ENSP——GARP配置试验

目录

一、实验目标

二、实验拓扑

三、配置交换机间链路

四、开启GVRP功能

五、修改GVRP注册模式

六、配置文件

---

一、实验目标

• 掌握GVRP的配置方法；
• 掌握GVRP不同注册模式的配置方法。

二、实验拓扑

三、配置交换机间链路

配置交换机间为Trunk链路：

S1：

[S1]int g0/0/1
[S1-GigabitEthernet0/0/1]port link-type trunk 
Apr 10 2022 14:21:39-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 5, the ch
ange loop count is 0, and the maximum number of records is 4095.	
[S1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[S1-GigabitEthernet0/0/1]q
[S1]
Apr 10 2022 14:22:29-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 6, the ch
ange loop count is 0, and the maximum number of records is 4095.

S2：

[S2]int g0/0/1	
[S2-GigabitEthernet0/0/1]port link-type trunk 
[S2-GigabitEthernet0/0/1]
Apr 10 2022 14:23:19-08:00 S2 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 5, the ch
ange loop count is 0, and the maximum number of records is 4095.	
[S2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[S2-GigabitEthernet0/0/1]q
[S2]

S3：

[S3]int e0/0/1
[S3-Ethernet0/0/1]port link-type trunk 
Apr 10 2022 14:24:37-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 5, the ch
ange loop count is 0, and the maximum number of records is 4095.
[S3-Ethernet0/0/1]port trunk allow-pass vlan all
[S3-Ethernet0/0/1]
Apr 10 2022 14:24:47-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 6, the ch
ange loop count is 0, and the maximum number of records is 4095.q
[S3]int e0/0/2
[S3-Ethernet0/0/2]port link-type trunk 
Apr 10 2022 14:25:17-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 7, the ch
ange loop count is 0, and the maximum number of records is 4095.tr		
[S3-Ethernet0/0/2]port trunk allow-pass vlan all 
[S3-Ethernet0/0/2]q
[S3]
Apr 10 2022 14:25:27-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 8, the ch
ange loop count is 0, and the maximum number of records is 4095.

S4：

[S4]int e0/0/1
[S4-Ethernet0/0/1]port link-type trunk 
Apr 10 2022 14:26:32-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 5, the ch
ange loop count is 0, and the maximum number of records is 4095.va	
[S4-Ethernet0/0/1]port trunk  allow-pass  vlan all
[S4-Ethernet0/0/1]
[S4-Ethernet0/0/1]q
[S4]int e
Apr 10 2022 14:26:42-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 6, the ch
ange loop count is 0, and the maximum number of records is 4095.0/0/2
[S4-Ethernet0/0/2]port link-type trunk 
[S4-Ethernet0/0/2]port trunk allow-pass vlan  all
[S4-Ethernet0/0/2]q
[S4]
Apr 10 2022 14:27:12-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 8, the ch
ange loop count is 0, and the maximum number of records is 4095.

四、开启GVRP功能

首先要在全局模式下开启GVRP，然后在相应接口下启用GVRP：

S1：

[S1]gv	
[S1]gvrp 
[S1]int g0/0/01
[S1-GigabitEthernet0/0/1]gvrp 
[S1-GigabitEthernet0/0/1]q
[S1]

S2：

[S2]gvrp 
[S2]int g0/0/01
[S2-GigabitEthernet0/0/1]gvrp 
[S2-GigabitEthernet0/0/1]q
[S2]
Apr 10 2022 14:38:10-08:00 S2 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 8, the ch
ange loop count is 0, and the maximum number of records is 4095.

S3：

[S3]gvrp 
[S3]int e0/0/1
[S3-Ethernet0/0/1]gvrp 
[S3-Ethernet0/0/1]
Apr 10 2022 14:38:48-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 10, the c
hange loop count is 0, and the maximum number of records is 4095.q
[S3]int e0/0/2	
[S3-Ethernet0/0/2]gvrp 
[S3-Ethernet0/0/2]q
[S3]
Apr 10 2022 14:38:58-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 11, the c
hange loop count is 0, and the maximum number of records is 4095.

S4：

[S4]gvrp 
[S4]int e0/0/1
[S4-Ethernet0/0/1]
Apr 10 2022 14:39:23-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 9, the ch
ange loop count is 0, and the maximum number of records is 4095.
[S4-Ethernet0/0/1]gvrp 
[S4-Ethernet0/0/1]q
[S4]int e0/0/2
[S4-Ethernet0/0/2]
Apr 10 2022 14:39:33-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 10, the c
hange loop count is 0, and the maximum number of records is 4095.	
[S4-Ethernet0/0/2]gvrp 
[S4-Ethernet0/0/2]q
[S4]

在S1上创建VLAN2和VLAN100，在S2上创建VLAN2和VLAN200，在S3、S4上创建VLAN2：

S1：

[S1]vlan batch 2 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[S1]
Apr 10 2022 14:42:50-08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 9, the ch
ange loop count is 0, and the maximum number of records is 4095.

S2：

[S2]vlan batch 2 200
Info: This operation may take a few seconds. Please wait for a moment...done.
[S2]
Apr 10 2022 14:43:00-08:00 S2 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 9, the ch
ange loop count is 0, and the maximum number of records is 4095.

S3：

[S3]vlan  2
[S3-vlan2]q
[S3]

S4：

[S4]vlan 2
[S4-vlan2]q
[S4]

在S3、S4上执行display gvrp  statistics 命令，查看GVRP统计信息：

S3：

 S4：

 可以看到，交换机上默认的GVRP注册模式为Normal，接下来再查看S3、S4上VLAN的学习情况：

S3：

 S4：

 上述信息可以看到，S3、S4已经能够学习到VLAN100和VLAN200，但是仅有一侧端口加入到VLAN的动态学习中，此时数据帧就只能单向通信，还分别要在S1上创建VLAN200，S2上创建VLAN100，使得交换机两侧端口都加入到VLAN动态学习中，这样才能实现报文的双向通信：

S1：

[S1]vlan 200
[S1-vlan200]q
[S1]

S2：

[S2]vlan 100
[S2-vlan100]q
[S2]

配置完成后再来查看S3、S4上的VLAN信息：

S3：

 S4：

 对比之前的VLAN信息，可以看到S3、S4上的两侧端口均已加入VLAN的动态学习中。

五、修改GVRP注册模式

将S3的E0/0/2、S4的E0/0/2接口的注册模式修改为Fixed：

S3:

[S3]int e0/0/2
[S3-Ethernet0/0/2]gvrp  registration fixed
[S3-Ethernet0/0/2]q
[S3]
Apr 10 2022 15:09:43-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 12, the c
hange loop count is 0, and the maximum number of records is 4095.

S4:

[S4]int e0/0/2
[S4-Ethernet0/0/2]gvrp registration fixed 
[S4-Ethernet0/0/2]q
[S4]
Apr 10 2022 15:10:18-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 12, the c
hange loop count is 0, and the maximum number of records is 4095.

再次在S3、S4上执行display gvrp  statistics 命令，查看GVRP统计信息：

S3：

 S4：

 可以看到E0/0/2端口注册模式已修改为Fixed，该端口将无法注册动态VLAN。

在S3上查看VLAN信息：

S3：

 可以看到，E0/0/2端口已无法注册动态VLAN。

修改S３、S４上的E／０／０／２接口注册模式为Forbidden：

Ｓ３：

[S3]int e0/0/2
[S3-Ethernet0/0/2]gvrp registration forbidden
Info: This operation may take a few seconds. Please wait for a moment...done.
[S3-Ethernet0/0/2]q
[S3]
Apr 10 2022 15:18:54-08:00 S3 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 13, the c
hange loop count is 0, and the maximum number of records is 4095.

Ｓ４：

[S4]int e0/0/2
[S4-Ethernet0/0/2]gvrp registration forbidden 
Info: This operation may take a few seconds. Please wait for a moment...done.
[S4-Ethernet0/0/2]q
[S4]
Apr 10 2022 15:19:38-08:00 S4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25.
191.3.1 configurations have been changed. The current change number is 13, the c
hange loop count is 0, and the maximum number of records is 4095.

再次在S3、S4上执行display gvrp  statistics 命令，查看GVRP统计信息：

Ｓ３：

 Ｓ４：

 最后验证配置结果：

Ｓ３：

 因为在Forbidden模式下，端口只允许VLAN１报文通过，禁止其他任何VLAN报文通过。

六、配置文件

Ｓ１：

[S1]display current-configuration 
#
sysname S1
#
vlan batch 2 100 200
#
gvrp
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[S1] 

Ｓ２：

[S2]display current-configuration 
#
sysname S2
#
vlan batch 2 100 200
#
gvrp
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[S2]

Ｓ３：

[S3]display current-configuration 
#
sysname S3
#
vlan batch 2
#
gvrp
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
 gvrp registration forbidden
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface Ethernet0/0/8
#
interface Ethernet0/0/9
#
interface Ethernet0/0/10
#
interface Ethernet0/0/11
#
interface Ethernet0/0/12
#
interface Ethernet0/0/13
#
interface Ethernet0/0/14
#
interface Ethernet0/0/15
#
interface Ethernet0/0/16
#
interface Ethernet0/0/17
#
interface Ethernet0/0/18
#
interface Ethernet0/0/19
#
interface Ethernet0/0/20
#
interface Ethernet0/0/21
#
interface Ethernet0/0/22
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[S3]

Ｓ４：

[S4]display current-configuration 
#
sysname S4
#
vlan batch 2
#
gvrp
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
#
interface Ethernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
 gvrp
 gvrp registration forbidden
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface Ethernet0/0/8
#
interface Ethernet0/0/9
#
interface Ethernet0/0/10
#
interface Ethernet0/0/11
#
interface Ethernet0/0/12
#
interface Ethernet0/0/13
#
interface Ethernet0/0/14
#
interface Ethernet0/0/15
#
interface Ethernet0/0/16
#
interface Ethernet0/0/17
#
interface Ethernet0/0/18
#
interface Ethernet0/0/19
#
interface Ethernet0/0/20
#
interface Ethernet0/0/21
#
interface Ethernet0/0/22
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[S4]