Topology
1. Basic configuration
| equipment | interface | IP address | Subnet mask | Gateway |
|---|---|---|---|---|
| PC-1 | e0 / 01 | 10.0.1.1 | 255.255.255.0 | N/A |
| PC-2 | e0 / 0/1 | 10.0.1.2 | 255.255.255.0 | N/A |
| PC-3 | e0 / 0/1 | 10.0.1.3 | 255.255.255.0 | N/A |
| PC-4 | e0 / 0/1 | 10.0.1.4 | 255.255.255.0 | N/A |
| server-1 | e0 / 0/1 | 10.0.1.5 | 255.255.255.0 | N/A |
2. Use the hybrid port to achieve network requirements
sw1
vlan batch 10 20 30 40
interface GigabitEthernet0/0/1 //设置为hybrid
port link-type hybrid
port hybrid untagged vlan 10 20 //去标签处理
port hybrid pvid vlan 20 //添加vlan20标签后发出
interface GigabitEthernet0/0/2 //同上
port link-type hybrid
port hybrid untagged vlan 10 20
port hybrid pvid vlan 20
interface GigabitEthernet0/0/5
port link-type hybrid
port hybrid untagged vlan 10 20 30 40 //去标签处理
port hybrid pvid vlan 10 //添加vlan10标签后发出
interface GigabitEthernet0/0/3
port link-type hybrid
port hybrid untagged vlan 10 30 //去标签处理
port hybrid pvid vlan 30 //添加vlan30标签后发出
interface GigabitEthernet0/0/4
port link-type hybrid
port hybrid untagged vlan 10 40 //去标签处理
port hybrid pvid vlan 40 //添加vlan40标签后发出
Test
PC-3 can only communicate with server-1.
PC-1 can communicate with server-1, but cannot communicate with PC-3.
After the switch re-modifies the label, 1 and 2 belong to the same VLAN, and 3 and 4 belong to different VLANs. But all can access the server.
3. Use Mux vlan to achieve network requirements
// Switch restart speed is faster than deleting configuration
interface GigabitEthernet0/0/1 //设置属性access,划入vlan 20
port link-type access
port default vlan 20
interface GigabitEthernet0/0/2 //同上
port link-type access
port default vlan 20
interface GigabitEthernet0/0/3 //设置属性access,划入vlan 30
port link-type access
port default vlan 30
interface GigabitEthernet0/0/4 //设置属性access,划入vlan 40
port link-type access
port default vlan 30
interface GigabitEthernet0/0/5 //设置属性access,划入vlan 10
port link-type access
port default vlan 10
vlan 10
mux-vlan //设置为主vlan
//设置从vlan
subordinate separate 30 //vlan30设置为隔离型vlan
subordinate group 20 //vlan20设置为互通型vlan
Open mux-vlan under all ports added to mux-vlan
interface GigabitEthernet0/0/1
port mux-vlan enable //打开mux-vlan功能
interface GigabitEthernet0/0/2
port mux-vlan enable
interface GigabitEthernet0/0/3
port mux-vlan enable
interface GigabitEthernet0/0/4
port mux-vlan enable
interface GigabitEthernet0/0/5
port mux-vlan enable
PC-3 cannot communicate with PC-4 PC-1, only with the server