Configuration instance for single-arm Routing

Basic Information
　　
 
Target: Pass
Vro
Interconnection Environment with multiple VLANs: 1. the vswitch is a L2 Switch that supports VLAN division. 2. A router has only one Ethernet interface. It adopts a single-arm route, that is, multiple logical sub-interfaces are configured on the router. Each sub-interface corresponds to one VLAN. Because there is only one physical route interface, the data of each sub-interface must be marked and encapsulated during transmission on the physical link. Cisco devices support ISL and
802.1q
Protocol. Huawei devices only support 802.1q.
Configuration instance for single-arm Routing
Two PCs are pc2, pc3, one is s1, and the other is R1.
 
Lab Topology
First, configure the pc ip address pc2: 192.168.2.10 Gateway: 192.168.2.1 pc3: 192.168.3.10 Gateway: 192.168.3.1 the mask is all 24 bits to configure the switch and assign the vlan. (I will not explain It briefly) Switch> enable Switch # vlan d % Warning: It is recommended to configure VLAN from config mode, as VLAN database mode is being deprecated. please consult user documentation for login ing VTP/VLAN in config mode. switch (vlan) # vlan 2 name test01 VLAN 2 added: Name: test01 Switch (vlan) # vlan 3 name test02 VLAN 3 added: Name: test02 → set vlan, here, only two simple settings are provided. Switch (vlan) # exit APPLY completed. Exiting... Switch # config stopping ing from terminal, memory, or network [terminal]? Enter configuration commands, one per line. end with CNTL/Z. switch (config) # interface fa0/2 Switch (config-if) # switchport access vlan 2 Switch (config-if) # exit Switch (config) # interface fa0/3 Switch (config-if) # switchport access vlan 3 Switch (config-if) # exit Switch (config) # interface fa0/1 Switch (config-if) # switchport trunk encapsulation dot1q (2960 and other switches only support the 802.1q protocol, which is ignored here) Switch (config-if) # switchport mod E trunk Switch (config-if) # switchport trunk allowed vlan all Switch (config-if) # exit Switch (config) # end % SYS-5-CONFIG_ I: configured from console by console Switch # write memory Building configuration... [OK] Next, configure a single-arm route: Router> enable Router # config routing ing from terminal, memory, or network [terminal]? Enter configuration commands, one per line. end with CNTL/Z .................. enter the global configuration mode Router (config) # interface fa0/0 ................ enter the interface Router (config-if) # no shutdown ................ activate the port Router (config-if) # exit (this statement does not exist) Router (config) # interface fa0/0.1 ........... configuring a sub-interface is the key to configuring a single-arm route. This interface is a logical interface and is not a physical interface, but has the same functions as a physical interface. Router (config-subif) # encapsulation dot1q 2 ....... configure the 802.1Q protocol for this interface, and the last two are vlan numbers. This is also the key part of the Router (config-subif) # ip address 192.168.2.1 255.255.255.0 ......... divide IP addresses for this interface. Router (config-subif) # exit Router (config) # interface fa0/0.2 ..... similarly, go to the 2nd sub-interface and configure Router (config-subif) # encapsulation dot1q 3 ......... configure the 802.1Q protocol Router (config-subif) # ip address 192.168.3.1 255.255.255.0 ...... divide the IP address and subnet mask Router (config-subif) # end % SYS-5-CONFIG_ I: Configured from console by console .......... the following is the test result after completing the configuration: after the two machines are pinged to each other, we can find that the ping is successful.
Edit this section of the Huawei router single-arm route
Requirement: In a LAN, VLAN configuration on a switch can reduce the range of the host communication broadcast domain. When some hosts need to communicate with each other, but the switch does not support layer-3 switching, you can use a vro supporting 802.1Q to achieve VLAN interconnection. this requires creating a sub-interface on the Ethernet port, assigning an IP address as the gateway of the VLAN, and starting 802.1Q. networking: the router E0 port is connected to the uplink trunk port (Port 24th) of the switch, the downlink port of the switch is divided into three VLANs with several hosts.
1. vro Configuration
[Router] [Router] inter e0 [Router-Ethernet0] ip add 10.0.0.1 255.255.255.0 [Router-Ethernet0] inter e0.1 // define sub interface E0.1 [Router-Ethernet0.1] ip add 172.16.1.1 255.255.255.0 [Router-Ethernet0.1] vlan-type dot1q vid 1 // specify that the Ethernet sub-interface belongs to VLAN1, this command is applied to the Ethernet sub-interface. Only after this command is configured can the Ethernet sub-interface embed VLAN tags in the Ethernet frame header according to the configured vlan id, the switch interface connected to the network port can correctly process received frames. [Router-Ethernet0.1] inter e0.2 // define sub interface E0.2 [Router-Ethernet0.2] ip add 172.16.2.1 255.255.255.0 [Router-Ethernet0.2] vlan-type dot1q vid 2 // specify that the Ethernet sub interface belongs to VLAN2 [Router-Ethernet0.2] inter e0.3 // define sub-interface E0.3 [Router-Ethernet0.3] ip add 172.16.3.1 255.255.255.0 [Router-Ethernet0.3] vlan-type dot1q vid 3 // specify that the Ethernet sub-interface belongs to VLAN3 [Router-Ethernet0.3] inter e0 [Router-Ethernet0] undo shut % Interface Ethernet0 is up [Router-Ethernet0] // Connect Port E0 to port S3026 24th % 19 with a network cable: 46: 32: Interface Ethernet0 changed state to UP % 19: 46: 32: Line protocol ip on interface Ethernet0, changed state to UP % 19: 46: 32: line protocol ip on interface Ethernet0.1, changed state to UP % 19: 46: 32: Line protocol ip on interface Ethernet0.2, changed state to UP % 19: 46: 32: line protocol ip on interface Ethernet0.3, changed state to UP
2. Switch configuration
<Quidway> sys Enter system view, return user view with Ctrl + Z. [Quidway] vlan 1 [Quidway-vlan1] vlan 2 [Quidway-vlan2] port ethernet 0/17 to eth 0/19 eth 0/22 // port 17th to port 19, and port 22nd to VLAN2 [Quidway-vlan2] vlan 3 [Quidway-vlan3] port eth 0/21 // Add port 21st to VLAN3 [Quidway-vlan3] inter e0/24 [Quidway-Ethernet0/24] port link-type trunk // set port 24th to trunk port [Quidway-Ethernet0/24] port trunk permit vlan all // allow all VLAN traffic goes through Please wait ................................... ........ done. [Quidway-Ethernet0/24] dis port trunk // verify that the TRUNK port is configured with Now, the following trunking ports exist: ethernet0/24 [Quidway-Ethernet0/24] dis vlan 2 // test vlan id of VLAN2: 2 VLAN Type: static Route Interface: not configured Description: VLAN 0002 Tagged Ports: ethernet0/24 Untagged Ports: Ethernet0/17 Ethernet0/18 Ethernet0/19 Ethernet0/22 [Quidway-Ethernet0/24] dis vlan 3 // test VLAN3 configuration vlan id: 3 VLAN Type: static Route Interface: not configured Description: VLAN 0003 Tagged Ports: Ethernet0/24 Untagged Ports: ethernet0/21 3. check whether the network is connected on the workstation. This workstation connects to port S3026 21st, which belongs to vlan2. C: \ Documents ents and Settings \ Administrator> ipconfig windows 2000 IP Configuration Ethernet adapter local Connection: Connection-specific DNS Suffix.: IP Address ............: 172.16.2.22 Subnet Mask ...........: 255.255.255.0 Default Gateway .........: 172.16.2.1 C: \ Documents and Settings \ Administrator> ping 172.16.3.1 Pinging 172.16.3.1 with 32 bytes of data: Reply from 172.16.3.1: bytes = 32 time <10 ms TTL = 255 Reply from 172.16.3.1: bytes = 32 time <10 ms TTL = 255 Reply from 172.16.3.1: bytes = 32 time <10 ms TTL = 255 Reply from 172.16.3.1: bytes = 32 time <10 ms TTL = 255 Ping statistics for 172.16.3.1: Packets: Sent = 4, stored ED = 4, Lost = 0 (0% loss ), approximate round trip times in milli-seconds: Minimum = 0 ms, Maximum = 0 ms, Average = 0 ms 4. view on vro
Route table
. It can be found that because 172.16 of each network segment is a direct connection route, you do not need to enable the routing protocol or
Static Routing
That is, communication between VLANs can be realized. [Router] display ip routing-table Routing Tables: Destination/Mask Proto Pref Metric Nexthop Interface 10.0.0.0/24 Direct 0 0 10.0.0.1 Ethernet0 10.0.0.1/32 Direct 0 0 0
127.0.0.1
Optional Bytes/8 Direct 0 0 127.0.0.1 LoopBack0 127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0 172.16.1.0/24 Direct 0 0 172.16.1.1 Ethernet0.1 172.16.1.1/32 Direct 0 0 255.255.172.16.2.0/24 Direct 0 0 172.16.2.1 ethernet0.2 172.16.2.1/32 Direct 0 0 127.0.0.1 LoopBack0 172.16.3.0/24 Direct 0 0 172.16.3.1 Ethernet0.3 172.16.3.1/32 Direct 0 0 127.0.0.1 LoopBack0
Edit single-arm route settings for one vlan in this section
In a vlan, you can set the computer's secondary ip address
Physical Network
Last two
 
China Unicom with different IP address segments.
1. Set the IP address of the computer's PCA
[Root # PCA root] # ipconfig eth0 10.65.1.1 netmask 255.255.0.0 [root # PCB root] # ipconfig eth0 10.66.1.1 netmask 255.255.0.0 [root # PCA root] # ping 10.66.1.1 (disconnected) [root # PCB root] # ping 10.65.1.1 (not available) PCA and PCB are not available because they are in different network segments. One is 10.65.0.0/16, one is the 10.66.0.0/16 network, that is, the netid is different, and access between hosts of different networks must be implemented through routing.
2. Set vrof0 interface f0/0 to have two IP addresses
Roa (config) # int f0/0 roa (config-if) # ip address 10.65.1.2 route 0.0 roa (config-if) # no shut roa (config-if) # ip address 10.66.1.2 255.0.0 secondary roa # sh run in the displayed information, in the FastEthernet0/0 position, you should be able to see the two previously set IP addresses.
3. Test accessibility
[Root # PCA root] # ping 10.66.1.1 (not available) [root # PCA root] # ping 10.66.1.2 (available) [root # PCB root] # ping 10.65.1.1 (unavailable) [root # PCB root] # ping 10.65.1.3 (PASS) Why does PCA and PCB still fail? Oh, no gateway has been set for the computer. [Root # PCA root] # route add default gw 10.65.1.2 [root # PCB root] # route add default gw 10.66.1.2 [root # PCA root] # ping 10.66.1.1 (yes) [root # PCB root] # ping 10.65.1.1 (available)
4. Remove the connection between the vswitch and the vro.
[Root # PCA root] # ping 10.66.1.1 (disconnected) [root # PCB root] # ping 10.65.1.1 (disconnected, the packets sent from PCA to PCB are routed through the vro. the packets are routed from f0/0 and then from f0/0. Therefore, they are called single-arm routes. In this case, PCA and PCB are in the same broadcast domain, which is detrimental to network bandwidth. You can isolate broadcast domains by dividing VLANs. You can use sub-interfaces to route different VLANs.
5. On the switch
Double-click the switch to enter the terminal mode of the switch: switch> en password: switch # conf t switch (config) # int vlan 1 switch (config-if) # ip address 10.65.1.8 255.255.0.0 switch (config-if) # exit switch (config) # ip defaule-gateway 10.65.1.2 switch (config) # end switch # ping 10.65.1.1 (PASS) switch # ping 10.66.1.1 (yes) disconnect the connection between the vswitch and the vro, and then run the ping command from the vswitch: switch # ping 10.65.1.1 (yes) switch # ping 10.66.1.1 (NO) this indicates that IP addresses in different network segments are connected through routers.
Edit troubleshooting for this section
Sometimes, after the configuration is complete, the peer PC cannot be normally accessed. You can troubleshoot the problem according to the following troubleshooting process. Run ipconfig/all to check whether the client address and gateway are normal. The result is as follows:
 
PC1> ipconfig IP Address ...................... :
192.168.1.10
Subnet Mask ..................... : 255.255.255.0 Default Gateway ................. :
192.168.1.1
PC2> ipconfig IP Address ...................... :
192.168.2.10
Subnet Mask ..................... : 255.255.255.0 Default Gateway ................. :
192.168.2.1
　　
After confirming, PING the Gateway:
PC1> ping 192.168.1.1 pinging 192.168.1.1 data with 32 bytes: reply from 192.168.1.1: byte = 32 time = 2 ms TTL = 255 reply from 192.168.1.1: byte = 32 time = 2 ms TTL = 255 reply from 192.168.1.1: byte = 32 time = 2 ms TTL = 255 reply from 192.168.1.1: byte = 32 time = 3 ms TTL = 255 192.168.1.1 Ping statistics: Packet:
Sent = 4, received = 4, lost = 0 (0% lost ),
Estimated round-trip time (in milliseconds): Minimum = 2 ms, maximum = 3 ms, average = 2 ms if not available, you need to check the VLAN configuration of the switch and the status of the Trunk link between the router as follows: switch # show vlan brief // view Switch VLAN information VLAN Name Status Ports -- ----------- --- ----------- 1 default active Fa0/3, Fa0/4, Fa0/5, fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Gig1/1, Gig1/2
10
RED active
Fa0/1
// Confirm that this interface is connected to PC1 and 20 BLACK active Fa0/2 in VLAN 10. // confirm that this interface is connected to PC2, in VLAN 20, 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Switch #
Show int trunk
Port Mode Encapsulation Status Native vlan Fa0/24 on 802.1q trunking 1 // The Fa0/24 that the switch connects to the vro is the Trunk Status Port Vlans allowed on trunk Fa0/24 1 in the Encapsulation Mode 802.1q -1005 Port Vlans allowed and active in management domain Fa0/24, 20 // confirm that F0/24 ports allow VLAN10 and VLAN20 data to pass through Port Vlans in spanning tree forwarding state and not pruned Fa0/24, 20 and finally check the configuration on the vro, as shown below: router # show ip int br Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset
Upup
// Confirm that the physical interface status is up, otherwise, run no shutdown FastEthernet0/0.1 192.168.1.1 YES manual up // check whether the gateway address is correctly configured FastEthernet0/0.2 192.168.2.1 YES manual up Router # show int | in is up | vlan ID // use the include command to insert the show int result, it is easy to quickly check configuration information FastEthernet0/0 is up, line protocol is up
FastEthernet0/0.1
Is up, line protocol is up // confirm that the corresponding word interface is encapsulated in the corresponding vlan id Encapsulation 802.1Q Virtual LAN,
Vlan ID 10
　　
FastEthernet0/0.2 is up
, Line protocol is up Encapsulation 802.1Q Virtual LAN,
Vlan ID 20
At this point, the single-arm routing fault between VLANs can be rectified.

 

This article is from "small ocean Enterprises"