利用三層交換機實現VLAN間路由
一、實驗目標
-
掌握交換機Tag VLAN 的配置
-
掌握三層交換機基本配置方法
-
掌握三層交換機VLAN路由的配置方法
-
通過三層交換機實現VLAN間相互通信
二、實驗背景
某企業有兩個主要部門,技術部和銷售部,分處於不同的辦公室,為了安全和便於管理,對兩個部門的主機進行了VLAN的划分,技術部和銷售部分處於不同的VLAN。現由於業務的需求,需要銷售部和技術部的主機能夠相互訪問,獲得相應的資源,兩個部門的交換機通過一台三層交換機進行了連接
三、技術原理
三層交換機具備網絡層的功能,實現VLAN間相互訪問的原理是:利用三層交換機的路由功能,通過識別數據包的IP地址,查找路由表進行選路轉發。三層交換機利用直連路由可以實現不同VLAN之間的互相訪問。三層交換機給接口配置IP地址,采用SVI(交換虛擬接口)的方式實現VLAN間互連。SVI是指為交換機中的VLAN創建虛擬接口,並且配置IP地址
四、實驗步驟
實驗拓撲
實驗步驟
-
在二層交換機上配置VLAN 2、VLAN 3,分別將端口2、端口3划到VLAN 2、VLAN 3
-
將二層交換機與三層交換機相連的端口Fa0/1定義為Tag VLAN模式
Switch>enable
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#interface fa0/2
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#interface fa0/3
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#interface fa0/1
Switch(config-if)#switchport mode trunk
-
在三層交換機上配置VLAN 2、VLAN 3,分別將端口2、端口3划到VLAN 2、VLAN 3
Switch>enable
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#interface fa0/2
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#interface fa0/3
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#interface fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport mode trunk
Switch(config-if)#exit
-
設置三層交換機VLAN間通信,創建VLAN 2、VLAN 3的虛擬接口,並配置虛擬接口VLAN 2、VLAN 3的IP地址
Switch(config)#interface vlan 2 //創建 VLAN 2 的虛擬接口
Switch(config-if)#ip address 192.168.1.1 255.255.255.0 //配置虛擬接口 VLAN 2 的IP地址
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#interface vlan 3 //創建 VLAN 2 的虛擬接口
Switch(config-if)#ip address 192.168.2.1 255.255.255.0 //配置虛擬接口 VLAN 2 的IP地址
Switch(config-if)#no shutdown
Switch(config-if)#end
Switch#
-
查看三層交換機路由表
Switch#show ip route
-
將VLAN 2、VLAN 3下的主機默認網關分別設置為相應虛擬接口的IP地址
五、驗證
打開PC1 Command Prompt
Packet Tracer PC Command Line 1.0
PC>ipconfig
IP Address......................: 192.168.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1
PC>ping 192.168.1.3
Pinging 192.168.1.3 with 32 bytes of data:
Reply from 192.168.1.3: bytes=32 time=187ms TTL=128
Reply from 192.168.1.3: bytes=32 time=93ms TTL=128
Reply from 192.168.1.3: bytes=32 time=110ms TTL=128
Reply from 192.168.1.3: bytes=32 time=93ms TTL=128
Ping statistics for 192.168.1.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 187ms, Average = 120ms
PC>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Request timed out.
Reply from 192.168.2.2: bytes=32 time=188ms TTL=127
Reply from 192.168.2.2: bytes=32 time=112ms TTL=127
Reply from 192.168.2.2: bytes=32 time=125ms TTL=127
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 112ms, Maximum = 188ms, Average = 141ms
PC>ping 192.168.2.3
Pinging 192.168.2.3 with 32 bytes of data:
Request timed out.
Reply from 192.168.2.3: bytes=32 time=125ms TTL=127
Reply from 192.168.2.3: bytes=32 time=78ms TTL=127
Reply from 192.168.2.3: bytes=32 time=64ms TTL=127
Ping statistics for 192.168.2.3:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 125ms, Average = 89ms
