2012年05月の記事一覧

Cisco Catalyst 2955

(0/n)
カテゴリー : ネットワーク タグ :

産業用Ethernet Switch Catalyst2955を入手

製品情報/English
Datasheet/日本語
電源がDC24Vという点を除けば、ファンレスなので家Labで触るには最適。
持っている電源ではDC18.5Vまでしか供給できないがぎりぎり18Vが入力レンジ下限のためどうにか通電。
ひとまずは以下Processにて初期化
※他Switchと違ってMODEボタンが存在しないので手順が違う
C2955 Boot Loader (C2955-HBOOT-M) Version 12.1(12r)EA1, RELEASE SOFTWARE (fc1)
Compiled Mon 13-Jan-03 13:14 by madison
WS-C2955T-12 starting…
Base ethernet MAC Address: 00:11:20:19:**:**
Xmodem file system is available.
Initializing Flash…
flashfs[0]: 86 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 6158848
flashfs[0]: Bytes available: 1582592
flashfs[0]: flashfs fsck took 7 seconds.
…done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
*** The system will autoboot in 15 seconds ***
Send break character to prevent autobooting.
Break Key 押下
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
switch: flash_init
Initializing Flash…
…The flash is already initialized.
switch: boot
以下Boot Message…

Comment PermaLink

NEC UNIVERGE IX2015設定

(0/n)
カテゴリー : ネットワーク タグ :

このところIX2k/3kの話題も落ち着いてきたようですが備忘録を兼ねて
NTTフレッツ/マルチPPPoEでの2-ISPマルチホーミング設定のサンプルコンフィグ。
## host名設定
hostname hogehoge
## タイムゾーン設定
timezone +09 00
## ユーザー設定
username admin password hash XXXXXXXXXXXXXX administrator
## NTP設定 (MFEED)
ntp ip enable
ntp server 210.173.160.27
ntp server 210.173.160.57
ntp server 210.173.160.87
ntp interval 3600
## syslog設定
logging buffered 131072
logging subsystem all warn
logging timestamp datetime
## UFSキャッシュ有効化
ip ufs-cache max-entries 20000
ip ufs-cache enable
## FaE0/0.1 と FaE0/0.2 (PPPoEセッション)にてマルチホーミング
ip route default FastEthernet0/0.1 distance 200
ip route default FastEthernet0/0.2 distance 100
## フレッツスクエア経路 (セッション数不足で未使用)
ip route 220.210.194.0/25 FastEthernet0/0.3
## DHCP有効
ip dhcp enable
## ACL設定
ip access-list all-block deny ip src any dest any
ip access-list all-forward permit ip src any dest any
# ACL設定 / マルチホーミングのDNSアクセス制御
ip access-list isp1-dns permit tcp src any sport any dest /16 dport eq 53
ip access-list isp2-dns permit tcp src any sport any dest /16 dport eq 53
# ACL設定 / マネージメント制御
ip access-list management permit ip src 192.168.100.0/16 dest any
ip access-list management permit ip src 192.168.200.0/16 dest any
ip access-list management permit ip src 192.168.300.0/16 dest any
# ACL設定 / NetBIOSフィルタ
ip access-list nb-block deny tcp src any sport eq 135 dest any dport any
ip access-list nb-block deny tcp src any sport any dest any dport eq 135
ip access-list nb-block deny tcp src any sport range 137 139 dest any dport any
ip access-list nb-block deny tcp src any sport any dest any dport range 137 139
ip access-list nb-block deny tcp src any sport any dest any dport eq 445
ip access-list nb-block deny tcp src any sport eq 445 dest any dport any
# ACL設定 / Policy Based Routing
ip access-list pbr-in-list permit ip src any dest 10.0.0.0/8
ip access-list pbr-in-list permit ip src any dest 172.16.0.0/12
ip access-list pbr-in-list permit ip src any dest 192.168.0.0/16
ip access-list pbr-out-list permit ip src 192.168.200.1/32 dest any
ip access-list pbr-out-list permit tcp src 192.168.300.251/32 sport eq 22 dest any dport any
## DNSキャッシュ無効
no dns cache address-database
## DNS Proxy設定
proxy-dns ip enable
proxy-dns ip query-interval 1
proxy-dns interface FastEthernet0/0.1 priority 200
proxy-dns interface FastEthernet0/0.2 priority 150
## Telnet有効
telnet-server ip enable
telnet-server ip access-list management
## マルチホーミング経路制御
#DNSアクセス制御(100/200)
route-map pbr-map permit 100
match ip address access-list isp1-dns
set interface FastEthernet0/0.2
!
route-map pbr-map permit 200
match ip address access-list isp2-dns
set interface FastEthernet0/0.1
!
#特定端末のSauce based routing(400/500)
route-map pbr-map permit 400
match ip address access-list pbr-in-list
set interface Loopback0.0
set ip next-hop 192.168.200.251
!
route-map pbr-map permit 500
match ip address access-list pbr-out-list
set interface FastEthernet0/0.1
## PPPoEアカウント設定
ppp profile isp_isp1
authentication myname
authentication password
!
ppp profile isp_isp2
authentication myname
authentication password
!
ppp profile square
authentication myname guest@flets
authentication password guest@flets guest
## DHCP設定
ip dhcp profile dhcp_open
assignable-range 192.168.100.129 192.168.100.192
subnet-mask 255.255.255.0
dns-server 192.168.100.254
fixed-assignment 192.168.100.160 AA:BB:CC:DD:EE:FF ##固定割り当て
!
ip dhcp profile dhcp_local
assignable-range 192.168.200.129 192.168.200.192
subnet-mask 255.255.255.0
dns-server 192.168.200.254
!
ip dhcp profile dhcp_tech
assignable-range 192.168.300.129 192.168.300.192
subnet-mask 255.255.255.0
dns-server 192.168.300.253
## 物理インターフェイス
device FastEthernet0/0
!
device FastEthernet0/1
!
device FastEthernet1/0
vlan-group 1 port 1
vlan-group 2 port 2 3
vlan-group 3 port 4
!
device BRI1/0
isdn switch-type hsd128k
## 論理インターフェイス
interface FastEthernet0/0.0
no ip address
shutdown
!
interface FastEthernet0/1.0
no ip address
shutdown
!
interface FastEthernet1/0.0
no ip address
shutdown
!
interface BRI1/0.0
encapsulation ppp
no auto-connect
no ip address
shutdown
!
# ISP1-PPPoE設定
interface FastEthernet0/0.1
encapsulation pppoe
auto-connect
ppp binding isp_isp2
ip address ipcp
ip tcp adjust-mss auto
ip napt enable
ip napt translation max-entries 25000
ip napt static 192.168.200.1 tcp 5800
ip napt static 192.168.200.1 tcp 5900
ip napt service ssh-trans 192.168.200.1 22 tcp 10022
ip filter nb-block 1 in
ip filter all-forward 65535 in
ip filter all-forward 65535 out
no shutdown
!
# ISP2-PPPoE設定
interface FastEthernet0/0.2
encapsulation pppoe
auto-connect
ppp binding isp_isp1
ip address ipcp
ip tcp adjust-mss auto
ip napt enable
ip napt translation max-entries 25000
ip napt translation max-entries 25000
ip napt static 192.168.200.1 tcp 5800
ip napt static 192.168.200.1 tcp 5900
ip napt service ssh-trans 192.168.200.1 22 tcp 10022
ip filter nb-block 1 in
ip filter all-forward 65535 in
ip filter all-forward 65535 out
no shutdown
!
# フレッツスクエア-PPPoE設定 (未使用)
interface FastEthernet0/0.3
encapsulation pppoe
auto-connect
ppp binding square
ip address ipcp
ip mtu 1454
ip tcp adjust-mss auto
ip napt enable
ip filter nb-block 1 in
ip filter all-forward 65535 in
ip filter all-forward 65535 out
shutdown
!
interface FastEthernet1/0.1
encapsulation pppoe
auto-connect
no ip address
shutdown
!
interface FastEthernet1/0.2
encapsulation pppoe
auto-connect
no ip address
shutdown
!
# VLAN-Group1
interface FastEthernet1/0:1.0
description OPEN-NET
ip address 192.168.100.254/24
ip mtu 1454
ip tcp adjust-mss 1414
ip dhcp binding dhcp_open
ip policy route-map pbr-map
no shutdown
!
# VLAN-Group2
interface FastEthernet1/0:2.0
description LOCAL-NET
ip address 192.168.200.254/24
ip mtu 1454
ip tcp adjust-mss 1414
ip dhcp binding dhcp_local
ip policy route-map pbr-map
no shutdown
!
# VLAN-Group3
interface FastEthernet1/0:3.0
description TECH-NET
ip address 192.168.300.253/24
ip mtu 1454
ip tcp adjust-mss 1414
ip dhcp binding dhcp_tech
ip policy route-map pbr-map
no shutdown
!
interface Loopback0.0
ip address 127.0.0.1/32
!
interface Null0.0
no ip address

Comment PermaLink
top