| 导读 | 某企业有两个主要部门,技术部和销售部,分处于不同的办公室,为了安全和便于管理对两个部门的主机进行了 VLAN 的划分,技术部和销售部分处于不同的 VLAN。现由于业务的需求需要销售部和技术部的主机能够相互访问,获得相应的资源,两个部门的交换机通过一台路由器进行了连接。 |
技术原理
单臂路由:是为实现 VLAN 间通信的三层网络设备路由器,它只需要一个以太网,通过创建子接口可以承担所有 VLAN 的网关,而在不同的 VLAN 间转发数据。
实验步骤
新建 packer tracer 拓扑图
当交换机设置两个 Vlan 时,逻辑上已经成为两个网络,广播被隔离了。两个 Vlan 的网络要通信,必须通过路由器,如果接入路由器的一个物理端口,则必须有两个子接口分别与两个 Vlan 对应,同时还要求与路由器相连得交换机的端口 fa 0/1 要设置为 trunk,因为这个接口要通过两个 Vlan 的数据包。
检查设置情况,应该能够正确的看到 Vlan 和 Trunk 信息。
计算机的网关分别指向路由器的子接口。
配置子接口,开启路由器物理接口。
默认封装 dot1q 协议。
配置路由器子接口 IP 地址。
实验设备
PC 2 台;Router_2811 1 台;Switch_2960 1 台
PC1 IP: 192.168.1.2 Submask: 255.255.255.0 Gateway:192.168.1.1 PC2 IP: 192.168.2.2 Submask: 255.255.255.0 Gateway:192.168.2.1 Switch en conf t vlan 2 exit vlan 3 exit interface fastEthernet 0/2 switchport access vlan 2 exit int fa 0/3 switchport access vlan 3 exit int fa 0/1 switchport mode trunk end show vlan Router en conf t int fa 0/0 no shutdown exit interface fast 0/0.1 encapsulation dot1q 2 #将以太网子接口0/0.1划分到vlan 2,并且封装格式为802.1q ip address 192.168.1.1 255.255.255.0 exit int fa 0/0.2 encapsulation dot1q 3 #将以太网子接口0/0.2划分到vlan 3,并且封装格式为802.1q ip address 192.168.2.1 255.255.255.0 end show ip route
实战演练
配置交换机 Switch>en Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 2 Switch(config-vlan)#exit Switch(config)#vlan 3 Switch(config-vlan)#exit Switch(config)#int fa 0/2 Switch(config-if)#sw access vlan 2 Switch(config-if)#exit Switch(config)#int fa 0/3 Switch(config-if)#sw access vlan 3 Switch(config-if)#exit Switch(config)#int fa 0/1 Switch(config-if)#sw mode trunk Switch(config-if)#end Switch# %SYS-5-CONFIG_I: Configured from console by console Switch#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gig1/1, Gig1/2 2 VLAN0002 active Fa0/2 3 VLAN0003 active Fa0/3 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 --More-- 配置路由器 --- System Configuration Dialog --- Continue with configuration dialog? [yes/no]: no Press RETURN to get started! Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#int fa 0/0 Router(config-if)#no shutdown %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Router(config-if)#exit Router(config)#int fa 0/0.1 %LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up Router(config-subif)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state to up Router(config-subif)#encapsulation dot1q 2 #将以太网子接口0/0.1划分到vlan 2,并且封装格式为802.1q Router(config-subif)#ip address 192.168.1.1 255.255.255.0 Router(config-subif)#exit Router(config)#int fa 0/0.2 %LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state to up Router(config-subif)#encapsulation dot1q 3 #将以太网子接口0/0.2划分到vlan 3,并且封装格式为802.1q Router(config-subif)#ip address 192.168.2.1 255.255.255.0 Router(config-subif)#end Router# %SYS-5-CONFIG_I: Configured from console by console Router#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C 192.168.1.0/24 is directly connected, FastEthernet0/0.1 C 192.168.2.0/24 is directly connected, FastEthernet0/0.2 Router#
测试
PC1 ping PC2 PC>ipconfig IP Address......................: 192.168.1.2 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 192.168.1.1 PC>ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Request timed out. Reply from 192.168.2.2: bytes=32 time=20ms TTL=127 Reply from 192.168.2.2: bytes=32 time=22ms TTL=127 Reply from 192.168.2.2: bytes=32 time=23ms TTL=127 Ping statistics for 192.168.2.2: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 20ms, Maximum = 23ms, Average = 21ms PC>ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Reply from 192.168.2.2: bytes=32 time=28ms TTL=127 Reply from 192.168.2.2: bytes=32 time=19ms TTL=127 Reply from 192.168.2.2: bytes=32 time=21ms TTL=127 Reply from 192.168.2.2: bytes=32 time=22ms TTL=127 Ping statistics for 192.168.2.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 19ms, Maximum = 28ms, Average = 22ms PC2 ping PC1 PC>ipconfig IP Address......................: 192.168.2.2 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 192.168.2.1 PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=22ms TTL=127 Reply from 192.168.1.2: bytes=32 time=26ms TTL=127 Reply from 192.168.1.2: bytes=32 time=24ms TTL=127 Reply from 192.168.1.2: bytes=32 time=21ms TTL=127 Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 21ms, Maximum = 26ms, Average = 23ms
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/121906.html