三层交换技术
1.三层交换机 = 三层路由+二层交换机
2.三层路由引擎是可以关闭或开启的
config terminal ip routing //开启三层路由功能 no ip routing //关闭三层路由功能
3.三层交换机的优点:
与单臂路由相比:
1)解决了网络瓶颈问题
2)解决了单点故障(虚拟接口不再依赖任何物理接口)
3)一次路由,永久交换
CEF表(快速交换表)
CEF(Cisco Express Forwarding,Cisco特快交换)技术是思科公司推出的一种全新的路由交换方案,它具有良好的交换性能,增强的交换体系结构和极高的包转发速率。
邻接关系表
4.三层交换机上起虚接口(配置VLAN的网关)
interface vlan 10 ip address 10.1.1.254 255.255.255.0 no shutdown exit
5.二层端口升级为三层端口
interface f0/x no switchport ip address 20.1.1.254 255.255.255.0 no shutdown exit
HSRP协议/VRRP协议
热备份路由协议(备份网关)
1. HSRP组号:1-255
没有大小之分
2. 虚拟路由器的IP成为虚拟IP地址
3. HSRP组的成员:
1)虚拟路由器(老大)
2)活跃路由器
3)备份路由器
4)其他路由器
4. HSRP优先级:1-255
默认为100
5. HSRP组成员通过定时发送hello包来交流,默认每隔3秒。hello时间3秒,坚持时间10秒。
6. 占先权preempt
作用:当检测不到对方,或检测到对方优先级比自己低,立即抢占活跃路由的名分。
7. 配置跟踪track,跟踪外网端口状态,当外网down掉,则自降优先级
相关命令
standby 1 ip 192.168.1.252 //设置虚拟网关 standby 1 priority 200 //设置热备的优先级 standby 1 preempt //设置占先权 standby 1 track f0/1 //配置跟踪track,默认值为10 show standby //查看HSRP备份信息
三层交换综合实验
需求:
1.实现改拓扑图中全网互通,且sw1、sw2、core-1、core-2之间任意一个线路不通,均不影响设备通信
交换部分
1)配置trunk
核心交换机core-1、core2的配置
Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname core-2 core-2(config)#interface range f0/3 - 5 core-2(config-if-range)#switchport trunk encapsulation dot1q core-2(config-if-range)#switchport mode trunk core-2(config-if-range)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up core-2(config-if-range)#exit
二层交换机sw1、sw2的配置
Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname sw2 sw2(config)#interface range f0/3 - 4 sw2(config-if-range)#switchport mode trunk sw2(config-if-range)#exit
2)在core-1核心交换机上配置VTP并创建VLAN
core-1(config)#vtp domain wencoll Changing VTP domain name from NULL to wencoll core-1(config)#vlan 10 core-1(config-vlan)#exit core-1(config)#vlan 20 core-1(config-vlan)#exit core-1(config)#vlan 30 core-1(config-vlan)#exit core-1(config)#vlan 40 core-1(config-vlan)#exit
3)去二层交换机加入端口到VLAN
sw1的配置
sw1(config)#interface f0/1 sw1(config-if)#switchport access vlan 10 sw1(config-if)#exit sw1(config)#interface f0/2 sw1(config-if)#switchport access vlan 20 sw1(config-if)#exit
sw2的配置
sw2(config)#interface f0/1 sw2(config-if)#switchport access vlan 30 sw2(config-if)#exit sw2(config)#interface f0/2 sw2(config-if)#switchport access vlan 40 sw2(config-if)#exit
4)起网关/起三层
core-1的配置
core-1(config)#ip routing core-1(config)#interface vlan 10 core-1(config-if)#ip address 10.1.1.252 255.255.255.0 core-1(config-if)#no shutdown core-1(config-if)#exit core-1(config)#interface vlan 20 core-1(config-if)#ip address 20.1.1.252 255.255.255.0 core-1(config-if)#no shutdown core-1(config-if)#exit core-1(config)#interface vlan 30 core-1(config-if)#ip address 30.1.1.252 255.255.255.0 core-1(config-if)#no shutdown core-1(config-if)#exit core-1(config)#interface vlan 40 core-1(config-if)#ip address 40.1.1.252 255.255.255.0 core-1(config-if)#no shutdown core-1(config-if)#exit %LINK-5-CHANGED: Interface Vlan10, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up %LINK-5-CHANGED: Interface Vlan20, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up %LINK-5-CHANGED: Interface Vlan30, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up %LINK-5-CHANGED: Interface Vlan40, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan40, changed state to up
core-2的配置
core-2(config)#ip routing core-2(config)#interface vlan 10 core-2(config-if)#ip address 10.1.1.253 255.255.255.0 core-2(config-if)#no shutdown core-2(config-if)#exit core-2(config)#interface vlan 20 core-2(config-if)#ip address 20.1.1.253 255.255.255.0 core-2(config-if)#no shutdown core-2(config-if)#exit core-2(config)#interface vlan 30 core-2(config-if)#ip address 30.1.1.253 255.255.255.0 core-2(config-if)#no shutdown core-2(config-if)#exit core-2(config)#interface vlan 40 core-2(config-if)#ip address 40.1.1.253 255.255.255.0 core-2(config-if)#no shutdown core-2(config-if)#exit %LINK-5-CHANGED: Interface Vlan10, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up %LINK-5-CHANGED: Interface Vlan20, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up %LINK-5-CHANGED: Interface Vlan30, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up %LINK-5-CHANGED: Interface Vlan40, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan40, changed state to up
5)配置HSRP热备份
core-1的配置
core-1(config-if)#interface vlan 10 core-1(config-if)#standby 10 ip 10.1.1.254 core-1(config-if)#standby 10 priority 200 core-1(config-if)#standby 10 preempt core-1(config-if)#standby 10 track f0/1 core-1(config-if)#exit core-1(config)#interface vlan 20 core-1(config-if)#standby 20 ip 20.1.1.254 core-1(config-if)#standby 20 priority 200 core-1(config-if)#standby 20 preempt core-1(config-if)#standby 20 track f0/1 core-1(config-if)#exit core-1(config)#interface vlan 30 core-1(config-if)#standby 30 ip 30.1.1.254 core-1(config-if)#standby 30 priority 195 core-1(config-if)#standby 30 preempt core-1(config-if)#standby 30 track f0/1 core-1(config-if)#exit core-1(config)#interface vlan 40 core-1(config-if)#standby 40 ip 40.1.1.254 core-1(config-if)#standby 40 priority 195 core-1(config-if)#standby 40 preempt core-1(config-if)#standby 40 track f0/1 core-1(config-if)#exit core-1(config)#do show standby brie P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Vl10 10 190 P Active local 10.1.1.253 10.1.1.254 Vl20 20 190 P Active local 20.1.1.253 20.1.1.254 Vl30 30 185 P Standby 30.1.1.253 local 30.1.1.254 Vl40 40 185 P Standby 40.1.1.253 local 40.1.1.254
core-2的配置
core-2(config)#interface vlan 10 core-2(config-if)#standby 10 ip 10.1.1.254 core-2(config-if)#standby 10 priority 195 core-2(config-if)#standby 10 preempt core-2(config-if)#standby 10 track f0/1 core-2(config-if)#exit core-2(config)#interface vlan 20 core-2(config-if)#standby 20 ip 20.1.1.254 core-2(config-if)#standby 20 priority 195 core-2(config-if)#standby 20 preempt core-2(config-if)#standby 20 track f0/1 core-2(config-if)#exit core-2(config)#interface vlan 30 core-2(config-if)#standby 30 ip 30.1.1.254 core-2(config-if)#standby 30 priority 200 core-2(config-if)#standby 30 preempt core-2(config-if)#standby 30 track f0/1 core-2(config-if)#exit core-2(config)#interface vlan 40 core-2(config-if)#standby 40 ip 40.1.1.254 core-2(config-if)#standby 40 priority 200 core-2(config-if)#standby 40 preempt core-2(config-if)#standby 40 track f0/1 core-2(config-if)#exit
测试:
路由部分:
core-1的配置
core-1(config)#interface f0/1 core-1(config-if)#no switchport core-1(config-if)#ip address 50.1.1.2 255.255.255.0 core-1(config-if)#no shutdown core-1(config-if)#exit core-1(config)#ip route 0.0.0.0 0.0.0.0 50.1.1.1 core-1(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 50.1.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Vlan10 20.0.0.0/24 is subnetted, 1 subnets C 20.1.1.0 is directly connected, Vlan20 30.0.0.0/24 is subnetted, 1 subnets C 30.1.1.0 is directly connected, Vlan30 40.0.0.0/24 is subnetted, 1 subnets C 40.1.1.0 is directly connected, Vlan40 50.0.0.0/24 is subnetted, 1 subnets C 50.1.1.0 is directly connected, FastEthernet0/1 S* 0.0.0.0/0 [1/0] via 50.1.1.1
core-2的配置
core-2(config)#interface f0/1 core-2(config-if)#no switchport core-2(config-if)#ip address 60.1.1.2 255.255.255.0 core-2(config-if)#no shutdown core-2(config-if)#exit core-2(config)#ip route 0.0.0.0 0.0.0.0 60.1.1.1 core-2(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 60.1.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Vlan10 20.0.0.0/24 is subnetted, 1 subnets C 20.1.1.0 is directly connected, Vlan20 30.0.0.0/24 is subnetted, 1 subnets C 30.1.1.0 is directly connected, Vlan30 40.0.0.0/24 is subnetted, 1 subnets C 40.1.1.0 is directly connected, Vlan40 60.0.0.0/24 is subnetted, 1 subnets C 60.1.1.0 is directly connected, FastEthernet0/1 S* 0.0.0.0/0 [1/0] via 60.1.1.1
r1的配置
r1(config)#interface f0/0 r1(config-if)#ip address 50.1.1.1 255.255.255.0 r1(config-if)#no shutdown r1(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up r1(config-if)#exit r1(config)#interface f0/1 r1(config-if)#ip address 60.1.1.1 255.255.255.0 r1(config-if)#no shutdown r1(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up r1(config-if)#exit r1(config)#interface f1/0 r1(config-if)#ip address 70.1.1.1 255.255.255.0 r1(config-if)#no shutdown r1(config-if)# %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to up r1(config-if)#exit r1(config)#ip route 80.1.1.0 255.255.255.0 70.1.1.2 r1(config)#ip route 90.1.1.0 255.255.255.0 70.1.1.2 r1(config)#ip route 10.1.1.0 255.255.255.0 50.1.1.2 r1(config)#ip route 20.1.1.0 255.255.255.0 50.1.1.2 r1(config)#ip route 10.1.1.0 255.255.255.0 60.1.1.2 2 r1(config)#ip route 20.1.1.0 255.255.255.0 60.1.1.2 2 r1(config)#ip route 30.1.1.0 255.255.255.0 60.1.1.2 r1(config)#ip route 30.1.1.0 255.255.255.0 50.1.1.2 2 r1(config)#ip route 40.1.1.0 255.255.255.0 60.1.1.2 r1(config)#ip route 40.1.1.0 255.255.255.0 50.1.1.2 2 r1(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 1 subnets S 10.1.1.0 [1/0] via 50.1.1.2 20.0.0.0/24 is subnetted, 1 subnets S 20.1.1.0 [1/0] via 50.1.1.2 30.0.0.0/24 is subnetted, 1 subnets S 30.1.1.0 [1/0] via 60.1.1.2 40.0.0.0/24 is subnetted, 1 subnets S 40.1.1.0 [1/0] via 60.1.1.2 50.0.0.0/24 is subnetted, 1 subnets C 50.1.1.0 is directly connected, FastEthernet0/0 60.0.0.0/24 is subnetted, 1 subnets C 60.1.1.0 is directly connected, FastEthernet0/1 70.0.0.0/24 is subnetted, 1 subnets C 70.1.1.0 is directly connected, FastEthernet1/0 80.0.0.0/24 is subnetted, 1 subnets S 80.1.1.0 [1/0] via 70.1.1.2 90.0.0.0/24 is subnetted, 1 subnets S 90.1.1.0 [1/0] via 70.1.1.2
r2的配置
Router(config)#hostname r2 r2(config)#interface f0/0 r2(config-if)#ip address 70.1.1.2 255.255.255.0 r2(config-if)#no shutdown r2(config-if)#exit %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up r2(config-if)#interface f0/1 r2(config-if)#ip address 80.1.1.1 255.255.255.0 r2(config-if)#no shutdown r2(config-if)#exit r2(config)#ip route 90.1.1.0 255.255.255.0 80.1.1.2 r2(config)#ip route 0.0.0.0 0.0.0.0 70.1.1.1 r2(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 70.1.1.1 to network 0.0.0.0 70.0.0.0/24 is subnetted, 1 subnets C 70.1.1.0 is directly connected, FastEthernet0/0 80.0.0.0/24 is subnetted, 1 subnets C 80.1.1.0 is directly connected, FastEthernet0/1 90.0.0.0/24 is subnetted, 1 subnets S 90.1.1.0 [1/0] via 80.1.1.2 S* 0.0.0.0/0 [1/0] via 70.1.1.1
r3的配置
Router(config)#hostname r3 r3(config)#interface f0/0 r3(config-if)#ip address 80.1.1.2 255.255.255.0 r3(config-if)#no shutdown r3(config-if)#exit r3(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up r3(config-if)#exit r3(config)#interface f0/1 r3(config-if)#ip address 90.1.1.254 255.255.255.0 r3(config-if)#no shutdown r3(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up ex r3(config)#exit r3(config)#ip route 0.0.0.0 0.0.0.0 80.1.1.1 r3(config)#do show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 80.1.1.1 to network 0.0.0.0 80.0.0.0/24 is subnetted, 1 subnets C 80.1.1.0 is directly connected, FastEthernet0/0 90.0.0.0/24 is subnetted, 1 subnets C 90.1.1.0 is directly connected, FastEthernet0/1 S* 0.0.0.0/0 [1/0] via 80.1.1.1
验证:
