一、相关知识
1、什么是三层交换技术?
- 简单来说,就是二层交换技术+三层转发技术。它解决了局域网进行网段划分后,子网必须依赖路由器进行管理的局面,也避免了传统路由低速、复杂所造成的网络瓶颈问题。
- 一个具有三层交换功能的设备是:一个带有第三层路由功能的第二层交换机,但它是二者有机的结合,不是简单的把路由器的相关硬件和软件叠加在二层交换机上。
- 原理:假设两个使用IP协议的站点A、B使用IP协议进行通信,A向B发送数据前,先判断与B是不是同一子网,如果是,就用二层进行转发,如果不在同一子网,A要向“缺省网关”(缺省网关的IP地址其实就是三层交换机的交换模块)发送ARP(地址解析)封包
- 优点:由于仅仅在路由过程中才用到三层,其余情况通过二层转发,因此三层交换机的速度很快,跟二层差不多,而且还比路由器便宜得多。
2、三层交换机与二层交换机的区别
- 主要功能不同:二层、三层交换机都可以交换转发数据帧,但三层交换机还有IP路由功能
- 使用场所不同:二层交换机用在OSI模型的第二层,三层交换机用在OSI模型的第三层。
- 处理数据的方式不同:二层交换机使用二层交换转发数据帧,三层交换的路由模块使用三层交换IP数据包。
3、三层交换机与路由器的区别
1、现在的三层交换机完全可以执行传统路由器的大多数功能
2、三层交换机具有以下特征:
- 转发基于第三层的业务流
- 完全交换功能
- 可以完成特殊服务,如报文过滤或者认证
- 执行或者不执行路由功能
3、交换机一般用于LAN-WAN的连接,交换机归于网桥,作用于数据链路层:路由器一般用于WAN-WAN的连接,作用于网络层
4、路由器比交换机要强大,但价格昂给,速度相对较慢,三层交换机既有交换机线速转发报文能力,又有路由器良好的控制功能。
二、简单例子(三层交换机、VLAN间路由)
三层交换机
1、简单的拓扑结构
2、相关代码
三层交换机1:
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host R1
R1(config)#int
R1(config)#interface F
R1(config)#interface FastEthernet 0/1
R1(config-if)#no sw
R1(config-if)#no switchport (进入接口后,把二层接口改成三层接口)
R1(config-if)# 下面两行是提示信息
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
R1(config-if)#ip add
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no sh
R1(config-if)#no shutdown
R1(config-if)#
R1(config-if)#e
R1(config-if)#exit
R1(config)#interface FastEthernet 0/2
R1(config-if)#no sw
R1(config-if)#no switchport
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
R1(config-if)#ip add
R1(config-if)#ip address 192.168.1.254 255.255.255.0
R1(config-if)#no sh
R1(config-if)#no shutdown
R1(config-if)#e
R1(config-if)#exit
R1(config)#interface FastEthernet 0/3
R1(config-if)#no switchport
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up
R1(config-if)#ip address 192.168.2.254 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#e
R1(config-if)#exit
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#show ip route 这一段是配置后没打开路由,需用 ip routing 打开路由功能
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip routing (开启路由功能)
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1(config)#ip route 192.168.3.0 255.255.255.0 192.168.12.2 (配置静态路由)
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/2
C 192.168.2.0/24 is directly connected, FastEthernet0/3
S 192.168.3.0/24 [1/0] via 192.168.12.2
C 192.168.12.0/24 is directly connected, FastEthernet0/1
三层交换机2:
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host
Switch(config)#hostname S2
S2(config)#int Fq
S2(config)#int F
S2(config)#int FastEthernet 0/1
S2(config-if)#no sw
S2(config-if)#no switchport
S2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
S2(config-if)#ip add
S2(config-if)#ip address 192.168.12.2 255.255.255.0
S2(config-if)#no sh
S2(config-if)#no shutdown
S2(config-if)#e
S2(config-if)#exit
S2(config)#int FastEthernet 0/2
S2(config-if)#no switchport
S2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
S2(config-if)#ip address 192.168.3.254 255.255.255.0
S2(config-if)#no shutdown
S2(config-if)#end
S2#
%SYS-5-CONFIG_I: Configured from console by console
S2#conf t
S2(config)#ip routing
S2(config)#end
S2#
%SYS-5-CONFIG_I: Configured from console by console
S2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.3.0/24 is directly connected, FastEthernet0/2
C 192.168.12.0/24 is directly connected, FastEthernet0/1
S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#ip route 192.168.1.0 255.255.255.0 192.168.12.1 配置静态路由
S2(config)#ip route 192.168.2.0 255.255.255.0 192.168.12.1
S2(config)#end
S2#show ip route
配置静态路由后的路由表
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
S 192.168.1.0/24 [1/0] via 192.168.12.1
S 192.168.2.0/24 [1/0] via 192.168.12.1
C 192.168.3.0/24 is directly connected, FastEthernet0/2
C 192.168.12.0/24 is directly connected, FastEthernet0/1
结果:结果是三层交换机启用路由功能,所有网段都能互通。 (注,完成三层交换机的配置后还要配置静态路由)
这里只是ping PC3(192.168.2.1) 和PC5(192.168.3.1),三层交换机就写完啦。
第二个例子:VLAN 间路由
要想实现VLAN 间路由,需分成两步
- 第一步,VLAN间划分,实现二层的功能
- 第二步,VLAN间路由
1、简单的拓扑结构
2、相关代码
S1(三层交换机):
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host
Switch(config)#hostname S1
这一部分是VLAN 的划分 根据拓扑图安排,分成vlan10、20、30
S1(config)#vlan 10
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#exit
S1(config)#vlan 30
S1(config-vlan)#exit
这一部分是把相应的接口划分给相应的VLAN
S1(config)#int f
S1(config)#int fastEthernet 0/1
S1(config-if)#sw
S1(config-if)#switchport md
S1(config-if)#switchport mod
S1(config-if)#switchport mode ac
S1(config-if)#switchport mode access
S1(config-if)#sw
S1(config-if)#switchport ac
S1(config-if)#switchport access ?
vlan Set VLAN when interface is in access mode
S1(config-if)#switchport access vlan 10
S1(config-if)#e
S1(config-if)#exit
S1(config)#int fastEthernet 0/2
S1(config-if)#switchport mode access
S1(config-if)#switchport access vlan 20 这三句命令就是重点
S1(config-if)#e
S1(config-if)#exit
S1(config)#int fastEthernet 0/3
S1(config-if)#switchport mode access
S1(config-if)#switchport access vlan 30
S1(config-if)#e
S1(config-if)#exit
S1(config)#%SPANTREE-2-RECV_PVID_ERR: Received 802.1Q BPDU on non trunk FastEthernet0/4 VLAN1.
%SPANTREE-2-BLOCK_PVID_LOCAL: Blocking FastEthernet0/4 on VLAN0001. Inconsistent port type.
S1(config)#
这是配置trunk 口 注意,三层交换机配置不了trunk 口,须在二层交换机上配置,然后同一链路的接口自动变成trunk模式。
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
第二步:vlan 间路由 只需在三层交换机上配置,二层不需要。
S1(config)#interface v
S1(config)#interface vlan 10
S1(config-if)#
提示信息(以下两个也是)
%LINK-5-CHANGED: Interface Vlan10, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
S1(config-if)#ip add
S1(config-if)#ip address 192.168.10.254 255.255.255.0 (配置网关)
S1(config-if)#no sh
S1(config-if)#no shutdown (可以忽略不写)
S1(config-if)#e
S1(config-if)#exit
S1(config)#interface vlan 20
S1(config-if)#
%LINK-5-CHANGED: Interface Vlan20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
S1(config-if)#ip address 192.168.20.254 255.255.255.0(配置网关)
S1(config-if)#no shutdown
S1(config-if)#
S1(config-if)#e
S1(config-if)#exit
S1(config)#interface vlan 30
S1(config-if)#
%LINK-5-CHANGED: Interface Vlan30, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up
S1(config-if)#ip address 192.168.30.254 255.255.255.0(配置网关)
S1(config-if)#no shutdown
S1(config-if)#e
S1(config-if)#exit
S1(config)#ip routing (开启路由)
S2(二层交换机):
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#host S2
Switch(config)#host S2
这一部分是VLAN 的划分 根据拓扑图安排,分成vlan10、20、30
S2(config)#vlan 10
S2(config-vlan)#e
S2(config-vlan)#exit
S2(config)#vlan 20
S2(config-vlan)#e
S2(config-vlan)#exit
S2(config)#vlan 30
S2(config-vlan)#e
S2(config-vlan)#exit
这一部分是把相应的接口划分给相应的VLAN
S2(config)#int f
S2(config)#int fastEthernet 0/1
S2(config-if)#sw
S2(config-if)#switchport mode
S2(config-if)#switchport mode ac
S2(config-if)#switchport mode access
S2(config-if)#sw
S2(config-if)#switchport ac
S2(config-if)#switchport access vlan 10
S2(config-if)#e
S2(config-if)#exit
S2(config)#int fastEthernet 0/2
S2(config-if)#switchport mode access
S2(config-if)#switchport access vlan 20
S2(config-if)#e
S2(config-if)#exit
S2(config)#int fastEthernet 0/3
S2(config-if)#switchport mode access
S2(config-if)#switchport access vlan 30
S2(config-if)#end
S2#
%SYS-5-CONFIG_I: Configured from console by console
VLAN 表
S2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig0/1, Gig0/2
10 VLAN0010 active Fa0/1
20 VLAN0020 active Fa0/2
30 VLAN0030 active Fa0/3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
配置trunk 口
S2(config)#int f
S2(config)#int fastEthernet 0/4
S2(config-if)#sw
S2(config-if)#switchport mod
S2(config-if)#switchport mode tr
S2(config-if)#switchport mode trunk
S2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
S2(config-if)#end
结果:
第一步完成的结果:相同VLAN 的主机可以互相ping通
第二步完成结果:不同VLAN间的主机可以通过三层交换机进行通信
ping PC2(192.168.20.1)
tracert 是看它的包经过哪里
如图,经过了192.168.10.254 也就是通过了三层交换机的路由。
这篇文章就写到这里啦,有哪些错误欢迎指出。感谢!!!
386
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
