S5500V2-SI内的VLAN之间ping不通
- 0关注
- 1收藏,2605浏览
问题描述:
我这边有个三层交换机,创建好各VLAN之后,可以连接上联的防火墙上网。但是交换机之间的VLAN不能互通,配置如下,还想需要添加什么吗?
#
version 7.1.045, Release 3116
#
sysname H3C_701-3
#
clock timezone Lisbon add 00:00:00
clock protocol none
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
dhcp enable
#
dns server 192.168.1.2
#
lldp global enable
#
password-recovery enable
#
vlan 1
description Manager
#
vlan 3
description VLAN 3
#
vlan 50
description VLAN50
#
vlan 60
description VLAN60
#
vlan 70
description VLAN70
#
vlan 80
description VLAN80
#
vlan 120
description VLAN120
#
vlan 130
description VLAN130
#
stp global enable
#
dhcp server ip-pool 3
#
dhcp server ip-pool VLAN50
gateway-list 172.18.5.1
network 172.18.5.0 mask 255.255.255.0
dns-list 192.168.1.2
#
dhcp server ip-pool VLAN60
gateway-list 172.18.6.1
network 172.18.6.0 mask 255.255.255.0
dns-list 192.168.1.2
#
dhcp server ip-pool VLAN70
gateway-list 172.18.7.1
network 172.18.7.0 mask 255.255.255.0
dns-list 192.168.1.2
#
dhcp server ip-pool VLAN80
gateway-list 172.18.8.1
network 172.18.8.0 mask 255.255.255.0
dns-list 192.168.1.2
#
dhcp server ip-pool VLAN120
gateway-list 172.18.12.1
network 172.18.12.0 mask 255.255.255.0
dns-list 192.168.1.2
#
dhcp server ip-pool VLAN130
gateway-list 172.18.13.1
network 172.18.13.0 mask 255.255.255.0
dns-list 192.168.1.2
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.2.3 255.255.255.0
#
interface Vlan-interface3
ip address 172.18.2.4 255.255.255.0
#
interface Vlan-interface50
ip address 172.18.5.1 255.255.255.0
#
interface Vlan-interface60
ip address 172.18.6.1 255.255.255.0
#
interface Vlan-interface70
ip address 172.18.7.1 255.255.255.0
#
interface Vlan-interface80
ip address 172.18.8.1 255.255.255.0
#
interface Vlan-interface120
ip address 172.18.12.1 255.255.255.0
#
interface Vlan-interface130
ip address 172.18.13.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port access vlan 50
#
interface GigabitEthernet1/0/2
port access vlan 50
#
interface GigabitEthernet1/0/3
port access vlan 50
#
interface GigabitEthernet1/0/4
port access vlan 60
#
interface GigabitEthernet1/0/5
port access vlan 60
#
interface GigabitEthernet1/0/6
port access vlan 60
#
interface GigabitEthernet1/0/7
port access vlan 70
#
interface GigabitEthernet1/0/8
port access vlan 70
#
interface GigabitEthernet1/0/9
port access vlan 70
#
interface GigabitEthernet1/0/10
port access vlan 80
#
interface GigabitEthernet1/0/11
port access vlan 80
#
interface GigabitEthernet1/0/12
port access vlan 80
#
interface GigabitEthernet1/0/13
port access vlan 80
#
interface GigabitEthernet1/0/14
port access vlan 80
#
interface GigabitEthernet1/0/15
port access vlan 120
#
interface GigabitEthernet1/0/16
port access vlan 130
#
interface GigabitEthernet1/0/17
port access vlan 130
#
interface GigabitEthernet1/0/18
port access vlan 130
#
interface GigabitEthernet1/0/19
port access vlan 3
#
interface GigabitEthernet1/0/20
port access vlan 3
#
interface GigabitEthernet1/0/21
#
interface GigabitEthernet1/0/22
#
interface GigabitEthernet1/0/23
#
interface GigabitEthernet1/0/24
#
interface GigabitEthernet1/0/25
#
interface GigabitEthernet1/0/26
#
interface Ten-GigabitEthernet1/0/27
#
interface Ten-GigabitEthernet1/0/28
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
ip route-static 0.0.0.0 0 Vlan-interface1 192.168.2.1
#
snmp-agent
snmp-agent local-engineid 800063A28038ADBE5E887A00000001
snmp-agent sys-info location 701_3
snmp-agent sys-info version v3
#
acl number 2000
#
radius scheme system
user-name-format without-domain
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user ADMIN class manage
authorization-attribute user-role network-operator
#
ip http enable
ip https enable
#
return
- 2018-07-12提问
- 举报
-
(0)
最佳答案
从配置上来看,是没问题的,首先要说明的是,三层交换机vlan间的互访,只要建立起相应的三层接口就行,不需要一个其他的命令或功能开通,他们是通过直连路由来实现的,从您的配置来看vlan50、60、70、80、120、130之间是可以互通的,您所说的不通,具体怎么访问的不通?截个图说着说明下,跨网段互访不通,问题不一定全部出在网络上,比如访问应用,应用是否启用?ping对方不通,防火墙是否开启拦截?最好的办法,找两台同一vlan内能ping通的主机,分别放在不同的vlan内,设置上相应的地址再测试ping,
- 2018-07-13回答
- 评论(2)
- 举报
-
(0)
谢谢大神您的回答,我知道了。配置是没问题的,发现这几天测试ping不通的原因有以下2个: 1、另一台电脑的防火墙没有关闭,所以不管是不是同一个VLAN都不能ping通; 2、刚开始我是直接ping那些VLAN的网关的,刚刚发现,其他VLAN的接口有有电脑接入才能ping通。意思就是说,我本机是 VLAN 50的172.18.5.2,其他VLAN 60、有电脑接入,才能ping得通 172.18.6.1 。无电脑接入就ping不通的。 最后还是非常感谢你啦,我也想成为像您这样的大神,从而帮助其他有需要的人,请问如何学习了解呀,谢谢指点一下
交换机之间的VLAN不能互通,这个是指什么?举个例子吧
- 2018-07-12回答
- 评论(1)
- 举报
-
(0)
例如,我电脑用 VLAN 50 的172.18.5.2 ping不通 VLAN 60 的172.18.6.2的电脑。本网段是ping不通其他网段的网关的
例如,我电脑用 VLAN 50 的172.18.5.2 ping不通 VLAN 60 的172.18.6.2的电脑。本网段是ping不通其他网段的网关的
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
艾玛,让你这么一说,我好像进云端了,别摔死我,我可不是什么大神,就一个扫地、端茶倒水的,能帮助你很高兴,用我们所能做到的去帮助其他人,这是我的幸福,也感谢你对我的肯定,祝你好好学习,天天进步