实验4VLAN配置.docx

1、实验4VLAN配置实验 4 VLAN 配置学习目标掌握VLAN的创建方法掌握Access和Trunk类型接口的配置方法掌握Hybird接口的配置方法掌握将接口与VLAN关联的配置方法拓扑图图1.2 VLAN配置实验拓扑图场景目前，公司网络内的所有主机都处在同一个广播域，网络中充斥着大量的广播流量。作为网络管理员，您需要将网络划分成多个VLAN来控制广播流量的泛洪。本实验中，您需要在交换机S1和S2上进行VLAN配置。操作步骤步骤一 实验环境准备如果本任务中您使用的是空配置设备，那么请从步骤1开始配置。如果使用的设备包含上一个实验的配置，请直接从步骤2开始配置。在S1和S2上创建Eth-Trun

2、k 1并配置该Eth-Trunk为静态LACP模式。然后将G0/0/9和G0/0/10接口加入Eth-Trunk 1。system-viewQuidwaysysname S1S1interface Eth-trunk 1S1-Eth-Trunk1mode lacpS1-Eth-Trunk1quitS1interface GigabitEthernet0/0/9S1-GigabitEthernet0/0/9eth-trunk 1S1-GigabitEthernet0/0/9interface GigabitEthernet0/0/10S1-GigabitEthernet0/0/10eth-tru

3、nk 1system-viewQuidwaysysname S2S2interface eth-trunk 1S2-Eth-Trunk1mode lacpS2-Eth-Trunk1trunkport GigabitEthernet 0/0/9S2-Eth-Trunk1trunkport GigabitEthernet 0/0/10步骤二 关闭不相关接口，并配置 Trunk为了确保测试结果的准确性，需要关闭S3上的E0/0/1和E0/0/7端口以及S4上的E0/0/1和E0/0/14端口。system-viewEnter system view, return user view with Ct

4、rl+Z.Quidwaysysname S3S3interface GigabitEthernet 0/0/1S3-GigabitEthernet0/0/1shutdownS3-GigabitEthernet0/0/1quitS3interface GigabitEthernet 0/0/7S3-GigabitEthernet0/0/7shutdownsystem-viewEnter system view, return user view with Ctrl+Z.Quidwaysysname S4S4interface GigabitEthernet 0/0/1S4-GigabitEthe

5、rnet0/0/1shutdownS4-GigabitEthernet0/0/1quitS4interface GigabitEthernet 0/0/14S4-GigabitEthernet0/0/14shutdown交换机端口的类型默认为Hybrid端口。将Eth-Trunk 1的端口类型配置为Trunk，并允许所有VLAN的报文通过该端口。S1interface Eth-Trunk 1S1-Eth-Trunk1port link-type trunkS1-Eth-Trunk1port trunk allow-pass vlan allS2interface Eth-Trunk 1S2-E

6、th-Trunk1port link-type trunkS2-Eth-Trunk1port trunk allow-pass vlan all步骤三 创建 VLAN本实验中将S3、R1、R3和S4设备作为客户端主机。在S1和S2上分别创建VLAN，并使用两种不同方式将端口加入到已创建VLAN中。将所有连接客户端的端口类型配置为Access。在S1上，将端口G0/0/13和G0/0/1分别加入到VLAN 3和VLAN 4。在S2上，将端口G0/0/3和G0/0/6分别加入VLAN 4和VLAN 2。S1interface GigabitEthernet0/0/13S1-GigabitEther

7、net0/0/13port link-type accessS1-GigabitEthernet0/0/13quitS1interface GigabitEthernet0/0/1S1-GigabitEthernet0/0/1port link-type accessS1-GigabitEthernet0/0/1quitS1vlan 2S1-vlan2vlan 3S1-vlan3port GigabitEthernet0/0/13S1-vlan3vlan 4S1-vlan4port GigabitEthernet0/0/1S2vlan batch 2 to 4S2interface Gigab

8、itEthernet 0/0/3S2-GigabitEthernet0/0/3port link-type accessS2-GigabitEthernet0/0/3port default vlan 4S2-GigabitEthernet0/0/3quitS2interface GigabitEthernet 0/0/6S2-GigabitEthernet0/0/6port link-type accessS2-GigabitEthernet0/0/6port default vlan 2确认S1和S2上已成功创建VLAN，且已将相应端口划分到对应的VLAN中。display vlanThe

9、 total number of vlans is : 4-U: Up;D: Down;TG: Tagged;UT: Untagged;MP: Vlan-mapping;ST: Vlan-stacking;#: ProtocolTransparent-vlan;*: Management-vlan;-VIDTypePorts-1commonUT:GE0/0/2(U)GE0/0/3(U)GE0/0/4(U)GE0/0/5(U)GE0/0/6(D)GE0/0/7(D)GE0/0/8(D)GE0/0/11(D)GE0/0/12(D)GE0/0/14(U)GE0/0/15(D)GE0/0/16(D)G

10、E0/0/17(D)GE0/0/18(D)GE0/0/19(D)GE0/0/20(D)GE0/0/21(U)GE0/0/22(U)GE0/0/23(U)GE0/0/24(D)GE0/0/25(D)GE0/0/26(D)GE0/0/27(D)GE0/0/28(D)XGE0/0/1(D)XGE0/0/2(D)XGE0/0/3(D)XGE0/0/4(D)Eth-Trunk1(U)2 common TG:Eth-Trunk1(U)3 common UT:GE0/0/13(U) TG:Eth-Trunk1(U)4 common UT:GE0/0/1(U) TG:Eth-Trunk1(U)VID Stat

11、us Property MAC-LRN Statistics Description-1enabledefaultenabledisableVLAN 00012enabledefaultenabledisableVLAN 00023enabledefaultenabledisableVLAN 00034enabledefaultenabledisableVLAN 0004display vlanThe total number of vlans is : 4-U: Up;D: Down;TG: Tagged;UT: Untagged;MP: Vlan-mapping;ST: Vlan-stac

12、king;#: ProtocolTransparent-vlan;*: Management-vlan;-VIDTypePorts-1commonUT:GE0/0/1(U)GE0/0/2(U)GE0/0/4(U)GE0/0/5(U)GE0/0/7(D)GE0/0/8(D)GE0/0/11(U)GE0/0/12(U)GE0/0/13(U)GE0/0/14(D)GE0/0/15(D)GE0/0/16(D)GE0/0/17(D)GE0/0/18(D)GE0/0/19(D)GE0/0/20(D)GE0/0/21(D)GE0/0/22(D)GE0/0/23(U)GE0/0/24(U)GE0/0/25(D

13、)GE0/0/26(D)GE0/0/27(D)GE0/0/28(D)XGE0/0/1(D)XGE0/0/2(D)XGE0/0/3(D)XGE0/0/4(D)Eth-Trunk1(U)2 common UT:GE0/0/6(D) TG:Eth-Trunk1(U)3 common TG:Eth-Trunk1(U)4 common UT:GE0/0/3(U) TG:Eth-Trunk1(U)-1enabledefaultenabledisableVLAN 00012enabledefaultenabledisableVLAN 00023enabledefaultenabledisableVLAN 0

14、0034enabledefaultenabledisableVLAN 0004回显信息中灰色阴影标注的部分表明接口已经加入到各个对应VLAN中，并且Eth-Trunk 1端口允许所有VLAN的报文通过。步骤四 为客户端配置 IP 地址分别为主机R1、S3、R3和S4配置IP地址。由于无法直接为交换机的物理接口分配IP地址，因此将S3和S4的本地管理接口VLANIF 1作为用户接口，配置IP地址。system-viewHuaweisysname R1R1interface GigabitEthernet0/0/1R1-GigabitEthernet0/0/1ip address 10.0.4.1

15、 24S3interface vlanif 1S3-vlanif1ip address 10.0.4.2 24system-viewHuaweisysname R3R3interface GigabitEthernet0/0/2R3-GigabitEthernet0/0/2ip address 10.0.4.3 24S4interface vlanif 1S4-vlanif1ip address 10.0.4.4 24步骤五 检测设备连通性，验证 VLAN 配置结果执行ping命令。同属VLAN 4中的R1和R3能够相互通信。其他不同VLAN间的设备无法通信。R1ping 10.0.4.3PI

16、NG 10.0.4.3: 56 data bytes, press CTRL_C to breakReply from 10.0.4.3: bytes=56 Sequence=1 ttl=255 time=6 msReply from 10.0.4.3: bytes=56 Sequence=2 ttl=255 time=2 msReply from 10.0.4.3: bytes=56 Sequence=3 ttl=255 time=2 msReply from 10.0.4.3: bytes=56 Sequence=4 ttl=255 time=2 msReply from 10.0.4.3

17、: bytes=56 Sequence=5 ttl=255 time=2 ms- 10.0.4.3 ping statistics -5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 2/2/6 msR1ping 10.0.4.4PING 10.0.4.4: 56 data bytes, press CTRL_C to breakRequest time outRequest time outRequest time outRequest time outRequest ti

18、me out- 10.0.4.4 ping statistics -5 packet(s) transmitted0 packet(s) received100.00% packet loss同样，还可以检测R1和S3以及R3和S4之间的连通性。此处不再赘述。步骤六 配置 Hybrid 端口配置端口的类型为Hybrid，可以实现端口为来自不同VLAN报文打上标签或去除标签的功能。本任务中，需要通过配置Hybrid端口来允许VLAN 2和VLAN 4 之间可以互相通信。将S1上的G0/0/1端口和S2上的G0/0/3和G0/0/6端口的类型配置为Hybrid。同时，配置这些端口发送数据帧时能够去

19、掉VLAN 2和VLAN 4的标签。S1interface GigabitEthernet 0/0/1 S1-GigabitEthernet0/0/1undo port default vlan S1-GigabitEthernet0/0/1port link-type hybrid S1-GigabitEthernet0/0/1port hybrid untagged vlan 2 4 S1-GigabitEthernet0/0/1port hybrid pvid vlan 4S2interface GigabitEthernet 0/0/3 S2-GigabitEthernet0/0/3u

20、ndo port default vlan S2-GigabitEthernet0/0/3port link-type hybrid S2-GigabitEthernet0/0/3port hybrid untagged vlan 2 4 S2-GigabitEthernet0/0/3port hybrid pvid vlan 4 S2-GigabitEthernet0/0/3quitS2interface GigabitEthernet 0/0/6S2-GigabitEthernet0/0/6undo port default vlanS2-GigabitEthernet0/0/6port

21、link-type hybridS2-GigabitEthernet0/0/6port hybrid untagged vlan 2 4S2-GigabitEthernet0/0/6port hybrid pvid vlan 2执行port hybrid pvid vlan命令，可以配置端口收到数据帧时需要给数据帧添加的VLAN标签。同时port hybrid untagged vlan命令可以配置该端口在向主机转发数据帧之前，删除相应的VLAN标签。执行ping命令。测试VLAN 3中的R1与R3是否还能通信。ping 10.0.4.3PING 10.0.4.3: 56 data bytes

22、, press CTRL_C to breakReply from 10.0.4.3: bytes=56 Sequence=1 ttl=255 time=1 msReply from 10.0.4.3: bytes=56 Sequence=2 ttl=255 time=1 msReply from 10.0.4.3: bytes=56 Sequence=3 ttl=255 time=1 msReply from 10.0.4.3: bytes=56 Sequence=4 ttl=255 time=10 msReply from 10.0.4.3: bytes=56 Sequence=5 ttl

23、=255 time=1 ms- 10.0.4.3 ping statistics -5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 1/2/10 ms执行ping命令，测试VLAN 2中的S4能否与VLAN 4中的R1通信。ping 10.0.4.4PING 10.0.4.4: 56 data bytes, press CTRL_C to breakReply from 10.0.4.4: bytes=56 Sequence=1 ttl=255 time=41 msRepl

24、y from 10.0.4.4: bytes=56 Sequence=2 ttl=254 time=2 msReply from 10.0.4.4: bytes=56 Sequence=3 ttl=254 time=3 msReply from 10.0.4.4: bytes=56 Sequence=4 ttl=254 time=2 msReply from 10.0.4.4: bytes=56 Sequence=5 ttl=254 time=2 ms- 10.0.4.4 ping statistics -5 packet(s) transmitted5 packet(s) received0

25、.00% packet lossround-trip min/avg/max = 2/10/41 ms通过配置Hybrid端口，使VLAN 2内的主机能够接收来自VLAN 4的报文，反之亦然。而没有配置Hybrid端口的VLAN 3中地址为10.0.4.2的主机仍无法与其他VLAN主机通信。配置文件R1display current-configurationV200R007C00SPC600#sysname R1#interface GigabitEthernet0/0/1ip address 10.0.4.1 255.255.255.0#returnS3display current-co

26、nfiguration#!Software Version V100R006C05sysname S3#interface Vlanif1ip address 10.0.4.2 255.255.255.0#interface GigabitEthernet0/0/1shutdown#interface GigabitEthernet0/0/7shutdown#returnS1display current-configuration#!Software Version V200R008C00SPC500sysname S1#vlan batch 2 to 4#lacp priority 100

27、#interface Eth-Trunk1port link-type trunkport trunk allow-pass vlan 2 to 4094mode lacp#interface GigabitEthernet0/0/1port link-type hybridport hybrid pvid vlan 4port hybrid untagged vlan 2 4#interface GigabitEthernet0/0/9undo negotiation autospeed 100eth-trunk 1lacp priority 100#interface GigabitEthernet0/0/10undo negotiation autospeed 1