一.实验要求
1.PC1/3的接口均为access模式,且属于van2,在同一网段
2.PC2/4/5/6的IP地址在同一网段,与PC1/3不在同一网段
3.PC2可以访问4/5/6,PC4不能访问5/6,PC5不能访问PC6
4.所有PC通过DHCP获取ip地址,PC1/3可以访问PC2/4/5/6
二.实验拓扑
三.实验过程
sw1的Ethernet0/0/2Ethernet0/0/4采用混杂模式设置自己的PVID
sw2的Ethernet0/0/1Ethernet0/0/2采用混杂模式设置自己的PVID
1.sw1:
<Huawei>sys [Huawei]sys sw1 [sw1]vlan batch 2 to 6 //创建VLAN2到6 [sw1]port-group group-member Ethernet 0/0/1 Ethernet 0/0/3 //同时配置两个接口 [sw1-port-group]po [sw1-port-group]port lin [sw1-port-group]port link- [sw1-port-group]port link-type access //设置接口为access模式 [sw1-Ethernet0/0/1]port link-type access [sw1-Ethernet0/0/3]port link-type access //自动生成[sw1-port-group]port default vlan 2 //将接口划分到VLAN2中 [sw1-Ethernet0/0/1]port default vlan 2 [sw1-Ethernet0/0/3]port default vlan 2 //自动生成[sw1]display port vlan active //查看接口vlan信息[sw1]interface Eth0/0/2 [sw1-Ethernet0/0/2]port hybrid pvid vlan 3 //采用混杂模式,设置PVID为vlan 3 [sw1-Ethernet0/0/2]port hybrid untagged vlan 3 to 6//配置允许列表不标记,允许vlan3到6能通过[sw1]interface Eth0/0/4 [sw1-Ethernet0/0/4]port hybrid pvid vlan 4 [sw1-Ethernet0/0/4]port hybrid untagged vlan 3 to 42.sw2:
<sw2>sys [sw2]vlan batch 2 to 6 [sw2]interface Ethernet0/0/1 [sw2-Ethernet0/0/1]port hybrid pvid vlan 5 [sw2-Ethernet0/0/1]port hybrid untagged vlan 3 5 //配置允许列表不标记,允许vlan3和5[sw2]interface Ethernet0/0/2 [sw2-Ethernet0/0/2]port hybrid pvid vlan 6 [sw2-Ethernet0/0/2]port hybrid untagged vlan 3 6sw1:
[sw1]interface Eth0/0/5 [sw1-Ethernet0/0/5]port link-type trunk //设置该接口为Trunk模式 [sw1-Ethernet0/0/5]port trunk allow-pass vlan 2 to 6 //允许vlan2到6通过该干道(vlan1默认允许)sw2:
[sw2]interface Eth0/0/3 [sw2-Ethernet0/0/3]port hybrid tagged vlan 2 to 6 //设置该接口为混杂模式,并带标记允许vlan2到6通过(这种配置效果与对端接口trunk模式配置效果相同)sw1:
[sw1]interface Eth0/0/6 [sw1-Ethernet0/0/6]port hybrid tagged vlan 2 //混杂模式,设置该接口允许vlan 2 通过并带标记 [sw1-Ethernet0/0/6]port hybrid untagged vlan 3 to 6 //混杂模式,设置该接口允许vlan3到6通过并不带标记router:
<Huawei>sys [Huawei]sys router [router]interface GigabitEthernet 0/0/0 [router-GigabitEthernet0/0/0]ip address 192.168.1.1 24 [router-GigabitEthernet0/0/0]q[router]interface g0/0/0.1 [router-GigabitEthernet0/0/0.1]dot1q termination vid 2 //配置子接口dot1q终结的vlan2,当物理接口接到vlan2的标签数据后,交由该子接口处理,由该接口发出的数据自动带上vlan2的标签。 [router-GigabitEthernet0/0/0.1]ip address 192.168.2.1 24 [router-GigabitEthernet0/0/0.1]arp broadcast enable //使能终结的子接口的ARP广播功能 [router-GigabitEthernet0/0/0.1]q[router]dhcp enable //启动DHCP服务器 [router]ip pool v2 //创建名为v2的DHCP池塘 [router-ip-pool-v2]network 192.168.2.0 mask 24 //宣告地址池 [router-ip-pool-v2]gateway-list 192.168.2.1 //网关[router]ip pool v3-v6 [router-ip-pool-v3-v6]network 192.168.1.0 mask 24 [router-ip-pool-v3-v6]gateway-list 192.168.1.1 [router-ip-pool-v3-v6]q[router]interface g0/0/0 [router-GigabitEthernet0/0/0]dhcp select global //启动该接口的DHCP服务 [router-GigabitEthernet0/0/0]q[router]interface GigabitEthernet 0/0/0.1 [router-GigabitEthernet0/0/0.1]dhcp select global
四.实验结果
1.pc2可以访问4/5/6
2.pc4不能访问5/6,pc5不能访问6
3.pc5不能访问pc6
4.pc1/3可以访问pc2/4/5/6
