1.拓扑及实验需求
2.需求分析
需要用到的技术
1、虚拟局域网(VLAN)
2、动态主机配置协议(DHCP)
3、单臂路由
首先先完成交换部分,创建对应的vlan将PC1与PC3划入vlan2且接口类型为access,而以外的PC都划入如拓扑图对应vlan并且接口类型为hybrid,hybrid接口的配置规划如下图的拓扑注释,各交换机间的链路接口类型为trunk且放通所有创建的vlan,LSW1与路由器连接的链路接口类型为hybrid接口且T列表只放通vlan2,U列表则放通vlan3456;然后配置路由部分,配置单臂路由,配置DHCP地址池等
以下为规划后的拓扑注释图
3.详细配置
LSW1
<Huawei>system-view //进入配置视图 [Huawei]sysname SW1 //更改名字 [SW1]vlan batch 2 3 4 5 6 //批量创建VLAN [SW1]int g0/0/2 //进入对应接口 [SW1-GigabitEthernet0/0/2]port link-type access //设置接口类型为access [SW1-GigabitEthernet0/0/2]port default vlan 2 //放行vlan2的数据流量 [SW1]int g0/0/3 [SW1-GigabitEthernet0/0/3]port link-type hybrid //设置接口类型为hybrid [SW1-GigabitEthernet0/0/3]port hybrid pvid vlan 3 //修改接口PVID数值 [SW1-GigabitEthernet0/0/3]port hybrid untagged vlan 3 4 5 6 //将VLAN添加在U允许列表中 [SW1]int g0/0/4 [SW1-GigabitEthernet0/0/4]port link-type trunk//设置接口类型为trunk [SW1-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 to 6 //在trunk放通vlan 2to6的流量 [SW1]int g0/0/1 [SW1-GigabitEthernet0/0/1]port link-type hybrid [SW1-GigabitEthernet0/0/1]port hybrid untagged vlan 3 4 5 6 [SW1-GigabitEthernet0/0/1]port hybrid tagged vlan 2 //将VLAN添加在T允许列表中LSW2
[SW2]int g0/0/1 [SW2-GigabitEthernet0/0/1]port link-type trunk [SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 to 6 [SW2]int g0/0/2 [SW2-GigabitEthernet0/0/2]port link-type access [SW2-GigabitEthernet0/0/2]port default vlan 2 [SW2]int g0/0/3 [SW2-GigabitEthernet0/0/3]port link-type hybrid [SW2-GigabitEthernet0/0/3]port hybrid pvid vlan 4 [SW1-GigabitEthernet0/0/3]port hybrid untagged vlan 3 4 5 6 [SW2]int g0/0/4 [SW1-GigabitEthernet0/0/4]port link-type trunk [SW1-GigabitEthernet0/0/4]port trunk allow-pass vlan 2 to 6LSW3
[SW3]int g0/0/1 [SW3-GigabitEthernet0/0/1]port link-type trunk [SW3-GigabitEthernet0/0/1]port trunk allow-pass vlan 2 to 6 [SW3]int g0/0/2 [SW3-GigabitEthernet0/0/2]port link-type hybrid [SW3-GigabitEthernet0/0/2]port hybrid pvid vlan 5 [SW3-GigabitEthernet0/0/2]port hybrid untagged vlan 3 4 5 [SW3]int g0/0/3 [SW3-GigabitEthernet0/0/3]port link-type hybrid [SW3-GigabitEthernet0/0/3]port hybrid pvid vlan 6 [SW3-GigabitEthernet0/0/3]port hybrid untagged vlan 3 4 6AR1
[R1]int g0/0/0.1 //创建单臂路由的虚拟子接口 [R1-GigabitEthernet0/0/0.1]dot1q termination vid 2 //使路由器识别带有vlan2标签的流量 [R1-GigabitEthernet0/0/0.1]arp broadcast enable //开启子接口的arp广播功能 [R1-GigabitEthernet0/0/0.1]ip address 192.168.1.254 24 //给子接口配置IP地址及掩码[R1]dhcp enable //开启dhcp功能 [R1]ip pool vlan2 //创建dhcp地址池 [R1-ip-pool-vlan2]network 182.168.1.0 mask 24 //宣告网段及掩码 [R1-ip-pool-vlan2]gateway-list 192.168.1.254 //设置网关 [R1-GigabitEthernet0/0/0.1]dhcp select global //在子接口关联dhcp[R1]int g0/0/0 //进入物理接口 [R1-GigabitEthernet0/0/0]ip address 192.168.2.254 24 //给物理接口配置IP地址及掩码 [R1]ip pool vlan3456 //再创建一个关联物理接口的地址池给vlan3456用 [R1-ip-pool-vlan3456]network 182.168.2.0 mask 24 [R1-ip-pool-vlan3456]gateway-list 192.168.2.254 [R1-GigabitEthernet0/0/0]dhcp select global //在物理接口关联dhcp
查看创建的IP地址池
4. 实验验证
查看PC通过DHCP获取的IP地址
PC5不能访问PC6
PC1可以跨网段访问PC5
PC1可以通过交换机访问同网段的PC3
