CCNA复习:交换机基本操作
实验目标
- 掌握跨交换机主机通信
- 不同vlan间通信-单臂路由
- 端口安全限制
- 虚拟vlanif端口通信
- 端口捆绑
- 生成树配置
一 跨交换机主机通信
sw1交换机配置
#trunk配置
Router(config)#int f0/0
Router(config-if)#no shut
Router(config)#int f0/1
Router(config-if)#no shut
Router(config)#int f0/2
Router(config-if)#no shut
Router(config)#int f0/15
Router(config-if)#switchport mode trunk
#创建3个vlan 100,200,300,3台主机分别放在这3个vlan上
sw1#vlan database
sw1(vlan)#vlan 100 name sales_sw1
VLAN 100 added:
Name: sales_sw1
sw1(vlan)#vlan 200 name it_sw2
VLAN 200 added:
Name: it_sw2
sw1(vlan)#vlan 300 name hr_sw3
VLAN 300 added:
Name: hr_sw3
sw1(vlan)#
sw1(config)#int f0/0
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 100
sw1(config-if)#int f0/1
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 200
sw1(config-if)#int f0/2
sw1(config-if)#switchport mode access
sw1(config-if)#switchport acc vlan 300
sw1(config-if)#
#查看配置
sw1#show vlan-sw
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
100 sales_sw1 active Fa0/0
200 it_sw2 active Fa0/1
300 hr_sw3 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
100 enet 100100 1500 - - - - - 0 0
200 enet 100200 1500 - - - - - 0 0
300 enet 100300 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trnet 101005 1500 - - 1 ibm - 0 0
sw1#
sw2交换机配置
Router(config)#int f0/0
Router(config-if)#no shut
Router(config)#int f0/1
Router(config-if)#no shut
Router(config)#int f0/2
Router(config-if)#no shut
Router(config)#int f0/15
Router(config-if)#switchport mode trunk
sw2(vlan)#vlan 100 name sale_sw2
VLAN 100 modified:
Name: sale_sw2
sw2(vlan)#vlan 200 name it_sw2
VLAN 200 modified:
Name: it_sw2
sw2(vlan)#vlan 300 name hr_sw2
VLAN 300 added:
Name: hr_sw2
sw2(config-if)##int f0/0
sw2(config-if)#switchport mode access
sw2(config-if)#
sw2(config-if)#switchport access vlan 100
sw2(config-if)#int f0/1
sw2(config-if)#switchport mode access
sw2(config-if)#switchport acc
sw2(config-if)#switchport access vlan 200
sw2(config-if)#
sw2(config-if)#int f0/2
sw2(config-if)#switc
sw2(config-if)#switchport mode access
sw2(config-if)#switchport access vlan 300
sw2(config-if)#
#查看已经创建成功了
sw2#show vlan-s
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
100 sale_sw2 active Fa0/0
200 it_sw2 active Fa0/1
300 hr_sw2 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
100 enet 100100 1500 - - - - - 0 0
200 enet 100200 1500 - - - - - 0 0
300 enet 100300 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trnet 101005 1500 - - 1 ibm - 0 0
pc1001上ping pc1002
#注意,没有配置多个vlan的时候,由于都在一个默认van下,所以可以ping通
Router#ping 192.168.1.12
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.12, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/30/36 ms
Router#
#查看vlan信息
sw1#show vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/1, Fa0/2, Fa0/3
Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
sw1#
二 不同vlan间通信-单臂路由
2.1 sw1交换机配置
sw1(config)#int f0/14
sw1(config-if)#switchport mode trunk
sw1(config-if)#
sw1#show int f0/14 trunk
Port Mode Encapsulation Status Native vlan
Fa0/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/14 1-1005
Port Vlans allowed and active in management domain
Fa0/14 1,100,200,300
Port Vlans in spanning tree forwarding state and not pruned
Fa0/14 1,100,200,300
sw1#
2.2 路由器配置
#配置路由子接口信息
R9(config)#int f0/0
R9(config)#no shut
R9(config-if)#inter f0/0.100
R9(config-subif)#encapsulation dot1q 100
R9(config-subif)#ip address 192.168.1.100 255.255.255.0
R9(config-subif)#no shut
R9(config-subif)#inter f0/0.200
R9(config-subif)#encapsulation dot1q 200
R9(config-subif)#ip address 192.168.2.100 255.255.255.0
R9(config-subif)#no shut
R9(config-subif)#inter f0/0.300
R9(config-subif)#encapsulation dot1q 300
R9(config-subif)#ip address 192.168.3.100 255.255.255.0
R9(config-subif)#no shut
3.3 验证结果
Router#ping 192.168.2.21
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.21, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/86/108 ms
Router#ping 192.168.3.31
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.31, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/79/104 ms
Router#
#注意:如果使用gns3模拟,交换机要关闭,及路由表要为空
no ip routing
sw1#show ip route
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
sw1#
三 端口捆绑 -- 负载均衡,验证不冗余
3.1 sw1配置
#交换机绑定端口模式
sw1(config)#int range f0/13 , f0/15
sw1(config-if-range)#switchport mod
sw1(config-if-range)#switchport mode trunk
sw1(config-if-range)#channel-group 1 mode on
sw1(config-if-range)#no shut
sw1(config-if-range)#
sw1(config)#int port-channel 1
sw1(config-if)#switchport mode trunk
3.2 sw2配置
#配置sw2交换机端口绑定模式
sw2(config)#int range f0/13 , f0/15
sw2(config-if-range)#switchport mod
sw2(config-if-range)#switchport mode trunk
sw2(config-if-range)#channel-group 1 mode on
sw2(config-if-range)#no shut
sw2(config-if-range)#
sw2(config)#int port-channel 1
sw2(config-if)#switchport mode trunk
#查看配置
sw1#show int port-channel 1
Port-channel1 is up, line protocol is up
Hardware is EtherChannel, address is cc00.1d58.f00f (bia cc00.1d58.f00f)
MTU 1500 bytes, BW 200000 Kbit, DLY 1000 usec, #带宽增加了一倍
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
Members in this channel: Fa0/13 Fa0/15 #已经有2个成员信息了
ARP type: ARPA, ARP Timeout 04:00:00
Last input 01:52:02, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
sw1#
#单接口带宽,绑定后是200000了
sw1#show int f0/13 | i BW
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
sw1#
sw1#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
R - Layer3 S - Layer2
U - in use
Group Port-channel Ports
-----+------------+-----------------------------------------------------------
1 Po1(SU) Fa0/13(P) Fa0/15(P)
sw1#
3.3 pc1001上ping
#配置绑定端口后,测试ping
Router#ping 192.168.1.12
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.12, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/66/88 ms
#跨交换机,也正常
Router#
Router#ping 192.168.2.21
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.21, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/106/140 ms
Router#
#模拟断掉sw2的f0/15口后,查看
sw2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#int f0/15
sw2(config-if)#shut
sw2(config-if)#
#查看绑定口
sw2#show int port-channel 1
Port-channel1 is up, line protocol is up
Hardware is EtherChannel, address is cc01.1d58.f00d (bia cc01.1d58.f00d)
MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
Members in this channel: Fa0/13
ARP type: ARPA, ARP Timeout 04:00:00
Last input 01:19:07, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
sw2#
#继续ping同交换机下的另一台主机,发现是通的,因为没有出交换机
Router#ping 192.168.2.21
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.21, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/108/172 ms
Router#
#ping跨了交换机的主机
#结果发现,会有一半丢包,由于断掉了一个口,有一半丢失了。
Router#ping 192.168.2.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.22, timeout is 2 seconds:
!.!.!
Success rate is 60 percent (3/5), round-trip min/avg/max = 124/130/136 ms
Router#
四 端口捆绑--PAGP和LACP冗余--待更换模拟器
由于gns3低版本,不支持,等后面完成,只有on
sw1(config-if)#int f0/13
sw1(config-if)#channel-group 1 mode ?
on Enable Etherchannel only
浙公网安备 33010602011771号