问题
三层交换机实现了VLAN间互通后,还要与其他网络进行通信,这样就需要有相关的路由机制。
交换接口配置为三层接口实现路由间通信
方案
三层交换机既然具有三层功能,也就可以实现与路由器相似的配置。既可以把交换接口配置为三层接口,也可以在其上配置静态、动态路由。通过对三层交换机的路由配置,实现VLAN与其他网络的互通。
步骤
1.配置三层交换机
三层交换机创建vlan并配置vlan的虚端口IP并开启路由功能
Switch>enable
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#vlan 3
Switch(config-vlan)#vlan 4
Switch(config-vlan)#vlan 5
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.1.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#interface vlan 2
Switch(config-if)#ip address 192.168.2.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#interface vlan 3
Switch(config-if)#ip address 192.168.3.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#interface vlan 4
Switch(config-if)#ip address 192.168.4.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#interface vlan 5
Switch(config-if)#ip address 192.168.5.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#ip routing //开启路由功能
三层交换的Fa0/23、Fa0/24设置为中继链路模式
Switch(config)#interface range f0/23-24
Switch (config-if-range)#switchport trunk encapsulation dot1q
Switch (config-if-range)#switchport mode trunk
2.配置二层交换机
Sw1创建vlan2、 vlan3并将端口加入vlan
Sw1(config)#vlan 2
Sw1(config)#vlan 2
Sw1(config-vlan)#vlan 3
Sw1(config)#interface fastEthernet 0/2
Sw1(config-if)#switchport access vlan 2
Sw1(config)#interface fastEthernet 0/3
Sw1(config-if)#switchport access vlan 3
Sw1(config)#interface fastEthernet 0/5
Sw1(config-if)#switchport mode trunk //连接三层交换机的接口配置为trunk模式
Sw2创建vlan4、 vlan5并将端口加入vlan
Sw2(config)#vlan 4
Sw2(config-vlan)#vlan 5
Sw2(config)#interface fastEthernet 0/1
Sw2(config-if)#switchport access vlan 4
Sw2(config)#interface f0/2
Sw2(config-if)#switchport access vlan 5
3.将三层交换的Fa0/6口配置为三层路由端口,并配置IP地址
三层交换机的物理端口默认是二层端口,只具有二层特性,不能配置IP地址。把二层端口配置为三层端口后,该端口就具备路由功能了,可以配置IP地址,但同时也就关闭了其二层特性,比如不能把三层端口加入VLAN。
二层端口(交换机上的端口默认都是二层端口)默认是激活状态,那些没有使用到的端口为了安全应该手工将其禁用(shutdown);而三层端口(路由器上的端口或是三层交换机上被配置成路由端口的端口)默认是禁用状态,在使用之前务必要将其激活(no shutdown)。
Switch(config)#interface f0/6
Switch(config-if)#no switchport
Switch(config-if)#ip address 192.168.6.1 255.255.255.0
Switch(config-if)#no shutdown
4.配置路由器的端口IP地址
Switch(config)#interface f0/0
Switch(config-if)#ip address 192.168.6.2 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#interface f0/1
Switch(config-if)#ip address 192.168.7.254 255.255.255.0
Switch(config-if)#no shutdown
5.在三层交换机上配置静态路由,以便VLAN内主机可以与外界网络互联
Switch(config)#iproute 192.168.7.0 255.255.255.0 192.168.6.2 //格式 ip route 下一跳
Switch(config)#exit
Switch#show ip route
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area
* – candidate default, U – per-user static route, o – ODR
P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, Vlan1
C 192.168.2.0/24 is directly connected, Vlan2
C 192.168.3.0/24 is directly connected, Vlan3
C 192.168.4.0/24 is directly connected, Vlan4
C 192.168.5.0/24 is directly connected, Vlan5
C 192.168.6.0/24 is directly connected, FastEthernet0/6
S 192.168.7.0/24 [1/0] via 192.168.6.2
6.在路由器上配置到达三个VLAN网络的静路由
tarena-rouer(config)#ip route 192.168.1.0 255.255.255.0 192.168.6.1
tarena-rouer(config)#ip route 192.168.2.0 255.255.255.0 192.168.6.1
tarena-rouer(config)#ip route 192.168.3.0 255.255.255.0 192.168.6.1
tarena-rouer(config)#ip route 192.168.4.0 255.255.255.0 192.168.6.1
tarena-rouer(config)#ip route 192.168.5.0 255.255.255.0 192.168.6.1
tarena-rouer(config)#exit
tarena-rouer#show ip rout
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area
* – candidate default, U – per-user static route, o – ODR
P – periodic downloaded static route
Gateway of last resort is not set
S 192.168.1.0/24 [1/0] via 192.168.6.1
S 192.168.2.0/24 [1/0] via 192.168.6.1
S 192.168.3.0/24 [1/0] via 192.168.6.1
S 192.168.4.0/24 [1/0] via 192.168.6.1
S 192.168.5.0/24 [1/0] via 192.168.6.1
C 192.168.6.0/24 is directly connected, FastEthernet0/0
C 192.168.7.0/24 is directly connected, FastEthernet0/1
7.在PC上测试与VLAN的连通性
PC>ipconfig
FastEthernet0 Connection:(default port)
Link-local IPv6 Address………: FE80::2E0:8FFF:FE14:BB43
IP Address………………….: 192.168.7.1
Subnet Mask…………………: 255.255.255.0
Default Gateway……………..: 192.168.7.254
SERVER>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Request timed out.
Reply from 192.168.1.1: bytes=32 time=0ms TTL=126
Reply from 192.168.1.1: bytes=32 time=0ms TTL=126
Reply from 192.168.1.1: bytes=32 time=1ms TTL=126
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
SERVER>ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=0ms TTL=126
Reply from 192.168.2.1: bytes=32 time=0ms TTL=126
Reply from 192.168.2.1: bytes=32 time=0ms TTL=126
Reply from 192.168.2.1: bytes=32 time=0ms TTL=126
Ping statistics for 192.168.2.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
SERVER>ping 192.168.3.1
Pinging 192.168.3.1 with 32 bytes of data:
Reply from 192.168.3.1: bytes=32 time=1ms TTL=126
Reply from 192.168.3.1: bytes=32 time=0ms TTL=126
Reply from 192.168.3.1: bytes=32 time=0ms TTL=126
Reply from 192.168.3.1: bytes=32 time=0ms TTL=126
Ping statistics for 192.168.3.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms