• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

VLAN间无法互通

2019-12-05提问
  • 0关注
  • 1收藏,1383浏览
彩陶
彩陶 零段
粉丝:1人 关注:4人

问题描述:

 

想组网成这样的拓扑    核心交换机S5560设置了VLAN 40  VLAN 60  并给两个VLAN配置了192.168.40.253/24和192.168.60.253/24的IP。

核心交换机通过trunk跟SWA跟SWB的trunk口连接。SWA和SWB各自划出VLAN40和60的端口。还设置了一个VLAN2000的管理IP:172.168.1.254/24。配置了DHCP服务。现在的情况是VLAN40无法PING通vlan60和VLAN2000.

WEB登陆不了VLAN2000的管理地址       请问如何能实现VLAN间互通跟任意网段都可以通过WEB登陆VLAN2000的IP管理交换机

组网及组网描述:


最佳答案

落啦耳朵
落啦耳朵 六段
粉丝:15人 关注:0人

首先,你PC的网关设的是什么?

其次,你核心交换机跟接入交换机的接口配置对没有?

第三,VLAN2000是不是在核心交换机?

PC的网关就是交换机VLAN的地址呀 核心交换机跟接入交换机都是TRUNK口并允许所有VLAN通过 VLAN2000在核心交换机和接入交换机都设置了 核心交换机设置的地址是172.168.1.254/16 接入交换机是172.168.1.253 和172.168.1.252

彩陶 发表时间:2019-12-06 更多>>

PC的网关就是交换机VLAN的地址呀 核心交换机跟接入交换机都是TRUNK口并允许所有VLAN通过 VLAN2000在核心交换机和接入交换机都设置了 核心交换机设置的地址是172.168.1.254/16 接入交换机是172.168.1.253 和172.168.1.252

彩陶 发表时间:2019-12-06
3 个回答
按时间 按赞数
追梦小青年
追梦小青年 五段
粉丝:0人 关注:0人

1.路由都打通
2.各个物理端口配正确

路由打通?

彩陶 发表时间:2019-12-05 更多>>

路由打通?

彩陶 发表时间:2019-12-05
大白_
大白_ 三段
粉丝:1人 关注:0人

1.物理端口配置正确。

2.PC的网关配置正确。

物理端口已经正确划分给VLAN了

彩陶 发表时间:2019-12-05 更多>>

PC自动获取来自核心交换机DHCP分配的IP地址

彩陶 发表时间:2019-12-05

物理端口已经正确划分给VLAN了

彩陶 发表时间:2019-12-05
一页书
一页书 五段
粉丝:11人 关注:7人

1:检查核心有没有 三个VLAN的路由条目,如果存在,业务VLAN下的PC先用ping网关,看是否通,之后再去ping对端

2:接入交换机需要的管理VLAN,需要写一条缺省路由只向网关,不然无法通

System View: return to User View with Ctrl+Z. [H3C]vlan 40 [H3C-vlan40]vlan 60 [H3C-vlan60]vlan 70 [H3C-vlan70]vlan 2000 [H3C-vlan2000]quit [H3C]interface vlan 70 [H3C-Vlan-interface70]ip address 192.168.70.253 24 [H3C-Vlan-interface70]quit [H3C]interface vlan 2000 [H3C-Vlan-interface2000]ip address 172.168.1.254 24 [H3C-Vlan-interface2000]quit [H3C]int vlan 40 [H3C-Vlan-interface40]ip address 192.168.40.253 24 [H3C-Vlan-interface40]quit [H3C]int vlan 60 [H3C-Vlan-interface60]ip address 192.168.60.253 24 [H3C-Vlan-interface60]quit [H3C]int ge1/0/17 [H3C-GigabitEthernet1/0/17]port link-type trunk [H3C-GigabitEthernet1/0/17]port trunk permit vlan 40 60 70 2000 %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface2000 changed to up. [H3C-GigabitEthernet1/0/17]%Jan 3 00:04:33:699 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface2000 changed to up. [H3C]int ge1/0/18 [H3C-GigabitEthernet1/0/18]port link-type trunk [H3C-GigabitEthernet1/0/18]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/18]quit [H3C]int ge1/0/19 [H3C-GigabitEthernet1/0/19]port link-type trunk [H3C-GigabitEthernet1/0/19]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/19]quit [H3C]vlan 40 [H3C-vlan40]port gigabitethernet1/0/1 to gigabitethernet1/0/10 [H3C-vlan40]quit [H3C]dhcp enable [H3C]dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.253 The specified forbidden IP address or IP address range does not exist. [H3C]dhcp server forbidden-ip 192.168.40.253 [H3C]dhcp server forbidden-ip 192.168.60.253 [H3C]dhcp server forbidden-ip 192.168.70.253 [H3C]dhcp server forbidden-ip 172.168.1.254 [H3C]dhcp server ip-pool 40 [H3C-dhcp-pool-40]network 192.168.40.0 mask 255.255.255.0 [H3C-dhcp-pool-40]dns-list 8.8.8.8 [H3C-dhcp-pool-40]gateway-list 192.168.40.254 [H3C-dhcp-pool-40]quit [H3C]dhcp server ip-poo 60 [H3C-dhcp-pool-60]network 192.160.60.0 mask 255.255.255.0 [H3C-dhcp-pool-60]dns-list 8.8.8.8 [H3C-dhcp-pool-60]gateway-list 192.160.60.254 [H3C-dhcp-pool-60]quit [H3C]dhcp server ip-pool 70 [H3C-dhcp-pool-70]network 192.160.70.0 mask 255.255.255.0 [H3C-dhcp-pool-70]dns-list 8.8.8.8 [H3C-dhcp-pool-70]gateway-list 192.160.70.254 [H3C-dhcp-pool-70]quit [H3C]saveforce [H3C]telnet server enable [H3C]line vty 0 4 [H3C-line-vty0-4]authentication-mode scheme [H3C-line-vty0-4]user-role network-admin [H3C-line-vty0-4]quit [H3C]local-user admin New local user added. [H3C-luser-manage-admin]password simple none1989 [H3C-luser-manage-admin]service-type telnet [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]save force Validating file. Please wait... Saved the current configuration to mainboard device successfully. [H3C]local-user admin [H3C-luser-manage-admin]service-type http https [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]ip http enable [H3C]ip https enable [H3C]save force

彩陶 发表时间:2019-12-06 更多>>

核心机上可以ping 通。。到二层就PING不通

彩陶 发表时间:2019-12-05

对 2这个缺省路由我写 0.0.0.0 0.0.0.0 指向172.168.1.1可以吗?

彩陶 发表时间:2019-12-05

只向你核心回对于管理VLAN的 地址

一页书 发表时间:2019-12-05

对于业务vlan,你用分属不同vlan的PC去测,这个拓扑很简单,没什么难度的

一页书 发表时间:2019-12-05
回复一页书:

难的不会会的不难啊亲 能大概写一下我看下吗?谢谢拉 。

彩陶 发表时间:2019-12-05

你现在要看?我现在手头只有Cisco的模拟器,HCL太耗内存

一页书 发表时间:2019-12-05

麻烦您在评论里写一个我研究下 我 就是不懂 比如核心交换机上VLAN2001地址是172.168.1.254 接入交换机VLAN2001地址是172.168.253 ,那么 我在VLAN40(192.168.40.1)网段下的PC怎么才可以通过WEB登陆172.168.1.254或者253?

彩陶 发表时间:2019-12-06
回复彩陶:

只要你让核心三层,你把这些vlan的网关都写到核心上

一页书 发表时间:2019-12-06

这样,核心上你写三个vlanif,分别对应你两个业务vlan以及管理vlan;二层接入上,配好对应的业务及管理vlan,并给管理vlan配上IP,确保接入与核心的管理vlan地址在同一子网,同时,保证接入与核心之间的链路为trunk,并放通相关vlan。接下下,就是给接入层,写缺省路由,指向核心的管理vlan地址上,这样核心拥有整网路由,接入层也有回包路由,实验完.

一页书 发表时间:2019-12-06
回复一页书:

我实验下 辛苦了哈 写这么详细

彩陶 发表时间:2019-12-06

刚按您的实验了 用CONSOLE连接交换机 并执行PING命令是可以PING通几个VLAIF地址 但是计算机上无法ping通自己所在网关以外的IP网段。

彩陶 发表时间:2019-12-06

System View: return to User View with Ctrl+Z. [H3C]vlan 40 [H3C-vlan40]vlan 60 [H3C-vlan60]vlan 70 [H3C-vlan70]vlan 2000 [H3C-vlan2000]quit [H3C]interface vlan 70 [H3C-Vlan-interface70]ip address 192.168.70.253 24 [H3C-Vlan-interface70]quit [H3C]interface vlan 2000 [H3C-Vlan-interface2000]ip address 172.168.1.254 24 [H3C-Vlan-interface2000]quit [H3C]int vlan 40 [H3C-Vlan-interface40]ip address 192.168.40.253 24 [H3C-Vlan-interface40]quit [H3C]int vlan 60 [H3C-Vlan-interface60]ip address 192.168.60.253 24 [H3C-Vlan-interface60]quit [H3C]int ge1/0/17 [H3C-GigabitEthernet1/0/17]port link-type trunk [H3C-GigabitEthernet1/0/17]port trunk permit vlan 40 60 70 2000 %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface2000 changed to up. [H3C-GigabitEthernet1/0/17]%Jan 3 00:04:33:699 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface2000 changed to up. int ge1/0/18 [H3C-GigabitEthernet1/0/18]port link-type trunk [H3C-GigabitEthernet1/0/18]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/18]quit [H3C]int ge1/0/19 [H3C-GigabitEthernet1/0/19]port link-type trunk [H3C-GigabitEthernet1/0/19]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/19]quit [H3C]vlan 40 [H3C-vlan40]port gigabitethernet1/0/1 to gigabitethernet1/0/10 [H3C-vlan40]quit [H3C]dhcp enable [H3C]dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.253 The specified forbidden IP address or IP address range does not exist. [H3C]dhcp server forbidden-ip 192.168.40.253 [H3C]dhcp server forbidden-ip 192.168.60.253 [H3C]dhcp server forbidden-ip 192.168.70.253 [H3C]dhcp server forbidden-ip 172.168.1.254 [H3C]dhcp server ip-pool 40 [H3C-dhcp-pool-40]network 192.168.40.0 mask 255.255.255.0 [H3C-dhcp-pool-40]dns-list 8.8.8.8 [H3C-dhcp-pool-40]gateway-list 192.168.40.254 [H3C-dhcp-pool-40]quit [H3C]dhcp server ip-poo 60 [H3C-dhcp-pool-60]network 192.160.60.0 mask 255.255.255.0 [H3C-dhcp-pool-60]dns-list 8.8.8.8 [H3C-dhcp-pool-60]gateway-list 192.160.60.254 [H3C-dhcp-pool-60]quit [H3C]dhcp server ip-pool 70 [H3C-dhcp-pool-70]network 192.160.70.0 mask 255.255.255.0 [H3C-dhcp-pool-70]dns-list 8.8.8.8 [H3C-dhcp-pool-70]gateway-list 192.160.70.254 [H3C-dhcp-pool-70]quit [H3C]saveforce [H3C]telnet server enable [H3C]line vty 0 4 [H3C-line-vty0-4]authentication-mode scheme [H3C-line-vty0-4]user-role network-admin [H3C-line-vty0-4]quit [H3C]local-user admin New local user added. [H3C-luser-manage-admin]password simple none1989 [H3C-luser-manage-admin]service-type telnet [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]save force Validating file. Please wait... Saved the current configuration to mainboard device successfully. [H3C]local-user admin [H3C-luser-manage-admin]service-type http https [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]ip http enable [H3C]ip https enable [H3C]save force

彩陶 发表时间:2019-12-06

System View: return to User View with Ctrl+Z. [H3C]vlan 40 [H3C-vlan40]vlan 60 [H3C-vlan60]vlan 70 [H3C-vlan70]vlan 2000 [H3C-vlan2000]quit [H3C]interface vlan 70 [H3C-Vlan-interface70]ip address 192.168.70.253 24 [H3C-Vlan-interface70]quit [H3C]interface vlan 2000 [H3C-Vlan-interface2000]ip address 172.168.1.254 24 [H3C-Vlan-interface2000]quit [H3C]int vlan 40 [H3C-Vlan-interface40]ip address 192.168.40.253 24 [H3C-Vlan-interface40]quit [H3C]int vlan 60 [H3C-Vlan-interface60]ip address 192.168.60.253 24 [H3C-Vlan-interface60]quit [H3C]int ge1/0/17 [H3C-GigabitEthernet1/0/17]port link-type trunk [H3C-GigabitEthernet1/0/17]port trunk permit vlan 40 60 70 2000 %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:695 2013 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface2000 changed to up. [H3C-GigabitEthernet1/0/17]%Jan 3 00:04:33:699 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface40 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface60 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface70 changed to up. %Jan 3 00:04:33:700 2013 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface2000 changed to up. [H3C]int ge1/0/18 [H3C-GigabitEthernet1/0/18]port link-type trunk [H3C-GigabitEthernet1/0/18]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/18]quit [H3C]int ge1/0/19 [H3C-GigabitEthernet1/0/19]port link-type trunk [H3C-GigabitEthernet1/0/19]port trunk permit vlan 40 60 70 2000 [H3C-GigabitEthernet1/0/19]quit [H3C]vlan 40 [H3C-vlan40]port gigabitethernet1/0/1 to gigabitethernet1/0/10 [H3C-vlan40]quit [H3C]dhcp enable [H3C]dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.1 [H3C]undo dhcp server forbidden-ip 192.168.40.253 The specified forbidden IP address or IP address range does not exist. [H3C]dhcp server forbidden-ip 192.168.40.253 [H3C]dhcp server forbidden-ip 192.168.60.253 [H3C]dhcp server forbidden-ip 192.168.70.253 [H3C]dhcp server forbidden-ip 172.168.1.254 [H3C]dhcp server ip-pool 40 [H3C-dhcp-pool-40]network 192.168.40.0 mask 255.255.255.0 [H3C-dhcp-pool-40]dns-list 8.8.8.8 [H3C-dhcp-pool-40]gateway-list 192.168.40.254 [H3C-dhcp-pool-40]quit [H3C]dhcp server ip-poo 60 [H3C-dhcp-pool-60]network 192.160.60.0 mask 255.255.255.0 [H3C-dhcp-pool-60]dns-list 8.8.8.8 [H3C-dhcp-pool-60]gateway-list 192.160.60.254 [H3C-dhcp-pool-60]quit [H3C]dhcp server ip-pool 70 [H3C-dhcp-pool-70]network 192.160.70.0 mask 255.255.255.0 [H3C-dhcp-pool-70]dns-list 8.8.8.8 [H3C-dhcp-pool-70]gateway-list 192.160.70.254 [H3C-dhcp-pool-70]quit [H3C]saveforce [H3C]telnet server enable [H3C]line vty 0 4 [H3C-line-vty0-4]authentication-mode scheme [H3C-line-vty0-4]user-role network-admin [H3C-line-vty0-4]quit [H3C]local-user admin New local user added. [H3C-luser-manage-admin]password simple none1989 [H3C-luser-manage-admin]service-type telnet [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]save force Validating file. Please wait... Saved the current configuration to mainboard device successfully. [H3C]local-user admin [H3C-luser-manage-admin]service-type http https [H3C-luser-manage-admin]authorization-attribute user-role network-admin [H3C-luser-manage-admin]quit [H3C]ip http enable [H3C]ip https enable [H3C]save force

彩陶 发表时间:2019-12-06

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +
网站相关
关于我们
服务条款
帮助中心
经验与权限
积分规则
联系我们
联系我们
建议反馈
常用链接
标杆的神器下载
关注我们
H3C官网
新华三服务公众号
安仔远程运维服务
新华三商城
内容许可
除特别说明外,用户内容均可采用知识共享署名-相同方式共享3.0中国大陆许可协议进行许可

Copyright©2024新华三集团保留一切权利 当前呈现版本 NO.1

本图标版权归新华三集团所有,仅限本社区使用,切勿用做商业目的,违者必究

浙ICP备09064986号-1   浙公网安备 33010802004416号

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明