hcip第六次作业

 1.创建VLAN,并改变相连各自PC接口的类型,同时划分VLAN,做策略即保证:pc2可以访问PC4/5/6;但PC4可以访问Pc5,不能访问PC6 ;PC5不能访问PC6

[sw1]vlan batch 2 to 5   批量创建VLAN
[sw1]int g0/0/1
[sw1-GigabitEthernet0/0/1]port link-type access 
[sw1-GigabitEthernet0/0/1]port default vlan 2 
[sw1-GigabitEthernet0/0/1]int g0/0/2
[sw1-GigabitEthernet0/0/2]port hybrid  pvid  vlan 3 
[sw1-GigabitEthernet0/0/2]port hybrid  untagged  vlan 2 to 5   

sw2

[sw2]vlan batch 2 to 5 
[sw2-GigabitEthernet0/0/1]int g0/0/2            
[sw2-GigabitEthernet0/0/2]port link-type access
[sw2-GigabitEthernet0/0/2]port default vlan 2  
[sw2-GigabitEthernet0/0/2]int g0/0/3
[sw2-GigabitEthernet0/0/3]port hybrid  pvid vlan 4
[sw2-GigabitEthernet0/0/3]port hybrid untagged vlan 2 to 4
sw3

[sw3]vlan batch 2 to 5 
[sw3]int g0/0/1
[sw3-GigabitEthernet0/0/1]port hybrid  pvid vlan 4
[sw3-GigabitEthernet0/0/1]port hybrid  untagged  vlan 2 to 4
[sw3-GigabitEthernet0/0/2]port hybrid pvid  vlan  5
[sw3-GigabitEthernet0/0/2]port hybrid untagged  vlan 2 3 5
2.根据分析思路配置交换机逐渐的trunk干道,且允许所有

[sw1-GigabitEthernet0/0/2]int g0/0/3
[sw1-GigabitEthernet0/0/3]port link-type trunk 
[sw1-GigabitEthernet0/0/3]port trunk allow-pass vlan all 
 
[sw2-GigabitEthernet0/0/3]int g0/0/1
[sw2-GigabitEthernet0/0/1]port link-type trunk 
[sw2-GigabitEthernet0/0/1]port trunk allow-pass  vlan all 
[sw2-GigabitEthernet0/0/1]int g0/0/4
[sw2-GigabitEthernet0/0/4]port link-type  trunk 
[sw2-GigabitEthernet0/0/4]port trunk allow-pass  vlan all 
 
[sw3]   int g0/0/3
[sw3-GigabitEthernet0/0/3]port link-type  trunk 
[sw3-GigabitEthernet0/0/3]port trunk allow-pass vlan  all 
sw1

[sw1]int g0/0/4 
[sw1-GigabitEthernet0/0/4]port hybrid  untagged  vlan 3 4 5
[sw1-GigabitEthernet0/0/4]port hybrid tagged  vlan 2
r1

[r1]int g0/0/0.1
[r1-GigabitEthernet0/0/0.1]ip a 192.168.1.1 24
[r1-GigabitEthernet0/0/0.1]dot1q termination vid 2
[r1-GigabitEthernet0/0/0.1]arp broadcast  enable

[r1-GigabitEthernet0/0/0.1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip a 192.168.2.1 24  
[r1]dhcp enable  
 
创建2个地址池,属于vlan2 h和vlan 345

[r1]ip pool a
[r1-ip-pool-a]net 192.168.1.0 mask 24
[r1-ip-pool-a]gateway-list  192.168.1.1
[r1-ip-pool-a]dns-list 114.114.114.114
[r1-ip-pool-a]q
[r1]ip pool b
[r1-ip-pool-b]network 192.168.2.0 mask 24
[r1-ip-pool-b]gateway-list 192.168.2.1
[r1-ip-pool-b]dns-list 114.114.114.114
 
[r1-ip-pool-b]int g0/0/0
[r1-GigabitEthernet0/0/0.1]dhcp select global 
[r1-GigabitEthernet0/0/0]dhcp select global

检查

PC的地址情况

hcip第六次作业_第1张图片

hcip第六次作业_第2张图片 1  2 不在同一网段

hcip第六次作业_第3张图片

hcip第六次作业_第4张图片

 pc2可以访问PC4/5/6;测试

pc2访问PC4 

 hcip第六次作业_第5张图片

 访问PC6

hcip第六次作业_第6张图片

但PC4可以访问Pc5,不能访问PC6 ;

访问pc5

 hcip第六次作业_第7张图片

访问pc6

hcip第六次作业_第8张图片 PC5不能访问PC6

hcip第六次作业_第9张图片

 

 

你可能感兴趣的:(运维)