交换机虚拟网(VirtualLANs)的设置:
Catalyst5000上实现VLAN划分及外部VLAN路由设置
分配VTP域(aVTPDomain)
将Cat5000加入域
指定中继端口(aTrunk)
DynamicISL
分配VLAN到端口
设置VLAN20
配置Router------------------------------------------------------------------- 注:存在三个VLAN,在VLAN之间通过Router做路由.
-----------------------------------------------------------------分配VTP域
什么是VTP?
VTP是VLANTrunkProtocol的简写,它提供每个设备(router或LAN-switch)在中继端口(trunkports)发送广播.这些广播被发送到一个组播地址,并被所有相邻设备接收.这些广播列出了发送设备的管理域,它的配置修订号,已知的VLAN,及已知VLAN的确定参数.通过听这些广播,在相同管理域的所有设备都可以学习到在发送设备上配置的新的VLAN.使用这种方法,新的VLAN只需要在管理域内的一台设备上建立和配置.信息会自动被相同管理域内的其它设备学到.分配VTP域
首先分配VTP域名(aVTPdomainname),在相同管理域内的交换机可以通过VTP协议互相学习VTP信息.
Cat5001>(enable)shovtpdomain
DomainNameDomainIndexVTPVersionLocalMode
------------------------------------------------------------------
11serverAdvtIntervalVlan-countMax-vlan-storageConfigRevisionSNMPTraps
-----------------------------------------------------------------
30052560disabledLastUpdater
---------------
0.0.0.0
Cat5001>(enable)
Cat5001>(enable)setvtpdomaincisco
VTPdomainciscomodified
Cat5001>(enable)shovtpdomain
DomainNameDomainIndexVTPVersionLocalMode
------------------------------------------------------------------
cisco11serverAdvtIntervalVlan-countMax-vlan-storageConfigRevisionSNMPTraps
-----------------------------------------------------------------
30052560disabledLastUpdater
---------------
0.0.0.0
Cat5001>(enable)
--------------------------------------------------------------------------------将Catalyst5002加入域
需要将Catalyst5002加入名为cisco的VTP管理域,并设为VTPclient,它将接收来自VTPserver的VTP配置及更新.注意:Catalyst5000系列交换机默认为VTPserver.
cat5002>(enable)
cat5002>setvtpdomainciscomodeclient
指定中继端口(Trunkports)
VLANTrunk协议(VTP)只在中继口(ISL,LANE和802.10)上传输,应在二个Catalyst5000交换机间定义哪个口作为中继端口(Trunkport).Inter-SwitchLink(ISL)中继用于FastEthernet和GigabitEthernet端口
IEEE802.10中继用于FDDI/CDDI端口
LANEmulation(LANE)中继用于ATM端口Cat5001>(enable)settrunk1/1on
Port1/1modesettoon.
Cat5001>(enable)
WedJun191996,15:00:02Port1/1hasbecometrunk.
--------------------------------------------------------------------------------DynamicISL
有了DISL(DynamicISL),你不需要修改远端的Catalyst5000;以下信息将显示在远端的Catalyst5000.
WedJun191996,15:51:59Port1/2hasbecometrunk.Cat5001>(enable)shotrunk
PortModeStatus
----------------------------
1/1ontrunking
1/2autonot-trunking
2/1-2offnot-trunking
5/1autonot-trunking
5/2autonot-trunking
5/3autonot-trunking
5/4autonot-trunking
5/5autonot-trunking
5/6autonot-trunking
5/7autonot-trunking
5/8autonot-trunking
5/9autonot-trunking
5/10autonot-trunking
5/11autonot-trunking
5/12autonot-trunkingPortVlansallowed
----------------------------------------------------------------------------
1/11-1000
1/21-1000
2/1-21-1000
5/11-1000
5/21-1000
5/31-1000
5/41-1000
5/51-1000
5/61-1000
5/71-1000
5/81-1000
5/91-1000
5/101-1000
5/111-1000
5/121-1000PortVlansactive
----------------------------------------------------------------------------
1/11
1/21
2/1-21
5/11
5/21
5/31
5/41
5/51
5/61
5/71
5/81
5/91
5/101
5/111
5/121
注意:DISL在CiscoIOS软件中不支持.
--------------------------------------------------------------------------------分配VLAN到端口
Cat5001>(enable)setvlan23/2-20
VLAN2modified.
VLAN1modified.
VLANMod/Ports
---------------------------
21/1
3/2-20
Cat5001>(enable)setvlan205/1-6
VLAN20modified.
VLAN1modified.
VLANMod/Ports
---------------------------
201/1
5/1-6
ConfigureadditionalinformationforVLAN20.OntheotherCatalyst5000:
Cat5002>(enable)setvlan24/1-2,5/6-12
VLAN2modified.
VLAN1modified.
VLANMod/Ports
---------------------------
21/2
4/1-3,4/5-23
5/6-12
ConfigureadditionalinformationforVLAN20.
Cat5002>(enable)setvlan205/1-5
VLAN20modified.
VLAN1modified.
VLANMod/Ports
---------------------------
201/2
5/1-5
ConfigureVLAN20onaVTPserver.--------------------------------------------------------------------------------显示端口配置
Cat5001>(enable)showport
PortNameStatusVlanLevelDuplexSpeedType
------------------------------------------------------------------------
1/1connected1normalhalf100100BaseTX
1/2connectedtrunknormalhalf100100BaseTX
2/1connecting1normalhalf100FDDI
2/2connected1normalhalf100FDDI
4/1inactive2normalhalf1010BaseT
4/2inactive2normalhalf1010BaseT
4/3inactive2normalhalf1010BaseT
4/4notconnect1normalhalf1010BaseT
4/5inactive2normalhalf1010BaseT
4/6
此时,VLAN2和VLAN20还未激活.所以在VLAN2和VLAN20的端口是inactive状态.--------------------------------------------------------------------------------设置VLAN20
如果在网络里有VTPserver和VTPclent,请在VTPserver上设置VLAN20
Cat5001>(enable)setvlan20
VLAN20modified
这将激活在所有管理域cisco内的VLAN20
Cat5001>(enable)shovlan20
VLANNameStatusMod/Ports
-------------------------------------------------------------------------
20VLAN0020active1/1
5/1-6
VLANTypeSAIDMTUParentRingNoBridgeNoStpTrans1Trans2
------------------------------------------------------------
20enet1000201500----00--------------------------------------------------------------------------------配置Router
conft
interfaceFastEthernet0/0.1<--youneedtocreateasub-interfacebyvlan.
encapsulationisl20<--20isthevlannumber.ipaddress1.1.1.1255.255.255.0
interfaceFastEthernet0/0.2
encapsulationisl2
ipaddress2.2.2.1255.255.255.0
interfaceFastEthernet0/0.3
encapsulationisl1
ipaddress172.16.80.1255.255.255.0Routereigrp666
network1.0.0.0
network2.0.0.0
network172.16.80.0
endwritmem返回
上一篇: Cisco防火墙技术汇总
下一篇: CISCO路由器口令恢复