Layer 3 Switching


Bu bölümde Vlan interfacelerini konfigure etmeyi, bir switch ile Vlan routing yapmayı, Link-Aggregation hatlar üzerinde Vlan routing yapmayı, OSPF kullanarak Vlan interfaceler arasında dinamik routing yapmayı kısacası Layer 3 switching konularını göreceğiz.
l3
1. Genel yapılandırma.
CLIGURU-R1’ de Gigabit Ethernet 0/0/1 için 10.0.4.1/24 ip adresini verelim.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-R1
[CLIGURU-R1]interface GigabitEthernet 0/0/1
[CLIGURU-R1-GigabitEthernet0/0/1]ip address 10.0.4.1 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-R3
CLIGURU-S1 ve CLIGURU-S2 arasında link aggregation  konfigurasyonu yapalım.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-S1
[CLIGURU-S1]interface Eth-Trunk 1
[CLIGURU-S1-Eth-Trunk1]mode lacp-static
[CLIGURU-S1-Eth-Trunk1]port link-type trunk
[CLIGURU-S1-Eth-Trunk1]port trunk allow-pass vlan all
[CLIGURU-S1-Eth-Trunk1]quit
[CLIGURU-S1]interface GigabitEthernet 0/0/9
[CLIGURU-S1-GigabitEthernet0/0/9]eth-trunk 1
[CLIGURU-S1-GigabitEthernet0/0/9]interface GigabitEthernet 0/0/10
[CLIGURU-S1-GigabitEthernet0/0/10]eth-trunk 1
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-S2
[CLIGURU-S2]interface Eth-Trunk 1
[CLIGURU-S2-Eth-Trunk1]mode lacp-static
[CLIGURU-S2-Eth-Trunk1]port link-type trunk
[CLIGURU-S2-Eth-Trunk1]port trunk allow-pass vlan all
[CLIGURU-S2-Eth-Trunk1]quit
[CLIGURU-S2]interface GigabitEthernet 0/0/9
[CLIGURU-S2-GigabitEthernet0/0/9]eth-trunk 1
[CLIGURU-S2-GigabitEthernet0/0/9]interface GigabitEthernet 0/0/10
[CLIGURU-S2-GigabitEthernet0/0/10]eth-trunk 1
[CLIGURU-S2-GigabitEthernet0/0/10]
CLIGURU-S1 ve CLIGURU-S2 den CLIGURU-S3 ve CLIGURU-S4 ‘deki gereksiz interfaceleri kapatalım.
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]interface Ethernet 0/0/22
[Huawei-Ethernet0/0/22]shutdown
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-S4
[CLIGURU-S4]interface Ethernet 0/0/14
[CLIGURU-S4-Ethernet0/0/14]shutdown
 2. Vlan 3 ile Vlan 7 aralığını CLIGURU-S1 ve CLIGURU-S2 üzerinde oluşturalım.
[CLIGURU-S1]vlan batch 3 to 7
Info: This operation may take a few seconds. Please wait for a moment…done.
[CLIGURU-S2]vlan batch 3 to 7
Info: This operation may take a few seconds. Please wait for a moment…done.
Vlanları kontrol edelim.
[CLIGURU-S1]display vlan
The total number of vlans is : 6
….output omitted…..
VID Type   Ports
——————————————————————————–
1   common UT:GE0/0/1(U)     GE0/0/2(D)     GE0/0/3(D)     GE0/0/4(D)
                             GE0/0/5(D)     GE0/0/6(D)     GE0/0/7(D)     GE0/0/8(D)
                              GE0/0/11(D)     GE0/0/12(D)     GE0/0/13(U)     GE0/0/14(D)
                              GE0/0/15(D)     GE0/0/16(D)     GE0/0/17(D)     GE0/0/18(D)
                             GE0/0/19(D)     GE0/0/20(D)     GE0/0/21(D)     GE0/0/22(D)
                            GE0/0/23(D)     GE0/0/24(D)     Eth-Trunk1(U)
3   common TG:Eth-Trunk1(U)
4   common TG:Eth-Trunk1(U)
5   common TG:Eth-Trunk1(U)
6   common TG:Eth-Trunk1(U)
7   common TG:Eth-Trunk1(U)
….output omitted…..
[CLIGURU-S2]display vlan
The total number of vlans is : 6
….output omitted…..
VID Type   Ports
——————————————————————————–
1   common UT:GE0/0/1(D)     GE0/0/2(D)     GE0/0/3(U)     GE0/0/4(D)
                              GE0/0/5(D)     GE0/0/6(D)     GE0/0/7(D)     GE0/0/8(D)
                               GE0/0/11(D)     GE0/0/12(D)     GE0/0/13(D)     GE0/0/14(D)
                              GE0/0/15(D)     GE0/0/16(D)     GE0/0/17(D)     GE0/0/18(D)
                              GE0/0/19(D)     GE0/0/20(D)     GE0/0/21(D)     GE0/0/22(U)
                               GE0/0/23(D)     GE0/0/24(D)     Eth-Trunk1(U)
3   common TG:Eth-Trunk1(U)
4   common TG:Eth-Trunk1(U)
5   common TG:Eth-Trunk1(U)
6   common TG:Eth-Trunk1(U)
7   common TG:Eth-Trunk1(U)

3. CLIGURU-S1 ve CLIGURU-S2 arasında Link-Aggregation konfigurasyonu yapalım.
CLIGURU-S1 ’için sırasıyla Gigabit Ethernet 0/0/1 ve G0/013’ü Vlan 4 ve Vlan 3 ‘e dahil edelim, CLIGURU-S2’ için sırasıyla Gigabit Ethernet 0/0/3 ve G0/0/22’yi Vlan 6 ve Vlan 7’ye dahil edelim.
[CLIGURU-S1]interface Eth-Trunk 1
[CLIGURU-S1-Eth-Trunk1]port trunk pvid vlan 5
[CLIGURU-S1-Eth-Trunk1]quit
[CLIGURU-S1]interface GigabitEthernet 0/0/1
[CLIGURU-S1-GigabitEthernet0/0/1]port link-type access
[CLIGURU-S1-GigabitEthernet0/0/1]port default vlan 4
[CLIGURU-S1-GigabitEthernet0/0/1]quit
[CLIGURU-S1]interface GigabitEthernet 0/0/13
[CLIGURU-S1-GigabitEthernet0/0/13]port link-type access
[CLIGURU-S1-GigabitEthernet0/0/13]port default vlan 3
[CLIGURU-S2]interface Eth-Trunk 1
[CLIGURU-S2-Eth-Trunk1]port trunk pvid vlan 5
[CLIGURU-S2-Eth-Trunk1]quit
[CLIGURU-S2]interface GigabitEthernet 0/0/3
[CLIGURU-S2-GigabitEthernet0/0/3]port link-type access
[CLIGURU-S2-GigabitEthernet0/0/3]port default vlan 6
[CLIGURU-S2-GigabitEthernet0/0/3]quit
[CLIGURU-S2]interface GigabitEthernet 0/0/22
[CLIGURU-S2-GigabitEthernet0/0/22]port link-type access
[CLIGURU-S2-GigabitEthernet0/0/22]port default vlan 7
<CLIGURU-S1>display vlan
The total number of vlans is : 6
….output omitted…..
VID Type   Ports
——————————————————————————–
1   common UT:GE0/0/2(D)     GE0/0/3(D)     GE0/0/4(D)     GE0/0/5(D)
                            GE0/0/6(D)     GE0/0/7(D)     GE0/0/8(D)     GE0/0/11(D)
                             GE0/0/12(D)     GE0/0/14(D)     GE0/0/15(D)     GE0/0/16(D)
                             GE0/0/17(D)     GE0/0/18(D)     GE0/0/19(D)     GE0/0/20(D)
                             GE0/0/21(D)     GE0/0/22(D)     GE0/0/23(D)     GE0/0/24(D)
                              TG:Eth-Trunk1(U)
3   common UT:GE0/0/13(U)
                    TG:Eth-Trunk1(U)
4   common UT:GE0/0/1(U)
                      TG:Eth-Trunk1(U)
5   common UT:Eth-Trunk1(U)
6   common TG:Eth-Trunk1(U)
7   common TG:Eth-Trunk1(U)
….output omitted…..
<CLIGURU-S2>display vlan
The total number of vlans is : 6
….output omitted…..
VID Type   Ports
——————————————————————————–
1   common UT:GE0/0/2(D)     GE0/0/3(D)     GE0/0/4(D)     GE0/0/5(D)
                            GE0/0/6(D)     GE0/0/7(D)     GE0/0/8(D)     GE0/0/11(D)
                             GE0/0/12(D)     GE0/0/14(D)     GE0/0/15(D)     GE0/0/16(D)
                             GE0/0/17(D)     GE0/0/18(D)     GE0/0/19(D)     GE0/0/20(D)
                             GE0/0/21(D)     GE0/0/22(D)     GE0/0/23(D)     GE0/0/24(D)
                              TG:Eth-Trunk1(U)
3   common TG:Eth-Trunk1(U)
4   common TG:Eth-Trunk1(U)
5   common TG:Eth-Trunk1(U)
6   common UT:GE0/0/3(U)
                       TG:Eth-Trunk1(U)
7   common UT:GE0/0/22(U)
                      TG:Eth-Trunk1(U)
….output omitted…..

 

4. CLIGURU-S1 ve CLIGURU-S2 üzerinde gateway’leri konfigure etme.
CLIGURU-S1 üzerinde Vlanif3, Vlanif4 ve Vlanif5’e, CLIGURU-S2 üzerinde Vlanif5, Vlanif6 ve Vlanif7’ye ip adreslerini verelim.
[CLIGURU-S1]interface Vlanif 3
[CLIGURU-S1-Vlanif3]ip address 10.0.3.254 24
[CLIGURU-S1-Vlanif3]interface Vlanif 4
[CLIGURU-S1-Vlanif4]ip address 10.0.4.254 24
[CLIGURU-S1-Vlanif4]interface Vlanif 5
[CLIGURU-S1-Vlanif5]ip address 10.0.5.1 24
[CLIGURU-S2]interface Vlanif 5
[CLIGURU-S2-Vlanif5]ip address 10.0.5.2 24
[CLIGURU-S2-Vlanif5]interface Vlanif 6
[CLIGURU-S2-Vlanif6]ip address 10.0.6.254 24
[CLIGURU-S2-Vlanif6]interface Vlanif 7
[CLIGURU-S2-Vlanif7]ip address 10.0.7.254 24
5.CLIGURU-R1,CLIGURU-R3,CLIGURU-S3 ve CLIGURU-S4 için, IP Adreslerinin verilmesi ve Default Routeların oluşturulması.
Switch’de IP adresleri Vlanif’lere verilmelidir, CLIGURU-S3’ün GigabitEthernet 0/0/13 interface’i ve CLIGURU-S4’ün GigabitEthernet 0/0/24 interface’i Vlanif1’e dahil edelim. Vlanif1 (etiketsiz/untagged) interface’imiz. CLIGURU-R1’I daha once 10.0.4.1/24 IP si için konfigure etmiştik.
[CLIGURU-R1]ip route-static 0.0.0.0 0.0.0.0 10.0.4.254
[CLIGURU-S3]interface Vlanif 1
[CLIGURU-S3-Vlanif1]ip address 10.0.3.3 24
[CLIGURU-S3-Vlanif1]quit
[CLIGURU-S3]ip route-static 0.0.0.0 0.0.0.0 10.0.3.254
[CLIGURU-R3]interface GigabitEthernet 0/0/2
[CLIGURU-R3-GigabitEthernet0/0/2]ip address 10.0.6.3 24
[CLIGURU-R3-GigabitEthernet0/0/2]quit
[CLIGURU-R3]ip route-static 0.0.0.0 0.0.0.0 10.0.6.254
[CLIGURU-S4]interface Vlanif 1
[CLIGURU-S4-Vlanif1]ip address 10.0.7.4 24
[CLIGURU-S4-Vlanif1]quit
[CLIGURU-S4]ip route-static 0.0.0.0 0.0.0.0 10.0.7.254
6. Vlan3 ve Vlan4 arasındaki bağlantıyı kontrol etme.
CLIGURU-S3 ile CLIGURU-R1 arasındaki bağlantıyı kontrol edelim.
<CLIGURU-R1>ping 10.0.3.3
PING 10.0.3.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.3.3: bytes=56 Sequence=1 ttl=254 time=100 ms
Reply from 10.0.3.3: bytes=56 Sequence=2 ttl=254 time=40 ms
Reply from 10.0.3.3: bytes=56 Sequence=3 ttl=254 time=60 ms
Reply from 10.0.3.3: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 10.0.3.3: bytes=56 Sequence=5 ttl=254 time=40 ms
— 10.0.3.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/56/100 ms
CLIGURU-R3 ile CLIGURU-R1 arasındaki bağlantıyı kontrol edelim.
<CLIGURU-R1>ping 10.0.6.3
PING 10.0.6.3: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
Request time out
— 10.0.6.3 ping statistics —
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
CLIGURU-R1 ve CLIGURU-R3 arasındaki bağlantı başarısız. Çözüm yapmak için “tracert” komutunu kullanalım.
<CLIGURU-R1>tracert 10.0.6.3
traceroute to 10.0.6.3(10.0.6.3), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.4.254 30 ms 30 ms 50 ms
2 10.0.4.254 30 ms !N 30 ms !N 60 ms !N
 CLIGURU-R1 10.0.6.3’e data paketi göndermekte, gateway olan 10.0.4.254 ‘den network is unreachable cevabı dönmektedir.
Gateway üzerindeki routeları kontrol edelim.
<CLIGURU-S1>display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: Public
Destinations : 8       Routes : 8
Destination/Mask   Proto   Pre Cost     Flags NextHop         Interface
10.0.3.0/24 Direct 0   0           D   10.0.3.254     Vlanif3
10.0.3.254/32 Direct 0   0           D   127.0.0.1       Vlanif3
10.0.4.0/24 Direct 0   0           D   10.0.4.254     Vlanif4
10.0.4.254/32 Direct 0   0           D   127.0.0.1       Vlanif4
10.0.5.0/24 Direct 0   0           D   10.0.5.1       Vlanif5
10.0.5.1/32 Direct 0   0           D   127.0.0.1       Vlanif5
127.0.0.0/8   Direct 0   0           D   127.0.0.1      InLoopBack0
127.0.0.1/32 Direct 0   0           D   127.0.0.1       InLoopBack0
Çıktıyı incelediğimizde, CLIGURU-S1’in 10.0.6.0 network’ünün yer almadığını görüyoruz; çünkü directly connected(direk olarak bağlı) bir network değil ve ne bir static route nede bir dinamik routing protokolü konfigure edilmiş değil(herhangi bir şekilde 10.0.6.0 network’ünden haberdar değil).
7.CLIGURU-S1 ve CLIGURU-S2 üzerinde OSPF konfigurasyonu yapalım.
[CLIGURU-S1]ospf
[CLIGURU-S1-ospf-1]area 0
[CLIGURU-S1-ospf-1-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[CLIGURU-S2]ospf
[CLIGURU-S2-ospf-1]area 0
[CLIGURU-S2-ospf-1-area-0.0.0.0]network 10.0.0.0 0.255.255.255
Konfigurasyondan sonra CLIGURU-S1 ve CLIGURU-S2’nin OSPF routelarını ve link state database’lerini paylaşmaları için bir süre bekleyelim ve CLIGURU-S1’in routing tablosuna bakalım.
[CLIGURU-S1]display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: Public
Destinations : 10       Routes : 10
Destination/Mask   Proto   Pre Cost     Flags NextHop         Interface
10.0.3.0/24 Direct 0   0           D   10.0.3.254     Vlanif3
10.0.3.254/32 Direct 0   0           D   127.0.0.1       Vlanif3
10.0.4.0/24 Direct 0   0           D   10.0.4.254     Vlanif4
10.0.4.254/32 Direct 0   0           D   127.0.0.1       Vlanif4
10.0.5.0/24 Direct 0   0           D   10.0.5.1       Vlanif5
10.0.5.1/32 Direct 0   0           D   127.0.0.1       Vlanif5
10.0.6.0/24 OSPF   10   2           D   10.0.5.2       Vlanif5
10.0.7.0/24 OSPF   10   2           D   10.0.5.2       Vlanif5
127.0.0.0/8   Direct 0   0           D   127.0.0.1       InLoopBack0
127.0.0.1/32 Direct 0   0           D   127.0.0.1       InLoopBack0
CLIGURU-S1 OSPF üzerinden iki route öğrendi. CLIGURU-R1 ile CLIGURU-R3 arasındaki bağlantıyı kontrol edelim.
[CLIGURU-R1]ping 10.0.6.3
PING 10.0.6.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.6.3: bytes=56 Sequence=1 ttl=253 time=130 ms
Reply from 10.0.6.3: bytes=56 Sequence=2 ttl=253 time=70 ms
Reply from 10.0.6.3: bytes=56 Sequence=3 ttl=253 time=110 ms
Reply from 10.0.6.3: bytes=56 Sequence=4 ttl=253 time=80 ms
Reply from 10.0.6.3: bytes=56 Sequence=5 ttl=253 time=110 ms
— 10.0.6.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 70/100/130 ms
[CLIGURU-R1]ping 10.0.7.4
PING 10.0.7.4: 56 data bytes, press CTRL_C to break
Reply from 10.0.7.4: bytes=56 Sequence=1 ttl=253 time=110 ms
Reply from 10.0.7.4: bytes=56 Sequence=2 ttl=253 time=90 ms
Reply from 10.0.7.4: bytes=56 Sequence=3 ttl=253 time=110 ms
Reply from 10.0.7.4: bytes=56 Sequence=4 ttl=253 time=100 ms
Reply from 10.0.7.4: bytes=56 Sequence=5 ttl=253 time=110 ms
— 10.0.7.4 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 90/104/110 ms
 Final..
[CLIGURU-R1]display current-configuration
#
sysname CLIGURU-R1
#
interface GigabitEthernet0/0/1
ip address 10.0.4.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.0.4.254
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
Return
[CLIGURU-S1]display current-configuration
#
sysname CLIGURU-S1
#
vlan batch 3 to 7
#
interface Vlanif3
ip address 10.0.3.254 255.255.255.0
#
interface Vlanif4
ip address 10.0.4.254 255.255.255.0
#
interface Vlanif5
ip address 10.0.5.1 255.255.255.0
#
interface Eth-Trunk1
port link-type trunk
port trunk pvid vlan 5
port trunk allow-pass vlan 2 to 4094
mode lacp-static
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 4
#
interface GigabitEthernet0/0/9
eth-trunk 1
#
interface GigabitEthernet0/0/10
eth-trunk 1
#
interface GigabitEthernet0/0/13
port link-type access
port default vlan 3
#
ospf 1
area 0.0.0.0
network 10.0.0.0 0.255.255.255
#
user-interface con 0
user-interface vty 0 4
#
Return
<CLIGURU-S2>display current-configuration
#
sysname CLIGURU-S2
#
vlan batch 3 to 7
#
interface Vlanif5
ip address 10.0.5.2 255.255.255.0
#
interface Vlanif6
ip address 10.0.6.254 255.255.255.0
#
interface Vlanif7
ip address 10.0.7.254 255.255.255.0
#
interface Eth-Trunk1
port link-type trunk
port trunk pvid vlan 5
port trunk allow-pass vlan 2 to 4094
mode lacp-static
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 6
#
interface GigabitEthernet0/0/9
eth-trunk 1
#
interface GigabitEthernet0/0/10
eth-trunk 1
#
interface GigabitEthernet0/0/22
port link-type access
port default vlan 7
#
ospf 1
area 0.0.0.0
network 10.0.0.0 0.255.255.255
#
user-interface con 0
user-interface vty 0 4
#
Return
<CLIGURU-S3>display current-configuration
#
sysname CLIGURU-S3
#
interface Vlanif1
ip address 10.0.3.3 255.255.255.0
#
interface Ethernet0/0/22
shutdown
#
ip route-static 0.0.0.0 0.0.0.0 10.0.3.254
#
user-interface con 0
user-interface vty 0 4
#
return
<CLIGURU-S3>
<CLIGURU-S4>display current-configuration
#
sysname CLIGURU-S4
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
ip address 10.0.7.4 255.255.255.0
#
interface Ethernet0/0/14
shutdown
#
ip route-static 0.0.0.0 0.0.0.0 10.0.7.254
#
user-interface con 0
user-interface vty 0 4
#
return