Linux运维-陈雷雷


华为HCNP_17 华为交换机vlan间路由的两种技术_单臂路由与SVI接口配置

admin 2019-06-03 1139浏览 0条评论
首页/正文
分享到: / / / /

Trunk技术

Trunk简介

“trunk”在网络用语中一般译为:“主干线、中继线、长途线” ,不过一般不用译意,直接使用英文。在路由/交换网络中,trunk通常被称为“中继(透传)”。在语音级应用的线路中,trunk一般指“主干网络、电话干线”,即两个交换局或交换机之间的连接电路或信道,它为两端设备之间进行转接,作为信令和终端设备数据的传输链路。

Trunk配置

拓扑图:

LS1:

创建相应vlan:
vlan10
vlan20    


接口下配置添加到指定vlan:
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 20
#

LS2:

创建相应vlan:
vlan10
vlan20   

接口相关配置:
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 20

LW1 LW3 关键配置:

SW1:
[Huawei]int g0/0/4
[Huawei-GigabitEthernet0/0/4] port link-type trunk
[Huawei-GigabitEthernet0/0/4] port trunk allow-pass vlan 2 to 4094

SW2:
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 to 4094

测试:

PC1 -- vlan10 通信结果:

PC2 -- vlan20通信结果:

Trunk通信原理

PC1给PC3发送ping 数据包到达交换机出口时会马上打上tag标签

数据发出到达另一端时会解开报文结构去除tag标签,与PC相连的接口不会收到tag标签

VLAN间路由:

vlan间路由是让本来隔离的网络中实现互相访问,实现vlan间单播通信

vlan间路由有两种实现方式分别是:

  • 单臂路由
  • SVI虚接口

建议一个vlan中的成员不超过150人。

单臂路由案例1:

拓扑图:

配置:

R1:

SW1 vlan划分:

vlan划分
[Huawei]vlan 10
[Huawei]vlan 20

[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access 
[Huawei-GigabitEthernet0/0/1]port default vlan 10

[Huawei-GigabitEthernet0/0/1]dis this     #----检查配置
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
return

[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/1]port link-type access 
[Huawei-GigabitEthernet0/0/1]port default vlan 20
[Huawei-GigabitEthernet0/0/2]dis this
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20
#
return

SW1上行接口配置:

[Huawei-GigabitEthernet0/0/2]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type trunk
[Huawei-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/3]dis this
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
return

路由器配置:

如果想要他们通信,就必须有网关,此时只有一个接口

这里需要了解 路由器子接口,子接口可以存在4096个,我们可以把网关配置在子接口中这样网关就可以配置了

子接口配置:

[Huawei]interface Ethernet0/0/0.10
[Huawei-Ethernet0/0/0.10]dot1q termination vid 10
[Huawei-Ethernet0/0/0.10]ip address 192.168.10.1 255.255.255.0   ## vlan网关
[Huawei-Ethernet0/0/0.10]arp broadcast enable      ##----开启广播请求,不开启无法通信
[Huawei-Ethernet0/0/0.10]dis this
#
interface Ethernet0/0/0.10
 dot1q termination vid 10
 ip address 192.168.10.1 255.255.255.0
 arp broadcast enable
#
return


[Huawei]interface Ethernet0/0/0.20
[Huawei-Ethernet0/0/0.10]dot1q termination vid 20
[Huawei-Ethernet0/0/0.10]ip address 192.168.20.1 255.255.255.0
[Huawei-Ethernet0/0/0.10]arp broadcast enable
[Huawei-Ethernet0/0/0.20]dis this
#
interface Ethernet0/0/0.20
 dot1q termination vid 20
 ip address 192.168.20.1 255.255.255.0
 arp broadcast enable
#

配置完成测试ping:

PC1 ping网关:

ping 对端网关:

PC1 ping对端PC2 IP:

这样单臂路由就配置完毕了。

单臂路由案例2:

方法1: 非子接口配置互联 - 用路由器做路由网关

SW1配置:

vlan划分
[Huawei]vlan 10
[Huawei]vlan 20
[Huawei]vlan 30
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access 
[Huawei-GigabitEthernet0/0/1]port default vlan 10

[Huawei-GigabitEthernet0/0/1]dis this     #----检查配置
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
return

[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/1]port link-type access 
[Huawei-GigabitEthernet0/0/1]port default vlan 20

[Huawei-GigabitEthernet0/0/2]dis this
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20
#
return

[Huawei]int g0/0/3
[Huawei-GigabitEthernet0/0/3]
[Huawei-GigabitEthernet0/0/3] port link-type trunk
[Huawei-GigabitEthernet0/0/3] port trunk allow-pass vlan 2 to 4094

R1配置[网关配置]:

[Huawei]int e0/0/0.10
[Huawei-Ethernet0/0/0.10] interface Ethernet0/0/0.10
[Huawei-Ethernet0/0/0.10] dot1q termination vid 10
[Huawei-Ethernet0/0/0.10] ip address 192.168.10.1 255.255.255.0
[Huawei-Ethernet0/0/0.10] arp broadcast enable
[Huawei]int e0/0/0.20
[Huawei-Ethernet0/0/0.20]  dot1q termination vid 20
[Huawei-Ethernet0/0/0.20]  ip address 192.168.20.1 255.255.255.0
[Huawei-Ethernet0/0/0.20]  arp broadcast enable
[Huawei]int e0/0/1
[Huawei-Ethernet0/0/1]ip add 12.1.1.1 24

静态路由到达R2网段:
[Huawei]ip route-s 192.168.30.0 24 12.1.1.2

R2配置:

[Huawei]interface Ethernet0/0/0
[Huawei-Ethernet0/0/0]ip address 12.1.1.2 255.255.255.0

[Huawei]interface Ethernet0/0/1
[Huawei-Ethernet0/0/1]ip address 192.168.30.1 255.255.255.0
 
[Huawei]ip route-static 192.168.10.0 255.255.255.0 12.1.1.1
[Huawei]ip route-static 192.168.20.0 255.255.255.0 12.1.1.1

LSW2配置:

把两个都配置为vlan30让他逻辑上变成一个vlan30
[Huawei]vlan30
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access
[Huawei-GigabitEthernet0/0/1]port default vlan 30
[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 30

配置完成后测试:

通过PC1访问两条VLAN中的主机。检查结果都是通的

方法2: 用三层交换机做网关 非子接口配置互联

vlan batch 10 20  创建两个vlan
划分到指定接口

interface GigabitEthernet0/0/2
 port link-type access 
 port default vlan 10
 
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20

PC配置:

vlan10:

vlan20 :

三层交换机 vlan 网关 配置:

[Huawei]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.1 24

[Huawei]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.1 24

查看:
[Huawei-Vlanif20] dis ip int br   ##查看vlan接口命令

*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2

Interface                         IP Address/Mask      Physical   Protocol  
MEth0/0/1                         unassigned           down       down      
NULL0                             unassigned           up         up(s)     
Vlanif1                           unassigned           down       down      
Vlanif10                          192.168.10.1/24      up         up        
Vlanif20                          192.168.20.1/24      up         up   


通过 dis port vlan active 命令也可以查看到相应vlan id
[Huawei]dis port vlan active 

T=TAG U=UNTAG
-------------------------------------------------------------------------------
Port                Link Type    PVID    VLAN List
-------------------------------------------------------------------------------
GE0/0/1             access       10      U: 10
GE0/0/2             access       20      U: 20


测试是否ping通:

vlan间路由两层架构[SVI]

SW2配置:

[Huawei]vlan batch 10 20 30
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access
[Huawei-GigabitEthernet0/0/1]port default vlan 10
[Huawei-GigabitEthernet0/0/1]int g0/0/2
[Huawei-GigabitEthernet0/0/2]port link-type access
[Huawei-GigabitEthernet0/0/2]port default vlan 20
[Huawei-GigabitEthernet0/0/3]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type trunk
[Huawei-GigabitEthernet0/0/3]port trunk allow-pass vlan all

SW3配置:

[Huawei]vlan 30
[Huawei]interface GigabitEthernet0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[Huawei]interface GigabitEthernet0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 30

sw1配置:

[Huawei]port-group group-member g0/0/1 g0/0/2
[Huawei-port-group]port link-type  trunk
[Huawei-port-group]port trunk allow-pass vlan all 

SW1 多vlan网关配置:

[Huawei]vlan batch 10 20 30    #创建多个vlan
[Huawei]int vlan 10
[Huawei-Vlanif10]ip address 192.168.10.1 24
[Huawei]int vlan 20
[Huawei-Vlanif20]ip address 192.168.20.1 24
[Huawei]int vlan 30
[Huawei-Vlanif20]ip address 192.168.30.1 24

配置完成测试通信:

PC1 ping PC3:

PC1 ping PC2:

全部通信则配置正确,这样,vlan间路由(SVI)就配置完成了

实验案例文件下载: vlan间路由_路由器虚拟接口方式.zip

最后修改:2019-06-03 07:17:12 © 著作权归作者所有
如果觉得我的文章对你有用,请随意赞赏
扫一扫支付

上一篇

发表评论

评论列表

还没有人评论哦~赶快抢占沙发吧~

博客信息

  • 文章数目 80
  • 标签数目 232
  • 运行天数
  • 最后活动

广告



文章目录