一、单臂路由
- VLAN控制广播域
- 不同的vlan间无法通信
- 1个vlan=1个网段
- 不同vlan间通信是靠路由来实现的
单臂路由实验:
拓扑图:
要求:
该拓扑图中的所有pc能够互相通信
1 ) sw1交换机的配置
Switch>enable Switch#config terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname sw1 #修改交换机名为sw1 sw1(config)#vlan 10 sw1(config-vlan)#exit sw1(config)#vlan 20 sw1(config-vlan)#exit sw1(config)#interface f0/1 sw1(config-if)#switchport access vlan 10 sw1(config-if)#exit sw1(config)#interface f0/2 sw1(config-if)#switchport access vlan 20 sw1(config-if)#exit sw1(config)#interface f0/3 sw1(config-if)#switchport mode trunk sw1(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up sw1(config-if)#exit sw1(config)#do show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24, Gig0/1, Gig0/2 10 VLAN0010 active Fa0/1 20 VLAN0020 active Fa0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active
2 )sw2交换机上的配置
Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 10 Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#exit Switch(config)#interface f0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface f0/2 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface f0/3 Switch(config-if)#switchport mode trunk Switch(config-if)#exit Switch(config)#hostname sw2 sw2(config)#interface f0/5 sw2(config-if)#switchport mode trunk sw2(config-if)#exit sw2(config)#do show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24, Gig0/1, Gig0/2 10 VLAN0010 active Fa0/1 20 VLAN0020 active Fa0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active
3 )r1的配置
Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname r1 r1(config)#interface f0/0 r1(config-if)#no shutdown r1(config-if)#exit r1(config)#interface f0/0.1 %LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state to up r1(config-subif)#encapsulation dot1Q 10 r1(config-subif)#ip add 10.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#interface f0/0.2 %LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state to up r1(config-subif)#encapsulation dot1Q 20 r1(config-subif)#ip add 20.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#do show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset up up FastEthernet0/0.1 10.1.1.254 YES manual up up FastEthernet0/0.2 20.1.1.254 YES manual up up FastEthernet0/1 unassigned YES unset up down Vlan1 unassigned YES unset administratively down down
4 ) 在10.1.1.1的pc上进行测试
二、DHCP中继
单臂路由的缺点:
网络瓶颈
容易发生单点物理故障
所有的子接口依赖于总物理接口
VLAN间通信的每一个帧都进行单独路由
在三层路由器上部署DHCP服务器
config terminal ip dhcp excluded-address 10.1.1.1 10.1.1.99 //排出10.1.1.1到10.1.1.99的ip ip dhcp pool v10 network 10.1.1.0 255.255.255.0 //配置地址池 default-router 10.1.1.254 //配置默认路由 dns-server 40.1.1.1 lease 1 0 0 //天、小时、分钟,1整天0小时0分钟 exit
实验:
实验需求:
1、要求员工自动获取ip,内网所有VLAN可以全部互通!且都可以与70.1.1.22通信 (要求用到VIP)
2、要求所有员工可以通过http://www.qf.com访问vlan40中的服务器网站
1) sw1、sw2、sw3的配置,这里仅演示sw1上的配置:
Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname sw1 sw1(config)#vlan 10 sw1(config-vlan)#exit sw1(config)#vlan 20 sw1(config-vlan)#exit sw1(config)#vlan 30 sw1(config-vlan)#exit sw1(config)#vlan 40 sw1(config-vlan)#exit sw1(config)#interface f0/1 sw1(config-if)#switchport access vlan 10 sw1(config-if)#exit sw1(config)#interface f0/2 sw1(config-if)#switchport access vlan 20 sw1(config-if)#exit sw1(config)#interface f0/3 sw1(config-if)#switchport mode trunk sw1(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up sw1(config-if)#exit
2) R1路由器的配置
Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname r1 r1(config)#ip dhcp excluded-address 10.1.1.1 10.1.1.99 r1(config)#ip dhcp pool v10 r1(dhcp-config)#network 10.1.1.0 255.255.255.0 r1(dhcp-config)#network 10.1.1.0 255.255.255.0 r1(dhcp-config)#default-router 10.1.1.254 r1(dhcp-config)#dns-server 40.1.1.1 r1(dhcp-config)#exit r1(config)#ip dhcp excluded-address 20.1.1.1 20.1.1.99 r1(config)#ip dhcp pool v20 r1(dhcp-config)#network 20.1.1.0 255.255.255.0 r1(dhcp-config)#network 20.1.1.0 255.255.255.0 r1(dhcp-config)#default-router 20.1.1.254 r1(dhcp-config)#dns-server 40.1.1.1 r1(dhcp-config)#exit r1(config)#ip dhcp excluded-address 30.1.1.1 30.1.1.99 r1(config)#ip dhcp pool v30 r1(dhcp-config)#network 30.1.1.0 255.255.255.0 r1(dhcp-config)#network 30.1.1.0 255.255.255.0 r1(dhcp-config)#default-router 30.1.1.254 r1(dhcp-config)#dns-server 40.1.1.1 r1(dhcp-config)#exit r1(config)#ip dhcp pool v40 r1(dhcp-config)#network 40.1.1.0 255.255.255.0 r1(dhcp-config)#network 40.1.1.0 255.255.255.0 r1(dhcp-config)#default-router 40.1.1.254 r1(dhcp-config)#dns-server 40.1.1.1 r1(dhcp-config)#exit r1(config)#interface f0/0.1 r1(config-subif)#encapsulation dot1Q 10 r1(config-subif)#ip add 10.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#interface f0/0.2 r1(config-subif)#encapsulation dot1Q 20 r1(config-subif)#ip add 20.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#interface f0/0.3 r1(config-subif)#encapsulation dot1Q 30 r1(config-subif)#ip add 30.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#interface f0/0.4 r1(config-subif)#encapsulation dot1Q 40 r1(config-subif)#ip add 40.1.1.254 255.255.255.0 r1(config-subif)#no shutdown r1(config-subif)#exit r1(config)#interface f0/0 r1(config-if)#no shutdown r1(config-if)#exit r1(config)#interface f0/1 r1(config-if)#ip add 50.1.1.1 255.255.255.0 r1(config-if)#no shutdown r1(config-if)#exit r1(config)#ip route 0.0.0.0 0.0.0.0 50.1.1.2 r1(config)#do show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset up up FastEthernet0/0.1 10.1.1.254 YES manual up up FastEthernet0/0.2 20.1.1.254 YES manual up up FastEthernet0/0.3 30.1.1.254 YES manual up up FastEthernet0/0.4 40.1.1.254 YES manual up up FastEthernet0/1 50.1.1.1 YES manual up down Vlan1 unassigned YES unset administratively down down r1(config)#ip route 60.1.1.0 255.255.255.0 50.1.1.2 r1(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, FastEthernet0/0.1 20.0.0.0/24 is subnetted, 1 subnets C 20.1.1.0 is directly connected, FastEthernet0/0.2 30.0.0.0/24 is subnetted, 1 subnets C 30.1.1.0 is directly connected, FastEthernet0/0.3 40.0.0.0/24 is subnetted, 1 subnets C 40.1.1.0 is directly connected, FastEthernet0/0.4 50.0.0.0/24 is subnetted, 1 subnets S 60.1.1.0 [1/0] via 50.1.1.2
3) R2路由器的配置
Router>enable Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname r2 r2(config)#interface f0/0 r2(config-if)#ip address 50.1.1.2 255.255.255.0 r2(config-if)#no shutdown r2(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up r2(config-if)#exit r2(config)#interface f0/1 r2(config-if)#ip address 60.1.1.254 255.255.255.0 r2(config-if)#no shutdown r2(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up r2(config-if)#exit r2(config)#ip route 0.0.0.0 0.0.0.0 50.1.1.1 r2(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 50.1.1.1 to network 0.0.0.0 50.0.0.0/24 is subnetted, 1 subnets C 50.1.1.0 is directly connected, FastEthernet0/0 60.0.0.0/24 is subnetted, 1 subnets C 60.1.1.0 is directly connected, FastEthernet0/1 S* 0.0.0.0/0 [1/0] via 50.1.1.1 r2(config)# do show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 50.1.1.2 YES manual up up FastEthernet0/1 60.1.1.254 YES manual up up Vlan1 unassigned YES unset administratively down down
ICMP协议
1.ICMP端口号是?没有端口号
2.ICMP协议是干什么的
网络探测与回馈机制
作用:
网络探测
路由跟踪
错误反馈
3.ICMP协议的封装格式:
ICMP头:ICMP类型、代码
ICMP类型字段:
8:ping请求
0:ping应答
3:目标主机不可达
11:TTL超时
