1、Access、Trunk实验配置步骤

实验拓扑图：

实验配置思路：

1. 交换机上创建VLAN
2. 把交换机连接PC的接口配置为access，并加入相应的VLAN中
3. 两台交换机互联的接口配置为trunk，允许所有VLAN通过
4. 交换机通过在二层和三层中间打tag标记区分不同VLAN

实验摘要重点命令：

[SW1]int e0/0/1     //进入接口
[SW1-Ethernet0/0/1]port link-type access     //配置接口为access接口 
[SW1-Ethernet0/0/1]port default vlan 10     //允许VLAN10通过
[SW1-Ethernet0/0/1]quit     //退出
[SW1]int g0/0/1     //进入接口
[SW1-GigabitEthernet0/0/1]port link-type trunk     //配置接口为trunk接口 	
[SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan all     //允许所有VLAN通过  
[SW1-GigabitEthernet0/0/1]quit     //退出
[SW1]

实验详细配置步骤：

配置access链路

SW1——连接PC的接口配置为access，并加入相应的VLAN中

<Huawei>system-view     //进入全局配置模式
[Huawei]undo info-center enable     //关闭信息告警提示 
[Huawei]sysname SW1     //改名
[SW1]vlan batch 10 20     //创建VLNA10和VLAN20
[SW1]int e0/0/1     //进入接口
[SW1-Ethernet0/0/1]port link-type access     //配置接口为access接口 
[SW1-Ethernet0/0/1]port default vlan 10     //允许VLAN10通过
[SW1-Ethernet0/0/1]quit     //退出
[SW1]int e0/0/2     //进入接口	
[SW1-Ethernet0/0/2]port link-type access     //配置接口为access接口 
[SW1-Ethernet0/0/2]port default vlan 10     //允许VLAN10通过
[SW1-Ethernet0/0/2]quit     //退出
[SW1]int e0/0/3     //进入接口	
[SW1-Ethernet0/0/3]port link-type access     //配置接口为access接口 
[SW1-Ethernet0/0/3]port default vlan 20     //允许VLAN20通过
[SW1-Ethernet0/0/3]quit     //退出
[SW1]

SW2——连接PC的接口配置为access，并加入相应的VLAN中

<Huawei>system-view     //进入全局配置模式 
[Huawei]undo info-center enable     //关闭信息告警提示  
[Huawei]sysname SW2     //改名
[SW2]vlan batch 10 20     //创建VLAN10和VLAN20
[SW2]int e0/0/1     //进入接口
[SW2-Ethernet0/0/1]port link-type access     //配置接口为access接口 
[SW2-Ethernet0/0/1]port default vlan 10     //允许VLAN10通过
[SW2-Ethernet0/0/1]quit     //退出
[SW2]int e0/0/2     //进入接口	
[SW2-Ethernet0/0/2]port link-type access     //配置接口为access接口 	
[SW2-Ethernet0/0/2]port default vlan 20     //允许VLAN20通过
[SW2-Ethernet0/0/2]quit     //退出
[SW2]

配置trunk链路

SW1——连接交换机的接口配置为trunk，允许所有VLAN通过

[SW1]int g0/0/1     //进入接口
[SW1-GigabitEthernet0/0/1]port link-type trunk     //配置接口为trunk接口 	
[SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan all     //允许所有VLAN通过  
[SW1-GigabitEthernet0/0/1]quit     //退出
[SW1]

SW2——连接交换机的接口配置为trunk，允许所有VLAN通过

[SW2]int g0/0/1     //进入接口
[SW2-GigabitEthernet0/0/1]port link-type trunk     //配置接口为trunk接口 	
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all     //允许所有VLAN通过 
[SW2-GigabitEthernet0/0/1]quit     //退出
[SW2]

查看VLAN信息

SW1——查看VLAN信息

[SW1]dis vlan 
The total number of vlans is : 3
--------------------------------------------------------------------------------
U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------

VID  Type    Ports                                                          
--------------------------------------------------------------------------------
1    common  UT:Eth0/0/4(D)     Eth0/0/5(D)     Eth0/0/6(D)     Eth0/0/7(D)     
                Eth0/0/8(D)     Eth0/0/9(D)     Eth0/0/10(D)    Eth0/0/11(D)    
                Eth0/0/12(D)    Eth0/0/13(D)    Eth0/0/14(D)    Eth0/0/15(D)    
                Eth0/0/16(D)    Eth0/0/17(D)    Eth0/0/18(D)    Eth0/0/19(D)    
                Eth0/0/20(D)    Eth0/0/21(D)    Eth0/0/22(D)    GE0/0/1(U)      
                GE0/0/2(D)                                                      

10   common  UT:Eth0/0/1(U)     Eth0/0/2(U)                                     
             TG:GE0/0/1(U)                                                      

20   common  UT:Eth0/0/3(U)                                                     

             TG:GE0/0/1(U)                                                      


VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------

1    enable  default       enable  disable    VLAN 0001                         
10   enable  default       enable  disable    VLAN 0010                         
20   enable  default       enable  disable    VLAN 0020                         
[SW1]

测试

PC1——测试同一VLAN正常通信，不同VLAN不能通信

PC>ping 192.168.10.2     //PC2，VLAN10，正常通信

Ping 192.168.10.2: 32 data bytes, Press Ctrl_C to break
From 192.168.10.2: bytes=32 seq=1 ttl=128 time=32 ms
From 192.168.10.2: bytes=32 seq=2 ttl=128 time=47 ms
From 192.168.10.2: bytes=32 seq=3 ttl=128 time=47 ms
From 192.168.10.2: bytes=32 seq=4 ttl=128 time=32 ms
From 192.168.10.2: bytes=32 seq=5 ttl=128 time=31 ms

--- 192.168.10.2 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 31/37/47 ms


PC>ping 192.168.10.3     //PC3，VLAN20，不能通信

Ping 192.168.10.3: 32 data bytes, Press Ctrl_C to break
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable

--- 192.168.10.3 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss


PC>ping 192.168.10.4     //PC4，VLAN10，正常通信

Ping 192.168.10.4: 32 data bytes, Press Ctrl_C to break
From 192.168.10.4: bytes=32 seq=1 ttl=128 time=62 ms
From 192.168.10.4: bytes=32 seq=2 ttl=128 time=47 ms
From 192.168.10.4: bytes=32 seq=3 ttl=128 time=46 ms
From 192.168.10.4: bytes=32 seq=4 ttl=128 time=62 ms
From 192.168.10.4: bytes=32 seq=5 ttl=128 time=47 ms

--- 192.168.10.4 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 46/52/62 ms

PC>ping 192.168.10.5     //PC5，VLAN20，不能通信

Ping 192.168.10.5: 32 data bytes, Press Ctrl_C to break
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable
From 192.168.10.1: Destination host unreachable

--- 192.168.10.5 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss

PC>

PC5——测试同一VLAN正常通信，不同VLAN不能通信

PC>ping 192.168.10.1     //PC1，VLAN10，不能通信

Ping 192.168.10.1: 32 data bytes, Press Ctrl_C to break
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable

--- 192.168.10.1 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss


PC>ping 192.168.10.2     //PC2，VLAN10，不能通信

Ping 192.168.10.2: 32 data bytes, Press Ctrl_C to break
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable

--- 192.168.10.2 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss


PC>ping 192.168.10.3     //PC3，VLAN20，正常通信

Ping 192.168.10.3: 32 data bytes, Press Ctrl_C to break
From 192.168.10.3: bytes=32 seq=1 ttl=128 time=46 ms
From 192.168.10.3: bytes=32 seq=2 ttl=128 time=47 ms
From 192.168.10.3: bytes=32 seq=3 ttl=128 time=47 ms
From 192.168.10.3: bytes=32 seq=4 ttl=128 time=62 ms
From 192.168.10.3: bytes=32 seq=5 ttl=128 time=63 ms

--- 192.168.10.3 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 46/53/63 ms


PC>ping 192.168.10.4     //PC4，VLAN10，不能通信

Ping 192.168.10.4: 32 data bytes, Press Ctrl_C to break
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable
From 192.168.10.5: Destination host unreachable

--- 192.168.10.4 ping statistics ---
  5 packet(s) transmitted
  0 packet(s) received
  100.00% packet loss

PC>