zoukankan      html  css  js  c++  java

  • pvlan 配置

    PVLAN主要是提供在同一个PVLAN中,二层得端口隔离

    Primary Vlan 端口类型

    1。Promiscuous
    这种端口一般为上联端口,网络出口。
    这种端口可以和同一PVLAN里面得所有端口互相通讯
    2。Isolated
    这种端口就是普通端口,一般用于接各个用户
    这种端口只能和Promiscuous端口进行通讯
    Isolated端口之间是不能互相通讯得
    3。Community
    这种类型得端口之间可以互相通讯,也可以和Promiscuous端口通讯
    但是不能同其他Isolated端口互相通讯
    这种端口主要应用同一PVLAN中给那些需要互相通讯得一组用户使用

    Private Vlan 类型

    1.Primary :使用Promiscuous端口去和Private Vlan中其他的端口通讯
    2.Isolated:使用isolated 端口和Promiscuous端口通讯
    3.Community:使用community端口和其他的community端口及Promiscuous端口通信

    1)配置vlan202作为primary vlan:

    Switch# configure terminal
    Switch(config)# vlan 202
    Switch(config-vlan)# private-vlan primary
    Switch(config-vlan)# end
    Switch# show vlan private-vlan type

    Switch# show vlan private-vlan type

    Vlan Type
    ---- -----------------
    202 primary
    440 isolated

    2)配置VLAN 440作为isolated VLAN

    Switch# configure terminal
    Switch(config)# vlan 440
    Switch(config-vlan)# private-vlan isolated
    Switch(config-vlan)# end

    Switch# show vlan private-vlan type
    Vlan Type
    ---- -----------------
    202 primary
    440 isolated

    3)关联 isolated VLAN 440 和 primary VLAN 202

    Switch# configure terminal
    Switch(config)# vlan 202
    Switch(config-vlan)# private-vlan association 440
    Switch(config-vlan)# end

    Switch# show vlan private-vlan
    Primary Secondary Type Interfaces
    ------- --------- ----------------- ------------------------------------------
    202 440 isolated


    4)配置接口FastEthernet 5/2 作为PVLAN promiscuous port,并映射到一个PVLAN

    Switch# configure terminal
    Switch(config)# interface fastethernet 5/2
    Switch(config-if)# switchport mode private-vlan promiscuous
    Switch(config-if)# switchport private-vlan mapping 202 440
    Switch(config-if)# end


    Switch#show interfaces fastethernet 5/2 switchport
    Name:Fa5/2
    Switchport:Enabled
    Administrative Mode:private-vlan promiscuous
    Operational Mode:private-vlan promiscuous
    Administrative Trunking Encapsulation:negotiate
    Operational Trunking Encapsulation:native
    Negotiation of Trunking:Off
    Access Mode VLAN:1 (default)
    Trunking Native Mode VLAN:1 (default)
    Voice VLAN:none
    Administrative Private VLAN Host Association:none
    Administrative Private VLAN Promiscuous Mapping:200 (VLAN0200) 2 (VLAN0002)
    Private VLAN Trunk Native VLAN:none
    Administrative Private VLAN Trunk Encapsulation:dot1q
    Administrative Private VLAN Trunk Normal VLANs:none
    Administrative Private VLAN Trunk Private VLANs:none
    Operational Private VLANs:
    200 (VLAN0200) 2 (VLAN0002)
    Trunking VLANs Enabled:ALL
    Pruning VLANs Enabled:2-1001
    Capture Mode Disabled
    Capture VLANs Allowed:ALL
    5)配置接口FastEthernet 5/1 作为一个PVLAN host port

    Switch# configure terminal
    Switch(config)# interface fastethernet 5/1
    Switch(config-if)# switchport mode private-vlan host
    Switch(config-if)# switchport private-vlan host-association 202 440
    Switch(config-if)# end


    Switch#show interfaces fastethernet 5/1 switchport
    Name: Fa5/1
    Switchport: Enabled
    Administrative Mode: private-vlan host
    Operational Mode: private-vlan host
    Administrative Trunking Encapsulation: negotiate
    Operational Trunking Encapsulation: native
    Negotiation of Trunking: Off
    Access Mode VLAN: 1 (default)
    Trunking Native Mode VLAN: 1 (default)
    Voice VLAN: none
    Appliance trust: none
    Administrative Private Vlan
    Host Association: 202 (VLAN0202) 440 (VLAN0440)
    Promiscuous Mapping: none
    Trunk encapsulation : dot1q
    Trunk vlans:
    Operational private-vlan(s):
    2 (VLAN0202) 3 (VLAN0440)
    Trunking VLANs Enabled: ALL
    Pruning VLANs Enabled: 2-1001
    Capture Mode Disabled
    Capture VLANs Allowed: ALL

    6)配置接口FastEthernet 5/1作为一个PVLAN trunk port,并映射VLAN0202到VLAN0440、且配置PVLAN

    trunk

    Switch# configure terminal
    Switch(config)# interface fastethernet 5/1
    Switch(config-if)# switchport private-vlan association trunk 202 440
    Switch(config-if)# switchport mode private-vlan trunk
    Switch(config-if)# end

    Switch#show interfaces fastethernet 5/1 switchport
    Name: Fa5/1
    Switchport: Enabled
    Administrative Mode: private-vlan trunk
    Operational Mode: private-vlan trunk
    Administrative Trunking Encapsulation: negotiate
    Operational Trunking Encapsulation: dot1q
    Negotiation of Trunking: On
    Access Mode VLAN: 1 (default)
    Trunking Native Mode VLAN: 1 (default)
    Voice VLAN: none
    Appliance trust: none
    Administrative Private Vlan
    Host Association: 202 (VLAN0202) 440 (VLAN0440)
    Promiscuous Mapping: none
    Trunk encapsulation : dot1q
    Trunk vlans:
    202 (VLAN0202) 440 (VLAN0440)
    Operational private-vlan(s):
    202 (VLAN0202) 440 (VLAN0440)
    Trunking VLANs Enabled: ALL
    Pruning VLANs Enabled: 2-1001
    Capture Mode Disabled
    Capture VLANs Allowed: ALL


    7)允许从secondary VLAN PVLAN 440 路由过来的流量

    Switch# configure terminal
    Switch(config)# interface vlan 202
    Switch(config-if)# private-vlan mapping add 440
    Switch(config-if)# end

    Switch# show interfaces private-vlan mapping
    Interface Secondary VLAN Type
    --------- -------------- -----------------
    vlan202 440 isolated
  • 相关阅读:
    样式
    样式表的类别、选择器和优先级
    随记
    框架
    表单元素
    HTLM内容容器标签和常用标签
    HTML5的意义、改变以及全局属性
    11月21日html基础
    感想 目标和展望
    C++结构体实例和类实例的初始化
  • 原文地址:https://www.cnblogs.com/luyg24/p/4980612.html
Copyright © 2011-2022 走看看