I. Lab Objectives
- Master the configuration of the switch tag VLAN;
- Master the basic configuration methods of layer-3 switches;
- Measure the test taker's knowledge about how to configure VLAN routing for a layer-3 switch;
- Layer-3 switches are used to implement inter-VLAN communication;
Ii. Lab background
An enterprise has two main departments: the technical department and the sales department, which are located in different offices. To ensure security and ease of management, VLANs are divided for the hosts of the two Departments, the technical department and sales department are in different VLANs. Due to business needs, the sales department and the Technical Department hosts need to access each other to obtain the corresponding resources. The Switches of the two Departments are connected through a layer-3 switch.
Iii. Technical Principles
A layer-3 Switch provides the network layer function to enable mutual access between VLANs. It uses the routing function of the layer-3 Switch to identify the IP address of the data packet and find the route table for Route Selection and forwarding. Layer-3 switches use direct connection routes to achieve mutual access between different VLANs. Layer-3 switches configure IP addresses for interfaces and use SVI (exchange virtual interfaces) to interconnect VLANs. SVI refers to creating virtual interfaces for VLANs in a vswitch and configuring IP addresses.
Iv. Experiment steps
Lab Topology
1. Configure VLAN 2 and VLAN 3 on the L2 Switch, and route Port 2 and Port 3 to VLAN 2 and VLAN 3 respectively;
2. Define the port fa0/1 connected to the L2 Switch and the L3 switch as the tag VLAN mode;
Switch> enswitch # conf tenter configuration commands, one per line. end with cntl/Z. switch (config) # VLAN 2 switch (config-VLAN) # exitswitch (config) # VLAN 3 Switch (config-VLAN) # exitswitch (config) # interface fa0/2 switch (config-If) # switchport access VLAN 2 switch (config-If) # exitswitch (config) # interface fa0/3 Switch (config-If) # switchport access VLAN 3 Switch (config-If) # exitswitch (config) # interface fa0/1 switch (config-If) # switchport mode trunk % LINEPROTO-5-UPDOWN: line protocol on interface fastethernet0/1, changed state to down % LINEPROTO-5-UPDOWN: Line protocol on interface fastethernet0/1, changed state to upswitch (config-If )#
3. Configure VLAN 2 and VLAN 3 on the layer-3 switch, and route Port 2 and Port 3 to VLAN 2 and VLAN 3 respectively;
Switch> enswitch # conf tenter configuration commands, one per line. end with cntl/Z. switch (config) # VLAN 2 switch (config-VLAN) # exitswitch (config) # VLAN 3 Switch (config-VLAN) # exitswitch (config) # interface fa0/2 switch (config-If) # switchport access VLAN 2 switch (config-If) # exitswitch (config) # interface fa0/3 Switch (config-If) # switchport access VLAN 3 Switch (config-If) # exit
Switch (config )#
4. configure Layer-3 Switch VLAN communication, create VLAN 2 and VLAN 3 Virtual interfaces, and configure the IP addresses of VLAN 2 and VLAN 3;
switch (config) # interface VLAN 2 // create a Virtual Interface switch (config-If) # % link-5-changed: interface vlan2, changed state to up % LINEPROTO-5-UPDOWN: Line protocol on interface vlan2, changed state to upswitch (config-If) # IP address 192.168.1.1 255.255.255.0 // configure the IP address switch (config-If) of VLAN 2 of the Virtual Interface # No shutdown switch (config-If) # exitswitch (config) # interface VLAN 3 // create a Virtual Interface switch (config-If) # % link-5-changed: interface vlan3, changed state to up % LINEPROTO-5-UPDOWN: line protocol on interface vlan3, changed state to upswitch (config-If) # IP address 192.168.2.1 255.255.255.0 // configure the IP address of VLAN 2 of the Virtual Interface switch (config-If) # No shutdown switch (config-If) # End
switch #
5. view the route table of a layer-3 Switch
Switch # Show IP Route codes: C-connected, S-static, I-IGRP, R-rip, M-mobile, B-BGP D-VPN, ex-VPN external, o-OSPF, Ia-OSPF Inter Area N1-ospf nssa external type 1, n2-ospf nssa external type 2 E1-OSPF external type 1, E2-OSPF external type 2, e-EGP I-is, L1-is level-1, L2-is level-2, Ia-Is Inter Area *-candidate default, u-per-user static route, o-ODR p-periodic downloaded static routegateway of last resort is not SETC 192.168.1.0/24 is directly connected, vlan2c 192.168.2.0/24 is directly connected, vlan3switch #
6. Set the default gateway of the host under VLAN 2 and VLAN 3 as the IP address of the corresponding virtual interface;
V. Verification
enable pC1 command prompt
Packet tracer PC command line 1.0 Pc> ipconfigip address ......................: 192.168.1.2subnet mask .....................: 255.255.255.0default gateway .................: 192.168.1.1pc> Ping 192.168.1.3pinging 192.168.1.3 with 32 bytes of data: reply from 192.168.1.3: bytes = 32 time = 187 Ms TTL = 128 reply from 192.168.1.3: bytes = 32 time = 93 Ms TTL = 128 reply from 192.168.1.3: bytes = 32 time = 110 ms TTL = 128 reply from 192.168.1.3: bytes = 32 time = 93 Ms TTL = 128 Ping statistics for 192.168.1.3: Packets: Sent = 4, encrypted ED = 4, lost = 0 (0% loss ), approximate round trip times in Milli-seconds: Minimum = 93 ms, maximum = 187 ms, average = 120 mspc> Ping 192.168.2.2pinging 192.168.2.2 with 32 bytes of data: Request timed out. reply from 192.168.2.2: bytes = 32 time = 188 ms TTL = 127 reply from 192.168.2.2: bytes = 32 time = 112 Ms TTL = 127 reply from 192.168.2.2: bytes = 32 time = 125 Ms TTL = 127 Ping statistics for 192.168.2.2: Packets: Sent = 4, stored ED = 3, lost = 1 (25% loss ), approximate round trip times in Milli-seconds: Minimum = 112 ms, maximum = 188 ms, average = 141 mspc> Ping 192.168.2.3pinging 192.168.2.3 with 32 bytes of data: Request timed out. reply from 192.168.2.3: bytes = 32 time = 125 Ms TTL = 127 reply from 192.168.2.3: bytes = 32 time = 78 Ms TTL = 127 reply from 192.168.2.3: bytes = 32 time = 64 Ms TTL = 127 Ping statistics for 192.168.2.3: Packets: Sent = 4, stored ED = 3, lost = 1 (25% loss ), approximate round trip times in Milli-seconds: Minimum = 64 ms, maximum = 125 Ms, average = 89 Ms