1 / 22

Cisco Lab - Switch

Cisco Lab - Switch. 2013.03.18. 大綱. Multi-LAN VLAN TRUNK VTP ACL Port Channel Routing InterVLAN Routing Static Routing Homework. 192.168.0.0 subnet. 192.168.1.0 subnet. 192.168.2.0 subnet. ENG VLAN. HR VLAN. SALES VLAN. Multi-LAN - VLAN. 0/1. 0/1. 0/2. 0/2.

aggie
Download Presentation

Cisco Lab - Switch

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cisco Lab - Switch 2013.03.18

  2. 大綱 • Multi-LAN • VLAN • TRUNK • VTP • ACL • Port Channel • Routing • InterVLAN Routing • Static Routing • Homework

  3. 192.168.0.0 subnet 192.168.1.0 subnet 192.168.2.0 subnet ENG VLAN HR VLAN SALES VLAN

  4. Multi-LAN - VLAN 0/1 0/1 0/2 0/2 0/3 0/3 VLAN 50 VLAN 1 VLAN 51 VLAN 2 VLAN 52 VLAN 3

  5. Multi-LAN - VLAN • Switch(config)#vlan “vlan-id” • 建立新vlan • Switch(config-vlanid)#name “vlan-name” • 為所新增的vlan命名 • Switch(config)#interface fastethernet 0/1 • 進入單一interface設定模式 • Switchport mode access • Switchport access vlan “vlan-id”

  6. Multi-LAN - Trunk Trunk VLAN 12 Tag VLAN 11 Tag VLAN 11 VLAN 11 VLAN 13 VLAN 13 VLAN 12 VLAN 12 pc0 pc1 pc2 pc3 pc4 pc5

  7. Multi-LAN - Trunk • switchporttrunk encapsulation dot1q • 指定Trunk封裝為dot1q模式 • switchport mode trunk • 指定Switch Port為Trunk Port • switchport trunk allowed vlan “Vlan- ID” • 允許特定VLAN ID的流量通過Trunk Port

  8. Multi-LAN - VTP • VLAN TrunkingProtocol • Cisco專有協議 • 負責同步網域中相同VTP DomainSwitch的VLAN資訊 • VTP Mode:Server、Client、Transpartent • 利用Switch的Trunking Port作VLAN的同步。

  9. Multi-LAN - VTP • Switch(config)#vtp mode server/client/transpartent • 設定VTP的模式 • Switch(config)#vtp domain “Domain Name” • 設定VTP Domain名稱,Domain相同的才會進行VLAN的同步 • Switch#showvtp status • 顯示設備的VTP狀態

  10. Port Channel • 利用數個實體介面邏輯上合併為一個 • 增加頻寬 • 分散流量 • 達到備援的目的

  11. Port Channel

  12. Port Channel • Switch(config)#interface range fastethernet 0/1 – 4 • 指定要作為同一Group的Port • Switch(config-if-range)#shutdown • 為避免對流量產生影響,建議在建立Port Channel前先將Port關閉 • Switch(config-if-range)#channel-group “Channel-Group ID” mode active/passive • Channel-Group建立起來所使用的ID • Active:主動建立Port-Channel • Passive:當遠端Switch為Active並要求建立Port-Channel時才會建立 • Show etherchannel summary • 查看Port-Channel狀態 • 對Port Channel進行設定 • Switch(config)#interface port-channel “Channel-Group ID”

  13. Port Channel 講台 192.168.219.202 6 2 1 4 3 5 192.168.219.203 192.168.219.204 192.168.219.205 6 2 1 4 3 5

  14. ACL • Switch(config)#ip access-list extended/standard “Policy ID or Policy Name” • Extended:會檢查封包來源、目的IP以及所使用之Layer4協定及路由協定等等資訊。 • Standard:僅檢查封包的目的地IP資訊。 • Switch(config-ext-nacl)#permit/deny tcp/udp “Source Address” “Wildcard Bits” “Dest Address” “Wildcard Bits” eq “Port Number” • Switch(config)#interface fastethernet “Port ID” • Switch(config-if)#no switchport • Switch(config-if)#ip access-group “Policy Name or Policy ID” in/out

  15. InterVLAN Routing 192.168.0.0/24 subnet 192.168.1.0/24 subnet 192.168.2.0/24 subnet ENG VLAN SALES VLAN HR VLAN

  16. InterVLAN Routing 192.168.0.0/24 GW:192.168.0.254 subnet 192.168.1.0/24 GW:192.168.1.254 subnet 192.168.2.0 GW:192.168.2.254 subnet ENG VLAN 12 SALES VLAN 10 HR VLAN 11 VLAN10:192.168.0.254 VLAN11:192.168.1.254 VLAN12:192.168.2.254

  17. InterVLAN Routing Trunk Trunk VLAN11:192.168.1.254 VLAN12:192.168.2.254 VLAN13:192.168.3.254 VLAN 11 VLAN 11 VLAN 13 VLAN 13 VLAN 12 VLAN 12 D A F B E C 192.168.1.1 Gw:192.168.1.254 192.168.2.1 Gw:192.168.2.254 192.168.3.1 Gw:192.168.3.254 192.168.1.2 Gw:192.168.1.254 192.168.2.2 Gw:192.168.2.254 192.168.3.2 Gw:192.168.3.254

  18. Static Routing ip route 10.1.1.0 255.255.255.0 gw 172.16.1.2 ip route 10.1.2.0 255.255.255.0 gw172.16.1.2 ip route 192.168.1.0 255.255.255.0 gw 172.16.1.2 ip route 192.168.2.0 255.255.255.0 gw172.16.1.2 172.16.1.1 172.16.1.2 Trunk Trunk VLAN1 VLAN2 VLAN 11 VLAN 12 C D A B 10.1.1.1 Gw:10.1.1.254 10.1.2.1 Gw:10.1.2.254 192.168.1.1 Gw:192.168.1.254 192.168.2.1 Gw:192.168.2.254

  19. Homework • 開啟LAB-HW.pkt • 從主機A使用PING主機D • 使用HW4.pkt • 從主機A使用PING主機D • 使用模擬器的Simulation觀察網路狀態 • 說明使用PING從主機A到主機D時,ARP傳遞的狀況,以及說明主機A無法PING到主機D的原因

  20. Homework Mac Address Table Mac Address Table E1: 260.8c01.1111 E1: 260.8c01.1111 E3 E1 E3 E1 E2 E4 ARP Request

  21. Homework Mac Address Table Mac Address Table E1: 260.8c01.1111 E1: 260.8c01.1111 E3: 260.8c01.4444 E4: 260.8c01.4444 E3 E1 E3 E1 E2 E4 DATA Transfer ARP Reply

  22. Homework Mac Address Table Mac Address Table Fa0/1 Fa0/1 Fa0/23 Fa0/23 Fa0/24 Fa0/23 Fa0/2 Fa0/2

More Related