vlan综合实验

实验要求:

1、pc1和pc3所在接口为access;属于vlan 2;

pc2/pc4/pc5/pc6处于同一网段;其中pc2可以访问pc4/pc5/pc6;

pc4可以访问pc6; pc5不能访问pc6;

2、pc1/pc3与pc2/pc4/pc5/pc6不在同一网段;

3、所有pc通过DHCP获取IP地址,且pc1/pc3可以正常访问pc2/pc4/pc5/pc6;

实验分析

  • PC2、PC4、PC5、PC6 处于同一广播域,PC1 与 PC3 则位于另一广播域。

  • 需要在交换机上创建所需的 VLAN,并将各端口分配至相应 VLAN,同时配置端口链路模式。

  • 交换机之间应建立 Trunk(或混合)链路,并确保允许相关 VLAN 的数据通过。

  • 路由器需通过子接口实现 VLAN 间路由。

  • 配置 DHCP 服务,为不同 VLAN 下发 IP 地址。


配置步骤

1. 创建 VLAN

在 SW1、SW2、SW3 上分别执行:

bash 复制代码
vlan batch 2 to 6

2. 端口划分与链路模式配置

  • SW1

    • PC1 接口(Access,VLAN 2):

      bash 复制代码
      int g0/0/1 
      port link-type access 
      port default vlan 2
    • PC2 接口(Hybrid,PVID VLAN 3,放通 VLAN 3~6 无标签):

      bash 复制代码
      int g0/0/2 
      port link-type hybrid 
      port hybrid untagged vlan 3 to 6 
      port hybrid pvid vlan 3
  • SW2

    • PC3 接口(Access,VLAN 2):

      bash 复制代码
      int g0/0/1
      port link-type access 
      port default vlan 2
    • PC4 接口(Hybrid,PVID VLAN 4,放通 VLAN 3~6 无标签):

      bash 复制代码
      int g0/0/2 
      port hybrid untagged vlan 3 to 6 
      port hybrid pvid vlan 4
  • SW3

    • PC5 接口(Hybrid,PVID VLAN 5,放通 VLAN 3~5 无标签):

      bash 复制代码
      int g0/0/1
      port hybrid untagged vlan 3 to 5 
      port hybrid pvid vlan 5
    • PC6 接口(Hybrid,PVID VLAN 6,放通 VLAN 3、4、6 无标签):

      bash 复制代码
      int g0/0/2 
      port hybrid untagged vlan 3 4 6 
      port hybrid pvid vlan 6

3. 交换机间 Trunk 链路配置

确保 VLAN 2~6 均可通过:

bash 复制代码
[SW1] 
int g0/0/3 
port link-type trunk 
port trunk allow-pass vlan 2 to 6 
[SW2] 
int g0/0/3 
port link-type trunk 
port trunk allow-pass vlan 2 to 6 
int g0/0/4 
port link-type trunk 
port trunk allow-pass vlan 2 to 6 
[SW3] 
int g0/0/3 
port link-type trunk 
port trunk allow-pass vlan 2 to 6

SW1 与路由器连接的接口为 Hybrid 模式,VLAN 2 打标签,其余 VLAN 无标签:

bash 复制代码
int g0/0/4 
port hybrid tagged vlan 2 
port hybrid untagged vlan 3 to 6

4. 路由器子接口配置(VLAN 间路由)

  • VLAN 2 使用子接口(打标签),其余 VLAN 使用物理接口(无标签):
bash 复制代码
int g0/0/0 
ip address 192.168.1.1 24 
int g0/0/0.1 
ip address 192.168.2.1 24 
dot1q termination vid 2 
arp broadcast enable

5. DHCP 配置

  • 为 VLAN 3~6 配置地址池:
bash 复制代码
dhcp enable 
ip pool aa 
network 192.168.1.0 mask 24 
gateway-list 192.168.1.1 dns-list 114.114.114.114 8.8.8.8
  • 为 VLAN 2 配置地址池:
bash 复制代码
ip pool bb 
network 192.168.2.0 mask 24 
gateway-list 192.168.2.1 dns-list 114.114.114.114 8.8.8.8
  • 接口绑定 DHCP 全局池:
bash 复制代码
int g0/0/0 
dhcp select global 
int g0/0/0.1 
dhcp select global

实验验证

  • PC2 可与 PC4、PC5、PC6 通信。

  • PC4 可访问 PC6;PC5 无法访问 PC6。

  • PC1、PC3 可与 PC2、PC4、PC5、PC6 正常通信

bash 复制代码
PC2> ping 192.168.1.4

Pinging 192.168.1.4 with 32 bytes of data:

Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.4:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC2> ping 192.168.1.5

Pinging 192.168.1.5 with 32 bytes of data:

Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.5:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC2> ping 192.168.1.6

Pinging 192.168.1.6 with 32 bytes of data:

Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.6:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC4> ping 192.168.1.6

Pinging 192.168.1.6 with 32 bytes of data:

Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.6:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC5> ping 192.168.1.6

Pinging 192.168.1.6 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.6:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
bash 复制代码
PC1> ping 192.168.1.4

Pinging 192.168.1.4 with 32 bytes of data:

Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128
Reply from 192.168.1.4: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.4:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC1> ping 192.168.1.5
Pinging 192.168.1.5 with 32 bytes of data:

Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.5:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
bash 复制代码
PC1> ping 192.168.1.6
Pinging 192.168.1.6 with 32 bytes of data:

Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128
Reply from 192.168.1.6: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.6:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
相关推荐
鸠摩智首席音效师9 小时前
如何在 Apache 中启用 HSTS 以增强网络安全性 ?
网络·apache
alex1009 小时前
Context Compliance Attack:大模型安全的新兴威胁与防御策略
网络·安全·web安全
追逐梦想的小孩13 小时前
从零开始学华为:Console口连接设备
网络·华为·交换机
Boilermaker199214 小时前
【Java】网络编程(5)
网络
lpfasd12315 小时前
SSL证书有效期缩短至200天的影响
网络·网络协议·ssl
艾菜籽16 小时前
网络原理-HTTP
网络·网络协议·http
new_daimond16 小时前
微服务-Nacos 技术详解
网络·微服务·架构
zzz.1019 小时前
Calico 网络插件在 K8s 集群的作用
网络·云原生·kubernetes
运维行者_19 小时前
OpManager 与 iOS 26:开启 IT 运维新时代
运维·网络·网络协议·网络安全·ios·iphone·告警
云境天合知识分享19 小时前
能见度监测站的优点是什么
网络