当前位置：首页 > news >正文

HCIP第一次作业(vlan)

news 2025/10/23 14:13:57

一、任务要求

1 PC1和PC3所在接囗为access;属于 vlan2:

2 PC2/4/5/6处于同一网段;其中PC2可以访问PC4/5/6;但PC4可以访问PC5，不能访问PC6;PC5不能访问PC6
3 PC1/3与PC2/4/5/6不在同一个网段4 所有PC通过DHCP获取IP地址，且PC1/3可以正常访问PC2/4/5/6

二、解决过程

配置拓扑图

问题1 PC1和PC3所在接囗为access并且属于 vlan2

对SW1，SW2进行简单配置就行

SW1

<Huawei>
<Huawei>sys
[Huawei]sys SW1
[SW1]vlan batch 2 to 6
[SW1]int g 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access 
[SW1-GigabitEthernet0/0/2]port default vlan 2

SW2

<Huawei>sys
[Huawei]sys SW2
[SW2]vlan batch 2 to 6
[SW2-GigabitEthernet0/0/2]port link-type access 
[SW2-GigabitEthernet0/0/2]port default vlan 2

问题2 PC2/4/5/6处于同一网段;其中PC2可以访问PC4/5/6;但PC4可以访问PC5，不能访问PC6;PC5不能访问PC6

SW1

#交换机之间用trunk链路
[SW1]int g 0/0/4
[SW1-GigabitEthernet0/0/4]port link-type trunk 
[SW1-GigabitEthernet0/0/4]port trunk allow-pass vlan all    #放通所有vlan#配置自定义链路，放通特定vlan
[SW1-GigabitEthernet0/0/4]int g 0/0/3
[SW1-GigabitEthernet0/0/3]port link-type hybrid 
[SW1-GigabitEthernet0/0/3]port hybrid untagged vlan 2 to 6
[SW1-GigabitEthernet0/0/3]port hybrid pvid vlan 3
#预设vlan2走AR1子接口，vlan2 3 4 5走主接口
[SW1]int g 0/0/1
[SW1-GigabitEthernet0/0/1]port hybrid untagged vlan 3 4 5 6
[SW1-GigabitEthernet0/0/1]port hybrid tagged vlan 2
[SW1-GigabitEthernet0/0/1]port hybrid pvid  vlan 2#查看配置
[SW1-GigabitEthernet0/0/1]display port vlan active

SW2

#交换机之间用trunk链路
[SW2]int g 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type trunk 
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan  all
[SW2-GigabitEthernet0/0/3]int g 0/0/4
[SW2-GigabitEthernet0/0/4]port link-type trunk 
[SW2-GigabitEthernet0/0/4]port trunk allow-pass vlan  all#配置自定义链路，放通特定vlan
[SW2-GigabitEthernet0/0/1]int g 0/0/3
[SW2-GigabitEthernet0/0/3]port link-type hybrid 
[SW2-GigabitEthernet0/0/3]port hybrid untagged vlan 2 3 4 5
[SW2-GigabitEthernet0/0/3]port hybrid pvid vlan 4#查看配置
[SW2-GigabitEthernet0/0/3]display port vlan active

SW3

<Huawei>sys
[Huawei]sys SW3
[SW3]vlan batch 2 to 6    #创建5个vlan#交换机之间用trunk链路
[SW3]int g 0/0/1
[SW3-GigabitEthernet0/0/1]port link-type trunk 
[SW3-GigabitEthernet0/0/1]port trunk allow-pass vlan all #放通所有vlan#配置自定义链路，放通特定vlan
[SW3]int g 0/0/2
[SW3-GigabitEthernet0/0/2]port link-type hybrid 
[SW3-GigabitEthernet0/0/2]port hybrid untagged vlan 2 3 4 5
[SW3-GigabitEthernet0/0/2]port hybrid pvid vlan 5
[SW3-GigabitEthernet0/0/2]int g 0/0/3
[SW3-GigabitEthernet0/0/3]port link-type hybrid 
[SW3-GigabitEthernet0/0/3]port hybrid untagged vlan 2 3 6
[SW3-GigabitEthernet0/0/3]port hybrid pvid vlan 6#查看配置
[SW3-GigabitEthernet0/0/3]display port vlan active

AR1

<Huawei>sys
[Huawei]sys AR1
#dhcp的配置
[AR1]dhcp enable     #开启AR1的dhcp服务
[AR1]ip pool bbb     #创建bbb地址池
[AR1-ip-pool-bbb]network 192.168.2.0 mask 24
[AR1-ip-pool-bbb]gateway-list 192.168.2.1
[AR1-ip-pool-bbb]dns 8.8.8.8
[AR1-ip-pool-bbb]int g 0/0/0#在此接口应用这个地址池
[AR1-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[AR1-GigabitEthernet0/0/0]dhcp select global

问题2的结果:

dhcp给PC2 4 5 6分配ip地址

PC2可以pingPC4、5、6

PC4可以pingPC5不能且pingPC6

PC5不能pingPC6

问题3 PC1/3与PC2/4/5/6不在同一个网段，所有PC通过DHCP获取IP地址，且PC1/3可以正常访问PC2/4/5/6

在问题2中，已经在交换机的接口上放通了vlan2，这里只需要配置dhcp和子接口就行了

AR1

#创建PC1和PC3的地址池
[AR1]ip pool aaa
[AR1-ip-pool-aaa]network 192.168.1.0 mask 24
[AR1-ip-pool-aaa]gateway-list 192.168.1.1
[AR1-ip-pool-aaa]dns 8.8.8.8
[AR1]int g 0/0/0.1
#子接口配置
[AR1-GigabitEthernet0/0/0.1]dot1q termination vid 2 
[AR1-GigabitEthernet0/0/0.1]arp broadcast enable [AR1-GigabitEthernet0/0/0.1]dhcp select global