栏目导航: 首页 > 安全防御 > 企业运维 > 内容

不同vlan间的通信简单配置(三种方式)

www.hx99.net    时间: 2016-11-21    阅读: 次     整理: 华西安全网

 1.单臂路由(图)

环境:一台路由器,一台二层交换机,两台pc机



 二层交换机的配置

一般模式:

Switch>

输入enable进入特权模式:

Switch>enable

输入configure terminal进入全局配置模式:

Switch#configure terminal 

Enter configuration commands, one per line.  End with CNTL/Z.

创建vlan 10 和 vlan 20:

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)# exit

进入接口配置模式:

Switch(config)#interface fastEthernet 0/1

把0/1变成trunk口(默认是access口)

Switch(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Switch(config-if)#exit

进入接口配置模式分别把对应的接口,加入对应的vlan:

Switch(config)#interface fastEthernet 1/1

Switch(config-if)#switchport mode access 

Switch(config-if)#switchport access vlan 10

Switch(config-if)#interface fastEthernet 2/1

Switch(config-if)#switchport mode access 

Switch(config-if)#switchport access vlan 20

到此而层交换机配置完毕!

路由器的配置:

Router>

Router>enable

Router#configure terminal 

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#inter fas 0/0

Router(config-if)#no ip address 

Router(config-if)#no shutdown

注意:单臂路由的配置父接口一定要no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up



Router(config-if)#exit

Router(config)#int fas 0/0.10

%LINK-5-CHANGED: Interface FastEthernet0/0.10, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.10, changed state to up

Router(config-subif)#encapsulation dot1Q 10

注意:在配置ip时一定要先封装802.1q协议

Router(config-subif)#ip address 192.168.10.1 255.255.255.0

Router(config-subif)#no shutdown 

Router(config-subif)#int fas 0/0.20

%LINK-5-CHANGED: Interface FastEthernet0/0.20, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.20, changed state to up

Router(config-subif)#ip address 192.168.20.1 255.255.255.0

% Configuring IP routing on a LAN subinterface is only allowed if that

subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,

or ISL vLAN.

Router(config-subif)#encapsulation dot1Q 20

Router(config-subif)#ip address 192.168.20.1 255.255.255.0

Router(config-subif)#no shutdown 

Router(config-subif)#

查看路由表:

Router#show ip route 

Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP

       i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

       * – candidate default, U – per-user static route, o – ODR

       P – periodic downloaded static route

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, FastEthernet0/0.10

C    192.168.20.0/24 is directly connected, FastEthernet0/0.20

Router#

PC0的配置:

ip 192.168.10.10

netmask 255.255.255.0

gateway 192.168.10.1

PC1的配置:

ip 192.168.20.20

netmask 255.255.255.0

gateway 192.168.20.1

2.使用SVI实现VLAN间的通信(图)

环境:一台三层交换机两台pc机

三层交换机的配置:

Switch>enable 

Switch#configure terminal 

Enter configuration commands, one per line.  End with CNTL/Z.

创建vlan 10  20

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)#exit

配置SVI接口ip

Switch(config)#interface vlan 10

%LINK-5-CHANGED: Interface Vlan10, changed state to up

Switch(config-if)#ip address 192.168.10.1 255.255.255.0

Switch(config-if)#no shutdown 

Switch(config-if)#interface vlan 20

%LINK-5-CHANGED: Interface Vlan20, changed state to up

Switch(config-if)#ip address 192.168.20.1 255.255.255.0

Switch(config-if)#no shutdown 

Switch(config-if)#exit

改变接口模式并加入vlan

Switch(config)#interface fastEthernet 0/1

Switch(config-if)#switchport mode access 

Switch(config-if)#switchport access vlan 10

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up

Switch(config-if)#interface fastEthernet 0/2

Switch(config-if)#switchport mode access 

Switch(config-if)#switchport access vlan 20

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up

Switch(config-if)#

看三层交换机的路由表:

Switch#show ip route 

Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP

       i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

       * – candidate default, U – per-user static route, o – ODR

       P – periodic downloaded static route

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, Vlan10

C    192.168.20.0/24 is directly connected, Vlan20

Switch#

两主机的配置与单臂路由中两主机的配置一样

3.跨交换机实现VLAN间的通信(图)

环境:一台三层交换机,两台二层交换机,两台pc机



三层交换机的配置(SW3)

Switch>enable

Switch#configure terminal 

Enter configuration commands, one per line.  End with CNTL/Z.

创建vlan 10 、 20 并设置ip

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)#exit

Switch(config)#interface vlan 10

%LINK-5-CHANGED: Interface Vlan10, changed state to up

Switch(config-if)#ip address 192.168.10.1 255.255.255.0

Switch(config-if)#no shutdown 

Switch(config-if)#interface vlan 20

%LINK-5-CHANGED: Interface Vlan20, changed state to up

Switch(config-if)#ip address 192.168.20.1 255.255.255.0

Switch(config-if)#no shutdown 

Switch(config-if)#exit

设置接口模式并加入相应的vlan(注意trunk口的设置)

Switch(config)#interface fastEthernet 0/1

Switch(config-if)#switchport mode trunk

Switch(config-if)#interface fastEthernet 0/1

Switch(config-if)#switchport access vlan 10

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up

Switch(config)#interface fastEthernet 0/2

Switch(config-if)#switchport mode trunk 

Switch(config-if)#interface fastEthernet 0/2

Switch(config-if)#switchport access vlan 20

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up

Switch#

看路由表

Switch#show ip route 

Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP

       i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

       * – candidate default, U – per-user static route, o – ODR

       P – periodic downloaded static route

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, Vlan10

C    192.168.20.0/24 is directly connected, Vlan20

SW21的配置

Switch>enable

Switch#configure  terminal 

Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#vlan 10

Switch(config-vlan)#exit

Switch(config)#interface fastEthernet 0/1

Switch(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Switch(config-if)#interface fastEthernet 1/1

Switch(config-if)#switchport mode access 

Switch(config-if)#switchport access vlan 10

Switch(config-if)#exit

Switch(config)#

SW22的配置

Switch>

Switch>en

Switch#

Switch#configure ter

Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#inter fas  1/1

Switch(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/1, changed state to up



Switch(config-if)#switchport mode access  

Switch(config-if)#inter fas 2/1

Switch(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2/1, changed state to up

 

Switch(config-if)#exit

Switch(config)#vlan 20

Switch(config-vlan)#inter fas  1/1

Switch(config-if)#switchport access vlan 20

Switch(config-if)#

注意:两交换机之间的链接是trunk链路

4.以上配置在模拟器上都可实现

在模拟器上配置其中pc图片

上述三种方式pc机的配置都一样

 

 

验证:

本文来源:华西安全网[http://www.hx99.net]
发表评论】【告诉QQ好友】【错误报告】【加入收藏】【关闭