28-1 聚合VLAN配置

拓扑

配置

AR1

#
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
#
ip route-static 0.0.0.0 0.0.0.0 12.1.1.2

LSW2

#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20 30
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 20

LSW3

#
vlan batch 10
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 10 20 30
#

LSW1(聚合VLAN配置)

#
vlan batch 10 20 100
#
vlan 100
 aggregate-vlan
 access-vlan 10 20
#
interface Vlanif1
 ip address 12.1.1.2 255.255.255.0
#
interface Vlanif100
 ip address 192.168.1.254 255.255.255.0
 arp-proxy inter-sub-vlan-proxy enable
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20 30
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 20 30

通信过程抓包理解

PC1 通信 PC3

PC>ping 192.168.1.2

Ping 192.168.1.2: 32 data bytes, Press Ctrl_C to break
From 192.168.1.2: bytes=32 seq=1 ttl=127 time=94 ms
From 192.168.1.2: bytes=32 seq=2 ttl=127 time=78 ms

--- 192.168.1.2 ping statistics ---
  2 packet(s) transmitted
  2 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 78/86/94 ms

1.PC1通过计算确定是同网段通信，发送ARP请求PC3的MAC地址（LSW1的GE0/0/2抓包），Super-VLAN接受到来自PC1的ARP请求后，从所有Sub-VLAN转发
从VLAN20发出

从VLAN30发出

从VLAN10发出

2.PC3收到标记了VLAN30的ARP请求后，记录PC1的IP地址和Super-VLAN的MAC地址绑定， 将ARP Reply回复给Super-VLAN（LSW1的GE0/0/2抓包）

3.LSW1收到PC3的ARP Reply后将ARP Reply转发给PC1，但是PC3的MAC地址修改为Super-VLAN三层接口的MAC地址（LSW1的GE0/0/1抓包）

4.PC1在封给PC3的ICMP数据时，会封装目的MAC地址为Super-VLAN的三层接口

5.LSW1在从GE0/0/2接口转发时，源MAC地址也封装成了VLANIF100的地址

6.PC3回包同理

PC1，2，3访问AR1

在AR1的GE0/0/0处抓包,都是通过同一网关来的