CN102904741A - Network equipment and setting method thereof - Google Patents
Network equipment and setting method thereof Download PDFInfo
- Publication number
- CN102904741A CN102904741A CN2011102152560A CN201110215256A CN102904741A CN 102904741 A CN102904741 A CN 102904741A CN 2011102152560 A CN2011102152560 A CN 2011102152560A CN 201110215256 A CN201110215256 A CN 201110215256A CN 102904741 A CN102904741 A CN 102904741A
- Authority
- CN
- China
- Prior art keywords
- network
- switch
- server
- layer
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to network equipment. The network equipment comprises a server, an Internet access device, a layer 3 switch, layer 2 switches, desktop switches and network terminals, wherein both the server and the Internet access device are connected with the layer 3 switch, and the layer 3 switch, the layer 2 switches, the desktop switches and the network terminals are sequentially connected with one another. The invention further relates to a setting method of the network equipment. The network equipment and the setting method of the network equipment have the beneficial effects that the network is stable, economical, efficient, manageable and controllable, most of the functions of the network can be standardized at a tiny cost, and the expenses are saved to the maximum on the premise that all terminal computers are controlled, so that the network equipment and the setting method of the network equipment are applicable to medium and small enterprises.
Description
Technical field
The present invention relates to a kind of network equipment and method to set up thereof.
Background technology
At present, SMEs network is used day by day complicated, network management requirements is becoming better and approaching perfection day by day, along with enterprise computer quantity is more and more, original shared Small-scale LAN can't meet the demands, and the difficult control of ubiquity Small-scale LAN online, is difficult to the problems such as control access computer, the existing scheme that addresses these problems, cost is very high.
Summary of the invention
The present invention provides a kind of network equipment and method to set up thereof for solving the problems of the technologies described above.
The technical scheme that the present invention solves the problems of the technologies described above is as follows: a kind of network equipment, comprise server, internet access facility, three-tier switch, Layer 2 switch, desktop switch and the network terminal, described server be connected internet access facility and all be connected with described three-tier switch, described three-tier switch, Layer 2 switch, desktop switch are connected with the network terminal and are connected;
Described server comprises controlled Dynamic Host Configuration Protocol server, is used for dynamic assignment network terminal address;
Described internet access facility is used for communicating by letter of the control network terminal and the Internet;
Described three-tier switch is used for dividing and connecting the different virtual LAN network segment;
Described Layer 2 switch is used for distributing the VLAN network segment and deployment port access strategy based on port;
Described desktop switch is for the transfer of data of the network terminal and the Internet or VLAN.
Further, described Layer 2 switch is connected with the network terminal.
Further, described three-tier switch by Layer 2 switch respectively with described server and described internet access facility communication.
Further, the described network terminal refers to an access the terminal equipment of network, is computer, the network printer, network telephone, DVR, network facsimile machine or network interface attendance recorder.
Further, described internet access facility is fire compartment wall, router or acting server;
Further, described port deployment access control policy comprises that the control network terminal must automatic acquisition IP address.
Further, described server also comprises for the dns server of resolving domain name.
Further, described internet access facility also is used for outer net safety protective.
Further, described Layer 2 switch is at least one.
Further, described desktop switch is at least one.
Further, described Layer 2 switch is the gigabit upstream switch.
Further, described three-tier switch is gigabit switch.
A kind of method to set up of the network equipment may further comprise the steps:
Step 1: but the Dynamic Host Configuration Protocol server of management and control set up, and this Dynamic Host Configuration Protocol server is used for distributing and managing intranet IP;
Step 2: use three-tier switch to divide and the connection VLAN network segment, and the location Dynamic Host Configuration Protocol server;
Step 3: dispose controlled VLAN and dispose access control policy at the Layer 2 switch physical port;
Step 4: the network terminal is by the transfer of data of desktop switch and the Internet or VLAN.
Further, also comprise the steps: internet access facility configuration internet policy, be used for communicating by letter of the control network terminal and the Internet.
Further, described step 4 is: the network terminal is by the transfer of data of Layer 2 switch and the Internet or VLAN.
Further, dispose access control policy in the described step 3 and realize the necessary automatic acquisition IP address of network terminal ability access network, and organize the different access control policy of deployment for different users or user.
Further, also have following steps before the step 1: server is set up the Windows Active Directory that is used for management and control network terminal logon account, sets up the DNS that is used for control Intranet access domain name.
The invention has the beneficial effects as follows: but network stabilization, economy, efficient management and control are realized the most of function of standard network with small cost, under the controlled prerequisite of all terminal computers of assurance, reduce expenses to greatest extent.
?
Description of drawings
Fig. 1 is network equipment structured flowchart of the present invention;
Fig. 2 is network equipment method to set up flow chart of the present invention.
Embodiment
Below in conjunction with accompanying drawing principle of the present invention and feature are described, institute gives an actual example and only is used for explaining the present invention, is not be used to limiting scope of the present invention.
As shown in Figure 1, a kind of network equipment, it comprises server, internet access facility, three-tier switch, Layer 2 switch, desktop switch and the network terminal, described server and internet access facility all are connected with three-tier switch, described three-tier switch can also by Layer 2 switch respectively with described server and described internet access facility communication.Described three-tier switch is connected with Layer 2 switch, and the described network terminal can be connected into by desktop switch user's group of a group or a few group network applications similars, connects two layers of fully featured exchange again, also can directly access two layers of fully featured exchange.
Described server is computer, is provided with controlled Dynamic Host Configuration Protocol server and dns server in it, is used for the distribution network terminal address and resolves domain name;
Described internet access facility, (acting server (Proxy Server) is exactly the contact person between private network and the global network for fire compartment wall (fire compartment wall is hardware firewall or software firewall), router or acting server, it is responsible for transmitting the legal network information, and forwarding is controlled and registered.When using the web browser browsing network information, if use acting server, browser is not directly to reach back webpage to Web server just, but sends request to acting server, fetches the needed information of browser by acting server.), be used for the access of control the Internet, and network terminal online control in the local area network (LAN), internet access facility adopts SINGFOR AC1200 in the present embodiment.
Described three-tier switch adopts DCRS-5512GC, is used for configuration and is connected the VLAN network segment, namely divides VLAN, and so that can carry out transfer of data between each network segment of VLAN.
Described Layer 2 switch adopts DCS-3950, and is the gigabit upstream switch, its second line of a couplet mouth is 100,000,000, be used for setting the VLAN network segment based on port, dispose the port access control strategy, described port is disposed access control policy and is comprised that the control network terminal must automatic acquisition IP address.
Described desktop switch adopts H3C S1500, and the network terminal that network application is identical connects into and accesses the DCS-3950 port of having disposed access control policy after one group again, is used for the transfer of data of the network terminal and the Internet or VLAN.
The described network terminal refers to an access the terminal equipment of network, is computer, the network printer, network telephone, DVR, network facsimile machine or network interface attendance recorder.
A kind of detailed process of method to set up of the network equipment is as follows:
Server is set up the Windows Active Directory, and (Active Directory (Active Directory) is the directory service towards Windows Standard Server, Windows Enterprise Server and Windows Datacenter Server.Active Directory Services is one of center element of Windows 2000 operating system platforms.), management and control network terminal logon account; Setting up DNS(DNS is the abbreviation of domain name system Domain Name System, and it is comprised of resolver and name server), control Intranet access domain name; (DHCP refers to by one section IP address range of server controls, just can automatically obtain IP address, subnet mask, gateway and the DNS of server-assignment during the client logon server to set up Dynamic Host Configuration Protocol server.) role, and directed DNS, distribute and managing intranet IP;
Use three-tier switch DCRS-5512GC division and connect each VLAN(VLAN), the location Dynamic Host Configuration Protocol server;
Dispose VLAN at the DCS-3950 physical port, all VLAN are controlled;
Dispose access control policy at the DCS-3950 physical port, realize necessary automatic acquisition IP address ability access network, and organize the different access control policy of deployment for different users or user;
Access control policy comprises: necessary automatic acquisition IP address ability access network if the IP address is not automatic acquisition, does not then allow accesses network; And organize for different users or user and to dispose different access control policies, for example: the user who has does not allow to access Intranet, the user's intranet and extranet that has all allows access, the user who has only allows to access a certain service of Intranet station server, other services of this server do not allow access, other Intranet resources do not allow access, allow simultaneously access outer net etc.
The terminal computer that connects under the desktop switch is as one group of user, perhaps directly is connected to the network terminal on the Layer 2 switch as one group of user, is controlled by the port access control strategy of DCS-3950;
Use SINGFOR AC1200 control Internet exportation, configuration internet policy (internet policy comprises that control different network terminals user uses the authority of different Internet resources), the control network terminal is communicated by letter with the Internet.
Network backbone uses Layer 2 switch DCS-3950 gigabit up going port, guarantees the transmission stability and high efficiency.
The present invention uses desktop switch to reduce overspending simultaneously at branching networks, realizes that all terminals are controlled, and can tackle flexibly the changeable network application of medium-sized and small enterprises.
Integrated application the said equipment, but network stabilization, economy, efficient management and control are realized standard network overwhelming majority functions with small cost, under the controlled prerequisite of all terminals of assurance, reduce expenses to greatest extent.
The above only is preferred embodiment of the present invention, and is in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (16)
1. network equipment, it is characterized in that: comprise server, internet access facility, three-tier switch, Layer 2 switch, desktop switch and the network terminal, described server be connected internet access facility and all be connected with described three-tier switch, described three-tier switch, Layer 2 switch, desktop switch are connected with the network terminal and are connected;
Described server comprises controlled Dynamic Host Configuration Protocol server, is used for dynamic assignment network terminal address;
Described internet access facility is used for communicating by letter of the control network terminal and the Internet;
Described three-tier switch is used for dividing and connecting the different virtual LAN network segment;
Described Layer 2 switch is used for distributing the VLAN network segment and deployment port access strategy based on port;
Described desktop switch is for the transfer of data of the network terminal and the Internet or VLAN.
2. a kind of network equipment according to claim 1, it is characterized in that: described Layer 2 switch is connected with the network terminal.
3. a kind of network equipment according to claim 1 is characterized in that: described three-tier switch by Layer 2 switch respectively with described server and described internet access facility communication.
4. according to claim 1, it is characterized in that: the described network terminal refers to an access the terminal equipment of network, is computer, the network printer, network telephone, DVR, network facsimile machine or network interface attendance recorder.
5. a kind of network equipment according to claim 1, it is characterized in that: described internet access facility is fire compartment wall, router or acting server;
According to claim 1, it is characterized in that: described port is disposed access control policy, comprises that the control network terminal must automatic acquisition IP address.
6. according to claim 1, it is characterized in that: described server also comprises for the dns server of resolving domain name.
7. according to claim 1, it is characterized in that: described internet access facility also is used for outer net safety protective.
8. according to claim 1, it is characterized in that: described Layer 2 switch is at least one.
9. each is described to 7 according to claim 1, and it is characterized in that: described desktop switch is at least one.
10. each is described to 7 according to claim 1, and it is characterized in that: described Layer 2 switch is the gigabit upstream switch.
11. each is described to 7 according to claim 1, it is characterized in that: described three-tier switch is gigabit switch.
12. the method to set up such as the arbitrary described network equipment of claim 1 to 12 is characterized in that: may further comprise the steps:
Step 1: but the Dynamic Host Configuration Protocol server of management and control set up, and this Dynamic Host Configuration Protocol server is used for distributing and managing intranet IP;
Step 2: use three-tier switch to divide and the connection VLAN network segment, and the location Dynamic Host Configuration Protocol server;
Step 3: dispose controlled VLAN and dispose access control policy at the Layer 2 switch physical port;
Step 4: the network terminal is by the transfer of data of desktop switch and the Internet or VLAN.
13. the method to set up of a kind of network equipment according to claim 13 is characterized in that: also comprise the steps: internet access facility configuration internet policy, be used for communicating by letter of the control network terminal and the Internet.
14. the method to set up of a kind of network equipment according to claim 13 is characterized in that: described step 4 is: the network terminal is by the transfer of data of Layer 2 switch and the Internet or VLAN.
15. the method to set up of a kind of network equipment according to claim 13, it is characterized in that: dispose access control policy in the described step 3 and comprise the necessary automatic acquisition IP address of network terminal ability access network, and organize the different access control policy of deployment for different users or user.
16. the method to set up of a kind of network equipment according to claim 13, it is characterized in that: further comprising the steps of before the described step 1: server is set up the Windows Active Directory that is used for management and control network terminal logon account, sets up the DNS that is used for control Intranet access domain name.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102152560A CN102904741A (en) | 2011-07-29 | 2011-07-29 | Network equipment and setting method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102152560A CN102904741A (en) | 2011-07-29 | 2011-07-29 | Network equipment and setting method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102904741A true CN102904741A (en) | 2013-01-30 |
Family
ID=47576792
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102152560A Pending CN102904741A (en) | 2011-07-29 | 2011-07-29 | Network equipment and setting method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102904741A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103795566A (en) * | 2013-12-30 | 2014-05-14 | 马钢控制技术有限责任公司 | Computer network system and control method thereof |
| CN104184615A (en) * | 2014-08-07 | 2014-12-03 | 惠州学院 | Network management system and network management method for laboratory on campus |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1507215A (en) * | 2002-12-11 | 2004-06-23 | 华为技术有限公司 | Two-layer message isolating method |
| CN1677950A (en) * | 2004-04-01 | 2005-10-05 | 华为技术有限公司 | Data exchange method based on virtual local area network |
| CN101072141A (en) * | 2006-05-09 | 2007-11-14 | 杭州华三通信康技术有限公司 | Ethernet accessing converting device, multiplexing gateway device and accessing converting method |
| CN101110668A (en) * | 2006-07-21 | 2008-01-23 | ***通信集团公司 | Method for tracing to secondary layer switch port |
-
2011
- 2011-07-29 CN CN2011102152560A patent/CN102904741A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1507215A (en) * | 2002-12-11 | 2004-06-23 | 华为技术有限公司 | Two-layer message isolating method |
| CN1677950A (en) * | 2004-04-01 | 2005-10-05 | 华为技术有限公司 | Data exchange method based on virtual local area network |
| CN101072141A (en) * | 2006-05-09 | 2007-11-14 | 杭州华三通信康技术有限公司 | Ethernet accessing converting device, multiplexing gateway device and accessing converting method |
| CN101110668A (en) * | 2006-07-21 | 2008-01-23 | ***通信集团公司 | Method for tracing to secondary layer switch port |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103795566A (en) * | 2013-12-30 | 2014-05-14 | 马钢控制技术有限责任公司 | Computer network system and control method thereof |
| CN104184615A (en) * | 2014-08-07 | 2014-12-03 | 惠州学院 | Network management system and network management method for laboratory on campus |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106953788B (en) | virtual network controller and control method | |
| CN103580980B (en) | The method and device thereof that virtual network finds and automatically configures automatically | |
| CN105637805B (en) | Enhance mobile alternate channel to solve the node failure in wired networks | |
| CN103001999B (en) | For privately owned Cloud Server, intelligent apparatus client and the method for public cloud network | |
| CN101022394A (en) | Method for realizing virtual local network aggregating method and converging exchanger | |
| CN104811371B (en) | A kind of brand-new instantaneous communication system | |
| CN107800743B (en) | Cloud desktop system, cloud management system and related equipment | |
| US20170118127A1 (en) | Systems and Methods of Virtualized Services | |
| CN102025591A (en) | Method and system for implementing virtual private network | |
| US20060173977A1 (en) | A process for dynamic user control on always-on ip network | |
| WO2002010931A1 (en) | Virtual network generation system and method | |
| CN101964799A (en) | Solution method of address conflict in point-to-network tunnel mode | |
| CN109391533B (en) | Virtual private network service provisioning system supporting diverse end-to-end isolation | |
| CN103856358B (en) | Ethernet port VLAN (virtual local area network) configuration system and method of EOC (Ethernet over coax) equipment | |
| CN1411210A (en) | Method of acting address analytic protocol Ethernet Switch in application | |
| CN105187380A (en) | Secure access method and system | |
| CN106604119A (en) | Network penetrating method and system of intelligent TV private cloud equipment | |
| CN107770010A (en) | A kind of home intranet method and home networking system based on OpenFlow | |
| CN202957840U (en) | Cross-network acceleration system | |
| US7570647B2 (en) | LAN type internet access network and subscriber line accommodation method for use in the same network | |
| CN101951380B (en) | Access control method and device used therein in dual-stack lite network | |
| EP3744051A1 (en) | Virtual tenant for multiple dwelling unit | |
| CN102904741A (en) | Network equipment and setting method thereof | |
| CN101009713A (en) | A broadband access method and device | |
| WO2020029793A1 (en) | Internet access behavior management system, device and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130130 |