Cisco router VLan isolation LAN broadcast packet configuration experiment and summary, ciscovlan
1. Tutorial Description: connect to and set the IP address of the PC according to the network topology. PC1 and PC2 are required to be accessed on VLAN 12, while PC3 and PC4 are accessed on VLAN 34, PC1 and PC2 are interconnected, PC3 and PC4 are interconnected, and VLan 12 and VLan 34 are interconnected to isolate the broadcast domains of the LAN. The figure is as follows:
Ii. Ideas:
① Create a VLAN
② Set access mode to access a fixed Vlan
③ Set turnk mode to transmit multiple VLANs
④ Verify Configuration
⑤ Connectivity test
3. main steps:
@ Vswitch 1 basic configuration
Switch> enable
Switch # configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch (config) # no ip domain lookup
Switch (config) # hostname SW1
@ Create a Vlan on vswitch 1
SW1 (config) # vlan 12
SW1 (config-vlan) # exit
SW1 (config) # vlan 34
SW1 (config-vlan) # exit
@ Set access mode on vswitch 1
SW1 (config) # interface f0/1
SW1 (config-if) # switchport mode access
SW1 (config-if) # switchport access vlan 12 // place the access mode port in VLan 12
SW1 (config-if) # no shutdown // it is best to enable the port, just in case
SW1 (config-if) # exit
SW1 (config) # interface f0/4
SW1 (config-if) # switchport mode access
SW1 (config-if) # switchport access vlan 34 // place the access mode port in VLan 34
SW1 (config-if) # no shutdown // it is best to enable the port, just in case
SW1 (config-if) # exit
SW1 # show vlan brief
VLAN Name Status Ports
----------------------------------------------------------------------------
1 default active Fa0/2, Fa0/3, Fa0/5, Fa0/6 ......
12 VLAN0012 active Fa0/1
34 VLAN0034 active Fa0/4
......
@ On vswitch 1, set the interconnected port of the vswitch to the trunk mode.
SW1 (config) # interface f0/24
SW1 (config-if) # switchport mode trunk
SW1 (config-if) # end
% SYS-5-CONFIG_ I: Configured from console by the console
@ Verify the trunk Interface
SW1 # show interface trunk
Port Mode Encapsulation Status Native vlan
Fa0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24-1-1005
Port Vlans allowed and active in management domain
Fa0/24, 12, 34
......
------------------------------------------------------------------
Perform similar operations on vswitch 2.
Switch> enable
Switch # configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch (config) # no ip domain lookup
Switch (config) # hostname SW2
SW2 (config) # vlan 12
SW2 (config-vlan) # exit
SW2 (config) # vlan 34
SW2 (config-vlan) # exit
SW2 (config) # interface f0/2
SW2 (config-if) # switchport mode access
SW2 (config-if) # switchport access vlan 12
SW2 (config-if) no shutdown
SW2 (config-if) # exit
SW2 (config) # interface f0/3
SW2 (config-if) # switchpor mode access
SW2 (config-if) # switchport access vlan 34
SW2 (config-if) no shutdown
SW2 (config-if) # exit
SW2 (config) # interface f0/24
SW2 (config-if) # switchport mode trunk
SW2 (config-if) # exit
SW2 (config) # end
SW2 # show vlan brief
VLAN Name Status Ports
----------------------------------------------------------------------------
1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6 ......
12 VLAN0012 active Fa0/2
23 VLAN0023 active
......
SW2 # show interface trunk
Port Mode Encapsulation Status Native vlan
Fa0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24-1-1005
Port Vlans allowed and active in management domain
Fa0/24 111
......
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>
Experiment results:
In PC1 ~ On the PC4 command line interface, ping the command to Verify connectivity. As a result, PC1 and PC2 are interconnected, PC3 and PC4 are interconnected, and VLan 12 and VLan 34 are not interconnected.
4. Extend: how to delete a VLAN?
1. Remove the member ports of the VLAN first;
SW1 # configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
@ Remove the fixed access vlan14 from the fas0 port and change the Port Back to the default vlan 1
SW1 (config) # interface f0/1
SW1 (config-if) # no switchport access vlan 12
SW1 (config-if) # exit
@ Delete a VLAN no longer in use
SW1 (config) # no vlan 12
SW1 (config) # end
V. Experiment summary:
1. The data sent from the trunk link is labeled with vlan. Only network devices such as switches and routers can recognize the data. PCS cannot recognize the data. Therefore, ports connected to PCs are, it cannot be configured as trunk. The trunk mode is used to configure the switch device and allow packets of different VLANs to pass through.
2. The data sent from the Access link does not contain any tags. The access mode is used to configure the data on a non-Switched Device. A port can only pass through the specified Vlan.
3. There is a special VLAN in the trunk-native VLAN (Local/intrinsic VLAN). The traffic in this vlan is not labeled. The default value is vlan 1.
4. When the trunk link receives an untagged packet, it will forward it to the member port in the native vlan of the Local Switch and will not discard it.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
