VLAN 综合实验

一、实验拓扑

二、实验需求

1.PC1和PC3所在接口为access，属于vlan2；

PC2/4/5/6处于同一网段，其中PC2可以访问PC4/5/6;

2.PC5不能访问PC6;

3.PC1/3与PC2/4/5/6不在同一网段；

4.所有PC通过DHCP获取IP地址，且PC1/3可以正常访问PC2/4/5/6

三、实验思路

1.在交换机上配置VLAN并修改为对应接口

2.在路由器上配置网关

3.开启接口识别vid的功能配置对应vlan，且开启ARP广播

4.开启DHCP服务，配置地址池，下发地址

四、实验步骤

1.配置VLAN

[SW1]int g0/0/1

[SW1-GigabitEthernet0/0/1]port link-type access

[SW1-GigabitEthernet0/0/1]port default vlan 2

[SW1-GigabitEthernet0/0/1]int g0/0/2

[SW1-GigabitEthernet0/0/2]port link-type hybrid

[SW1-GigabitEthernet0/0/2]port hybrid untagged vlan 2 3 4 5 6

[SW1-GigabitEthernet0/0/2]port hybrid pvid vlan 3

[SW1-GigabitEthernet0/0/2]int g0/0/3

[SW1-GigabitEthernet0/0/3]port link-type trunk

[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan 2 3 4 5 6

[SW1-GigabitEthernet0/0/3]int g0/0/4

[SW1-GigabitEthernet0/0/4]port link-type trunk

[SW1-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 3 4 5 6

[SW2]vlan batch 2 to 6

[SW2]int g0/0/1

[SW2-GigabitEthernet0/0/1]port link-type access

[SW2-GigabitEthernet0/0/1]port default vlan 2

[SW2-GigabitEthernet0/0/1]int g0/0/2

[SW2-GigabitEthernet0/0/2]port link-type hybrid

[SW2-GigabitEthernet0/0/2]port hybrid untagged vlan 2 3 5 6

[SW2-GigabitEthernet0/0/2]port hybrid tagged vlan 4

[SW2-GigabitEthernet0/0/2]port hybrid pvid vlan 3

[SW2-GigabitEthernet0/0/2]int g0/0/3

[SW2-GigabitEthernet0/0/3]port link-type trunk

[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan 2 3 4 5 6

[SW2-GigabitEthernet0/0/3]int g0/0/4

[SW2-GigabitEthernet0/0/4]port link-type trunk

[SW2-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 3 4 5 6

[SW3]vlan batch 2 to 6

[SW3]int g0/0/1

[SW3-GigabitEthernet0/0/1]port link-type hybrid

[SW3-GigabitEthernet0/0/1]port hybrid untagged vlan 2

[SW3-GigabitEthernet0/0/1]port hybrid pvid vlan 3

[SW3-GigabitEthernet0/0/1]port hybrid tagged vlan 5

[SW3-GigabitEthernet0/0/1]int g0/0/2

[SW3-GigabitEthernet0/0/2]port link-type hybrid

[SW3-GigabitEthernet0/0/2]port hybrid untagged vlan 2

[SW3-GigabitEthernet0/0/2]port hybrid tagged vlan 6

[SW3-GigabitEthernet0/0/2]port hybrid pvid vlan 3

[SW3-GigabitEthernet0/0/2]int g0/0/3

[SW3-GigabitEthernet0/0/3]port link-type trunk

[SW3-GigabitEthernet0/0/3]port trunk allow-pass vlan 2 3 4 5 6

2.使用路由器子接口完成不同VLAN之间的通信

[R1]int g0/0/0.1

[R1-GigabitEthernet0/0/0.1]ip add 192.168.1.254 24

[R1-GigabitEthernet0/0/0.1]dot1q termination vid 2

[R1-GigabitEthernet0/0/0.1]arp broadcast enable

[R1-GigabitEthernet0/0/0.1]int g0/0/0.2

[R1-GigabitEthernet0/0/0.2]ip add 192.168.2.254 24

[R1-GigabitEthernet0/0/0.2]dot1q termination vid 3

[R1-GigabitEthernet0/0/0.2]arp broadcast enable

3.开启DHCP服务

[R1]dhcp enable

4.配置地址池

[R1]ip pool a

[R1-ip-pool-a]network 192.168.1.0 mask 24

[R1-ip-pool-a]gateway-list 192.168.1.254

[R1-ip-pool-a]dns-list 114.114.114.114 8.8.8.8

[R1-ip-pool-a]q

[R1]ip pool b

[R1-ip-pool-b]network 192.168.2.0 mask 24

[R1-ip-pool-b]gateway-list 192.168.2.254

[R1-ip-pool-b]dns-list 114.114.114.114 8.8.8.8

5.在接口中应用DHCP服务

[R1]int g0/0/0.1

[R1-GigabitEthernet0/0/0.1]dhcp select global

[R1-GigabitEthernet0/0/0.1]int g0/0/0.2

[R1-GigabitEthernet0/0/0.2]dhcp select global

五、测试

所有PC通过DHCP获取IP地址且可以访问

PC5不能访问PC6