端口配置为trunk模式,则允许多个vlan的数据通过该端口
车小胖:交换机的端口设置为VLAN Trunk模式时,在转发数据包时插入了什么信息?传送门
一、配置主机IP地址
在划分VLAN前,交换机的全部接口全部都在VLAN1上,PC0与PC2在同一个子网上,PC0与PC2能Ping通过!(同理PC1和OPC3)
PC0与PC1不在同一个子网上,不能Ping通!(同理PC2和PC3)
二、配置交换机
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 2
Switch(config-vlan)#name VLAN2
Switch(config-vlan)#vlan 3
Switch(config-vlan)#name VLAN3
Switch(config-vlan)#end
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 2
Switch(config-vlan)#name VLAN2
Switch(config-vlan)#vlan 3
Switch(config-vlan)#name VLAN3
Switch(config-vlan)#end
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#end
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#end
因为此时S1与S2之间的链路尚未配置为干道,故S1和S2的f0/13端口都属于VLAN 1。当PC0 Ping PC2 或 PC1 Ping PC3时,虽然它们都属于相同的VLAN,但S1与S2之间的链路都属于VLAN1,不能承载他们的流量,Ping失败!
三、配置干道Trunk
Switch#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/13
Switch(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state to up
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/13
Switch(config-if)#switchport mode trunk
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
S1上验证干道配置
Switch#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/13 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/13 1-1005
Port Vlans allowed and active in management domain
Fa0/13 1,2,3
Port Vlans in spanning tree forwarding state and not pruned
Fa0/13 1,2,3
Switch#
在S2上验证干道配置
Switch#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/13 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/13 1-1005
Port Vlans allowed and active in management domain
Fa0/13 1,2,3
Port Vlans in spanning tree forwarding state and not pruned
Fa0/13 1,2,3
Switch#
输出显示S1与S2之间的链路已工作在Trunk模式,干道封装为802.1q
S1与S2之间的链路已形成干道,可以承载VLAN 1-1005的流量,故相同VLAN的主机互Ping应能成功但不同VLAN的主机Ping仍然不能成功!需要配置VLAN间的路由。
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/13
Switch(config-if)#switchport trunk native vlan 2
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
Switch#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int f0/13
Switch(config-if)#switchport trunk native vlan 2
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console
在Trunk链路上,数据帧回根据ISL或者802.1Q被重封装,但对于Native VLAN的数据,就不会被重新封装。因此链路两端的Native VLAN要求必须一致,否则交换机就会提示出错。
对VLAN进行封装有两种协议.一种是思科专有的协议,叫做ISL. 另一种是RFC公有的协议叫做802.1Q. 两种协议都是针对TRUNK承载不同VLAN为防止混乱而产生的.
默认情况下.交换机上所有的接口都位于VLAN1下.也就是NATIVE VLAN. 事实上,本地VLAN中不仅仅有着接口,还有STP信息,比如BPDU桥接协议数据单元,VLAN ID的信息等等都要通过native vlan来传输. 注意一般情况下默认的VLAN1就是典型的NATIVE VLAN
ISL协议和802.1Q的区别在于针对native vlan是否打标. ISL是全部都打,有几个VLAN打几个标记,而.1Q协议除了VLAN1也就是native vlan不打标记之外其他的VLAN都打标记,作用都是一样的,都能让TRUNK识别不同的VLAN. 那为什么不对VLAN1打标记呢.就是因为VLAN1中承载着许多信息.对native vlan标记是相当不利的.