最近一套新配的2811上有如下配置,不知道是返修件还是思科的刻意
R2#sh run
Building configuration...
Building configuration...
Current configuration : 2384 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip cef
!
!
ip vrf ***-a
rd 100:1
route-target export 100:1
route-target import 100:1
!
no ip domain lookup
ip multicast-routing
!
multilink bundle-name authenticated
mpls label protocol ldp
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
vtp mode transparent
archive
log config
hidekeys
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.2 255.255.255.255
!
interface FastEthernet0/0
ip address 172.16.0.6 255.255.255.252
ip pim sparse-mode
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 cnc
duplex full
speed 100
mpls label protocol ldp
mpls ip
no mop enabled
!
interface FastEthernet0/1
no ip address
duplex full
speed 100
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
ip address 172.16.2.5 255.255.255.252
!
interface FastEthernet0/1.20
description To_PCA2
encapsulation dot1Q 20
ip address 10.10.3.1 255.255.255.0
ip pim sparse-mode
!
interface FastEthernet0/1.22
description To_IAD2
encapsulation dot1Q 22
ip address 10.10.40.1 255.255.255.0
!
interface FastEthernet0/1.44
encapsulation dot1Q 44
ip vrf forwarding ***-a
ip address 10.10.44.1 255.255.255.0
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
router ospf 100
log-adjacency-changes
network 10.10.3.0 0.0.0.255 area 22
network 10.10.40.0 0.0.0.255 area 22
network 172.16.0.6 0.0.0.0 area 0
network 172.16.2.4 0.0.0.3 area 22
network 192.168.0.2 0.0.0.0 area 22
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.0.4 remote-as 100
neighbor 192.168.0.4 update-source Loopback0
no auto-summary
!
address-family ***v4
neighbor 192.168.0.4 activate
neighbor 192.168.0.4 send-community extended
exit-address-family
!
address-family ipv4 vrf ***-a
neighbor 10.10.44.100 remote-as 2000
neighbor 10.10.44.100 activate
no synchronization
network 10.10.44.0 mask 255.255.255.0
exit-address-family
!
!
!
no ip http server
no ip http secure-server
ip pim rp-address 192.168.0.4
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
privilege level 15
line aux 0
line vty 0 4
privilege level 15
no login
!
scheduler allocate 20000 1000
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip cef
!
!
ip vrf ***-a
rd 100:1
route-target export 100:1
route-target import 100:1
!
no ip domain lookup
ip multicast-routing
!
multilink bundle-name authenticated
mpls label protocol ldp
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
vtp mode transparent
archive
log config
hidekeys
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.2 255.255.255.255
!
interface FastEthernet0/0
ip address 172.16.0.6 255.255.255.252
ip pim sparse-mode
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 cnc
duplex full
speed 100
mpls label protocol ldp
mpls ip
no mop enabled
!
interface FastEthernet0/1
no ip address
duplex full
speed 100
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
ip address 172.16.2.5 255.255.255.252
!
interface FastEthernet0/1.20
description To_PCA2
encapsulation dot1Q 20
ip address 10.10.3.1 255.255.255.0
ip pim sparse-mode
!
interface FastEthernet0/1.22
description To_IAD2
encapsulation dot1Q 22
ip address 10.10.40.1 255.255.255.0
!
interface FastEthernet0/1.44
encapsulation dot1Q 44
ip vrf forwarding ***-a
ip address 10.10.44.1 255.255.255.0
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
router ospf 100
log-adjacency-changes
network 10.10.3.0 0.0.0.255 area 22
network 10.10.40.0 0.0.0.255 area 22
network 172.16.0.6 0.0.0.0 area 0
network 172.16.2.4 0.0.0.3 area 22
network 192.168.0.2 0.0.0.0 area 22
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.0.4 remote-as 100
neighbor 192.168.0.4 update-source Loopback0
no auto-summary
!
address-family ***v4
neighbor 192.168.0.4 activate
neighbor 192.168.0.4 send-community extended
exit-address-family
!
address-family ipv4 vrf ***-a
neighbor 10.10.44.100 remote-as 2000
neighbor 10.10.44.100 activate
no synchronization
network 10.10.44.0 mask 255.255.255.0
exit-address-family
!
!
!
no ip http server
no ip http secure-server
ip pim rp-address 192.168.0.4
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
privilege level 15
line aux 0
line vty 0 4
privilege level 15
no login
!
scheduler allocate 20000 1000
!
web*** cef
!
end
web*** cef
!
end
下面配置是最多的28的出厂配置,包括2821上都有点象:
yourname#sh run
Building configuration...
Building configuration...
Current configuration : 1942 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
no network-clock-participate wic 0
ip subnet-zero
!
!
ip cef
!
!
ip domain name yourdomain.com
!
username cisco privilege 15 secret 5 $1$qetn$IpMysXtjMP.EWs5PS6luu/
!
!
controller E1 0/0/0
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$
ip address 10.10.10.1 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
no network-clock-participate wic 0
ip subnet-zero
!
!
ip cef
!
!
ip domain name yourdomain.com
!
username cisco privilege 15 secret 5 $1$qetn$IpMysXtjMP.EWs5PS6luu/
!
!
controller E1 0/0/0
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$
ip address 10.10.10.1 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
Here are the Cisco IOS commands.
username privilege 15 secret 0
no username cisco
no username cisco
Replace and with the username and password you want to use.
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to [url]http://www.cisco.com/go/sdm[/url]
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
!
end
GUIDE for your router or go to [url]http://www.cisco.com/go/sdm[/url]
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
!
end