实验拓扑
实验需求:
vlan10可以和vlan20、vlan30、vlan40分别通信,
但其他vlan之间不可通信;
实验规划:
CLIENT1属于vlan10、CLIENT2属于vlan20、
CLIENT3属于vlan30、CLIENT4属于vlan40;
注:hybrid vlan即可作访问口也可作中继口;
实验步骤:
1、配制IP
为客户机配
为AR1配
<Huawei>system-view
[Huawei]sysname AR1
[AR1]interface g0/0/2
[AR1-GigabitEthernet0/0/2]ip address 192.168.1.1 24
[AR1-GigabitEthernet0/0/2]undo shutdown
2、划分VLAN
<Huawei> system view
[Huawei]sysname SW1
[SW1]vlan 10
[SW1-vlan10]vlan 20
[SW1-vlan20]vlan 30
[SW1-vlan30]vlan 40
[SW1-vlan40]quit
<Huawei>system-view
[Huawei]sysname SW2
[SW2]vlan 10
[SW2-vlan10]vlan 20
[SW2-vlan20]vlan 30
[SW2-vlan30]vlan 40
[SW2-vlan40]quit
3、配置SW1
<Huawei> system view
[SW1]vlan 10
[SW1]interface e0/0/1
[SW1-Ethernet0/0/1]port hybrid pvid vlan 10 //设置接口e0/0/1的缺省VLAN ID
[SW1-Ethernet0/0/1]port hybrid untagged vlan 10 //VLAN10的帧以Untagged(脱掉标签)方式从接口发送出去
[Huawei-Ethernet0/0/1]quit
[SW1]vlan 20
[SW1]interface e0/0/2
[SW1-Ethernet0/0/2]port hybrid pvid vlan 20
[Huawei-Ethernet0/0/2]port hybrid untagged vlan 20
[Huawei-Ethernet0/0/2]quit
4、配置SW2
[Huawei]interface e0/0/3
[Huawei-Ethernet0/0/3]port hybrid pvid vlan 30
[Huawei-Ethernet0/0/3]port hybrid untagged vlan 30
[Huawei-Ethernet0/0/3]quit
[Huawei]interface e0/0/4
[Huawei-Ethernet0/0/4]port hybrid pvid vlan 40
[Huawei-Ethernet0/0/4]port hybrid untagged vlan 40
[Huawei-Ethernet0/0/4]quit
确定不同VLAN 之间不能通信
以下实现VLAN10和VLAN20之间的互访
5、配置SW1
[SW1]interface e0/0/1
[SW1-Ethernet0/0/1]port hybrid untagged vlan 20
[SW1-Ethernet0/0/1]quit
[SW1]interface e0/0/2
[SW1-Ethernet0/0/2]port hybrid untagged vlan 10
[SW1-Ethernet0/0/2]quit
验证PC1与PC2之间通信:
以下实现VLAN10与VLAN30和VLAN40之间互访
6、配置SW1开中继口
[SW1]interface g0/0/1
[SW1-GigabitEthernet0/0/1]port hybrid tagged vlan 10 //允许VLAN10带标签通过接口g0/0/1
[SW1-GigabitEthernet0/0/1]port hybrid tagged vlan 30
[SW1-GigabitEthernet0/0/1]port hybrid tagged vlan 40
[SW1-GigabitEthernet0/0/1]quit
[SW1]interface g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type trunk
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all//允许所有VLAN通过接口g0/0/2
[SW1-GigabitEthernet0/0/2]quit
7、配置SW2开中继口
[SW2]interface g0/0/1
[SW2-GigabitEthernet0/0/1]port hybrid tagged vlan 10
[SW2-GigabitEthernet0/0/1]port hybrid tagged vlan 30
[SW2-GigabitEthernet0/0/1]port hybrid tagged vlan 40
[SW2-GigabitEthernet0/0/1]quit
8、配置SW1
[SW1]interface e0/0/1
[SW1-Ethernet0/0/1]port hybrid untagged vlan 30
[SW1-Ethernet0/0/1]port hybrid untagged vlan 40
[SW1-Ethernet0/0/1]quit
9、配置SW2
[SW2]interface e0/0/3
[SW2-Ethernet0/0/3]port hybrid untagged vlan 10 //VLAN10通过该接口时脱掉标签
[SW2-Ethernet0/0/3]quit
[SW2]interface e0/0/4
[SW2-Ethernet0/0/4]port hybrid untagged vlan 10
[SW2-Ethernet0/0/4]quit
验证VLAN10与VLAN30通信
验证VLAN10与VLAN40通信
验证VLAN20与VLAN30不能通信
验证VLAN30与VLAN40不能通信
注:
1)二层网络中不同VLAN之间通信,并且不利用单臂路由来VLAN转换,必须脱掉VLAN标签(tag)不然不识别;
2)Hybrid VLAN 即可以做访问口也可做终继口;
3)Display cu 查看配置的全部命令
end