VLAN실습
◾ VLAN별 Telnet 접속
VLAN2와 VLAN3의 PC에서 스위치에 telnet 접속을 수행한다.
sw1(config)#vlan 2
sw1(config-vlan)#name vlan2
sw1(config-vlan)#exit
sw1(config)#vlan 3
sw1(config-vlan)#name vlan3
sw1(config-vlan)#exit
sw1(config)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
2 vlan2 active
3 vlan3 active
sw1(config)#int Fa0/4
sw1(config-if)#switchport access vlan 2
sw1(config-if)#switchport mode access
sw1(config-if)#exit
sw1(config)#int Fa0/5
sw1(config-if)#switchport access vlan 2
sw1(config-if)#switchport mode access
sw1(config-if)#exit
sw1(config)#int Fa0/6
sw1(config-if)#switchport access vlan 3
sw1(config-if)#switchport mode access
sw1(config-if)#exit
sw1(config)#int Fa0/7
sw1(config-if)#switchport access vlan 3
sw1(config-if)#switchport mode access
sw1(config-if)#exit
sw1(config)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/8
...
2 vlan2 active Fa0/4, Fa0/5
3 vlan3 active Fa0/6, Fa0/7
VLAN 주소 설정
sw1(config)#int vlan2
sw1(config-if)#
%LINK-5-CHANGED: Interface Vlan2, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up
sw1(config-if)#ip address 192.168.12.102 255.255.255.0
sw1(config-if)#no shutdown
sw1(config-if)#exit
sw1(config)#inter
sw1(config)#interface vlan3
sw1(config-if)#
%LINK-5-CHANGED: Interface Vlan3, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan3, changed state to up
sw1(config-if)#ip address 192.168.13.103 255.255.255.0
sw1(config-if)#no shutdown
sw1(config-if)#exit
sw1(config)#exit
sw1#
%SYS-5-CONFIG_I: Configured from console by console
sw1#copy runn
sw1#copy running-config start
sw1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
sw1#
Telnet 접속 설정
sw1(config)#line vty 0 4
sw1(config-line)#login
% Login disabled on line 1, until 'password' is set
% Login disabled on line 2, until 'password' is set
% Login disabled on line 3, until 'password' is set
% Login disabled on line 4, until 'password' is set
% Login disabled on line 5, until 'password' is set
sw1(config-line)#password kitri03
PC4에서 telnet 접속
자신의 VLAN에서만 접속이 가능하다. 다른 VLAN 접속은 못한다.
C:\>telnet 192.168.12.102
Trying 192.168.12.102 ...Open
User Access Verification
Password:
sw1>exit
[Connection to 192.168.12.102 closed by foreign host]
C:\>telnet 192.168.13.103
Trying 192.168.13.103 ...
% Connection timed out; remote host not responding
C:\>◾ 여러 스위치에서 VLAN 간 통신 실습
VLAN 1 : all
VLAN 10 : fa0/10 ~ fa0/14
VLAN 20 : fa0/20 ~ fa0/24
sw2(config)#vlan 10
sw2(config-vlan)#name vlan10
sw2(config-vlan)#exit
sw2(config)#vlan 20
sw2(config-vlan)#name vlan20
sw2(config-vlan)#exit
sw2(config)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 vlan10 active
20 vlan20 active
VLAN 포트 설정
sw1(config)#interface range fa0/10-14
sw1(config-if-range)#switchport access vlan 10
sw1(config-if-range)#switchport mode access
sw1(config-if-range)#exit
sw1(config)#int range fa0/20-24
sw1(config-if-range)#switchport access vlan 20
sw1(config-if-range)#switchport mode access
sw1(config-if-range)#exit
sw1(config)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Gig0/1, Gig0/2
10 vlan10 active Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14
20 vlan20 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
sw1(config)#int g0/1
sw1(config-if)#sw ac vlan 10
sw1(config-if)#sw mode ac
sw1(config-if)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Gig0/2
10 vlan10 active Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Gig0/1
20 vlan20 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
sw2(config)#int g0/2
sw2(config-if)#
%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/2 (1), with sw1 GigabitEthernet0/2 (20).
sw2(config-if)#sw ac vlan 20
sw2(config-if)#sw mode access
sw2(config-if)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19
10 vlan10 active Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Gig0/1
20 vlan20 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig0/2테스트는 컴퓨터에서 각 vlan별로 통신이 되는지 확인
◾ 여러 스위치에서 VLAN 간 통신 실습 - TRUNK
Trunk 는 모든 VLAN의 패킷을 전송
sw1, sw2 둘다 설정
sw1(config)#int g0/1
sw1(config-if)#no sw mode access
Command rejected: An interface must be configured to the Access or Trunk modes to be configured to NoNegotiate.
sw1(config-if)#no switchport access vlan 10
sw1(config-if)#switchport mode trunk
sw1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
sw1(config-if)#do show int trunk
Port Mode Encapsulation Status Native vlan
Gig0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gig0/1 1-1005
Port Vlans allowed and active in management domain
Gig0/1 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Gig0/1 none
테스트는 컴퓨터에서 각 vlan별로 통신이 되는지 확인
PC1_1에서 PC1_2로 테스트
C:\>ping 1.1.1.12
Pinging 1.1.1.12 with 32 bytes of data:
Reply from 1.1.1.12: bytes=32 time<1ms TTL=128
Reply from 1.1.1.12: bytes=32 time<1ms TTL=128
Reply from 1.1.1.12: bytes=32 time<1ms TTL=128
Reply from 1.1.1.12: bytes=32 time<1ms TTL=128
Ping statistics for 1.1.1.12:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms◾ VLAN Routing 실습
VLAN간에 통신은 반드시 L3 장치를 통해서 가능하다.
• VLAN 10 : 192.168.10.0/24 : fa10 ~ fa14
• VLAN 20 : 192.168.20.0/24 : fa20 ~ fa14
• S0 gi0/1, gi0/2는 각각 R0의 gi0/0, gi0/1에 연결.
• VLAN 10 GW : R0 gi0/0
• VLAN 20 GW : R0 gi0/1
스위치 설정
S0(config)#vlan 10
S0(config-vlan)#name vlan10
S0(config-vlan)#vlan 20
S0(config-vlan)#name vlan20
S0(config-vlan)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 vlan10 active
20 vlan20 active
...
S0(config)#int range f0/10-14, g0/1
S0(config-if-range)#switch access vlan 10
S0(config-if-range)#switchport mode access
S0(config-if-range)#int range f0/20-24, g0/2
S0(config-if-range)#sw ac vlan 20
S0(config-if-range)#sw mode access
S0(config-if-range)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19
10 vlan10 active Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Gig0/1
20 vlan20 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig0/2
라우터 설정
R0(config)#interface g0/0
R0(config-if)#ip address 192.168.10.1 255.255.255.0
R0(config-if)#no shut
R0(config-if)#no shutdown
R0(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
R0(config-if)#int g0/1
R0(config-if)#ip address 192.168.20.1 255.255.255.0
R0(config-if)#no shutdown
R0(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
R0(config-if)#do show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.10.1 YES manual up up
GigabitEthernet0/1 192.168.20.1 YES manual up up
Vlan1 unassigned YES unset administratively down down
테스트는 PC에서 진행한다.
PC1, PC2에서 둘다 진행하면 ping이 잘 가는 것을 확인할 수 있다.
C:\>ping 192.168.10.1
Pinging 192.168.10.1 with 32 bytes of data:
Reply from 192.168.10.1: bytes=32 time=19ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Ping statistics for 192.168.10.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 19ms, Average = 4ms
C:\>ping 192.168.20.1
Pinging 192.168.20.1 with 32 bytes of data:
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Ping statistics for 192.168.20.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms◾ VLAN Routing Trunk 실습
◾ VLAN간에 통신은 반드시 L3 장치를 통해서 가능하다.
• VLAN 10 : 192.168.10.0/24 : fa10 ~ fa14
• VLAN 20 : 192.168.20.0/24 : fa20 ~ fa14
• S0 gi0/1는 R0의 gi0/0에 연결.
- 트렁크로 지정 VLAN 10,20의 GW로 사용한다.
- R0의 gi0/0에 IP를 두 개 설정한다.
Switch 설정
S0(config)#interface range gi0/1-2
S0(config-if-range)#no sw ac vlan
S0(config-if-range)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Gig0/1, Gig0/2
10 vlan10 active Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14
20 vlan20 active Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
Router 설정
S0(config)#int g0/1
S0(config-if)#sw mode trunk
S0(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
S0(config-if)#do show int trunk
Port Mode Encapsulation Status Native vlan
Gig0/1 on 802.1q trunking 1
이전 실습의 ip를 해제한다.
R0(config)#int g0/0
R0(config-if)#no ip address
R0(config-if)#no ip address
R0(config-if)#shutdown
R0(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to down
R0(config-if)#int g0/1
R0(config-if)#no ip address
R0(config-if)#shutdown
R0(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to administratively down
R0(config-if)#do show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES manual administratively down down
GigabitEthernet0/1 unassigned YES manual administratively down down
Vlan1 unassigned YES unset administratively down down
라우터에 가상 인터페이스를 생성해 ip를 할당한다.
R0(config)#int g0/0
R0(config-if)#no shutdown
R0(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
R0(config-if)#int g0/0.10
R0(config-subif)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0.10, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0.10, changed state to up
R0(config-subif)#encapsulation dot1q 10
R0(config-subif)#ip address 192.168.10.1 255.255.255.0
R0(config-subif)#int g0/0.20
R0(config-subif)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0.20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0.20, changed state to up
R0(config-subif)#encapsulation dot1q 20
R0(config-subif)#ip address 192.168.20.1 255.255.255.0
R0(config-subif)#do show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES manual up up
GigabitEthernet0/0.10 192.168.10.1 YES manual up up
GigabitEthernet0/0.20 192.168.20.1 YES manual up up
GigabitEthernet0/1 unassigned YES manual administratively down down
Vlan1 unassigned YES unset administratively down down
PC에서 테스트
C:\>ping 192.168.10.1
Pinging 192.168.10.1 with 32 bytes of data:
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Reply from 192.168.10.1: bytes=32 time<1ms TTL=255
Ping statistics for 192.168.10.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping 192.168.20.1
Pinging 192.168.20.1 with 32 bytes of data:
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Reply from 192.168.20.1: bytes=32 time<1ms TTL=255
Ping statistics for 192.168.20.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
'네트워크 공부 기록' 카테고리의 다른 글
| 정적 라우팅 구현 실습 (라우팅 정보 입력 및 Default 라우팅) (0) | 2022.01.14 |
|---|---|
| Router 및 정적 라우팅 (0) | 2022.01.14 |
| VLAN (0) | 2022.01.13 |
| STP (0) | 2022.01.11 |
| Switch (0) | 2022.01.11 |