管理vlan和辦公vlan不是同一個,甚至是跨交換機。
實驗名稱 | 跨網段,跨vlan訪問管理vlan |
實驗拓撲 | |
思路: Trunk/默認路由(等於思科默認網關) 說明: 管理vlan 1,要求從PC能訪問任意vlan 1.
//配置SW1 <H3C>system-view [H3C]sysname SW1 [SW1]int vlan1 [SW1-Vlan-interface1]ip add 192.168.1.1 29 [SW1-Vlan-interface1]vlan 10 [SW1-vlan10]int vlan10 [SW1-Vlan-interface10]ip add 192.168.10.1 24 [SW1-Vlan-interface10]vlan 20 [SW1-vlan20]int vlan20 [SW1-Vlan-interface20]ip add 192.168.20.1 24 [SW1-Vlan-interface20]quit
//配置接口爲trunk [SW1]int g1/0/1 [SW1-GigabitEthernet1/0/1]port link-type trunk [SW1-GigabitEthernet1/0/1]port trunk permit vlan 10 //不寫all,避免垃圾流量。 [SW1-GigabitEthernet1/0/1]int g1/0/2 [SW1-GigabitEthernet1/0/2]port link-type trunk [SW1-GigabitEthernet1/0/2]port trunk permit vlan 20 //SW1配置完畢
//配置SW2 <H3C>syst [H3C]sysn SW2 [SW2]int g1/0/1 [SW2-GigabitEthernet1/0/1]port link-type trunk [SW2-GigabitEthernet1/0/1]port trunk permit vlan 10 [SW2-GigabitEthernet1/0/1]int g1/0/2 [SW2-GigabitEthernet1/0/2]port link-type access [SW2-GigabitEthernet1/0/2]vlan 10 [SW2-vlan10]port g1/0/2 [SW2-vlan10]int vlan1 [SW2-Vlan-interface1]ip add 192.168.1.2 29
//vlan 1 IP已配完,但10網段的訪問不到,還需要添加默認路由 [SW2]ip route-static 0.0.0.0 0 192.168.1.1
//配置SW3,和SW2一樣 <H3C>syst [H3C]sysn SW3 [SW3]int g1/0/1 [SW3-GigabitEthernet1/0/1]port link-type trunk [SW3-GigabitEthernet1/0/1]port trunk permit vlan 20 [SW3-GigabitEthernet1/0/1]int g1/0/2 [SW3-GigabitEthernet1/0/2]port link-type access [SW3-GigabitEthernet1/0/2]vlan 20 [SW3-vlan20]port g1/0/2 [SW3-vlan20]int vlan1 [SW3-Vlan-interface1]ip add 192.168.1.3 29 [SW3]ip route-static 0.0.0.0 0 192.168.1.1
| |
實驗驗證:全網互通 | |
