设为首页收藏本站
开启辅助访问
ensp交换机配置vlan配置ip 您所在的位置:网站首页 在交换机上添加vlan ensp交换机配置vlan配置ip

ensp交换机配置vlan配置ip

2024-05-10 04:16| 来源: 网络整理| 查看: 265

大家好,又见面了,我是你们的朋友全栈君。

eNSP交换机配置VLAN

一、VLAN配置过程。 1. 搭建拓扑结构。 运行eNSP>新建拓扑>搭建如下图的拓扑结构>启动设备

图1图1

2. 测试主机间连通性。 2.1 四台主机基础配置如下:

代码语言:javascript复制PC1: IP地址:192.168.2.2 子网掩码:255.255.255.0 网关:192.168.2.0 PC2: IP地址:192.168.2.3 子网掩码:255.255.255.0 网关:192.168.2.0 PC3: IP地址:192.168.2.4 子网掩码:255.255.255.0 网关:192.168.2.0 PC4: IP地址:192.168.2.5 子网掩码:255.255.255.0 网关:192.168.2.0

2.2 测试主机间连通性: 运用ping命令测试各主机间连通性。 PC1:

代码语言:javascript复制PC>ping 192.168.2.3 Ping 192.168.2.3: 32 data bytes, Press Ctrl_C to break From 192.168.2.3: bytes=32 seq=1 ttl=128 time=47 ms PC>ping 192.168.2.4 Ping 192.168.2.4: 32 data bytes, Press Ctrl_C to break From 192.168.2.4: bytes=32 seq=1 ttl=128 time=63 ms PC>ping 192.168.2.5 Ping 192.168.2.5: 32 data bytes, Press Ctrl_C to break From 192.168.2.5: bytes=32 seq=1 ttl=128 time=62 ms

如上,PC1与其他三台主机间都能连通。 PC2:

代码语言:javascript复制PC>ping 192.168.2.2 Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break From 192.168.2.2: bytes=32 seq=1 ttl=128 time=47 ms PC>ping 192.168.2.4 Ping 192.168.2.4: 32 data bytes, Press Ctrl_C to break From 192.168.2.4: bytes=32 seq=1 ttl=128 time=79 ms PC>ping 192.168.2.5 Ping 192.168.2.5: 32 data bytes, Press Ctrl_C to break From 192.168.2.5: bytes=32 seq=1 ttl=128 time=32 ms

如上,PC2与其他三台主机间都能连通。 PC3与PC4经测试都能与其他三台主机连通,篇幅原因命令语句在此不进行展示。 3. 配置交换机。 3.1 配置交换机LSW1: 3.1.1 进入管理员系统,构建VLAN2,VLAN3,查看VLAN。

代码语言:javascript复制system-view Enter system view, return user view with Ctrl+Z. [Huawei]vlan 2 [Huawei-vlan2]quit [Huawei]vlan 3 [Huawei-vlan3]quit [Huawei]display vlan The total number of vlans is : 3 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:Eth0/0/1(U) Eth0/0/2(U) Eth0/0/3(U) Eth0/0/4(D) Eth0/0/5(D) Eth0/0/6(D) Eth0/0/7(D) Eth0/0/8(D) Eth0/0/9(D) Eth0/0/10(D) Eth0/0/11(D) Eth0/0/12(D) Eth0/0/13(D) Eth0/0/14(D) Eth0/0/15(D) Eth0/0/16(D) Eth0/0/17(D) Eth0/0/18(D) Eth0/0/19(D) Eth0/0/20(D) Eth0/0/21(D) Eth0/0/22(D) GE0/0/1(D) GE0/0/2(D) 2 common 3 common VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 2 enable default enable disable VLAN 0002 3 enable default enable disable VLAN 0003

3.1.2 将0/0/1和0/0/2端口设置为access类型:

代码语言:javascript复制[Huawei]interface Ethernet 0/0/1 [Huawei-Ethernet0/0/1]port link-type access [Huawei-Ethernet0/0/1]port default vlan 2 [Huawei-Ethernet0/0/1]quit [Huawei]interface Ethernet 0/0/2 [Huawei-Ethernet0/0/2]port link-type access [Huawei-Ethernet0/0/2]port default vlan 3 [Huawei-Ethernet0/0/2]quit [Huawei]

3.1.3 将0/0/3端口设置为trunk类型:

代码语言:javascript复制[Huawei]interface Ethernet 0/0/3 [Huawei-Ethernet0/0/3]port link-type trunk [Huawei-Ethernet0/0/3]port trunk allow-pass vlan 2 [Huawei-Ethernet0/0/3]port trunk allow-pass vlan 3 [Huawei-Ethernet0/0/3]quit

3.1.4 查看VLAN:

代码语言:javascript复制[Huawei]display vlan The total number of vlans is : 3 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:Eth0/0/3(U) Eth0/0/4(D) Eth0/0/5(D) Eth0/0/6(D) Eth0/0/7(D) Eth0/0/8(D) Eth0/0/9(D) Eth0/0/10(D) Eth0/0/11(D) Eth0/0/12(D) Eth0/0/13(D) Eth0/0/14(D) Eth0/0/15(D) Eth0/0/16(D) Eth0/0/17(D) Eth0/0/18(D) Eth0/0/19(D) Eth0/0/20(D) Eth0/0/21(D) Eth0/0/22(D) GE0/0/1(D) GE0/0/2(D) 2 common UT:Eth0/0/1(U) TG:Eth0/0/3(U) 3 common UT:Eth0/0/2(U) TG:Eth0/0/3(U) VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 2 enable default enable disable VLAN 0002 3 enable default enable disable VLAN 0003 [Huawei]

3.2 配置交换机LSW2: 步骤同上,配置LSW2,在此不描述详细步骤,只展示交换机命令。

代码语言:javascript复制system-view Enter system view, return user view with Ctrl+Z. [Huawei]vlan 2 [Huawei-vlan2]quit [Huawei]vlan 3 [Huawei-vlan3]quit [Huawei]interface Ethernet 0/0/1 [Huawei-Ethernet0/0/1]port link-type access [Huawei-Ethernet0/0/1]port default vlan 3 [Huawei-Ethernet0/0/1]quit [Huawei]interface Ethernet 0/0/2 [Huawei-Ethernet0/0/2]port link-type access [Huawei-Ethernet0/0/2]port default vlan 2 [Huawei-Ethernet0/0/2]quit [Huawei]interface Ethernet 0/0/3 [Huawei-Ethernet0/0/3]port link-type trunk [Huawei-Ethernet0/0/3]port trunk allow-pass vlan 2 [Huawei-Ethernet0/0/3]port trunk allow-pass vlan 3 [Huawei-Ethernet0/0/3]quit [Huawei]display vlan The total number of vlans is : 3 -------------------------------------------------------------------------------- U: Up; D: Down; TG: Tagged; UT: Untagged; MP: Vlan-mapping; ST: Vlan-stacking; #: ProtocolTransparent-vlan; *: Management-vlan; -------------------------------------------------------------------------------- VID Type Ports -------------------------------------------------------------------------------- 1 common UT:Eth0/0/3(U) Eth0/0/4(D) Eth0/0/5(D) Eth0/0/6(D) Eth0/0/7(D) Eth0/0/8(D) Eth0/0/9(D) Eth0/0/10(D) Eth0/0/11(D) Eth0/0/12(D) Eth0/0/13(D) Eth0/0/14(D) Eth0/0/15(D) Eth0/0/16(D) Eth0/0/17(D) Eth0/0/18(D) Eth0/0/19(D) Eth0/0/20(D) Eth0/0/21(D) Eth0/0/22(D) GE0/0/1(D) GE0/0/2(D) 2 common UT:Eth0/0/2(U) TG:Eth0/0/3(U) 3 common UT:Eth0/0/1(U) TG:Eth0/0/3(U) VID Status Property MAC-LRN Statistics Description -------------------------------------------------------------------------------- 1 enable default enable disable VLAN 0001 2 enable default enable disable VLAN 0002 3 enable default enable disable VLAN 0003 [Huawei]

至此,两台交换机配置完成。 4.实验验证。 4.1 测试VLAN中各主机间连通性: ping命令测试: PC1:

代码语言:javascript复制PC>ping 192.168.2.3 Ping 192.168.2.3: 32 data bytes, Press Ctrl_C to break From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable --- 192.168.2.3 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss PC>ping 192.168.2.4 Ping 192.168.2.4: 32 data bytes, Press Ctrl_C to break From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable From 192.168.2.2: Destination host unreachable --- 192.168.2.4 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss PC>ping 192.168.2.5 Ping 192.168.2.5: 32 data bytes, Press Ctrl_C to break From 192.168.2.5: bytes=32 seq=1 ttl=128 time=62 ms From 192.168.2.5: bytes=32 seq=2 ttl=128 time=78 ms From 192.168.2.5: bytes=32 seq=3 ttl=128 time=78 ms From 192.168.2.5: bytes=32 seq=4 ttl=128 time=47 ms From 192.168.2.5: bytes=32 seq=5 ttl=128 time=63 ms --- 192.168.2.5 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 47/65/78 ms

PC2:

代码语言:javascript复制PC>ping 192.168.2.2 Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable --- 192.168.2.2 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss PC>ping 192.168.2.4 Ping 192.168.2.4: 32 data bytes, Press Ctrl_C to break From 192.168.2.4: bytes=32 seq=1 ttl=128 time=63 ms From 192.168.2.4: bytes=32 seq=2 ttl=128 time=62 ms From 192.168.2.4: bytes=32 seq=3 ttl=128 time=63 ms From 192.168.2.4: bytes=32 seq=4 ttl=128 time=62 ms From 192.168.2.4: bytes=32 seq=5 ttl=128 time=63 ms --- 192.168.2.4 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 62/62/63 ms PC>ping 192.168.2.5 Ping 192.168.2.5: 32 data bytes, Press Ctrl_C to break From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable From 192.168.2.3: Destination host unreachable --- 192.168.2.5 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss

PC3:

代码语言:javascript复制PC>ping 192.168.2.2 Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable --- 192.168.2.2 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss PC>ping 192.168.2.3 Ping 192.168.2.3: 32 data bytes, Press Ctrl_C to break From 192.168.2.3: bytes=32 seq=1 ttl=128 time=63 ms From 192.168.2.3: bytes=32 seq=2 ttl=128 time=62 ms From 192.168.2.3: bytes=32 seq=3 ttl=128 time=63 ms From 192.168.2.3: bytes=32 seq=4 ttl=128 time=63 ms From 192.168.2.3: bytes=32 seq=5 ttl=128 time=62 ms --- 192.168.2.3 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 62/62/63 ms PC>ping 192.168.2.5 Ping 192.168.2.5: 32 data bytes, Press Ctrl_C to break From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable From 192.168.2.4: Destination host unreachable --- 192.168.2.5 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss

PC4:

代码语言:javascript复制PC>ping 192.168.2.2 Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break From 192.168.2.2: bytes=32 seq=1 ttl=128 time=94 ms From 192.168.2.2: bytes=32 seq=2 ttl=128 time=31 ms From 192.168.2.2: bytes=32 seq=3 ttl=128 time=62 ms From 192.168.2.2: bytes=32 seq=4 ttl=128 time=63 ms From 192.168.2.2: bytes=32 seq=5 ttl=128 time=62 ms --- 192.168.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 31/62/94 ms PC>ping 192.168.2.3 Ping 192.168.2.3: 32 data bytes, Press Ctrl_C to break From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable --- 192.168.2.3 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss PC>ping 192.168.2.4 Ping 192.168.2.4: 32 data bytes, Press Ctrl_C to break From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable From 192.168.2.5: Destination host unreachable --- 192.168.2.4 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss

4.2 测试结果: 通过ping命令测试,可得结果为:

代码语言:javascript复制PC1与PC4之间相互连通,与PC2、PC3不通。 PC2与PC3之间相互连通,与PC1、PC4不通。 PC3与PC2之间相互连通,与PC1、PC4不通。 PC4与PC1之间相互连通,与PC2、PC3不通。

4.3 实验结论:

代码语言:javascript复制PC1与PC4属于VLAN2; PC2与PC3属于VLAN3. VLAN构建成功。

二、相关知识点。

1.什么是VLAN? VLAN(Virtual Local Area Network)的中文名为”虚拟局域网”。

虚拟局域网(VLAN)是一组逻辑上的设备和用户,这些设备和用户并不受物理位置的限制,可以根据功能、部门及应用等因素将它们组织起来,相互之间的通信就好像它们在同一个网段中一样,由此得名虚拟局域网。

2.VLAN的作用。 通过划分不同的VLAN,VLAN内的主机间可以直接通信,而VLAN间不能直接互通,从而将广播报文限制在一个VLAN内。 作用:限制广播域、增强局域网的安全性(不同VLAN用户不能直接通信)、提高网络的健壮性(限制故障)、灵活构建虚拟工作组(同一VLAN用户不局限于固定的物理范围)。

3. VLAN的优点。 3.1 端口的分隔。 即便在同一个交换机上,处于不同VLAN的端口也是不能通信的。这样一个物理的交换机可以当作多个逻辑的交换机使用。 3.2 网络的安全。 不同VLAN不能直接通信,杜绝了广播信息的不安全性。 3.3 灵活的管理。 更改用户所属的网络不必换端口和连线,只需更改软件配置。 VLAN技术的出现,使得管理员根据实际应用需求,把同一物理局域网内的不同用户逻辑地划分成不同的广播域,每一个VLAN都包含一组有着相同需求的计算机工作站,与物理上形成的LAN有着相同的属性。由于它是从逻辑上划分,而不是从物理上划分,所以同一个VLAN内的各个工作站没有限制在同一个物理范围中,即这些工作站可以在不同物理LAN网段 。由VLAN的特点可知,一个VLAN内部的广播和单播流量都不会转发到其他VLAN中,从而有 助于控制流量、减少设备投资、简化网络管理、提高网络的安全性。 VLAN除了能将网络划 分为多个广播域,从而有效地控制广播风暴的发生,以及使网络的拓扑结构变得非常灵活 的优点外,还可以用于控制网络中不同部门、不同站点之间的互相访问。

4.交换机端口类型。 4.1 Access Access类型的端口只能属于1个VLAN,一般用于连接计算机的端口; 4.2 Trunk Trunk类型的端口可以允许多个VLAN通过,可以接收和发送多个VLAN的报文,一般用于交换机之间连接的端口; 4.3 Hybrid Hybrid类型的端口可以允许多个VLAN通过,可以接收和发送多个VLAN的报文,可以用于交换机之间连接,也可以用于连接用户的计算机。

Hybrid端口和Trunk端口在接收数据时,处理方法一样,唯一不同之处在于发送数据时:Hybrid端口可以允许多个VLAN的报文发送时不打标签,而Trunk端口只允许缺省VLAN的报文发送时不打标签。

发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/169385.html原文链接:https://javaforall.cn



【本文地址】

公司简介

联系我们

今日新闻

    推荐新闻

    专题文章
      CopyRight 2018-2019 实验室设备网 版权所有