#spanning-tree vlan vlan-list启用生成树命令
spanning-tree vlan vlan-list priority Bridge-priority指定根网桥
spanning-tree vlan vlan-list root { primary | secondary }
spanning-tree vlan vlan-list cost cost修改端口成本
spanning-tree vlan vlan-list port-priority priority修改端口优先级
spanning-tree portfast配置速端口
#show spanning-tree查看生成树的配置
#show spanning-tree vlan vlan-id detail查看某个VLAN的生成树详细信息
19.配置HSRP热备份路由选择协议:
R5(config)#inter vlan 10
R5(config-if)#standby 2 ip 192.168.10.1 虚拟ip地址
R5(config-if)#standby 2 preempt 配置占先权
R5(config-if)#standby 2 priority 150 优先级
R5(config-if)#standby 2 track fastEthernet 1/0 跟踪口
R5(config-if)#standby 2 track fastEthernet 1/1
R5(config-if)#inter vlan 20
R5(config-if)#standby 3 ip 192.168.20.1 配置 vlan20的 虚���网关
R5(config-if)#standby 3 preempt 配置占先权
R5(config-if)#standby 3 priority 145 优先级
R5(config-if)#ex
R5(config)#inter f1/1
R5(config-if)#switchport mode trunk 中继口
R5(config-if)#switchport trunk encapsulation dot1q
R5(config)#spanning-tree vlan 10 root primary 负载均衡
R5(config)#spanning-tree vlan 20 root secondary
路由器:
20.复用路由器外部接口地址:
Router(config)#access-list 1 permit 192.168.100.0 0.0.0.255
Router(config)#ip nat inside source list 1 int f0/1
Router(config)#int f0/0
Router(config-if)#ip nat inside
Router(config)#int f0/1
Router(config-if)#ip nat outside
21.查看NAT配置
Router#show ip nat translations
Router#show ip nat statistics
Router#show ip nat translations verbose
动态条目的保存时间:默认 USP 5分钟 DNS 1分钟 TCP 24小时 结束和复位(TCP的链接的结束和复位包) 1分钟
Router(config)#ip nat translation dns-timeout 30 /icmp/tcp/udp/finrst/syn seconds/never
Router(config)#clear ip nat translation *
Router(config)#clear ip nat translation inside 192.168.1.1 162.152.8.8
Router(config)#clear ip nat translation outside 192.168.1.1 162.152.8.8
Router#debug ip nat
Router(config)#ip nat translation tcp-timeout 500
Router(config)#ip nat translation udp-timeout 30
Router(config)#ip nat translation dns-timeout 30
Router(config)#ip nat translation icmp-timeout 30
Router(config)#ip nat translation finrst-timeout 30
Router(config)#ip nat translation syn-timeout 30
Router#show ip nat translation
Router#clear ip nat translation *
Router#clear ip nat translation inside 172.18.3.2
Router#clear ip nat translation outside 192.168.1.10
Router#show ip nat statistics
Router#clear ip nat statistics
ip nat inside source static tcp 192.168.1.2 80 211.82.20.129 80 //定义web服务器的静态端口转换
22.备份与恢复
#通过TFTP升级cisco路由和交换设备ISO
copy tftp flash
#备份ISO
copy flash: tftp
#备份配置文件
copy running-config tftp
#恢复配置文件
copy tftp running-config
23.ACL访问控制列表
#标准访问控制列表建立:
access-list 1 permit/deny 192.168.1.0 0.0.0.255 #建立控制列表
ip access-group 1 in/out #将acl应用到接口
no access-list 1 #删除ACL控制列表
no ip access-group 1 in/out #取消接口上的ACL应用
#扩展访问控制列表
access-list 101 tcp 192.168.1.0 0.0.0.255 host 10.0.0.1 eq 80
ip access-group 101 in/out #应用到接口
no access-list 101 #删除ACL
no ip access-group 101 in/out #取消接口上的ACL应用
#命名访问控制列表
ip access-list standard/extended test
1 permit/deny ip host 192.168.0.1 host 10.0.1.1 eq 3306
no access-group standard/extended test #删除整个ACL组
no 10 #删除组中单一的语句
show access-lists #查看ACL
Linux公社的RSS地址:https://www.linuxidc.com/rssFeed.aspx