一、虚拟局域网VLAN
主要应用在交换机上,一台交换机默认情况下所有的接口都是属于同一个vlan的,默认vlan1,所以是在同一个广播中;
- 为什么使用VLAN?
1.划分广播域,不用广播域是不能够进行通信的,如果想要进行通信;这时候需要借助路由;
2.增强网络的安全;
3.简化网络的管理;
1.VLAN的种类:
- 静态vlan:
基于端口划分,需要管理去配置,创建vlan并将接口加入到vlan;
- 动态vlan:
基于MAC地址自动将同一类型的MAC地址加入到同一VLAN;
3.静态vlan:
vlan的范围(思科设备)如果是华为设备,会有所差异;
1.总共4096个vlan 0~4095;
2.0和4095保留;
3.默认vlan1;
4.以太网vlan2~1001;
5.扩展以太网vlan1025~4094;
- 配置静态vlan:
1.创建vlan:
在vlan数据库中创建
vlan database
vlan 2
在全局模式创建
conf t
vlan 2
2.将接口加入vlan
需要指定接口的模式
conf t
int f0/1 或者 int range f0/10-20 //前面的是某个接口后面是连续的接口;
sw mode acc //指定接口模式
sw acc vlan 2 //加入对应的vlan
3.其他配置命令:
查看信息
show vlan brief
查看指定vlan
show vlan id 2
删除vlan
conf t
no vlan 2
-
示例:
建立交换机 新建vlan:
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
Switch(vlan)#
- 查看信息:
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
2 VLAN0002 active
3 VLAN0003 active
10 VLAN0010 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
- 将接口加入vlan
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/10
Switch(config-if)#switchport mode acc
Switch(config-if)#switchport mode access
Switch(config-if)#switchport acc
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig0/1
Gig0/2
2 VLAN0002 active Fa0/10
3 VLAN0003 active
10 VLAN0010 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int range f0/20-24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 3
Switch(config-if-range)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Gig0/1, Gig0/2
2 VLAN0002 active Fa0/10
3 VLAN0003 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
10 VLAN0010 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
二、在路由器上配置DHCP
让客户机可以通过路由器提供的DHCP服务获取到ip地址
DHCP:动态主机配置协议
主要是为客户机提供TCP/IP参数:ip地址、子网掩码、网关、DNS服务器地址;
1.配置DHCP步骤:
a)定义DHCP地址池:
地址池的名字:
ip dhcp pool 名字
指定分配的网络范围:网络地址和子网掩码;
network 192.168.10.0 255.255.255.0
指定默认网关;
default-router 192.168.10.225
指定DNS服务器地址
dns-server 114.114.114.114
b)指定保留地址
ip dhcp exclude-address 192.168.10.1 192.168.10.50
- 示例
- 配置路由器0:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#int g0/0
R1(config-if)#ip add 192.168.10.254 255.255.255.0
R1(config-if)#no shut
R1(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
R1(config-if)#exit
R1(config)#int g0/1
R1(config-if)#ip add 192.168.0.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
- 配置路由器1:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#int g0/0
R2(config-if)#ip add 192.168.0.2 255.255.255.0
R2(config-if)#no shut
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
R2(config-if)#exit
R2(config)#int g0/1
R2(config-if)#ip add 192.168.20.253 255.255.255.0
R2(config-if)#no shut
R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
- 配置路由:
R2(config)#ip route 192.168.10.0 255.255.255.0 g0/1
%Default route without gateway, if not a point-to-point interface, may impact performance
R2(config)#end
R2#show ip route
192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.0.0/24 is directly connected, GigabitEthernet0/0
L 192.168.0.2/32 is directly connected, GigabitEthernet0/0
S 192.168.10.0/24 is directly connected, GigabitEthernet0/1
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, GigabitEthernet0/1
L 192.168.20.253/32 is directly connected, GigabitEthernet0/1
R1>en
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 192.168.20.0 255.255.255.0 g0/1
%Default route without gateway, if not a point-to-point interface, may impact performance
R1(config)#end
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
Gateway of last resort is not set
192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.0.0/24 is directly connected, GigabitEthernet0/1
L 192.168.0.1/32 is directly connected, GigabitEthernet0/1
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0
L 192.168.10.254/32 is directly connected, GigabitEthernet0/0
S 192.168.20.0/24 is directly connected, GigabitEthernet0/1
- 配置DHCP:
R1>en
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip dhcp pool zhang
R1(dhcp-config)#network 192.168.10.0 255.255.255.0
R1(dhcp-config)#default-router 192.168.10.254
R1(dhcp-config)#dns-server 114.114.114.114
R1(dhcp-config)#exit
R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.50
R1(config)#
PC0的IP配置
R2>en
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip dhcp pool yu
R2(dhcp-config)#network 192.168.20.0 255.255.255.0
R2(dhcp-config)#default-router 192.168.20.253
R2(dhcp-config)#dns-server 8.8.8.8
R2(dhcp-config)#exit
R2(config)#ip dhcp excluded-address 192.168.20.1 192.168.20.50
R2(config)#
R2#
PC1的ip配置
配置图
二、交换机的其他配置
1.设备管理
- 查看当前配置文件(存放在RAM当中,当设备重启后,里面的配置就没有了)
Switch#show running-config
- 查看保存配置文件(NVRAM)
Switch#startup-config
- 保存当前配置文件
Switch#copy running-config startup-config
Switch#write
- 删除保存配置文件
Switch#eraser nvram
2.交换机密码恢复
让交换机在启动过程中不加载配置文件,将配置文件修改,从而就不会加载
- 拔掉交换机的插头,插上电源同时按住MODE键
- 出现“Switch:”提示松开按键,初始化Flash
switch:flash_init
- 将config.text文件改成config.old,完成后启动交换机
Switch:rename flash:config.text flash:config.old
Switch:boot
- 重新启动后把配置文件的名字改回来
Switch#rename flash:config.old flash:config.text
- 手工加载配置文件
Switch#copy flash:config.text system:running-config
进入配置模式修改密码
-
当前配置文件和保存配置文件的区别:
区别