您的位置: 首页  >  文章  >  三层交换划分vlan,dhcp分配地址,vlan间隔离

三层交换划分vlan,dhcp分配地址,vlan间隔离

分类: 文章 2024-05-04 17:26:58

如图,要求将4个部门及共享设备按10.180.108.0/23划分为vlan,要求IOT、APP、人工智能、HR之间不能互访,但均可以访问共享设备,如打印机、samba server;并开启dhcp,让pc自动获取IP;

 

三层交换划分vlan,dhcp分配地址,vlan间隔离

思路:pc1~5均开启dhcp;

           LSW2~LSW6为2层设备,分别属于vlan10~50;ip地址范围分别是10.180.108.1/26 10.180.108.65/26  10.180.108.129/25  10.180.108.193/26  10.180.109.1/26 
           LSW1为三层设备,作为网关设备,转发2层数据帧,并开启dhcp,配置虚拟接口vlanif,及地址池ip pool;

 

#########二层交换配置##########

LSW2配置:

 <Huawei>sys

[Huawei]vlan batch 10 50

[Huawei]int gi 0/0/1

[Huawei-GigabitEthernet0/0/1]port link-type trunk

Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 50

[Huawei]int gi 0/0/2

[Huawei-GigabitEthernet0/0/2]port link-type access

[Huawei-GigabitEthernet0/0/2]port default vlan 10

LSW3配置:

 <Huawei>sys

[Huawei]vlan batch 20 50

[Huawei]int gi 0/0/1

[Huawei-GigabitEthernet0/0/1]port link-type trunk

Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 20 50

[Huawei]int gi 0/0/2

[Huawei-GigabitEthernet0/0/2]port link-type access

[Huawei-GigabitEthernet0/0/2]port default vlan 20

LSW4配置:

 <Huawei>sys

[Huawei]vlan batch 30 50 

[Huawei]int gi 0/0/1

[Huawei-GigabitEthernet0/0/1]port link-type trunk

Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 30 50

[Huawei]int gi 0/0/2

[Huawei-GigabitEthernet0/0/2]port link-type access

[Huawei-GigabitEthernet0/0/2]port default vlan 30

LSW5配置:

 <Huawei>sys

[Huawei]vlan batch 40 50 

[Huawei]int gi 0/0/1

[Huawei-GigabitEthernet0/0/1]port link-type trunk

Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 40 50

[Huawei]int gi 0/0/2

[Huawei-GigabitEthernet0/0/2]port link-type access

[Huawei-GigabitEthernet0/0/2]port default vlan 40

LSW6配置:

 <Huawei>sys

[Huawei]vlan batch 10 20 30 40 50 

[Huawei]int gi 0/0/1

[Huawei-GigabitEthernet0/0/1]port link-type trunk

Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20 30 40  50

[Huawei]int gi 0/0/2

[Huawei-GigabitEthernet0/0/2]port link-type access

[Huawei-GigabitEthernet0/0/2]port default vlan 50

 

#########三层交换配置##########

LSW1配置:

<Huawei>sys

[Huawei]un in en
Info: Information center is disabled.

[Huawei]dhcp enable
[Huawei]vlan batch 10 20 30 40 50 

[Huawei]int gi 0/0/2

Huawei-GigabitEthernet0/0/2]port link-type trunk 
[Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 50
[Huawei-GigabitEthernet0/0/2]int gi0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type trunk
[Huawei-GigabitEthernet0/0/3]port trunk allow-pass vlan 20 50
[Huawei-GigabitEthernet0/0/3]int gi0/0/4
[Huawei-GigabitEthernet0/0/4]port link-type trunk
[Huawei-GigabitEthernet0/0/4]port trunk allow-pass vlan 30 50
[Huawei-GigabitEthernet0/0/4]int gi0/0/5
[Huawei-GigabitEthernet0/0/5]port link-type trunk
[Huawei-GigabitEthernet0/0/5]port trunk allow-pass vlan 40 50
[Huawei-GigabitEthernet0/0/5]int gi0/0/6
[Huawei-GigabitEthernet0/0/6]port link-type trunk
[Huawei-GigabitEthernet0/0/6]port trunk allow-pass vlan 40 50 10 20 30 

[Huawei]int vlanif 10
[Huawei-Vlanif10]ip addr 10.180.108.1 26

[Huawei-Vlanif10]dhcp select global

[Huawei-Vlanif10]int vlanif 20
[Huawei-Vlanif20]ip addr 10.180.108.65 26

[Huawei-Vlanif20]dhcp select global


[Huawei-Vlanif20]int vlanif 30
[Huawei-Vlanif30]ip addr 10.180.108.129 26

[Huawei-Vlanif30]dhcp select global


[Huawei-Vlanif30]int vlanif 40
[Huawei-Vlanif40]ip addr 10.180.108.193 26

[Huawei-Vlanif40]dhcp select global


[Huawei-Vlanif40]int vlanif 50
[Huawei-Vlanif50]ip addr 10.180.109.1 26

[Huawei-Vlanif50]dhcp select global

 

[Huawei]ip pool 10
Info:It's successful to create an IP address pool.

[Huawei-ip-pool-10]gateway 10.180.108.1
[Huawei-ip-pool-10]dns-list 114.114.114.114
[Huawei-ip-pool-10]network 10.180.108.1 mask 26
[Huawei-ip-pool-10]dis th
#
ip pool 10
 gateway-list 10.180.108.1
 network 10.180.108.0 mask 255.255.255.192
 dns-list 114.114.114.114
#
return
[Huawei-ip-pool-10]ip pool 20
Info:It's successful to create an IP address pool.
[Huawei-ip-pool-20]gateway-list 10.180.108.65
[Huawei-ip-pool-20]network 10.180.108.65 mask 26
[Huawei-ip-pool-20]dns-list 114.114.114.114
[Huawei-ip-pool-20]q
[Huawei]ip pool 30
Info:It's successful to create an IP address pool.
[Huawei-ip-pool-30]gateway-list 10.180.108.129 
[Huawei-ip-pool-30]network 10.180.108.129 mask 26 
[Huawei-ip-pool-30]dns-list 114.114.114.114
[Huawei-ip-pool-30]ip pool 40
Info:It's successful to create an IP address pool.  
[Huawei-ip-pool-40]gateway-list 10.180.108.193
[Huawei-ip-pool-40]network 10.180.108.193 mask 26
[Huawei-ip-pool-40]dns-list 114.114.114.114
[Huawei-ip-pool-40]ip pool 50
Info:It's successful to create an IP address pool.
[Huawei-ip-pool-50]gateway-list 10.180.109.1
[Huawei-ip-pool-50]network 10.180.109.1 mask 26
[Huawei-ip-pool-50]dns-list 114.114.114.114
[Huawei-ip-pool-50]q
三层交换划分vlan,dhcp分配地址,vlan间隔离

 

         可以看到完成以上配置后,pc是可以获取到自己vlan对应的地址池的ip,但是vlan之间并没有隔离!

 

 

相关推荐