实验拓扑及要求
一、实验思路
1.R1-R3按要求配置,R2不划分vlan使其全部都可以访问
2.交换机和路由器的交换机直连接口设为hybrid模式且R4-R6不带vlan标签访问路由器
3.交换机和交换机的两个直连接口设为hybrid模式且只允许R4-R6所在vlan标签通过
4.R4-R6只允许其所在vlan标签和不带vlan标签通过
5.在路由器上划分子接口及配置地址池
二、实操
1.R1-R3按要求配置,R2不划分vlan使其全部都可以访问
[lsw1]vlan batch 2 4 5 6
[lsw1]vlan batch 2 4 5 6
[lsw1]vlan batch 2 4 5 6
[lsw1]int e0/0/1
[lsw1-Ethernet0/0/1]port link-type access
[lsw1-Ethernet0/0/1]port default vlan 2
[lsw1-Ethernet0/0/1]int e0/0/3
[lsw1-Ethernet0/0/3]port link-type access
[lsw1-Ethernet0/0/3]port default vlan 2
2.交换机和路由器的交换机直连接口设为hybrid模式且R4-R6不带vlan标签访问路由器
[lsw1]int e0/0/6
[lsw1-Ethernet0/0/6]port hybrid untagged vlan 4 to 6
3.交换机和交换机的两个直连接口设为hybrid模式且只允许R4-R6所在vlan标签通过
[lsw1]int e0/0/5
[lsw1-Ethernet0/0/5]port hybrid tagged vlan 4 to 6
4.R4-R6只允许其所在vlan标签和vlan1通过
[lsw1-Ethernet0/0/3]int e0/0/4
[lsw1-Ethernet0/0/4]port hybrid pvid vlan 4
[lsw1-Ethernet0/0/4]port hybrid tagged vlan 4
[lsw2]int e0/0/3
[lsw2-Ethernet0/0/3]port hybrid tagged vlan 4 to 6
[lsw2-Ethernet0/0/3]int e0/0/1
[lsw2-Ethernet0/0/1]port hybrid pvid vlan 5
[lsw2-Ethernet0/0/1]port hybrid tagged vlan 5
[lsw2-Ethernet0/0/1]int e0/0/2
[lsw2-Ethernet0/0/2]port hybrid pvid vlan 6
[lsw2-Ethernet0/0/2]port hybrid tagged vlan 6
5.在路由器上划分子接口及配置地址池
[r1]vlan batch 2
[r1]int g0/0/0.1
[r1-GigabitEthernet0/0/0.1]dot1q termination vid 2
[r1-GigabitEthernet0/0/0.1]ip add 192.168.1.1 24
[r1-GigabitEthernet0/0/0.1]arp broadcast enable
[r1-GigabitEthernet0/0/0.1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.2.1 24
[r1-GigabitEthernet0/0/0]q
[r1]dhcp enable
[r1]ip pool dhcp1
[r1-ip-pool-dhcp1]network 192.168.2.0 mask 24
[r1-ip-pool-dhcp1]gateway-list 192.168.2.1
[r1-ip-pool-dhcp1]q
[r1]ip pool vlan2
[r1-ip-pool-vlan2]network 192.168.1.0 mask 24
[r1-ip-pool-vlan2]gateway-list 192.168.1.1
[r1-ip-pool-vlan2]q
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]dhcp select global
[r1-GigabitEthernet0/0/0]int g0/0/0.1
[r1-GigabitEthernet0/0/0.1]dhcp select global
三、检验
1.查看PCIP地址
2.ping
R1、R3可以访问所有
R1可以访问所有
R2可以访问所有
R2
R4 不能访问R5、R6
R5不能访问R6
