终端默认不识别tag,即无法识别带有VlanID的数据
- 本征VLAN的解决方案
不同Vlan之间不能够通信,不然就违背了vlan在2层隔离的本意,现在能够通信了,主要原因是trunk链路上的本征Vlan不携带Tag
主动方案:使本征Vlan携带tag(思科设备)
被动方案:将本征Vlan修改为一个特定的Vlan或者没有业务的Vlan(该Vlan下没有用户),而不使用Vlan1(华为设备(思科设备也可以使用本方案),华为的trunk总是有PVID Vlan的,总有出现不带tag的情况,所以只能使用无业务的vlan)
# >>>>思科
# 使得本征Vlan仍然携带tag
conf t
vlan dot1q tag native # 此时属于vlan8和vlan9的不再能够通信
# >>>>华为
# sw1
int g0/0/3
port trunk pvid vlan 99
# sw3
int g0/0/3
port trunk pvid vlan 99
# 终端连接trunk接口实现通信
# 将接口的PVID修改为vlanid
# sw3
int g0/0/10
port default vlan 1
port link-type trunk
port trunk pvid vlan 8
port trunk allow-pass vlan 8
- 混杂模式的实施
pc1、pc2、pc3均可以与R1通信,但是pc1、pc2、pc3之间不可以通信。
#..........................................配置华为的混杂模式
# 清空之前的配置
# sw3
int g0/0/10
port trunk pvid vlan 1
undo port trunk allow-pass vlan 8
port link-type hybrid
int g0/0/11
port default vlan 1
port link-type hybrid
int g0/0/12
port default vlan 1
port link-type hybrid
int g0/0/3
port trunk pvid vlan 1
undo port trunk allow-pass vlan 2 to 4094
port link-type hybrid
# sw1
int g0/0/3
port trunk pvid vlan 1
undo port trunk allow-pass vlan 2 to 4094
port link-type hybrid
int g0/0/1
port default vlan 1
port link-type hybrid
# 设置交换机sw1和sw3互联链路(所有链路均携带tag)
# port hybrid pvid / tagged / untagged 分别为入方向增加tag / 出方向携带tag / 出方向删除tag
# sw1
int g0/0/3
port hybrid tagged vlan all
# sw3
int g0/0/3
port hybrid tagged vlan all
# 设置sw3和pc之间的连接
# sw3
int g0/0/10
port hybrid pvid vlan 8
port hybrid untagged vlan 8 11
int g0/0/11
port hybrid pvid vlan 9
port hybrid untagged vlan 9 11
int g0/0/12
port hybrid pvid vlan 10
port hybrid untagged vlan 10 11
# 设置sw1和R1之间的连接
# sw1
int g0/0/1
port hybrid untagged vlan 8 to 11
port hybrid pvid vlan 11
# 如果想要实现pc1和pc2之间通信
# sw3
int g0/0/10
port hybrid untagged vlan 8 9 11
int g0/0/11
port hybrid untagged vlan 8 9 11
- Vlan的端口类型的最佳实践
Trunk用于交换机互联;Access用于终端接入;局部可以混用
# sw3和终端之间相连使用access
int g0/0/10
undo port hybrid untagged vlan 8 to 9 11
undo port hybrid pvid vlan
port link-type access
port default vlan 8
int g0/0/11
undo port hybrid untagged vlan 8 to 9 11
undo port hybrid pvid vlan
port link-type access
port default vlan 9
int g0/0/12
undo port hybrid untagged vlan 10 to 11
undo port hybrid pvid vlan
port link-type access
port default vlan 10
# sw1和sw3之间的互联
# sw3
int g0/0/3
undo port hybrid tagged vlan 1 to 4094
port hybrid vlan 1
port link-type trunk
port trunk allow-pass vlan all
# sw1
int g0/0/3
undo port hybrid tagged vlan 1 to 4094
port hybrid vlan 1
port link-type trunk
port trunk allow-pass vlan all
int g0/0/1
undo port hybrid untagged vlan 8 to 11
port hybrid pvid vlan 1
port link-type access
port default vlan 11