今天的内容很有意思。想一想如何控制冲突域和广播风暴、广播域。
学习一个技术vlan虚拟局域网
一个vlan就是一个广播域,可以将广播风暴控制在一个vlan内部中。
我来举个例子说明vlan的工作原理
一台交换机
员工在vlan10段192.168.10.0/24
主管vlan20段192.168.20.0/24
经理vlan30断192.168.30.0/24
一个vlan段通信不会对其它vlan段产生任何影响,在网络中的物理位置怎样都是如此,不同vlan段主机无法相互ping通。
一般来说交换机上支持1005个vlan,vlan号1到4094。1、1002到1005自动生成,1005后就属于扩展vlan,存在vlan.dat。
我们来做个小实验
看上面的拓扑图如果我们进行相互ping是可以ping通的,不安全也会产生冲突域和广播风暴,接下来我们利用vlan解决。
vlan10给办公,vlan20个服务器。两个办公区互相ping通,不能与服务器区ping通。
北京一层交换机
Switch(config)#vlan 10
Switch(config-vlan)#name office
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config-vlan)#name server
Switch(config-vlan)#exit
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#no shut
Switch(config-if)#end
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig1/1, Gig1/2
10 office active Fa0/2
20 server active Fa0/3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#show running-config
Building configuration...
Switch(config)#vlan 10
Switch(config-vlan)#name office
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config-vlan)#name server
Switch(config-vlan)#exit
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#no shut
Switch(config-if)#end
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig1/1, Gig1/2
10 office active Fa0/2
20 server active Fa0/3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#show running-config
Building configuration...
Current configuration : 1088 bytes
!
version 12.1
no service password-encryption
!
hostname Switch
!
no ip domain-lookup
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/4
!
北京二层交换机
Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
!
version 12.1
no service password-encryption
!
hostname Switch
!
no ip domain-lookup
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/4
!
北京二层交换机
Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 10 name office
VLAN 10 added:
Name: office
Switch(vlan)#vlan 20 name server
VLAN 20 added:
Name: server
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#no shut
Switch(config-if)#end
VLAN 10 added:
Name: office
Switch(vlan)#vlan 20 name server
VLAN 20 added:
Name: server
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#no shut
Switch(config-if)#exit
Switch(config)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#no shut
Switch(config-if)#end
好了~我们来看一下效果。。。
慢慢来~还有简便的方法做这个。今天就到这里~~
转载于:https://blog.51cto.com/xienuo/590396
372
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
