交换机怎么划分VLAN?本次的实验很简单,就是通过VLAN的划分,使不同VLAN之间无法通信,但是相同VLAN不受影响。
实验拓扑
在一台交换机下连接三台VPC,划分VLAN,地址规划如下:
| 名称 | 接口 | VLAN | 地址 |
|---|---|---|---|
| PC1 | f1/0 | vlan 10 | 192.168.10.10/24 |
| PC2 | f1/1 | vlan 20 | 192.168.10.20/24 |
| PC3 | f1/2 | vlan 20 | 192.168.10.30/24 |
配置方法
创建 vlan
1.vlan database 配置模式。(不推荐)
SW#vlan database SW(vlan)#vlan 10 name caiwu SW(vlan)#exit
2.全局配置模式。
SW(config)#vlan 20 SW(config-vlan)#name renshi SW(config-vlan)#end
端口添加到 vlan
SW(config)#interface fastEthernet 1/0 SW(config-if)#switchport mode access SW(config-if)#switchport access vlan 10 SW(config-if)#exit
配置过程
配置前测试互通
- PC1
PC1> ip 192.168.10.10 Checking for duplicate address... PC1 : 192.168.10.10 255.255.255.0 PC1> ping 192.168.10.20 84 bytes from 192.168.10.20 icmp_seq=1 ttl=64 time=0.989 ms 84 bytes from 192.168.10.20 icmp_seq=2 ttl=64 time=0.998 ms 84 bytes from 192.168.10.20 icmp_seq=3 ttl=64 time=0.960 ms 84 bytes from 192.168.10.20 icmp_seq=4 ttl=64 time=0.971 ms 84 bytes from 192.168.10.20 icmp_seq=5 ttl=64 time=0.999 ms PC1> ping 192.168.10.30 84 bytes from 192.168.10.30 icmp_seq=1 ttl=64 time=1.036 ms 84 bytes from 192.168.10.30 icmp_seq=2 ttl=64 time=0.997 ms 84 bytes from 192.168.10.30 icmp_seq=3 ttl=64 time=0.963 ms 84 bytes from 192.168.10.30 icmp_seq=4 ttl=64 time=0.849 ms 84 bytes from 192.168.10.30 icmp_seq=5 ttl=64 time=0.868 ms
- PC2
PC2> ip 192.168.10.20 Checking for duplicate address... PC1 : 192.168.10.20 255.255.255.0 PC2> ping 192.168.10.10 84 bytes from 192.168.10.10 icmp_seq=1 ttl=64 time=0.845 ms 84 bytes from 192.168.10.10 icmp_seq=2 ttl=64 time=0.995 ms 84 bytes from 192.168.10.10 icmp_seq=3 ttl=64 time=0.861 ms 84 bytes from 192.168.10.10 icmp_seq=4 ttl=64 time=0.877 ms 84 bytes from 192.168.10.10 icmp_seq=5 ttl=64 time=0.859 ms PC2> ping 192.168.10.30 84 bytes from 192.168.10.30 icmp_seq=1 ttl=64 time=0.995 ms 84 bytes from 192.168.10.30 icmp_seq=2 ttl=64 time=0.892 ms 84 bytes from 192.168.10.30 icmp_seq=3 ttl=64 time=0.958 ms 84 bytes from 192.168.10.30 icmp_seq=4 ttl=64 time=0.863 ms 84 bytes from 192.168.10.30 icmp_seq=5 ttl=64 time=0.865 ms
- PC3
PC3> ip 192.168.10.30 Checking for duplicate address... PC1 : 192.168.10.30 255.255.255.0 PC3> ping 192.168.10.10 84 bytes from 192.168.10.10 icmp_seq=1 ttl=64 time=0.877 ms 84 bytes from 192.168.10.10 icmp_seq=2 ttl=64 time=0.965 ms 84 bytes from 192.168.10.10 icmp_seq=3 ttl=64 time=0.844 ms 84 bytes from 192.168.10.10 icmp_seq=4 ttl=64 time=0.876 ms 84 bytes from 192.168.10.10 icmp_seq=5 ttl=64 time=0.852 ms PC3> ping 192.168.10.20 84 bytes from 192.168.10.20 icmp_seq=1 ttl=64 time=0.863 ms 84 bytes from 192.168.10.20 icmp_seq=2 ttl=64 time=0.963 ms 84 bytes from 192.168.10.20 icmp_seq=3 ttl=64 time=0.855 ms 84 bytes from 192.168.10.20 icmp_seq=4 ttl=64 time=1.004 ms 84 bytes from 192.168.10.20 icmp_seq=5 ttl=64 time=0.000 ms
正式配置
SW关闭路由功能
SW#configure terminal SW(config)#no ip routing SW(config)#end
vlan database创建vlan 10
SW#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
SW(vlan)#vlan 10 name caiwu
VLAN 10 added:
Name: caiwu
SW(vlan)#exit
APPLY completed.
Exiting....
- 全局配置创建
vlan 20
SW#configure terminal SW(config)#vlan 20 SW(config-vlan)#name renshi SW(config-vlan)#end
- 查看
VLAN
SW#show vlan-switch brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0, Fa1/1, Fa1/2, Fa1/3
Fa1/4, Fa1/5, Fa1/6, Fa1/7
Fa1/8, Fa1/9, Fa1/10, Fa1/11
Fa1/12, Fa1/13, Fa1/14, Fa1/15
10 caiwu active
20 renshi active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- 接口
f1/0添加到vlan 10,并查看
SW#configure terminal
SW(config)#interface fastEthernet 1/0
SW(config-if)#switchport mode access
SW(config-if)#switchport access vlan 10
SW(config-if)#exit
SW(config)#do show vlan-sw b
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/1, Fa1/2, Fa1/3, Fa1/4
Fa1/5, Fa1/6, Fa1/7, Fa1/8
Fa1/9, Fa1/10, Fa1/11, Fa1/12
Fa1/13, Fa1/14, Fa1/15
10 caiwu active Fa1/0
20 renshi active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- 接口
f1/1和f1/2添加到vlan 20,并查看
SW(config)#interface range fastEthernet 1/1 - 2
SW(config-if-range)#switchport mode access
SW(config-if-range)#switchport access vlan 20
SW(config-if-range)#exit
SW(config)#do show vlan-sw b
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/3, Fa1/4, Fa1/5, Fa1/6
Fa1/7, Fa1/8, Fa1/9, Fa1/10
Fa1/11, Fa1/12, Fa1/13, Fa1/14
Fa1/15
10 caiwu active Fa1/0
20 renshi active Fa1/1, Fa1/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
PING 测试
PC1> ping 192.168.10.20 host (192.168.10.20) not reachable PC1> ping 192.168.10.30 host (192.168.10.30) not reachable
PC2> ping 192.168.10.10 host (192.168.10.10) not reachable PC2> ping 192.168.10.30 84 bytes from 192.168.10.30 icmp_seq=1 ttl=64 time=0.971 ms 84 bytes from 192.168.10.30 icmp_seq=2 ttl=64 time=0.877 ms 84 bytes from 192.168.10.30 icmp_seq=3 ttl=64 time=0.844 ms 84 bytes from 192.168.10.30 icmp_seq=4 ttl=64 time=0.954 ms 84 bytes from 192.168.10.30 icmp_seq=5 ttl=64 time=0.869 ms
PC3> ping 192.168.10.10 host (192.168.10.10) not reachable PC3> ping 192.168.10.20 84 bytes from 192.168.10.20 icmp_seq=1 ttl=64 time=0.866 ms 84 bytes from 192.168.10.20 icmp_seq=2 ttl=64 time=0.962 ms 84 bytes from 192.168.10.20 icmp_seq=3 ttl=64 time=0.855 ms 84 bytes from 192.168.10.20 icmp_seq=4 ttl=64 time=0.868 ms 84 bytes from 192.168.10.20 icmp_seq=5 ttl=64 time=0.965 ms
PC1与PC2之间不能互通,PC1与PC3之间不能互通,但PC2与PC3之间可以互通,实验成功。
最后
本篇是关于一台交换机里划分VLAN的实验,下篇写关于跨交换机的VLAN通信方式。