实现 VLAN 间通信
实现 VLAN 间通信 使用路由器物理接口
R1 <Huawei>sy [Huawei]sy R1 [R1]int g0/0/0 [R1-GigabitEthernet0/0/0]ip add 192.168.1.254 24 [R1-GigabitEthernet0/0/0]int g0/0/1 [R1-GigabitEthernet0/0/1]ip add 192.168.2.254 24 [R1-GigabitEthernet0/0/1]
SW1 <Huawei>sy [Huawei]sy SW1 [SW1]vlan batch 10 20 [SW1]interface g0/0/1 [SW1-GigabitEthernet0/0/1]p l a [SW1-GigabitEthernet0/0/1]p d vlan 10 [SW1-GigabitEthernet0/0/1]int g0/0/2 [SW1-GigabitEthernet0/0/2] [SW1-GigabitEthernet0/0/2]p l a [SW1-GigabitEthernet0/0/2]p d vlan 10 [SW1-GigabitEthernet0/0/2]int g0/0/3 [SW1-GigabitEthernet0/0/3]p l a [SW1-GigabitEthernet0/0/3]p d vlan 20 [SW1-GigabitEthernet0/0/3] [SW1-GigabitEthernet0/0/3]int g0/0/4 [SW1-GigabitEthernet0/0/4]p l a [SW1-GigabitEthernet0/0/4]p d vlan 20 [SW1-GigabitEthernet0/0/4]
子接口 单臂路由 单臂路由
路由器共用一个物理接口,是路由器上的虚拟接口,多个子接口可以共用一个物理接口,每个子接口属于一个单独的网络,每个子接口可以和同一个 VLAN 的设备通信,通过 dot.1q (802.1q) 的标签区分不同子接口的数据,连接子接口的交换机需要使用 Trunk 端口.
R1 [R1]int g0/0/1 [R1-GigabitEthernet0/0/1]undo ip add 192.168.2.254 24 [R1-GigabitEthernet0/0/1]q [R1]int g0/0/0 [R1-GigabitEthernet0/0/0]undo ip add 192.168.1.254 24 [R1-GigabitEthernet0/0/1]q [R1]int g0/0/0.? <1-4096> GigabitEthernet interface subinterface number [R1]int g0/0/0.10 [R1-GigabitEthernet0/0/0.10]dot1q termination vid 10 [R1-GigabitEthernet0/0/0]int g0/0/0.10 [R1-GigabitEthernet0/0/0.10]ip add 192.168.1.254 24 [R1-GigabitEthernet0/0/0.10]arp broadcast enable [R1-GigabitEthernet0/0/0.10]int g0/0/0.20 [R1-GigabitEthernet0/0/0.20]dot1q termination vid 20 [R1-GigabitEthernet0/0/0.20]ip add 192.168.2.254 24 [R1-GigabitEthernet0/0/0.20]arp broadcast enable <R1>dis cu # sysname R1 # interface GigabitEthernet0/0/0 # interface GigabitEthernet0/0/0.10 dot1q termination vid 10 ip address 192.168.1.254 255.255.255.0 arp broadcast enable # interface GigabitEthernet0/0/0.20 dot1q termination vid 20 ip address 192.168.2.254 255.255.255.0 arp broadcast enable #
SW1 [SW1-GigabitEthernet0/0/1]int g0/0/1 [SW1-GigabitEthernet0/0/1]undo port default vlan [SW1-GigabitEthernet0/0/1]undo port link-type [SW1-GigabitEthernet0/0/1]int g0/0/2 [SW1-GigabitEthernet0/0/2]undo port default vlan [SW1-GigabitEthernet0/0/2]undo port link-type [SW1-GigabitEthernet0/0/2]int g0/0/3 [SW1-GigabitEthernet0/0/3]undo port default vlan [SW1-GigabitEthernet0/0/3]undo port link-type [SW1-GigabitEthernet0/0/3]int g0/0/4 [SW1-GigabitEthernet0/0/4]undo port default vlan [SW1-GigabitEthernet0/0/4]undo port link-type [SW1-GigabitEthernet0/0/4] [SW1-GigabitEthernet0/0/4]int g0/0/1 [SW1-GigabitEthernet0/0/1]port link-type trunk [SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20 [SW1-GigabitEthernet0/0/1]int g0/0/2 [SW1-GigabitEthernet0/0/2]port link-type access [SW1-GigabitEthernet0/0/2]port default vlan 10 [SW1-GigabitEthernet0/0/2]int g0/0/3 [SW1-GigabitEthernet0/0/3]port link-type access [SW1-GigabitEthernet0/0/3]port default vlan 20 <SW1>dis cu # sysname SW1 # vlan batch 10 20 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 # interface GigabitEthernet0/0/2 port link-type access port default vlan 10 # interface GigabitEthernet0/0/3 port link-type access port default vlan 20 #
SVI 接口 三层交换机 vlanif 三层交换
SVI 接口:交换机虚拟接口,只逻辑存在,每一个 SVI 接口对应一个 VLAN, 可以配置 IP 地址,可以和 VLAN 内设备通信,并且可以生成路由信息,实现基本路由功能.
SW2 [SW2]vlan batch 10 20 [SW2]int g0/0/1 [SW2-GigabitEthernet0/0/1]p l a [SW2-GigabitEthernet0/0/1]p d vlan 10 [SW2-GigabitEthernet0/0/1]int g0/0/2 [SW2-GigabitEthernet0/0/2]p l a [SW2-GigabitEthernet0/0/2]p d vlan 20 [SW2]int Vlanif 10 [SW2-Vlanif10]ip add 192.168.1.254 24 [SW2-Vlanif10]int vlanif 20 [SW2-Vlanif20]ip add 192.168.2.254 24 [SW2-Vlanif20]dis cu # sysname SW2 # vlan batch 10 20 # interface Vlanif1 # interface Vlanif10 ip address 192.168.1.254 255.255.255.0 # interface Vlanif20 ip address 192.168.2.254 255.255.255.0 # interface MEth0/0/1 # interface GigabitEthernet0/0/1 port link-type access port default vlan 10 # interface GigabitEthernet0/0/2 port link-type access port default vlan 20 #
应用场景 单臂路由适用于小型企业网或特殊网络.
大中型企业网一般使用三层交换实现局域网内部通信.
多层交换机和路由器的区别 多层交换机具备一定的基础路由功能,可以在某些场景下代替路由器。但交换机的功能相对单一,路由器可以实现不同协议之间的数据转发.
一般三层交换机不支持 NAT, 所以在企业网边缘需要路由器或防火墙.
三层交换机一般用于企业内部数据转发以及控制.
路由器一般用于企业边界数据转发.
单臂路由 - 三层交换机 - DHCP
SW1 # sysname SW1 # vlan batch 10 to 30 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 # interface GigabitEthernet0/0/2 port link-type access port default vlan 10 # interface GigabitEthernet0/0/3 port link-type access port default vlan 20 #
R1 # sysname R1 # dhcp enable # ip pool PC gateway-list 30.1.1.254 network 30.1.1.0 mask 255.255.255.0 lease day 0 hour 0 minute 10 dns-list 114.114.114.114 # interface GigabitEthernet0/0/0 # interface GigabitEthernet0/0/0.10 dot1q termination vid 10 ip address 10.1.1.254 255.255.255.0 arp broadcast enable dhcp select interface dhcp server lease day 0 hour 0 minute 30 dhcp server dns-list 114.114.114.114 # interface GigabitEthernet0/0/0.20 dot1q termination vid 20 ip address 20.1.1.254 255.255.255.0 arp broadcast enable dhcp select interface dhcp server lease day 0 hour 0 minute 30 dhcp server dns-list 114.114.114.114 # interface GigabitEthernet0/0/1 ip address 12.1.1.1 255.255.255.0 dhcp select global # ip route-static 30.1.1.0 255.255.255.0 12.1.1.2 #
SW2 # sysname SW2 # vlan batch 10 to 30 # dhcp enable # interface Vlanif12 ip address 12.1.1.2 255.255.255.0 # interface Vlanif30 ip address 30.1.1.254 255.255.255.0 dhcp select relay dhcp relay server-ip 12.1.1.1 # interface GigabitEthernet0/0/1 port link-type access port default vlan 12 # interface GigabitEthernet0/0/2 port link-type access port default vlan 30 # interface GigabitEthernet0/0/3 port link-type access port default vlan 30 # ip route-static 0.0.0.0 0.0.0.0 12.1.1.1 #
