VLANs: как настроить разные подсети, назвать их.
Подписать для статуса интерфейсов в таблице, например, TO R1
SW# show interfaces status
SW# conf t
SW1(config)#int fa0/1
SW1(config-if)# description TO R1
SW1(config-if)# end
First delete all the VLANs that were there before.
SW2
SW2#conf t
Удаляем все предыдущие VLANы
SW2 (config) # no vlans 100-110
SW2 (config-if)# end
Создаем и называем новые VLANs
SW# vlan 100
SW(config-vlan)#name ACCOUTING
SW(config-vlan)#exit
SW# vlan 101
SW(config-vlan)#name SALES
SW(config-vlan)#exit
SW# show vlan
100 Accouting
101 Sales
By default, there are 5 VLANS 1 =default Fa 0/1-Fa0/24
1002 1003 1004 1005 are for other protocols.
Затем конфигурируем на коммутаторах, какие соединения к какому VLAN,
например, VLAN 100 это Fa 0/1 и Fa 0/24.
SW1# conf t
SW1 (config)# int fa0/1
SW1 (config-if)# switchport access vlan 100
SW1(config-if)# end
SW1 (config)# int fa0/24
Links between the switches are trunk ports.
Trank ports will carry all of the VLANs, but you can tell them not to.
SW3 and SW2 will carry 101 ans 100 both by default.
SW1 (config-if)# switchport access vlan 100
SW1(config-if)# end
SW1 (config)# int fa0/3
SW1 (config-if)# switchport access vlan 101
SW1(config-if)# end
Безопасность:
This is Layer 2 security feature.
Switches can carry one data to some 101 and another to 100.
If ports are not at the same VLAN, so the cannot talk to each other.
If PC tries to reach R2 now , ir will not have the responce to ARP packets.
SW# show interfaces status
SW# conf t
SW1(config)#int fa0/1
SW1(config-if)# description TO R1
SW1(config-if)# end
First delete all the VLANs that were there before.
SW2
SW2#conf t
Удаляем все предыдущие VLANы
SW2 (config) # no vlans 100-110
SW2 (config-if)# end
Создаем и называем новые VLANs
SW# vlan 100
SW(config-vlan)#name ACCOUTING
SW(config-vlan)#exit
SW# vlan 101
SW(config-vlan)#name SALES
SW(config-vlan)#exit
SW# show vlan
100 Accouting
101 Sales
By default, there are 5 VLANS 1 =default Fa 0/1-Fa0/24
1002 1003 1004 1005 are for other protocols.
Затем конфигурируем на коммутаторах, какие соединения к какому VLAN,
например, VLAN 100 это Fa 0/1 и Fa 0/24.
SW1# conf t
SW1 (config)# int fa0/1
SW1 (config-if)# switchport access vlan 100
SW1(config-if)# end
SW1 (config)# int fa0/24
Links between the switches are trunk ports.
Trank ports will carry all of the VLANs, but you can tell them not to.
SW3 and SW2 will carry 101 ans 100 both by default.
SW1 (config-if)# switchport access vlan 100
SW1(config-if)# end
SW1 (config)# int fa0/3
SW1 (config-if)# switchport access vlan 101
SW1(config-if)# end
Безопасность:
This is Layer 2 security feature.
Switches can carry one data to some 101 and another to 100.
If ports are not at the same VLAN, so the cannot talk to each other.
If PC tries to reach R2 now , ir will not have the responce to ARP packets.