跳到主要內容

Router on a Stick

目標:
PC1為VLAN 66,PC2為VLAN 1,PC3為VLAN88
使用Router on a stick,讓VLAN裡的PC可以互通,同時也可以連到設在Switch VLAN1的IP


====Switch設定====
SW(config)#ip default-gateway 10.1.1.254
SW(config)#interface VLAN 1
SW(config-if)#ip address 10.1.1.1 255.255.255.0
SW(config-if)#no shutdown
SW(config)#interface range fastEthernet 0/1-10
SW(config-if-range)#switchport access vlan 66

SW(config)#interface range fastEthernet 0/14-24
SW(config-if-range)#switchport access vlan 88

SW(config)#interface fastEthernet 0/12
SW(config-if)#switchport mode trunk
SW(config-if)#^Z
SW#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/11, Fa0/13
66   VLAN0066                         active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10
88   VLAN0088                         active    Fa0/14, Fa0/15, Fa0/16, Fa0/17
                                                Fa0/18, Fa0/19, Fa0/20, Fa0/21
                                                Fa0/22, Fa0/23, Fa0/24
1002 fddi-default                     active   
1003 token-ring-default               active   
1004 fddinet-default                  active   
1005 trnet-default                    active 

====Router設定====
Router#configure terminal
RO(config)#interface fastEthernet 0/0
RO(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
ip add

RO(config-if)#ip address 10.1.1.254 255.255.255.0
RO(config-if)#^Z
RO#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
RO(config)#interface fastEthernet 0/0.66
RO(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.66, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.66, changed state to up

RO(config-subif)#encapsulation dot1Q 66
RO(config-subif)#ip address 10.1.66.254 255.255.255.0
RO(config-subif)#no shutdown
RO(config-subif)#exit
RO(config)#interface fastEthernet 0/0.88
RO(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.88, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.88, changed state to up
en
RO(config-subif)#encapsulation dot1Q 88
RO(config-subif)#ip address 10.1.88.254 255.255.255.0
RO(config-subif)#no shutdown

RO#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 3 subnets
C       10.1.1.0 is directly connected, FastEthernet0/0
C       10.1.66.0 is directly connected, FastEthernet0/0.66
C       10.1.88.0 is directly connected, FastEthernet0/0.88
RO#ping 10.1.66.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.66.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms

RO#ping 10.1.88.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.88.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/1/3 ms


標籤:

留言

張貼留言

這個網誌中的熱門文章

使用Cisco L3 Switch做VLAN的Routing

目標: 讓VLAN100與VLAN200的電腦透過L3 Swtich做VLAN的Routing,並且可以互相存取資源與上網,另外再使用Windows Server 2012配發VLAN100,VLAN200的IP Firewall: 使用ASUS AP當Firewall,並設兩條Static Route Switch: Core Switch為Cisco 3750切VLAN 10,VLAN100,VLAN200,VLAN10為預設的VLAN,VLAN100為Sales,VLAN200為RD Edge Switch為Cisco 3750與2950,其中2950為VLAN100,3750為VLAN200,如果要By Port切VLAN也可以,這裡只是為了方便說明,所以Edge Switch都直接設為單一VLAN Core Switch的設定 原本我只想Show Running-config其中比較重要的設定,後來想想還是全部列出,用紅色標記重要的設定 Gi 1/0/1接2950 Gi 1/0/2接3750 Gi 1/0/24接Router Core-3750#show running-config Building configuration... Current configuration : 2436 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Core-3750 ! boot-start-marker boot-end-marker ! ! ! ! no aaa new-model switch 1 provision ws-c3750g-24t system mtu routing 1546 ip routing no ip domain-lookup ! ! ! ! ! ! ! ! spanning-tree mode pvst spanning-tree portfas
張貼留言
閱讀完整內容

Cisco Switch 發生Loopback

User告知網路無法使用,看了Switch的狀況後,發現那個Port的狀態是Error Disable,接著又看了Switch的log Feb  8 12:14:14 TW: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 2c56.dc86.xxxx Feb  8 12:15:49 TW: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 2c56.dc86.xxxx Feb  8 12:18:00 TW: %ETHCNTR-3-LOOP_BACK_DETECTED: Keepalive packet loop-back detected on FastEthernet0/10. Feb  8 12:18:00 TW: %PM-4-ERR_DISABLE: loopback error detected on Fa0/10, putting Fa0/10 in err-disable state Feb  8 12:18:01 TW: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to down Feb  8 12:18:02 TW: %LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to down 應該是User私接設備,除了造成Loopback之外,又在隨便發放IP....... 不過因為那個User比較特殊,先教育了一下之後,再把那個Port shutdown , no shutdown,接著把Recovery設了上去,下次如果再遇到相同狀況,10分鐘後會自動恢復 xxxxx# show errdisable detect
張貼留言
閱讀完整內容

2台 Vigor 2920建立 LAN To LAN VPN (IPsec)

我有兩台Vigor 2920,環境如下: Vigor B 撥出 LAN:192.168.1.0/24 Vigor A 撥入 LAN:172.16.1.0/24 設定如下: Vigor B設定 Vigor A設定 詳細設定請參考官網 http://www.draytek.com/index.php?option=com_k2&view=item&id=2666&Itemid=264&lang=tw
張貼留言
閱讀完整內容