- 论坛徽章:
- 0
|
实验一:VLAN Trunk
实验环境介绍:
目前上海分公司人员数量已经有50人,3台交换机使用级联方式。现在认为目前的这种网络环境速度慢,也不安全。
需要各部门尤其是财务部使用单独的VLAN。网络拓扑图如下:
交换机为CISC02950-12
![]()
VALN名称:
VLAN2:Financial; VLAN3:Engineering; VLAN4:Marketing
实验步骤:
SW1:
Switch>en
Switch#config ter
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hos sw-1
sw-1(config)#
sw-1(config)#exit
sw-1#vlan database
sw-1(vlan)#vlan 2
VLAN 2 added:
Name:VLAN0002
sw-1(vlan)#vlan 3
VLAN 3 added:
Name:VLAN0003
sw-1(vlan)#vlan 4
VLAN 4 added:
Name:VLAN0004
sw-1(vlan)#exit
APPLY completed.
Exiting....
sw-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw-1(config)#interface range f0/1 - 4
sw-1(config-if)#switchport access vlan 2
sw-1(config-if)#interface range f0/5 - 7
sw-1(config-if)#switchport access vlan 3
sw-1(config-if)#interface range f0/8 - 10
sw-1(config-if)#switchport access vlan 4
sw-1(config-if)#interface f0/11
sw-1(config-if)#switchport mode trunk
sw-1(config-if)#exit
SW2:
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host sw-2
sw-2(config)#exit
sw-2#vlan database
sw-2(vlan)#vlan 2
VLAN 2 added:
Name:VLAN0002
sw-2(vlan)#vlan 3
VLAN 3 added:
Name:VLAN0003
sw-2(vlan)#exit
APPLY completed.
Exiting....
sw-2#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw-2(config)#interface range f0/1 - 5
sw-2(config-if)#switchport access vlan 2
sw-2(config-if)#interface range f0/6 - 10
sw-2(config-if)#switchport access vlan 3
sw-2(config-if)#interface f0/11
sw-2(config-if)#switchport mode trunk
sw-2(config-if)#interface f0/12
sw-2(config-if)#switchport mode trunk
sw-2(config-if)#end
SW-3:
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host sw-3
sw-3(config)#end
sw-3#vlan database
sw-3(vlan)#vlan 2
VLAN 2 added:
Name:VLAN0002
sw-3(vlan)#vlan 3
VLAN 3 added:
Name:VLAN0003
sw-3(vlan)#vlan 4
VLAN 4 added:
Name:VLAN0004
sw-3(vlan)#exit
APPLY completed.
Exiting....
sw-3#config ter
Enter configuration commands, one per line. End with CNTL/Z.
sw-3(config)#interface range f0/1 - 4
sw-3(config-if)#switchport access vlan 2
sw-3(config)#interface range f0/5 - 7
sw-3(config-if)#switchport access vlan 3
sw-3(config)#interface range f0/8 - 10
sw-3(config-if)#switchport access vlan 4
sw-3(config-if)#interface f0/12
sw-3(config-if)#switchport mode trunk
sw-3(config-if)#end
配置成功后,分别在主机上进行ICMP测试:
交换机1上的vlan2计算机ping交换机2/3的VLAN2的计算机,测试结果:通;
交换机1上的vlan2计算机ping交换机2/3的VLAN3/4的计算机,测试结果:不通。
从测试结果上可以看出,不同交换机的相同VLAN可以通过trunk链路进行互访,不同VLAN则不能互访,可以保证财务的资料安全。
实验注意:
将PC加入VLAN后,不要忘记配中继端口;
交换2需要配两个中继端口(本实验是F0/11 、12)
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u2/87542/showart_1713425.html |
|
免费注册
发表于 2008-12-11 00:52