1 实验名称

实验四跨交换机实现VLAN802.1Q

2 实验目的和要求

目的:
理解VLAN如何跨交换机实现。
实现功能:
使在同一VLAN里的计算机系统能跨交换机进行相互通信,而在不同VLAN里的计算机系统不能进行相互通信。

3 实验原理

Tag Vlan是基于交换机端口的另外一种类型,主要用于实现跨交换机的相同VLAN内可以直接访问,同时对于不同VLAN的主机进行隔离。Tag Vlan遵循IEEE802.1q协议标准。在利用配置了Tag Vlan的接口进行数据传输是,需要在数据帧内添加4个字节的802.1q标签信息,用于标识该数据帧属于哪个VLAN,以便于对端交换机接收到数据帧后进行准确的过虑。

4 实验步骤和结果

第一步:在第一台交换机上把交换机命名为SwitchA并创建Vlan 10,并将0/5端口划分到Vlan 10中。

  1. Switch>
  2. Switch>enable
  3. Switch#configure terminal
  4. Enter configuration commands, one per line.  End with CNTL/Z.
  5. Switch(config)#hostname SwitchA
  6. SwitchA(config)#Vlan 10
  7. SwitchA(config-vlan)#name sales
  8. SwitchA(config-vlan)#exit
  9. SwitchA(config)#interface fastethernet 0/5
  10. SwitchA(config-if)#switchport access vlan 10
  11. SwitchA(config-if)#exit
  12. SwitchA(config)#exit
  13. SwitchA#
  14. %SYS-5-CONFIG_I: Configured from console by console

image.png
验证测试:验证已创建了Vlan 10,并将0/5端口已划分到Vlan 10中。
SwitchA#show vlan id 10

  1. SwitchA#show vlan id 10
  3. VLAN Name                             Status    Ports
  4. ---- -------------------------------- --------- -------------------------------
  5. 10   sales                            active    Fa0/5
  7. VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  8. ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  9. 10   enet  100010     1500  -      -      -        -    -        0      0
  11. SwitchA#

image.png
第二步:在交换机SwitchA上创建Vlan 20,并将0/15端口划分到Vlan 20中。

  1. SwitchA#configure terminal
  2. Enter configuration commands, one per line.  End with CNTL/Z.
  3. SwitchA(config)#vlan 20
  4. SwitchA(config-vlan)#name technical
  5. SwitchA(config-vlan)#exit
  6. SwitchA(config)#interface fastethernet 0/15
  7. SwitchA(config-if)#switchport access vlan 20
  8. SwitchA(config-if)#exit
  9. SwitchA(config)#exit
  10. SwitchA#
  11. %SYS-5-CONFIG_I: Configured from console by console

image.png
验证测试:验证已创建了Vlan 20,并将0/15端口已划分到Vlan 20中。
SwitchA#show vlan id 20

  1. SwitchA#show vlan id 20
  3. VLAN Name                             Status    Ports
  4. ---- -------------------------------- --------- -------------------------------
  5. 20   technical                        active    Fa0/15
  7. VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  8. ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  9. 20   enet  100020     1500  -      -      -        -    -        0      0
  11. SwitchA#

image.png
第三步:在交换机SwitchA上将与SwitchB相连的端口(假设为0/24端口)定义为tag vlan模式。

  1. SwitchA#configure terminal
  2. Enter configuration commands, one per line.  End with CNTL/Z.
  3. SwitchA(config)#interface fastethernet 0/24
  4. SwitchA(config-if)#switchport mode trunk
  5. SwitchA(config-if)#exit
  6. SwitchA(config)#exit
  7. SwitchA#
  8. %SYS-5-CONFIG_I: Configured from console by console
  10. SwitchA#

image.png
验证测试:验证fastethernet 0/24端口已被设置为tag vlan模式。
show interfaces fastethernet 0/24 switchport

  1. SwitchA#show interfaces fastethernet 0/24 switchport
  2. Name: Fa0/24
  3. Switchport: Enabled
  4. Administrative Mode: trunk
  5. Operational Mode: down
  6. Administrative Trunking Encapsulation: dot1q
  7. Operational Trunking Encapsulation: dot1q
  8. Negotiation of Trunking: On
  9. Access Mode VLAN: 1 (default)
  10. Trunking Native Mode VLAN: 1 (default)
  11. Voice VLAN: none
  12. Administrative private-vlan host-association: none
  13. Administrative private-vlan mapping: none
  14. Administrative private-vlan trunk native VLAN: none
  15. Administrative private-vlan trunk encapsulation: dot1q
  16. Administrative private-vlan trunk normal VLANs: none
  17. Administrative private-vlan trunk private VLANs: none
  18. Operational private-vlan: none
  19. Trunking VLANs Enabled: ALL
  20. Pruning VLANs Enabled: 2-1001
  21. Capture Mode Disabled
  22. Capture VLANs Allowed: ALL
  23. Protected: false
  24. Appliance trust: none
  25. SwitchA#

image.png
第四步:在第二台交换机上把交换机命名为SwitchB并在交换机上创建Vlan 10,并将0/5端口划分到Vlan 10中。

  1. SwitchB#enable
  2. SwitchB#configure terminal
  3. Enter configuration commands, one per line.  End with CNTL/Z.
  4. SwitchB(config)#hostname SwitchB
  5. SwitchB(config)#vlan 10
  6. SwitchB(config-vlan)#name sales
  7. SwitchB(config-vlan)#exit
  8. SwitchB(config)#interface fastethernet 0/5
  9. SwitchB(config-if)#switchport access vlan 10
  10. SwitchB(config-if)#exit
  11. SwitchB(config)#exit
  12. SwitchB#
  13. %SYS-5-CONFIG_I: Configured from console by console
  15. SwitchB#

image.png
验证测试:验证已在SwitchB上创建了Vlan 10,并将0/5端口已划分到Vlan 10中。
SwitchB#show vlan id 10

  2. SwitchB#show vlan id 10
  4. VLAN Name                             Status    Ports
  5. ---- -------------------------------- --------- -------------------------------
  6. 10   sales                            active    Fa0/5
  8. VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
  9. ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
  10. 10   enet  100010     1500  -      -      -        -    -        0      0
  12. SwitchB#

image.png
第五步:在交换机SwitchB上将与SwitchA相连的端口(假设为0/24端口)定义为tag vlan模式。

  1. SwitchB#configure terminal
  2. Enter configuration commands, one per line.  End with CNTL/Z.
  3. SwitchB(config)#interface fastethernet 0/24
  4. SwitchB(config-if)#switchport mode trunk
  5. SwitchB(config-if)#exit
  6. SwitchB(config)#exit
  7. SwitchB#
  8. %SYS-5-CONFIG_I: Configured from console by console
  10. SwitchB#

image.png
验证测试:验证fastethernet 0/24端口已被设置为tag vlan模式。
SwitchB#show interfaces fastEthernet 0/24 switchport

  1. SwitchB#show interfaces fastethernet 0/24 switchport
  2. Name: Fa0/24
  3. Switchport: Enabled
  4. Administrative Mode: trunk
  5. Operational Mode: down
  6. Administrative Trunking Encapsulation: dot1q
  7. Operational Trunking Encapsulation: dot1q
  8. Negotiation of Trunking: On
  9. Access Mode VLAN: 1 (default)
  10. Trunking Native Mode VLAN: 1 (default)
  11. Voice VLAN: none
  12. Administrative private-vlan host-association: none
  13. Administrative private-vlan mapping: none
  14. Administrative private-vlan trunk native VLAN: none
  15. Administrative private-vlan trunk encapsulation: dot1q
  16. Administrative private-vlan trunk normal VLANs: none
  17. Administrative private-vlan trunk private VLANs: none
  18. Operational private-vlan: none
  19. Trunking VLANs Enabled: ALL
  20. Pruning VLANs Enabled: 2-1001
  21. Capture Mode Disabled
  22. Capture VLANs Allowed: ALL
  23. Protected: false
  24. Appliance trust: none
  25. SwitchB#

image.png
第六步:验证PC1与PC3能互相通信,但PC2与PC3不能互相通信。

  1. SwitchA>enable
  2. SwitchA#configure terminal
  3. Enter configuration commands, one per line.  End with CNTL/Z.
  4. SwitchA(config)#interface FastEthernet0/4
  5. SwitchA(config-if)#
  6. SwitchA(config-if)#exit
  7. SwitchA(config)#interface FastEthernet0/5
  8. SwitchA(config-if)#exit
  9. SwitchA(config)#int vlan 10
  10. SwitchA(config-if)#ip address 192.168.10.254 255.255.255.0
  11. SwitchA(config-if)#exit
  12. SwitchA(config)#int vlan 20
  13. SwitchA(config-if)#ip address 192.168.20.254 255.255.255.0
  14. SwitchA(config-if)#exit
  15. SwitchA(config)#exit
  16. SwitchA#
  17. %SYS-5-CONFIG_I: Configured from console by console
  19. SwitchA#

image.png

第八步:将PC1和PC3的默认网关设置为192.168.10.254,IP分别为:192.168.10.11、192.168.10.33,将PC2的默认网关设置为192.168.20.254,IP为192.168.20.22。
PC1
image.png
image.png
PC3
image.png
image.png
PC2
image.png
image.png

第九步:测试结果
不同VLAN内的主机可以互相PING通

  1. PC>ping 192.168.10.33     !在PC1的命令行方式下验证能PingPC3 
  2. Pinging 192.168.10.33 with 32 bytes of data:
  4. Reply from 192.168.10.33: bytes=32 time<10ms TTL=128
  5. Reply from 192.168.10.33: bytes=32 time<10ms TTL=128
  6. Reply from 192.168.10.33: bytes=32 time<10ms TTL=128
  7. Reply from 192.168.10.33: bytes=32 time<10ms TTL=128
  9. Ping statistics for 192.168.10.33:
  10.     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
  11. Approximate round trip times in milli-seconds:
  12.     Minimum = 0ms, Maximum =  0ms, Average =  0ms
  15. PC>ping 192.168.10.33     !在PC2的命令行方式下验证不能PingPC3 
  16. Pinging 192.168.10.33 with 32 bytes of data:
  18. Request timed out.
  19. Request timed out.
  20. Request timed out.
  21. Request timed out.
  23. Ping statistics for 192.168.10.33:
  24.     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
  25. Approximate round trip times in milli-seconds:
  26.     Minimum = 0ms, Maximum =  0ms, Average =  0ms