实验要求
PC1/3的接口均为access模式,且属于van2,在同一网段
PC2/4/5/6的IP地址在同一网段,与PC1/3不在同一网段
PC2可以访问4/5/6,PC4不能访问5/6,PC5不能访问PC6
所有PC通过DHCP获取ip地址,PC1/3可以访问PC2/4/5/6
实验拓扑
实验步骤
1. 在交换机上创建VLAN
# 创建VLAN2--VLAN6
[sw1]vlan batch 2 to 6
2. 将接口Ethernet 0/0/1 Ethernet 0/0/3划入VLAN2
[sw1]port-group group-member Ethernet 0/0/1 Ethernet 0/0/3
[sw1-port-group]port link-type access
[sw1-Ethernet0/0/1]port link-type access
[sw1-Ethernet0/0/3]port link-type access
[sw1-port-group]port default vlan 2
[sw1-Ethernet0/0/1]port default vlan 2
[sw1-Ethernet0/0/3]port default vlan 2
3. 将接口Ethernet 0/0/2的PVID修改为VLAN3
[sw1]int e0/0/2
[sw1-Ethernet0/0/2]port hybrid pvid vlan 3
4. 修改接口Ethernet 0/0/2的允许列表
[sw1-Ethernet0/0/2]port hybrid untagged vlan 3 to 6
以同样的方式对接口Ethernet 0/0/4进行配置
[sw1-Ethernet0/0/4]port hybrid pvid vlan 4 #将接口Ethernet 0/0/4的PVID修改为VLAN4
[sw1-Ethernet0/0/4]port hybrid untagged vlan 3 to 4 #修改接口Ethernet 0/0/4的允许列表
5. 在sw2上对PC5、PC6进行配置
[sw2]vlan batch 2 to 6 #创建VLAN
#PC5
[sw2]int e0/0/1
[sw2-Ethernet0/0/1]port hybrid pvid vlan 5 #将接口Ethernet 0/0/1的PVID修改为VLAN5
[sw2-Ethernet0/0/1]port hybrid untagged vlan 3 5 #不带标记允许3和5
#PC6
[sw2-Ethernet0/0/2]port hybrid pvid vlan 6
[sw2-Ethernet0/0/2]port hybrid untagged vlan 3 6
此时6个PC的规则就写好了
6. trunk干道
[sw1]int e0/0/5
[sw1-Ethernet0/0/5]port link-type trunk
[sw1-Ethernet0/0/5]port trunk allow-pass vlan 2 to 6 #默认允许1,这里加上2到6
7. 在sw2的Ethernet0/0/3接口上用混杂模拟trunk
[sw2-Ethernet0/0/3]port hybrid tagged vlan 2 to 6 #携带字母允许2到6
8. 处理Ethernet0/0/6接口
[sw1-Ethernet0/0/6]port hybrid tagged vlan 2
[sw1-Ethernet0/0/6]port hybrid untagged vlan 3 to 6
9. 对路由器进行配置
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.1 24
[r1-GigabitEthernet0/0/0]int g0/0/0.1
[r1-GigabitEthernet0/0/0.1]dot1q termination vid 2
[r1-GigabitEthernet0/0/0.1]ip address 192.168.2.1 24
[r1-GigabitEthernet0/0/0.1]q
[r1]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[r1]ip pool v2
Info: It's successful to create an IP address pool.
[r1-ip-pool-v2]network 192.168.2.0 mask 24
[r1-ip-pool-v2]gateway-list 192.168.2.1
[r1-ip-pool-v2]q
[r1]ip pool v3-v6
Info: It's successful to create an IP address pool.
[r1-ip-pool-v3-v6]network 192.168.1.0 mask 24
[r1-ip-pool-v3-v6]gateway-list 192.168.1.1
[r1-ip-pool-v3-v6]q
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]dhcp select global
[r1-GigabitEthernet0/0/0]q
[r1]int g0/0/0.1
[r1-GigabitEthernet0/0/0.1]dhcp select global
[r1-GigabitEthernet0/0/0.1]arp broadcast enable
10. 让6台PCDHCP自动获取IP地址
11. 测试
此时PC2能ping通PC4/5/6,但是PC4只能ping通PC2,与PC5PC6通不了
