table of Contents
Demonstration of single-arm routing experiment:
Disadvantages of single-arm routing:
Single-arm routing practice experiment: (★)
Disadvantages of single-arm routing:
One, single-arm routing
Single-arm routing import:
1. VLAN controls the broadcast domain.
2. Different VLANs cannot communicate.
3. One VLAN=1 network segment.
As planned:
vlan10---IT Department---10.1.1.0/24
vlan20---Finance Department--20.1. After 1.0/24
, a VLAN is planned as a network segment . Benefits:
Good management: In the future, as long as you see the IP address, you will know which VLAN and department she is from.
Schematic diagram:
4. The communication between different VLANs is realized by routers (up to the third layer)
Demonstration of single-arm routing experiment:
Single-arm routing can reduce the amount of broadcast
The purpose of the experiment: The third PC and the fourth PC are not in the same network segment (vlan) but can communicate with each other ----" [optional] All PCs of this company can communicate, no matter which VLAN they are in
1. Configure the switch on the right first:
2. Remember to configure trunk for switch F0/5 on the right:
3. Next, configure the three-layer routing:
Interview question: How to communicate without trunk and cable?
A switch judges which vlan a frame comes from, and only trusts its own vlan table. The two interfaces of the switch on the left can pass through vlan2, and the two switches on the right can pass through vlan3.
Disadvantages of single-arm routing:
1. Network bottleneck
2. Single point of physical failure is prone to occur
(all sub-interfaces depend on the total physical interface)
3. Each frame of communication between VLANs is routed separately
Second, the ICMP protocol
Network layer IP ARP ICMP
1. What is the ICMP protocol port number? There is no port number. [Only application layer protocols have port numbers, TCP and ICMP have protocol numbers]
2. What is the ICMP protocol? [ICMP (Internet Control Message Protocol) Internet Control Message Protocol]
Ping essence (ICMP)
network detection and feedback mechanism
① can realize network detection
② route tracking
③ error feedback
3. The encapsulation format of the ICMP protocol: 
only 0 is a normal response
ICMP is not limited to Ping, Ping is just one of them. ICMP is applicable to any protocol. As long as an error occurs, any device is obliged to send an ICMP feedback mechanism to others. ICMP is widely used.
Route trace command:
windows: tracert IP address (trace tracking + rt=route)
linux or router: traceroute IP address
Exercises:
1. Practice tracking
2. Grab ICMP messages, verify 8 and 0
3. Continue to do single-arm routing + DHCP experiment (see topology diagram) to 
expand:
Single-arm routing practice experiment: (★)
1. Configure the switch interface with trunk
2. Create VTP and VLAN for the first switch
3. Put employees into vlan
4. Build three layers on the router
Check: show ip interface brief
5. The employee's IP refers to the gateway (now I don't want to configure it, I hope they will get the IP address automatically)
For networks with less than 1,000 people, in fact, it is enough to use a router as dhcp (the router at home acts as a dhcp server)
routers generally can provide dhcp services for Layer 3 devices or more.
Why is it best to use routers as DHCP for such medium and large networks?
Medium and large networks are generally divided into
VLANs, and VLANs control the broadcast. If the following server is used as a DHCP server, this server will never hear the broadcast, because it is on vlan40. Only people with the same vlan can obtain addresses from it
but use the router as a router. dhcp is different, everyone’s broadcast router can hear it (because it has four sub-interfaces, and each sub-interface leads to a vlan), it is the total receiver
However, if the company has more than 1,000 people, the router will be too much for DHCP, and the workload will be too great.
The first method: use the router as dhcp
Deploy a DHCP server on the Layer 3 router:
No matter which manufacturer's device, as long as it has a Layer 3 or above device, this device must be able to provide DHCP services (a pure Layer 2 switch is not possible)conf t
ip dhcp excluded-address 10.1.1.1 10.1.1.99 [Do address exclusion: 1-99 cannot be obtained by employees], if you want to exclude it, you can write
ip dhcp pool v10 in the next line [V10 represents the name of this address pool]
network 10.1.1.0 255.255.255.0 [DHCP address pool configuration mode]--"Provide the address of the network segment 10.1.1.0, and the subnet mask
default-router 10.1.1.254 [Default gateway, tell the VLAN person the interface of your router It is 10.1.1.254]
dns-server 40.1.1.1 [refers to DNS]
[lease 1 0 0] lease means lease term lease 1 0 0 means a whole day 1 12 0 means a day and 12 hours, this command is in Cisco package tracer Does not support
exit
In this experiment, configure 3 address pools (although there are 4 vlans, the vlan40 where the server is located is configured with static ip)
Click on the first PC to see if the address can be obtained automatically:
Configure static ip for the server
The experiment so far belongs to the state of interoperability of the entire network:
Make a web page for the server:
Add dns resolution:
Open the first pc, web browser:
Configure DHCP relay:
int f0/0.1 (this interface needs help)
ip helper-address IP
exit of the DHCP serverDelete configuration:
no ip dhcp excluded-address 10.1.1.1 10.1.1.99
no ip dhcp pool v10In reality, you can write it directly into the notepad and paste it into it
I can't get the IP dynamically now
The second method: use the server as dhcp
Add scope:
Now employees can’t get IP because they are not in a vlan
Solution:
Which VLANs need DHCP help? Just configure a command on the gateways of these VLANs called dhcp help (professional term is DHCP relay technology). The
relay is that you came to me and is the end point, but I will continue to forward it to you.
Now the company has four vlans, dhcp is deployed in the fourth vlan, which means that the gateways of the other three vlans need to be equipped with a dhcp help command
Configure DHCP relay:
Click on the router:
R1(config)#int f0/0.1
R1(config-subif)#ip helper-address 40.1.1.1 (When I receive my dhcp request from f0/0.1 in the future, I will package and unicast this thing separately to 40.1.1.1)
R1(config-subif)#exit
R1(config)#int f0/0.2
R1(config-subif)#ip helper-address 40.1.1.1
R1(config-subif)#exit
R1(config)#int f0/0.3
R1(config-subif)#ip helper-address 40.1.1.1
R1(config-subif)#exit
an examination:
The dhcp server I will see in the future is nothing more than three situations:
1. Use a router as a DHCP server (or a three-layer device)
2. Use Windows 2003 or 2008 as a DHCP server
3. Linux as a dhcp server (first type a command to install dhcp Package [installation software]---open a configuration file and write the dhcp address pool, subnet mask, gateway, dns, lease period---open the service startup port and the employee can get the address)
DHCP relay function: obtain addresses across network segments
Disadvantages: only across two network segments at most
Disadvantages of single-arm routing:
1. Network bottleneck
2. Single point of physical failure is prone to occur
(all sub-interfaces depend on the total physical interface)
3. Each frame of communication between VLANs is routed separately
三、VTP(VLAN Trunking Protocol)
VTP overview
VTP (vlan trunking protocol): is the vlan trunking protocol, also known as the virtual local area network trunk protocol. It is a Cisco proprietary agreement.
The function is that more than a dozen switches are in the corporate network, and the workload of configuring VLANs is heavy. You can use the vtp protocol to configure one switch as a VTP Server, and the other switches as a VTP Client , so that they can automatically learn the VLAN information on the server.
VTP domain
To use vtp, you must first establish a vtp management domain, the switches in the same management domain share vlan information, and a switch can only participate in one management domain. Switches in different domains cannot share vlan information.
Create a vtp domain:
Switch(config)#vtp domain name //where name refers to a custom name
VTP working mode
Create a VTP domainSwitch(config)# vtp domain domain_name• Configure the VTP mode of the switchSwitch(config)# vtp mode { server | client | transparent }• Configure VTP versionSwitch(config)# vtp version 2• Configure VTP versionSwitch ( config ) # VTP password password• View VTP configuration informationSwitch# show vtp status
Server mode (Server)
Client mode (Client)
Transparent mode (Transparent): do not learn vlan information
Switch(config)#vtp mode server/client/transparent
Configure trunk for two ports
Transparent mode:
Configure VTP password
vtp password 123
Same passwords configured in the same domain
