管理锐捷S21系列交换机常用的命令及处理常见故障的方法
(V1.0)
华南区客户支援中心
2005年10月23日
出发点
为了进一步提高中小学网管老师对我司网络设备S21系列交换机的操作能力和处理一些常见网络故障的能力,同时也可间接提高我司工程师技术支持的效率,特撰写这篇文档.
版本说明
1.0
包括对交换机常用的配置及查看命令
1.1
增加基于802.1x认证的配置命令
2.0
升级IOS操作文档
目 录
S21系列交换机常用配置的命令
给交换机(堆叠组)命名,便于记忆,可提高后期管理效率
示例1:switch#c onfig
switch(config)#hostname S2150G //S2150G为该交换机(堆叠组)的名字
给交换机(堆叠组)配置管理密码
示例2:S2150G(config)#enable secret level 1 0 rg //配置telnet管理密码为rg
S2150G(config)#enable secret level 15 0 rg //配置特权模式下的管理密码rg
给交换机(堆叠组)配置管理IP
示例3:S2150G(config)#interface vlan 1 //假设管理VLAN为VLAN 1
S2150G(config-if)#ip address 192.168.1.1 255.255.255.0 //给管理VLAN配置管理IP地址
S2150G(config-if)#no shutdown //激活管理IP
S2150G(config-if)#shutdown //关闭管理IP
给交换机(堆叠组)配置网关
示例4:S2150G(config)#ip default-gateway 192.168.1.254 //假设网关地址为192.168.1.254
给交换机划分VLAN
示例5:S2150G(config)#vlan 100 //建立VLAN 100
S2150G(config)#name Student_A_4 //该VLAN是学生宿舍A栋4楼的用户VLAN
将交换机接口划入VLAN 100中
示例6:S2150G(config)#interface range f 1/0/1-48,2/0/1-48
S2150G(config-if-range)#switchport access vlan 100
S2150G(config-if-range)#no switchport access vlan //将接口划到默认VLAN 1中
建立安全访问控制列表(ACL)
示例7:S2150G(config)#ip access-list extended myAcl //给ACL命名为myAcl
S2150G(config-ext-nacl)#deny tcp any any eq 445
S2150G(config-ext-nacl)#deny udp any any eq 445
S2150G(config-ext-nacl)#deny tcp any any eq 135
S2150G(config-ext-nacl)#deny tcp any any eq 136
S2150G(config-ext-nacl)#deny tcp any any eq 137
S2150G(config-ext-nacl)#deny tcp any any eq 138
S2150G(config-ext-nacl)#deny tcp any any eq 139
S2150G(config-ext-nacl)#deny udp any any eq netbios-ss
S2150G(config-ext-nacl)#deny udp any any eq netbios-dgm
S2150G(config-ext-nacl)#deny udp any any eq netbios-ns
S2150G(config-ext-nacl)#deny udp any any eq 136
S2150G(config-ext-nacl)#deny udp any any eq 135
S2150G(config-ext-nacl)#permit ip any any
S2150G(config)#no ip access-list extended myAcl //去除myAcl的定义
将安全访问控制列表(ACL)应用到具体的接口上
示例8:S2150G(config)#interface range f 1/0/1-48,2/0/1-48
S2150G(config-if-range)#ip access-group myAcl in
S2150G(config-if-range)#no ip access-group myAcl in //从接口去除ACL
将接口工作模式定义为Trunk
示例9:S2150G(config) #interface gigabitEthernet 1/0/1 //假设堆叠组的上联光纤口为1/0/1
S2150G(config-if)#switchport mode trunk //将该接口工作模式定义为Trunk
S2150G(config-if)#no switchport mode //将该接口工作模式定义为Access
10,为防止物理环路的出现,在S21上启动STP/RSTP/MSTP协议
示例10:S2150G(config)#spanning-tree
S2150G(config)#spanning-tree mode RSTP //以RSTP为例
11,S21系列交换机直连PC或者HUB时,将该接口设置为portfast
示例11:S2150G(config)#interface range f 1/0/1-48
S2150G(config-if-range)#spanning-tree portfast
12,将上联光纤口启动过滤Bpdu报文功能,提高网络的稳定性
示例12:S2150G(config)#interface gigabitEthernet 1/0/1
S2150G(config-if) #spanning-tree bpdufilter enabled
S2150G(config-if)#spanning-tree bpdufilter disabled //禁用Bpdu过滤功能
13,给交换机启动SNMP协议,便于StarView网管工具发现
示例13:S2150G(config) #snmp-server community public ro
S21交换机常用的查看命令
1,show version //查看交换机硬件,软件信息
Student_dormitory_B#sh verison
System description : Red-Giant Gigabit Stacking Intelligent
Switch(S2126G/S2150G) By Ruijie Network
System uptime : 0d:3h:39m:6s
System hardware version : 3.2 //硬件版本信息
System software version : 1.61(4) Build Sep 9 2005 Release //IOS版本信息
System BOOT version : RG-S2126G-BOOT 03-02-02 //BOOT层版本信息
System CTRL version : RG-S2126G-CTRL 03-08-02 //CTRL版本信息
Running Switching Image : Layer2
2,show version slots //查看交换机插槽信息
Student_dormitory_B#show version slots
Device Slot Ports Max Ports Module
------- ---- ------ ---------- -------------------------------
1 0 48 48 S2150G_Static_Module
1 1 1 1 M2121S-1000Base-SX
1 2 0 1 M2131-Stack_Module
2 0 48 48 S2150G_Static_Module
2 1 0 1
2 2 0 1 M2131-Stack_Module
3 0 24 24 S2126G_Static_Module
3 1 0 1
3 2 0 1 M2131-Stack_Module
3,show running-config //查看当前交换机运行的配置文件
(略...)
4,show member //查看交换机堆叠是否启效
Student_dormitory_B#show member
member MAC address priority alias SWVer HWVer
------ ---------------- -------- -------------------------------- ----- -----
1 00d0.f8d9.f0ba 10 1.61 3.2
2 00d0.f8d9.f2ef 1 1.61 3.2
3 00d0.f8ff.d38e 1 1.61 3.3
5,查看交换机VLAN信息
Student_dormitory_B#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1/1
21 Student_dormitory_B_vlan active Fa1/0/1,Fa1/0/2,Fa1/0/3
Fa1/0/4,Fa1/0/5,Fa1/0/6
Fa1/0/7,Fa1/0/8,Fa1/0/9
Fa1/0/10,Fa1/0/11,Fa1/0/12
Fa1/0/13,Fa1/0/14,Fa1/0/15
Fa1/0/16,Fa1/0/17,Fa1/0/18
Fa1/0/19,Fa1/0/20,Fa1/0/21
Fa1/0/22,Fa1/0/23,Fa1/0/24
Fa1/0/25,Fa1/0/26,Fa1/0/27
Fa1/0/28,Fa1/0/29,Fa1/0/30
Fa1/0/31,Fa1/0/32,Fa1/0/33
Fa1/0/34,Fa1/0/35,Fa1/0/36
Fa1/0/37,Fa1/0/38,Fa1/0/39
Fa1/0/40,Fa1/0/41,Fa1/0/42
Fa1/0/43,Fa1/0/44,Fa1/0/45
Fa1/0/46,Fa1/0/47,Fa1/0/48
Gi1/1/1,Fa2/0/1,Fa2/0/2
--More--
6,show interface switchport //查看交换机各接口工作模式
Student_dormitory_B#show interfaces switchport
Interface Switchport Mode Access Native Protected VLAN lists
---------- ---------- --------- ------- -------- --------- --------------------
Fa1/0/1 Enabled Access 21 1 Disabled All
Fa1/0/2 Enabled Access 21 1 Disabled All
Fa1/0/3 Enabled Access 21 1 Disabled All
Fa1/0/4 Enabled Access 21 1 Disabled All
Fa1/0/5 Enabled Access 21 1 Disabled All
Fa1/0/6 Enabled Access 21 1 Disabled All
Fa1/0/7 Enabled Access 21 1 Disabled All
Fa1/0/8 Enabled Access 21 1 Disabled All
Fa1/0/9 Enabled Access 21 1 Disabled All
Fa1/0/10 Enabled Access 21 1 Disabled All
Fa1/0/11 Enabled Access 21 1 Disabled All
--More—
Gi1/1/1 Enabled Trunk 1 1 Disabled All //Trunk模式
7,show mac-address-table dynamic //查看交换机动态学习到的MAC地址数
Student_dormitory_B#show mac-address-table dynamic
Vlan MAC Address Type Interface
---------- -------------------- -------- -------------------
1 00d0.f8ba.6001 DYNAMIC Gi1/1/1
21 0020.ed42.b02e DYNAMIC Fa1/0/19
21 00d0.f8ba.6007 DYNAMIC Gi1/1/1
8,show spanning-tree //查看spanning-tree信息
Student_dormitory_B#show spanning-tree
StpVersion : RSTP //spanning-tree模式
SysStpStatus : Enabled //spanning-tree工作状态为Enabled
BaseNumPorts : 121
MaxAge : 20
HelloTime : 2
ForwardDelay : 15
BridgeMaxAge : 20
BridgeHelloTime : 2
BridgeForwardDelay : 15
MaxHops : 20
TxHoldCount : 3
PathCostMethod : Long
BPDUGuard : Disabled
BPDUFilter : Disabled
BridgeAddr : 00d0.f8d9.f0bb
Priority : 32768
TimeSinceTopologyChange : 0d:3h:55m:8s
TopologyChanges : 0
DesignatedRoot : 800000D0F8D9F0BB
RootCost : 0
RootPort : 0
9,show spanning-tree interface gigabitEthernet 1/1/1 //查看接口spanning-tree状态
Student_dormitory_B#show spanning-tree interface gigabitEthernet 1/1/1
PortAdminPortfast : Disabled
PortOperPortfast : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard: Disabled
PortBPDUFilter: Enabled //接口过滤Bpdu报文
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 800000D0F8D9F0BB
PortDesignatedCost : 0
PortDesignatedBridge : 800000D0F8D9F0BB
PortDesignatedPort : 8031
PortForwardTransitions : 0
PortAdminPathCost : 0
PortOperPathCost : 20000
PortRole : designatedPort //接口工作角色
10,show clock //查看交换机时钟
Student_dormitory_B#show clock
System clock : 2005-10-23 15:29:14 Sunday
11,show logging //查看交换机日志
Student_dormitory_B#show logging
Syslog logging: Enabled
Console logging: Enabled(debugging)
Monitor logging: Disabled
Buffer logging: Enabled(debugging)
Server logging severity: debugging
File logging: Disabled
Logging history:
2005-10-23 11:26:36 @5-COLDSTART:System coldstart
2005-10-23 11:26:36 @5-LINKUPDOWN:Fa2/0/34 changed state to up
2005-10-23 11:26:37 @5-LINKUPDOWN:Fa1/0/19 changed state to up
2005-10-23 11:26:37 @5-LINKUPDOWN:Gi1/1/1 changed state to up
2005-10-23 11:26:37 @4-TOPOCHANGE:Topology is changed
12,show cpu //查看CPU利用率
Student_dormitory_B#show cpu
CPU utilization for five seconds: 3%
CPU utilization for one minute : 6%
CPU utilization for five minutes: 6% | 
站点公告
