网络设备调试报告
目 录一、网络实现21.1设备清单21.2电信地址信息表21.3 网络拓扑图3二、网络信息32.1设备命名及密码规划32.2设备互连端口信息42.3三层设备互连地址信息52.4关键设备VLAN地址信息52.5外部映射地址信息5三、关键设备配置信息63.1 STAR-S680663.2 STAR-R260093.3 JUMP-F300011一、网络实现1.1设备清单产品名称产品描述数量1.2电信地址信息表IP地址范围IP地址子网掩码网关DNS1.3 网络拓扑图二、网络信息2.1设备命名及密码规划 设备名称型 号管 理 密 码2.2设备互连端口信息2.2.1 S6806E连接信息主连设备连接接口接口模式对端设备对端设备接口接口标号S6806GE1/1Access(vlan 10)电教馆楼内信息点24口交换机7号端口-S6806GE1/2 Access(vlan 999)资源库服务器E1001S6806GE1/3 Access(vlan 999)VOD视频服务器E1002S6806GE1/4 Access(vlan 999)数据库服务器E1003S6806GE1/5 Access(vlan 999)WEB服务器E1004S6806GE1/6 Access(vlan 999)管理平台服务器E1005S6806GE1/7 Access(vlan 999)监控视频服务器E0006S6806GE1/7-9 Access(vlan 999)预留-S6806GE1/10 Access(vlan 10)管理机PC11S6806GE1/11 Access(vlan 20)预留-S6806GE1/12Router-port防火墙F3000-1042E1-2.2.1 Star-R2600连接信息主连设备连接接口接口模式对端设备对端设备接口接口模式R2600Fe0/1Router-port电信对端设备10M光纤R2600Fe1/1Router-port防火墙F3000-1042E22.2.3 F3000-1042连接信息主连设备连接接口接口模式对端设备对端设备接口接口模式F3000-1042E1 透明模式交换机S6806EGE1/12F3000-1042E2透明模式路由器R2600Fe1/12.3三层设备互连地址信息三层设备互连IP对端设备互连IPR2600221.232.159.202出口设备221.232.159.201S6806172.16.10.1R2600172.16.10.2F3000-1042R26002.4关键设备VLAN地址信息VLAN地址信息V-ID设备用途使用网段管理地址网关地址100S6806管理vlan192.168.100.0/24192.168.100.254192.168.100.25410S6806电教馆楼内用户192.168.10.0/24192.168.10.254999S6806server192.168.1.0/24192.168.1.2542.5外部映射地址信息V-ID设备内网地址外网地址999WEB应用服务器192.168.1.1221.232.159.203999资源库服务器192.168.1.2221.232.159.204999VOD服务器192.168.1.3221.232.159.205999管理平台服务器192.168.1.4221.232.159.20614三、关键设备配置信息3.1 STAR-S6806s6806#sho version System description : Red-Giant 10G Backbone Routing Switch(S6806E) By Ruijie Network.System uptime : 0d:2h:9m:12sSystem hardware version : 3.0 CPU: PVR-80811014, Vendor-1057, Device-0006, Revision-14 Flash-1: Id-c249 , Memory Room: fff00000-ffffffff Flash-2: Id-ec75 , Memory Room: f0000000-f1f03fffLinecard information: Slot-1,M6800E-12SFP/GT BOOT version:01-02-01 CTRL version:01-06-01-01 USER version:02-01-09-02 Hardware version:2.0System software version : 2.42(4) Build Jun 26 2006 RelSystem BOOT version : RGiant-6800EM-BOOT03-02-01 System CTRL version : RGiant-6000M-CTRL01-07-01-01 Running Switching Image : Layer3s6806#show runSystem software version : 2.42(4) Build Jun 26 2006 RelBuilding configuration.Current configuration : 2477 bytes!version 1.0install 1 12sfp/gtip routing algorithm CRC32_UPPER!hostname s6806enable secret level 1 5 $21X)sv'3H.Y*T7+4,tZV/,Q+S(W&-enable secret level 15 5 $2Nq&#Z13IOrJ%(84MpK*.tQxB"/7!ip access-list extended deny-worm deny tcp any any eq 135 deny tcp any any eq 137 deny tcp any any eq 445 deny tcp any any eq 593 deny tcp any any eq 2500 deny tcp any any eq 5800 deny tcp any any eq 5900 deny tcp any any eq 6346 deny tcp any any eq 6667 deny tcp any any eq 9393 deny tcp any any eq 4444 deny udp any any eq 135 deny udp any any eq 445 deny udp any any eq 593 deny udp any any eq 1434 permit ip any any !interface GigabitEthernet 1/1 description to_benlou switchport access vlan 10 ip access-group deny-worm in!interface GigabitEthernet 1/2 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/3 description to_server switchport access vlan 999 ip access-group deny-worm in! interface GigabitEthernet 1/4 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/5 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/6 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/7 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/8 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/9 description to_server switchport access vlan 999 ip access-group deny-worm in!interface GigabitEthernet 1/10 description to_guanliji switchport access vlan 10 ip access-group deny-worm in!interface GigabitEthernet 1/11 description to_yuliu switchport access vlan 20 ip access-group deny-worm in!interface GigabitEthernet 1/12 no switchport description to_firewall ip address 172.16.10.1 255.255.255.0 !interface Vlan 10 ip address 192.168.10.254 255.255.255.0 !interface Vlan 20 ip address 192.168.20.254 255.255.255.0 !interface Vlan 100 ip address 192.168.100.254 255.255.255.0 !interface Vlan 999 ip address 192.168.1.254 255.255.255.0 !ip route 0.0.0.0 0.0.0.0 GigabitEthernet 1/12 172.16.10.2 1 enabledend3.2 STAR-R2600r2600#show verr2600#show version Red-Giant Operating System SoftwareRGNOS (tm) RELEASE SOFTWARE, Version 8.4 (building 67)Copyright (c) 2004 by Red-Giant Network co.,LtdCompiled Jun 13 2006 16:57:03 by sc Red-Giant uptime is 0 days 0 hours 23 minutesSystem returned to ROM reload at 2006-02-28 23:13:04 System image file is "flash:/rgnos.bin"Red-Giant R2600 series R2632Motorola Power PC processor with 65536K bytes of memory.Processor board ID 00000001,with hardware revision 00000001 card information in the system =slot class id type id hardware ver firmware version slot 0 main board MB_M8248_2632 1.20 1.00 slot 1 FNM card FNM_2FE2HS 1.10 1.00 r2600#show runBuilding configuration.Current configuration : 2076 bytes!version 8.4 (building 67)hostname r2600enable secret 5 $1$cLdj$89vtz55sA0BAqFAp enable password 7 0059344251 !access-list 1 permit anyaccess-list 100 deny tcp any any eq 135access-list 100 deny udp any any eq 135access-list 100 deny tcp any any eq 137access-list 100 deny tcp any any eq 139access-list 100 deny udp any any eq 445access-list 100 deny tcp any any eq 4444access-list 100 deny udp any any eq 1434access-list 100 deny udp any any eq 593access-list 100 deny tcp any any eq 593access-list 100 permit ip any any!no service password-encryption!interface serial 1/2 clock rate 64000!interface serial 1/3 clock rate 64000!interface FastEthernet 1/0 ip nat outside ip access-group 100 in ip mtu 1488 ip address 221.232.159.202 255.255.255.248 duplex auto speed auto description for_outside!interface FastEthernet 1/1 ip nat inside ip access-group 100 in no ip redirects ip mtu 1488 ip address 172.16.10.2 255.255.255.0 duplex auto speed auto description to_firewall!interface Null 0!ip nat inside source static tcp 192.168.1.4 8080 221.232.159.206 80 permit-insideip nat inside source static tcp 192.168.1.4 80 221.232.159.206 80 permit-insideip nat inside source static 192.168.1.4 221.232.159.206 permit-insideip nat inside source static 192.168.1.3 221.232.159.205 permit-insideip nat inside source static 192.168.1.1 221.232.159.203 permit-insideip nat inside source static 192.168.1.2 221.232.159.204 permit-insideip nat inside source list 1 interface FastEthernet 1/0 !ip route 0.0.0.0 0.0.0.0 221.232.159.201ip route 192.168.1.0 255.255.255.0 172.16.10.1ip route 192.168.10.0 255.255.255.0 172.16.10.1ip route 192.168.20.0 255.255.255.0 172.16.10.1!line con 0line aux 0line vty 0 login password 7 04240c072cline vty 1 login password 7 050b123f11line vty 2 login password 7 1006062617line vty 3 login password 7 050b123f11line vty 4 login password 7 1101330400!end 3.3 JUMP-F3000(none)# show run system terminal name server trust host login trust 192.168.1.1 login retry 3 msn-proxy connection timer conntimer tcp established timer 7200 conntimer tcp synwait timer 120 conntimer udp timer 180 conntimer icmp timer 30 interface eth 0 ip address 192.168.1.100/24 mac 00:90:fb:09:f3:06 mtu 1500 up 1000M autoneg on speed Unknown! duplex Unknown! eth 1 ip address 0.0.0.0/0 mac 00:90:fb:09:f3:07 mtu 1500 up 1000M autoneg on speed 1000Mb/s duplex full eth 2 ip address 0.0.0.0/0 mac 00:90:fb:09:f3:08 mtu 1500 up 1000M autoneg on speed 100Mb/s duplex full eth 3 ip address 0.0.0.0/0 mac 00:90:fb:09:f3:09 mtu 1500 up 1000M autoneg on speed Unknown! duplex Unknown! eth 4 no ip address mac 00:90:fb:09:f3:0a mtu 1500 down 100M autoneg on speed Unknown! duplex Unknown! eth no ip address mac 00:90:fb:09:f3:0b mtu 1500 down 100M autoneg on speed Unknown! duplex Unknown! bonding vlan fwbridge fwbridge ip 192.168.1.100/24 fwbridge stp on pppoe ip pool webfilter url words script protfile access control interface policies 1 permit eth 1 eth 2 2 permit eth 1 eth 3 3 permit eth 3 eth 2 4 permit any any nat nat conduit proxy telnet ftp http smtp pop3 syslog snmp arp arp learning on route policy route ids failover balance radius tacacs dhcpserver connection managepptpvpn nat-traversal secure-gw vpn-tunnel vpn-connection bind Used mode: Software ; New mode: Softwaredhcp client stoppedips controlvirus controlblacklist black-list peak 500selfchkp2p(fasttrack,gnutella,edonkey,dc,bittorrent,openft) p2p bandpool p2p rules p2p exempt-listwhitelistddnsqqmsn v1.1