多個交換機的vlan劃分

多個交換機的vlan劃分

一．實現目標

1.                 單個交換機的vlan劃分

2.               保證vlan之間的通信

3.              多個交換機的vlan的劃分

4.               保證單個vlan之間的通信

5.               路由的設置

6.               不同vlan的路由通信

二．拓撲結構圖

 

 

 

Pc的配置

 Pc0 ip add 192.168.1.2 gw 192.168.1.1

 Pc1 ip add 192.168.1.3 gw 192.168.1.1

 Pc2 ip add 192.168.2.2 gw 192.168.2.1

 Pc3 ip add 192.168.2.3 gw 192.168.2.1

 Pc4 ip add 192.168.2.3 gw 192.168.3.1

 Pc5 ip add 192.168.2.3 gw 192.168.3.1

一．實驗過程

1．      交換機的是switch0的配置

Switch#conf t

Switch<config> # hostname switcha

Switch <config> #end

Switch # vlan data

Switch<vlan>#vtp server

Switch <vlan>#vtp domain ddd

Switch <vlan>#vlan 2 name vlan2

Switch <vlan>#vlan 3 name vlan3

Switch <vlan>#vlan 4 name vlan4

Switch <vlan>#exit

Switch#conf t

Switch<config> #int fa0/1

Switch <config-if>#switchport mode trunk

Switch<config-if>#end

Switch#conf t

Switch<config> #int fa0/10

Switch<config-if>#switchport access vlan 2

Switch#conf t

Switch<config> #int fa0/11

Switch<config-if>#switchport access vlan 3

Switch#conf t

Switch<config> #int fa0/12

Switch<config-if>#switchport access vlan 4

2.交換機switch3的配置

Switch#vlan data

Switch<vlan>#vtp client

Switch <vlan>#vtp domain ddd

Switch <vlan>#exit

Switch#conf t

Switch <config>#int fa0/1

Switch <config-ig># switchport mode trunk

Switch <config-if>#end

3.路由的配置

Router # config t

Router <config>#hostname vlan

Router <config>#int fa0/0

Router <config-if>#no shut

Router <config-if>#no ip address

Router <config-if>#end

Router # config t

 

Router <config>#int fa0/0.7

Router <config-subif>#enca dot1q 2

Router <config-subif># ip add 192.168.1.1 255.255.255.0

Router <config-subif>#no shut

Router <config-subif># end

Router # config t

 

Router <config>#int fa0/0.8

Router <config-subif>#enca dot1q 3

Router <config-subif># ip add 192.168.2.1 255.255.255.0

Router <config-subif>#no shut

Router <config-subif># end

Router # config t

 

Router <config>#int fa0/0.9

Router <config-subif>#enca dot1q 4

Router <config-subif># ip add 192.168.3.1 255.255.255.0

Router <config-subif>#no shut

Router <config-subif># end

3. 檢查各個vlan之間是否可以通信

  A:沒有加路由的情況下vlan之間的通信

Vlan2與vlan3 之間的通信

  PC>ping 192.168.2.2

Pinging 192.168.2.2 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.2.2:

    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

              Vlan2與vlan4之間的通信

PC>ping 192.168.3.2

Pinging 192.168.3.2 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.3.2:

    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

 

Vlan2與vlan3的通信

Packet Tracer PC Command Line 1.0

PC>ping 192.168.2.2

Pinging 192.168.2.2 with 32 bytes of data:

Reply from 192.168.2.2: bytes=32 time=156ms TTL=127

Reply from 192.168.2.2: bytes=32 time=188ms TTL=127

Reply from 192.168.2.2: bytes=32 time=202ms TTL=127

Reply from 192.168.2.2: bytes=32 time=182ms TTL=127

Ping statistics for 192.168.2.2:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 156ms, Maximum = 202ms, Average = 182ms

Vlan2與vlan4的通信

PC>ping 192.168.3.2

 

Pinging 192.168.3.2 with 32 bytes of data:

 

Reply from 192.168.3.2: bytes=32 time=172ms TTL=127

Reply from 192.168.3.2: bytes=32 time=171ms TTL=127

Reply from 192.168.3.2: bytes=32 time=187ms TTL=127

Reply from 192.168.3.2: bytes=32 time=174ms TTL=127

 

Ping statistics for 192.168.3.2:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 171ms, Maximum = 187ms, Average = 176ms

Vlan3與vlan4 的通信

Packet Tracer PC Command Line 1.0

PC>ping 192.168.3.2

Pinging 192.168.3.2 with 32 bytes of data:

Reply from 192.168.3.2: bytes=32 time=156ms TTL=127

Reply from 192.168.3.2: bytes=32 time=171ms TTL=127

Reply from 192.168.3.2: bytes=32 time=168ms TTL=127

Reply from 192.168.3.2: bytes=32 time=160ms TTL=127

Ping statistics for 192.168.3.2:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 156ms, Maximum = 171ms, Average = 163ms

 

PC>ping 192.168.3.3

Pinging 192.168.3.3 with 32 bytes of data:

Request timed out.

Reply from 192.168.3.3: bytes=32 time=142ms TTL=127

Reply from 192.168.3.3: bytes=32 time=141ms TTL=127

Reply from 192.168.3.3: bytes=32 time=140ms TTL=127

Ping statistics for 192.168.3.3:

    Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),

Approximate round trip times in milli-seconds:

    Minimum = 140ms, Maximum = 142ms, Average = 141ms

 

 

二．總結

1．      在沒有路由的情況下vlan之間是不能通信的。

2．   通過路由可以解決不同vlan之間的信

3．  不同交換機的vlan的劃分可以更加的有利於不同網絡的安全。