Building configuration...
Current configuration : 9830 bytes
!
! Last configuration change at 13:07:18 GMT Tue May 25 2010
! NVRAM config last updated at 11:51:32 GMT Tue May 18 2010
!
version 12.2
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service compress-config
!
hostname HZ_CGB_4506_1
!
enable secret 5 $1$RxL/$eRolIOhLdLcMxgwCV5qFo1
enable password 7 02050D480809
!
clock timezone GMT 8
qos
vtp domain ''
vtp mode transparent
ip subnet-zero
no ip domain-lookup
ip domain-name net.hzscgb.gov.cn
ip name-server 202.101.172.35
ip name-server 202.101.172.47
!
ip vrf HZ_XXZYJH
rd 64666:71004
route-target export 64666:71004
route-target import 64666:71004
!
ip vrf resource
rd 1000:1
route-target export 1000:1
route-target import 1000:1
!
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
!
!
!
!
vlan 2
name Resource_Vlan
!
vlan 3
name publish
!
vlan 4,7-8,10
!
vlan 14
name DaoPian
!
vlan 31
name TO_INTERNET
!
vlan 32
name New_Resource_IP
!
vlan 100
!
vlan 247
name resource_4506_1to7609
!
vlan 447
name HZ_XXZYJH_4506_1to7609
!
vlan 901
name resource_4506_1to4506_1
!
interface Loopback0
ip vrf forwarding resource
ip address 172.18.6.253 255.255.255.255
!
interface Port-channel1
no ip address
!
interface Port-channel2
description connect to HZCGB_4506_2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel14
description Link_to_IBMServerBladeSwitch
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
!
interface Port-channel30
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
!
interface GigabitEthernet1/1
switchport access vlan 2
!
interface GigabitEthernet1/2
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet2/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet2/2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet2/3
description connect to 1Q_YYFW_172.18.6.165
switchport access vlan 2
!
interface GigabitEthernet2/4
description connect to 1Q_YYFW_172.18.6.167
switchport access vlan 2
!
interface GigabitEthernet2/5
!
interface GigabitEthernet2/6
description connect to 1Q_YYXTJK_10.6.6.13
switchport access vlan 4
shutdown
!
interface GigabitEthernet2/7
description connect to 2QZXJC_ZHGL_172.18.6.171
switchport access vlan 2
!
interface GigabitEthernet2/8
description 2Q_12319_172.18.6.173
switchport access vlan 2
!
interface GigabitEthernet2/9
description QLYGYY_FWQ1_172.18.6.174
switchport access vlan 2
!
interface GigabitEthernet2/10
description connect to OA_YYFWQ1_172.18.6.175
switchport access vlan 2
!
interface GigabitEthernet2/11
description 2Q_JHQZ
!
interface GigabitEthernet2/12
description MLJH_IBMX3650_172.16.79.2
switchport access vlan 100
!
interface GigabitEthernet2/13
!
interface GigabitEthernet2/14
description CONNECT TO 1Q_YY_172.18.6.182
switchport access vlan 2
!
interface GigabitEthernet2/15
description connect to GPS_JSQZ_10.6.8.200
switchport access vlan 8
!
interface GigabitEthernet2/16
description connect to C3845-3_GI0/1
switchport access vlan 8
!
interface GigabitEthernet2/17
description connect to LS_SJK_CX
switchport access vlan 2
!
interface GigabitEthernet2/18
description connect to 10.6.6.13
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet2/19
description to_radware-1
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet2/20
description TingChe_172.18.6.205
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet2/21
!
interface GigabitEthernet2/22
switchport access vlan 10
!
interface GigabitEthernet2/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
channel-group 30 mode on
!
interface GigabitEthernet2/24
description connect to HuaShu_7609
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
channel-group 30 mode on
!
interface GigabitEthernet3/1
!
interface GigabitEthernet3/2
!
interface GigabitEthernet4/1
description connect to 1Q_YWXT_SJK1_10.6.4.50&52
switchport access vlan 4
!
interface GigabitEthernet4/2
description connect to 1Q_YWXT_YDSJK2_10.6.7.5
switchport access vlan 7
!
interface GigabitEthernet4/3
description connect to 2QZXJC_ZHGL_SJK1
switchport access vlan 4
!
interface GigabitEthernet4/4
description CONNECT TO 2Q_12319_SJK1_10.6.720&22
switchport access vlan 7
switchport mode access
!
interface GigabitEthernet4/5
description connect to 10.6.7.4
switchport access vlan 7
!
interface GigabitEthernet4/6
!
interface GigabitEthernet4/7
!
interface GigabitEthernet4/8
!
interface GigabitEthernet4/9
!
interface GigabitEthernet4/10
!
interface GigabitEthernet4/11
!
interface GigabitEthernet4/12
description connect YiDong_DXJ
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/13
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/14
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
speed 1000
duplex full
no cdp enable
channel-group 14 mode active
!
interface GigabitEthernet4/15
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/16
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/17
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/18
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/19
description LINK_TO_DAOPIAN_MGT01_192.168.70.125
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/20
description connect to huwaiguanggao_59.202.66.38
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/21
description GuFei_172.18.6.204
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/22
description GuFei_172.18.6.203
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/23
!
interface GigabitEthernet4/24
description connect to L04-3560
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2
no ip address
!
interface Vlan3
ip vrf forwarding resource
ip address 172.18.6.133 255.255.255.224
standby 3 ip 172.18.6.132
standby 3 priority 120
!
interface Vlan4
description DB Vlan
ip vrf forwarding resource
ip address 10.6.4.4 255.255.255.0
no ip redirects
standby 4 ip 10.6.4.1
standby 4 priority 120
standby 4 preempt
!
interface Vlan7
description YiDong Vlan
ip vrf forwarding resource
ip address 10.6.7.3 255.255.255.0
no ip redirects
standby 7 ip 10.6.7.2
standby 7 preempt
!
interface Vlan8
ip vrf forwarding resource
no ip address
!
interface Vlan14
ip vrf forwarding resource
no ip address
!
interface Vlan31
description TO_INTERNET VLAN
ip vrf forwarding resource
ip address 59.202.66.34 255.255.255.248
no ip redirects
standby 31 ip 59.202.66.33
standby 31 preempt
!
interface Vlan100
no ip address
!
interface Vlan247
ip vrf forwarding resource
ip address 172.18.2.162 255.255.255.252
!
interface Vlan447
ip vrf forwarding HZ_XXZYJH
ip address 172.16.79.250 255.255.255.252
!
interface Vlan901
ip vrf forwarding resource
ip address 172.18.6.249 255.255.255.252
!
router ospf 200 vrf resource
router-id 172.18.6.253
log-adjacency-changes
redistribute connected metric-type 1 subnets
network 10.6.8.0 0.0.0.255 area 0
network 172.18.6.249 0.0.0.0 area 0
!
ip route vrf HZ_XXZYJH 0.0.0.0 0.0.0.0 172.16.79.249
ip route vrf resource 0.0.0.0 0.0.0.0 172.18.2.161
ip route vrf resource 172.18.6.160 255.255.255.224 172.18.6.129 tag 1
ip route vrf resource 172.18.6.192 255.255.255.224 172.18.6.129 tag 1
no ip http server
!
!
!
ip access-list extended ACL_CGB
permit tcp any any eq www
permit tcp any any eq 7001
permit tcp any any eq 5151
permit tcp any any eq 1433
permit tcp any any eq 3389
!
snmp-server community hzcgSNMP-r0 RO
snmp-server community hzcgSNMP-rw-str1ng RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps stpx
snmp-server enable traps port-security
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps copy-config
snmp-server enable traps fru-ctrl
snmp-server enable traps flash insertion removal
snmp-server enable traps syslog
snmp-server enable traps bridge
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps hsrp
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps rtr
snmp-server enable traps vlan-membership
snmp-server host 59.202.66.37 *-r0
!
!
line con 0
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 4 0
password 7 091559080B544D5B441C05393833782131
login
!
ntp master
ntp update-calendar
end
!
! Last configuration change at 13:07:18 GMT Tue May 25 2010
! NVRAM config last updated at 11:51:32 GMT Tue May 18 2010
!
version 12.2
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service compress-config
!
hostname HZ_CGB_4506_1
!
enable secret 5 $1$RxL/$eRolIOhLdLcMxgwCV5qFo1
enable password 7 02050D480809
!
clock timezone GMT 8
qos
vtp domain ''
vtp mode transparent
ip subnet-zero
no ip domain-lookup
ip domain-name net.hzscgb.gov.cn
ip name-server 202.101.172.35
ip name-server 202.101.172.47
!
ip vrf HZ_XXZYJH
rd 64666:71004
route-target export 64666:71004
route-target import 64666:71004
!
ip vrf resource
rd 1000:1
route-target export 1000:1
route-target import 1000:1
!
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
!
!
!
!
vlan 2
name Resource_Vlan
!
vlan 3
name publish
!
vlan 4,7-8,10
!
vlan 14
name DaoPian
!
vlan 31
name TO_INTERNET
!
vlan 32
name New_Resource_IP
!
vlan 100
!
vlan 247
name resource_4506_1to7609
!
vlan 447
name HZ_XXZYJH_4506_1to7609
!
vlan 901
name resource_4506_1to4506_1
!
interface Loopback0
ip vrf forwarding resource
ip address 172.18.6.253 255.255.255.255
!
interface Port-channel1
no ip address
!
interface Port-channel2
description connect to HZCGB_4506_2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel14
description Link_to_IBMServerBladeSwitch
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
!
interface Port-channel30
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
!
interface GigabitEthernet1/1
switchport access vlan 2
!
interface GigabitEthernet1/2
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet2/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet2/2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet2/3
description connect to 1Q_YYFW_172.18.6.165
switchport access vlan 2
!
interface GigabitEthernet2/4
description connect to 1Q_YYFW_172.18.6.167
switchport access vlan 2
!
interface GigabitEthernet2/5
!
interface GigabitEthernet2/6
description connect to 1Q_YYXTJK_10.6.6.13
switchport access vlan 4
shutdown
!
interface GigabitEthernet2/7
description connect to 2QZXJC_ZHGL_172.18.6.171
switchport access vlan 2
!
interface GigabitEthernet2/8
description 2Q_12319_172.18.6.173
switchport access vlan 2
!
interface GigabitEthernet2/9
description QLYGYY_FWQ1_172.18.6.174
switchport access vlan 2
!
interface GigabitEthernet2/10
description connect to OA_YYFWQ1_172.18.6.175
switchport access vlan 2
!
interface GigabitEthernet2/11
description 2Q_JHQZ
!
interface GigabitEthernet2/12
description MLJH_IBMX3650_172.16.79.2
switchport access vlan 100
!
interface GigabitEthernet2/13
!
interface GigabitEthernet2/14
description CONNECT TO 1Q_YY_172.18.6.182
switchport access vlan 2
!
interface GigabitEthernet2/15
description connect to GPS_JSQZ_10.6.8.200
switchport access vlan 8
!
interface GigabitEthernet2/16
description connect to C3845-3_GI0/1
switchport access vlan 8
!
interface GigabitEthernet2/17
description connect to LS_SJK_CX
switchport access vlan 2
!
interface GigabitEthernet2/18
description connect to 10.6.6.13
switchport access vlan 4
switchport mode access
!
interface GigabitEthernet2/19
description to_radware-1
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet2/20
description TingChe_172.18.6.205
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet2/21
!
interface GigabitEthernet2/22
switchport access vlan 10
!
interface GigabitEthernet2/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
channel-group 30 mode on
!
interface GigabitEthernet2/24
description connect to HuaShu_7609
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 247,447
switchport mode trunk
channel-group 30 mode on
!
interface GigabitEthernet3/1
!
interface GigabitEthernet3/2
!
interface GigabitEthernet4/1
description connect to 1Q_YWXT_SJK1_10.6.4.50&52
switchport access vlan 4
!
interface GigabitEthernet4/2
description connect to 1Q_YWXT_YDSJK2_10.6.7.5
switchport access vlan 7
!
interface GigabitEthernet4/3
description connect to 2QZXJC_ZHGL_SJK1
switchport access vlan 4
!
interface GigabitEthernet4/4
description CONNECT TO 2Q_12319_SJK1_10.6.720&22
switchport access vlan 7
switchport mode access
!
interface GigabitEthernet4/5
description connect to 10.6.7.4
switchport access vlan 7
!
interface GigabitEthernet4/6
!
interface GigabitEthernet4/7
!
interface GigabitEthernet4/8
!
interface GigabitEthernet4/9
!
interface GigabitEthernet4/10
!
interface GigabitEthernet4/11
!
interface GigabitEthernet4/12
description connect YiDong_DXJ
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/13
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/14
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
speed 1000
duplex full
no cdp enable
channel-group 14 mode active
!
interface GigabitEthernet4/15
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/16
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/17
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/18
description DaoPian_Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 14
switchport mode trunk
channel-group 14 mode active
!
interface GigabitEthernet4/19
description LINK_TO_DAOPIAN_MGT01_192.168.70.125
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/20
description connect to huwaiguanggao_59.202.66.38
switchport access vlan 31
switchport mode access
!
interface GigabitEthernet4/21
description GuFei_172.18.6.204
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/22
description GuFei_172.18.6.203
switchport access vlan 14
switchport mode access
!
interface GigabitEthernet4/23
!
interface GigabitEthernet4/24
description connect to L04-3560
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2
no ip address
!
interface Vlan3
ip vrf forwarding resource
ip address 172.18.6.133 255.255.255.224
standby 3 ip 172.18.6.132
standby 3 priority 120
!
interface Vlan4
description DB Vlan
ip vrf forwarding resource
ip address 10.6.4.4 255.255.255.0
no ip redirects
standby 4 ip 10.6.4.1
standby 4 priority 120
standby 4 preempt
!
interface Vlan7
description YiDong Vlan
ip vrf forwarding resource
ip address 10.6.7.3 255.255.255.0
no ip redirects
standby 7 ip 10.6.7.2
standby 7 preempt
!
interface Vlan8
ip vrf forwarding resource
no ip address
!
interface Vlan14
ip vrf forwarding resource
no ip address
!
interface Vlan31
description TO_INTERNET VLAN
ip vrf forwarding resource
ip address 59.202.66.34 255.255.255.248
no ip redirects
standby 31 ip 59.202.66.33
standby 31 preempt
!
interface Vlan100
no ip address
!
interface Vlan247
ip vrf forwarding resource
ip address 172.18.2.162 255.255.255.252
!
interface Vlan447
ip vrf forwarding HZ_XXZYJH
ip address 172.16.79.250 255.255.255.252
!
interface Vlan901
ip vrf forwarding resource
ip address 172.18.6.249 255.255.255.252
!
router ospf 200 vrf resource
router-id 172.18.6.253
log-adjacency-changes
redistribute connected metric-type 1 subnets
network 10.6.8.0 0.0.0.255 area 0
network 172.18.6.249 0.0.0.0 area 0
!
ip route vrf HZ_XXZYJH 0.0.0.0 0.0.0.0 172.16.79.249
ip route vrf resource 0.0.0.0 0.0.0.0 172.18.2.161
ip route vrf resource 172.18.6.160 255.255.255.224 172.18.6.129 tag 1
ip route vrf resource 172.18.6.192 255.255.255.224 172.18.6.129 tag 1
no ip http server
!
!
!
ip access-list extended ACL_CGB
permit tcp any any eq www
permit tcp any any eq 7001
permit tcp any any eq 5151
permit tcp any any eq 1433
permit tcp any any eq 3389
!
snmp-server community hzcgSNMP-r0 RO
snmp-server community hzcgSNMP-rw-str1ng RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps stpx
snmp-server enable traps port-security
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps copy-config
snmp-server enable traps fru-ctrl
snmp-server enable traps flash insertion removal
snmp-server enable traps syslog
snmp-server enable traps bridge
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps hsrp
snmp-server enable traps bgp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps rtr
snmp-server enable traps vlan-membership
snmp-server host 59.202.66.37 *-r0
!
!
line con 0
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 4 0
password 7 091559080B544D5B441C05393833782131
login
!
ntp master
ntp update-calendar
end
转载于:https://blog.51cto.com/xingno/350518