詞語解釋
目標(biāo):通過路由器進(jìn)行多個VLAN互聯(lián)
環(huán)境:1. 交換機(jī)為二層交換機(jī),支持VLAN劃分;2. 路由器只有1個Ethernet接口
實施:采用單臂路由,即在路由器上設(shè)置多個邏輯子接口,每個子接口對應(yīng)于一個VLAN。由于物理路由接口只有一個,各子接口的數(shù)據(jù)在物理鏈路上傳遞要進(jìn)行標(biāo)記封裝。Cisco設(shè)備支持ISL和802.1q協(xié)議。華為設(shè)備只支持802.1q。
單臂路由的配置實例
2600 IOS需求:IP Plus (c2600-ik8s-mz-122.15.T.bin)
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname c2600
!
no logging console
enable password mysecret
!
!
!
!
!
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation isl 1
ip address 10.10.10.1 255.255.255.0
no ip redirects
!
!-- If 802.1Q is configured,
!-- you will instead see the following output
!-- under interface FastEthernet0/0.1:
!-- interface FastEthernet0/0.1
!-- encapsulation dot1Q 1 native
!-- ip address 10.10.10.1 255.255.255.0
!
!
interface FastEthernet0/0.2
encapsulation isl 2
ip address 10.10.11.1 255.255.255.0
no ip redirects
!
!-- If 802.1Q is configured,
!-- you will instead see the following output
!-- under interface FastEthernet0/0.2:
!-- interface FastEthernet0/0.2
!-- encapsulation dot1Q 2
!-- ip address 10.10.11.1 255.255.255.0
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip classless
no ip http server
!
!
!
line con 0
transport input none
line aux 0
line vty 0 4
password mysecret
login
!
no scheduler allocate
end
華為路由器單臂路由
需求:在局域網(wǎng)中,通過交換機(jī)上配置VLAN可以減少主機(jī)通信廣播域的范圍,當(dāng)VLAN之間有部分主機(jī)需要通信,但交換機(jī)不支持三層交換時,可以采用一臺 支持802.1Q的路由器實現(xiàn)VLAN的互通.這需要在以太口上建立子接口,分配IP地址作為該VLAN的網(wǎng)關(guān),同時啟動802.1Q.
組網(wǎng):路由器E0端口與交換機(jī)的上行trunk端口(第24端口)相連,交換機(jī)下行口劃分3個VLAN,帶若干主機(jī).
1.路由器的配置
[Router]
[Router]inter e0
[Router-Ethernet0]ip add 10.0.0.1 255.255.255.0
[Router-Ethernet0]inter e0.1 //定義子接口E0.1
[Router-Ethernet0.1]ip add 172.16.1.1 255.255.255.0
[Router-Ethernet0.1]vlan-type dot1q vid 1 //指定以太網(wǎng)子接口屬于VLAN1,此命令應(yīng)用在以太網(wǎng)子接口上。只有配置了該命令之后,以太網(wǎng)子接口才會根據(jù)配置的VLAN ID 號在以太網(wǎng)幀頭中嵌入VLAN 標(biāo)簽,與該網(wǎng)口相連的交換機(jī)接口才能正確處理接收到的幀。
[Router-Ethernet0.1]inter e0.2 //定義子接口E0.2
[Router-Ethernet0.2]ip add 172.16.2.1 255.255.255.0
[Router-Ethernet0.2]vlan-type dot1q vid 2 //指定以太網(wǎng)子接口屬于VLAN2
[Router-Ethernet0.2]inter e0.3 //定義子接口E0.3
[Router-Ethernet0.3]ip add 172.16.3.1 255.255.255.0
[Router-Ethernet0.3]vlan-type dot1q vid 3 //指定以太網(wǎng)子接口屬于VLAN3
[Router-Ethernet0.3]inter e0
[Router-Ethernet0]undo shut
% Interface Ethernet0 is up
[Router-Ethernet0] //用網(wǎng)線將E0端口連到S3026第24端口
%19:46:32: Interface Ethernet0 changed state to UP
%19:46:32: Line protocol ip on interface Ethernet0, changed state to UP
%19:46:32: Line protocol ip on interface Ethernet0.1, changed state to UP
%19:46:32: Line protocol ip on interface Ethernet0.2, changed state to UP
%19:46:32: Line protocol ip on interface Ethernet0.3, changed state to UP
2.交換機(jī)的配置
Enter system view , return user view with Ctrl+Z.
[Quidway]vlan 1
[Quidway-vlan1]vlan 2
[Quidway-vlan2]port ethernet 0/17 to eth 0/19 eth 0/22 //將第17至19端口,和第22端口加入VLAN2
[Quidway-vlan2]vlan 3
[Quidway-vlan3]port eth 0/21 //將第21端口加入VLAN2
[Quidway-vlan3]inter e0/24
[Quidway-Ethernet0/24]port link-type trunk //將第24端口設(shè)為trunk口
[Quidway-Ethernet0/24]port trunk permit vlan all //允許所有VLAN流量通過
Please wait........................................... Done.
[Quidway-Ethernet0/24]dis port trunk //檢驗TRUNK口配置
Now, the following trunking ports exist:
Ethernet0/24
[Quidway-Ethernet0/24]dis vlan 2 //檢驗VLAN2的配置
VLAN ID: 2
VLAN Type: static
Route Interface: not configured
Des cription: VLAN 0002
Tagged Ports:
Ethernet0/24
Untagged Ports:
Ethernet0/17 Ethernet0/18 Ethernet0/19 Ethernet0/22
[Quidway-Ethernet0/24]dis vlan 3 //檢驗VLAN3的配置
VLAN ID: 3
VLAN Type: static
Route Interface: not configured
Des cription: VLAN 0003
Tagged Ports:
Ethernet0/24
Untagged Ports:
Ethernet0/21
3.在工作站上檢查網(wǎng)絡(luò)是否連通。此工作站連接S3026第21端口,屬于VLAN2。
C:Documents and SettingsAdministrator>ipconfig
windows 2000 IP Configuration
Ethernet adapter 本地連接:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 172.16.2.22
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.2.1
C:Documents and SettingsAdministrator>ping 172.16.3.1
Pinging 172.16.3.1 with 32 bytes of data:
Reply from 172.16.3.1: bytes=32 time<10ms TTL=255
Reply from 172.16.3.1: bytes=32 time<10ms TTL=255
Reply from 172.16.3.1: bytes=32 time<10ms TTL=255
Reply from 172.16.3.1: bytes=32 time<10ms TTL=255
Ping statistics for 172.16.3.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
4.在路由器上查看路由表。可以發(fā)現(xiàn),由于172.16各網(wǎng)段都是直連路由,故不需啟用路由協(xié)議或靜態(tài)路由即能實現(xiàn)VLAN之間的通訊。
[Router]display ip routing-table
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
10.0.0.0/24 Direct 0 0 10.0.0.1 Ethernet0
10.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
172.16.1.0/24 Direct 0 0 172.16.1.1 Ethernet0.1
172.16.1.1/32 Direct 0 0 127.0.0.1 LoopBack0
172.16.2.0/24 Direct 0 0 172.16.2.1 Ethernet0.2
172.16.2.1/32 Direct 0 0 127.0.0.1 LoopBack0
172.16.3.0/24 Direct 0 0 172.16.3.1 Ethernet0.3
172.16.3.1/32 Direct 0 0 127.0.0.1 LoopBack0
掃碼付費即可復(fù)制
X