问题描述:
想组网成这样的拓扑 核心交换机S5560设置了VLAN 40 VLAN 60 并给两个VLAN配置了192.168.40.253/24和192.168.60.253/24的IP。
核心交换机通过trunk跟SWA跟SWB的trunk口连接。SWA和SWB各自划出VLAN40和60的端口。还设置了一个VLAN2000的管理IP:172.168.1.254/24。配置了DHCP服务。现在的情况是VLAN40无法PING通vlan60和VLAN2000.
WEB登陆不了VLAN2000的管理地址 请问如何能实现VLAN间互通跟任意网段都可以通过WEB登陆VLAN2000的IP管理交换机
组网及组网描述:
- 2019-12-05提问
- 举报
-
(0)
最佳答案
1:检查核心有没有 三个VLAN的路由条目,如果存在,业务VLAN下的PC先用ping网关,看是否通,之后再去ping对端
- 2019-12-05回答
- 评论(13)
- 举报
-
(0)
核心机上可以ping 通。。到二层就PING不通
对 2这个缺省路由我写 0.0.0.0 0.0.0.0 指向172.168.1.1可以吗?
只向你核心回对于管理VLAN的 地址
对于业务vlan,你用分属不同vlan的PC去测,这个拓扑很简单,没什么难度的
你现在要看?我现在手头只有Cisco的模拟器,HCL太耗内存
麻烦您在评论里写一个我研究下 我 就是不懂 比如核心交换机上VLAN2001地址是172.168.1.254 接入交换机VLAN2001地址是172.168.253 ,那么 我在VLAN40(192.168.40.1)网段下的PC怎么才可以通过WEB登陆172.168.1.254或者253?
这样,核心上你写三个vlanif,分别对应你两个业务vlan以及管理vlan;二层接入上,配好对应的业务及管理vlan,并给管理vlan配上IP,确保接入与核心的管理vlan地址在同一子网,同时,保证接入与核心之间的链路为trunk,并放通相关vlan。接下下,就是给接入层,写缺省路由,指向核心的管理vlan地址上,这样核心拥有整网路由,接入层也有回包路由,实验完.
刚按您的实验了 用CONSOLE连接交换机 并执行PING命令是可以PING通几个VLAIF地址 但是计算机上无法ping通自己所在网关以外的IP网段。
System View: return to User View with Ctrl+Z. [H3C]vlan 40 [H3C-vlan40]vlan 60 [H3C-vlan60]vlan 70 [H3C-vlan70]vlan 2000 [H3C-vlan2000]quit [H3C]interface vlan 70 [H3C-Vlan-interface70]ip address 192.168.70.253 24 [H3C-Vlan-interface70]quit [H3C]interface vlan 2000 [H3C-Vlan-interface2000]ip address 172.168.1.254 24 [H3C-Vlan-interface2000]quit [H3C]int vlan 40 [H3C-Vlan-interface40]ip address 192.168.40.253 24 [H3C-Vlan-interface40]quit [H3C]int vlan 60 [H3C-Vlan-interface60]ip address 192.168.60.253 24 [H3C-Vlan-interface60]quit [H3C]int ge1/0/17 [H3C-GigabitEthernet1/0/17]port link-type trunk [H3C-GigabitEthernet1/0/17]port trunk permit vlan 40 60 70 2000 %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface2000 changed to up. [H3C-GigabitEthernet1/0/17]%Jan 3 00:04:33:699 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface2000 changed to up. int ge1/0/18 [H3C-GigabitEthernet1/0/18]port link-type trunk [H3C-GigabitEthernet1/0/18]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/18]quit [H3C]int ge1/0/19 [H3C-GigabitEthernet1/0/19]port link-type trunk [H3C-GigabitEthernet1/0/19]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/19]quit [H3C]vlan 40 [H3C-vlan40]port gigabitethernet1/0/1 to gigabitethernet1/0/10 [H3C-vlan40]quit [H3C]dhcp enable [H3C]dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.253 The specified forbidden IP address or IP address range does not exist. [H3C]dhcp server forbidden-ip 192.168.40.253 [H3C]dhcp server forbidden-ip 192.168.60.253 [H3C]dhcp server forbidden-ip 192.168.70.253 [H3C]dhcp server forbidden-ip 172.168.1.254 [H3C]dhcp server ip-pool 40 [H3C-dhcp-pool-40]network 192.168.40.0 mask 255.255.255.0 [H3C-dhcp-pool-40]dns-list 8.8.8.8 [H3C-dhcp-pool-40]gateway-list 192.168.40.254 [H3C-dhcp-pool-40]quit [H3C]dhcp server ip-poo 60 [H3C-dhcp-pool-60]network 192.160.60.0 mask 255.255.255.0 [H3C-dhcp-pool-60]dns-list 8.8.8.8 [H3C-dhcp-pool-60]gateway-list 192.160.60.254 [H3C-dhcp-pool-60]quit [H3C]dhcp server ip-pool 70 [H3C-dhcp-pool-70]network 192.160.70.0 mask 255.255.255.0 [H3C-dhcp-pool-70]dns-list 8.8.8.8 [H3C-dhcp-pool-70]gateway-list 192.160.70.254 [H3C-dhcp-pool-70]quit [H3C]saveforce [H3C]telnet server enable [H3C]line vty 0 4 [H3C-line-vty0-4]authentication-mode scheme [H3C-line-vty0-4]user-role network-admin [H3C-line-vty0-4]quit [H3C]local-user admin New local user added. [H3C-luser-manage-admin]password simple none1989 [H3C-luser-manage-admin]service-type telnet [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]save force Validating file. Please wait... Saved the current configuration to mainboard device successfully. [H3C]local-user admin [H3C-luser-manage-admin]service-type http https [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]ip http enable [H3C]ip https enable [H3C]save force
System View: return to User View with Ctrl+Z. [H3C]vlan 40 [H3C-vlan40]vlan 60 [H3C-vlan60]vlan 70 [H3C-vlan70]vlan 2000 [H3C-vlan2000]quit [H3C]interface vlan 70 [H3C-Vlan-interface70]ip address 192.168.70.253 24 [H3C-Vlan-interface70]quit [H3C]interface vlan 2000 [H3C-Vlan-interface2000]ip address 172.168.1.254 24 [H3C-Vlan-interface2000]quit [H3C]int vlan 40 [H3C-Vlan-interface40]ip address 192.168.40.253 24 [H3C-Vlan-interface40]quit [H3C]int vlan 60 [H3C-Vlan-interface60]ip address 192.168.60.253 24 [H3C-Vlan-interface60]quit [H3C]int ge1/0/17 [H3C-GigabitEthernet1/0/17]port link-type trunk [H3C-GigabitEthernet1/0/17]port trunk permit vlan 40 60 70 2000 %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface2000 changed to up. [H3C-GigabitEthernet1/0/17]%Jan 3 00:04:33:699 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface2000 changed to up. [H3C]int ge1/0/18 [H3C-GigabitEthernet1/0/18]port link-type trunk [H3C-GigabitEthernet1/0/18]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/18]quit [H3C]int ge1/0/19 [H3C-GigabitEthernet1/0/19]port link-type trunk [H3C-GigabitEthernet1/0/19]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/19]quit [H3C]vlan 40 [H3C-vlan40]port gigabitethernet1/0/1 to gigabitethernet1/0/10 [H3C-vlan40]quit [H3C]dhcp enable [H3C]dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.253 The specified forbidden IP address or IP address range does not exist. [H3C]dhcp server forbidden-ip 192.168.40.253 [H3C]dhcp server forbidden-ip 192.168.60.253 [H3C]dhcp server forbidden-ip 192.168.70.253 [H3C]dhcp server forbidden-ip 172.168.1.254 [H3C]dhcp server ip-pool 40 [H3C-dhcp-pool-40]network 192.168.40.0 mask 255.255.255.0 [H3C-dhcp-pool-40]dns-list 8.8.8.8 [H3C-dhcp-pool-40]gateway-list 192.168.40.254 [H3C-dhcp-pool-40]quit [H3C]dhcp server ip-poo 60 [H3C-dhcp-pool-60]network 192.160.60.0 mask 255.255.255.0 [H3C-dhcp-pool-60]dns-list 8.8.8.8 [H3C-dhcp-pool-60]gateway-list 192.160.60.254 [H3C-dhcp-pool-60]quit [H3C]dhcp server ip-pool 70 [H3C-dhcp-pool-70]network 192.160.70.0 mask 255.255.255.0 [H3C-dhcp-pool-70]dns-list 8.8.8.8 [H3C-dhcp-pool-70]gateway-list 192.160.70.254 [H3C-dhcp-pool-70]quit [H3C]saveforce [H3C]telnet server enable [H3C]line vty 0 4 [H3C-line-vty0-4]authentication-mode scheme [H3C-line-vty0-4]user-role network-admin [H3C-line-vty0-4]quit [H3C]local-user admin New local user added. [H3C-luser-manage-admin]password simple none1989 [H3C-luser-manage-admin]service-type telnet [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]save force Validating file. Please wait... Saved the current configuration to mainboard device successfully. [H3C]local-user admin [H3C-luser-manage-admin]service-type http https [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]ip http enable [H3C]ip https enable [H3C]save force
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
PC的网关就是交换机VLAN的地址呀 核心交换机跟接入交换机都是TRUNK口并允许所有VLAN通过 VLAN2000在核心交换机和接入交换机都设置了 核心交换机设置的地址是172.168.1.254/16 接入交换机是172.168.1.253 和172.168.1.252