VLAN与TRUNK配置
交换机vlan基本配置
交换机上配置静态VLAN1、创建VLAN(1)在全局模式下创建VLAN:switch>enable 进入特权模式switch#configure terminal 进入全局模式switch(config)#vlan vlan-ID创建VLAN号switch(config)#name vlan-name配置VLAN名称switch(config)#mtu mtu-size改变MTU大小(可选命令)switch(config)#end 退出switch(config)#show vlan {name vlan-name|ID vlan-id}验证查看vlanswitch(config)#copy running-config startup-config 保存配置(2)在VLAN数据库中创建VLAN(VLAN数据库模式目前已经过时IOS版本不在支持,推荐使用全局模式配置定义VLAN)switch#vlan datebase 进入VLAN配置状态switch(vlan)#vlan vlan-id name vlan-name创建VLAN号及VLAN名称switch(vlan)#vlan vlan-id mtu mtu-size 修改MTU大小switch(vlan)#exit 更新VLAN数据并退出switch(config)#show vlan {name vlan-name|ID vlan-id}验证查看vlanswitch(config)#copy running-config startup config 保存配置(3)在VLAN中添加、删除端口switch#configure terminal 进入配置状态switch(config)# interface interface-id 进入要分配的端口switch(config)#switchport mode access 定义二层端口switch(config)#switchport access vlan vlan-id把端口划分给某个VLANswitch(config)#end 退出switch#show running-config interface interface-ID验证端口号的VLAN号switch#show interfaces interface-id switchport 验证端口的管理模式和VLAN情况switch#copy running-config startup-config 保存配置使用default interface interface-id命令可以还原接口的默认配置状态(4)验证VLAN的配置switch#show vlan brief 查看VLAN信息的命令switch#show vlan vlan-id查看指定的某一个VLAN信息(5)删除VLAN用no vlan vlan-id命令Switch#configure terminalSwitch(config)#no vlan vlan-id++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2、Turnk的模式和协商接口的配置模式1、switchport mode access将接口设定为永久的非中继模式,并协商将链路转换为非中继链路,即使邻接端口是中继端口,此接口也会成为非中继接口2、switchport mode dynamic desirable 使得接口主动尝试将链路转换为中继链路。
【数通大讲坛 10】vlan、trunk的概念和配置
一、VLAN的基本概念经过上一次大讲坛的了解,我们已经知道,对于一台二层交换机来说,整机就是一个广播域、一个LAN。
这意味着,只要连接到这个广播域的PC配置在一个IP子网内,即可进行互相访问,而且更重要的一点是,处于同一个广播域内的某个用户,发送一个广播数据帧,意味着在这个广播域内的所有用户都会收到这个数据帧,并且耗费资源来处理(即使她它可能并不需要这个数据帧)。
当这个广播域变得特别大、用户数量变得特别多时,网络就非常有可能被大量的广播消耗掉大量资源。
另一方面,实际的网络中经常存在这样的需求:连接在同一个交换机上的用户有可能是不同的业务部门,我希望对他们进行隔离,或者以独立的网络单元进行管理。
基于上述需求,我们引入VLAN的概念,所谓VLAN,翻译为Virtual LAN,实际上是一个虚拟的、逻辑的LAN,通过VLAN技术,我们可以在交换机上,根据接口等信息进行LAN的划定。
例如:上图中,我们基于设备接口进行VLAN的划分。
将接口1、2划分到了VLAN10,将接口23、24划分到了VLAN20。
这样一来,接口1、2所连接的PC就加入了VLAN10,处于同一个LAN、同一个广播域内,那么这些PC只要配置同一个网段的IP地址,就能够直接进行互访了。
而接口23、24处于另一个VLAN20,另一个LAN、另一个广播域。
属于VLAN20的PC之间能够直接进行互访。
但是,不同的VLAN之间,用户是被隔离的(除非借助路由设备),当然,一个VLAN内的广播数据帧并不会被泛洪到另一个VLAN来,因为他们处于不同的广播域。
有了VLAN技术,我们的网络设计将更加灵活、更加可控。
VLAN是一个虚拟的LAN,不再受设备的限制。
我们可以根据实际的业务环境需要,灵活的进行VLAN的规划。
而VLAN更可以跨交换机,因此VLAN的成员,也就是业务PC所处的位置就非常灵活了。
例如上图所示,你可能希望每个部门单独划分到一个LAN 中,部分之间互相隔离,而一个部门的员工又往往未必在同一楼层,可能分散在不同的楼层,那么有了VLAN 技术,完全可以把分散在不同楼层的业务PC划分入一个VLAN。
计算机网络基础-TRUNK配置
Switch# show vlan id vlan-id
复习
Trunk的作用
❖如何实现交换机之间的VLAN通信
▪ 为每一个VLAN提供一条链路?
VLAN 10
VLAN 20
பைடு நூலகம்
如果有100 个VLAN怎 么办呢?
VLAN 10
VLAN 20
VLAN 30
VLAN 30
Trunk的作用2-2
配置以太网通道3-1
❖EthernetChannel-以太通道
▪ 多条线路负载均衡,带宽提高 ▪ 容错,当一条线路失效时,其他线路通信,不会丢包
配置为以太通道的接口, 必须物理特性相同
配置以太网通道3-2
❖配置接口为以太通道模式
Switch(config)# interface range fastEthernet 0/1 – 2
Name: Fa0/24
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
…………
Operational private-vlan: none
Trunking VLANs Enabled: 1,3-1005
Pruning VLANs Enabled: 2-1001 Capture Mode Disabled
Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001
Trunk可以承载所有的 VLAN
Capture Mode Disabled
交换机(Switch)VLAN划分、删除、VLAN Trunk的配置
一、在SwA上分别创建VLAN2和VLAN3,并把端口划归相应的VLAN Switch>enable //进入特权模式Switch#vlan database //进入vlan配置模式% Warning: It is recommended to configure VLAN from config mode,as VLAN database mode is being deprecated. Please consult userdocumentation for configuring VTP/VLAN in config mode.Switch(vlan)#vlan 2 name NetA //划分vlan 2名称为NetAVLAN 2 added:Name: NetASwitch(vlan)#vlan 3 name NetB //划分vlan 3名称为NetBVLAN 3 added:Name: NetBSwitch(vlan)#exitAPPLY completed.Exiting....Switch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#int f0/1 //进入交换机的Fastethernet0/1接口Switch(config-if)#switchport mode access //配置成接入模式Switch(config-if)#switchport access vlan 2 //将vlan 划分到Fastethernet0/1接口Switch(config-if)#exitSwitch(config)#int f0/3 //同上Switch(config-if)#switchport mode accessSwitch(config-if)#switchport access vlan 3Switch(config-if)#endSwitch#%SYS-5-CONFIG_I: Configured from console by consoleSwitch#wr //保存当前配置Building configuration...[OK]Switch#二、对SwB划分VLAN2和VLAN3,并划归相应端口。
VLAN与TRUNK实验
实验过程:环境:PC1:172..16.1.1 PC2:172.16.1.21.划分VLAN之前两台交换机未做任何配置,可以PING通。
2.对交换机switch2配置两个VLAN:2和3(1)下图为创建VLAN2 和VLAN3两个VLAN。
(2)下图将SW2的fa0/2配置到VLAN3中(接PC1),fa0/1配置到VLAN2中(接SW1)。
(3)测试(在PC2上进行)3.TRUNK实验拓扑如下:(1)环境:6个PC 的IP地址依次为:172.16.1.1、1.2、1.3、1.4、1.5、1.6。
PC1、PC2、PC3、PC4属于VLAN2PC3、PC6属于VLAN3。
两个SW通过FA0/12连接(2)两个SW的VLAN基本配置①SW1的配置:②SW2的配置:也是先创建2个VLAN,VLAN2和VLAN3,然后分配借口。
③测试:PC1 PING PC2 通PC1 PING PC3、PC4、PC5、PC6 不通(3)两个SW的TRUNK配置①SW1的配置:②SW2的配置:③测试:PC1 PING PC2 、PC4、PC5 通PC1 PING PC3、PC6 不通PC3 PING PC6 通;其他的不通。
4.VTP实验cisco#vlan database \*进入VLAN配置cisco(vlan)# \*表示你进入了VLAN配置模式cisco(vlan)#vtp domain VTP 域名\*配置VTP的域名cisco(vlan)#VTP password 密码\*为VTP域设置密码cisco(vlan)#VTP MODE server|client|transparent\*这里特别说明一下,SERVER就是配置VTP为服务器,CLIENT就是配置VTP 的客户端TRANSPARENT就是设置为透明模式,按照你的需求设置5.单臂路由实验(1)环境(2)PC的IP192.168.2.1和192.168.2.2 /24 GW:192.168.2.254 192.168.3.1和192.168.3.2 /24 GW:192.168.3.254 (3)VLAN的IP:VLAN1:192.168.2.253(包含PC1、PC2)VLAN2:192.168.3.253(包含PC3、PC4)(4)SW配置(5)测试各个终端之间不通。
细说VLAN与Trunk
网络性能是影响业务效率的一个重要因素。
将大型广播域分段是提高网络性能的方法之一。
路由器能够将广播包阻隔在一个接口上,但是,路由器的LAN接口数量有限,它的主要功能是在网络间传输数据,而不是对终端设备提供网络接入。
访问LAN的功能还是由接入层交换机来实现。
与三层交换机相类似,通过在二层交换机上创建VLAN来减少广播域。
现代交换机就是通过VLAN来构造的,因此在某种程度上,学习交换机就是学习VLAN。
问题的产生:如下图所示,当网络上的所有设备在广播域产生大量的广播以及多播帧,就会与数据流竞争带宽。
这是由网络管理数据流组成,如:ARP,DHCP,STP等。
如下图所示,假设PC 1产生ARP,Windows登录,DHCP等请求:这些广播帧到达交换机1之后,遍历整个网络并到达所有节点直至路由器。
随着网络节点增加,开销的总数也在增长,直至影响交换机性能。
通过实施VLAN断开广播域将数据流隔离开来,能够解决这一问题。
什么是VLAN:VLAN(virtual local area network)是一组与位置无关的逻辑端口。
VLAN就相当于一个独立的三层网络。
VLAN的成员无需局限于同一交换机的顺序或偶数端口。
下图显示了一个常规的部署,左边这张图节点连接到交换机,交换机连接到路由器。
所有的节点都位于同一IP网络,因为他们都连接到路由器同一接口。
图中没有显示的是,缺省情况下,所有节点实际上都是同一VLAN。
因此,这种拓扑接口可看作是基于同一VLAN的,如上面右图所示。
例如,Cisco设备默认VLAN是VLAN 1,也称为管理VLAN。
默认配置下包含所有的端口,体现在源地址表(source address table,SAT)中。
该表用于交换机按照目的MAC地址将帧转发至合适的二层端口。
引入VLAN之后,源地址表按照VLAN将端口与MAC地址相对应起来,从而使得交换机能够做出更多高级转发决策。
下图显示了show mac address table和show vlan命令的显示输出。
关于LAN网内VLAN与Trunk的详细配置
关于LAN网内VLAN与Trunk的详细配置此实验过程是在Boson NetSim for CCNP version 6.0 BETA 1软件下做的。
其中使用2台C2905switch和4台PC机。
实验内容:1、配置控制端口和虚拟线路2、设置VLAN两个,分别为:VLAN100 Pcontrol和VLAN200 Accout3、分别将接口加入到VLAN100和VLAN200后配置Trunk线路,保证VLAN间的通信4、最后进行测试是否成功关于LAN网内VLAN与Trunk的详细配置SW1(C2950)交换机测试详细步骤及结果:CLI session with the switch is open.To end the CLI session, enter [Exit].Switch>%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/9, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down Switch>enableSwitch#show versionBoson Operating Simulation SoftwareBOSS (tm) C2900 Software (C2900-Enterprise), Version 12.1, RELEASE SOFTWARE Copyright (c) 1998-2003 by Boson Software, Inc.BOSS ROM: System Bootstrap, Version 12.2, RELEASE SOFTWARESwitch Uptime Is 0 days, 0 hours, 0 minutesSystem restarted by power-onSystem image file is ""flash:c2900-enterprise.12.1.boss"", booted via flashBoson 2900 (BOSS) processor (revision 5.0)12 FastEthernet/IEEE 802.3 interface(s)32K bytes of simulated non-volatile configuration memory.8192K bytes of simulated System flash (Read/Write)Switch#Switch#Switch#show runn!Version 12.1service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!!ip subnet-zerospanning-tree extend system-id!!!!!!!!interface FastEthernet0/1!interface FastEthernet0/2Switch#show runn!Version 12.1service timestamps debug uptime service timestamps log uptime no service password-encryption !hostname Switch!!!ip subnet-zerospanning-tree extend system-id !!!!!!!!interface FastEthernet0/1!interface FastEthernet0/2!interface FastEthernet0/3!interface FastEthernet0/4!interface FastEthernet0/5!interface FastEthernet0/6!interface FastEthernet0/7!interface FastEthernet0/8!interface FastEthernet0/9!interface FastEthernet0/10!interface FastEthernet0/11interface FastEthernet0/12!vtp domain bigdomain!interface Vlan 1no ip addressno ip route-cache!!ip classlessno ip http server!!!!line con 0transport input noneline aux 0line vty 0 15!no scheduler allocateendSwitch#Switch#Switch#configure terminalEnter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname SW1SW1(config)#line console 0SW1(config-line)#exec-timeout 20 0SW1(config-line)#logging synchronousSW1(config-line)#password dsfengSW1(config-line)#loginSW1(config-line)#line vty 0 15SW1(config-line)#exec-timeout 15 0SW1(config-line)#logging synchronousSW1(config-line)#password dsfengSW1(config-line)#loginSW1(config-line)#enable secret ciscoSW1(config)#exitSW1#SW1#SW1#vlan databaseSW1(vlan)#vlan 100 name PcontrolVLAN 100 added:Name:PcontrolSW1(vlan)#vlan 200 name AccoutVLAN 200 added:Name:AccoutSW1(vlan)#exitAPPL Y completed.Exiting....SW1#SW1#SW1#configure terminalEnter configuration commands, one per line. End with CNTL/Z.SW1(config)#interface fastethernet 0/2SW1(config-if)#switchport mode accessSW1(config-if)#switchport access vlan 100SW1(config-if)#exitSW1(config)#interface fastethernet 0/3SW1(config-if)#switchport mode accessSW1(config-if)#switchport access vlan 200SW1(config-if)#exitSW1(config)#interface fasteterhent 0/10SW1(config-if)#switchport mode trunkSW1(config-if)#switchport trunk encapsulation dot1qSW1(config-if)#endSW1#SW1#SW1#show interface fastethernet 0/2FastEthernet0/2 is up, line protocol is upHardware is Fast Ethernet, address is 000C.6542.9093 (bia 000C.6542.9093) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW1#SW1#SW1#show interface fastethernet 0/3FastEthernet0/3 is up, line protocol is upHardware is Fast Ethernet, address is 000C.3849.2796 (bia 000C.3849.2796) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW1#SW1#SW1#show interface fastethernet 0/10FastEthernet0/10 is up, line protocol is upHardware is Fast Ethernet, address is 000C.3878.9745 (bia 000C.3878.9745) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW1#SW1#SW1#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12100 Pcontrol active Fa0/2200 Accout active Fa0/31002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default activeVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 0100 enet 100100 1500 - - - - - 0 0200 enet 100200 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 01003 tr 101003 1500 - - - - - 0 01004 fdnet 101004 1500 - - - ieee - 0 01005 trnet 101005 1500 - - - ibm - 0 0SW1#SW1#SW1#show cdp neighborsCapability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS -Switch, H - Host, i - IGMP, r - RepeaterDevice ID Local Intrfce Holdtme Capability Platform Port IDSW2 Fas0/10 167 T S 2950 Fas 0/10SW1#SW1#SW1#show mac-address-tableCapability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS -Switch, H - Host, i - IGMP, r - RepeaterDevice ID Local Intrfce Holdtme Capability Platform Port IDSW2 Fas0/10 167 T S 2950 Fas 0/10Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----200 000C.9631.1997 DYNAMIC Fa0/3100 000C.7036.8702 DYNAMIC Fa0/21 000C.3817.8412 DYNAMIC Fa0/101 000C.9623.5011 DYNAMIC Fa0/101 000C.1738.3819 DYNAMIC Fa0/10Total Mac Addresses for this criterion: 5SW1#SW1#SW1#show run!Version 12.1service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname SW1enable secret 5 $sdf$6978yhg$jnb76sd!!!ip subnet-zerospanning-tree extend system-id!!!!!!!!interface FastEthernet0/1!interface FastEthernet0/2 switchport mode access switchport access vlan 100!interface FastEthernet0/3 switchport mode access switchport access vlan 200!interface FastEthernet0/4!interface FastEthernet0/5!interface FastEthernet0/6!interface FastEthernet0/7!interface FastEthernet0/8!interface FastEthernet0/9!interface FastEthernet0/10 switchport mode trunkswitchport trunk encapsulation dot1q !interface FastEthernet0/11!interface FastEthernet0/12!vtp domain bigdomain!interface Vlan 1no ip addressno ip route-cache!vlan 100 name Pcontrolvlan 200 name Accout!ip classlessno ip http server!!!!line con 0logintransport input nonepassword dsfengexec-timeout 15 0logging synchronousline aux 0line vty 0 15loginpassword dsfeng!no scheduler allocateendSW1#SW1#SW1#copy running-config startup-configDestination filename [startup-config]?Building configuration...[OK]SW1#SW1#SW2(C2950)交换机测试详细步骤及结果:CLI session with the switch is open.To end the CLI session, enter [Exit].%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/9, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down Switch>Switch>enableSwitch#show versionBoson Operating Simulation SoftwareBOSS (tm) C2900 Software (C2900-Enterprise), Version 12.1, RELEASE SOFTWARE Copyright (c) 1998-2003 by Boson Software, Inc.BOSS ROM: System Bootstrap, Version 12.2, RELEASE SOFTWARESwitch Uptime Is 0 days, 0 hours, 5 minutesSystem restarted by power-onSystem image file is ""flash:c2900-enterprise.12.1.boss"", booted via flashBoson 2900 (BOSS) processor (revision 5.0)12 FastEthernet/IEEE 802.3 interface(s)32K bytes of simulated non-volatile configuration memory.8192K bytes of simulated System flash (Read/Write)Switch#Switch#Switch#show runn!Version 12.1service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!!ip subnet-zerospanning-tree extend system-id !!!!!!!!interface FastEthernet0/1!interface FastEthernet0/2!interface FastEthernet0/3!interface FastEthernet0/4!interface FastEthernet0/5!interface FastEthernet0/6!interface FastEthernet0/7!interface FastEthernet0/8!interface FastEthernet0/9!interface FastEthernet0/10!interface FastEthernet0/11!interface FastEthernet0/12!vtp domain bigdomain!interface Vlan 1no ip addressno ip route-cache!!ip classlessno ip http server!!!!line con 0transport input noneline aux 0line vty 0 15!no scheduler allocateendSwitch#Switch#Switch#configure terminalEnter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname SW2SW2(config)#line console 0SW2(config-line)#exec-timeout 20 0SW2(config-line)#logging synchronousSW2(config-line)#password dsfengSW2(config-line)#loginSW2(config-line)#line vty 0 15SW2(config-line)#exec-timeout 15 0SW2(config-line)#logging synchronousSW2(config-line)#password dsfengSW2(config-line)#loginSW2(config-line)#enable secret ciscoSW2(config)#endSW2#SW2#SW2#vlan databaseSW2(vlan)#vlan 100 name PcontrolVLAN 100 added:Name:PcontrolSW2(vlan)#vlan 200 name AccoutVLAN 200 added:Name:AccoutSW2(vlan)#exitAPPL Y completed.Exiting....SW2#SW2#SW2#configure terminalEnter configuration commands, one per line. End with CNTL/Z.SW2(config)#interface fastethernet 0/2SW2(config-if)#switchport mode accessSW2(config-if)#switchport access vlan 100SW2(config-if)#exitSW2(config)#interface fastethernet 0/3SW2(config-if)#switchport mode accessSW2(config-if)#switchport access vlan 200SW2(config-if)#exitSW2(config)#interface fastethernet 0/10SW2(config-if)#switchport mode trunkSW2(config-if)#switchport trunk encapsulation dot1qSW2(config-if)#endSW2#SW2#SW2#show interface fastethernet 0/2FastEthernet0/2 is up, line protocol is upHardware is Fast Ethernet, address is 000C.2018.9057 (bia 000C.2018.9057) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW2#SW2#SW2#show interface fastethernet 0/3FastEthernet0/3 is up, line protocol is upHardware is Fast Ethernet, address is 000C.4287.4991 (bia 000C.4287.4991) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW2#SW2#SW2#show interface fastethernet 0/10FastEthernet0/10 is up, line protocol is upHardware is Fast Ethernet, address is 000C.3817.8412 (bia 000C.3817.8412) MTU 1500 bytes, BW 10000 Kbit, DL Y 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Auto-duplex, Auto-speedEncapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 02:29:44, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec269 packets input, 71059 bytes, 0 no bufferReceived 6 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored7290 packets output, 429075 bytes, 0 underruns0 output errors, 3 interface resets0 output buffer failures, 0 output buffers swapped outSW2#SW2#SW2#show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12100 Pcontrol active Fa0/2200 Accout active Fa0/31002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default activeVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 0100 enet 100100 1500 - - - - - 0 0200 enet 100200 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 01003 tr 101003 1500 - - - - - 0 01004 fdnet 101004 1500 - - - ieee - 0 01005 trnet 101005 1500 - - - ibm - 0 0SW2#SW2#SW2#show mac-address-tableVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12100 Pcontrol active Fa0/2200 Accout active Fa0/31002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default activeVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 0100 enet 100100 1500 - - - - - 0 0 200 enet 100200 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----200 000C.1738.3819 DYNAMIC Fa0/3100 000C.9623.5011 DYNAMIC Fa0/21 000C.3878.9745 DYNAMIC Fa0/101 000C.7036.8702 DYNAMIC Fa0/101 000C.9631.1997 DYNAMIC Fa0/10Total Mac Addresses for this criterion: 5SW2#SW2#SW2#show runn!Version 12.1service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname SW2enable secret 5 $sdf$6978yhg$jnb76sd!!!ip subnet-zerospanning-tree extend system-id!!!!!!!!interface FastEthernet0/1!interface FastEthernet0/2 switchport mode access switchport access vlan 100!interface FastEthernet0/3 switchport mode access switchport access vlan 200!interface FastEthernet0/4!interface FastEthernet0/5!interface FastEthernet0/6!interface FastEthernet0/7!interface FastEthernet0/8!interface FastEthernet0/9!interface FastEthernet0/10 switchport mode trunkswitchport trunk encapsulation dot1q !interface FastEthernet0/11!interface FastEthernet0/12!vtp domain bigdomain!interface Vlan 1no ip addressno ip route-cache!vlan 100 name Pcontrolvlan 200 name Accout!ip classlessno ip http server!!!!line con 0logintransport input nonepassword dsfengexec-timeout 15 0logging synchronousline aux 0line vty 0 15loginpassword dsfeng!no scheduler allocateendSW2#SW2#SW2#copy running-config startup-configDestination filename [startup-config]?Building configuration...[OK]SW2#SW2#PC1测试结果:Boson BOSS 5.0Copyright 1998-2005 Boson Software, Inc.Use the command help to get startedPress Enter to beginC:>C:>ipconfig /ip 192.168.1.1 255.255.255.0C:>ping 192.168.1.2Pinging 192.168.1.2 with 32 bytes of data:Reply from 192.168.1.2: bytes=32 time=60ms TTL=241 Reply from 192.168.1.2: bytes=32 time=60ms TTL=241Reply from 192.168.1.2: bytes=32 time=60ms TTL=241Reply from 192.168.1.2: bytes=32 time=60ms TTL=241Reply from 192.168.1.2: bytes=32 time=60ms TTL=241Ping statistics for 192.168.1.2: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:Minimum = 50ms, Maximum = 60ms, Average = 55msPC2测试结果:Boson BOSS 5.0Copyright 1998-2005 Boson Software, Inc.Use the command help to get startedPress Enter to beginC:>ipconfig /ip 192.168.10.1 255.255.255.0C:>C:>ping 192.168.10.2Pinging 192.168.10.2 with 32 bytes of data:Reply from 192.168.10.2: bytes=32 time=60ms TTL=241Reply from 192.168.10.2: bytes=32 time=60ms TTL=241Reply from 192.168.10.2: bytes=32 time=60ms TTL=241Reply from 192.168.10.2: bytes=32 time=60ms TTL=241Reply from 192.168.10.2: bytes=32 time=60ms TTL=241Ping statistics for 192.168.10.2: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:Minimum = 50ms, Maximum = 60ms, Average = 55msPC3测试结果:Boson BOSS 5.0Copyright 1998-2005 Boson Software, Inc.Use the command help to get startedPress Enter to beginC:>ipconfig /ip 192.168.1.2 255.255.255.0C:>ping 192.168.1.1Pinging 192.168.1.1 with 32 bytes of data:Reply from 192.168.1.1: bytes=32 time=60ms TTL=241Reply from 192.168.1.1: bytes=32 time=60ms TTL=241Reply from 192.168.1.1: bytes=32 time=60ms TTL=241Reply from 192.168.1.1: bytes=32 time=60ms TTL=241Reply from 192.168.1.1: bytes=32 time=60ms TTL=241Ping statistics for 192.168.1.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:Minimum = 50ms, Maximum = 60ms, Average = 55msPC4测试结果:Boson BOSS 5.0Copyright 1998-2005 Boson Software, Inc.Use the command help to get startedPress Enter to beginC:>ipconfig /ip 192.168.10.2 255.255.255.0C:>ping 192.168.10.1Pinging 192.168.10.1 with 32 bytes of data:Reply from 192.168.10.1: bytes=32 time=60ms TTL=241Reply from 192.168.10.1: bytes=32 time=60ms TTL=241Reply from 192.168.10.1: bytes=32 time=60ms TTL=241Reply from 192.168.10.1: bytes=32 time=60ms TTL=241Reply from 192.168.10.1: bytes=32 time=60ms TTL=241Ping statistics for 192.168.10.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:Minimum = 50ms, Maximum = 60ms, Average = 55ms。
基于trunk端口划分vlan的基本配置
基于trunk端口划分vlan的基本配置基于trunk端口划分VLAN的基本配置是网络管理员必须了解和掌握的重要技能之一。
VLAN(虚拟局域网)是一种将物理网络划分成逻辑上独立的多个网络的技术。
通过将不同的设备和用户分配到不同的VLAN中,可以实现网络资源的灵活分配和管理。
本文将以基于trunk端口划分VLAN的基本配置为主题,逐步回答相关问题,帮助读者了解和掌握这一技能。
一、什么是trunk端口?Trunk端口是一种可以传输多个VLAN数据的端口。
它可以将来自不同VLAN的数据打包封装,通过一个物理链路传输到其他设备,从而实现VLAN之间的通信。
二、为什么需要使用trunk端口?在实际网络中,通常会有多个VLAN,而这些VLAN之间需要进行通信。
如果不使用trunk端口,每个VLAN将被限制在各自的物理链路中,无法实现互相连接。
而使用trunk端口,能够将多个VLAN的数据打包封装在一个物理链路中传输,从而提高网络的灵活性和可管理性。
三、如何配置trunk端口划分VLAN?1. 确认网络拓扑:首先,需要了解网络的拓扑结构,包括设备和链路的连接关系。
2. 配置VLAN:在交换机上创建所需的VLAN,可以通过VLAN ID来标识不同的VLAN。
3. 配置trunk端口:确定哪些端口需要配置为trunk端口。
进入交换机的配置模式,找到相应的端口,输入命令“switchport mode trunk”来将端口配置为trunk模式。
4. 配置允许的VLAN:在trunk端口上,需要配置允许传输的VLAN。
可以使用命令“switchport trunk allowed vlan”+“VLAN ID”的方式来配置允许传输的VLAN,可以同时配置多个VLAN。
5. 验证配置:使用命令“show interfaces trunk”来验证trunk端口的配置,确认配置已经生效。
四、trunk端口配置注意事项1. 确保网络拓扑准确无误:配置trunk端口前,必须清楚网络的拓扑结构,确保理解了各个设备和链路的连接关系,避免配置错误。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
步骤三:
• VID里填写要增加的VLAN ID 100,点击增加
•
如下图所示在“删除”的左边有100这个VLAN 选项了。将1-5,21,22,23加入到 VLAN 100里。在下面的“VID号将嵌入到802.1Q标示里”在这里不需要选中2 1,22,23端口的。点击“设置”。
• 下图为VLAN 100在VLAN成员里的变化。
• 如下图为VLAN200的勾选设置。
• 如下图为VLAN300的勾
• 下图为我们设置完VLAN 100,200,300,400后 VLAN成员的显示。此时我们的设置已经完成。
• 下图可以看到VLAN No. 10在VLAN成员里的变化。1-5端 口为VLAN 100;6-10端口为VLAN115;21,22,23端口为tru nk。对11-20端口划分VLAN可参考以上VLAN100和VLAN 115的操作。此时我们的设置已经完成了。
FS2024的FS2024_ V1.8.bin版本配置步骤
• 如下图所示:VLAN NO. 05 和VID 100 对应,选中1-5端 口,将1-5的PVID改为04;21,22,23的的PVID改为00,其 他的不变,点击“设置”。
• 下图为VLAN No. 5在VLAN成员里的变化。
• 如下图所示:VLAN NO. 10 和VID 115 对应,选中6-10端 口,将6-10的PVID改为09;21,22,23的的PVID为00,其 他的不变,点击“设置”。
FS2024 VLAN与TRUNK 配置
• 交换机说明:
1.FS2024出厂默认地址为:192.168.1.1/24,通过第24口进行管理;其 他端口可以ping通192.168.1.1但是管理页面不能打开。 2.登陆的用户名和密码都是admin。在FS2000系列的产品中有登陆用户名 为admin,密码为system的产品。个别产品的用户名是admin,密码是 password。 3.FS2024出厂默认为端口隔离状态,各个端口在同一网段,但是相互间不能 PING通,24口为上联口。 4.目前FS2024的出厂版本和FS2024_SW_V0.7.bin版本配置界面相同, 只能通过第24口管理交换机。最新的FS2024_ V1.8.bin版本每个端口 都可以管理交换机。
• FS2024的出厂版本和FS2024_SW_V0.7.bin 版本的配置步骤: 步骤一:点击“更改模式”更改模式为Tag Ba se Vlan,既基于802.1q的模式。
• 步骤二:1-20口用于接入用户,修改为“删除”标 签,也就是access模式。21,22,23口作为级联口, 修改为“增加”标签,也就是trunk模式。24口不 变,为“忽略”标签,作为管理端口。
如下图在图形界面里显示的是FS2024-V1.0.2
• 步骤一:点击“更改模式”更改模式为Tag Ba se Vlan,既基于802.1q的模式。
• 步骤二:1-20口用于接入用户,修改为“删除”标签,也就 是access模式。21,22,23口作为级联口,修改为“增加” 标签,也就是trunk模式。24口不变,为“忽略”标签,作 为管理端口。这个版本不需要专门用24口做管理口,在端口 数有空闲的情况推荐最后一个口做管理口。
步骤三:
• 1.VLAN NO. 05 和VID 100 的关系就是一种对应 关系,只是方便后期设置。 • 2.VLAN NO. 05 代表:第5个VLAN的VLAN VID 为100,此处的100等同于创建了VLAN 100。 • 3.在Index中,将需要划进VLAN100的端口1-5填 写04(PVID序号等于VLAN NO.-1);Trunk端口 配置成00 • 4.VLAN成员表格可以不做理会,作为参考,可以看 到以前配置的痕迹。 • 5.读取每个VLAN对应的端口配置,可以选择VLAN NO.数值,点击“读取”