MUX VLAN的配置
- 實驗拓撲圖
- 實驗要求
如圖所示,VLAN10、20、99為公司内部網絡,30為訪客網絡。
1.測試所有PC和伺服器能否通信?(YES)
2.在S1上完成配置,使得VLAN10、20内部能夠通信且能夠通路伺服器所在網絡VLAN99(不考慮10和20之間互相通信),VLAN30作為訪客網絡僅能通路伺服器所在網絡VLAN99,VLAN30内部成員也不能互相通路。
3.測試VLAN10、20、30、99之間通信狀況。(VLAN10、20、99内部均能夠通信,VLAN30内部不能通信,VLAN10、20、30和 VLAN99能夠通信)
4.附加題8分,可使用port-group功能将8個端口放在一個group,一起配置(group編号1)。
備注:VLAN99為主VLAN,VLAN10、20為從VLAN,且為group類型,VLAN30為從VLAN,且為separate類型。
-
測試
所有PC ping 伺服器,如圖都能通信
MUX VLAN的配置 MUX VLAN的配置 MUX VLAN的配置 MUX VLAN的配置 MUX VLAN的配置 MUX VLAN的配置 - 配置
<Huawei>system-view
[Huawei]vlan batch 10 20 30 99
#配置MUX VLAN中的Group VLAN 和Separate VLAN:
[Huawei]vlan 99
[Huawei-vlan99]mux-vlan //1.啟動混合型VLAN;2.VLAN99是主VLAN
[Huawei-vlan99]subordinate
[Huawei-vlan99]subordinate group 10 20
[Huawei-vlan99]subordinate separate 30
[Huawei-vlan99]quit
[Huawei]port-group 1 //用port-group功能将8個端口放在一個group,一起配置
[Huawei-port-group-1]group-member Ethernet 0/0/1 to Ethernet 0/0/8
[Huawei-port-group-1]port link-type access
[Huawei-Ethernet0/0/1]port link-type access
[Huawei-Ethernet0/0/2]port link-type access
[Huawei-Ethernet0/0/3]port link-type access
[Huawei-Ethernet0/0/4]port link-type access
[Huawei-Ethernet0/0/5]port link-type access
[Huawei-Ethernet0/0/6]port link-type access
[Huawei-Ethernet0/0/7]port link-type access
[Huawei-Ethernet0/0/8]port link-type access
[Huawei-port-group-1]q
[Huawei]int
[Huawei]interface Ethernet0/0/1
[Huawei-Ethernet0/0/1]port default vlan 10
[Huawei-Ethernet0/0/1]int e0/0/2
[Huawei-Ethernet0/0/2]port default vlan 10
[Huawei-Ethernet0/0/2]int e0/0/3
[Huawei-Ethernet0/0/3]port default vlan 20
[Huawei-Ethernet0/0/3] int e0/0/4
[Huawei-Ethernet0/0/4]port default vlan 20
[Huawei-Ethernet0/0/4]int e0/0/5
[Huawei-Ethernet0/0/5]port default vlan 30
[Huawei-Ethernet0/0/5]int e0/0/6
[Huawei-Ethernet0/0/6]port default vlan 30
[Huawei-Ethernet0/0/6]int e0/0/7
[Huawei-Ethernet0/0/7]port default vlan 30
[Huawei-Ethernet0/0/7]int e0/0/8
[Huawei-Ethernet0/0/8]port default vlan 99
[Huawei-Ethernet0/0/8]int e0/0/7
[Huawei-Ethernet0/0/7]port default vlan 99
[Huawei-Ethernet0/0/7]quit
[Huawei]port-group 1
[Huawei-port-group-1]port mux-vlan enable
[Huawei-Ethernet0/0/1]port mux-vlan enable
[Huawei-Ethernet0/0/2]port mux-vlan enable
[Huawei-Ethernet0/0/3]port mux-vlan enable
[Huawei-Ethernet0/0/4]port mux-vlan enable
[Huawei-Ethernet0/0/5]port mux-vlan enable
[Huawei-Ethernet0/0/6]port mux-vlan enable
[Huawei-Ethernet0/0/7]port mux-vlan enable
[Huawei-Ethernet0/0/8]port mux-vlan enable
[Huawei-port-group-1]q
[Huawei]q
<Huawei>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0.
Mar 29 2021 17:18:48-08:00 Huawei %%01CFM/4/SAVE(l)[5]:The user chose Y when dec
iding whether to save the configuration to the device.
Save the configuration successfully.
再次測試:VLAN10、20、99内部均能夠通信,VLAN10、20、30和 VLAN99能夠通信
VLAN30内部不能通信
PC1 ping PC7能夠通信,原因:PC7屬于主VLAN
對交換機的E0/0/1和E0/0/8接口進行抓包: