Cu hnh c bn ca switch

I ) Cu hnh c bn trn cc switch

t tn cho switch
Switch ( config ) # hostname [tn switch ]
t password cho switch
1
2

Switch(config)#enable password
cisco
Switch(config)#line console 0
Switch(config-line)#login

Switch(config-line)#password cisco
Switch(config-line)#exit
3

Switch(config-line)#line vty 0 4
Switch(config-line)#login

Switch(config-line)#password cisco
Switch(config-line)#exit

4
5

Switch (config)#username cisco

password cisco
Switch (config)#service
password-encryption

Cu hnh hin th li cho khi truy nhp

Cu hnh Password enable cho

switch l cisco
Vo ch cu hnh line
console
Cho php switch kim tra
password khi ngi dng login
vo switch thng qua cng
console
Cu hnh password cho console
l Cisco
Thot khi ch cu hnh line
console
Vo ch cu hnh line vty
Cho php switch kim tra
password khi ngi dng login
vo switch thng qua telnet
Cu hnh password cho php
telnet l Cisco
Thot khi ch cu hnh ca
line vty
Ci t tn truy nhp v
password truy nhp cho switch
M ha ton b password t
trn

Switch (config )# banner motd HI

hin th k t HI khi bt u truy nhp

vo switch

II) Cu hnh cng trunk

Cng Trunk
- L cng cho php tt c cc gi tin cc vlan i qua
Trn switch layer 2
Switch(config)# interface fastethernet 0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)# exit

Truy nhp vo giao din ca

cng f0/1
Cu hnh cng f0/1 hot ng
ch Trunk
Thot ra khi cng f0/1

Trn switch layer 3

Switch(config)# interface fastethernet 0/1
Switch(config-if)#switchport trunk
encapsulation dot1q
Switch(config-if)#switchport mode trunk
Switch(config-if)# exit

Truy nhp vo giao din ca

cng f0/1
Cho php d liu c truyn
trn ng trunk ng gi theo
chun ca giao thc 802.1q
Cu hnh cng f0/1 hot ng
ch Trunk
Thot ra khi cng f0/1

Lnh kim tra

Switch # show interface trunk

III) Cu hnh VTP

Gii thiu v VTP

kim tra nhng cng no

c ci t ch trunk

 VTP l mt giao thc c quyn ca Cisco, giao thc ny cho phpcu hnh
VLAN (thm, xa, hoc sa cc thng tin VLAN)s c duy tr tp trung
thng qua mt min. Tc l trong cng 1 min s c t nht 1 switch lm
my ch v cc switch khc lm my khch , my khch v
my ch s c ng b vi nhau . Ta c th to vlan , xa vlan , sa
cha thng tin vlan trn my ch th my khch s t ng hc hi theo
my ch m ta khng cn phi lm
Ch
- Trc khi ta cu hnh VTP ta phi bt cng Trunk trn tt c cc ng ni
gia switch switch , switch router
- Tt c cc switch hot ng ch VTP server hoc VTP client s phi
cng tn domain. Ch c cc switch c cng tn domain mi c th trao i
thng tin vlan vi nhau
- Trong cng mt min ( cng tn domain), ch c cc switch c chung
password th mi c th trao i thng tin vlan vi nhau
Cu hnh VTP
- Trn con switch c chn lm switch server
Switch(config)# vtp domain Cisco

To ra mt min chung ca cc
switch c tn l
cisco
Switch(config)# vtp password cisco
t mt khu cho cc vlan trong
min l cisco
Switch(config)# vtp mode server
t switch ch my ch
- Trn con switch c chn lm switch client
Switch(config)# vtp domain Cisco

Switch(config)# vtp password cisco

Switch(config)# vtp mode client

To ra mt min chung ca cc
switch c tn l
cisco
t mt khu cho cc vlan trong
min l cisco
t switch ch my khch

Lnh kim tra

Switch# show vtp status

Hin th nhng thng tin cu hnh v

Switch# show vtp counters

VTP
Hin th b m VTP ca switch

IV) Vlan
To v t tn cho vlan
Switch (config)# vlan 10

Switch (config-vlan)#name Admin

Switch (config)# no vlan 10

To vlan 10 v ng thi
chuyn cu hnh vo ch
VLAN configuration
t tn cho vlan 10 l
Admin
Xa vlan 10

Gn a ch cho vlan
Switch (config)# interface vlan 10
Switch(config-if)# ip add 192.168.10.2
255.255.255.0
Switch(config-if)#exit

Vo giao din vlan 10

t i ch cho vlan 10
trn switch
Thot khi giao din ca
vlan 10

Gn Vlan cho cc port

Swtich(config)# interface fasthethernet
0/1
Swtich(config-if)# switchport mode
access
Swtich(config-if)# switchport access
vlan 10

Vo giao din cng 0 /1

t cng f0/1 ch
access
Gn vlan 10 cho cng
f0/1

Lnh kim tra

Switch# show vlan

Hin th thng tin vlan

Switch# show vlan brief

Switch# show vlan id 10
Switch# show interfaces vlan 10

Hin th thng tin vlan

dng tng qut
Hin th thng tin vlan 10
Hin th thng tin vlan 10.

V) Port security
Cu hnh
Switch (config)#int e0/3
Switch (config-if)#switchport mode
access
Switch (config-if)#switchport portsecurity
Switch(config-if)#sw port-security
maximum 2
Switch(config-if)#sw port-security
mac-address 0010.113D.8954
Switch(config-if)#sw port-security
mac-address 00D0.BA47.5D57
Switch(config-if)#sw port-security
mac-address sticky
Switch(config-if)#sw port-security
violation [shutdown hoc restrict
hoc protect ]

Lnh kim tra

Kch hot cng e0/3 ch access

Kch hot ch Security ca Port
Quy inh ch cho 3 PC c th kt ni
trc tip vo cng e0/3 l ti a
Khai bo 2 a ch MAC ca 2 my tnh
m mnh mun n c th kt ni trc
tip vi cng e0/3
Sw s t ng hc a ch MAC ca cc
PC lu vo trong bng a ch MAC
Ta c th chon 1 trong 3 ch :
- shutdown: port s c a vo trng
thi li v b shutdown
- restrict: port s vn trng thi up mc
d a ch MAC kt ni b sai. Tuy nhin
cc gi tin n port ny u b hy, v s
c mt bn thng bo v s lng gi
tin b hy.
- protect: port vn up nh restrict, cc
gi tin n port b hy v khng c
thng bo v vic hy b gi tin ny

Switch #show port-security

Hin th thng tin cng c ci t

security
Switch #show mac-address-table
hin th cc a ch MAC lu vo
trong bng MAC ca switch
Switch #show port-security address Hin th a ch MAC c php truy
nhp vo cng bo mt

VI) Gp ng link ( etherchannel )

Gii thiu
- EtherChannel s cung cp kh nng d phng,kt ni tc cao hn gia
cc switch,vi switch hoc vi router hoc vi server. Mt EtherChannel
c cha nhiu linkt Fast Ethernet hoc Gigabit Ethernet vo trong mt
lin kt logical.Nu mt lin kt nm trong EtherChannel m b li, th lu
lng d liu s c thay i truyn trn nhng lin kt cn li thuc
EtherChannel
Cc giao thc ca etherchannel
Giao thc
PagP v LACP
PagP
LACP

ch lm vic ca switch 1
On
Auto
Desirable
Active
Active

ch lm vic ca switch 2
On
Desirable
Desirable
Active
Passive

Ch
- Bn c th gp 2- 16 ng link vt l thnh 1 ng
- Tt c cc port phi ging nhau v tham s
+ tc v duplex
+ Khng c php nhm fast ethernet v gigabit ethernet v 1 nhm
+ Khng th s dng ng thi c 2 giao thc trong 1 ng link
- Etherchannel c s dng gia switch layer 3 -switch layer 3 hay
switch layer2 switch layer 2
- Ta phi cu hnh etherchannel vi tt c cc ng link m u bi yu cu
gp. c th tin cho vic cu hnh chng ta s s dng knh range
- range l lnh m chng ta dng cu hnh ging cng 1 lc cc cng
V d : switch (config)#interface range f0/1-3
Ngha tt c cc cng f0/1, f0/2, f0/3 s c cu hnh ging nhau

- lnh range ch c dng khi cc cng cu hnh ging nhau l lip tip

Cu hnh
Switch (config ) # interface range f0/8-10
Switch(config-if-range)#channel-group
1 mode {desirable | auto | on | passive
| active}

Vo giao din cu hnh ca cng t f0/8f0/10

Cho php cc cng t f0/8-f0/10 hot
ng 1 trong cc ch nh bn cnh
Ch : nu nh t t sw 1 lm vic
ch no th sw2 cng phi lm vic
ch d

Switch(config-if-range)# exit
Switch ( config ) # interface port-channel 1

Vo giao din cu hnh ca cng

port-channel 1
Switch (config if) # switchport mode trunk t cng port-channel 1 ch cng
trunk
Lnh kim tra
Switch#show etherchannel
Switch#show etherchannel 1 port-channel
Switch#show etherchannel Summary
Switch#show pagp neighbor

Hin th tt c cc thng tin v

EtherChannel
Hin th nhng thng tin v port
channel
Hin th nhng thng tin tng qut
v etherChannel
Hin th thng tin v PagP hng xm

VII) nh tuyn VLAN

nh tuyn vlan bng switch layer 3
- Bc 1: bt ch nh tuyn trn Switch layer 3
Switch (config ) # ip routing
- Bc 2 : to cc vlan cn nh tuyn

Switch (config )# vlan 2

Switch (config )# vlan 3
- Bc 3 : a ch cho vlan
Switch (config )# interface vlan 2
Switch (config vlan)# ip addess 192.168.2.1 255.255.255.0
Switch (config vlan)# no shutdown
Lm tng t vi vlan 3
- Bc 4 : ly a ch vlan 2,3 lm default gateway cho cc PC thuc cng
Vlan
nh tuyn bng sub interface trn router
- Bc 1: vo cng kt ni vi switch
Router (Config )# interface f0/1
Router(config if) # no shutdown
Router (config - if ) # exit
- Bc 2 : cng kt ni gia switch v router ch trunk
Switch (config )# interface f0/6
Switch (config-if )# switchport trunk encapsulation dot1q
Switch (config-if )# switchport mode trunk
- Bc 3: to sub interface v cng ip cho sub interface
Router (config ) # interface f0/1.2
Router (config-subif)# encapsulation dot1q 2
Router (config-subif)# ip add 192.168.2.1 255.255.255.0
Router (config-subif)# ex
Lm tng t vi vlan 3
Ch :
- S 2 bi l phi thay i vi tng vlan khc nhau nu nh cu hnh cho
vlan 3 th ta phi thay s 2 bi thnh s 3

VIII) Spanning Tree Protocol