| 在Catalyst交换机之间配置802.1Q中继 | 您所在的位置:网站首页 › trunk native vlan入口和出口 › 在Catalyst交换机之间配置802.1Q中继 |
在Catalyst交换机之间配置802.1Q中继
|
简介
本文档介绍运行Cisco IOS®软件的Cisco Catalyst交换机之间的IEEE 802.1Q(dot1q)中继差异。 先决条件 要求尝试进行此配置之前,请确保满足以下要求: 了解 IEEE 802.1Q 中继 了解使用命令行界面 (CLI) 对 Catalyst 3560 和 Catalyst 6500/6000 系列交换机进行的配置 使用的组件本文档中的信息基于以下软件和硬件版本: 运行 Cisco IOS 软件版本 12.2(25)SEA 的 Catalyst 3560 交换机 运行 Cisco IOS 软件版本 12.1(26)E1 的 Catalyst 6509 交换机 本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您的网络处于活动状态,请确保您了解所有命令的潜在影响。 背景信息本文档提供在运行 Cisco IOS® 软件的 Cisco Catalyst 3550/3560/3750 交换机与运行 Cisco IOS 软件的 Catalyst 6500/6000 系列交换机或 Catalyst 4500/4000 系列交换机之间配置 IEEE 802.1Q (dot1q) 中继的示例。中继是一种在两个设备之间点到点链路上传输来自若干 VLAN 的流量的方式。 您能实施以太网中继的二种方式是: 交换机间链路协议 (ISL) - Cisco 专有协议 802.1Q - IEEE标准 Catalyst组件本文档中的 Catalyst 3560 配置也适用于运行 Cisco IOS 软件的 Catalyst 3550/3750 交换机。本文档中的 Catalyst 6500/6000 配置也适用于运行 Cisco IOS 软件的 Catalyst 4500/4000 系列交换机。 注意:请参阅以下文档以了解各种Catalyst交换机所支持的中继方法: 在Catalyst交换机上实施中继的系统要求 注意:本文档仅包含交换机的配置文件和相关示例的输出 show 命令。有关如何在Catalyst交换机之间配置802.1Q TRUNK的详细信息,请参阅以下文档: 配置 VLAN 的配置 VLAN 中继部分 - Catalyst 3560 系列交换机 配置第2层以太网接口的“了解VLAN中继”部分 — 运行Cisco IOS软件的Catalyst 4500系列交换机 背景理论IEEE 802.1Q 使用内部标记机制。中继设备先插入 4 字节标记来识别帧所属的 VLAN,再重新计算帧校验序列 (FCS)。有关详细信息,请参阅以下文档: 交换机间链路和 IEEE 802.1Q 帧格式 使用 802.1Q 封装与 Cisco CatOS 系统软件的 Catalyst 4500/4000、5500/5000 和 6500/6000 系列交换机之间的中继的 802.1Q 中继的基本特性部分 注意:下面是此配置需要记住的重要说明: Catalyst 3550/3560/3750 系列交换机上的所有以太网接口均可支持 802.1Q 和 ISL 封装。默认情况下,Catalyst 3550 交换机上的以太网接口是第 2 层 (L2) 端口。 Catalyst 6500/6000 系列交换机上的所有以太网端口均可支持 802.1Q 和 ISL 封装。 默认情况下,运行 Cisco IOS 软件的 Catalyst 4500 系列交换机支持 ISL 和 802.1Q 中继模式。这在 WS-X4418-GB 和 WS-X4412-2GB-T 模块上阻塞千兆端口以外的所有接口上均受到支持。这些端口不支持 ISL 而只支持 802.1Q 中继。端口 3 至 18 是 WS-X4418-GB 模块上的阻塞千兆端口。端口 1 至 12 是 WS-X4412-2GB-T 模块上的阻塞千兆端口。 注:如果端口与背板的连接超订用,则该端口为阻塞端口。 Catalyst 6500/6000 与 Catalyst 4500 平台之间的主要区别在于默认接口配置。默认情况下,运行 Cisco IOS 软件的 Catalyst 6500/6000 交换机中处于关闭模式的接口为第 3 层 (L3) 路由端口。运行 Cisco IOS 软件的 Catalyst 4500/4000 交换机已启用所有接口。默认情况下,接口是 L2 交换机端口。 在Catalyst 3750交换机的TRUNK接口上使用802.1Q封装时,可在 show interface 输出,因为Catalyst 3750交换机将包含q-tag的61-64字节的有效802.1Q封装数据包计为过小帧,即使这些数据包已正确转发。有关详细信息,请参阅思科漏洞ID CSCec14238 注意:只有思科注册用户才能访问思科内部工具和信息。 配置本部分提供有关如何配置本文档所述功能的信息。 注意:使用命令查找工具可获取有关本节中使用的命令的详细信息。 注意:只有思科注册用户才能访问思科内部工具和信息。 网络图本文档使用以下网络设置: 注意:Catalyst 3560上的千兆以太网接口是10/100/1000 Mbps协商以太网接口。因此,在此网络图中,Catalyst 3560 上的千兆端口连接到 Catalyst 6500 上的快速以太网 (100 Mbps) 端口。
本文档使用以下配置: Catalyst 3560 交换机 Catalyst 6500 交换机 Catalyst 3560 交换机 !--- Notice: This example creates VLAN 1 and VLAN 2 !--- and sets the VLAN Trunk Protocol (VTP) mode to transparent. Use your !--- network as a basis and set the VTP mode accordingly. For more details, !--- refer to Configuring VLANs. version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 3560 ! !--- This is the privileged mode password for the example. enable password mysecret ! ip subnet-zero ! vtp mode transparent ! !--- VLAN 2 is created. This is visible only when you set VTP mode !--- to transparent. vlan 2 ! ! !--- The Gigabit Ethernet interface on the Catalyst 3560 is a 10/100/1000 Mbps !--- negotiated Ethernet interface. Therefore, the Gigabit port on the !--- Catalyst 3560 is connected to a Fast Ethernet port on the Catalyst 6500. !--- Configure the trunk on the Gigabit Ethernet 0/1 interface. interface GigabitEthernet0/1 !--- Configure trunk encapsulation as dot1q. !--- For details on trunking, refer to Configuring VLANs. switchport trunk encapsulation dot1q !--- Enable trunking on the interface. switchport mode trunk no ip address snmp trap link-status ! ! !--- Interfaces Gigabit Ethernet 0/2 through 0/5 are placed in VLAN 1. !--- In order to configure the interface as an L2 port, !--- refer to the Configuring Ethernet Interfaces section !--- of Configuring Interface Characteristics. All L2 ports are placed !--- in VLAN 1, by default. interface GigabitEthernet0/2 switchport mode access no ip address snmp trap link-status ! interface GigabitEthernet0/3 switchport mode access no ip address snmp trap link-status ! ! interface GigabitEthernet0/4 switchport mode access no ip address snmp trap link-status ! interface GigabitEthernet0/5 switchport mode access no ip address snmp trap link-status ! ! !--- Interfaces Gigabit Ethernet 0/6 through 0/12 are placed in VLAN 2. interface GigabitEthernet0/6 switchport access vlan 2 switchport mode access no ip address snmp trap link-status ! !--- Output suppressed. ! interface GigabitEthernet0/12 switchport access vlan 2 switchport mode access no ip address snmp trap link-status ! interface Vlan1 !--- This is the IP address for management. ip address 10.1.1.1 255.255.255.0 ! ip classless ip http server ! ! line con 0 transport input none line vty 0 4 !--- This is the privileged mode password for the example. password mysecret login line vty 5 15 login ! end Catalyst 6500 交换机 !--- Notice: This example creates VLAN 1 and VLAN 2 and sets !--- the VTP mode to transparent. Use your network as a basis and set the VTP !--- mode accordingly. For more details, refer to Configuring VLANs. Current configuration : 4812 bytes version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Cat6500 ! vtp mode transparent ip subnet-zero ! ! mls flow ip destination mls flow ipx destination ! !--- This is the privileged mode password for the example. enable password mysecret ! redundancy mode rpr-plus main-cpu auto-sync running-config auto-sync standard ! ! !--- This enables VLAN 2. vlan 2 ! ! interface GigabitEthernet1/1 no ip address shutdown ! interface GigabitEthernet1/2 no ip address shutdown ! !--- The Gigabit Ethernet interface on the Catalyst 3560 is a 10/100/1000 Mbps !--- negotiated Ethernet interface. Therefore, the Gigabit port on the Catalyst 3560 !--- is connected to a Fast Ethernet port on the Catalyst 6500. interface FastEthernet3/1 no ip address !--- You must issue the switchport command once, !--- without any keywords, in order to configure the interface as an L2 port for the !--- Catalyst 6500 series switch that runs Cisco IOS Software. !--- On a Catalyst 4500 series switch that runs Cisco IOS Software, all ports are L2 !--- ports by default. Therefore, if you do not change the default configuration, !--- you do not need to issue the switchport command. !--- For more details, refer to Configuring Layer 2 Ethernet Interfaces !--- for the Catalyst 4500 series switch that runs Cisco IOS Software. switchport !--- Configure trunk encapsulation as dot1q. !--- For more details on trunking, refer to !--- Configuring LAN Ports for Layer 2 Switching for the Catalyst 6500 series switch !--- that runs Cisco IOS Software, or Configuring Layer 2 Ethernet Interfaces !--- for the Catalyst 4500/4000 series switch that runs Cisco IOS Software. switchport trunk encapsulation dot1q !--- Enable trunking on the interface. switchport mode trunk ! !--- Configure interfaces Fast Ethernet 3/2 through 3/24 to be in access mode. !--- By default, all access ports are configured in VLAN 1. !--- For more details, refer to Configuring LAN Ports for Layer 2 Switching!--- for the Catalyst 6500 series switch that runs Cisco IOS Software, or !--- Configuring Layer 2 Ethernet Interfaces for the Catalyst 4500/4000 series !--- switch that runs Cisco IOS Software. interface FastEthernet3/2 no ip address switchport switchport mode access ! !--- Output suppressed. ! interface FastEthernet3/24 no ip address switchport switchport mode access ! !--- Fast Ethernet 3/25 through 3/48 are placed in VLAN 2. !--- For more details, refer to Configuring LAN Ports for Layer 2 Switching !--- for the Catalyst 6500 series switch that runs Cisco IOS Software, !--- or Configuring Layer 2 Ethernet Interfaces for the Catalyst 4500/4000 !--- series switch that runs Cisco IOS Software. interface FastEthernet3/25 no ip address switchport switchport access vlan 2 switchport mode access ! !--- Output suppressed. ! interface FastEthernet3/48 no ip address switchport switchport access vlan 2 switchport mode access ! ! interface Vlan1 !--- This is the IP address for management. ip address 10.1.1.2 255.255.255.0 ! ! ip classless no ip http server ! ! ip classless ip http server ! line con 0 exec-timeout 0 0 transport input none line vty 0 4 !--- This is the Telnet password for the example. password mysecret login ! end注:如果将接口分配给不存在的VLAN,该接口将关闭,直到您在VLAN数据库中创建VLAN。有关详细信息,请参阅配置 VLAN 的创建或修改以太网 VLAN 部分。 验证使用本部分可确认配置能否正常运行。 Output Interpreter工具(OIT)支持以下功能: show 命令。使用OIT查看分析 show 命令输出. 注意:只有思科注册用户才能访问思科内部工具和信息。 在 Catalyst 3550/3560/3750/6500/4500 交换机上,请使用以下命令: show interfacesinterface_typemodule/porttrunk show interfacesinterface_typemodule/portswitchport show vlan show vtp status 示例 show 命令输出 Catalyst 3560 交换机show interfaces interface_type module/por trunk — 此命令显示接口的TRUNK配置以及流量能够通过TRUNK传输的VLAN编号。 3560# show interface gigabitethernet 0/1 trunk Port Mode Encapsulation Status Native vlan Gi0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/1 1 4094 Port Vlans allowed and active in management domain Gi0/1 1-2 Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1-2show interfaces interface_type module/port switchport - 此命令显示接口的交换机端口配置。 在显示器中,选中 Operational Mode 和 Operational Trunking Encapsulation 字段。 3560# show interface gigabitethernet 0/1 switchport Name: Gi0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust : noneshow vlan - 此命令提供有关 VLAN 及属于特定 VLAN 的端口的信息。 3560# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/2, Gi0/3, Gi0/4, Gi0/5 2 VLAN0002 active Gi0/6, Gi0/7, Gi0/8, Gi0/9 Gi0/10, Gi0/11, Gi0/12 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup !--- Output suppressed.注:输出中显示的端口仅为接入端口。但是,配置为中继以及处于“未连接”状态的端口也显示在 show vlan 输出中。 show vtp status - 此命令显示有关 VTP 管理域、状态和计数器的一般信息。 3560# show vtp status VTP Version : 2 Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Transparent VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x4A 0x55 0x17 0x84 0xDB 0x99 0x3F 0xD1 Configuration last modified by 10.1.1.1 at 0-0-00 00:00:00 3560# ping 10.1.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms 3560# Catalyst 6500 交换机show interfacesinterface_type module/porttrunk — 此命令显示接口的TRUNK配置以及流量能够通过TRUNK传输的VLAN编号。 Cat6500# show interfaces fastethernet 3/1 trunk Port Mode Encapsulation Status Native vlan Fa3/1 on 802.1q trunking 1 Port Vlans allowed on trunk Fa3/1 1 4094 Port Vlans allowed and active in management domain Fa3/1 1-2 Port Vlans in spanning tree forwarding state and not pruned Fa3/1 1-2show interfacesinterface_typemodule/portswitchport — 此命令显示接口的交换机端口配置。 在显示器中,选中 Operational Mode 和 Operational Trunking Encapsulation 字段。 cat6500# show interface fastethernet 3/1 switchport Name: Fa3/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALLshow vlan - 此命令提供有关 VLAN 及属于特定 VLAN 的端口的信息。 Cat6500# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa3/2, Fa3/3, Fa3/4, Fa3/5 Fa3/6, Fa3/7, Fa3/8, Fa3/9 Fa3/10, Fa3/11, Fa3/12, Fa3/13 Fa3/14, Fa3/15, Fa3/16, Fa3/17 Fa3/18, Fa3/19, Fa3/20, Fa3/21 Fa3/22, Fa3/23, Fa3/24 2 VLAN0002 active Fa3/25, Fa3/26, Fa3/27, Fa3/28 Fa3/29, Fa3/30, Fa3/31, Fa3/32 Fa3/33, Fa3/34, Fa3/35, Fa3/36 Fa3/37, Fa3/38, Fa3/39, Fa3/40 Fa3/41, Fa3/42, Fa3/43, Fa3/44 Fa3/45, Fa3/46, Fa3/47, Fa3/48 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup !--- Output suppressed.注:显示的端口只是那些已配置为第2层非中继(接入)端口的端口。配置为中继以及处于“未连接”状态的端口也显示在 show vlan 输出中。有关详细信息,请参阅为第2层交换配置LAN端口的为第2层交换配置LAN接口部分。 show vtp status - 此命令显示有关 VTP 管理域、状态和计数器的一般信息。 Cat6500# show vtp status VTP Version : 2 Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Transparent VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0xBF 0x86 0x94 0x45 0xFC 0xDF 0xB5 0x70 Configuration last modified by 10.1.1.2 at 0-0-00 00:00:00ping Cat6500# ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms 故障排除当前没有可用于此配置的特定故障排除信息。有关中继和802.1Q配置的常见问题,请参阅文档使用802.1Q封装和Cisco CatOS系统软件在Catalyst 4500/4000、5500/5000和6500/6000系列交换机之间进行中继的常见错误部分。 相关信息 使用 PortFast 和其他命令解决工作站启动连接延迟问题 Catalyst 3560 系列交换机配置指南 Catalyst 4500 系列交换机配置指南 Catalyst 6500 系列交换机配置指南 思科技术支持和下载 |
. 
网络图【本文地址】