Failure phenomenon
As the administrative building involved in more sensitive departments, so, according to the need to divide multiple VLANs, and set the corresponding access policies to improve data access security. Computers with different VLANs use different IP address segments, subnet masks, and default gateways. On the eve of summer admissions, the student department has purchased 4 new computers, requiring access to campus networks.
I arranged for the new division to do it and told him that 4 computers were connected to the 21~24 port of the first switch. Then, write the IP address information assigned to the new computer on paper and give it to him.
After not half an hour, Xiao Zhang called from the students, two machines have been successfully connected to the campus network and the Internet, the other two are not normal communication. Well, it looks like I have to run myself again.
Diagnostics process
I came to the student office and checked the computer in the following order:
* Device Manager to view the installation of the NIC driver-Normal, no yellow "!" Prompted
* In the network properties to view the TCP/IP protocol and the setting of information----Normal, TCP/IP protocol has been installed, and the IP address, subnet mask and default gateway settings are correct;
*ping The local computer's IP to pull-normal, indicating that the NIC is working properly;
*ping The other one also does not pass the IP address of the computer-the connection is normal, indicating that the physical link did not ask, the switch works normally; Check the network card, LED lights normal flashing, once again confirmed this judgment;
*ping the other two computer, Impassability!
*ping The VLAN's default gateway, also does not pass!
* Then ping the network server and the router's default gateway, certainly also does not make sense.
It seems that the problem is in the default gateway, that is, it is actually out on the switch. Now that you can ping between two computers, and you cannot ping to the default gateway and you cannot ping other computers in the same VLAN, the two computers are plugged in incorrectly and are connected to other VLAN ports.
To the Executive building wiring ask a look, sure enough! CISCO Catalyst 3550-48-emi is the upper and lower two rows of ports, this brother put 4 jumper all in the last row, the result is not 21-24, but 21, 23, 25, 27. In fact, 25 and 27 ports belong to another Vian. Change the corresponding jumper to 21-24, then go back to the student test, all the computers are connected!
Excluding experience
VLAN in improving transmission efficiency and access security, although the work is not, however, in the network debugging and network settings has increased a lot of trouble, because each VLAN IP address, subnet mask and default gateway are different, so that the network administrator must make a very comprehensive IP address information document, otherwise, The network configuration process will evolve into a disaster. In addition, different ports often belong to different Vian, plug the wrong port can not achieve communication with the network. Therefore, after the VLAN partition is complete, must leave in the wiring between the switch configuration document and the comprehensive wiring document. When you are on the jumper, be careful to see the port number of the switch so that you don't get it wrong.