20201230 cisco STP
課堂資料
FDB
Spanning Tree Steps
Find the Root Bridge
最小:priority ( 可手動設定,預設值為
32768 + Vlan ID) + MAC address
Find the Root Port
Find the Designated Port ( D Port )
AAA Tacacs
課堂練習
STP
do sh spanning-tree
do sh spanning-tree
do sh spanning-tree
ip 192.168.1.1 255.255.255.0
ping 192.168.1.2ip 192.168.1.2 255.255.255.0
ping 192.168.1.1Ether Channel
int range e0/0 - 1channel-group 1 mode ondo sh etherchannel summary
do sh spanning-tree
int range e0/0 - 1shutchannel-group 1 mode onno shutdo sh etherchannel summary
do sh spanning-tree
AAA Tacacs
Part 01.
Part 02.
ip addr add 192.168.1.2/24 brd + dev eth0ping 192.168.1.1
新增 user
useradd anidapasswd anida
安裝 tac plus
./tac_pwdgedit tac_plus.conftac_plus.conf
key = ccie
accounting file = /var/log/tac.acct
user = user {
member = user5
login = des aerYSwBGbhIlo
}
group = user5 {
service = exec {
priv-lvl = 5
}
}
執行 tacacs+ server
./tac_plus -C ./tac_plus.conf -Gint e0/0ip add 23.1.1.2 255.255.255.0no shutexit
啟動 AAA New-Model
aaa new-model
設定 TACACS+ 資料
tacacs server TACACS-SERVERadd ipv4 192.168.1.2key ccieexit
設定 Authentication
aaa authentication login List_Login group tacacs+ localline console 0 login authentication List_Loginline vty 0 4login authentication List_Loginaaa authentication enable default group tacacs+ enable
設定 Authorization
aaa authorization exec List_Priv group tacacs+ localline console 0 authorization exec List_Privexitaaa authorization consoleline vty 0 4authorization exec List_Priv
設定 Accounting
line console 0 accounting exec List_Accaccounting commands 5 List_Comm_5accounting commands 10 List_Comm_10accounting commands 15 List_Comm_15line vty 0 4accounting exec List_Accaccounting commands 5 List_Comm_5accounting commands 10 List_Comm_10accounting commands 15 List_Comm_15
do telnet 23.1.1.3int e0/0ip add 23.1.1.3 255.255.255.0no shutint e0/1ip add 192.168.1.1 255.255.255.0no shut
Last updated
Was this helpful?