S8500交换机实现Super vlan技术介绍和排错

S8500交换机实现Super vlan技术介绍一、简单原理介绍 Super VLAN又称为VLAN聚合(VLAN Aggregation),其原理是一个Super VLAN包含多个Sub VLAN,Super VLAN可配置虚接口的IP地址。每个Sub VLAN是一个广播域,不同Sub VLAN之间二层相互隔离,Sub VLAN不能配置虚接口IP地址。当Sub VLAN内的用户需要进行三层通信时,将使用Super VLAN的虚接口的IP地址作为网关地址,这样多个VLAN共享一个IP地址,从而节省了IP地址资源。同时,为了实现不同Sub VLAN间的三层互通及Sub VLAN与其他网络的互通,需要利用ARP代理功能。通过ARP代理可以进行ARP请求和响应报文的转发与处理,从而实现了二层隔离端口间的三层互通。缺省状态下,Sub VLAN下的ARP代理功能是关闭的。 二、S8500典型配置实例 2.1 组网需求: (1)创建Super VLAN 10 (2)创建Sub VLAN:VLAN 11、VLAN 12、VLAN 5 由于VLAN之间能够满足二层隔离,现要求Sub VLAN两两之间三层互通。 2.2 组网图: 2.3 配置命令 Switch A基本配置: # vlan 10 supervlan subvlan 11 to 12 # vlan 11 arp proxy enable # vlan 12 arp proxy enable # interface Vlan-interface10 ip address 100.0.0.1 255.255.255.0 三、正常状态信息查看 #在PC2下,查arp表,可见,在arp表中,由于设置了arp proxy enable,PC1的MAC地址被置为Switch A的MAC地址。报文查ARP表,先送到SWITCH,再次查ARP表,才最后送到PC1。完成不同vlan之间的三层互通。 C:\Documents and Settings\LOU04961>arp -a Interface: 100.0.0.10 --- 0x2 Internet Address Physical Address Type 100.0.0.1 00-e0-fc-36-45-b4 dynamic 100.0.0.2 00-e0-fc-36-45-b4 dynamic #在Switch A下,查arp表如下,表项正常。 [Quidway]dis arp Type: S-Static D-Dynamic IP Address MAC Address VLAN ID Port Name Aging Type 100.0.0.10 00e0-fc3c-a5fc 12 Ethernet4/1/4 13 D 100.0.0.2 0015-c50b-a8ba 11 Ethernet4/1/2 16 D #在PC1中,查arp表如下: C:\Documents and Settings\LOU04961>arp -a Interface: 100.0.0.2 --- 0x2 Internet Address Physical Address Type 100.0.0.1 00-e0-fc-36-45-b4 dynamic 100.0.0.10 00-e0-fc-36-45-b4 dynamic 四、排错(可debugging 信息) #当没有配置ARP代理时,VLAN11和VLAN12不能互通。 取消ARP代理后,如果尝试利用路由令VLAN11和VLAN12互通。即,配置: ip rou 100.0.0.1 32 100.0.0.1 #无法ping通,发现Switch A中链接PC2的端口,只有进来的报文,没有出去的报文。可见ping包被丢弃。 dis int eth4/1/4 Ethernet4/1/4 current state : UP IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc36-45b1 The Maximum Transmit Unit is 1500 Media type is twisted pair, loopback not set Port hardware type is 100_BASE_TX 100Mbps-speed mode, full-duplex mode Link speed type is autonegotiation, link duplex type is autonegotiation Flow-control is not enabled The Maximum Frame Length is 1552 Broadcast MAX-ratio: 50% Allow jumbo frame to pass PVID: 12 Mdi type: auto Link-status hold interval:3 Sec Port link-type: access Tagged VLAN ID : none Untagged VLAN ID : 12 Last 300 seconds input: 0 packets/sec 64 bits/sec 0% Last 300 seconds output: 0 packets/sec 0 bits/sec 0% Input(total): 1838 packets, 119600 bytes - broadcasts, - multicasts Input(normal): 1838 packets, 119600 bytes 137 broadcasts, 0 multicasts Input: 0 input errors, 0 runts, 0 giants, 0 throttles, 0 CRC 0 frame, 0 overruns, - aborts, 0 ignored, - parity errors Output(total): 2643 packets, 234727 bytes - broadcasts, - multicasts, 0 pauses Output(normal): 2643 packets, 234727 bytes 2 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, - collisions, 0 late collisions - lost carrier, - no carrier Receive Packet Peak Value Info: 15118 bytes, happened at 11:03:25 6-27-2006 Transmit Packet Peak Value Info: 50006 bytes, happened at 11:03:25 6-27-2006 Input(total): 1845 packets, 120048 bytes - broadcasts, - multicasts Input(normal): 1845 packets, 120048 bytes 144 broadcasts, 0 multicasts Input: 0 input errors, 0 runts, 0 giants, 0 throttles, 0 CRC 0 frame, 0 overruns, - aborts, 0 ignored, - parity errors Output(total): 2643 packets, 234727 bytes - broadcasts, - multicasts, 0 pauses Output(normal): 2643 packets, 234727 bytes 2 broadcasts, 0 multicasts, 0 pauses Output: 0 output errors, - underruns, - buffer failures 0 aborts, 0 deferred, - collisions, 0 late collisions - lost carrier, - no carrier Receive Packet Peak Value Info: 15118 bytes, happened at 11:03:25 6-27-2006 Transmit Packet Peak Value Info: 50006 bytes, happened at 11:03:25 6-27-2006

你可能感兴趣的:(技术,super,VLAN,休闲,交换机)