vlan也就是虚拟局域网,它们是在逻辑上划分出来的,实现的效果跟真实的局域网差不多,但是虚拟局域网有着很大的灵活性,是现在组网中比较常用的。vlan的实现是在数据链路层,我们知道普通的以太网数据帧格式是这样的:目的MAC地址(6字节)、源MAC地址(6字节)、类型/长度(2字节)、数据(46~1500字节)、帧校验序列(4字节)。虚拟局域网801.1q的数据帧和普通以太网数据帧不同就在于它在类型/长度字段前加了4字节的vlan标签字段。
实验拓扑结构:
实验描述:
pc0、pc2和pc3同属vlna 2,pc1属于vlna 3,pc0和pc1是不能够通信的,因为他们在不同的虚拟局域网中,pc0、pc2、pc3之间能够通信,pc0和pc2之间通信是通过trunk链路实现的,因为pc0和pc2是不同设备相同vlan之间的通信,假若不借用trunk链路,那么switch0的fa0/3和switch1的fa0/1都得划分给vlan 2然后连接他们之间的物理线路,这样做有个坏处,那就是浪费端口,试想假若switch0中的vlan 3要和switch1中的vlna 3通信,那么还的从SW1和SW2中分别再各拿出一个端口划分给vlan 3然后再连接物理线路。trunk的作用就是一条线路承载多个vlan的通信。pc2和pc3之间的通信是不经过trunk的,因为它们是在同一设备上进行的。
pc0
| ip | 192.168.1.1 | vlan2 |
| mask | 255.255.255.0 | |
| gataway |
pc1
| ip | 192.168.2.1 | vlan3 |
| mask | 255.255.255.0 | |
| gataway |
pc2
| ip | 192.168.1.2 | vlan2 |
| mask | 255.255.255.0 | |
| gataway |
pc3
| ip | 192.168.1.3 | vlan2 |
| mask | 255.255.255.0 | |
| gataway |
注:交换机默认所有的端口属于vlan 1中,所以我们从2以上划分。
实验操作:
switch0
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname switch0
switch0(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch0#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname switch0
switch0(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch0#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
switch0(vlan)#vlan 2 name 2
VLAN 2 modified:
Name: 2
VLAN 2 modified:
Name: 2
switch0(vlan)#vlan 3 name 3
VLAN 3 modified:
Name: 3
switch0(vlan)#exit
APPLY completed.
Exiting....
switch0#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch0(config)#interface f
switch0(config)#interface fastEthernet0/1
VLAN 3 modified:
Name: 3
switch0(vlan)#exit
APPLY completed.
Exiting....
switch0#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch0(config)#interface f
switch0(config)#interface fastEthernet0/1
switch0(config-if)#switchport mode access
switch0(config-if)#switchport access vlan 2
switch0(config-if)#exit
switch0(config)#interface fastEthernet0/2
switch0(config-if)#switchport access vlan 2
switch0(config-if)#exit
switch0(config)#interface fastEthernet0/2
switch0(config-if)#switchport mode access
switch0(config-if)#switchport access vlan 3
switch0(config-if)#switchport access vlan 3
switch0(config-if)#exit
switch0(config)#interface fastEthernet0/3
switch0(config)#interface fastEthernet0/3
switch0(config-if)#switchport mode trunk
switch0(config-if)#exit
switch0(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch0#copy run star
Destination filename [startup-config]?
Building configuration...
[OK]
switch0(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch0#copy run star
Destination filename [startup-config]?
Building configuration...
[OK]
switch1
Switch>enable
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname switch1
switch1(config)#vlan database
^
% Invalid input detected at '^' marker.
switch1(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch1#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname switch1
switch1(config)#vlan database
^
% Invalid input detected at '^' marker.
switch1(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
switch1#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
switch1(vlan)#vlan 2 name 2
VLAN 2 modified:
Name: 2
switch1(vlan)#vlna 3 name 3
^
% Invalid input detected at '^' marker.
switch1(vlan)#exit
APPLY completed.
Exiting....
switch1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch1(config)#int
switch1(config)#interface f
switch1(config)#interface fastEthernet0/1
switch1(config-if)#switchport mode trunk
switch1(config-if)#exit
switch1(config)#interface fastEthernet0/2
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 2
switch1(config-if)#exit
switch1(config)#interface fastEthernet0/3
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 2
switch1(config-if)#end
%SYS-5-CONFIG_I: Configured from console by console
switch1#copy running-config st
switch1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
VLAN 2 modified:
Name: 2
switch1(vlan)#vlna 3 name 3
^
% Invalid input detected at '^' marker.
switch1(vlan)#exit
APPLY completed.
Exiting....
switch1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch1(config)#int
switch1(config)#interface f
switch1(config)#interface fastEthernet0/1
switch1(config-if)#switchport mode trunk
switch1(config-if)#exit
switch1(config)#interface fastEthernet0/2
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 2
switch1(config-if)#exit
switch1(config)#interface fastEthernet0/3
switch1(config-if)#switchport mode access
switch1(config-if)#switchport access vlan 2
switch1(config-if)#end
%SYS-5-CONFIG_I: Configured from console by console
switch1#copy running-config st
switch1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
测试:
PC0>192.168.1.2
Invalid Command.
Invalid Command.
PC>ping 192.168.1.2
Pinging 192.168.1.2 with 32 bytes of data:
Reply from 192.168.1.2: bytes=32 time=187ms TTL=128
Reply from 192.168.1.2: bytes=32 time=94ms TTL=128
Reply from 192.168.1.2: bytes=32 time=78ms TTL=128
Reply from 192.168.1.2: bytes=32 time=94ms TTL=128
Reply from 192.168.1.2: bytes=32 time=94ms TTL=128
Reply from 192.168.1.2: bytes=32 time=78ms TTL=128
Reply from 192.168.1.2: bytes=32 time=94ms TTL=128
Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 78ms, Maximum = 187ms, Average = 113ms,ping通
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 78ms, Maximum = 187ms, Average = 113ms,ping通
PC0>ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),ping不通
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),ping不通
成功........
总结:
关于虚拟局域网的划分有多种方式基于端口的划分是其中一种,但是也是比较流行的一种,例外还有基于MAC地址和基于协议的划分等。
