S8500交換機實現Super vlan技術介紹和排錯

S8500交換機實現Super vlan技術介紹一、簡單原理介紹 Super VLAN又稱爲VLAN聚合（VLAN Aggregation），其原理是一個Super VLAN包含多個Sub VLAN，Super VLAN可配置虛接口的IP地址。每個Sub VLAN是一個廣播域，不同Sub VLAN之間二層相互隔離，Sub VLAN不能配置虛接口IP地址。當Sub VLAN內的用戶需要進行三層通信時，將使用Super VLAN的虛接口的IP地址作爲網關地址，這樣多個VLAN共享一個IP地址，從而節省了IP地址資源。同時，爲了實現不同Sub VLAN間的三層互通及Sub VLAN與其他網絡的互通，需要利用ARP代理功能。通過ARP代理可以進行ARP請求和響應報文的轉發與處理，從而實現了二層隔離端口間的三層互通。缺省狀態下，Sub VLAN下的ARP代理功能是關閉的。 二、S8500典型配置實例 2.1 組網需求： （1）創建Super VLAN 10 （2）創建Sub VLAN：VLAN 11、VLAN 12、VLAN 5 由於VLAN之間能夠滿足二層隔離，現要求Sub VLAN兩兩之間三層互通。 2.2 組網圖： 2.3 配置命令 Switch A基本配置： # vlan 10 supervlan subvlan 11 to 12 # vlan 11 arp proxy enable # vlan 12 arp proxy enable # interface Vlan-interface10 ip address 100.0.0.1 255.255.255.0 三、正常狀態信息查看 #在PC2下，查arp表，可見，在arp表中，由於設置了arp proxy enable，PC1的MAC地址被置爲Switch A的MAC地址。報文查ARP表，先送到SWITCH，再次查ARP表，才最後送到PC1。完成不同vlan之間的三層互通。 C:\Documents and Settings\LOU04961>arp -a Interface: 100.0.0.10 --- 0x2 Internet Address Physical Address Type 100.0.0.1 00-e0-fc-36-45-b4 dynamic 100.0.0.2 00-e0-fc-36-45-b4 dynamic #在Switch A下，查arp表如下，表項正常。 [Quidway]dis arp Type: S-Static D-Dynamic IP Address MAC Address VLAN ID Port Name Aging Type 100.0.0.10 00e0-fc3c-a5fc 12 Ethernet4/1/4 13 D 100.0.0.2 0015-c50b-a8ba 11 Ethernet4/1/2 16 D #在PC1中，查arp表如下： C:\Documents and Settings\LOU04961>arp -a Interface: 100.0.0.2 --- 0x2 Internet Address Physical Address Type 100.0.0.1 00-e0-fc-36-45-b4 dynamic 100.0.0.10 00-e0-fc-36-45-b4 dynamic 四、排錯(可debugging 信息) #當沒有配置ARP代理時，VLAN11和VLAN12不能互通。 取消ARP代理後，如果嘗試利用路由令VLAN11和VLAN12互通。即，配置： ip rou 100.0.0.1 32 100.0.0.1 #無法ping通，發現Switch A中鏈接PC2的端口，只有進來的報文，沒有出去的報文。可見ping包被丟棄。 dis int eth4/1/4 Ethernet4/1/4 current state : UP IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc36-45b1 The Maximum Transmit Unit is 1500 Media type is twisted pair, loopback not set Port hardware type is 100_BASE_TX 100Mbps-speed mode, full-duplex mode Link speed type is autonegotiation, link duplex type is autonegotiation Flow-control is not enabled The Maximum Frame Length is 1552 Broadcast MAX-ratio: 50% Allow jumbo frame to pass PVID: 12 Mdi type: auto Link-status hold interval:3 Sec Port link-type: access Tagged VLAN ID : none Untagged VLAN ID : 12 Last 300 seconds input: 0 packets/sec 64 bits/sec 0% Last 300 seconds output: 0 packets/sec 0 bits/sec 0% Input(total): 1838 packets, 119600 bytes - broadcasts, - multicasts Input(normal): 1838 packets, 119600 bytes 137 broadcasts, 0 multicasts Input: 0 input errors, 0 runts, 0 giants, 0 throttles, 0 CRC 0 frame, 0 overruns, - aborts, 0 ignored, - parity errors Output(total): 2643 packets, 234727 bytes - broadcasts, - multicasts, 0 pauses Output(normal): 2643 packets, 234727 bytes 2 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, - collisions, 0 late collisions - lost carrier, - no carrier Receive Packet Peak Value Info: 15118 bytes, happened at 11:03:25 6-27-2006 Transmit Packet Peak Value Info: 50006 bytes, happened at 11:03:25 6-27-2006 Input(total): 1845 packets, 120048 bytes - broadcasts, - multicasts Input(normal): 1845 packets, 120048 bytes 144 broadcasts, 0 multicasts Input: 0 input errors, 0 runts, 0 giants, 0 throttles, 0 CRC 0 frame, 0 overruns, - aborts, 0 ignored, - parity errors Output(total): 2643 packets, 234727 bytes - broadcasts, - multicasts, 0 pauses Output(normal): 2643 packets, 234727 bytes 2 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, - collisions, 0 late collisions - lost carrier, - no carrier Receive Packet Peak Value Info: 15118 bytes, happened at 11:03:25 6-27-2006 Transmit Packet Peak Value Info: 50006 bytes, happened at 11:03:25 6-27-2006