码迷,mamicode.com
首页 > 其他好文 > 详细

H3C TE老版本OSPF正确配置

时间:2014-07-13 22:11:00      阅读:714      评论:0      收藏:0      [点我收藏+]

标签:des   http   os   width   cti   io   

R1配置:

----------------------------------------------------

#
 sysname RT1
#
 super password level 3 cipher H`‘>T.,>(V@X!X<]K3BK;Q!!
#
 ike local-name zb
#
 domain default enable system
#
 telnet server enable
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 port-security enable
#
acl number 2008
 rule 0 permit source 192.168.0.0 0.0.0.255
acl number 2030
 rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
ike peer fb     
 exchange-mode aggressive
 pre-shared-key simple h3c
 id-type name   
 remote-name fb
#               
ipsec proposal 1
#               
ipsec policy-template huawei 1
 ike-peer fb    
 proposal 1     
#               
ipsec policy h3c 1 isakmp template huawei
#               
user-group system
 group-attribute allow-guest
#               
local-user telnet
 password simple telnet
 authorization-attribute level 2
 service-type telnet
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
ospf 1 router-id 192.168.255.1
 default-route-advertise
 import-route static route-policy fk
 area 0.0.0.0   
  network 192.168.255.1 0.0.0.0
  network 10.255.111.1 0.0.0.0
  network 10.255.12.1 0.0.0.0
#               
rip 1           
 undo summary   
 version 2      
 network 10.0.0.0
 silent-interface Ethernet0/2
 silent-interface Ethernet0/0
 filter-policy ip-prefix filter export
 import-route static route-policy bt
#               
route-policy bt permit node 10
 if-match ip-prefix bt
route-policy fk permit node 10
 if-match ip-prefix fk
#               
 ip ip-prefix bt index 10 permit 192.168.0.0 19
 ip ip-prefix bt index 20 permit 10.0.0.0 11
 ip ip-prefix fk index 10 permit 192.168.96.0 19
 ip ip-prefix fk index 20 permit 10.101.0.0 19
 ip ip-prefix filter index 10 deny 192.168.96.0 19 less-equal 32
 ip ip-prefix filter index 20 permit 0.0.0.0 0 less-equal 32
#               
 ip route-static 0.0.0.0 0.0.0.0 61.67.1.2
 ip route-static 10.0.0.0 255.224.0.0 NULL0
 ip route-static 10.101.0.0 255.255.224.0 NULL0
 ip route-static 192.168.0.0 255.255.224.0 NULL0
 ip route-static 192.168.96.0 255.255.224.0 NULL0
#               
 undo info-center source default channel 2
 undo info-center source default channel 9
#               
 snmp-agent     
 snmp-agent local-engineid 800063A2030023892DAB30
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 undo snmp-agent trap enable voice dial
 snmp-agent trap source LoopBack0
#               
 nat static 10.1.0.100 100.0.0.100
#               
 nms primary monitor-interface Ethernet0/0
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 user privilege level 2
 idle-timeout 0 0
 protocol inbound telnet
#               
return         

R2配置:

----------------------------------------------------------------

#
 sysname RT2
#
 super password level 3 cipher $c$3$wUlzmVkRd1JQb+mPCZSg7KXL6nkENfjwROXQFg==
#
#
 domain default enable system
#
 telnet server enable
#
 ip ttl-expires enable
 ip unreachables enable
#
 dar p2p signature-file cfa0:/p2p_default.mtd
#
 port-security enable
#
 undo ip http enable
#
 password-recovery enable
#
acl number 2030
 rule 0 permit source 192.168.200.1 0
#               
acl number 3000
 rule 0 permit ip source 192.168.0.0 0.0.0.255 destination 192.168.0.0 0.0.31.255
#               
vlan 1          
#               
domain system   
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
traffic classifier oa operator and
 if-match acl 3000
#               
traffic behavior oa
 queue af bandwidth 1500
#               
qos policy h3c  
 classifier oa behavior oa
#               
user-group system
 group-attribute allow-guest
#               
local-user rt2  
 password cipher $c$3$mnEYQyPWbQ4cubJP5HnyP+IsCzivSg==
 service-type ppp
local-user telnet
 password cipher $c$3$cospwisuMw1xXMmseocl/GLrIkBBi7RnWQ==
 authorization-attribute level 2
 service-type telnet
#               
ospf 1 router-id 192.168.255.2
 area 0.0.0.0   
  network 192.168.255.2 0.0.0.0
  network 10.255.122.1 0.0.0.0
  network 10.255.12.2 0.0.0.0
 area 0.0.0.1   
  network 10.255.25.2 0.0.0.0
#               
 snmp-agent     
 snmp-agent local-engineid 800063A203000FE2E51B36
 snmp-agent community read h3c-read
 snmp-agent sys-info version v2c v3
 snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
 snmp-agent trap source LoopBack0
#               
 load xml-configuration
#               
user-interface con 0
user-interface tty 13
user-interface aux 0
user-interface vty 0 4
 acl 2030 inbound
 authentication-mode scheme
 user privilege level 2
 idle-timeout 0 0
 protocol inbound telnet
#               
return         

R3配置

----------------------------------------------------

#
 sysname RT3
#
 super password level 3 cipher H`‘>T.,>(V@X!X<]K3BK;Q!!
#
 ike local-name fb
#
 domain default enable system
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 lldp enable
#
acl number 2000
 rule 0 permit source 192.168.96.0 0.0.31.255
#
acl number 3000
 rule 0 permit ip source 192.168.255.3 0 destination 192.168.255.1 0
#
vlan 1
#
domain system
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
ike proposal 1  
#               
ike peer rt1    
 exchange-mode aggressive
 pre-shared-key simple h3c
 id-type name   
 remote-name zb
 remote-address 61.67.1.1
#               
ipsec proposal 1
#               
ipsec policy h3c 1 isakmp
 security acl 3000
 ike-peer rt1   
 proposal 1     
#               
user-group system
 group-attribute allow-guest
#               
local-user useradmin
 authorization-attribute level 2
#               
wlan rrm        
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#               
attack-defense policy 1
#               
rip 1           
 undo summary   
 version 2      
 network 10.0.0.0
 network 192.168.101.0
 network 192.168.110.0
#               
policy-based-route Ethernet0/0 permit node 0
   if-match acl 2000
   apply output-interface Ethernet0/0
#               
policy-based-route Ethernet0/2 permit node 0
   if-match acl 2000
#               
policy-based-route Ethernet0/1 permit node 0
   if-match acl 2000
#               
 ip route-static 0.0.0.0 0.0.0.0 64.67.1.2
#               
 undo info-center source default channel 2
 undo info-center source default channel 9
#               
 nms primary monitor-interface Ethernet0/0
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 12
user-interface aux 0
 user privilege level 2
 idle-timeout 0 0
user-interface vty 0 4
#               
return         

R4配置:

-------------------------------------------------------------

#
 version 5.20, Release 1618P13, Basic
#
 sysname RT4
#
 super password level 3 cipher H`‘>T.,>(V@X!X<]K3BK;Q!!
#
 ipsec cpu-backup enable
#
 undo cryptoengine enable
#
 domain default enable system
#
acl number 3000
 rule 0 permit ip source 192.168.0.0 0.0.31.255 destination 192.168.0.0 0.0.0.255
#
vlan 1
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#               
traffic classifier oa operator and
 if-match acl 3000
#               
traffic behavior oa
 queue af bandwidth 1500
#               
qos policy h3c  
 classifier oa behavior oa
#               
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 service-type telnet
 level 3        
local-user rt4  
 password simple rt4
 service-type ppp
#               
interface Aux0  
 async mode flow
 link-protocol ppp
#               
interface Ethernet0/0
 port link-mode route
#               
interface Ethernet0/1
 port link-mode route
#               
interface Ethernet0/1.10
 vlan-type dot1q vid 10
 ip address 192.168.11.254 255.255.255.0
#               
interface Ethernet0/1.20
 vlan-type dot1q vid 20
 ip address 10.11.0.254 255.255.0.0
#               
interface Serial1/0
 virtualbaudrate 2048000
 link-protocol ppp
 ppp authentication-mode chap
 ppp chap user rt2
 ppp chap password simple rt2
 ip address 10.255.25.1 255.255.255.252
 qos apply policy h3c outbound
#               
interface Serial2/0
 link-protocol ppp
 ppp authentication-mode chap
 ppp chap user rt2
 ppp chap password simple rt2
 ppp mp Mp-group 1
 shutdown       
#               
interface NULL0
#               
interface LoopBack0
 ip address 192.168.255.4 255.255.255.255
#               
interface LoopBack10
 ip address 192.168.20.1 255.255.255.255
#               
interface LoopBack20
 ip address 10.20.0.1 255.255.255.255
#               
ospf 1 router-id 192.168.255.4
 filter-policy ip-prefix filter import
 area 0.0.0.1   
  network 192.168.255.4 0.0.0.0
  network 10.255.25.1 0.0.0.0
  network 10.11.0.0 0.0.255.255
  network 10.20.0.0 0.0.255.255
  network 192.168.11.0 0.0.0.255
  network 192.168.20.0 0.0.0.255
#               
 ip ip-prefix filter index 10 deny 192.168.96.0 19
 ip ip-prefix filter index 20 permit 0.0.0.0 0 less-equal 32
#               
user-interface con 0
 user privilege level 2
user-interface aux 0
user-interface vty 0 4
#               
return          
R5配置

-------------------------------------------------------

#
 sysname RT5
#
 super password level 3 cipher H`‘>T.,>(V@X!X<]K3BK;Q!!
#
 ike local-name fb
#
 domain default enable system
#
 ip host h 1.1.1.1
#
 telnet server enable
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 port-security enable
#
acl number 2000
 rule 0 permit source 192.168.0.0 0.0.31.255
#
acl number 3000
 rule 0 permit ip source 192.168.255.5 0 destination 192.168.255.1 0
#
vlan 1          
#               
domain system   
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
ike proposal 1  
#               
ike peer rt1    
 exchange-mode aggressive
 pre-shared-key simple h3c
 id-type name   
 remote-name zb
 remote-address 61.67.1.1
#               
ipsec proposal 1
#               
ipsec policy h3c 1 isakmp
 security acl 3000
 ike-peer rt1   
 proposal 1     
#               
user-group system
 group-attribute allow-guest
#               
local-user admin
 password cipher .]@USE=B,53Q=^Q`MAF4<1!!
 authorization-attribute level 3
 service-type telnet
#               
cwmp            
 undo cwmp enable
#               
rip 1           
 undo summary   
 version 2      
 network 10.0.0.0
 network 192.168.111.0
 network 192.168.120.0
#               
#               
voice-setup     
 #              
 sip            
 #              
 sip-server     
  #             
  call-rule-set
  #             
  call-route    
 #              
 dial-program   
  default entity fax protocol standard-t38
  default entity fax protocol standard-t38 hb-redundancy 0
  default entity fax protocol standard-t38 lb-redundancy 0
 #              
 aaa-client     
 #              
 gk-client      
#               
 ip route-static 0.0.0.0 0.0.0.0 202.112.1.2
#               
 load xml-configuration
#               
 load tr069-configuration
#               
user-interface tty 16
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2001
user-interface tty 17
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2002
user-interface tty 18
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2003
user-interface tty 19
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2004
user-interface tty 20
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2005
user-interface tty 21
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2006
user-interface tty 22
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2007
user-interface tty 23
 undo shell     
 idle-timeout 0 0
 flow-control none
 redirect enable
 redirect return-deal from-telnet
 undo redirect timeout
 redirect listen-port 2008
user-interface aux 0
 user privilege level 2
 idle-timeout 0 0
user-interface vty 0 4
 user privilege level 2
 set authentication password simple h3cte
 idle-timeout 0 0
#               
return         

SW1配置:

--------------------------------------------------------------

#
 sysname SW1
#
 super password level 3 cipher $c$3$gFoSXX5isPm6ROe6dVr4T0fdLKNjaroPWwBHyg==
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 40
#
domain system   
 access-limit disable
 state active   
 idle-cut disable
 self-service-url disable
#               
user-group system
#               
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root primary
 stp instance 1 root primary
 stp instance 2 root secondary
 stp enable     
#               
ospf 1 router-id 192.168.255.11
 silent-interface Vlan-interface10
 silent-interface Vlan-interface20
 area 0.0.0.0   
  network 192.168.255.11 0.0.0.0
  network 192.168.0.0 0.0.0.255
  network 10.1.0.0 0.0.255.255
  network 10.255.111.2 0.0.0.0
  network 10.255.212.1 0.0.0.0
#               
user-interface aux 0
user-interface vty 0 4
#               
return         

SW2配置:

----------------------------------------------------------

#
 sysname SW2
#
 super password level 3 cipher $c$3$qjfU6akF+IsLNBE31R8g5dya/LHcgc0ERcbrQw==
#
 domain default enable system
#
 burst-mode enable
#
 undo ip http enable
#
 password-recovery enable
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
#
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
 stp instance 0 root primary
 stp instance 1 root secondary
 stp instance 2 root primary
 stp enable     
#               
ospf 1 router-id 192.168.255.12
 silent-interface Vlan-interface10
 silent-interface Vlan-interface20
 area 0.0.0.0   
  network 192.168.255.12 0.0.0.0
  network 192.168.0.0 0.0.0.255
  network 10.1.0.0 0.0.255.255
  network 10.255.122.2 0.0.0.0
  network 10.255.212.2 0.0.0.0
#               
user-interface aux 0
user-interface vty 0 4
#               
return         

SW3配置:

-----------------------------------------------------

#
 sysname SW3
#
 super password level 3 cipher H`‘>T.,>(V@X!X<]K3BK;Q!!
#
 domain default enable system
#
 telnet server enable
#
vlan 1
#
vlan 10
#
vlan 20
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
#
 stp bpdu-protection
 stp enable     
stp region-configuration
 region-name h3c
 instance 1 vlan 10
 instance 2 vlan 20
 active region-configuration
#               
user-interface aux 0
user-interface vty 0 4
#               
return         

H3C TE老版本OSPF正确配置,布布扣,bubuko.com

H3C TE老版本OSPF正确配置

标签:des   http   os   width   cti   io   

原文地址:http://www.cnblogs.com/networking/p/3840586.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!