开局指导Alcatel交换机AOS操作系统包括两个系统文件和配置文件的目录,working和certified目录。
正常工作时,机器会从working下引导。
这两个目录下保存相同的文件(配置文件和系统文件),包括文件的个数,文件名和文件大小。
如果出现三者中任何一个不同,机器在下次引导时会从certified下引导,这时修改的配置文件是不能保存的。
一、6850开机6850开机后,操作的步骤如下:1、用户名admin,密码switch登陆2、执行write memory保存一个空的配置文件boot.cfg该文件会生成并保存在working目录下。
3、执行copy working certified同步working和certified的目录下的文件,同时boot.cfg文件拷贝到certified下。
4、执行ip interface <v1-ip给vlan 1的三层路由接口取个名字> address 1.1.1.1 mask255.255.255.0 vlan 1 给vlan 1配置一个ip,为了可以ftp交换机上传高级路由软件。
5、执行aaa authentication ftp local6、将笔记本连接到68507、进入dos窗口,进入到保存高级路由软件的目录8、执行ftp 1.1.1.19、输入账号和密码10、输入bin11、输入put <高级路由文件名:Kadvrout.img>12、上传完毕后在机器上执行relod working no rollback-time13、引导后登陆后执行write memory和copy working certified14、到此,6850的系统文件Kadvrout.img上传完毕。
二、6850堆叠的操作准备要堆叠的几台6850,比如4台。
机器默认前面板的LED序号是1,修改其中的3台即可。
1、通过console连接Kadvrout.img上传完毕的机器2、执行stack set slot 1 save-slot 23、执行reload,完毕后,LED显示24、同样执行stack set slot 1 save-slot 3,和stack set slot 1 save-slot 4完成另外2台机器。
5、全部正常修改后,关电。
6、连接堆叠线缆,LED显示1的堆叠A口连接LED显示2的堆叠B口,以此错位连接,最后4#机器的A口连接1#的B口。
7、按1#、2#、3#、4#的顺序开机,开机不需要等到前一个引导完毕,有5秒的等待就可以。
8、全部开电,正常后,console连接1#,执行9、write memory、copy working certified、copy working certified flashsu10、如果执行过程中出现ERROR的信息,在1#机器上执行reload all11、开机正常后,重复write memory、copy working certified、copy working certified flashsu12、正常后,堆叠操作完毕。
三、9700的操作1、执行write memory、copy working certified、copy working certified flash-synchro2、开始可以做配置。
四、注意的东西1、如果出现堆叠6850的1#机器的pri黄闪或9700的A控制板的pri黄闪,说明上次的配置没有同步,登陆到机器上执行write memory、copy working certified、copy working certified flashsu 就可以了。
2、如果配置后不能保存文件,说明是certified目录引导的,通过show running-dirctory可以看到,这时候必须通过relod working no rollback-time强制从working下引导,但是新做的配置会丢失。
3,清楚交换机地址dongfenOS9700-的cd workingdongfenOS9700-> rm boot.cfgdongfenOS9700-> cd ..dongfenOS9700-> cd certifieddongfenOS9700-> rm boot.cfgdongfenOS9700->reload working no rollback-timeoutdongfenOS9700->y4,主备引擎切换Takeover五,配置步骤97001、通用配置> system name DFBG9700-> session prompt default DFBG9700->DFBG9700-> ip interface Loopback0 address 192.168.252.3DFBG9700-> aaa authentication telnet localDFBG9700-> passwordEnter old password: ******Enter new password: 八位以上2、个体配置1)、配置所有VLANDFBG9700-> vlan 222DFBG9700-> vlan 224DFBG9700-> vlan 220DFBG9700-> vlan 226DFBG9700-> vlan 228DFBG9700-> vlan 230DFBG9700-> vlan 241DFBG9700-> vlan 242DFBG9700-> vlan 243DFBG9700-> vlan 215DFBG9700-> vlan 213DFBG9700-> vlan 201DFBG9700-> vlan 211DFBG9700-> vlan 203DFBG9700-> vlan 207DFBG9700-> vlan 209DFBG9700-> vlan 205DFBG9700-> vlan 1016DFBG9700-> vlan 1014DFBG9700-> vlan 1013DFBG9700-> show vlanstree mble srcvlan type admin oper 1x1 flat auth ip ipx tag lrn name-----+------+------+------+------+------+----+-----+-----+-----+-----+----------1 std on on on on off on NA off on VLAN 1 201 std on off on on off off NA off on VLAN 201203 std on off on on off off NA off on VLAN 203 205 std on off on on off off NA off on VLAN 205 207 std on off on on off off NA off on VLAN 207 209 std on off on on off off NA off on VLAN 209 211 std on off on on off off NA off on VLAN 211 213 std on off on on off off NA off on VLAN 213 215 std on off on on off off NA off on VLAN 215 220 std on off on on off off NA off on VLAN 220 222 std on off on on off off NA off on VLAN 222 224 std on off on on off off NA off on VLAN 224 226 std on off on on off off NA off on VLAN 226 228 std on off on on off off NA off on VLAN 228 230 std on off on on off off NA off on VLAN241 std on off on on off off NA off on VLAN 241 242 std on off on on off off NA off on VLAN 242 243 std on off on on off off NA off on VLAN 243 1013 std on off on on off off NA off on VLAN 1013 1014 std on off on on off off NA off on VLAN 1014 1016 std on off on on off off NA off on VLAN 1016 2)、配置所有静态聚合DFBG9700-> static linkagg 1 size 2DFBG9700-> static agg 1/2 agg num 1DFBG9700-> static agg 3/2 agg num 1DFBG9700-> show vlan port3)、给vlan配置端口Vlan 100 port default 1/1-10 (不打标记的端口,比如链接服务器或二级单位的防火墙)Vlan 100 802.1q 1/11(物理端口)Vlan 100 802.1q 1(链路聚合端口)DFBG9700-> vlan 1016 802.1q 1DFBG9700-> vlan 226 802.1q 2DFBG9700-> vlan 228 802.1q 3DFBG9700-> vlan 215 802.1q 4DFBG9700-> vlan 211 802.1q 4DFBG9700-> vlan 215 802.1q 4ERROR: VLAN 215 is an existing tagged VLANDFBG9700-> vlan 211 no 802.1q 4DFBG9700-> vlan 215 no 802.1q 4DFBG9700-> vlan 211 802.1q 4DFBG9700-> vlan 211 no 802.1q 4DFBG9700-> vlan 215 802.1q 4DFBG9700-> vlan 211 802.1q 5DFBG9700-> vlan 209 802.1q 6DFBG9700-> vlan 205 802.1q 7DFBG9700-> show vlan portVlan 100 802.1q 1/11(物理端口):DFBG9700-> vlan 222 802.1q 1/12DFBG9700-> vlan 224 802.1q 1/13DFBG9700-> vlan 220 802.1q 1/11DFBG9700-> vlan 230 802.1q 1/16DFBG9700-> vlan 241 802.1q 1/17DFBG9700-> vlan 242 802.1q 1/18DFBG9700-> vlan 243 802.1q 1/19DFBG9700-> vlan 213 802.1q 1/7DFBG9700-> vlan 201 802.1q 1/9DFBG9700-> vlan 203 802.1q 1/10DFBG9700-> vlan 207 802.1q 1/4DFBG9700-> vlan 1014 802.1q 1/1DFBG9700-> vlan 1013 802.1q 3/1DFBG9700-> show vlan port4)、给Vlan添加三层的路由接口:DFBG9700-> ip interface v1013-ip address 10.2.1.10/30 vlan 1013 DFBG9700-> ip interface v222-ip address 10.2.61.5/30 vlan 222 DFBG9700-> ip interface v224-ip address 10.2.62.5/30 vlan 224 DFBG9700-> ip interface v220-ip address 10.2.60.5/30 vlan 220 DFBG9700-> ip interface v226-ip address 10.2.63.5/30 vlan 226 DFBG9700-> ip interface v228-ip address 10.2.64.5/30 vlan 228 DFBG9700-> ip interface v230-ip address 10.2.65.5/30 vlan 230 DFBG9700-> ip interface v241-ip address 10.2.75.1/30 vlan 241 DFBG9700-> ip interface v242-ip address 10.2.76.1/30 vlan 242 DFBG9700-> ip interface v243-ip address 10.2.76.5/30 vlan 243 DFBG9700-> ip interface v215-ip address 10.2.58.1/30 vlan 215 DFBG9700-> ip interface v213-ip address 10.2.57.1/30 vlan 213 DFBG9700-> ip interface v201-ip address 10.2.51.1/30 vlan 201DFBG9700-> ip interface v211-ip address 10.2.56.1/30 vlan 211DFBG9700-> ip interface v203-ip address 10.2.52.1/30 vlan 203DFBG9700-> ip interface v207-ip address 10.2.54.1/30 vlan 207DFBG9700-> ip interface v209-ip address 10.2.55.1/30 vlan 209DFBG9700-> ip interface v205-ip address 10.2.53.1/30 vlan 205DFBG9700-> ip interface v1016-ip address 10.2.1.21/30 vlan 1016DFBG9700-> ip interface v1014-ip address 10.2.1.14/30 vlan 10145)、配置三层协议ospf:DFBG9700-> ip load ospfDFBG9700-> ip ospf area 0.0.0.0DFBG9700-> ip ospf status enableDFBG9700-> ip ospf interface v1013-ipDFBG9700-> ip ospf interface v1013-ip area 0.0.0.0DFBG9700-> ip ospf interface v1013-ip status enable6)、静态路由发布到ospfIp ospf asbrip route-map "static-to-ospf" sequence-number 50 action permit(全部发布)ip route-map "static-to-ospf" sequence-number 50 match ip-address 1.0.0.0/8 redist-control all-subnets permit (仅发布1网段)ip route-map "static-to-ospf" sequence-number 50 match ip-address 2.0.0.0/8 redist-control all-subnets permit(仅发布2网段)ip redist static into ospf route-map "static-to-ospf" status enableip sdtatic-router 0.0.0.0 mask 0.0.0.0 gateway 192.1.1.17)、访问控制DFBG9700-> aclmanWelcome to ACLMANAclman#conf tAclman(config)#ip access-list extended 100Aclman(config-ext-nacl)#permit ip 2.2.2.0 0.255.255.255 10.2.1.0 0.255.255.255 Aclman(config-ext-nacl)#deny ip any anyAclman(config-ext-nacl)#exitAclman#sh ruip access-list extended 100permit ip 2.2.2.0 0.255.255.255 10.2.1.0 0.255.255.255deny ip any any!interface Ethernet 1/1ip access-group 100 In!endAclman#write。