实验目标
- 掌握跨交换机主机通信
- 不同vlan间通信-单臂路由
- 端口安全限制
- 虚拟vlanif端口通信
- 端口捆绑
- 生成树配置
一 跨交换机主机通信
sw1交换机配置
#trunk配置
Router(config)#int f0/0
Router(config-if)#no shut
Router(config)#int f0/1
Router(config-if)#no shut
Router(config)#int f0/2
Router(config-if)#no shut
Router(config)#int f0/15
Router(config-if)#switchport mode trunk
#创建3个vlan 100,200,300,3台主机分别放在这3个vlan上
sw1#vlan database
sw1(vlan)#vlan 100 name sales_sw1
VLAN 100 added:
Name: sales_sw1
sw1(vlan)#vlan 200 name it_sw2
VLAN 200 added:
Name: it_sw2
sw1(vlan)#vlan 300 name hr_sw3
VLAN 300 added:
Name: hr_sw3
sw1(vlan)#
sw1(config)#int f0/0
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 100
sw1(config-if)#int f0/1
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 200
sw1(config-if)#int f0/2
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 300
sw1(config-if)#
#查看配置
sw1#show vlan-sw
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
100 sales_sw1 active Fa0/0
200 it_sw2 active Fa0/1
300 hr_sw3 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
100 enet 100100 1500 - - - - - 0 0
200 enet 100200 1500 - - - - - 0 0
300 enet 100300 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trnet 101005 1500 - - 1 ibm - 0 0
sw1#
sw2交换机配置
Router(config)#int f0/0
Router(config-if)#no shut
Router(config)#int f0/1
Router(config-if)#no shut
Router(config)#int f0/2
Router(config-if)#no shut
Router(config)#int f0/15
Router(config-if)#switchport mode trunk
sw2(vlan)#vlan 100 name sale_sw2
VLAN 100 modified:
Name: sale_sw2
sw2(vlan)#vlan 200 name it_sw2
VLAN 200 modified:
Name: it_sw2
sw2(vlan)#vlan 300 name hr_sw2
VLAN 300 added:
Name: hr_sw2
sw2(config-if)##int f0/0
sw2(config-if)#switchport mode access
sw2(config-if)#
sw2(config-if)#switchport access vlan 100
sw2(config-if)#int f0/1
sw2(config-if)#switchport mode access
sw2(config-if)#switchport acc
sw2(config-if)#switchport access vlan 200
sw2(config-if)#
sw2(config-if)#int f0/2
sw2(config-if)#switc
sw2(config-if)#switchport mode access
sw2(config-if)#switchport access vlan 300
sw2(config-if)#
#查看已经创建成功了
sw2#show vlan-s
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
100 sale_sw2 active Fa0/0
200 it_sw2 active Fa0/1
300 hr_sw2 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
100 enet 100100 1500 - - - - - 0 0
200 enet 100200 1500 - - - - - 0 0
300 enet 100300 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trnet 101005 1500 - - 1 ibm - 0 0
pc1001上ping pc1002
#注意,没有配置多个vlan的时候,由于都在一个默认van下,所以可以ping通
Router#ping 192.168.1.12
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.12, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/30/36 ms
Router#
#查看vlan信息
sw1#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/1, Fa0/2, Fa0/3
Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
sw1#
二 不同vlan间通信-单臂路由
2.1 sw1交换机配置
sw1(config)#int f0/14
sw1(config-if)#switchport mode trunk
sw1(config-if)#
sw1#show int f0/14 trunk
Port Mode Encapsulation Status Native vlan
Fa0/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/14 1-1005
Port Vlans allowed and active in management domain
Fa0/14 1,100,200,300
Port Vlans in spanning tree forwarding state and not pruned
Fa0/14 1,100,200,300
sw1#
2.2 路由器配置
#配置路由子接口信息
R9(config)#int f0/0
R9(config)#no shut
R9(config-if)#inter f0/0.100
R9(config-subif)#encapsulation dot1q 100
R9(config-subif)#ip address 192.168.1.100 255.255.255.0
R9(config-subif)#no shut
R9(config-subif)#inter f0/0.200
R9(config-subif)#encapsulation dot1q 200
R9(config-subif)#ip address 192.168.2.100 255.255.255.0
R9(config-subif)#no shut
R9(config-subif)#inter f0/0.300
R9(config-subif)#encapsulation dot1q 300
R9(config-subif)#ip address 192.168.3.100 255.255.255.0
R9(config-subif)#no shut
3.3 验证结果
Router#ping 192.168.2.21
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.21, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/86/108 ms
Router#ping 192.168.3.31
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.31, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/79/104 ms
Router#
#注意:如果使用gns3模拟,交换机要关闭,及路由表要为空
no ip routing
sw1#show ip route
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
sw1#
浙公网安备 33010602011771号