寫寫筆記

STP Port的狀態 Forwarding 可以收發Data Frames 可以收發BBPDUs Blocking 不 可以收發Data Frames 可以收發BBPDUs Disabled 未參與STP的運作 Broadcast storms Multiple frame transmission MAC Database instability --------------------------------------------------- Spanning-Tree 預防LOOP協定 , 標準為802.1D --------------------------------------------------- 角色選擇 1.先選擇Root Bridge(Bridge ID較低者),剩下的則為Nonroot Bridge *若平手比Base Mac,可用Show version指令查詢 *只有Root Bridge會發BPDU 2.每一台Nonroot Bridge一定要選出一個Root Port RP為離Root Bridge的最佳路徑 RP狀態為Forwarding 選擇方式為: 　*Tootal Path Cost: (Path Cost:10G=2,1G=4,100M=19,10M=100) 　*Port ID    3.每個Segment(兩個Switch Port對接的線路)要選出一個Designated Port DP 發送BPDU DP狀態為Forwarding 選擇方式為: 　*Sending Path Cost 　*Bridge ID 　*Port ID 4.剩下的則為Nondesignated Port NDP為其他未指派角色的Ports NDP狀態為Blocking --------------------------------------------------- BPDU(Bridge Protocol Data Unit) 預設每2秒傳送 Bridge ID=Bridge Priority(預設32768),MAC Address(Base Mac Address) ----------------------------

==基礎設定== Switch> enable Switch# configure terminal Enter configuration commands, one per line.  End with CNTL/Z. sw02(config)# hostname sw02 sw02(config)# line console 0 sw02(config-line)# exec-timeout 0 sw02(config-line)# logging synchronous sw02(config-line)# exit sw02(config)# no ip domain-lookup sw02(config)# interface vlan 1 sw02(config-if)# ip address 10.0.1.106 255.255.255.0 sw02(config-if)# no shutdown 00:19:32: %LINK-3-UPDOWN: Interface Vlan1, changed state to up 00:19:33: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up sw02(config-if)# exit sw02(config)# line console 0 sw02(config-line)# password cisco sw02(config-line)# login sw02(config-line)# exit sw02(config)# enable password cisco sw02(config)# enable secret cisco3 sw02(config)# username ciscouser password ciscopassword sw02(config)# ip domain-name www.cisco.com sw02(config)# crypto key generate rsa The name for the keys will be: sw02.www.cisco.com Choose the si

Basic Frame Relay ------------------------------------------------------------------------------------ Router-1#configure terminal Enter configuration commands, one per line.  End with CNTL/Z. Router-1(config)#interface serial 1/0 Router-1(config-if)#no shutdown %LINK-5-CHANGED: Interface Serial1/0, changed state to up Router-1(config-if)#ip address 10.1.1.1 255.255.255.0 Router-1(config-if)#encapsulation frame-relay %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up Router-1(config-if)#frame-relay map ip 10.1.1.2 100 (Remote IP , Local DLCI) Router-1#show frame-relay map Serial1/0 (up): ip 10.1.1.2 dlci 100, static, CISCO, status defined, active Subinterface Point to Point -------------------------------------------------------------------------------------- Router-3(config)#interface serial 1/0 Router-3(config-if)#no shutdown %LINK-5-CHANGED: Interface Serial1/0, changed state to up Router-3(config-if)#encapsulation frame-relay

Unicast Global ==> 2000::/3 (目前只開放2或3帶頭) Unique Local==> FD帶頭 Link-Local==> FE80帶頭 Local Loopback==>::1/128 Unspecified==>::/128 MultiCast FF帶頭 AnyCast 與Unicast共用 EUI-64 產生方式 更多介紹

Static NAT ============================================== Router(config-if)#ip address 10.1.1.1 255.255.255.0 Router(config-if)#interface fa 0/0 Router(config-if)#ip address 192.168.1.1 255.255.255.0 Router(config-if)#exit Router(config)#ip nat inside source static 192.168.1.2 10.1.1.1 Router(config)#interface fa 0/0 Router(config-if)#ip nat inside Router(config-if)#interface fa 0/1 Router(config-if)#ip nat outside Router#show ip nat translations Pro  Inside global     Inside local       Outside local      Outside global ---  10.1.1.1          192.168.1.2        ---                --- tcp 10.1.1.1:1026      192.168.1.2:1026   10.1.1.2:80        10.1.1.2:80 Dynamic Address Translation ============================================= Router(config)#interface fa 0/0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

編號型 ACL (1~99) ========================================= 只針對Source Address做回應 ex: r1(config)#access-list 1 permit 192.168.1.0 0.0.0.255 r1(config)#interface fa 0/0 r1(config-if)#ip access-group 1 in 允許 192.168.1.0/24 從 fa 0/0 連入 r1#show access-lists Standard IP access list 1     10 permit 192.168.1.0, wildcard bits 0.0.0.255 (有一條隱性的拒絕 deny any) 192.168.1.254 0.0.0.0 可簡寫 host 192.168.1.254 192.168.1.254 0.0.0.0 255.255.255.255 可簡寫 any 套用在VTY Access r1(config)#line vty 0 15 r1(config-line)#access-class 1 in 可以用Show ip interface fa 0/0可以看介面有沒有套用ACL R1# show ip interface fastEthernet 0/0 FastEthernet0/0 is up, line protocol is up (connected) Internet address is 192.168.10.254/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is 1 Proxy ARP is enabled

Vmware Server若是安裝在Windows 7,網卡使用NAT的功能會有問題!! 這兩天試了幾次,果然是VMware的問題,雖然可以用ICS解決,不過連線還是會有問題,改用VirtualBox就不會有這種狀況..... http://life.different.idv.tw/scottwu/49.htm

1. Classless 2.支援VLSM 3.Unequal-Cost pathways  (OSPF Equal-Cost Load Balancing) 4.預設會 Auto Summary .......... EIGRP有三張Table 1. neighbor Table          |          |     dual 演算法          V 2. Topology Table (不是Database),已經知道下一站要怎麼走,OSPF還要使用SPF演算法 a.路徑走Successor,若Successor斷掉,則走 Feasible Successor b.FD 值 =介面到下一站Router的Metric+AD值 c.要成為 Feasible Successor,必須AD值小於 Successor的FD值(Metric) 3 .Riouting Table EIGRP 也有送Hello Packets(預設每5秒送一次Hello)，會包含AS Number，若是AS Number不同，鄰居關係會無法建立 OSPF 中的Process ID可以不用,但是Area要相同 ---------------------------------------------- 例如 ---------------------------------------------- B3#show ip interface brief  Interface              IP-Address      OK? Method Status                Protocol FastEthernet0/0        172.16.4.254    YES manual up                    up FastEthernet0/1        unassigned      YES unset  administratively down down Serial0/0/0            192.168.1.21    YES manual up                    up Serial0/0/1          

RIP 1. RIP 只支援FLSM(SLSM)，不支援VLSM，但可以切割子網段，以介面上的Subnet Mask判斷，所以RIP宣告的時候，沒有宣告 Subnet Mask 2. RIP V2 支援不連續網路! 3 . 只對直接相連的介面丟出Routing Table 4.RIP 支援自動 彙整(關不掉) , 不支援 手動 彙整 ,RIP V2支援 自動 彙整/手動 彙整 假設有一Router有兩個介面 FA 0   ==> IP  10.2.2.2/16 FA 1   ==> IP  10.1.1.1/16 r1(config)#router rip  r1(config-router)#version 2 r1(config-router)#network 10.0.0.0 * 在正確的介面啟動RIP *介面 若 有3個10.0.0.0的網段只要打 1次,若是有2個1 92.168. x.0的網段 , 則 是 要打2次 r1(config-router)#no auto-summary *有不連續網路要 關掉 auto-summary 檢查 r1#show ip protocols  Routing Protocol is " rip " Sending updates every 30 seconds, next due in 7 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 2, receive 2   Interface             Send  Recv  Triggered RIP  Key-chain   FastEthernet0/0       2     2      Automatic

好久沒碰VMware，尤其現在VirtualBox和VirtualPC都不用錢，所以VMware的產品比較少去關注，不過姊夫要去國外出差，Notebook裡面要裝Vmware Server和CentOS(都是Free)，所以我就來用看看！ VMware Server比剛推出的時候好太多了 開始安裝 安裝完成 接下來安裝VMWare Tools 解壓縮 開始安裝  接下來就會問你解析度要設多少，然後重開機就完成囉！