TIPS:交换机ARP数据帧发不到跨网段地址,但是同网段地址之间设备发送ARP广播数据帧时依然会发送过去,因为交换机的接口全都处于同一广播域
1.0单臂路由概述
单臂路由可以实现不同VLAN之间通信(缺点:共享带宽,容易造成网络堵塞;应用于物理接口,应用不灵活;VLAN间转发需要查看路由表,严重浪费设备资源)
链路类型
- 交换机连接主机的端口是为access链路
- 交换机连接路由的端口是为trunk链路
子接口
- 路由器的物理接口可以被划分为多个逻辑接口
- 每个子接口对应一个VLAN的网关
1.1单臂路由实例
实例
交换机LSW4
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW4
[LSW4]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW4]int g0/0/1
[LSW4-GigabitEthernet0/0/1]p l a
[LSW4-GigabitEthernet0/0/1]p d v 10
[LSW4-GigabitEthernet0/0/1]int g0/0/2
[LSW4-GigabitEthernet0/0/2]p l a
[LSW4-GigabitEthernet0/0/2]p d v 10
[LSW4-GigabitEthernet0/0/2]int e0/0/1
[LSW4-Ethernet0/0/1]p l a
[LSW4-Ethernet0/0/1]p d v 10
[LSW4-Ethernet0/0/1]int e0/0/2
[LSW4-Ethernet0/0/2]p l a
[LSW4-Ethernet0/0/2]p d v 10
[LSW4-Ethernet0/0/2]int e0/0/3
[LSW4-Ethernet0/0/3]p l a
[LSW4-Ethernet0/0/3]p d v 20
[LSW4-Ethernet0/0/3]int e0/0/4
[LSW4-Ethernet0/0/4]p l a
[LSW4-Ethernet0/0/4]p d v 20
[LSW4-Ethernet0/0/4]int e0/0/6
[LSW4-Ethernet0/0/6]p l t
[LSW4-Ethernet0/0/6]p t a v a
[LSW4-Ethernet0/0/6]int e0/0/5
[LSW4-Ethernet0/0/5]p l t
[LSW4-Ethernet0/0/5]p t a v a
[LSW4-Ethernet0/0/5] User interface con0 is available
交换机LSW5
<Huawei> u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW5
[LSW5]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW5]int e0/0/1
[LSW5-Ethernet0/0/1]p l t
[LSW5-Ethernet0/0/1]p t a v a
[LSW5-Ethernet0/0/1]int e0/0/2
[LSW5-Ethernet0/0/2]p l a
[LSW5-Ethernet0/0/2]p d v 10
[LSW5-Ethernet0/0/2]int e0/0/3
[LSW5-Ethernet0/0/3]p l a
[LSW5-Ethernet0/0/3]p d v 20
[LSW5-Ethernet0/0/3] User interface con0 is available
路由器R5
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R5
[R5]q
<R5>u t m
Info: Current terminal monitor is off.
<R5>sys
Enter system view, return user view with Ctrl+Z.
[R5]int g0/0/0.10
[R5-GigabitEthernet0/0/0.10]dot1q termination vid 10
[R5-GigabitEthernet0/0/0.10]ip address 192.168.1.254 24
[R5-GigabitEthernet0/0/0.10]arp broadcast enable
[R5-GigabitEthernet0/0/0.10]int g0/0/0.20
[R5-GigabitEthernet0/0/0.20]dot1q termination vid 20
[R5-GigabitEthernet0/0/0.20]arp broadcast enable
[R5-GigabitEthernet0/0/0.20]ip address 192.168.2.254 24
[R5-GigabitEthernet0/0/0.20] User interface con0 is available
2.0 三层交换机
三层交换技术可以实现VLAN间通信(三层交换加二层转发,拥有三层功能但不等于路由器)
vlanif(vlanint) 三层接口
2.1 FIB(转发信息库): 路由表
FIB从概念上讲类似于路由表,它维护着一个IP路由表中包含的转发信息的镜象。当网络中路由或拓朴结构发生了变化时,IP路由表就被更新,而这些变化也反映在FIB中。FIB基于IP路由表中信息,维护着下一网络段的地址信息。是路由表一个镜像,路由表更新时,FIB随之变化,其中FIB包含邻接主机的IP地址与VID的对应关系。
2.2 邻接关系表
邻接关系表包含邻接主机和交换机MAC地址的对应关系用来提供二层重写信息。
2.3 三层交换机实现vlan之间通信的原理
每一个 vlan都会虚拟出一个虚拟接口,然后在虚拟接口上配置ip地址
工作原理:
①主机A给B发送单播数据包
②交换机查找FIB表,找到下一跳地址
③查找下一跳地址对应的邻接关系的2层封装信息
④转发
注意:三层交换机不具备路由器特有的NAT、vpn 等技术。
实例
交换机LSW8
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]vlan batch 10 20 30
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]int e0/0/1
[Huawei-Ethernet0/0/1]p l a
[Huawei-Ethernet0/0/1]p d v 10
[Huawei-Ethernet0/0/1]int e0/0/2
[Huawei-Ethernet0/0/2]p l a
[Huawei-Ethernet0/0/2]p d v 20
[Huawei-Ethernet0/0/2]int e0/0/3
[Huawei-Ethernet0/0/3]p l a
[Huawei-Ethernet0/0/3]p d v 30
[Huawei-Ethernet0/0/3]int e0/0/4
[Huawei-Ethernet0/0/4]p l t
[Huawei-Ethernet0/0/4]p t a v a
[Huawei-Ethernet0/0/4]
交换机LSW 10
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]vlan batch 10 20 30 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]p l t
[Huawei-GigabitEthernet0/0/1]p t a v a
[Huawei-GigabitEthernet0/0/1]q
[Huawei]int vlanif 10
[Huawei-Vlanif10]ip address 192.168.1.254 24
[Huawei-Vlanif10]int vlanif 20
[Huawei-Vlanif20]ip address 192.168.2.254 24
[Huawei-Vlanif20]int vlanif 30
[Huawei-Vlanif30]ip address 192.168.3.254 24
[Huawei-Vlanif30]int vlanif 100
[Huawei-Vlanif100]ip address 192.168.4.1 24
[Huawei-Vlanif100]q
[Huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2]p l a
[Huawei-GigabitEthernet0/0/2]p d v 100
[Huawei-GigabitEthernet0/0/2]
<Huawei>ip route-static 192.168.5.0 24 192.168.4.2
^
Error: Unrecognized command found at '^' position.
<Huawei>ip route-static 192.168.5.0 24 192.168.4.2
^
Error: Unrecognized command found at '^' position.
(错误原因:没有进入系统模式)
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]ip route-static 192.168.5.0 24 192.168.4.2
[Huawei]
<Huawei>
路由器R7
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 192.168.4.2 24
[Huawei-GigabitEthernet0/0/0]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip address 192.168.5.254 24
[Huawei-GigabitEthernet0/0/1]q
[Huawei]ip route-staic 192.168.1.0 24 192.168.4.1
(错误原因:拼写错误)
^
Error: Unrecognized command found at '^' position.
[Huawei]ip route-static 192.168.1.0 24 192.168.4.1
[Huawei]ip route-static 192.168.2.0 24 192.168.4.1
[Huawei]ip route-static 192.168.3.0 24 192.168.4.1
[Huawei]
[Huawei]
<Huawei>ip route-static 0.0.0.0 0 192.168.4.1
(错误原因:没有进入系统模式)^
Error: Unrecognized command found at '^' position.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]ip route-static 0.0.0.0 0 192.168.4.1
[Huawei]
3.0DHCP管理和配置
DHCP服务器可以动态的为大量主机分配IP地址,并且能够集中管理,采用C/S架构,主机无需配置,从服务器端获取地址。
DHCP报文类型
DHCP工作原理
客户端会发送一个广播dhcp discover报文给DHCP服务器(一般情况服务器的IP地址为手动配置,固定下来的)(一台或多台),客户端只会接收第一个回复的DHCP服务器携带的相关配置信息,DHCP服务器单播/广播(告诉另外的DHCP服务器相关配置信息已发送)发送一个offer报文给到客户端,报文携带了一系列相关配置信息(IP地址、子网掩码、网关、DNS等),客户端收到报文后会发送request报文请求配置确认,服务器收到后最终发送一个ack报文表示确认并将分配地址从地址池中抹去,最后客户端根据报文内容自动配置信息。
DHCP租期
在IP地址使用至租期的50%时,客户端会单播给原DHCP服务器一个request请求更新IP地址租约,DHCP服务器回复ack报文,此IP地址的使用时限刷新回租期,如若原DHCP不回应,那么在租期达到87.5%的时候,客户端会重新广播DHCP Request报文,任何一台DHCP服务器都可以回应,这个过程被称为重新绑定,如果租期到期都没有服务器回应,那么客户端停止使用该IP地址,在使用过程中客户端如若不想使用该IP地址也可以向服务器发送release报文主动释放该IP地址。
DHCP的配置和操作
<Huawei>u t m
Info: Current terminal monitor is off.
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R5
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]q
[R5]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 192.168.1.254 24
[R5-GigabitEthernet0/0/0]dhcp select interface
[R5-GigabitEthernet0/0/0]dhcp server lease day 10 hour 0 minute 0
[R5-GigabitEthernet0/0/0]dhcp server dns-list 8.8.8.8
/*将 DNS 服务器的地址设置为 Google 的公共 DNS 服务器地址 8.8.8.8*/