Shulou(Shulou.com)05/31 Report--

This article mainly explains "switch division VLAN how to configure", the content of the article is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in depth, together to study and learn "switch partition VLAN how to configure" it!

The PC of the finance department and the sales department of a company communicates through two switches; the PC of the finance department and the sales department is required to communicate with each other, but for the sake of data security, the sales department and the finance department need to be isolated from each other, and now it is necessary to make proper configuration on the switch to achieve this goal.

Technical principle

The Chinese name of VLAN (Virtual Local Area Network) is "virtual local area network".

Virtual local area network (VLAN) is a group of logical devices and users, which are not limited by physical location. They can be organized according to functions, departments, applications and other factors, and communicate with each other as if they are in the same network segment, hence the name virtual LAN. VLAN is a relatively new technology, which works in layer 2 and layer 3 of the OSI reference model. An VLAN is a broadcast domain, and the communication between VLAN is accomplished through a layer 3 router. Compared with the traditional local area network technology, VLAN technology is more flexible. It has the following advantages: the management overhead of moving, adding and modifying network equipment is reduced; broadcasting activities can be controlled; and network security can be improved.

VLAN refers to the logical division of a physical network segment into several virtual Lans. The characteristic of VLAN enlargement is not limited by the physical location and can be divided flexibly. VLAN has the characteristics of a physical network segment. Hosts in the same VLAN can communicate directly with each other, and the access between hosts in different VLAN must be forwarded by routing devices. Broadcast packets can only be broadcast in this VLAN and cannot be transmitted to other VLAN.

Port VLAN is one of the ways to realize VLAN. It uses the port of the switch to divide the VALN. A port can only belong to one VLAN.

Tag VLAN is another type of switch port based on direct access between hosts in the same Vlan of the switch while isolating hosts with different Vlan. Tag VLAN follows the standard of IEEE802.1Q protocol. When using the port configured with Tag VLAN for data transmission, it needs to add 4 bytes of 8021.Q tag information in the data frame to indicate which VLAN the data frame belongs to, so as to facilitate the accurate filtering of the data frame received by the end switch.

Experimental procedure

Create a new Packet Tracer topology diagram

Partition VLAN

Divide the ports into the appropriate VLAN

Set the Tag VLAN Trunk property

test

Experimental equipment

Switch_2960 2; PC 4; direct connection

PC1IP: 192.168.1.2Submark: 255.255.255.0Gateway: 192.168.1.1PC2IP: 192.168.1.3Submark: 255.255.255.0Gateway: 192.168.1.1PC3IP: 192.168.1.4Submark: 255.255.255.0Gateway: 192.168.1.1PC4IP: 192.168.1.5Submark: 255.255.255.0Gateway: 192.168.1.1Switch2enconf tvlan 2exitvlan 3exitinter fa 0/1switch access vlan 2exitinter fa 0/2switch access vlan 3exitinter fa 0/24switch mode trunkendshow VlanSwitch3enconf tvlan 2exitvlan 3exitint fa 0/1switch access vlan 2exitint fa 0/2switch access vlan 3exitint fa 0/24switch mode trunkendshow vlanPC1 ping PC2 timeoutPC1 ping PC3 Reply

Actual combat exercise

Switch2Switch > enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch (config) # vlan 2Switch (config-vlan) # exitSwitch (config) # vlan 3Switch (config-vlan) # exitSwitch (config) # inter fa 0/1Switch (config-if) # switch access vlan 2Switch (config-if) # exitSwitch (config) # inter fa 0/2Switch (config-if) # switch access vlan 3Switch (config-if) # exitSwitch (config) # inter fa 0/24Switch (config-if) # switch mode trunk%LINEPROTO-5-UPDOWN Changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24 Changed state to upSwitch (config-if) # endSwitch#%SYS-5-CONFIG_I: Configured from console by consoleSwitch#show vlanVLAN Name Status Ports-----1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6Fa0/7 Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12, Fa0/13, Fa0/14Fa0/15, Fa0/16, Fa0/17, Fa0/18Fa0/19, Fa0/20, Fa0/21, Fa0/22Fa0/23, Gig1/1 Gig1/22 VLAN0002 active Fa0/13 VLAN0003 active Fa0/21002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsupVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 -1 enet 100001 1500-002 enet 100002 1500-003 enet 100003 1500-0 01002 fddi 101002 500-00-- More--Switch3Switch > enSwitch#conf tEnter configuration commands One per line. End with CNTL/Z.Switch (config) # vlan 2Switch (config-vlan) # exitSwitch (config) # vlan 3Switch (config-vlan) # exitSwitch (config) # int fa 0/1Switch (config-if) # switch access vlan 2Switch (config-if) # exitSwitch (config) # int fa 0/2Switch (config-if) # switch access vlan 3Switch (config-if) # exitSwitch (config) # int fa 0/24Switch (config-if) # switch mode trunkSwitch (config-if) # endSwitch#%SYS-5-CONFIG_I Configured from console by consoleSwitch#show vlanVLAN Name Status Ports-----1 default active Fa0/3 Fa0/4, Fa0/5, Fa0/6Fa0/7, Fa0/8, Fa0/9, Fa0/10Fa0/11, Fa0/12, Fa0/13, Fa0/14Fa0/15, Fa0/16, Fa0/17, Fa0/18Fa0/19, Fa0/20, Fa0/21, Fa0/22Fa0/23, Gig1/1 Gig1/22 VLAN0002 active Fa0/13 VLAN0003 active Fa0/21002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsupVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 -1 enet 100001 1500-002 enet 100002 1500-003 enet 100003 1500-0 01002 fddi 101002 500-00-More--

test

PC > ipconfigIP Address..: 192.168.1.2Subnet Mask.: 255.255.255.0Default Gateway.: 192.168.1.1PC > ping 192.168.1.3Pinging 192.168.1.3 with 32 bytes of data:Request timed out.Request timed out.Ping statistics for 192 .168.1.3: Packets: Sent = 2 Received = 0, Lost = 2, Control- C ^ loss > ping 192.168.1.4Pinging 192.168.1.4 with 32 bytes of data:Reply from 192.168.1.4: bytes=32 time=16ms TTL=128Reply from 192.168.1.4: bytes=32 time=17ms TTL=128Reply from 192.168.1.4: bytes=32 time=15ms TTL=128Reply from 192.168.1.4: bytes=32 time=18ms TTL=128Ping statistics for 192.168.1.4:Packets: Sent = 4, Received = 4, Lost = 0 (0 loss), Approximate round trip times in milli-seconds:Minimum = 15ms, Maximum = 18ms Average = 16msPC > ipconfigIP Address..: 192.168.1.3Subnet Mask.: 255.255.255.0Default Gateway.: 192.168.1.1PC > ping 192.168.1.4Pinging 192.168.1.4 with 32 bytes of data:Request timed out.Ping statistics for 192.168.1.4:Packets: Sent = 2 Received = 0, Lost = 2, Control- C ^ loss > ping 192.168.1.5Pinging 192.168.1.5 with 32 bytes of data:Reply from 192.168.1.5: bytes=32 time=16ms TTL=128Reply from 192.168.1.5: bytes=32 time=15ms TTL=128Reply from 192.168.1.5: bytes=32 time=16ms TTL=128Reply from 192.168.1.5: bytes=32 time=15ms TTL=128Ping statistics for 192.168.1.5:Packets: Sent = 4, Received = 4, Lost = 0 (0 loss), Approximate round trip times in milli-seconds:Minimum = 15ms, Maximum = 16ms Average = 15ms Thank you for your reading The above is the content of "how to configure the switch division VLAN". After the study of this article, I believe you have a deeper understanding of the switch division VLAN how to configure this problem, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.