连网技术与网络管理 作业一 vlan间路由实现

创建vlan，绑定ip

en

conf t

vlan 10

ip address 192.168.10.1 255.255.255.0

no shutdown     // no shutdown是开启端口的意思,路由器开机以后端口默认的状态是shutdown的,所以必须用no shutdown来开启端口

把端口划分到vlan上

en

conf t

int fa0/2

switchport mode access   这个是显示设定，默认是access，并且是动态的。(如果不配置，如果线路的另一方过来的是trunk，这边也会自动切换为trunk)

switchport access vlan 10

保存

en

write

重启交换机

en

reload

显示vlan

show vlan

显示端口

show interfaces =switchport

设置trunk以及802.1q

en

conf t

int fa0/1

switchport mode trunk

switchport trunk encapsulation dot1q

激活layer 3交换机的路由功能

ip routing

查看路由

show ip route

 

 

 

问题

PC-11 with IP 192.168.10.2 and gateway 192.168.10.1
PC-21 with IP 192.168.20.2 and gateway 192.168.20.1
 both of them connect to switch A which is 2960

PC-12 with IP 192.168.10.3 and gateway 192.168.10.1
PC-22 with IP 192.168.20.3 and gateway 192.168.20.1
both of them connect to switch B which is 3560

And switch A connect to switch B

I tried to ping PC-21 whose IP is 192.168.20.2 on PC-11 whose IP  192.168.10.2 is , why it did not work?

 

回答

By default, two devices in different subnets cannot communicate directly with each other without a router. In this case, PC-11 and PC-21 are in different subnets (192.168.10.0/24 and 192.168.20.0/24), so they cannot communicate directly without a router.

Although both switches are connected to each other, they are not configured to route traffic between the two subnets. Therefore, when PC-11 tries to ping PC-21, it sends the ping packet to its default gateway, which is 192.168.10.1 (the IP address of Switch A interface connected to PC-11). Switch A does not know how to reach the destination IP address 192.168.20.2, so it drops the packet.

To solve this issue, you need to configure a router to connect the two subnets, or configure a Layer 3 switch that can route traffic between VLANs. Alternatively, you can connect all devices to the same subnet so they can communicate directly without a router.

 

If you want to rename a switch in Cisco Packet Tracer using the command line interface, you can follow these steps:

1. Open the command prompt on your computer and enter the command "telnet 127.0.0.1" to connect to the local Packet Tracer instance.
2. Enter the command "enable" to enter privileged EXEC mode.
3. Enter the command "configure terminal" to enter global configuration mode.
4. Enter the command "hostname [new hostname]" to change the hostname of the switch to your desired name. Make sure to replace [new hostname] with the name you want to use.
5. Enter the command "end" to exit global configuration mode.
6. Enter the command "write memory" to save the changes to the switch's configuration.

Once you have completed these steps, the switch in Cisco Packet Tracer should be renamed to the new hostname you specified.

 

"switchport trunk encapsulation dot1q" is a command used in Cisco IOS (Internetwork Operating System) to set the encapsulation method used for trunk links between switches.

The "dot1q" part of the command refers to the IEEE 802.1Q standard for VLAN tagging, which is a method used to identify VLAN membership for frames being transmitted over a trunk link.

This command should be used on a switch port configured as a trunk, and it specifies that the switch should use the IEEE 802.1Q standard for VLAN tagging on that port.

 

 

Cisco Catalyst 2960 and Catalyst 3560 are two types of switches manufactured by Cisco. The main difference between the two switches is that the Catalyst 2960 is a layer 2 switch, while the Catalyst 3560 is a multilayer switch, which means it can operate at both layer 2 and layer 3 of the OSI model.

The Catalyst 2960 is a basic switch that provides functionalities such as VLANs, port mirroring, and QoS. It can also support basic routing using the IP routing protocol, but it does not support advanced routing protocols such as BGP and OSPF. It is designed to be an affordable option for small to medium-sized businesses.

On the other hand, the Catalyst 3560 is a multilayer switch that provides additional features such as advanced QoS, security, and routing capabilities. It supports advanced routing protocols such as OSPF, BGP, and EIGRP, and can handle more complex network configurations. The Catalyst 3560 is typically used in larger organizations or in situations where advanced routing and security features are required.

In summary, if you need basic switching capabilities for a small to medium-sized network, the Catalyst 2960 would be a good choice. If you require advanced routing and security features for a larger network, the Catalyst 3560 would be more appropriate.

 

When we set the VLAN IP address as the gateway on a switch, it means that the switch will act as the default gateway for the devices in that VLAN. This allows the devices in that VLAN to communicate with devices outside of the VLAN or subnet. When a device in the VLAN sends a packet to a device outside of the VLAN, the packet will be sent to the switch and then to the gateway IP address, which is the IP address of the switch in that VLAN. The switch will then forward the packet to the appropriate destination based on its routing table.

 

问题2

PC-11 with IP 192.168.10.2 and gateway 192.168.10.1
PC-21 with IP 192.168.20.2 and gateway 192.168.20.1
 both of them connect to switch A which is 2960

When I ping 192.168.20.2 on 192.168.10.2, why the arp dest ip is 192.168.10.1?

回答

When you ping 192.168.20.2 on 192.168.10.2, the source IP address is 192.168.10.2, and the destination IP address is 192.168.20.2. Since the two PCs are in different subnets, the source PC 192.168.10.2 needs to send the packet to its default gateway (192.168.10.1), which will then route the packet to the destination PC 192.168.20.2.

The ARP protocol is used to resolve the MAC address of the default gateway 192.168.10.1. The source PC 192.168.10.2 first checks its ARP cache to see if it already has the MAC address of the gateway. If the MAC address is not in the cache, the source PC sends an ARP broadcast message asking "who has the IP address 192.168.10.1?". The broadcast message will be forwarded by the switch to all connected devices in the same VLAN.

The ARP broadcast message contains the destination IP address 192.168.10.1 in its payload, which is why you see the destination IP as 192.168.10.1 in the ARP request. Once the ARP request reaches the default gateway, the gateway will reply with its MAC address, and the source PC will update its ARP cache with the MAC address of the gateway. The source PC can then encapsulate the ping packet with the MAC address of the gateway as the destination MAC and send it out on the network.

 

从switch 2960转发到switch 3560的数据包，

Inbound是Ethernet II

Outbound是Ethernet 802.1q

 

The switchport mode command is used to configure the operational mode of a switch port. It specifies whether a port is an access port or a trunk port.

• switchport mode access: This command sets the port to operate as an access port. Access ports are used to connect end devices like PCs, servers, or IP phones to the switch. By default, an access port belongs to VLAN 1, but you can assign it to any VLAN.

• switchport mode trunk: This command sets the port to operate as a trunk port. Trunk ports are used to carry traffic for multiple VLANs between switches. The traffic is tagged with the appropriate VLAN ID so that it can be distinguished by the receiving switch.

 

不引入layer3 switch

it is possible to make PC-11 communicate with PC-21 without changing their IP addresses and gateways, but it would require additional configuration.

One solution would be to use VLAN routing, where the switch A is configured to route traffic between VLANs. In this case, you would need to create two VLANs on the switch A, one for each subnet. Then, you would configure the switch A to route traffic between the two VLANs.

To do this, you would need to assign the switch A an IP address for each VLAN interface, and configure each PC to use the switch A as its default gateway. The switch A would then be responsible for routing traffic between the two subnets.

 

to configure VLAN routing on switch A, you would need to assign an IP address to each VLAN interface. Here's how you can do this on switch A:

1. Log in to the switch A using a terminal emulator such as PuTTY or the console cable.

2. Enter privileged EXEC mode by typing "enable" and entering the enable password if prompted.

3. Enter global configuration mode by typing "configure terminal".

4. Create the two VLANs on switch A using the "vlan" command. For example, to create VLAN 10 for PC-11's subnet, type "vlan 10". To create VLAN 20 for PC-21's subnet, type "vlan 20".

5. Assign an IP address to each VLAN interface using the "interface vlan" command. For example, to assign IP address 192.168.10.1 to the interface for VLAN 10, type "interface vlan 10" followed by "ip address 192.168.10.1 255.255.255.0". To assign IP address 192.168.20.1 to the interface for VLAN 20, type "interface vlan 20" followed by "ip address 192.168.20.1 255.255.255.0".

6. Exit configuration mode by typing "exit" twice.

Once the VLAN interfaces are configured with IP addresses, the switch A can be used to route traffic between the two VLANs.

 

The difference between layer2 and layer3 switches?

The primary difference between Layer 2 and Layer 3 switches is the level of the OSI model at which they operate.

Layer 2 switches operate at the Data Link Layer (Layer 2) of the OSI model, which means they can only switch traffic within a single VLAN. They use MAC addresses to forward packets between devices on the same VLAN, and they typically support features such as VLANs, link aggregation, and Spanning Tree Protocol (STP) to provide redundancy and manage network loops.

Layer 3 switches, on the other hand, operate at the Network Layer (Layer 3) of the OSI model, which means they can perform routing between multiple VLANs and subnets. In addition to using MAC addresses to switch traffic within a VLAN, they use IP addresses and routing protocols to forward packets between VLANs and subnets. This allows them to perform advanced routing features such as Quality of Service (QoS), Access Control Lists (ACLs), and multicast routing.

Another key difference between Layer 2 and Layer 3 switches is their price and complexity. Layer 3 switches are generally more expensive than Layer 2 switches and can be more complex to configure and manage. However, they offer more advanced routing features and can improve network performance and scalability in environments with multiple VLANs and subnets.

Overall, the choice between a Layer 2 or Layer 3 switch depends on the specific requirements of your network. If you only need to switch traffic within a single VLAN, a Layer 2 switch may be sufficient. If you need to route traffic between VLANs or subnets, a Layer 3 switch is required.

 

 

作者:Chuck Lu    GitHub