从实验现象分析vlan trunk的原理及应用
一、拓扑图
二、实验原理
本实验使用路由器模拟pc机
①Sw15与sw16之间使用trunk端口
在本次实验中如果要实现pc1与pc2的正常通信,首先,它们必须同属于同一个vlan,例如vlan11,其次,它们必须在同一子网。因为vlan实现通信的原理就是当数据通过交换机时,只有相同vlan的id才会被“识别”
过程是当两台pc机在同一个交换机中:当数据包通过sw15的f0/1端口时,因为它是属于vlan11的,所以在交换机内部为数据包“打标”当遇到另外一个端口其vlan也为11时,该数据包便从此端口送出顺便解标。
当两台pc属于不同交换机时:为了不让标识解掉,在trunk端口类型下,两台相同vlan 的pc机之间可以通信:当属于vlan11的数据包通过trunk端口时,trunk通过协定好的协议在frame的数据结构中插入vlan标记,在frame通过f0/2时sw16通过标有vlan11的标识将frame发送给pc2
这样,pc1与pc2便实现了通信。
②sw15与sw16之间使用access端口
要实现pc1与pc2的通信,只能一个vlan一条线
三、实验步骤
1、基本配置
r4#conf t
Enter configuration commands, one per line.End with CNTL/Z.
r4(config)#hostname r4
r4(config)#no ip domain-lookup
r4(config)#no ip routing
r4(config)#line con 0
r4(config-line)#logging synchronous
r4(config-line)#no login
r4(config-line)#line vty 0 4
r4(config-line)#no login
r4(config-line)#end
Switch#conf t
Enter configuration commands, one per line.End with CNTL/Z.
Switch(config)#hostname sw15
sw15(config)#no ip domain-lookup
sw15(config)#line con 0
sw15(config-line)#
sw15(config-line)#logging s
sw15(config-line)#logging synchronous
sw15(config-line)#no login
sw15(config-line)#line vty 0 4
sw15(config-line)#end
sw2>en
sw2#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw2(config)#hostname sw16
sw16(config)#no ip domain-lookup
sw16(config)#line con 0
sw16(config-line)#logging s
sw16(config-line)#logging synchronous
sw16(config-line)#no login
sw16(config-line)#line vty 0 4
sw16(config-line)#no login
sw16(config-line)#end
Router>en
Router#conf t
Enter configuration commands, one per line.End with CNTL/Z.
Router(config)#hostname r6
r6(config)#no ip domain-lookup
r6(config)#no ip routing
r6(config)#line con 0
r6(config-line)#logging s
r6(config-line)#logging synchronous
r6(config-line)#no login
r6(config-line)#line vty 0 4
r6(config-line)#end
2、清除交换机上的vlan配置
①查看是否有保存配置
sw15#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12
11 VLAN0011 active Fa0/5
12 VLAN0012active
说明:交换机中已有vlan配置,并且没有f0/4端口,首先,我们将vlan11删除
sw15#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw15(config)#no vlan 11
sw15(config)#exit
sw15#show
05:44:08: %SYS-5-CONFIG_I: Configured from console by console
sw15#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12
我们发现f0/5也不见了,是因为我们在没有对f0/5分配归属的时候将vlan11删掉,但实际它还隐藏在vlan11中,所以我们将它放到vlan1中
sw15#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw15(config)#int f0/5
sw15(config-if)#swi
sw15(config-if)#switchport a
sw15(config-if)#switchport access vlan 1
sw15(config-if)#exit
sw15(config)#show vlan
sw15(config)#exit
sw15#show
05:47:33: %SYS-5-CONFIG_I: Configured from console by console
sw15#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/5
Fa0/6, Fa0/7, Fa0/8Fa0/9
Fa0/10, Fa0/11, Fa0/12
这时我们发现f0/5又出现了,并在vlan1中,那么f0/4在哪里呢?
sw15#show int
sw15#show interfaces trunk
Port Mode EncapsulationStatus Native vlan
Fa0/4 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/4 1-4094
Port Vlans allowed and active in management domain
Fa0/4 1,12
Port Vlans in spanning tree forwarding state and not pruned
Fa0/4 1,12
我们发现 它在trunk端口中 并且本地vlan1
下面我们将未分配端口的vlan12删除
sw15#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw15(config)#no vlan 12
sw15(config)#exit
sw15#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12
此时,除了f0/4在trunk端口中之外,全部在vlan1中
Sw16中也做相同处理,不再详列
②查看交换机的基本信息
sw15#show mac-address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0018.b997.df02 DYNAMIC Fa0/4
Total Mac Addresses for this criterion: 1
Sw15中 mac地址为 0018.b997.df02 类型是DYNAMIC 连接端口时fa0/4
总的mac地址数目为1
清除mac表
sw15#clear mac-address-table dynamic
sw15#show m
sw15#show mac-
sw15#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0011.2194.f600 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0018.b997.df02 DYNAMIC Fa0/4
Total Mac Addresses for this criterion: 5
查看接口连接状态
sw15#show interfaces status
Port Name Status Vlan DuplexSpeed Type
Fa0/1 connected 1 a-half a-10 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 connected trunk a-fulla-100 10/100BaseTX
Fa0/5 notconnect 1 auto auto 10/100BaseTX
Fa0/6 notconnect 1 auto auto 10/100BaseTX
Fa0/7 notconnect 1 auto auto 10/100BaseTX
Fa0/8 notconnect 1 auto auto 10/100BaseTX
Fa0/9 notconnect 1 auto auto 10/100BaseTX
Fa0/10 notconnect 1 auto auto 10/100BaseTX
Fa0/11 notconnect 1 auto auto 10/100BaseTX
Fa0/12 notconnect 1 auto auto 10/100BaseTX
Fa0/4为连接状态 且属于trunk端口类型 全双工
查看接口状态信息
sw15#show interfaces f0/2
FastEthernet0/2 is down, line protocol is down (notconnect) //硬件类型是快速以太网,地//址是0011.2194.f602
Hardware is Fast Ethernet, address is 0011.2194.f602 (bia 0011.2194.f602)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, //最大传输单元 1500字节,带宽//100000 Kbit,延时 100 usec
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec) //保持生存时间10秒
Auto-duplex, Auto-speed, media type is 100BaseTX
input flow-control is unsupported output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00 //arp类型是请求,生存时间4h
Last input 01:39:38, output 01:39:37, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec //五分钟每秒进入0个位,每秒0个包
5 minute output rate 0 bits/sec, 0 packets/sec
13 packets input, 1904 bytes, 0 no buffer//13个包进入,1904个字节,全部在缓冲区
Received 11 broadcasts (0 multicast) //接收11个广播
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 11 multicast, 0 pause input
0 input packets with dribble condition detected
31 packets output, 3114 bytes, 0 underruns //31个包输出,共3114个字节,没//有丢包
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
3、二层网络全局配置
①Sw15的vlan配置
sw15#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw15(config)#vlan 11
sw15(config-vlan)#name caiwu
创建vlan11 名为caiwu
②查看vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12
11 caiwu active //已经产生了vlan11
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
③sw16的valn配置
sw16#conf t
Enter configuration commands, one per line.End with CNTL/Z.
sw16(config)#vlan 11
sw16(config-vlan)#name caiwu
④查看sw16的vlan
sw16#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12
11 caiwu active //已经产生vlan11
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
4、二层链路调测
①配置sw15的access接口
sw15#conf t
sw15(config)#int f0/1
sw15(config-if)#switchport mode a
sw15(config-if)#switchport mode access
sw15(config-if)#switchport access vlan 11
sw15(config-if)#exit
②配置sw16的access接口
sw16(config)#int f0/4
sw16(config-if)#switchport mode access
sw16(config-if)#switchport access vlan 11
sw16(config-if)#exit
③sw15—sw16的trunk链路调测
sw15(config)#int f0/3
sw15(config-if)#switchport mode trunk
sw15(config-if)#switchport trunk allowed vlan all
sw15(config-if)#exit
sw16(config)#int f0/2
sw16(config-if)#switchport mode t
sw16(config-if)#switchport trunk allowed vlan all
sw16(config-if)#exit
④查看access接口信息
sw15#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12
11 caiwu active Fa0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
sw16#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/3, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12
11 caiwu active Fa0/4
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
sw16#show interfaces status
Port Name Status Vlan DuplexSpeed Type
Fa0/1 notconnect 1 auto auto 10/100BaseTX
Fa0/2 connected trunk a-fulla-100 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 notconnect 11 auto auto 10/100BaseTX
sw15#show interfaces status
Port Name Status Vlan DuplexSpeed Type
Fa0/1 connected 11 a-half a-10 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 connected trunk a-fulla-100 10/100BaseTX
sw15#show interfaces f0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 11 (caiwu)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
sw16#show interfaces f0/4 switchport
Name: Fa0/4
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 11 (caiwu)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
⑤查看trunk信息
sw15#show interfaces trunk
Port Mode EncapsulationStatus Native vlan
Fa0/4 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/4 1-4094
Port Vlans allowed and active in management domain
Fa0/4 1,11
Port Vlans in spanning tree forwarding state and not pruned
Fa0/4 1,11
sw16#show interfaces trunk
Port Mode EncapsulationStatus Native vlan
Fa0/2 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/2 1-4094
Port Vlans allowed and active in management domain
Fa0/2 1,11
Port Vlans in spanning tree forwarding state and not pruned
Fa0/2 1,11
二层网络连通性测试
r4#ping 192.168.21.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.21.11, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/4/4 ms
页:
[1]