导读 某企业有两个主要部门,技术部和销售部,分处于不同的办公室,为了安全和便于管理对两个部门的主机进行了 VLAN 的划分,技术部和销售部分处于不同的 VLAN。现由于业务的需求需要销售部和技术部的主机能够相互访问,获得相应的资源,两个部门的交换机通过一台路由器进行了连接。
技术原理

单臂路由:是为实现 VLAN 间通信的三层网络设备路由器,它只需要一个以太网,通过创建子接口可以承担所有 VLAN 的网关,而在不同的 VLAN 间转发数据。

实验步骤

新建 packer tracer 拓扑图

当交换机设置两个 Vlan 时,逻辑上已经成为两个网络,广播被隔离了。两个 Vlan 的网络要通信,必须通过路由器,如果接入路由器的一个物理端口,则必须有两个子接口分别与两个 Vlan 对应,同时还要求与路由器相连得交换机的端口 fa 0/1 要设置为 trunk,因为这个接口要通过两个 Vlan 的数据包。

检查设置情况,应该能够正确的看到 Vlan 和 Trunk 信息。

计算机的网关分别指向路由器的子接口。

配置子接口,开启路由器物理接口。

默认封装 dot1q 协议。

配置路由器子接口 IP 地址。

实验设备

PC 2 台;Router_2811 1 台;Switch_2960 1 台

PC1
IP: 192.168.1.2
Submask: 255.255.255.0
Gateway:192.168.1.1

PC2
IP: 192.168.2.2
Submask: 255.255.255.0
Gateway:192.168.2.1

Switch
en
conf t
vlan 2
exit
vlan 3
exit
interface fastEthernet 0/2
switchport access vlan 2
exit
int fa 0/3
switchport access vlan 3
exit
int fa 0/1
switchport mode trunk
end
show vlan


Router
en
conf t
int fa 0/0
no shutdown
exit
interface fast 0/0.1
encapsulation dot1q 2 #将以太网子接口0/0.1划分到vlan 2,并且封装格式为802.1q
ip address 192.168.1.1 255.255.255.0
exit

int fa 0/0.2
encapsulation dot1q 3 #将以太网子接口0/0.2划分到vlan 3,并且封装格式为802.1q
ip address 192.168.2.1 255.255.255.0
end
show ip route
实战演练
配置交换机

Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#int fa 0/2
Switch(config-if)#sw access vlan 2
Switch(config-if)#exit
Switch(config)#int fa 0/3
Switch(config-if)#sw access vlan 3
Switch(config-if)#exit
Switch(config)#int fa 0/1
Switch(config-if)#sw mode trunk
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console

Switch#show vlan

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gig1/1, Gig1/2
2 VLAN0002 active Fa0/2
3 VLAN0003 active Fa0/3
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
--More--

配置路由器

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no


Press RETURN to get started!



Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa 0/0
Router(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Router(config-if)#exit
Router(config)#int fa 0/0.1

%LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up
Router(config-subif)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state to up

Router(config-subif)#encapsulation dot1q 2 #将以太网子接口0/0.1划分到vlan 2,并且封装格式为802.1q
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
Router(config-subif)#exit
Router(config)#int fa 0/0.2

%LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state to up
Router(config-subif)#encapsulation dot1q 3 #将以太网子接口0/0.2划分到vlan 3,并且封装格式为802.1q
Router(config-subif)#ip address 192.168.2.1 255.255.255.0
Router(config-subif)#end
Router#
%SYS-5-CONFIG_I: Configured from console by console

Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

C 192.168.1.0/24 is directly connected, FastEthernet0/0.1
C 192.168.2.0/24 is directly connected, FastEthernet0/0.2
Router#
测试
PC1 ping PC2

PC>ipconfig

IP Address......................: 192.168.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1

PC>ping 192.168.2.2

Pinging 192.168.2.2 with 32 bytes of data:

Request timed out.
Reply from 192.168.2.2: bytes=32 time=20ms TTL=127
Reply from 192.168.2.2: bytes=32 time=22ms TTL=127
Reply from 192.168.2.2: bytes=32 time=23ms TTL=127

Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 23ms, Average = 21ms

PC>ping 192.168.2.2

Pinging 192.168.2.2 with 32 bytes of data:

Reply from 192.168.2.2: bytes=32 time=28ms TTL=127
Reply from 192.168.2.2: bytes=32 time=19ms TTL=127
Reply from 192.168.2.2: bytes=32 time=21ms TTL=127
Reply from 192.168.2.2: bytes=32 time=22ms TTL=127

Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 28ms, Average = 22ms

PC2 ping PC1

PC>ipconfig

IP Address......................: 192.168.2.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.2.1

PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Reply from 192.168.1.2: bytes=32 time=22ms TTL=127
Reply from 192.168.1.2: bytes=32 time=26ms TTL=127
Reply from 192.168.1.2: bytes=32 time=24ms TTL=127
Reply from 192.168.1.2: bytes=32 time=21ms TTL=127

Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 26ms, Average = 23ms

本文原创地址:https://www.linuxprobe.com/router-single-arm.html编辑:传棋,审核员:逄增宝