http://minitoo.blog.51cto.com/4201040/786011(转载)
在路由器上做单臂路由实现VLAN间路由,也就是设置子接口和封装协议。
实现环境如下图:
- 在交换机上建立VLAN,并将交换机的各端口按部门划分到各VLAN。
Switch>enable
Switch#config terminal
Switch(config)#vlan 2
Switch(config-vlan)#name shengchan
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#name xiaoshou
Switch(config-vlan)#exit
Switch(config)#vlan 4
Switch(config-vlan)#name xingzheng
Switch(config-vlan)#exit
Switch(config)#interface fastethernet 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#interface fastethernet 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#interface fastethernet 0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 4
Switch(config-if)#exit
- 在交换机连接路由器的接口上配置TRUNK,并使TRUNK传输所有的VLAN的数据包。
Switch(config)#interface fastethernet 0/4
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allow vlan all
Switch(config-if)#exit
- 在路由器连接交换机的端口上去掉IP地址,使之成为二层接口。
Router>enable
Router#config terminal
Router(config)#interface fastethernet 0/0
Router(config-if)#no ip address
Router(config-if)#exit
- 在路由器上开启连接交换机的端口(no shtudwon),设置子接口IP地址,此IP地址将自动成为各VLAN的网关。
Router(config)#interface fastethernet 0/0
Router(config-if)#no shutdown
Router(config)#interface fastethernet 0/0.2
Router(config-subif)#encapsulation dot1Q 2
Router(config-subif)#ip address 192.168.2.1 255.255.255.0
Router(config-subif)#no shutdown
Router(config-subif)#exit
Router(config)#interface fastethernet 0/0.3
Router(config-subif)#encapsulation dot1q 3
Router(config-subif)#ip address 192.168.3.1 255.255.255.0
Router(config-subif)#no shutdown
Router(config-subif)#exit
Router(config)#interface fastethernet 0/0.4
Router(config-subif)#encapsulation dot1Q 4
Router(config-subif)#ip address 192.168.4.1 255.255.255.0
Router(config-subif)#no shutdown
Router(config-subif)#exit
OK,配置完成,现在可以在VLAN2上ping一下VLAN3、VLAN4,测试连通性。
PC>ipconfig /all
Physical Address................: 0001.9751.4CB5
IP Address......................: 192.168.2.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.2.1
DNS Servers.....................: 0.0.0.0
PC>ping 192.168.3.2
Pinging 192.168.3.2 with 32 bytes of data:
Reply from 192.168.3.2: bytes=32 time=13ms TTL=127
Reply from 192.168.3.2: bytes=32 time=18ms TTL=127
Reply from 192.168.3.2: bytes=32 time=8ms TTL=127
Reply from 192.168.3.2: bytes=32 time=15ms TTL=127
Ping statistics for 192.168.3.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 18ms, Average = 13ms
PC>ping 192.168.4.2
Pinging 192.168.4.2 with 32 bytes of data:
Reply from 192.168.4.2: bytes=32 time=11ms TTL=127
Reply from 192.168.4.2: bytes=32 time=15ms TTL=127
Reply from 192.168.4.2: bytes=32 time=16ms TTL=127
Reply from 192.168.4.2: bytes=32 time=18ms TTL=127
Ping statistics for 192.168.4.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 18ms, Average = 15ms