Advertisement

ENSP---VLAN间路由配置实验

阅读量:

目录

一、实验目标

二、实验拓扑

三、场景需求

四、基本配置

五、创建VLAN

六、配置子接口

七、配置网关

八、验证配置

九、配置文件

一、实验目标

  • 掌握在VLAN间路由的Trunk链路配置方法;
  • 掌握在单个物理接口上配置多个子接口的方法;
  • 掌握在VLAN间实现ARP通信的方法.

二、实验拓扑

三、场景需求

企业内部网络通常会通过划分不同的VLAN 来隔离不同部门之间的二层通信,并保证各部门间的信息安全。但是由于业务需要,部分部门之间需要实现跨VLAN通信, 网络管理员决定借助路由器,通过配置单臂路由实现R2与R3之间跨VLAN通信(三层通信)的需求。

四、基本配置

首先按照拓扑图上的IP地址划分,为R2和R3配置接口IP地址,并配置R2、R3、S1的设备名称:

R2:

复制代码 
 [Huawei]sys

    
 [Huawei]sysname R2
    
 [R2]interface g0/0/0
    
 [R2-GigabitEthernet0/0/0]ip address 10.0.4.1 24
    
 May 26 2022 21:17:13-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
    
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
    
 [R2-GigabitEthernet0/0/0]
    
 <R2>

R3:

复制代码 
 [Huawei]sys

    
 [Huawei]sysname R3	
    
 [R3]interface g0/0/0
    
 [R3-GigabitEthernet0/0/0]ip address 10.0.8.1 24
    
 May 26 2022 21:18:18-08:00 R3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
    
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
    
 [R3-GigabitEthernet0/0/0]q
    
 [R3]

S1:

复制代码 
 <Huawei>sys

    
 <Huawei>system-view 
    
 Enter system view, return user view with Ctrl+Z.
    
 [Huawei]sysname S1
    
 [S1]

五、创建VLAN

在S1上创建VLAN4和VLAN8,并将E0/0/1和E0/0/3口分别加入到VLAN4和VLAN8中:

S1:

复制代码 
 [S1]vlan batch 4 8

    
 Info: This operation may take a few seconds. Please wait for a moment...done.
    
 [S1]
    
 May 26 2022 21:24:34-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 5, the ch
    
 ange loop count is 0, and the maximum number of records is 4095.	
    
 [S1]interface e0/0/1
    
 [S1-Ethernet0/0/1]port link-type access 
    
 May 26 2022 21:25:14-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 6, the ch
    
 ange loop count is 0, and the maximum number of records is 4095.	
    
 [S1-Ethernet0/0/1]port default vlan 4
    
 [S1-Ethernet0/0/1]q
    
 [S1]interface e0/0/3
    
 May 26 2022 21:25:24-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 7, the ch
    
 ange loop count is 0, and the maximum number of records is 4095
    
 [S1-Ethernet0/0/3]port link-type access 
    
 May 26 2022 21:25:44-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 8, the ch
    
 ange loop count is 0, and the maximum number of records is 4095.8
    
 [S1-Ethernet0/0/3]port default vlan 8
    
 [S1-Ethernet0/0/3]q
    
 [S1]
    
 May 26 2022 21:25:54-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 9, the ch
    
 ange loop count is 0, and the maximum number of records is 4095.

将S1上连接R1的E0/0/2口配置为Trunk口,并允许VLAN4和VLAN8的报文通过:

S1:

复制代码 
 [S1]interface E0/0/2

    
 [S1-Ethernet0/0/2]port link-type trunk 
    
 May 26 2022 21:29:14-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 10, the c
    
 hange loop count is 0, and the maximum number of records is 4095.
    
 [S1-Ethernet0/0/2]port trunk allow-pass vlan 4 8
    
 May 26 2022 21:29:24-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
    
 191.3.1 configurations have been changed. The current change number is 11, the c
    
 hange loop count is 0, and the maximum number of records is 4095.
    
 [S1-Ethernet0/0/2]q
    
 [S1]

六、配置子接口

由于路由器只有一个实际的物理接口与交换机S1相连,而实际上不同部门属于不同VLAN 和不同网段,所以在路由器上配置不同的逻辑子接口来扮演不同的网关角色,在R1上配置子接口G0/0/1.1和G0/0/1.3使其分别作为VLAN4和VLAN8的网关:

在R1上配置VLAN的子接口,以实现VLAN间的通信:

R1:

复制代码 
 <Huawei>sys

    
 <Huawei>system-view 
    
 Enter system view, return user view with Ctrl+Z.
    
 [Huawei]interface g0/0/0.1
    
 [Huawei-GigabitEthernet0/0/1.1]ip address 10.0.4.254 24
    
 [Huawei-GigabitEthernet0/0/1.1]dot1q termination vid 4
    
 [Huawei-GigabitEthernet0/0/1.1]arp broadcast enable 
    
 [Huawei-GigabitEthernet0/0/1.1]q
    
 [Huawei]
    
 [Huawei]interface g0/0/0.2	
    
 [Huawei-GigabitEthernet0/0/1.3]ip address 10.0.8.254 24
    
 [Huawei-GigabitEthernet0/0/1.3]dot1q termination vid 8
    
 [Huawei-GigabitEthernet0/0/1.3]arp broadcast enable 
    
 [Huawei-GigabitEthernet0/0/1.3]q
    
 [Huawei]

七、配置网关

经过上面的操作, 已经基本实现了VLAN间的通信配置, 最后只需为R2和R3配置上第六步我们在R1上配置的两个网关就可以进行通信了, 由于这里是路由器,所以只需要配置一条指向网关的默认路由就可以了:

R2:

复制代码 
 [R2]ip route-static 0.0.0.0 0 10.0.4.254

    
 [R2]

R3:

复制代码 
 [R3]ip route-static 0.0.0.0 0 10.0.8.254

    
 [R3]

八、验证配置

最后来测试R2与R3是否实现了跨VLAN的通信:

在R2上执行PING命令:

R2:

九、配置文件

R1:

复制代码 
 [Huawei]display current-configuration

    
 [V200R003C00]
    
 #
    
  snmp-agent local-engineid 800007DB03000000000000
    
  snmp-agent 
    
 #
    
  clock timezone China-Standard-Time minus 08:00:00
    
 #
    
 portal local-server load portalpage.zip
    
 #
    
  drop illegal-mac alarm
    
 #
    
  set cpu-usage threshold 80 restore 75
    
 #
    
 aaa 
    
  authentication-scheme default
    
  authorization-scheme default
    
  accounting-scheme default
    
  domain default 
    
  domain default_admin 
    
  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    
  local-user admin service-type http
    
 #
    
 firewall zone Local
    
  priority 15
    
 #
    
 interface GigabitEthernet0/0/0
    
 #
    
 interface GigabitEthernet0/0/0.1
    
  dot1q termination vid 4
    
  ip address 10.0.4.254 255.255.255.0 
    
  arp broadcast enable
    
 #
    
 interface GigabitEthernet0/0/0.2
    
  dot1q termination vid 8
    
  ip address 10.0.8.254 255.255.255.0 
    
  arp broadcast enable
    
 #
    
 interface GigabitEthernet0/0/1
    
 #
    
 interface GigabitEthernet0/0/1.1
    
  dot1q termination vid 4
    
  arp broadcast enable
    
 #
    
 interface GigabitEthernet0/0/1.3
    
  dot1q termination vid 8
    
  arp broadcast enable
    
 #
    
 interface GigabitEthernet0/0/2
    
 #
    
 interface NULL0
    
 #
    
 user-interface con 0
    
  authentication-mode password
    
 user-interface vty 0 4
    
 user-interface vty 16 20
    
 #
    
 wlan ac
    
 #
    
 return
    
 [Huawei]

R2:

复制代码 
 <R2>display current-configuration

    
 [V200R003C00]
    
 #
    
  sysname R2
    
 #
    
  snmp-agent local-engineid 800007DB03000000000000
    
  snmp-agent 
    
 #
    
  clock timezone China-Standard-Time minus 08:00:00
    
 #
    
 portal local-server load portalpage.zip
    
 #
    
  drop illegal-mac alarm
    
 #
    
  set cpu-usage threshold 80 restore 75
    
 #
    
 aaa 
    
  authentication-scheme default
    
  authorization-scheme default
    
  accounting-scheme default
    
  domain default 
    
  domain default_admin 
    
  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    
  local-user admin service-type http
    
 #
    
 firewall zone Local
    
  priority 15
    
 #
    
 interface GigabitEthernet0/0/0
    
  ip address 10.0.4.1 255.255.255.0 
    
 #
    
 interface GigabitEthernet0/0/1
    
 #
    
 interface GigabitEthernet0/0/2
    
 #
    
 interface NULL0
    
 #
    
 ip route-static 0.0.0.0 0.0.0.0 10.0.4.254
    
 #
    
 user-interface con 0
    
  authentication-mode password
    
 user-interface vty 0 4
    
 user-interface vty 16 20
    
 #
    
 wlan ac
    
 #
    
 return
    
 <R2>

R3:

复制代码 
 <R3>display current-configuration

    
 [V200R003C00]
    
 #
    
  sysname R3
    
 #
    
  snmp-agent local-engineid 800007DB03000000000000
    
  snmp-agent 
    
 #
    
  clock timezone China-Standard-Time minus 08:00:00
    
 #
    
 portal local-server load portalpage.zip
    
 #
    
  drop illegal-mac alarm
    
 #
    
  set cpu-usage threshold 80 restore 75
    
 #
    
 aaa 
    
  authentication-scheme default
    
  authorization-scheme default
    
  accounting-scheme default
    
  domain default 
    
  domain default_admin 
    
  local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
    
  local-user admin service-type http
    
 #
    
 firewall zone Local
    
  priority 15
    
 #
    
 interface GigabitEthernet0/0/0
    
  ip address 10.0.8.1 255.255.255.0 
    
 #
    
 interface GigabitEthernet0/0/1
    
 #
    
 interface GigabitEthernet0/0/2
    
 #
    
 interface NULL0
    
 #
    
 ip route-static 0.0.0.0 0.0.0.0 10.0.8.254
    
 #
    
 user-interface con 0
    
  authentication-mode password
    
 user-interface vty 0 4
    
 user-interface vty 16 20
    
 #
    
 wlan ac
    
 #
    
 return
    
 <R3>

全部评论 (0)

还没有任何评论哟~

相关文章推荐

ENSP---VLAN间路由配置实验

目录 一、实验目标 二、实验拓扑 三、场景需求 四、基本配置 五、创建VLAN 六、配置子接口 七、配置网关 八、验证配置 九、配置文件 一、实验目标 掌握在VLAN间路由的Trunk链路配置方法; ...

华为ENSP配置VLAN间路由

华为ENSP配置VLAN间路由 一、多层交换机交换虚接口SVI配置 (一)将接口划入VLAN配置 1.创建配置SW1的VLAN10和VLAN20 2.同理,创建配置SW1的VLAN10和VLAN20 ...

ENSP---VLAN配置实验

目录 一、实验目标 二、实验拓扑 三、基本配置 四、创建VLAN 五、客户端配置IP地址 六、验证VLAN 七、配置Hybrid 八、配置文件 一、实验目标 掌握VLAN的创建方法; 掌握Trunk、...

VLAN间路由配置实战

一、VLAN间路由 1、VLAN隔离技术 1\.传统网络类型 传统网络有三种类型: LAN–LocalAreaNetwork局域网; MAN–城域网; WAN–WideAreaNetwork广域网in...

VLAN间路由的配置(一)普通VLAN间路由的配置

传统路由的配置: 一.设备的设置 1.设置拓扑如下并初始化设备 2.VLAN的基本配置 (1)在LSW1上把PC1所在的接口划入VLAN10 [SW1]vlan10 [SW1vlan10]quit [...

ensp 静态路由配置实验

目录 1.了解什么是静态路由 搭建拓扑图分配网络地址 2.对设备进行初始化配置 3.配置静态路由让PC之间相互通讯 4.测试PC之间的连通性 1.什么是静态路由 路由是路由器提供了在异构网络中的互连机...

eNSP静态路由配置实验

1、划分IP地址 首先由于R5有一个固定环回地址,R1R4都有两个环回接口,可以划分15个广播域,其中1个已经固定(5.5.5.0/24),14个需要手动设置;要基于192.168.1.0/24进行合...

静态路由配置实验(eNSP)

一、子网划分 主干:192.168.1.0/24 环回接口网段:R1192.168.1.32/27R2192.168.1.64/27 R3192.168.1.96/27R4192.168.1.128/...

(eNSP)策略路由实验配置

1.实验拓扑 2.基础配置 [SW2]discu sysnameSW2 vlanbatch1020 interfaceEthernet0/0/1 portlinktypeaccess portdefa...

配置SVI实现VLAN间路由

配置SVI实现VLAN间路由 网络拓扑图如图所示 1在三层交换机上配置两个vlan,vlan10与vlan20 2在三层交换机上将端口分别划分到各个VLAN上 3在三层交换机上给各个vlan配置ip地...