VLAN的划分,划分原则,基础配置,交换接口模式的工作原理
VLAN 虚拟局域网
常见vlan划分的几种常用方式
- 安装部门划分
- 安装地点划分
- 安装人员划分
常见的vlan划分的几种方法
| 1.基于交换机接口划分 | 较为常用,也是其他方法的基础 |
| 2.基于IP地址划分 | 适用于固定IP的终端设备(财务,老板使用的PC等) |
| 3.基于mac地址划分 | 适用于安全性较高的部门(研发等) |
| 4.策略vlan | 相对比较不常见,可以同时基于IP和mac地址划分 |
vlan透传
vlan 透传是指一端发送数据到另一端时,另一端接受到数据包时是剥离了802.1q封装的
什么意思呢?
图1-1
如图1-1,当PC1发送数据给PC2,数据包传递到LSW1的Ethernet0/0/1接口,会封装上接口的vlan-id,即802.1q协议,当LSW1将数据从Ethernet0/0/2口转发给PC2时,则需要将数据包的802.1q协议封装给剥离开,PC才可以读取到数据中的内容,这个过程就是vlan的透传;当交换机在转发数据包给终端时,数据包的802.1q封装若无法被剥离,则会造成无法通信;
常见的三种交换接口的模式
- access接入模式,一般用于接入终端的交换机接口
- trunk中继模式,一般用于交换机之间互相连接的接口
- hybrid混合模式,可以剥离多个vlan-id和允许多个vlan通过
| 交换机接口模式 |
pvid |
TG(tagged) |
UT(untagged) |
| access |
一个 |
一个 |
一个 |
| trunk |
一个 |
多个 |
一个 |
| hybrid |
一个 |
多个 |
多个 |
pvid:在交换机接口接收到没有802.1q封装的数据包时,给数据包打上vlan-id(封装802.1q);
TG(tagged):接口在转发和接收数据包时携带vlan标签(802.1q封装)通过;
UT(untagged):在接口转发数据包时,将对应的vlan标签(802.1q封装)剥离;
access和trunk模式的交换机接口只可以pvid和UT同一个的vlan-id(802.1q封装);
相关命令:
本篇只讲基于接口的vlan划分!
access:
port link-type access
//配置接口为access模式
port default vlan [vlan-id]
//配置接口vlan-id,默认vlan 1,接口接收数据时,PVID和TG该vlan,转发时UT该vlan;
trunk:
port link-type trunk
//配置接口为trunk模式
port trunk allow-pass vlan [vlan-id列表]
//配置接口TG列表
port trunk pvid vlan [vlan-id]
//配置接口vlan-id,使接口可以pvid该vlan,若TG列表含该vlan,则接口在转发数据时UT该vlan;
hybrid:
port link-type hyhrid
//配置接口为hybrid模式
port hybrid pvid vlan [vlan-id]
//使接口可以pvid该vlan
port hybrid tagged vlan [vlan-id 列表]
//配置接口TG列表
port hybrid untagged vlan [vlan-id列表]
//配置接口UT列表
hybrid接口模式中,同一个vlan只能在一个列表中;
实验
拓扑图
本篇只做关于vlan的配置(链路聚合部分除外)!
其他相关配置:https://blog.csdn.net/weixin_46678521/article/details/126472140
S1的部分配置
[S1]vlan batch 10 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1]interface Ethernet0/0/1
[S1-Ethernet0/0/1]port link-type trunk
[S1-Ethernet0/0/1]port trunk pvid vlan 100
[S1-Ethernet0/0/1]port trunk allow-pass vlan 10 100
[S1-Ethernet0/0/1]quit
[S1]interface Ethernet0/0/2
[S1-Ethernet0/0/2]port link-type access
[S1-Ethernet0/0/2]port default vlan 10
[S1-Ethernet0/0/2]quit
[S1]interface Ethernet0/0/3
[S1-Ethernet0/0/3]port link-type access
[S1-Ethernet0/0/3]port default vlan 10
[S1-Ethernet0/0/3]quit
S2的部分配置
[S2]vlan batch 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2]interface Ethernet0/0/1
[S2-Ethernet0/0/1]port link-type hybrid
[S2-Ethernet0/0/1]port hybrid pvid vlan 100
[S2-Ethernet0/0/1]port hybrid untagged vlan 100
[S2-Ethernet0/0/1]port hybrid tagged vlan 20
[S2-Ethernet0/0/1]quit
[S2]interface Ethernet0/0/2
[S2-Ethernet0/0/2]port link-type access
[S2-Ethernet0/0/2]port default vlan 20
[S2-Ethernet0/0/2]quit
S3的部分配置
[S3]vlan batch 30 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[S3]interface Ethernet0/0/1
[S3-Ethernet0/0/1]port link-type trunk
[S3-Ethernet0/0/1]port trunk pvid vlan 100
[S3-Ethernet0/0/1]port trunk allow-pass vlan 30 100
[S3-Ethernet0/0/1]quit
[S3]interface Ethernet0/0/2
[S3-Ethernet0/0/2]port link-type access
[S3-Ethernet0/0/2]port default vlan 30
[S3-Ethernet0/0/2]quit
S4的部分配置
[S4]vlan batch 40 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[S4]interface Ethernet0/0/1
[S4-Ethernet0/0/1]port link-type trunk
[S4-Ethernet0/0/1]port trunk pvid vlan 100
[S4-Ethernet0/0/1]port trunk allow-pass vlan 40 100
[S4-Ethernet0/0/1]quit
[S4]interface Ethernet0/0/2
[S4-Ethernet0/0/2]port link-type access
[S4-Ethernet0/0/2]port default vlan 40
[S4-Ethernet0/0/2]quit
S5的部分配置
[S5]vlan 4
[S5-vlan4]quit
[S5]interface Ethernet 0/0/1
[S5-Ethernet0/0/2]port link-type access
[S5-Ethernet0/0/2]port default vlan 4
[S5-Ethernet0/0/2]quit
[S5]interface Ethernet 0/0/2
[S5-Ethernet0/0/2]port link-type access
[S5-Ethernet0/0/2]port default vlan 4
[S5-Ethernet0/0/2]quit
[S5]interface g0/0/1
[S5-GigabitEthernet0/0/1]port link-type trunk
[S5-GigabitEthernet0/0/1]port trunk allow-pass vlan 4
[S5-GigabitEthernet0/0/1]quit
[S5]interface g0/0/2
[S5-GigabitEthernet0/0/2]port link-type trunk
[S5-GigabitEthernet0/0/2]port trunk allow-pass vlan 4
[S5-GigabitEthernet0/0/2]quit
S6的部分配置
[S6]vlan 5
[S6-vlan5]quit
[S6]interface Ethernet0/0/1
[S6-Ethernet0/0/1]port link-type access
[S6-Ethernet0/0/1]port default vlan 5
[S6-Ethernet0/0/1]quit
[S6]interface Ethernet0/0/2
[S6-Ethernet0/0/2]port link-type access
[S6-Ethernet0/0/2]port default vlan 5
[S6-Ethernet0/0/2]quit
[S6]interface g0/0/1
[S6-GigabitEthernet0/0/1]port link-type trunk
[S6-GigabitEthernet0/0/1]port trunk allow-pass vlan 5
[S6-GigabitEthernet0/0/1]quit
[S6]interface g0/0/2
[S6-GigabitEthernet0/0/2]port link-type trunk
[S6-GigabitEthernet0/0/2]port trunk allow-pass vlan 5
[S6-GigabitEthernet0/0/2]quit
LSW1的部分配置
[LSW1]vlan batch 2 to 9
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW1]interface g0/0/1
[LSW1-GigabitEthernet0/0/1]port link-type access
[LSW1-GigabitEthernet0/0/1]port default vlan 2
[LSW1-GigabitEthernet0/0/1]quit
[LSW1]interface g0/0/2
[LSW1-GigabitEthernet0/0/2]port link-type access
[LSW1-GigabitEthernet0/0/2]port default vlan 3
[LSW1-GigabitEthernet0/0/2]quit
[LSW1]interface g0/0/3
[LSW1-GigabitEthernet0/0/3]port link-type trunk
[LSW1-GigabitEthernet0/0/3]port trunk allow-pass vlan 4
[LSW1-GigabitEthernet0/0/3]quit
[LSW1]interface g0/0/4
[LSW1-GigabitEthernet0/0/4]port link-type trunk
[LSW1-GigabitEthernet0/0/4]port trunk allow-pass vlan 5
[LSW1-GigabitEthernet0/0/4]quit
[LSW1]interface g0/0/5
[LSW1-GigabitEthernet0/0/5]port link-type access
[LSW1-GigabitEthernet0/0/5]port default vlan 8
[LSW1-GigabitEthernet0/0/5]quit
LSW2的部分配置
[LSW2]vlan batch 2 to 9
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW2]interface g0/0/1
[LSW2-GigabitEthernet0/0/1]port link-type access
[LSW2-GigabitEthernet0/0/1]port default vlan 2
[LSW2-GigabitEthernet0/0/1]quit
[LSW2]interface g0/0/2
[LSW2-GigabitEthernet0/0/2]port link-type access
[LSW2-GigabitEthernet0/0/2]port default vlan 3
[LSW2-GigabitEthernet0/0/2]quit
[LSW2]interface g0/0/3
[LSW2-GigabitEthernet0/0/3]port link-type trunk
[LSW2-GigabitEthernet0/0/3]port trunk allow-pass vlan 4
[LSW2-GigabitEthernet0/0/3]quit
[LSW2]interface g0/0/4
[LSW2-GigabitEthernet0/0/4]port link-type trunk
[LSW2-GigabitEthernet0/0/4]port trunk allow-pass vlan 5
[LSW2-GigabitEthernet0/0/4]quit
[LSW2]]interface g0/0/5
[LSW2-GigabitEthernet0/0/5]port link-type access
[LSW2-GigabitEthernet0/0/5]port default vlan 9
[LSW2-GigabitEthernet0/0/5]quit
SW1的部分配置
[SW1]vlan batch 2 6 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]interface g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 2
[SW1-GigabitEthernet0/0/1]quit
[SW1]interface g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 2
[SW1-GigabitEthernet0/0/2]quit
SW2的部分配置
[SW2]vlan batch 3 6 30 40 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW2]interface g0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 3
[SW2-GigabitEthernet0/0/1]quit
[SW2]interface g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 3文章来源:https://www.toymoban.com/news/detail-413476.html
[SW2-GigabitEthernet0/0/2]quit文章来源地址https://www.toymoban.com/news/detail-413476.html
到了这里,关于eNSP第一篇:VLAN的划分,划分原则,基础配置,交换接口模式的工作原理的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
