两种常见的Vlan间通信的方式
【摘要】
目录
一:三层交换机方式
二:单臂路由方式
一:三层交换机方式
如图,PC1和PC2是企业内网的主机,属于不同的部门,故属于不同的VLAN。在交换机上配置vlan 10和vlan 20,并且配上主机的网关。交换机与路由器相邻的接口配置上Vlan30,配置上和路由器接口同一网段的ip。...
目录
一:三层交换机方式
如图,PC1和PC2是企业内网的主机,属于不同的部门,故属于不同的VLAN。在交换机上配置vlan 10和vlan 20,并且配上主机的网关。交换机与路由器相邻的接口配置上Vlan30,配置上和路由器接口同一网段的ip。在交换机上配置默认路由指向路由器。AR1是边界路由器,AR1上配置静态路由去往192.168.10.0网段和192.168.20.0网段。AR1还配了默认路由指向AR2。AR1与AR2通过OSPF路由。主机通过NAT方式以边界路由公网地址访问外网,故在边界路由AR1上配置PAT(端口多路复用)。以下是各设备的配置。
PC1
-
PC1>ipconfig
-
-
IPv4 address......................: 192.168.10.10
-
Subnet mask.......................: 255.255.255.0
-
Gateway...........................: 192.168.10.254
-
Physical address..................: 54-89-98-20-70-11
-
Vlan..............................: 10
PC2
-
PC2>ipconfig
-
-
IPv4 address......................: 192.168.20.10
-
Subnet mask.......................: 255.255.255.0
-
Gateway...........................: 192.168.20.254
-
Physical address..................: 54-89-98-0C-28-2D
-
Vlan..............................: 20
LSW1
-
[SW1]display current-configuration
-
#
-
vlan batch 10 20 30
-
#
-
interface Vlanif10
-
ip address 192.168.10.254 255.255.255.0
-
#
-
interface Vlanif20
-
ip address 192.168.20.254 255.255.255.0
-
#
-
interface Vlanif30
-
ip address 192.168.30.1 255.255.255.0
-
#
-
interface GigabitEthernet0/0/1
-
port link-type access
-
port default vlan 10
-
#
-
interface GigabitEthernet0/0/2
-
port link-type access
-
port default vlan 20
-
#
-
interface GigabitEthernet0/0/3
-
port link-type access
-
port default vlan 30
-
#
-
#
-
ip route-static 0.0.0.0 0.0.0.0 192.168.30.2
-
#
AR1
-
[AR1]display current-configuration
-
#
-
acl number 2000
-
rule 5 permit source 192.168.10.0 0.0.0.255
-
rule 10 permit source 192.168.20.0 0.0.0.255
-
#
-
interface GigabitEthernet0/0/0
-
ip address 192.168.30.2 255.255.255.0
-
#
-
interface GigabitEthernet0/0/1
-
ip address 12.1.1.1 255.255.255.0
-
nat outbound 2000
-
#
-
ospf 100 router-id 11.1.1.1
-
area 0.0.0.0
-
network 12.1.1.1 0.0.0.0
-
network 192.168.30.2 0.0.0.0
-
#
-
ip route-static 192.168.10.0 255.255.255.0 192.168.30.1
-
ip route-static 192.168.20.0 255.255.255.0 192.168.30.1
-
#
AR2
-
[AR2]display current-configuration
-
#
-
interface GigabitEthernet0/0/0
-
ip address 12.1.1.2 255.255.255.0
-
#
-
interface LoopBack0
-
ip address 22.2.2.2 255.255.255.255
-
#
-
ospf 100 router-id 22.2.2.2
-
area 0.0.0.0
-
network 12.1.1.2 0.0.0.0
-
network 22.2.2.2 0.0.0.0
-
#
二:单臂路由方式
如图,PC1和PC2是企业内网的主机,属于不同的部门,故属于不同的VLAN。他们之间通过路由器AR1单臂路由通信。他们通过路由器AR1的g0/0/1口以PAT(端口多路复用)方式与外界通信。AR1和AR2之间运行OSPF协议,AR1配置了指向AR2的默认路由。以下是各设备的配置
PC1
-
PC1>ipconfig
-
-
IPv4 address......................: 192.168.10.10
-
Subnet mask.......................: 255.255.255.0
-
Gateway...........................: 192.168.10.254
-
Physical address..................: 54-89-98-20-70-11
-
Vlan..............................: 10
PC2
-
PC2>ipconfig
-
-
IPv4 address......................: 192.168.20.10
-
Subnet mask.......................: 255.255.255.0
-
Gateway...........................: 192.168.20.254
-
Physical address..................: 54-89-98-0C-28-2D
-
Vlan..............................: 20
SW1
-
[SW1]display current-configuration
-
#
-
vlan batch 10 20
-
#
-
#
-
interface GigabitEthernet0/0/1
-
port link-type access
-
port default vlan 10
-
#
-
interface GigabitEthernet0/0/2
-
port link-type access
-
port default vlan 20
-
#
-
interface GigabitEthernet0/0/3
-
port link-type trunk
-
port trunk allow-pass vlan 10 20
-
#
AR1
-
[AR1]display current-configuration
-
#
-
acl number 2000
-
rule 5 permit source 192.168.10.0 0.0.0.255
-
rule 10 permit source 192.168.20.0 0.0.0.255
-
#
-
interface GigabitEthernet0/0/0.10
-
dot1q termination vid 10
-
ip address 192.168.10.254 255.255.255.0
-
arp broadcast enable
-
#
-
interface GigabitEthernet0/0/0.20
-
dot1q termination vid 20
-
ip address 192.168.20.254 255.255.255.0
-
arp broadcast enable
-
#
-
interface GigabitEthernet0/0/1
-
ip address 12.1.1.1 255.255.255.0
-
nat outbound 2000
-
#
-
ospf 100 router-id 11.1.1.1
-
area 0.0.0.0
-
network 12.1.1.1 0.0.0.0
-
#
AR2
-
[AR2]display current-configuration
-
#
-
interface GigabitEthernet0/0/0
-
ip address 12.1.1.2 255.255.255.0
-
#
-
interface LoopBack0
-
ip address 22.2.2.2 255.255.255.255
-
#
-
ospf 100 router-id 22.2.2.2
-
area 0.0.0.0
-
network 12.1.1.2 0.0.0.0
-
network 22.2.2.2 0.0.0.0
-
#
文章来源: xie1997.blog.csdn.net,作者:谢公子,版权归原作者所有,如需转载,请联系作者。
原文链接:xie1997.blog.csdn.net/article/details/81707654
【版权声明】本文为华为云社区用户转载文章,如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
- 点赞
- 收藏
- 关注作者
评论(0)