在網絡架構中,三層交換機和路由器都扮演着非常重要的角色。三層交換機主要用于在區域網路内部進行資料包轉發和過濾,而路由器則用于連接配接不同的網絡并進行路由選擇和跨網絡通信。正确配置三層交換機和路由器可以提高網絡的性能和安全性,進而確定網絡的正常運作。然而,由于網絡配置的複雜性和多樣性,不同的網絡架構可能需要不同的配置方法。在本篇文章中,我整理了一份通用的三層交換機和路由器配置方法,以幫助有需要的友友們更好地了解相關技能。希望友友們可以從中獲得一些有用的資訊。
實驗内容及目标:
1、不同vlan 下的用戶端能夠通路外網【2.2.2.1】
2、了解路由器和三層交換機之間的連接配接及配置
3、了解三層交換機和接入交換機之間的連接配接及配置
實驗拓撲圖:
實驗裝置及版本:
本實驗所用到的裝置為:
1、交換機:華為 Quidway S5700-28C-HI VRP (R) software, Version 5.110
2、路由器:華為 AR1200 VRP (R) software, Version 5.130
3、PC主機:
實驗過程:
一、建立實體連接配接
按照拓撲圖進行組網
二、接入交換機配置
這裡以紅框内的第一個交換機為例
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]
[Huawei]sysname
[Huawei]sysname switch1
Apr 9 2023 19:11:09-08:00 switch1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.
5.25.191.3.1 configurations have been changed. The current change number is 4, t
he change loop count is 0, and the maximum number of records is 4095.
[switch1]undo info-center enable
Info: Information center is disabled.
[switch1]
#建立vlan
[switch1]
[switch1]vlan bat
[switch1]vlan batch 1 to 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[switch1]
#将接口加入到vlan 中
[switch1]interface GigabitEthernet 0/0/2
[switch1-GigabitEthernet0/0/2]port link-type access
[switch1-GigabitEthernet0/0/2]port default vlan 1
[switch1-GigabitEthernet0/0/2]q
[switch1]
[switch1]interface GigabitEthernet 0/0/3
[switch1-GigabitEthernet0/0/3]port link-type access
[switch1-GigabitEthernet0/0/3]port default vlan 1
[switch1-GigabitEthernet0/0/3]q
[switch1]
[switch1]
#設定與三層核心交換機相連的接口為trunk,并設定運作通過vlan 1,vlan2,vlan3
[switch1]interface GigabitEthernet 0/0/1
[switch1-GigabitEthernet0/0/1]dis this
#
interface GigabitEthernet0/0/1
#
return
[switch1-GigabitEthernet0/0/1]port link-type trunk
[switch1-GigabitEthernet0/0/1]
[switch1-GigabitEthernet0/0/1]port trunk allow-pass vlan 1 to 3
[switch1-GigabitEthernet0/0/1]
[switch1-GigabitEthernet0/0/1]q
[switch1] 其他的幾個接入交換機配置過程相同,配置時,注意接口。
三、三層交換機配置
#建立VLAN接口并配置IP位址:
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]undo in
[Huawei]undo info-center en
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]
[Huawei]interface Vlanif 1
[Huawei-Vlanif1]ip address 192.168.1.1 24
[Huawei-Vlanif1]
[Huawei-Vlanif1]q
[Huawei]int
[Huawei]interface vlan
[Huawei]interface Vlanif 2
Error: The VLAN does not exist.
[Huawei]vlan batch 2 to 3
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]
[Huawei]interface Vlanif 2
[Huawei-Vlanif3]
[Huawei-Vlanif3]ip ad
[Huawei-Vlanif3]ip address 192.168.2.1 24
[Huawei-Vlanif3]
[Huawei-Vlanif3]q
[Huawei]int
[Huawei]interface vla
[Huawei]interface Vlanif 3
[Huawei-Vlanif3]
[Huawei-Vlanif3]
[Huawei-Vlanif3]ip add
[Huawei-Vlanif3]ip address 192.168.3.1 24
[Huawei-Vlanif3]
[Huawei-Vlanif3]
[Huawei-Vlanif3]q
[Huawei]
[Huawei]
[Huawei]sysna
[Huawei]sysname Switch-Hexin
[Switch-Hexin]
[Switch-Hexin]
#配置三層交換機上連接配接到接入交換機的接口為Trunk模式,并允許相應VLAN通過:
[Switch-Hexin]interface GigabitEthernet 0/0/2
[Switch-Hexin-GigabitEthernet0/0/2]port link-type trunk
[Switch-Hexin-GigabitEthernet0/0/2]port trunk allow-pass vlan 1 to 3
[Switch-Hexin-GigabitEthernet0/0/2]q
# 配置與路由器相連的接口
[Switch-Hexin]
[Switch-Hexin]vlan batch 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[Switch-Hexin]
[Switch-Hexin]interface GigabitEthernet 0/0/1
[Switch-Hexin-GigabitEthernet0/0/1]
[Switch-Hexin-GigabitEthernet0/0/1]port link-type access
[Switch-Hexin-GigabitEthernet0/0/1]port default vlan 10
[Switch-Hexin-GigabitEthernet0/0/1]q
[Switch-Hexin]interface Vlanif 10
[Switch-Hexin-Vlanif10]ip address 192.168.10.2 24
[Switch-Hexin-Vlanif10]
[Switch-Hexin-Vlanif10]q
[Switch-Hexin]
#配置靜态路由
[Switch-Hexin]
[Switch-Hexin]ip route-static 0.0.0.0 0.0.0.0 192.168.10.1
[Switch-Hexin]
四、路由器配置
[Router]interface GigabitEthernet 0/0/1
[Router-GigabitEthernet0/0/1]ip address 192.168.10.1 255.255.255.0
[Router-GigabitEthernet0/0/1]q
[Router]interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0]ip address 2.2.2.2 24
[Router-GigabitEthernet0/0/0]
[Router-GigabitEthernet0/0/0]q
[Router]ip route-static 0.0.0.0 0.0.0.0 2.2.2.1
[Router]
[Router]ip route-static 192.168.0.0 255.255.0.0 192.168.10.2
[Router]
#配置NAT 轉換
[Router]acl number 2001
[Router-acl-basic-2001]rule 5 permit source 192.168.0.0 0.0.255.255
[Router-acl-basic-2001]q
[Router]interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0]nat outbound 2001
[Router-GigabitEthernet0/0/0]qu
[Router] 五、測試:
寫在最後:
自我設限,固步自封,唯有突破極限,才能發掘潛能。以上就是本期整理的《三層交換機與路由器組網如何正确配置》,自己經曆過的風雨,是以知道你也會堅強。你的【評論】+【點贊】+【關注】,我會自動解讀為認可。
作者簡介:
我是“網絡系統技藝者”,系統運維工程師一枚,持續分享【網絡技術+系統運維技術】幹貨。