255.255.255.255
 undo synchronization
 peer 4.4.4.4 as-number 65001
 peer 3.3.3.3 as-number 65001
 peer 4.4.4.4 route-policy fk import
 peer 4.4.4.4 connect-interface LoopBack0
 peer 3.3.3.3 route-policy fk import
 peer 3.3.3.3 connect-interface LoopBack0
#               
ospf 1 router-id 5.5.5.5
 area 0.0.0.0   
  network 5.5.5.5 0.0.0.0
  network 172.16.2.6 0.0.0.0
  network 172.16.2.10 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
route-policy fa permit node 20
route-policy fk permit node 10
 if-match acl 2001
 apply local-preference 400
route-policy fk permit node 20
#               
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#               
return

SW1配置

-----------------------------------------------------------

#
 sysname SW1
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
user-group system
#               
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root primary
 stp enable     
#               
bgp 65000       
 network 192.168.10.0 route-policy fa
 network 192.168.20.0
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 2.2.2.2 as-number 65000
 peer 1.1.1.1 connect-interface LoopBack0
 peer 2.2.2.2 connect-interface LoopBack0
#               
ospf 1 router-id 6.6.6.6
 area 0.0.0.0   
  network 6.6.6.6 0.0.0.0
  network 172.16.0.1 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
#               
user-interface aux 0
user-interface vty 0 4
#               
return

SW2配置

-----------------------------------------------------------

#
 sysname SW2
#
 super password level 3 cipher $c$3$nbNypWi5fBQG/0cezZ0kQlLgfhZBVkx+anDhOHBaSwsLC8U=
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
#               
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root secondary
 stp enable     
#               
bgp 65000       
 network 192.168.10.0
 network 192.168.20.0 route-policy fa
 undo synchronization
 peer 1.1.1.1 as-number 65000
 peer 2.2.2.2 as-number 65000
 peer 1.1.1.1 connect-interface LoopBack0
 peer 2.2.2.2 connect-interface LoopBack0
#               
ospf 1 router-id 7.7.7.7
 area 0.0.0.0   
  network 7.7.7.7 0.0.0.0
  network 172.16.0.5 0.0.0.0
#               
route-policy fa permit node 10
 if-match acl 2000
 apply local-preference 400
#               
user-interface aux 0
 user privilege level 2
user-interface vty 0 4
#               
return

SW3配置

--------------------------------------------------------

#
 sysname SW3
#
 super password level 3 cipher *\Y0``CC]'I.BI/aC,8H/Q!!
#
radius scheme system
#
domain system
#
 stp bpdu-protection
 stp enable
stp region-configuration
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#
vlan 1
#
vlan 10
#
vlan 20
#
user-interface aux 0
 user privilege level 2
 idle-timeout 0 0                         
user-interface vty 0 4                    
#                                         
return

BGP拓扑错误模拟配置的更多相关文章

  1. 修复SharePoint 2013 Search 拓扑错误

    Problem 当创建和配置SharePoint 2013 Search Service Application成功之后,进入详细配置页后,在Search Application Topology节点 ...

  2. H3C TE BGP拓扑排错报告

                                                                                       BGP排错报告 故障一:PPP链路 ...

  3. SharePoint 关于拓扑错误的解决方案

    Issue Topology报错信息:SharePoint Web Services Round Robin Service Load Balancer Event: EndpointFailure. ...

  4. php CodeIgniter处理多环境错误级别配置

    php CodeIgniter处理多环境错误级别配置 开发者常常希望当系统运行在开发环境或生产环境中时能有不同的行为, 例如,在开发环境如果程序能输出详细的错误信息将非常有用,但是在 生产环境这将造成 ...

  5. 解析ArcGis拓扑——根据拓扑错误记录提取shp文件、导出Excel表格

    在ArcGis拓扑检查的流程——以面重叠检查为例中讲述了如何在ArcGis进行拓扑检查与修改. 在实际操作中,有时我们还需要将ArcGis拓扑检查的结果制作成报告或者提取错误信息反馈作业方. 本文仍然 ...

  6. Nginx 错误日志配置

    1.Nginx错误日志信息介绍: error_log的语法格式及参数说明: error_log      file         level; 关键字    日志文件   错误日志级别 其中,关键字 ...

  7. EF + MySql 错误:配置错误 无法识别的元素“providers”

    “/”应用程序中的服务器错误. 配置错误 说明: 在处理向该请求提供服务所需的配置文件时出错.请检查下面的特定错误详细信息并适当地修改配置文件. 分析器错误消息: 无法识别的元素“providers” ...

  8. asp.net异常处理和错误页配置

    最近做一个项目,直接拷贝了前辈写的程序,结果报错了查了半天都没查出原因,也看不出哪里报错,最后发现有一个错误被try...catch了,所以我们做项目的时候一般不需要try...catch. 假设所有 ...

  9. Httpd服务入门知识-Httpd服务常见配置案例之定义站点主页面及错误页面配置

    Httpd服务入门知识-Httpd服务常见配置案例之定义站点主页面及错误页面配置 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.定义站点主页面 [root@node101.yi ...

随机推荐

  1. Winfrom设置DataGridView单元格获得焦点(DataGridView - CurrentCell)

    设置DataGridView单元格获得焦点 this.dgv_prescription.BeginEdit(true);

  2. shell 调用mysql 存储过程判断真假

    mysql> create table TBL_STUDENT(id int,name char(10),CLASSNO int,BIRTH datetime); Query OK, 0 row ...

  3. 基于visual Studio2013解决C语言竞赛题之1091多项式

        题目 解决代码及点评 /************************************************************************/ /* ...

  4. 微信公 众平台开发,用于个人技术交流,有兴趣的加QQ群432921500

    微信公 众平台开发,用于个人技术交流,有兴趣的加QQ群432921500

  5. SRM 582 Div II Level One: SemiPerfectSquare

    题目来源:http://community.topcoder.com/stat?c=problem_statement&pm=12580 比较简单,代码如下: #include <ios ...

  6. Swift - 类型判断is 与 类型转换as

    在Swift中,通常使用is和as操作符来实现类型检查和转换.下面通过样例来演示使用方法,首先定义几个类. 1 2 3 4 5 6 7 8 9 10 11 //基类,人类 class Human{ } ...

  7. Swift - 继承UIView实现自定义可视化组件(附记分牌样例)

    在iOS开发中,如果创建一个自定义的组件通常可以通过继承UIView来实现.下面以一个记分牌组件为例,演示了组件的创建和使用,以及枚举.协议等相关知识的学习. 效果图如下:    组件代码:Score ...

  8. 细说UI线程和Windows消息队列

    在 Windows应用程序中,窗体是由一种称为“ UI线程( User Interface Thread)”的特殊类型的线程创建的. 首先, UI线程是一种“线程”,所以它具有一个线程应该具有的所有特 ...

  9. oracle在desc表时,name 和type列不能格式化问题(占位过长)

    今天玩Oracle的时候,遇到一个让人很无语的问题,我desc表的时候,总是发现name列和type 列占位太多, 无法很直观明白的显示出来各个列值,就像下面的样子: 这样让人很不舒服,当然,一看到列 ...

  10. Jetty:配置安全

    用${jetty.home}和${jetty.base}配置安全 Jetty 9.1中:  1)${jetty.home}是jetty公布(二进制)的文件夹路径:  2)${jetty.base}是用 ...