VLAN&VTP实验3:VTP修剪
实验等级:
Professional<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
实验拓扑:
<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />
实验说明:
在一个VTP域中有三台交换机,其中DSW1为Server,ASW1和ASW2为Client。在这个域中创建两个VLAN,分别为VLAN10和VLAN20。DSW1的Fa1/1和Fa1/2分别和ASW1的Fa1/3和ASW2的Fa1/3相连,并且配置成为Trunk链路。ASW1和ASW2的Fa1/8到Fa1/11为VLAN10,Fa1/12到Fa1/15为VLAN20。两台PC机分别接入对应交换机的Fa1/11端口。
在这个实验中,VLAN20没有PC机接入,因此到VLAN20的所有流量没有必要穿越Trunk链路。而VTP修剪可以让VTP智能的确定在Trunk链路的另一端的指定VLAN上是否有设备与之相连。通过修剪,VTP能将泛洪流量限制在必须经过该连接才能到大目的设备的中继链路上,这样可以增加可用的带宽。
基本配置:
1.
按照拓扑图配置好链路
PC2:
PC2(config)#int fa0/0
PC2(config-if)#ip add 10.1.1.2 255.255.255.0
PC2(config-if)#no sh
PC2(config-if)#speed 100
PC2(config-if)#du fu
PC1:
PC1(config)#int fa0/0
PC1(config-if)#speed 100
PC1(config-if)#du ful
PC1(config-if)#ip add 10.1.1.1 255.255.255.0
PC1(config-if)#no sh
ASW1:
ASW1(config-line)#int vlan 1
ASW1(config-if)#ip add 10.1.0.2 255.255.255.0
ASW1(config-if)#no sh
ASW1(config-if)#int fa1/11
ASW1(config-if)#no sh
ASW1(config-if)#int fa1/3
ASW1(config-if)#no sh
ASW1(config-if)#switchport mode tr
ASW2:
ASW2(config-line)#int vlan 1
ASW2(config-if)#ip add 10.1.0.3 255.255.255.0
ASW2(config-if)#no sh
ASW2(config-if)#int fa1/11
ASW2(config-if)#no sh
ASW2(config-if)#int fa1/3
ASW2(config-if)#no sh
ASW2(config-if)#switchport mode trunk
DSW1:
DSW1(config-line)#int fa1/1
DSW1(config-if)#no sh
DSW1(config-if)#switchport mo tr
DSW1(config-if)#int fa1/2
DSW1(config-if)#no sh
DSW1(config-if)#switchport mo tr
DSW1(config-if)#int vlan 1
DSW1(config-if)#ip add 10.1.0.1 255.255.255.0
DSW1(config-if)#no sh
2.
将DSW1配置成为server,其余两台为Client,域名为gairuhe,创建vlan
ASW1:
ASW1#vlan da
ASW1(vlan)#vtp client
Setting device to VTP CLIENT mode.
ASW1(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
ASW2:
ASW2#vlan da
ASW2(vlan)#vtp client
Setting device to VTP CLIENT mode.
ASW2(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
DSW1:
DSW1#vlan database
DSW1(vlan)#vtp server
Device mode already VTP SERVER.
DSW1(vlan)#vtp domain gairuhe
Changing VTP domain name from NULL to gairuhe
DSW1(vlan)#vlan 10 name vlan10
VLAN 10 added:
Name: vlan10
DSW1(vlan)#vlan 20 name vlan20
VLAN 20 added:
Name: vlan20
DSW1(vlan)#exit
APPLY completed.
Exiting....
3.
将端口划入VLAN
ASW1(config)#int range fa1/8 - fa1/11
ASW1(config-if-range)#switchport access vlan 10
ASW1(config)#int range fa1/12 - 15
ASW1(config-if-range)#sw ac vlan 20
ASW2(config-if-range)#int range fa1/8 - 11
ASW2(config-if-range)#sw ac vlan 10
ASW2(config-if-range)#int range fa1/12 - 15
ASW2(config-if-range)#sw ac vlan 20
4.
查看VLAN信息
ASW1:
ASW2:
可以看到VLAN信息已经同步,并且端口都已经划入VLAN。
5.
查看端口的trunk信息(使用命令show interface trunk)
ASW1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/3 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/3 1-1005
Port Vlans allowed and active in management domain
Fa1/3 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa1/3 1,10,20
ASW2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/3 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/3 1-1005
Port Vlans allowed and active in management domain
Fa1/3 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa1/3 1,10,20
这里可以看出ASW1和ASW2的Fa1/3端口可以允许VLAN1,10,20三个VLAN通过
由于ASW1和ASW2都没有设备链路VLAN20的端口,所以可以启用VTP修剪来禁止VALN20的信息到达ASW1和ASW2。
6.
配置VTP 修剪
DSW1#vlan database
DSW1(vlan)#vtp pruning
Pruning switched ON
DSW1(vlan)#exit
APPLY completed.
Exiting....
7.
查看端口的Trunk信息
ASW1#sho int tr
Port Mode Encapsulation Status Native vlan
Fa1/3 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/3 1-1005
Port Vlans allowed and active in management domain
Fa1/3 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa1/3 1,10
ASW2#sho int tr
Port Mode Encapsulation Status Native vlan
Fa1/3 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/3 1-1005
Port Vlans allowed and active in management domain
Fa1/3 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa1/3 1,10
可以看到ASW1和ASW2都没有VLAN20,说明其已经被修剪
转载于:https://blog.51cto.com/124130/42429
扫一扫
1076
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
