Vlan(Virtual Local Area Network)即虚拟局域网。VLAN可以把同一个物理网络划分为多个逻辑网段,因此,Vlan可以抑制网络风暴,增强网络的安全性。

一、实例拓扑图

clip_image002

PC1的配置:

PC>ipconfig 192.168.0.1 255.255.255.0

配置前的测试:

PC>ping 192.168.0.2

Pinging 192.168.0.2 with 32 bytes of data:

Reply from 192.168.0.2: bytes=32 time=125ms TTL=128

Reply from 192.168.0.2: bytes=32 time=62ms TTL=128

Reply from 192.168.0.2: bytes=32 time=63ms TTL=128

Reply from 192.168.0.2: bytes=32 time=63ms TTL=128

Ping statistics for 192.168.0.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 62ms, Maximum = 125ms, Average = 78ms

PC>ping 192.168.0.3

Pinging 192.168.0.3 with 32 bytes of data:

Reply from 192.168.0.3: bytes=32 time=109ms TTL=128

Reply from 192.168.0.3: bytes=32 time=47ms TTL=128

Reply from 192.168.0.3: bytes=32 time=63ms TTL=128

Reply from 192.168.0.3: bytes=32 time=63ms TTL=128

Ping statistics for 192.168.0.3:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 47ms, Maximum = 109ms, Average = 70ms

二、创建VLAN
在Cisco IOS中有两种方式创建vlan,在全局配置模式下使用vlan vlanid命令,如switch(config)#vlan 10;在vlan database下创建vlan,如switch(vlan)vlan 20

Swtich

Switch>enable

Switch#config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)#end

Switch#show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

10 VLAN0010 active

20 VLAN0020 active

三、把端口划分给vlan(基于端口的vlan)

Switch(config)#interface fa0/1

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 10

Switch(config-if)#exit

Switch(config)#interface fa0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 10

Switch(config-if)#exit

Switch(config)#interface fa0/3

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 20

Switch(config-if)#exit

Switch(config)#interface fa0/4

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 20

Switch#show vlan

四、查看vlan信息

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

10 VLAN0010 active Fa0/1, Fa0/2

20 VLAN0020 active Fa0/3, Fa0/4

配置后的测试:

PC>ping 192.168.0.2

Pinging 192.168.0.2 with 32 bytes of data:

Reply from 192.168.0.2: bytes=32 time=63ms TTL=128

Reply from 192.168.0.2: bytes=32 time=63ms TTL=128

Reply from 192.168.0.2: bytes=32 time=63ms TTL=128

Reply from 192.168.0.2: bytes=32 time=62ms TTL=128

Ping statistics for 192.168.0.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 62ms, Maximum = 63ms, Average = 62ms

PC>ping 192.168.0.3

Pinging 192.168.0.3 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.0.3:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

clip_image004

clip_image006

计算机的配置:

PC>ipconfig 192.168.0.2 255.255.255.0

PC>ipconfig 192.168.0.3 255.255.255.0

PC>ipconfig 192.168.0.4 255.255.255.0

PC>ipconfig 192.168.0.5 255.255.255.0

交换机的配置:

Switch>enable

Switch#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)#exit

Switch(config)#interface fa0/1

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 10

Switch(config-if)#exit

Switch(config)#interface fa0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 20

Switch(config-if)#exit

Switch(config)#interface fa0/24

Switch(config-if)#switchport mode trunk

Switch(config-if)#exit

Switch(config)#

Switch>enable

Switch#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#vlan 10

Switch(config-vlan)#vlan 20

Switch(config-vlan)#exit

Switch(config)#interface fa0/1

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 20

Switch(config-if)#exit

Switch(config)#interface fa0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 10

Switch(config-if)#exit

Switch(config)#interface fa0/24

Switch(config-if)#switchport mode trunk

Switch(config-if)#

测试:

PC>ping 192.168.0.3

Pinging 192.168.0.3 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.0.3:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC>ping 192.168.0.4

Pinging 192.168.0.4 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.0.4:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC>ping 192.168.0.5

Pinging 192.168.0.5 with 32 bytes of data:

Reply from 192.168.0.5: bytes=32 time=94ms TTL=128

Reply from 192.168.0.5: bytes=32 time=94ms TTL=128

Reply from 192.168.0.5: bytes=32 time=78ms TTL=128

Reply from 192.168.0.5: bytes=32 time=78ms TTL=128

Ping statistics for 192.168.0.5:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 78ms, Maximum = 94ms, Average = 86ms

PC>