Configuring InterVlan Routing Presented By Brian, Kevin, and John.
Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing ...
-
Upload
dominic-chandler -
Category
Documents
-
view
260 -
download
2
Transcript of Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing ...
![Page 1: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/1.jpg)
Cisco Lab - Switch
2013.03.18
![Page 2: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/2.jpg)
大綱 Multi-LAN
VLAN TRUNK VTP
ACL Port Channel Routing
InterVLAN Routing Static Routing
Homework
![Page 3: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/3.jpg)
192.168.0.0subnet
192.168.1.0subnet
192.168.2.0subnet
HR VLAN
SALES VLAN
ENG VLAN
![Page 4: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/4.jpg)
Multi-LAN - VLAN
VLAN 1
VLAN 2
VLAN 3
VLAN 50
VLAN 51
VLAN 52
0/1 0/1
0/2
0/3
0/2
0/3
![Page 5: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/5.jpg)
Multi-LAN - VLAN Switch(config)#vlan “vlan-id”
建立新 vlan Switch(config-vlanid)#name “vlan-name”
為所新增的 vlan命名 Switch(config)#interface fastethernet 0/1
進入單一 interface設定模式 Switchport mode access Switchport access vlan “vlan-id”
![Page 6: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/6.jpg)
Multi-LAN - Trunk
VLAN 11 VLAN 12 VLAN 13 VLAN 11 VLAN 12 VLAN 13
Trunk
VLAN 11 TagVLAN 12 Tag
pc0 pc1 pc2 pc4 pc5pc3
![Page 7: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/7.jpg)
Multi-LAN - Trunk switchport trunk encapsulation dot1q
指定 Trunk封裝為 dot1q模式 switchport mode trunk
指定 Switch Port為 Trunk Port switchport trunk allowed vlan “Vlan- ID”
允許特定 VLAN ID的流量通過 Trunk Port
![Page 8: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/8.jpg)
Multi-LAN - VTP VLAN Trunking Protocol
Cisco專有協議 負責同步網域中相同 VTP Domain Switch的 VLAN資訊 VTP Mode: Server、 Client、 Transpartent 利用 Switch的 Trunking Port作 VLAN的同步。
![Page 9: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/9.jpg)
Multi-LAN - VTP Switch(config)#vtp mode
server/client/transpartent 設定 VTP的模式
Switch(config)#vtp domain “Domain Name” 設定 VTP Domain名稱, Domain相同的才會進行 VLAN的同步
Switch#show vtp status 顯示設備的 VTP狀態
![Page 10: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/10.jpg)
Port Channel 利用數個實體介面邏輯上合併為一個 增加頻寬 分散流量 達到備援的目的
![Page 11: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/11.jpg)
Port Channel
![Page 12: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/12.jpg)
Port Channel1. Switch(config)#interface range fastethernet 0/1 – 4
指定要作為同一 Group的 Port
2. Switch(config-if-range)#shutdown 為避免對流量產生影響,建議在建立 Port Channel前先將 Port關閉
3. Switch(config-if-range)#channel-group “Channel-Group ID” mode active/passive Channel-Group建立起來所使用的 ID Active:主動建立 Port-Channel Passive:當遠端 Switch為 Active並要求建立 Port-Channel時才會建立
Show etherchannel summary 查看 Port-Channel狀態
對 Port Channel進行設定 Switch(config)#interface port-channel “Channel-Group ID”
![Page 13: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/13.jpg)
Port Channel講台
192.168.219.202
192.168.219.203
192.168.219.204
192.168.219.205
123456
123456
![Page 14: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/14.jpg)
ACL1. Switch(config)#ip access-list extended/standard “Policy ID or Policy
Name” Extended:會檢查封包來源、目的 IP以及所使用之 Layer4協定及路由協定
等等資訊。 Standard:僅檢查封包的目的地 IP資訊。
2. Switch(config-ext-nacl)#permit/deny tcp/udp “Source Address” “Wildcard Bits” “Dest Address” “Wildcard Bits” eq “Port Number”
3. Switch(config)#interface fastethernet “Port ID”
4. Switch(config-if)#no switchport
5. Switch(config-if)#ip access-group “Policy Name or Policy ID” in/out
![Page 15: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/15.jpg)
InterVLAN Routing192.168.0.0/24
subnet192.168.1.0/24
subnet192.168.2.0/24
subnet
SALES VLAN
HR VLAN
ENG VLAN
![Page 16: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/16.jpg)
InterVLAN Routing192.168.0.0/24
GW:192.168.0.254subnet
192.168.1.0/24GW:192.168.1.254
subnet
192.168.2.0GW:192.168.2.254
subnet
SALES VLAN 10
HR VLAN 11
ENG VLAN 12
VLAN10:192.168.0.254VLAN11:192.168.1.254VLAN12:192.168.2.254
![Page 17: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/17.jpg)
InterVLAN Routing
VLAN 11 VLAN 12 VLAN 13 VLAN 11 VLAN 12 VLAN 13
Trunk TrunkVLAN11:192.168.1.254VLAN12:192.168.2.254VLAN13:192.168.3.254
192.168.1.1Gw:192.168.1.254
192.168.2.1Gw:192.168.2.254
192.168.3.1Gw:192.168.3.254
192.168.1.2Gw:192.168.1.254
192.168.2.2Gw:192.168.2.254
192.168.3.2Gw:192.168.3.254
Src IP Dest IP
192.168.1.1 192.168.2.2
Src Mac Dest Mac
PC A Mac VLAN11 Mac
A B C D E F
Src IP Dest IP
192.168.1.1 192.168.2.1
Src Mac Dest Mac
VLAN 12 Mac PC E Mac
![Page 18: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/18.jpg)
Static Routing
VLAN 11 VLAN 12 VLAN 1 VLAN 2
Trunk Trunk
192.168.1.1Gw:192.168.1.254
192.168.2.1Gw:192.168.2.254
10.1.1.1Gw:10.1.1.254
10.1.2.1Gw:10.1.2.254
A B C D
ip route 10.1.1.0 255.255.255.0 gw 172.16.1.2ip route 10.1.2.0 255.255.255.0 gw 172.16.1.2
172.16.1.1
172.16.1.2
ip route 192.168.1.0 255.255.255.0 gw 172.16.1.2ip route 192.168.2.0 255.255.255.0 gw 172.16.1.2
![Page 19: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/19.jpg)
開啟 LAB-HW.pkt
從主機 A使用 PING主機 D
使用 HW4.pkt
從主機 A使用 PING主機 D
使用模擬器的 Simulation觀察網路狀態
說明使用 PING從主機 A到主機 D時, ARP傳遞的狀況,以及說明主機 A
無法 PING到主機 D的原因
Homework
![Page 20: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/20.jpg)
Homework
IP 192.168.1.1
Mac 0260.8c01.1111
IP 192.168.1.3
Mac 0260.8c01.3333
IP 192.168.1.2
Mac 0260.8c01.2222
IP 192.168.1.4
Mac 0260.8c01.4444
Mac Address Table Mac Address Table
E1
E2
E3
E1: 260.8c01.1111
E1E3
E4
E1: 260.8c01.1111
SRC IP 192.168.1.1 DST IP 192.168.1.4
SRC Mac 0260.8c01.1111 DST Mac ffff.ffff.ffff
ARP Request
![Page 21: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/21.jpg)
Homework
IP 192.168.1.1
Mac 0260.8c01.1111
IP 192.168.1.3
Mac 0260.8c01.3333
IP 192.168.1.2
Mac 0260.8c01.2222
IP 192.168.1.4
Mac 0260.8c01.4444
Mac Address Table Mac Address Table
E1
E2
E3
E1: 260.8c01.1111
E1E3
E4
E1: 260.8c01.1111
SRC IP 192.168.1.4 DST IP 192.168.1.1
SRC Mac 0260.8c01.4444 DST Mac 0260.8c01.1111
E4: 260.8c01.4444E3: 260.8c01.4444
SRC IP 192.168.1.1 DST IP 192.168.1.4
SRC Mac 0260.8c01.1111 DST Mac 0260.8c01.4444
ARP ReplyDATA Transfer
![Page 22: Cisco Lab - Switch 2013.03.18. 大綱 Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework.](https://reader035.fdocuments.net/reader035/viewer/2022062314/56649db35503460f94aa2ba9/html5/thumbnails/22.jpg)
IP 192.168.1.1
Mac 00D0.97DD.C02C
IP 192.168.1.3
Mac 0050.0F73.E116
IP 192.168.1.2
Mac 0030.F2E6.20EA
IP 192.168.1.4
Mac 00E0.8F0B.0B88
Mac Address Table Mac Address Table
Fa0/1
Fa0/2
Fa0/23 Fa0/23Fa0/1
Fa0/2
Homework
Fa0/23Fa0/24