VLAN间路由实验

23 May 2019 13723字 46分
CC BY 4.0 （除特别声明或转载文章外）
如果这篇博客帮助到你，可以请我喝一杯咖啡~

实验题目

VLAN 间路由实验

实验目的

掌握 VLAN 间静态路由的配置和使用方法，熟悉三层交换机的配置方法。

注意事项

一开始要重启电脑和路由器交换机(#reload)
参与 ping 的实验网网卡如果要设置默认网关，则需要删除校园网的默认网关
注意关闭 windows 防火墙。
如果连不上路由器交换机，要查看前面的 console 线是否接好或者进行清理线头(见 00、实验基本操作)

实验命令

交换机配置 VLAN

     (config)#vlan 3 				!建立VLAN 3
     (config)#interface f0/2
     (config-if)#switchport access vlan 3	！把接口f0/2配置为vlan3主机接口
     (config)#interface f0/4
     (config-if)#switchport mode trunk	     ！把接口f0/4配置为主干接口

路由器配置子接口

    (config)#interface f0/2
        (config-if)#no ip address   			!删除F0/2已配置的IP地址
        (config-if)#exit
        (config)#interface f0/2.30            !定义子接口f0/2.30
    (config-if)#encapsulation dot1q 30    !用802.1Q标准封装成VLAN帧(VLAN ID为30)
    (config-if)#ip address 192.168.30.23 255.255.255.0   !配置子接口的IP地址

        (config)#interface f0/2.40         		!定义子接口f0/2.40

配置虚接口

  (config)#int vlan 40							  	 ！进入虚接口模式
        (config-vlan)#ip address 192.168.30.1 255.255.255.0       ！配置vlan40的IP地址

显示信息

     #show interface [f0/1]       ! 显示所有接口(或接口f0/1)的详细信息
         #show ip interface [f0/1]    ! 显示所有接口(或接口f0/1)的简略信息
                                      ! f0/1 is up(物理层正确，即接线正确)，line protocol is
                                        up(数据链路层正确，有类似KeepAlive信号)
         #show ip interface brief     ! 显示所有接口的简略信息
         #show ip route               ! 显示路由表
         #show vlan                   ! 显示所有VLAN接口
         #show running-config         ! 显示当前配置文件

实验任务

完成下图「多臂路由实验」(通过路由器的多个以太网接口实现二层交换机的 VLAN 间路由), 要求所有主机之间可以相互 ping 通。配置路由器之前 PC1 尝试 ping 其它 PC，截屏，配置路由器后再用 PC1 尝试 ping 其它主机，截屏。注意：PC 要配置默认网关

1a、配置路由器的接口 IP 地址之前显示 Router1 的路由表并截屏，PC1 Ping 其它 PC 并截屏(ping -n 1 IP 地址)

1b、配置路由器的接口之后显示 Router1 的路由表并截屏，PC1 Ping 其它 PC 并截屏

1c、写出 PC3 ping PC4 经过的设备写法举例：PC1->Switch1->Router1->Switch1->PC2

PC3->Switch2->Switch1->Rounter1->Switch1->Switch2->PC4

1d、把以下内容存入文件 step1.txt:(A)显示 Switch1 的 VLAN； (B) 显示 Switch1 的配置；(C)显示 Switch2 的 VLAN；(D) Switch2 的配置; (E)显示 Router1 的路由表；(F) 显示 Router1 的接口（简略）；(G) 显示 Router1 的配置]

Switch 1 show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------------
   1 VLAN0001                         STATIC    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/11, Gi0/12, Gi0/13
                                                Gi0/14, Gi0/15, Gi0/16, Gi0/17
                                                Gi0/18, Gi0/19, Gi0/21, Gi0/22
                                                Gi0/25, Gi0/26, Gi0/27, Gi0/28
  10 VLAN0010                         STATIC    Gi0/6, Gi0/10, Gi0/23
  20 VLAN0020                         STATIC    Gi0/6, Gi0/20, Gi0/24



Switch 1 show running-config

Building configuration...
Current configuration : 1470 bytes

!
version RGOS 10.4(2b12)p2 Release(180357)(Mon Dec  1 17:42:40 CST 2014 -ngcf64)
hostname 19-S5750-1
!
!
!
!
!
!
!
nfpp
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
!
!
!
!
!
!
!
interface GigabitEthernet 0/1
!
interface GigabitEthernet 0/2
!
interface GigabitEthernet 0/3
!
interface GigabitEthernet 0/4
!
interface GigabitEthernet 0/5
!
interface GigabitEthernet 0/6
 switchport mode trunk
!
interface GigabitEthernet 0/7
!
interface GigabitEthernet 0/8
!
interface GigabitEthernet 0/9
!
interface GigabitEthernet 0/10
 switchport access vlan 10
!
interface GigabitEthernet 0/11
!
interface GigabitEthernet 0/12
!
interface GigabitEthernet 0/13
!
interface GigabitEthernet 0/14
!
interface GigabitEthernet 0/15
!
interface GigabitEthernet 0/16
!
interface GigabitEthernet 0/17
!
interface GigabitEthernet 0/18
!
interface GigabitEthernet 0/19
!
interface GigabitEthernet 0/20
 switchport access vlan 20
!
interface GigabitEthernet 0/21
!
interface GigabitEthernet 0/22
!
interface GigabitEthernet 0/23
 switchport access vlan 10
!
interface GigabitEthernet 0/24
 switchport access vlan 20
!
interface GigabitEthernet 0/25
!
interface GigabitEthernet 0/26
!
interface GigabitEthernet 0/27
!
interface GigabitEthernet 0/28
!
interface VLAN 10
 no ip proxy-arp
!
!
!
!
!
!
!
!
!
!
!
line con 0
line vty 0 4
 login
 password b402
!
!
end




VLAN2

VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------------
   1 VLAN0001                         STATIC    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/11, Gi0/12, Gi0/13
                                                Gi0/14, Gi0/15, Gi0/16, Gi0/17
                                                Gi0/18, Gi0/19, Gi0/21, Gi0/22
                                                Gi0/23, Gi0/24, Gi0/25, Gi0/26
                                                Gi0/27, Gi0/28
  10 VLAN0010                         STATIC    Gi0/6, Gi0/10
  20 VLAN0020                         STATIC    Gi0/6, Gi0/20

Building configuration...
Current configuration : 1374 bytes

!
version RGOS 10.4(2b12)p2 Release(180357)(Mon Dec  1 17:42:40 CST 2014 -ngcf64)
hostname 19-S5750-2
!
!
!
!
!
!
!
nfpp
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
!
!
!
!
!
!
!
interface GigabitEthernet 0/1
!
interface GigabitEthernet 0/2
!
interface GigabitEthernet 0/3
!
interface GigabitEthernet 0/4
!
interface GigabitEthernet 0/5
!
interface GigabitEthernet 0/6
 switchport mode trunk
!
interface GigabitEthernet 0/7
!
interface GigabitEthernet 0/8
!
interface GigabitEthernet 0/9
!
interface GigabitEthernet 0/10
 switchport access vlan 10
!
interface GigabitEthernet 0/11
!
interface GigabitEthernet 0/12
!
interface GigabitEthernet 0/13
!
interface GigabitEthernet 0/14
!
interface GigabitEthernet 0/15
!
interface GigabitEthernet 0/16
!
interface GigabitEthernet 0/17
!
interface GigabitEthernet 0/18
!
interface GigabitEthernet 0/19
!
interface GigabitEthernet 0/20
 switchport access vlan 20
!
interface GigabitEthernet 0/21
!
interface GigabitEthernet 0/22
!
interface GigabitEthernet 0/23
!
interface GigabitEthernet 0/24
!
interface GigabitEthernet 0/25
!
interface GigabitEthernet 0/26
!
interface GigabitEthernet 0/27
!
interface GigabitEthernet 0/28
!
!
!
!
!
!
!
!
!
!
!
line con 0
line vty 0 4
 login
 password b402
!
!
end





router1 show ip route
Codes:  C - connected, S - static, R - RIP, B - BGP
        O - OSPF, IA - OSPF inter area
        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
        E1 - OSPF external type 1, E2 - OSPF external type 2
        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
        ia - IS-IS inter area, * - candidate default

Gateway of last resort is no set
C    192.168.10.0/24 is directly connected, GigabitEthernet 0/0
C    192.168.10.254/32 is local host.
C    192.168.20.0/24 is directly connected, GigabitEthernet 0/1
C    192.168.20.254/32 is local host.

Router1 show ip interface brief
Interface                        IP-Address(Pri)      IP-Address(Sec)      Status                 Protocol
Serial 2/0                       no address           no address           up                     down
Serial 3/0                       no address           no address           down                   down
GigabitEthernet 0/0              192.168.10.254/24    no address           up                     up
GigabitEthernet 0/1              192.168.20.254/24    no address           up                     up
VLAN 1                           no address           no address           up                     down


Router1 show ip running-config
Building configuration...
Current configuration : 1853 bytes

!
version RGOS 10.4(3b23) Release(176514)(Mon Jul 28 18:19:31 CST 2014 -ngcf62)
webmaster level 0 username admin password 7 073f07221c1c
!
!
!
!
!
!
diffserv domain default
!
!
!
!
cwmp
!
!
!
!
!
!
vlan 1
!
!
no service password-encryption
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
control-plane
!
control-plane protocol
 no acpp
!
control-plane manage
 no port-filter
 no arp-car
 no acpp
!
control-plane data
 no glean-car
 no acpp
!
!
!
!
enable service web-server http
enable service web-server https
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Serial 2/0
 encapsulation HDLC
!
interface Serial 3/0
 encapsulation HDLC
 clock rate 64000
!
interface FastEthernet 1/0
!
interface FastEthernet 1/1
!
interface FastEthernet 1/2
!
interface FastEthernet 1/3
!
interface FastEthernet 1/4
!
interface FastEthernet 1/5
!
interface FastEthernet 1/6
!
interface FastEthernet 1/7
!
interface FastEthernet 1/8
!
interface FastEthernet 1/9
!
interface FastEthernet 1/10
!
interface FastEthernet 1/11
!
interface FastEthernet 1/12
!
interface FastEthernet 1/13
!
interface FastEthernet 1/14
!
interface FastEthernet 1/15
!
interface FastEthernet 1/16
!
interface FastEthernet 1/17
!
interface FastEthernet 1/18
!
interface FastEthernet 1/19
!
interface FastEthernet 1/20
!
interface FastEthernet 1/21
!
interface FastEthernet 1/22
!
interface FastEthernet 1/23
!
interface GigabitEthernet 0/0
 ip address 192.168.10.254 255.255.255.0
 duplex auto
 speed auto
!
interface GigabitEthernet 0/1
 ip address 192.168.20.254 255.255.255.0
 duplex auto
 speed auto
!
interface VLAN 1
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ref parameter 75 140
line con 0
line aux 0
line vty 0 4
 login
!
!
End

参照上面的[实验命令]的子接口命令或实验书「3.4 单臂路由」(通过路由器的单个以太网接口实现二层交换机的 VLAN 间路由)完成下图实验。要求所有主机之间可以相互 ping 通

2a、PC2 Ping 其它 PC 后截屏

2b、显示 Router1 的路由表]

2c、把以下内容存入文件 step2.txt:(1)显示 Switch1 的 VLAN；(2) 显示 Switch1 的配置；(3)显示 Router1 的路由表；(4) 显示 Router1 的接口(简略)；(5) 显示 Router1 的配置]

Switch1 show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------------
   1 VLAN0001                         STATIC    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/11, Gi0/12, Gi0/13
                                                Gi0/14, Gi0/15, Gi0/16, Gi0/17
                                                Gi0/18, Gi0/19, Gi0/21, Gi0/22
                                                Gi0/23, Gi0/24, Gi0/25, Gi0/26
                                                Gi0/27, Gi0/28
  10 VLAN0010                         STATIC    Gi0/6, Gi0/10, Gi0/24
  20 VLAN0020                         STATIC    Gi0/6, Gi0/20, Gi0/24

Switch1 show runnin-config
Building configuration...
Current configuration : 1438 bytes

!
version RGOS 10.4(2b12)p2 Release(180357)(Mon Dec  1 17:42:40 CST 2014 -ngcf64)
hostname 19-S5750-1
!
!
!
!
!
!
!
nfpp
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
!
!
!
!
!
!
!
interface GigabitEthernet 0/1
!
interface GigabitEthernet 0/2
!
interface GigabitEthernet 0/3
!
interface GigabitEthernet 0/4
!
interface GigabitEthernet 0/5
!
interface GigabitEthernet 0/6
 switchport mode trunk
!
interface GigabitEthernet 0/7
!
interface GigabitEthernet 0/8
!
interface GigabitEthernet 0/9
!
interface GigabitEthernet 0/10
 switchport access vlan 10
!
interface GigabitEthernet 0/11
!
interface GigabitEthernet 0/12
!
interface GigabitEthernet 0/13
!
interface GigabitEthernet 0/14
!
interface GigabitEthernet 0/15
!
interface GigabitEthernet 0/16
!
interface GigabitEthernet 0/17
!
interface GigabitEthernet 0/18
!
interface GigabitEthernet 0/19
!
interface GigabitEthernet 0/20
 switchport access vlan 20
!
interface GigabitEthernet 0/21
!
interface GigabitEthernet 0/22
!
interface GigabitEthernet 0/23
!
interface GigabitEthernet 0/24
 switchport mode trunk
!
interface GigabitEthernet 0/25
!
interface GigabitEthernet 0/26
!
interface GigabitEthernet 0/27
!
interface GigabitEthernet 0/28
!
interface VLAN 10
 no ip proxy-arp
!
!
!
!
!
!
!
!
!
!
!
line con 0
line vty 0 4
 login
 password b402
!
!
end

router1 show ip route
Codes:  C - connected, S - static, R - RIP, B - BGP
        O - OSPF, IA - OSPF inter area
        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
        E1 - OSPF external type 1, E2 - OSPF external type 2
        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
        ia - IS-IS inter area, * - candidate default

Gateway of last resort is no set
C    192.168.10.0/24 is directly connected, GigabitEthernet 0/0.10
C    192.168.10.254/32 is local host.
C    192.168.20.0/24 is directly connected, GigabitEthernet 0/0.20
C    192.168.20.254/32 is local host.

Router1 show ip interface brief
Interface                        IP-Address(Pri)      IP-Address(Sec)      Status                 Protocol
Serial 2/0                       no address           no address           up                     down
Serial 3/0                       no address           no address           down                   down
GigabitEthernet 0/0.20           192.168.20.254/24    no address           up                     up
GigabitEthernet 0/0.10           192.168.10.254/24    no address           up                     up
GigabitEthernet 0/0              no address           no address           up                     down
GigabitEthernet 0/1              no address           no address           down                   down
VLAN 1                           no address           no address           up                     down

Router1 show running-config
Building configuration...
Current configuration : 1977 bytes

!
version RGOS 10.4(3b23) Release(176514)(Mon Jul 28 18:19:31 CST 2014 -ngcf62)
webmaster level 0 username admin password 7 073f07221c1c
!
!
!
!
!
!
diffserv domain default
!
!
!
!
cwmp
!
!
!
!
!
!
vlan 1
!
!
no service password-encryption
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
control-plane
!
control-plane protocol
 no acpp
!
control-plane manage
 no port-filter
 no arp-car
 no acpp
!
control-plane data
 no glean-car
 no acpp
!
!
!
!
enable service web-server http
enable service web-server https
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Serial 2/0
 encapsulation HDLC
!
interface Serial 3/0
 encapsulation HDLC
 clock rate 64000
!
interface FastEthernet 1/0
!
interface FastEthernet 1/1
!
interface FastEthernet 1/2
!
interface FastEthernet 1/3
!
interface FastEthernet 1/4
!
interface FastEthernet 1/5
!
interface FastEthernet 1/6
!
interface FastEthernet 1/7
!
interface FastEthernet 1/8
!
interface FastEthernet 1/9
!
interface FastEthernet 1/10
!
interface FastEthernet 1/11
!
interface FastEthernet 1/12
!
interface FastEthernet 1/13
!
interface FastEthernet 1/14
!
interface FastEthernet 1/15
!
interface FastEthernet 1/16
!
interface FastEthernet 1/17
!
interface FastEthernet 1/18
!
interface FastEthernet 1/19
!
interface FastEthernet 1/20
!
interface FastEthernet 1/21
!
interface FastEthernet 1/22
!
interface FastEthernet 1/23
!
interface GigabitEthernet 0/0
 duplex auto
 speed auto
!
interface GigabitEthernet 0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.254 255.255.255.0
!
interface GigabitEthernet 0/0.20
 encapsulation dot1Q 20
 ip address 192.168.20.254 255.255.255.0
!
interface GigabitEthernet 0/1
 duplex auto
 speed auto
!
interface VLAN 1
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ref parameter 75 140
line con 0
line aux 0
line vty 0 4
 login
!
!
End

按照下图进行连接, 参照上面[实验命令]的配置虚接口命令或者实验书「实验 3.3、通过三层交换机实现 VLAN 间路由」(直接通过交换机的第三层功能实现交换机的 VLAN 间路由)或在 Switch1 上配置 VLAN10 和 VLAN20 的虚接口,要求所有主机之间可以相互 ping 通

3a、PC1 Ping 其它 PC 后截屏

3b、显示 Switch1 的路由表

3c、把以下内容存入文件 step3.txt:(1)显示 Switch1 的 VLAN；(2) 显示 Switch1 的配置；(3)显示 Switch1 的路由表；(4) 显示 Switch1 的接口(简略)]

Switch1 Show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -----------------------------------
   1 VLAN0001                         STATIC    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/11, Gi0/12, Gi0/13
                                                Gi0/14, Gi0/15, Gi0/16, Gi0/17
                                                Gi0/18, Gi0/19, Gi0/21, Gi0/22
                                                Gi0/23, Gi0/24, Gi0/25, Gi0/26
                                                Gi0/27, Gi0/28
  10 VLAN0010                         STATIC    Gi0/6, Gi0/10
  20 VLAN0020                         STATIC    Gi0/6, Gi0/20

Switch1 show running-config
Building configuration...
Current configuration : 1538 bytes

!
version RGOS 10.4(2b12)p2 Release(180357)(Mon Dec  1 17:42:40 CST 2014 -ngcf64)
hostname 19-S5750-1
!
!
!
!
!
!
!
nfpp
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
!
!
!
!
!
!
!
interface GigabitEthernet 0/1
!
interface GigabitEthernet 0/2
!
interface GigabitEthernet 0/3
!
interface GigabitEthernet 0/4
!
interface GigabitEthernet 0/5
!
interface GigabitEthernet 0/6
 switchport mode trunk
!
interface GigabitEthernet 0/7
!
interface GigabitEthernet 0/8
!
interface GigabitEthernet 0/9
!
interface GigabitEthernet 0/10
 switchport access vlan 10
!
interface GigabitEthernet 0/11
!
interface GigabitEthernet 0/12
!
interface GigabitEthernet 0/13
!
interface GigabitEthernet 0/14
!
interface GigabitEthernet 0/15
!
interface GigabitEthernet 0/16
!
interface GigabitEthernet 0/17
!
interface GigabitEthernet 0/18
!
interface GigabitEthernet 0/19
!
interface GigabitEthernet 0/20
 switchport access vlan 20
!
interface GigabitEthernet 0/21
!
interface GigabitEthernet 0/22
!
interface GigabitEthernet 0/23
!
interface GigabitEthernet 0/24
!
interface GigabitEthernet 0/25
!
interface GigabitEthernet 0/26
!
interface GigabitEthernet 0/27
!
interface GigabitEthernet 0/28
!
interface VLAN 10
 no ip proxy-arp
 ip address 192.168.10.254 255.255.255.0
!
interface VLAN 20
 no ip proxy-arp
 ip address 192.168.20.254 255.255.255.0
!
!
!
!
!
!
!
!
!
!
!
line con 0
line vty 0 4
 login
 password b402
!
!
End

Switch1 show ip route
Codes:  C - connected, S - static, R - RIP, B - BGP
        O - OSPF, IA - OSPF inter area
        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
        E1 - OSPF external type 1, E2 - OSPF external type 2
        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
        ia - IS-IS inter area, * - candidate default

Gateway of last resort is no set
C    192.168.10.0/24 is directly connected, VLAN 10
C    192.168.10.254/32 is local host.
C    192.168.20.0/24 is directly connected, VLAN 20
C    192.168.20.254/32 is local host.

Switch1 show ip interface brief
Interface                        IP-Address(Pri)      OK?       Status
VLAN 10                          192.168.10.254/24    YES       UP
VLAN 20                          192.168.20.254/24    YES       UP

实验问题

	优点	缺点
多臂路由	可以在一定程度上保证大量数据的流通	所需线路多，占用接口多
单臂路由	可以适应各种 VLAN,如在本题中再添加 VLAN 30，不需要对 trunk 重新配置	不具有扩展性，若流经路由器与交换机之间链路的流量很大，这条链路就会阻塞
虚接口	利用三层交换机实现了路由器与二层交换机相连的功能	由于在数据中的传输类似单臂路由，同样也不具有扩展性

实验体会

实验过程遇到挺多问题，在最开始几台 PC 配置默认网关遇到了问题，在之后还有路由器端口上还遇到 VLAN10 重命名的玄学问题，消耗了挺多时间，而且重启 reload 均没有效果，最终向老师求助。

本次实验里面比较了三种 VLAN 间路由的实现方法，是在之前的理论课上完全思考过的问题，理论课上讲到 VLAN 这一部分知识点的时候只记下了 VLAN 划分网络的作用，被划开的网络之间怎样通讯的问题还有多种解决方案，总的来说，还是加深了我对网络间路由的理解。