|
1.实验拓扑图如下所示:
2.建立如图环境,测试A 、B 、C 、D 的连通性。
3.配置F0/11 和F/0/12为通道,验证配置,查看是否正常。
4.配置VTP 域,域名为CISCO ,密码为xxx ,Sw1 为服务器,SW2 为客户机。
查看关键信息。
5.在SW1 上建立vlan2 包含A ,建立vlan3 包含B.
6. 在SW2 上查看是否已有vlan2 、vlan3.如果没有,给出解决方法。是否可以人工建立vlan4 、vlan5 ,同样vlan2 包含C ,建立vlan3 包含D.测试AC、BD的连通性。
7.启用修剪,验证配置。
8.在中继中去除vlan3 的修剪,查看配置并说明修剪意义。
步骤1
删除交换机配置和vlan.dat文件并重启设备,按照实验拓扑图连接实验的线缆。
switch#del flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
switch#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
switch#reload
switch>enable
switch#config t
switch(config)# hostname sw1
sw1(config)#
步骤3
配置SW1将FA0/11、和0/12端口组合为一个逻辑信道:
sw1(config)#interface range fastethernet0/11 - 12
sw1(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel 1
配置SW2将FA0/11、和0/12端口组合为一个逻辑信道:
sw2(config)#interface range fastethernet0/11 - 12
sw2(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel 1
sw2(config-if-range)#
使用show etherchannel summary命令检查快速以太通道连接:
sw1#show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) - Fa0/11(Pd) Fa0/12(P)
在SW1上配置VTP域CISCO并创建名为VLAN 10和VLAN 20的VLAN。2950交换机默认是VTP 服务器模式,所以你不需要配 置它。然而,如果需要的话,配置模式中启用服务器的命令是vtp mode server:
sw1(config)#vtp mode server
Device mode already VTP SERVER.
sw1(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
sw1(config)#vtp password xxx
Setting device VLAN database password to xxx
sw1(config)#
配置SW2作为VTP客户
sw2(config)#vtp mode client
Setting device to VTP CLIENT mode.
sw2(config)#vtp domain cisco
Domain name already set to cisco.
sw2(config)#
使用show vtp status命令检查VTP重要信息:
sw1#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 64
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x8C 0xE8 0x23 0x13 0xC9 0xD9 0x1C 0xEA
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
sw1#
使用show vtp counters命令检查VTP发送和接收的通告请求,汇总通告,子网通告和加入消息的条目,以及检测到的配置错误。
sw1#show vtp counters
VTP statistics:
Summary advertisements received : 2
Subset advertisements received : 1
Request advertisements received : 1
Summary advertisements transmitted : 2
Subset advertisements transmitted : 2
Request advertisements transmitted : 0
Number of config revision errors : 1
Number of config digest errors : 0
Number of V1 summary errors : 0
VTP pruning statistics:
Trunk Join Transmitted Join Received Summary advts received from
non-pruning-capable device
---------------- ---------------- ---------------- --------------------------- Po1 0 1 0 sw1# sw2#show vtp status VTP Version : 2 Configuration Revision : 0 Maximum VLANs supported locally : 64 Number of existing VLANs : 5 VTP Operating Mode : Client VTP Domain Name : cisco VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0x30 0x6D 0x7A 0x76 0x12 0x7B 0x40 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 步骤5
创建VLAN 2和VLAN 3的VLAN,按照前面的配置要求,将每个交换机将端口划归到各自的VLAN。 sw1(vlan)#vlan 2
VLAN 2 added:
Name: VLAN0002
sw1(vlan)#vlan 3
VLAN 3 added:
Name: VLAN0003
sw1(vlan)#exit
APPLY completed.
Exiting....
sw1#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#interface fastethernet0/1
sw1(config-if)#switchport mode access
sw1(config-if)#switchport access vlan 2
sw1(config-if)#exit
sw1(config)#interface fastethernet0/2
sw1(config-if)#switchport access vlan 3
sw1(config-if)#
步骤6
使用命令show vlan brief检验是否已经有valn2、3。
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
我们看出并没有,由于刚刚VTP服务器设置了密码,这样就将CISCO管理域设为了安全模式,这样防止未经授权的交换机加入到用户的域内。刚才说明了这点。这时我们只须在SW2上设置密码即可。
sw2#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#vtp password xxx
Setting device VLAN database password to xxx.
sw2(config)#
或许刚刚设完密码马上验证还会没有,这时不须紧张,由于交换机每五分钟发送一次通告或者有变化时,它通告邻接交换机目前的VTP域名和配置修订号。稍等一会在验证。
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
2 VLAN0002 active
3 VLAN0003 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw2#
在SW2上人工建立vlan4、vlan5
sw2#vlan database
sw2(vlan)#vlan 4
VLAN 4 added:
Name: VLAN0004
sw2(vlan)#vlan 5
VLAN 5 added:
Name: VLAN0005
sw2(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
验证:
sw2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
2 VLAN0002 active
3 VLAN0003 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
sw2#
这时大家会发现明明看到已经建立vlan4、5怎么会没有。大家有没有注意到交换机已经告诉大家In CLIENT state, no apply attempted.VTP客户模式不能创建,删除,和修改vlan。按照前面的配置要求,将每个交换机将端口划归到各自的VLAN。
sw2#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw2(config)#interface fastethernet0/1
sw2(config-if)#switchport mode access
sw2(config-if)#switchport access vlan 2
sw2(config-if)#exit
sw2(config)#interface fastethernet0/2
sw2(config-if)#switchport access vlan 3
sw2(config-if)#
测试连通:
在A上用ping命令测试和C的连通性:
C:\Documents and Settings\Administrator>ping 1.1.1.1
Pinging 1.1.1.1 with 32 bytes of data:
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
Reply from 1.1.1.1: bytes=32 time<10ms TTL=128
在B上用ping命令测试和D的连通性:
C:\Documents and Settings\Administrator>ping 1.1.1.2
Pinging 1.1.1.2 with 32 bytes of data:
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
Reply from 1.1.1.2: bytes=32 time<10ms TTL=128
步骤7
只须在VTP服务器上启用修剪就启用了整个管理域的修剪。
sw1(config)#vtp pruning
Pruning switched on
sw1(config)#
验证配置:
sw1#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE3 0xBD 0xA0 0xC9 0x14 0x85 0x9B 0xFC
Configuration last modified by 0.0.0.0 at 3-1-93 00:47:48
Local updater ID is 0.0.0.0 (no valid interface found)
sw1#
sw2#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE3 0xBD 0xA0 0xC9 0x14 0x85 0x9B 0xFC
Configuration last modified by 0.0.0.0 at 3-1-93 00:47:48
sw2#
sw1#config t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#interface range fastethernet0/11 - 12
sw1(config-if-range)#switchport trunk pruning vlan remove 3
sw1(config-if-range)#
验证配置:
sw1#show interface fastethernet0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2,4-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
sw1#show interface fastethernet0/12 switchport
Name: Fa0/12
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2,4-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
sw1#
在SW2上验证:
sw2#show interface fastethernet0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk (member of bundle Po1)
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Protected: false
Voice VLAN: none (Inactive)
Appliance trust: none
我们会发现SW2上并没有去除vlan3的修剪,说明移出修剪不同启用修剪。需要根据情况在每个交换机上配置。
修剪的意义:
交换机默认情况下是在网络上传播广播和未知数据包。这样会给整个网络带来大量的不必要流量。
VTP修剪通过减少不必要的流量,如:广播、多播、未知等。来提高带宽利用率。
|
