這些天都忙于公司的招聘,太忙了。可能還要忙上一陣子,自上個月22号才寫了一篇。今天下雨沒有到外面去。寫了一篇貼出來:
一、拓撲圖:
二、詳細配置及說明:
1、首先配置各PC的IP,并指定預設網關:
<a href="http://blog.51cto.com/attachment/201003/142740902.jpg" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201003/142811275.jpg" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201003/142842245.jpg" target="_blank"></a>
2、由于它預設就封裝了dot1q 且packet tracer不支援switchport trunk encapsulation dot1q 此指令:
SW1(config)#int f0/1
SW1(config-if)#switchport trunk encapsulation dot1q
^
% Invalid input detected at '^' marker. (發現此IOS不支援此指令)
SW1(config-if)#end
SW1#sh int f0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q (發現預設就封裝成dot1q)
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
SW1#
3、為了保證管理域能夠覆寫到兩台交換機,我們配置SW1和SW2的trunk:
SW1(config-if)#switchport mode trunk (在SW1上指定端口為trunk模式)
SW2(config)#int f0/2
SW2(config-if)#switchport mode trunk (在SW2上指定端口為trunk模式)
4、在R2上檢視一下trunk資訊:
SW2(config-if)#do sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/2 on 802.1q trunking 1 (預設VLAN被稱為Native Vlan)
Port Vlans allowed on trunk
Fa0/2 1-1005 (允許在trunk上傳輸資料的VLAN清單)
Port Vlans allowed and active in management domain
Fa0/2 1
Port Vlans in spanning tree forwarding state and not pruned
5、在配置VTP之前,先檢視一下交換機的VTP狀态,以觀察配置之後的變化:
SW2#sh vtp status
VTP Version : 2 (VTP協定的版本号為2,增加了支援令牌環交換和令牌環VLAN)
Configuration Revision : 0 (配置的版本号,每變更一次将會增加1,為0說明沒有配置)
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server (預設情況下所有交換機都為VTP server 模式)
VTP Domain Name :
VTP Pruning Mode : Disabled (VTP修剪預設關閉的)
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A (VTP的密碼)
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
6、分别在VLAN模式下配置SW1和在全局模式下配置SW2的VTP協定:
SW1#vlan database
SW1(vlan)#vtp domain wxs (配置VTP的域名為 wxs )
SW1(vlan)#vtp server (定義VTP的模式為client)
SW1(vlan)#vtp password cisco (為了vtp的安全,配置VTP的密碼為cisco)
SW2(config)#vtp domain wxs
SW2(config)#vtp mode client
SW2(config)#vtp password cisco
7、現在我們再看一下SW2的VTP狀态資訊:
VTP Version : 2
Configuration Revision : 0 (因為沒有對VLAN進行操作,故還為0)
VTP Operating Mode : Client (VTP的操作模式從預設的server變成client)
VTP Domain Name : wxs (VTP域名為wxs)
VTP Pruning Mode : Disabled
MD5 digest : 0x37 0x56 0xD3 0xEA 0x66 0xC8 0xA3 0x39
8、在SW1和SW2上建立VLAN:
SW1(config)#vlan 10 (在全局配置模式下建立VLAN 10)
SW1(config-vlan)#name cisco (命名為cisco)
SW1(config-vlan)#end
SW1#vlan database(同理在伺服器模式交換機SW1上進入vlan database模式下)
SW1(vlan)#vlan 20 name microsoft (在vlan database模式下建立vlan 20并命名為microsoft)
9、檢視一下SW1的VLAN配置資訊:
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gig1/1, Gig1/2
10 cisco active
20 microsoft active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
………………
10、檢視SW2的VLAN配置資訊,發現同步了VTP server角色SW1的VLAN配置資訊:
SW2#sh vlan
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
20 microsoft active
SW2#
11、在SW1和SW2上将相應的交換機端口加入到對應的VLAN當中:
SW1(config)#int f0/11
SW1(config-if)#switchport access vlan 10 (将f0/11交換機端口加入到VLAN 10 當中)
SW1(config-if)#int f0/12
SW1(config-if)#sw ac vlan 20
SW2(config)#int f0/11
SW2(config-if)#sw ac vlan 20
12、在三台PC上用ping 指令測試VLAN間的通信:
三、在R1路由器上配置單臂路由,確定兩個VLAN之間能夠通信。
1、為了R1和SW1僅通過一條鍊路就能連接配接多個VLAN,我們要在R1與SW1做trunk鍊路:
SW1(config)#int f0/5
SW1(config-if)#switchport mode trunk (因為此IOS預設就封裝了dot1q,我們指定接口trunk模式)
R1(config)#int f0/0
R1(config-if)#no sh (激活此接口)
R1(config-if)#no ip address (但不要配置IP)
R1(config-if)#int f0/0.10
R1(config-subif)#encapsulation dot1Q 10 (封裝dot1q類型并指定VLAN,作用是出去的資料包打上10的VLAN标記,同時隻接收VLAN 10 的資料包)
R1(config-subif)#ip add 192.168.1.1 255.255.255.0 (為子接口配置IP用于VLAN 10的預設網關)
R1(config-subif)#int f0/0.20 (進入f0/0.20的子接口)
R1(config-subif)#en dot1Q 20(發出的資料包會打上20的VLAN标記,同時隻接收VLAN 20 的資料包)
R1(config-subif)#ip add 192.168.2.1 255.255.255.0(為子接口配置IP用于VLAN 20的預設網關)
2、檢視R1的路由表:
R1(config-subif)#do sh ip route
…………
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0.10 (子接口直連路由)
C 192.168.2.0/24 is directly connected, FastEthernet0/0.20
四、驗證一下連通性:
本文轉自wxs-163 51CTO部落格,原文連結:http://blog.51cto.com/supercisco/279354
![unit 1 - redhat Enterprise 8.0 Linux 指令行使用技巧[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)