企业官网建设流程全解析

网站建设程序员提成,房地产互联网推广,php网站开发程序,wordpress储存一、适用场景 1、移动语音/视讯 校园、医院、 VoWiFi、无线 IPC、移动护理终端#xff0c;漫游时若 IP 变化#xff0c;SIP 会话会掉话或重注册#xff1b;三层漫游把流量隧道回“原网关”#xff0c;保证会话不中断。 2、移动扫码支付/POS 商场、超市的无线 POS 机、扫码枪…一、适用场景1、移动语音/视讯校园、医院、 VoWiFi、无线 IPC、移动护理终端漫游时若 IP 变化SIP 会话会掉话或重注册三层漫游把流量隧道回“原网关”保证会话不中断。2、移动扫码支付/POS商场、超市的无线 POS 机、扫码枪需要长连支付平台IP 一变平台就踢下线三层漫游让 VLAN10→VLAN20 时仍用原地址交易不失败。3、AGV/移动机器人工厂、物流仓的 AGV 跨区移动调度系统用 IP 做实时坐标若换 IP 会被判“掉线”而停车。三层漫游使其在 VLAN 边界无缝通过。4、多建筑校园/企业园区各楼已按部门划分子网VLAN但老师/员工需要边走边开视频会议、SSH 远程调试二层漫游无法跨楼三层漫游在 AC 内/AC 间建隧道把流量引回原子网用户无感知。5、中大型物流仓库在 520 万 m² 的中大型物流仓库里要让扫码枪、AGV、车载 PAD 等终端“跨库区移动时 VLAN 切换但业务不丢包”必须部署 Wi-Fi 跨 VLAN 三层漫游L3 Roaming。扫码枪、AGV 在移动中若重新 DHCP支付/调度会话会中断订单掉线 停产二层漫游无法跨网段只有三层漫游能把流量隧道回“原网关”保持 IP 不变业务 0 中断。二、业务需求企业用户通过WLAN接入网络以满足移动办公的最基本需求。为了区分部门进行管理不同部门的员工在不同的子网。且在覆盖区域内移动发生漫游时不影响用户的业务使用。Wi-Fi 跨 VLAN 三层漫游L3 roaming的核心价值是“IP 地址保持不变”因此它适用于终端必须持续使用同一 IP 才能不中断业务、且无法通过二层漫游解决的特定场景。一句话只要“移动中换 VLAN 且不能换 IP”就是三层漫游的适用场景能容忍换 IP 或业务可快速重连的场合用普通二层漫游重新 DHCP 更简单。三、拓扑图与规划设计一拓扑图二配置前的网络规划四、配置过程一配置网络互通1、R1路由器sysname R1vlan batch 101 to 102dhcp enableinterface Vlanif101ip address 10.23.101.2 255.255.255.0dhcp select interfaceinterface Vlanif102ip address 10.23.102.2 255.255.255.0dhcp select interfaceinterface GigabitEthernet0/0/1portswitchport link-type trunkport trunk allow-pass vlan 101 to 1022、LSW1汇聚交换机sysname LSW1vlan batch 10 100 to 102dhcp enableinterface Vlanif10ip address 10.23.10.1 255.255.255.0dhcp select relaydhcp relay server-ip 10.23.100.1interface Vlanif100ip address 10.23.100.2 255.255.255.0interface Vlanif101ip address 10.23.101.1 255.255.255.0interface Vlanif102ip address 10.23.102.1 255.255.255.0interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 101 to 102interface GigabitEthernet0/0/2port link-type trunkport trunk allow-pass vlan 100interface GigabitEthernet0/0/3port link-type trunkport trunk allow-pass vlan 10 101 to 1023、AC1无线控制器vlan batch 100vlan pool sta-poolvlan 101 to 102dhcp enableip pool apgateway-list 10.23.10.1network 10.23.10.0 mask 255.255.255.0option 43 sub-option 3 ascii 10.23.100.1interface Vlanif100ip address 10.23.100.1 255.255.255.0dhcp select globalinterface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 100ip route-static 10.23.10.0 255.255.255.0 10.23.100.24、LW2接入交换机sysname LSW2vlan batch 10 101 to 102interface Ethernet0/0/1port link-type trunkport trunk pvid vlan 10port trunk allow-pass vlan 10 101port-isolate enable group 1interface Ethernet0/0/2port link-type trunkport trunk pvid vlan 10port trunk allow-pass vlan 10 102port-isolate enable group 1interface GigabitEthernet0/0/1port link-type trunkport trunk allow-pass vlan 10 101 to 102二配置AP上线1、创建AP组用于将相同配置的AP都加入同一AP组中。[AC] wlan[AC-wlan-view] ap-group name ap-group1[AC-wlan-ap-group-ap-group1] quit[AC-wlan-view] ap-group name ap-group2[AC-wlan-ap-group-ap-group2] quit2、创建域管理模板在域管理模板下配置AC的国家码并在AP组下引用域管理模板。[AC-wlan-view] regulatory-domain-profile name default[AC-wlan-regulate-domain-default] country-code cn[AC-wlan-regulate-domain-default] quit[AC-wlan-view] ap-group name ap-group1[AC-wlan-ap-group-ap-group1] regulatory-domain-profile defaultWarning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y[AC-wlan-ap-group-ap-group1] quit[AC-wlan-view] ap-group name ap-group2[AC-wlan-ap-group-ap-group2] regulatory-domain-profile defaultWarning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y[AC-wlan-ap-group-ap-group2] quit[AC-wlan-view] quit3、配置AC的源接口[AC] capwap source interface vlanif 1004、在AC上离线添加2个AP并将area_1和area_2分别加入AP组“ap-group1”和“ap-group2”当中[AC-wlan-view] ap-id 1 ap-mac 00e0-fcc9-5700[AC-wlan-ap-0] ap-name area_2Warning: This operation may cause AP reset. Continue? [Y/N]y[AC-wlan-ap-0] ap-group ap-group1Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y[AC-wlan-ap-0] quit[AC-wlan-view] ap-id 2 ap-mac 00e0-fc19-56f0[AC-wlan-ap-1] ap-name area_1Warning: This operation may cause AP reset. Continue? [Y/N]y[AC-wlan-ap-1] ap-group ap-group2Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y[AC-wlan-ap-1] quit5、查看AP是否上线1输入指令可以看到有2个AP出现在列表中且状态为nor即normal正常display ap all2在LSW1汇聚交换机的G0/0/3端口上抓取数据包核对看到的2个AP的ip地址由DHCP服务返回给客户端client的ip地址正是AP请求的ip地址如下图三配置WLAN业务参数1、创建安全、ssid、vap模板[AC-wlan]vlan pool sta-pool[AC-wlan-vlan-pool-sta-pool] vlan 101 to 102[AC-wlan-vlan-pool-sta-pool]quit[AC-wlan]wlan[AC-wlan-view] ssid-profile name wlan-2.4G[AC-wlan-ssid-prof-wlan-net] ssid wlan-2.4G[AC-wlan-ssid-prof-wlan-net] quit[AC-wlan-view] ssid-profile name wlan-5G[AC-wlan-ssid-prof-wlan-net] ssid wlan-5G[AC-wlan-ssid-prof-wlan-net] quit[AC-wlan-view] security-profile name wlan-sec[AC-wlan-sec-prof-wlan-net] security wpa-wpa2 psk pass-phrase a1234567 aes[AC-wlan-sec-prof-wlan-net] quit[AC-wlan-view] vap-profile name wlan1-2.4G[AC-wlan-vap-prof-wlan-net1] service-vlan vlan-pool sta-pool[AC-wlan-vap-prof-wlan-net1] security-profile wlan-sec[AC-wlan-vap-prof-wlan-net1] ssid-profile wlan-2.4G[AC-wlan-vap-prof-wlan-net1] quit[AC-wlan-view] vap-profile name wlan1-5G[AC-wlan-vap-prof-wlan-net1] service-vlan vlan-pool sta-pool[AC-wlan-vap-prof-wlan-net1] security-profile wlan-sec[AC-wlan-vap-prof-wlan-net1] ssid-profile wlan-5G[AC-wlan-vap-prof-wlan-net1] quit[AC-wlan-view] vap-profile name wlan2-2.4G[AC-wlan-vap-prof-wlan-net2] service-vlan vlan-pool sta-pool[AC-wlan-vap-prof-wlan-net2] security-profile wlan-sec[AC-wlan-vap-prof-wlan-net2] ssid-profile wlan-2.4G[AC-wlan-vap-prof-wlan-net2] quit[AC-wlan-view] vap-profile name wlan2-5G[AC-wlan-vap-prof-wlan-net2] service-vlan vlan-pool sta-pool[AC-wlan-vap-prof-wlan-net2] security-profile wlan-sec[AC-wlan-vap-prof-wlan-net2] ssid-profile wlan-5G[AC-wlan-vap-prof-wlan-net2] quit2、配置AP组引用VAP模板area_1上射频0和射频1都使用VAP模板“wlan-net1”的配置area_2上射频0和射频1都使用VAP模板“wlan-net2”的配置。[AC-wlan-view] ap-group name ap-group1[AC-wlan-ap-group-ap-group1] vap-profile wlan1-2.4G wlan 1 radio 0[AC-wlan-ap-group-ap-group1] vap-profile wlan1-5G wlan 1 radio 1[AC-wlan-ap-group-ap-group1] quit[AC-wlan-view] ap-group name ap-group2[AC-wlan-ap-group-ap-group2] vap-profile wlan2-2.4G wlan 1 radio 0[AC-wlan-ap-group-ap-group2] vap-profile wlan2-5G wlan 1 radio 1[AC-wlan-ap-group-ap-group2] quit3、创建RRM模板关闭自动调优功能开启空口时间公平调度功能和智能漫游功能并指定用户漫游触发方式为基于终端信噪比触发门限值为15dB[AC-wlan-view] rrm-profile name wlan-rrm[AC-wlan-rrm-prof-wlan-rrm] calibrate auto-channel-select disable[AC-wlan-rrm-prof-wlan-rrm] calibrate auto-txpower-select disable4、在域管理模板下配置调优信道集合。[AC-wlan-view] regulatory-domain-profile name default[AC-wlan-regulate-domain-default] dca-channel 2.4g channel-set 1,6,11[AC-wlan-regulate-domain-default] dca-channel 5g bandwidth 20mhz[AC-wlan-regulate-domain-default] dca-channel 5g channel-set 149,153,157,161[AC-wlan-regulate-domain-default] quit5、创建空口扫描模板“wlan-airscan”并配置调优信道集合、扫描间隔时间和扫描持续时间[AC-wlan-view] air-scan-profile name wlan-airscan[AC-wlan-air-scan-prof-wlan-airscan] scan-channel-set dca-channel[AC-wlan-air-scan-prof-wlan-airscan] scan-period 60[AC-wlan-air-scan-prof-wlan-airscan] scan-interval 60000[AC-wlan-air-scan-prof-wlan-airscan] quit6、 创建2G射频模板“wlan-radio2g”并在该模板下引用RRM模板“wlan-rrm”和空口扫描模板“wlan-airscan”。[AC-wlan-view] radio-2g-profile name wlan-radio2g[AC-wlan-radio-2g-prof-wlan-radio2g] rrm-profile wlan-rrm[AC-wlan-radio-2g-prof-wlan-radio2g] air-scan-profile wlan-airscan[AC-wlan-radio-2g-prof-wlan-radio2g] quit7、创建5G射频模板“wlan-radio5g”并在该模板下引用RRM模板“wlan-rrm”和空口扫描模板“wlan-airscan”。[AC-wlan-view] radio-5g-profile name wlan-radio5g[AC-wlan-radio-5g-prof-wlan-radio5g] rrm-profile wlan-rrm[AC-wlan-radio-5g-prof-wlan-radio5g] air-scan-profile wlan-airscan[AC-wlan-radio-5g-prof-wlan-radio5g] quit8、在名为“ap-group1”和“ap-group2”的AP组下引用5G射频模板“wlan-radio5g”和2G射频模板“wlan-radio2g”。[AC-wlan-view] ap-group name ap-group1[AC-wlan-ap-group-ap-group1] radio-5g-profile wlan-radio5g radio 1Warning: This action may cause service interruption. Continue?[Y/N]y[AC-wlan-ap-group-ap-group1] radio-2g-profile wlan-radio2g radio 0Warning: This action may cause service interruption. Continue?[Y/N]y[AC-wlan-ap-group-ap-group1] quit[AC-wlan-view] ap-group name ap-group2[AC-wlan-ap-group-ap-group2] radio-5g-profile wlan-radio5g radio 1Warning: This action may cause service interruption. Continue?[Y/N]y[AC-wlan-ap-group-ap-group2] radio-2g-profile wlan-radio2g radio 0Warning: This action may cause service interruption. Continue?[Y/N]y[AC-wlan-ap-group-ap-group2] quit9、配置射频调优模式为手动调优并手动触发射频调优[AC-wlan-view] calibrate enable manual[AC-wlan-view] calibrate manual startup五、验证结果一手机连接wifi1、本例先连接wlan-2.4G连接时根据提示输入配置的wifi密码2、连接验证密码通过后出现了信号标识正在获取ip…说明此时手机终端正从DHCP服务请求ip地址3、当出现已连接后点击命令行输入ipconfig查看手机获取到的ip地址4、可以看出手机获取到的ip地址是10.23.101.254网关是指向R1路由器的vlan101的ip地址如下图二移动手机的位置并验证跨vlan的连通性1、移动手机的位置前修改LSW2接入交换机上的E0/0/2接口使该接口trunk透传vlan101否则移动手机从area1到area2时wifi身份验证通过后获取不到ip地址配置如下2、把手机连接好wifi从area1区域移动到area2区域右击手机执行自由移动如下图3、移动的过程中手机从area1移动时刚进入area2就已经自动连接上了area2中的wifi出现了连接上的信号如下图4、再次验证area2区域的手机到R1路由器的连通性ip地址不变连通也正常如下图5、在AC控制器上的CLI模式查看手机的MAC地址在wlan-2.4G的ssid中移动的轨迹Display station roam-track sta-mac 5489-9821-74F0三移动笔记本电脑STA的位置并验证跨vlan的连通性1、修改LSW2接入交换机的e0/0/1接口trunk透传vlan102如下图2、移动笔记本电脑从area2到area1然后查看STA笔记本电脑在2个VLAN的wifi之间的移动轨迹如下图Display station roam-track sta-mac 00e0-fc19-56f03、查看笔记本电脑的ip地址并没有变化再测试到R1路由器的连通性也正常如下图4、附验证视频https://live.csdn.net/v/506247至此本文结束实现了无线终端用户跨区域vlan的无缝漫游连接AC控制器给各AP分配管理网络的ip地址采用了DHCP全局地址池从各AP到AC之间的访问通过LSW1汇聚交换机中继DHCP。R1路由器给各终端用户手机、笔记本电脑分配业务网络ip地址采用了DHCP的基于vlanif接口的地址池。WLAN无线技术则配置了统一的ssid名称模板、security安全模板、vap配置调用模板、rrm模板、空口扫描模板、2.4G射频模板、5G射频模板、调用了vlan-pool等。不足之处敬请批评指正。