نمایش نتایج: از شماره 1 تا 13 از مجموع 13
سپاس ها 1سپاس

موضوع: InterVLAN Routing on Layer 3 Switches

  
  1. #1
    نام حقيقي: Reza Behroozi

    عضو غیر فعال شناسه تصویری ahuray_mazdaa
    تاریخ عضویت
    Jun 2005
    محل سکونت
    Shiraz
    نوشته
    1,154
    سپاسگزاری شده
    227
    سپاسگزاری کرده
    115

    InterVLAN Routing on Layer 3 Switches

    can we do intervlan with layer3switch ?
    please send an exmaple
    best regard

    but without use router



    موضوعات مشابه:





  2. #2
    نام حقيقي: محمد حکیمی

    Administrator شناسه تصویری Hakimi
    تاریخ عضویت
    Dec 2002
    محل سکونت
    تهران
    نوشته
    6,540
    سپاسگزاری شده
    6757
    سپاسگزاری کرده
    1029
    نوشته های وبلاگ
    4

    http://www.cisco.com/warp/public/473...anrouting.html

    How To Configure InterVLAN Routing on Layer 3 Switches

    Document ID: 41860

    Introduction

    VLANs divide broadcast domains in a LAN environment. Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed between them. This is known as inter-VLAN routing. On Catalyst switches it is accomplished by creating Layer 3 interfaces (Switch virtual interfaces (SVI) ). This document provides the configuration and troubleshooting steps applicable to this capability.
    Note: This document uses a Catalyst 3550 as an example. However, the concepts can also be applied to other Layer 3 switches that run Cisco IOS® (for example, Catalyst 3560, 3750, Catalyst 4500/4000 Series with Sup II+ or later, or Catalyst 6500/6000 Series that run Cisco IOS System software).
    <H2>Prerequisites

    Requirements

    Catalyst switch models 3560, 3750, Catalyst 4500/4000 Series with Sup II+ or later, or Catalyst 6500/6000 Series that run Cisco IOS system software support basic InterVLAN routing features in all their supported software versions. Before you attempt this configuration on a 3550 series switch, ensure that you meet these prerequisites:

    • InterVLAN routing on the Catalyst 3550 has certain software requirements to support interVLAN routing on the switch. See this table to determine whether your switch can support interVLAN routing.
      Image Type and Version
      InterVLAN Routing Capability
      Enhanced Multilayer Image (EMI) - All Versions
      Yes
      Standard Multilayer Image (SMI) - prior to Cisco IOS Software Release12.1(11)EA1
      No
      Standard Multilayer Image (SMI) - Cisco IOS Software Release 12.1(11)EA1 and later
      Yes

      For more information on the differences between SMI and EMI, refer to Upgrading Software Images on Catalyst 3550 Series Switches Using the Command Line Interface. This document also provides the procedure to upgrade the IOS code to a version that supports interVLAN routing.
    • This document assumes that Layer 2 has been configured and that the devices within the same VLAN connected to the 3550 communicate with one another. If you need information on configuring VLANs, access ports and trunking on the 3550, refer to Creating Ethernet VLANs on Catalyst Switches or the Catalyst 3550 Software Configuration Guide for the specific IOS version you run on the switch.
    Components Used

    The information in this document is based on these software and hardware versions:
    • Catalyst 3550-48 that runs Cisco IOS Software Release 12.1(12c)EA1 EMI
    The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
    Conventions

    For more information on document conventions, refer to the Cisco Technical Tips Conventions.
    Configure InterVLAN Routing

    Task

    In this section, you are presented with the information to configure the features described in this document.
    This logical diagram explains a simple interVLAN routing scenario. The scenario can be expanded to include a multi-switch environment by first configuring and testing inter-switch connectivity across the network before configuring the routing capability. For such a scenario that uses a Catalyst 3550, refer to Configuring InterVLAN Routing with Catalyst 3550 Series Switches.

    Step-by-Step Instructions

    Complete these steps to configure a switch to perform interVLAN routing.
    1. Enable routing on the switch by using the ip routing command. Even if IP routing was previously enabled, this step ensures that it is activated.
      Switch(config)#ip routing
      Note: If the switch does not accept the ip routing command, upgrade to either SMI image Cisco IOS Software Release12.1(11)EA1 or later, or an EMI image, and repeat this step. See the Prerequisites section for more information.
      Tip: Check the show running-configuration. Verify whether ip routing is enabled. The command, if enabled, appears towards the top of the output.
      hostname Switch!!ip subnet-zeroip routing!vtp domain Ciscovtp mode transparent
    2. Make note of the VLANs that you want to route between. In this example, you want to route traffic between VLANs 2, 3 and 10.
    3. Use the show vlan command to verify that the VLANs exist in the VLAN database. If they do not exist, add them on the switch. This is an example of adding VLANs 2, 3, and 10 to the switch VLAN database
      Switch#vlan databaseSwitch(vlan)#vlan 2VLAN 2 added: Name: VLAN0002Switch(vlan)#vlan 3VLAN 3 added: Name: VLAN0003Switch(vlan)#vlan 10VLAN 10 added: Name: VLAN0010Switch(vlan)#exitAPPLY completed.Exiting....
      Tip: You can use VLAN Trunking Protocol (VTP) to propagate these VLANs to other switches. Refer to Understanding and Configuring VLAN Trunk Protocol (VTP).
    4. Determine the IP addresses you want to assign to the VLAN interface on the switch. For the switch to be able to route between the VLANs, the VLAN interfaces must be configured with an IP address. When the switch receives a packet destined for another subnet/VLAN, the switch looks at the routing table to determine where to forward the packet. The packet is then passed to the VLAN interface of the destination. It is in turn sent to the port where the end device is attached.
    5. Configure the VLAN interfaces with the IP address identified in step 4.
      Switch#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#interface Vlan2Switch(config-if)#ip address 10.1.2.1 255.255.255.0Switch(config-if)#no shutdown
      Repeat this process for all VLANs identified in step 1.
    6. Configure the interface to the default router. In this scenario you have a Layer 3 FastEthernet port.
      Switch(config)#interface FastEthernet 0/1Switch(config-if)#no switchportSwitch(config-if)#ip address 200.1.1.1 255.255.255.0Switch(config-if)#no shutdown
      The no switchport command makes the interface Layer 3 capable. The IP address is in the same subnet as the default router.
      Note: This step can be omitted if the switch reaches the default router through a VLAN. In its place, configure an IP address for that VLAN interface.
    7. Configure the default route for the switch.
      Switch(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2
      From the diagram in the Task section, note that the IP address of the default router is 200.1.1.2. If the switch receives a packet for a network not in the routing table, it forwards it to the default gateway for further processing. From the switch, verify that you can ping the default router.
      Note: The ip default-gateway command is used to specify the default gateway when routing is not enabled. However, in this case, routing is enabled (from step 1). Therefore, the ip default-gateway command is unnecessary.
    8. Configure your end devices to use the respective Catalyst 3550 VLAN interface as their default gateway. For example, devices in VLAN 2 should use the interface VLAN 2 IP address as its default gateway. Refer to the appropriate client configuration guide for more information on how to designate the default gateway.
    Verify

    This section provides the information to confirm that your configuration works properly.
    Certain show commands are supported by the Output Interpreter Tool ( registered customers only) . This allows you to view an analysis of show command output.
    • show ip route - Provides a snapshot of the routing table entries.
      Cat3550#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static routeGateway of last resort is 200.1.1.2 to network 0.0.0.0 200.1.1.0/30 is subnetted, 1 subnetsC 200.1.1.0 is directly connected, FastEthernet0/48 10.0.0.0/24 is subnetted, 3 subnetsC 10.1.10.0 is directly connected, Vlan10C 10.1.3.0 is directly connected, Vlan3C 10.1.2.0 is directly connected, Vlan2S* 0.0.0.0/0 [1/0] via 200.1.1.2
      Note that the routing table has an entry for each VLAN interface subnet. Therefore, devices in VLAN 3 can communicate with devices in VLAN 10, VLAN 2 and vice versa. The default route with the next hop 200.1.1.2 allows the switch to forward traffic to the gateway of last resort (for traffic the switch cannot route).
    • show ip interface brief - Lists a brief summary of an interface's IP information and status. This command is used to verify that the VLAN interfaces and ports on the switch are up/up.
    Troubleshoot

    This section provides the information used to troubleshoot your configuration.
    Troubleshooting Procedure

    Here is troubleshooting information relevant to this configuration. Follow the instructions to troubleshoot your configuration.
    1. Verify you have Layer 2 connectivity by issuing Intrenet Control Message Prptocol (ICMP) pings.
      • If you are not able to ping between two devices on the same VLAN on the same switch, verify that your source and destination ports have devices connected to them and are assigned to the same VLAN. For more information, refer to Creating Ethernet VLANs on Catalyst Switches.
      • If you are not able to ping between two devices on the same VLAN but not on the same switch, verify that trunking is configured properly and that the native VLAN matches on both sides of the trunk.
    2. Initiate an ICMP ping from an end device connected to the Catalyst 3550 to its corresponding VLAN interface. In this example, you can use a host on VLAN 2 (10.1.2.2) and ping interface VLAN 2 (10.1.2.1). If you are not able to ping the interface, verify that the host's default gateway points to the corresponding VLAN interface IP address and that the subnet masks match. For example, the default gateway of the device on VLAN 2 should point to Interface VLAN 2 (10.1.2.1). Also verify the interface VLAN status by issuing the show ip interface brief command.
      • If the interface status is administratively down, issue the no shutdown command in the VLAN interface configuration mode.
      • If the interface status is down/down, verify the VTP configuration and that the VLANs have been added to the VLAN database. Check to see if a port is assigned to the VLAN and whether it is in the Spanning Tree forwarding state.
    3. Initiate a ping from an end device in one VLAN to the interface VLAN on another VLAN to verify that the switch routes between VLANs. In this example, ping from VLAN 2 (10.1.2.1) to Interface VLAN 3 (10.1.3.1) or Interface VLAN 10 (10.1.10.1). If the ping fails, verify that IP routing is enabled and that the VLAN interfaces status is up by issuing the show ip interface brief command.
    4. Initiate a ping from the end device in one VLAN to the end device in another VLAN. For example, a device on VLAN 2 should be able to ping a device on VLAN 3. If the ping test is successful in step 3, but fails to reach the end device on other the VLAN, verify that the default gateway on the connected device is configured correctly.
    5. If you are not able to reach the Internet or corporate network, verify that the default route on the 3550 points to the correct IP address on the default router. Also verify that the IP address and subnet mask on the switch are configured correctly.



    محمد حکیمی
    hakimi [a t] gmail.com

  3. #3
    نام حقيقي: Reza Behroozi

    عضو غیر فعال شناسه تصویری ahuray_mazdaa
    تاریخ عضویت
    Jun 2005
    محل سکونت
    Shiraz
    نوشته
    1,154
    سپاسگزاری شده
    227
    سپاسگزاری کرده
    115
    thanks



  4. #4


    عضو غیر فعال
    تاریخ عضویت
    Aug 2005
    نوشته
    2
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0

    ِDHCP

    سلام مي دونم شايد به اين موضوع بي ربط باشه ولي مي خوام بدونم كه چه جوري مي شه روي Vlan هاي متفاوتي كه تو اين مثال هست DHCP گذاشت كه به Client ها IP از range همون Vlan كه توش هستند بده. و سئوال بعدي اينكه تو اين مثال همه VLan ها به يك سري سوئيچ لايه دو وصل هستند پس با اين حساب نميشه بين Vlan ها policy تعريف كرد كه فلان Vlan اون يكي رو نبينه؟ مگر اينكه Subnet مربوط به client ها كوچولو باشه كه در اين صورت هم با عوض كردن دستي subnet ها مي تونن بدون اينكه از سوئيچ رد بشن. همديگر رو ببينن. اين روش چه كاربردي داره؟



  5. #5
    نام حقيقي: Reza Behroozi

    عضو غیر فعال شناسه تصویری ahuray_mazdaa
    تاریخ عضویت
    Jun 2005
    محل سکونت
    Shiraz
    نوشته
    1,154
    سپاسگزاری شده
    227
    سپاسگزاری کرده
    115
    همونطور که خودت گفتی لایه دو پس vlan رو یا پورت ست میکنیم نه با ip و حتی اگه ip رو عوض کنن باز دسترسی به دیگر vlan ها ندارن و intervlan برای همین ارتباطه
    حتی در layer3swich هم تا اینترفس رو در لایه 3 قرار ندهبم در حالت معمول لایه دو کار میکنه



  6. #6


    عضو غیر فعال
    تاریخ عضویت
    Sep 2006
    نوشته
    21
    سپاسگزاری شده
    1
    سپاسگزاری کرده
    0
    to interface har Vlan miri va in dastor ro mizani
    IP-Helper ip DHCP-SERVER
    albate in dastorat ro bayad VTP Server benevisi Bara har vlan
    ba in kar har vlan range ip khodesh ro dare albate az sub

    exam
    16.172.x.x
    sub net asli bashe
    5.16.172.x
    baraye vlan 5 baraye mesal
    6.16.172.x
    baraye vlan 6


    ویرایش توسط farshad_1234 : 2006-09-26 در ساعت 02:46 PM





  7. #7


    عضو غیر فعال
    تاریخ عضویت
    Dec 2006
    نوشته
    7
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0
    ip helper-address حالا جلوی این دستور آدرس DHCP رو می نویسی .ولی شرطش اینه که قبلا یک VLAN تعریف کرده باشی ( روی سوییچ لایه 3 ) و IP هم به آن داده باشی و ایستگاههای کاری رو که می خوای از این رنج IP بگیرن رو داخل اون Vlan انداخته باشی . ضمنا روی Dhcp Server هم یک Scope با همین رنج تعریف کنی . امیدوارم که مفید بوده باشد .



  8. #8


    عضو عادی شناسه تصویری ali_es
    تاریخ عضویت
    May 2006
    محل سکونت
    tehran
    نوشته
    168
    سپاسگزاری شده
    5
    سپاسگزاری کرده
    1
    sho run
    Building configuration...
    Current configuration : 4371 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname MMI-Core
    !
    enable secret 5 $1$30B.$3FNzn5hzQE380fSswIiGf1
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    no ip domain-lookup
    no ip dhcp conflict logging
    ip dhcp excluded-address 10.1.2.1
    ip dhcp excluded-address 10.1.3.1
    ip dhcp excluded-address 10.1.4.1
    ip dhcp excluded-address 10.1.5.1
    ip dhcp excluded-address 10.1.6.1
    ip dhcp excluded-address 10.1.1.250
    ip dhcp excluded-address 10.1.1.251
    ip dhcp excluded-address 10.1.1.252
    ip dhcp excluded-address 10.1.1.253
    ip dhcp excluded-address 10.1.1.254
    ip dhcp excluded-address 10.1.1.1 10.1.1.4
    !
    ip dhcp pool 2
    network 10.1.2.0 255.255.255.0
    default-router 10.1.2.1
    dns-server 10.1.1.1 10.1.1.2
    domain-name mmi.net
    !
    ip dhcp pool 3
    network 10.1.3.0 255.255.255.0
    default-router 10.1.3.1
    dns-server 10.1.1.1 10.1.1.2
    domain-name mmi.net
    !
    ip dhcp pool 4
    network 10.1.4.0 255.255.255.0
    default-router 10.1.4.1
    dns-server 10.1.1.1 10.1.1.2
    domain-name mmi.net
    !
    ip dhcp pool 5
    network 10.1.5.0 255.255.255.0
    default-router 10.1.5.1
    dns-server 10.1.1.1 10.1.1.2
    domain-name mmi.net
    !
    ip dhcp pool 6
    network 10.1.6.0 255.255.255.0
    default-router 10.1.6.1
    dns-server 10.1.1.1 10.1.1.2
    domain-name mmi.net
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    interface FastEthernet0/1
    description Server 1 - AD Domain Controller
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/2
    description Server 2 - Exchange Server
    no switchport
    ip address 192.168.0.200 255.255.255.0
    spanning-tree portfast
    !
    interface FastEthernet0/3
    description Server 3 - Sharepoint Server
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/4
    description Server 4 - LCS
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/5
    description Server 5 - ISA INTERNAL Interface
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/6
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/7
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/8
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/9
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/10
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/11
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/12
    switchport access vlan 10
    spanning-tree portfast
    !
    interface FastEthernet0/13
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/14
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/15
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/16
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/17
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/18
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/19
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/20
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/21
    description *** A-Access Uplink Port ***
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/22
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/23
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/24
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    no ip address
    !
    interface Vlan2
    ip address 10.1.2.1 255.255.255.0
    !
    interface Vlan3
    ip address 10.1.3.1 255.255.255.0
    !
    interface Vlan4
    ip address 10.1.4.1 255.255.255.0
    !
    interface Vlan5
    ip address 10.1.5.1 255.255.255.0
    !
    interface Vlan6
    ip address 10.1.6.1 255.255.255.0
    !
    interface Vlan10
    ip address 10.1.1.250 255.255.255.0
    !
    ip classless
    ip http server
    !
    !
    control-plane
    !
    !
    line con 0
    line vty 0 4
    password 7 071C205E4B0218173E
    login
    line vty 5 15
    password 7 071C205E4B0218173E
    login
    !
    !
    end
    MMI-Core#





  9. #9


    عضو عادی شناسه تصویری ali_es
    تاریخ عضویت
    May 2006
    محل سکونت
    tehran
    نوشته
    168
    سپاسگزاری شده
    5
    سپاسگزاری کرده
    1
    در مورد policy میتونین access-list و MAC Access Lists و VLAN access maps استفاده کنین یعنی شما انواع و اقسام محدودیتها رو میتونی اعمال کنی


    ali2008 سپاسگزاری کرده است.

  10. #10
    نام حقيقي: Ali

    عضو غیر فعال شناسه تصویری ali2008
    تاریخ عضویت
    Jul 2007
    محل سکونت
    toronto
    نوشته
    8
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    1
    تشکر مرسی



  11. #11


    عضو عادی
    تاریخ عضویت
    Dec 2005
    نوشته
    649
    سپاسگزاری شده
    7
    سپاسگزاری کرده
    2
    با سلام من اين تنظيمات را انجام دادم من قبلا يک انتي ويروس norton corporate داشتم حالا user ها ديگه اونو نميبينن و patch هم نميتونن بگيرن از اون سرور (userها file sharin اونو ميبينن ولي وقتي antivirus client server را ميخواهيم نصب کنيم server را در ليست انتي ويروس سرور ها پيدا نميکنند)



  12. #12


    خواننده
    تاریخ عضویت
    Aug 2005
    نوشته
    6
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0
    Switch(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2 اين قسمت رو نمي تونم تجزيه تحليل كنم چطور بايد اين قسمت رو تعريف كنم ؟








  13. #13


    خواننده
    تاریخ عضویت
    Aug 2005
    نوشته
    6
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0
    Switch(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2 اين قسمت رو نمي تونم تجزيه تحليل كنم چطور بايد اين قسمت رو تعريف كنم ؟
    اقا من سه تا valn دارم به ترتيب vlan1,vlan2,vlan3 من چطور مي تونم بين vlan1,vlan2 ارتباط برقرار كنم در ضمن روتري هم در كار نيست و سويچ من سه لايه سيكو 3750 هستش .
    لطفا بنده را راهنمايي فرماييد.
    متشكرم




کلمات کلیدی در جستجوها:

نمونه كانفيگ 3750

تعاریف پیشرفته NSSA

scenario vtp switch layer 3 3550route table تحلیلکار کردن با Multilayer Switch 3560 در سیسکو17شبكه سوييچip vlan routing روي vtp serverسوئیچ لایه 3 و vlanip route in layer3how to configure inter vlan routing on layer 3 switchesswitchinter vlan routing - How To Configure InterVLAN Routing on Layer 3 Switchesسناریوی Trunking در سیسکوconfig default gateway for dhcp server on 3750 and server 2008 نحوه تنظيم چند رنج ip براي dhcp بر روي لايه 3switchinter vlan routing layer 3 switch کانفيگvlan را چگونه در ospf تنظیم کنیم؟دستور intervlaninter vlan routing layer 3 switch without routerintervlan routing in switch l3 روشکاربرد route در محیط کامندیتعریف intrvlan routing در سوئیچ 3560

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •