单臂路由是一种在单个物理接口上配置多个逻辑接口,以实现不同VLAN间通信的技术。它通过在路由器接口上划分子接口,每个子接口对应一个VLAN网段,从而实现了VLAN间的互联互通。单臂路由能够重新封装MAC地址,转换VLAN标签,并根据需要划分多个逻辑接口。它广泛应用于网络管理和安全领域,能够实时监测网络流量,分析网络性能,快速定位问题,并提升网络安全性。
实验拓扑
1、为两台pc配置ip掩码以及网关
2、在交换机上把连接PC的端口分别划分到不同vlan配置好对应IP,连接路由器的接口配置为trunk,并允许相关vlan通过
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname sw1
[sw1]int g1/0/1
[sw1-GigabitEthernet1/0/1]vlan 10
[sw1-vlan10]po
[sw1-vlan10]port g1/0/1
[sw1-vlan10]qu
[sw1]int vlan 10
[sw1-Vlan-interface10]ip address 192.168.1.254 24
[sw1-Vlan-interface10]qu
[sw1]vlan 20
[sw1-vlan20]port g1/0/2
[sw1-vlan20]qu
[sw1]int vlan 20
[sw1-Vlan-interface20]ip address 192.168.2.254 24
[sw1-Vlan-interface20]qu
[sw1]di ip in b
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP Address Description
MGE0/0/0 down down -- --
Vlan10 up up 192.168.1.254 --
Vlan20 up up 192.168.2.254 --
[sw1]
[sw1]int g1/0/3
[sw1-GigabitEthernet1/0/3]port link-type trunk
[sw1-GigabitEthernet1/0/3]port trunk permit vla 10 20
[sw1-GigabitEthernet1/0/3]3、在路由器上划分不同接口并绑定不同vlan
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname r1
[r1]int g0/0.1
[r1-GigabitEthernet0/0.1]vlan-type dot1q vid 10
[r1-GigabitEthernet0/0.1]int g0/0.2
[r1-GigabitEthernet0/0.2]vlan-type dot1q vid 204、测试两台PC互通
