古董华为3026交换机端口隔离抵御ARP的办法
2017-03-24 09:55
246 查看
校园网内存在一批2005年前后生产的华为交换机,由于近期网络升级采取了DHCP方式下发IP地址,无奈电脑太多,ARP、广播风暴太严重。同一个办公室的电脑只要1人中毒,全办公室都影响。翻阅了百度寻得一法:端口隔离。无奈,交换机太老了居然不支持这些命令。
版本号见下表
<Quidway>dir
Directory of flash:/
-rwxrwxrwx 1 noone nogroup 2897728 Jun 22 2005 16:14:38 S3026CGSSI-VRP310-r0020-203.app
-rwxrwxrwx 1 noone nogroup 442799 Jun 22 2005 16:14:38 wnm2.2.2-0004.zip
-rwxrwxrwx 1 noone nogroup 8 Apr 02 2000 07:55:22 snmpboots
-rwxrwxrwx 1 noone nogroup 3685 Apr 02 2000 21:37:05 vrpcfg.txt
7282688 bytes total (3804160 bytes free)
<Quidway>
百度上寻到的:port isolate、acl 5000 这些命令,这个老交换机都不支持。
无奈下通过实验,用以下办法效果不错。
简易拓扑图如上。
S3026配置命令见下面
#
sysname Quidway
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
#
vlan 1
#
vlan 11
#
vlan 12
#
vlan 13
#
vlan 14
#
vlan 15
#
vlan 16
#
vlan 17
#
vlan 18
#
vlan 19
#
vlan 20
#
vlan 21
#
vlan 22
#
vlan 23
#
vlan 24
#
vlan 25
#
vlan 26
#
vlan 27
#
vlan 28
#
vlan 29
#
vlan 30
#
vlan 31
#
vlan 32
#
vlan 33
#
vlan 34
#
vlan 100
#
vlan 105
#
vlan 1000
#
vlan 2000
#
interface Vlan-interface2000
ip address 192.168.99.2 255.255.255.0
#
interface Aux0/0
#
interface Ethernet0/1
port link-type hybrid
port hybrid vlan 11 1000 untagged
port hybrid pvid vlan 11
#
interface Ethernet0/2
port link-type hybrid
port hybrid vlan 12 1000 untagged
port hybrid pvid vlan 12
#
interface Ethernet0/3
port link-type hybrid
port hybrid vlan 13 1000 untagged
port hybrid pvid vlan 13
#
interface Ethernet0/4
port link-type hybrid
port hybrid vlan 14 1000 untagged
port hybrid pvid vlan 14
#
interface Ethernet0/5
port link-type hybrid
port hybrid vlan 15 1000 untagged
port hybrid pvid vlan 15
#
interface Ethernet0/6
port link-type hybrid
port hybrid vlan 16 1000 untagged
port hybrid pvid vlan 16
#
interface Ethernet0/7
port link-type hybrid
port hybrid vlan 17 1000 untagged
port hybrid pvid vlan 17
#
interface Ethernet0/8
port link-type hybrid
port hybrid vlan 18 1000 untagged
port hybrid pvid vlan 18
#
interface Ethernet0/9
port link-type hybrid
port hybrid vlan 19 1000 untagged
port hybrid pvid vlan 19
#
interface Ethernet0/10
port link-type hybrid
port hybrid vlan 20 1000 untagged
port hybrid pvid vlan 20
#
interface Ethernet0/11
port link-type hybrid
port hybrid vlan 21 1000 untagged
port hybrid pvid vlan 21
#
interface Ethernet0/12
port link-type hybrid
port hybrid vlan 22 1000 untagged
port hybrid pvid vlan 22
#
interface Ethernet0/13
port link-type hybrid
port hybrid vlan 23 1000 untagged
port hybrid pvid vlan 23
#
interface Ethernet0/14
port link-type hybrid
port hybrid vlan 24 1000 untagged
port hybrid pvid vlan 24
#
interface Ethernet0/15
port link-type hybrid
port hybrid vlan 25 1000 untagged
port hybrid pvid vlan 25
#
interface Ethernet0/16
port link-type hybrid
port hybrid vlan 26 1000 untagged
port hybrid pvid vlan 26
#
interface Ethernet0/17
port link-type hybrid
port hybrid vlan 27 1000 untagged
port hybrid pvid vlan 27
#
interface Ethernet0/18
port link-type hybrid
port hybrid vlan 28 1000 untagged
port hybrid pvid vlan 28
#
interface Ethernet0/19
port link-type hybrid
port hybrid vlan 29 1000 untagged
port hybrid pvid vlan 29
#
interface Ethernet0/20
port link-type hybrid
port hybrid vlan 30 1000 untagged
port hybrid pvid vlan 30
#
interface Ethernet0/21
port link-type hybrid
port hybrid vlan 31 1000 untagged
port hybrid pvid vlan 31
#
interface Ethernet0/22
port link-type hybrid
port hybrid vlan 32 105 1000 untagged
port hybrid pvid vlan 32
#
interface Ethernet0/23
port link-type hybrid
port hybrid vlan 11 to 31 1000 untagged
port hybrid pvid vlan 1000
#
interface Ethernet0/24
port access vlan 2000
#
interface GigabitEthernet1/1
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
#
return
[Quidway]
版本号见下表
<Quidway>dir
Directory of flash:/
-rwxrwxrwx 1 noone nogroup 2897728 Jun 22 2005 16:14:38 S3026CGSSI-VRP310-r0020-203.app
-rwxrwxrwx 1 noone nogroup 442799 Jun 22 2005 16:14:38 wnm2.2.2-0004.zip
-rwxrwxrwx 1 noone nogroup 8 Apr 02 2000 07:55:22 snmpboots
-rwxrwxrwx 1 noone nogroup 3685 Apr 02 2000 21:37:05 vrpcfg.txt
7282688 bytes total (3804160 bytes free)
<Quidway>
百度上寻到的:port isolate、acl 5000 这些命令,这个老交换机都不支持。
无奈下通过实验,用以下办法效果不错。
简易拓扑图如上。
S3026配置命令见下面
#
sysname Quidway
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
#
vlan 1
#
vlan 11
#
vlan 12
#
vlan 13
#
vlan 14
#
vlan 15
#
vlan 16
#
vlan 17
#
vlan 18
#
vlan 19
#
vlan 20
#
vlan 21
#
vlan 22
#
vlan 23
#
vlan 24
#
vlan 25
#
vlan 26
#
vlan 27
#
vlan 28
#
vlan 29
#
vlan 30
#
vlan 31
#
vlan 32
#
vlan 33
#
vlan 34
#
vlan 100
#
vlan 105
#
vlan 1000
#
vlan 2000
#
interface Vlan-interface2000
ip address 192.168.99.2 255.255.255.0
#
interface Aux0/0
#
interface Ethernet0/1
port link-type hybrid
port hybrid vlan 11 1000 untagged
port hybrid pvid vlan 11
#
interface Ethernet0/2
port link-type hybrid
port hybrid vlan 12 1000 untagged
port hybrid pvid vlan 12
#
interface Ethernet0/3
port link-type hybrid
port hybrid vlan 13 1000 untagged
port hybrid pvid vlan 13
#
interface Ethernet0/4
port link-type hybrid
port hybrid vlan 14 1000 untagged
port hybrid pvid vlan 14
#
interface Ethernet0/5
port link-type hybrid
port hybrid vlan 15 1000 untagged
port hybrid pvid vlan 15
#
interface Ethernet0/6
port link-type hybrid
port hybrid vlan 16 1000 untagged
port hybrid pvid vlan 16
#
interface Ethernet0/7
port link-type hybrid
port hybrid vlan 17 1000 untagged
port hybrid pvid vlan 17
#
interface Ethernet0/8
port link-type hybrid
port hybrid vlan 18 1000 untagged
port hybrid pvid vlan 18
#
interface Ethernet0/9
port link-type hybrid
port hybrid vlan 19 1000 untagged
port hybrid pvid vlan 19
#
interface Ethernet0/10
port link-type hybrid
port hybrid vlan 20 1000 untagged
port hybrid pvid vlan 20
#
interface Ethernet0/11
port link-type hybrid
port hybrid vlan 21 1000 untagged
port hybrid pvid vlan 21
#
interface Ethernet0/12
port link-type hybrid
port hybrid vlan 22 1000 untagged
port hybrid pvid vlan 22
#
interface Ethernet0/13
port link-type hybrid
port hybrid vlan 23 1000 untagged
port hybrid pvid vlan 23
#
interface Ethernet0/14
port link-type hybrid
port hybrid vlan 24 1000 untagged
port hybrid pvid vlan 24
#
interface Ethernet0/15
port link-type hybrid
port hybrid vlan 25 1000 untagged
port hybrid pvid vlan 25
#
interface Ethernet0/16
port link-type hybrid
port hybrid vlan 26 1000 untagged
port hybrid pvid vlan 26
#
interface Ethernet0/17
port link-type hybrid
port hybrid vlan 27 1000 untagged
port hybrid pvid vlan 27
#
interface Ethernet0/18
port link-type hybrid
port hybrid vlan 28 1000 untagged
port hybrid pvid vlan 28
#
interface Ethernet0/19
port link-type hybrid
port hybrid vlan 29 1000 untagged
port hybrid pvid vlan 29
#
interface Ethernet0/20
port link-type hybrid
port hybrid vlan 30 1000 untagged
port hybrid pvid vlan 30
#
interface Ethernet0/21
port link-type hybrid
port hybrid vlan 31 1000 untagged
port hybrid pvid vlan 31
#
interface Ethernet0/22
port link-type hybrid
port hybrid vlan 32 105 1000 untagged
port hybrid pvid vlan 32
#
interface Ethernet0/23
port link-type hybrid
port hybrid vlan 11 to 31 1000 untagged
port hybrid pvid vlan 1000
#
interface Ethernet0/24
port access vlan 2000
#
interface GigabitEthernet1/1
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
#
return
[Quidway]
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 华为设备上的安全技术总结之arp和端口隔离
- 华为5648交换机端口镜像
- 交换机VLAN的配置——交换机VLAN端口隔离
- 交换机端口隔离技术应用
- 交换机端口隔离技术应用
- 配置交换机端口聚合(思科、华为、锐捷)
- 配置交换机端口聚合(思科、华为、锐捷)
- 交换机端口隔离功能的使用意义
- 交换机端口隔离技术
- 华为H3C接入交换机端口绑定基本配置
- 华为新版交换机端口配置由TRUNK改为ACCESS
- 交换机端口隔离
- 关于华为各种型号交换机端口镜像配置方法总结
- 华为各种型号交换机端口镜像配置方法总结
- 华为7506交换机端口镜像
- 交换机端口隔离技术应用
- 华为交换机端口镜像配置
- 华为3026交换机流量监控配置单
- 交换机端口隔离
- 华为7506交换机端口镜像