交换机配置实验手册说课材料

【实现步骤】

1.配置交换机端口的速率，双工模式 Switch#

Switch#conf t

Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#int fa0/1 Switch(config-if)#speed 10 Switch(config-if)#duplex half Switch(config-if)#no shutdown Switch(config-if)#^Z Switch#

%SYS-5-CONFIG_I: Configured from console by console 2.查看交换机端口的配置信息 Switch#show int fa0/1

FastEthernet0/1 is up, line protocol is up (connected)

Hardware is Lance, address is 0007.ec19.ad01 (bia 0007.ec19.ad01) BW 10000 Kbit, DLY 1000 usec,

reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex,10Mb/s

input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:08, output 00:00:05, output hang never Last clearing of \

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo

Output queue :0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec

956 packets input, 193351 bytes, 0 no buffer

Received 956 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast, 0 pause input

0 input packets with dribble condition detected 2357 packets output, 263570 bytes, 0 underruns 0 output errors, 0 collisions, 10 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out 3.Show version查看交换机的版本信息 Switch#sh version

Cisco Internetwork Operating System Software

IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA4, RELEASE SOFTWARE(fc1)

Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 18-May-05 22:31 by jharirba

Image text-base: 0x80010000, data-base: 0x80562000

ROM: Bootstrap program is is C2950 boot loader

Switch uptime is 42 minutes, 51 seconds System returned to ROM by power-on

Cisco WS-C2950T-24 (RC32300) processor (revision C0) with 21039K bytes of memory. Processor board ID FHK0610Z0WC Last reset from system-reset Running Standard Image

24 FastEthernet/IEEE 802.3 interface(s) 2 Gigabit Ethernet/IEEE 802.3 interface(s)

63488K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 0060.7038.9ADE Motherboard assembly number: 73-5781-09 Power supply part number: 34-0965-01 Motherboard serial number: FOC061004SZ Power supply serial number: DAB0609127D Model revision number: C0

Motherboard revision number: A0 Model number: WS-C2950T-24

System serial number: FHK0610Z0WC Configuration register is 0xF

4.Show mac-address-table查看交换机当前的MAC地址表信息 Switch#sh mac-address-table

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports ---- ----------- -------- -----

5.Show running-config查看交换机当前生效的配置信息 Switch#sh running-config Building configuration...

Current configuration : 1032 bytes !

version 12.1

no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption !

hostname Switch ! ! !

interface FastEthernet0/1 duplex half speed 10 !

interface FastEthernet0/2 ! · · ·

interface FastEthernet0/24 !

interface GigabitEthernet1/1 !

interface GigabitEthernet1/2 !

interface Vlan1 no ip address shutdown ! !

line con 0 !

line vty 0 4 login

line vty 5 15 login ! ! end

实验五 交换机端口隔离

【实验名称】

交换机端口隔离。 【实验目的】

理解Port Vlan的配置。 【背景描述】

假设此交换机是宽带小区城域网中的1台楼道交换机，住户PC1连接在交换机的0/5口；住户PC2连接在交换机的0/15口。现要实现各家各户的端口隔离。 【技术原理】

VLAN（Virtual Local Area Network，虚拟局域网）是指在一个物理网段内，进行逻辑的划分，划分成若干个虚拟局域网。VLAN最大的特性是不受物理位置的限制，可以进行灵活的划分。VLAN具备了一个物理网段所具备的特性。相同VLAN内的主机可以互相直接访问，不同VLAN间的主机之间互相访问必须经由路由设备进行转发。广播数据包只可以在本VLAN内进行传播，不能传输到其他VLAN中。

Port Vlan是实现VLAN的方式之一，Port Vlan是利用交换机的端口进行VLAN的划分，一个端口只能属于一个VLAN。 【实现功能】

通过划分PORT VLAN实现本交换端口隔离。 【实验设备】

交换机（1台）、PC机（两台）、直连线（2条） 【实验拓扑】

【实验步骤】

步骤1在未划VLAN前两台PC互相ping可以通。 创建VLAN。

switch#configure terminal ! 进入交换机全局配置模式 switch(config)# vlan 10 ! 创建vlan 10

switch(config-vlan)# name test10 ! 将Vlan 10命名为test10 switch(config)# vlan 20 ! 创建vlan 20

switch(config-vlan)# name test20 ! 将Vlan 20命名为test20 步骤2:将接口分配到VLAN。

switch# configure terminal

switch(config)# interface fastethernet0/5 switch(config-if)# switchport access vlan 10 ! 将fastethernet 0/5端口加入vlan 10中 switch(config-if)# interface fastethernet0/15 switch(config-if)# switchport access vlan 20 ! 将fastethernet 0/15端口加入vlan 20中

步骤3两台PC互相ping不通。

验证测试：

switch#show vlan

VLAN Name Status Ports

-------------------------------------------------------------------- 1 default static Fa0/1 ,Fa0/2 ,Fa0/3 Fa0/4 ,Fa0/6 ,Fa0/7 Fa0/8 ,Fa0/9 ,Fa0/10 Fa0/11,Fa0/12,Fa0/13 Fa0/14,Fa0/16,Fa0/17 Fa0/18,Fa0/19,Fa0/20 Fa0/21,Fa0/22,Fa0/23 Fa0/24