1.实验拓扑图如下所示:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />
2.建立如图环境,测试A、B、C、D的连通性。
3.配置F0/11和F/0/12为通道,验证配置,查看是否正常。
4.配置VTP域,域名为CISCO,密码为xxx,
Sw1为服务器,SW2为客户机。
查看关键信息。
5.在SW1上建立vlan2包含A, 建立vlan3包含B。
6.在SW2上查看是否已有vlan2、vlan3。如果没有,给出解决方法。是否可以人工建立vlan4、vlan5,同样vlan2包含C, 建立vlan3包含D。测试AC、BD的连通性。
7.启用修剪,验证配置。
8.在中继中去除vlan3的修剪,查看配置并说明修剪意义。
步骤
1
删除交换机配置和
vlan.dat
文件并重启设备,按照实验拓扑图连接实验的线缆。
switch#<?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />
del
flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
switch#
erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
switch#
reload
步骤
2
给各个交换机命名
.
switch>
enable
switch#
config t
switch(config)#
hostname sw1
sw1(config)#
步骤
3
测试连通性
,
结果如下所示
:
在
A
上用
ping
命令测试和
B
的连通性
:
C:\Documents and Settings\Administrator>ping 1.1.1.4
Pinging 1.1.1.4 with 32 bytes of data:
Reply from 1.1.1.4: bytes=32 time<10ms TTL=128
Reply from 1.1.1.4: bytes=32 time<10ms TTL=128
在
A
上用
ping
命令测试和
C
的连通性
:
C:\Documents and Settings\Administrator>ping 1.1.1.1
Pinging 1.1.1.1 with 32 bytes of data:
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
在
A
上用
ping
命令测试和
D
的连通性
:
C:\Documents and Settings\Administrator>ping 1.1.1.2
Pinging 1.1.1.2 with 32 bytes of data:
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
这里连通由于2950交换机默认是中继,不做详细介绍:
步骤
4
配置
SW1
将
FA0/11
、和
0/12
端口组合为一个逻辑信道:
sw1(config)#interface range fastethernet0/11 - 12
sw1(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel 1
配置
SW2
将
FA0/11
、和
0/12
端口组合为一个逻辑信道:
sw2(config)#interface range fastethernet0/11 - 12
sw2(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel 1
sw2(config-if-range)#
使用
show etherchannel summary
命令检查快速以太通道连接:
sw1#show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) - Fa0/11(Pd) Fa0/12(P)
sw2#show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) - Fa0/11(Pd) Fa0/12(P)
步骤
5
在
SW1
上配置
VTP
域
CISCO
并创建名为
VLAN 10
和
VLAN 20
的
VLAN
。
2950
交换机默认是
VTP
服务器模式,所以你不需要配置它。然而,如果需要的话,配置模式中启用服务器的命令是
vtp mode server
:
sw1(config)#vtp mode server
Device mode already VTP SERVER.
sw1(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
sw1(config)#vtp password xxx
Setting device VLAN database password to xxx
sw1(config)#
配置
SW2
作为
VTP
客户
sw2(config)#vtp mode client
Setting device to VTP CLIENT mode.
sw2(config)#vtp domain cisco
Domain name already set to cisco.
sw2(config)#
使用
show vtp status
命令检查
VTP
重要信息:
sw1#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 64
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x8C 0xE8 0x23 0x13 0xC9 0xD9 0x1C 0xEA
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
sw1#
----------------------------------------------------------------------
使用
show vtp counters
命令检查
VTP
发送和接收的通告请求,汇总通告,子网通告和加入消息的条目,以及检测到的配置错误。
sw1#show vtp counters
VTP statistics:
Summary advertisements received : 2
Subset advertisements received : 1
Request advertisements received : 1
Summary advertisements transmitted : 2
Subset advertisements transmitted : 2
Request advertisements transmitted : 0
Number of config revision errors : 1
Number of config digest errors : 0
Number of V1 summary errors : 0
VTP pruning statistics:
Trunk Join Transmitted Join Received Summary advts received from
non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Po1 0 1 0
sw1#
sw2#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 64
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0x30 0x6D 0x7A 0x76 0x12 0x7B 0x40
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
sw2#
sw2#show vtp counters
VTP statistics:
Summary advertisements received : 4
Subset advertisements received : 3
Request advertisements received : 0
Summary advertisements transmitted : 2
Subset advertisements transmitted : 1
Request advertisements transmitted : 2
Number of config revision errors : 0
Number of config digest errors : 2
Number of V1 summary errors : 0
VTP pruning statistics:
Trunk Join Transmitted Join Received Summary advts received from
non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Po1 1 0 0
步骤
6
创建
VLAN 2
和
VLAN 3
的
VLAN
,按照前面的配置要求,将每个交换机将端口划归到各自的
VLAN
。
sw1(vlan)#vlan 2
VLAN 2 added:
Name: VLAN0002
sw1(vlan)#vlan 3
VLAN 3 added:
Name: VLAN0003
sw1(vlan)#exit
APPLY completed.
Exiting....
sw1#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#interface fastethernet0/1
sw1(config-if)#switchport mode access
sw1(config-if)#switchport access vlan 2
sw1(config-if)#exit
sw1(config)#interface fastethernet0/2
sw1(config-if)#switchport access vlan 3
sw1(config-if)#
步骤
7
使用命令
show vlan brief
检验是否已经有
valn2
、
3
。
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
我们看出并没有,由于刚刚
VTP
服务器设置了密码,这样就将
CISCO
管理域设为了安全模式,这样防止未经授权的交换机加入到用户的域内。刚才说明了这点。这时我们只须在
SW2
上设置密码即可。
sw2#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#vtp password xxx
Setting device VLAN database password to xxx.
sw2(config)#
或许刚刚设完密码马上验证还会没有,这时不须紧张,由于交换机每五分钟发送一次通告或者有变化时,它通告邻接交换机目前的
VTP
域名和配置修订号。稍等一会在验证。
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
2 VLAN0002 active
3 VLAN0003 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw2#
在
SW2
上人工建立
vlan4
、
vlan5
sw2#vlan database
sw2(vlan)#vlan 4
VLAN 4 added:
Name: VLAN0004
sw2(vlan)#vlan 5
VLAN 5 added:
Name: VLAN0005
sw2(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
验证:
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
2 VLAN0002 active
3 VLAN0003 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw2#
这时大家会发现明明看到已经建立
vlan4
、
5
怎么会没有。大家有没有注意到交换机已经告诉大家
In CLIENT state, no apply attempted.
VTP
客户模式不能创建,删除,和修改
vlan
。
按照前面的配置要求,将每个交换机将端口划归到各自的
VLAN
。
sw2#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#interface fastethernet0/1
sw2(config-if)#switchport mode access
sw2(config-if)#switchport access vlan 2
sw2(config-if)#exit
sw2(config)#interface fastethernet0/2
sw2(config-if)#switchport access vlan 3
sw2(config-if)#
测试连通:
在
A
上用
ping
命令测试和
C
的连通性
:
C:\Documents and Settings\Administrator>ping 1.1.1.1
Pinging 1.1.1.1 with 32 bytes of data:
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
在
B
上用
ping
命令测试和
D
的连通性
:
C:\Documents and Settings\Administrator>ping 1.1.1.2
Pinging 1.1.1.2 with 32 bytes of data:
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
步骤
8
只须在
VTP
服务器上启用修剪就启用了整个管理域的修剪。
sw1(config)#vtp pruning
Pruning switched on
sw1(config)#
验证配置:
sw1#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE3 0xBD 0xA0 0xC9 0x14 0x85 0x9B 0xFC
Configuration last modified by 0.0.0.0 at 3-1-93 00:47:48
Local updater ID is 0.0.0.0 (no valid interface found)
sw1#
sw2#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE3 0xBD 0xA0 0xC9 0x14 0x85 0x9B 0xFC
Configuration last modified by 0.0.0.0 at 3-1-93 00:47:48
sw2#
步骤
9
在
SW1
的中继中去除
vlan3
的修剪
sw1#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#interface range fastethernet0/11 - 12
sw1(config-if-range)#switchport trunk pruning vlan remove 3
sw1(config-if-range)#
验证配置:
sw1#show interface fastethernet0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2,4-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
sw1#show interface fastethernet0/12 switchport
Name: Fa0/12
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2,4-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
sw1#
在
SW2
上验证:
sw2#show interface fastethernet0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Protected: false
Voice VLAN: none (Inactive)
Appliance trust: none
我们会发现
SW2
上并没有去除
vlan3
的修剪,说明移出修剪不同启用修剪。需要根据情况在每个交换机上配置。
修剪的意义:
交换机默认情况下是在网络上传播广播和未知数据包。这样会给整个网络带来大量的不必要流量。
VTP
修剪通过减少不必要的流量,如:广播、多播、未知等。来提高带宽利用率。
转载于:https://blog.51cto.com/itgongzuoshi/49543
126
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
